tablet/nfs-krb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

move repeated bits to common script

Browse Source
This commit is contained in:
☙◦ The Tablet ❀ GamerGirlandCo ◦❧ 2025-10-29 18:01:28 -04:00
parent 9f1be586be
commit bc96ce3655
Signed by: tablet
GPG Key ID: 924A5F6AF051E87C
5 changed files with 106 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Dockerfile
View File

@ -19,9 +19,10 @@ RUN rc-update add krb5kdc default
RUN rc-update add krb5kadmind default RUN rc-update add krb5kadmind default
RUN rc-update add nfs default RUN rc-update add nfs default
COPY ./common.sh .
COPY ./entrypoint.sh . COPY ./entrypoint.sh .
COPY ./init.sh . COPY ./init.sh .
RUN chmod +x ./entrypoint.sh && chmod +x ./init.sh RUN chmod +x ./entrypoint.sh && chmod +x ./init.sh && chmod +x ./common.sh
RUN ls RUN ls

3
Dockerfile.ubuntu
View File

@ -12,9 +12,10 @@ RUN if [ -n "${DEBUG}" ]; then \
apt-get install iproute2 iputils-ping net-tools; \ apt-get install iproute2 iputils-ping net-tools; \
fi fi
COPY ./common.sh .
COPY ./entrypoint-ubuntu.sh . COPY ./entrypoint-ubuntu.sh .
COPY ./init.sh . COPY ./init.sh .
RUN chmod +x ./entrypoint-ubuntu.sh && chmod +x ./init.sh RUN chmod +x ./entrypoint-ubuntu.sh && chmod +x ./init.sh && chmod +x ./common.sh
RUN ls RUN ls

94
common.sh Normal file
View File

@ -0,0 +1,94 @@
#!/bin/bash
cat > /etc/krb5.conf << EOL
[logging]
default = SYSLOG:DEBUG
kdc = SYSLOG:DEBUG
admin_server = SYSLOG:DEBUG
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = ${NFS_KRB_REALM}
[realms]
${NFS_KRB_REALM} = {
kdc = localhost
admin_server = localhost
}
EOL
cat > /etc/idmapd.conf << EOC
[General]
Domain = ${NFS_KRB_REALM}
Verbosity = 5
EOC
cat > /etc/nfs.conf << EOC
[general]
pipefs-directory=/run/rpc_pipefs
[exports]
[exportfs]
debug=1
[gssd]
verbosity=5
rpc-verbosity=5
keytab-file=/etc/krb5.keytab
[exportd]
debug="all"
[mountd]
debug="all"
manage-gids=y
port=892
[nfsdcld]
debug=1
[nfsdcltrack]
debug=1
[nfsd]
debug=1
# threads=8
# host=
# grace-time=90
# lease-time=90
udp=y
tcp=y
vers3=y
vers4=y
vers4.0=y
vers4.1=y
vers4.2=y
EOC
touch /var/lib/krb5kdc/kadm5.acl
kdb5_util -r "${NFS_KRB_REALM}" create -s << EOL
${NFS_KRB_PWD}
${NFS_KRB_PWD}
EOL
DOMAIN=$(echo "$NFS_KRB_REALM" | tr '[:upper:]' '[:lower:]')
echo "${DOMAIN}" > /etc/hostname
# setup logging
rpcdebug -m nfsd -s all
rpcdebug -m nfs -s all
rpcdebug -m rpc -s all
kadmin.local << EOS
addprinc ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
${NFS_KRB_PWD}
${NFS_KRB_PWD}
ktadd -norandkey ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
EOS

85
entrypoint-ubuntu.sh
View File

@ -35,73 +35,12 @@ EOE
chmod 777 "${SHARED_DIRECTORY}" chmod 777 "${SHARED_DIRECTORY}"
fi fi
cat > /etc/krb5.conf << EOL
[logging]
default = SYSLOG:DEBUG
kdc = SYSLOG:DEBUG
admin_server = SYSLOG:DEBUG
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = ${NFS_KRB_REALM}
[realms]
${NFS_KRB_REALM} = {
kdc = localhost
admin_server = localhost
}
EOL
cat > /etc/idmapd.conf << EOC cat > /etc/idmapd.conf << EOC
[General] [General]
Domain = $DOMAIN Domain = $DOMAIN
Verbosity = 5 Verbosity = 5
EOC EOC
cat > /etc/nfs.conf << EOC
[general]
pipefs-directory=/run/rpc_pipefs
[exportfs]
debug=1
[gssd]
verbosity=5
rpc-verbosity=5
keytab-file=/etc/krb5.keytab
[exportd]
debug="all"
[mountd]
debug="all"
manage-gids=y
port=892
[nfsdcld]
debug=1
[nfsdcltrack]
debug=1
[nfsd]
debug=1
# threads=8
# host=
# grace-time=90
# lease-time=90
udp=y
tcp=y
vers3=y
vers4=y
vers4.0=y
vers4.1=y
vers4.2=y
EOC
cat > /etc/default/nfs-common << EOC cat > /etc/default/nfs-common << EOC
NEED_STATD=y NEED_STATD=y
@ -114,32 +53,10 @@ EOC
echo NEED_SVCGSSD=y > /etc/default/nfs-kernel-server echo NEED_SVCGSSD=y > /etc/default/nfs-kernel-server
./common.sh
touch /var/lib/krb5kdc/kadm5.acl
exportfs -rvaf exportfs -rvaf
kdb5_util -r "${NFS_KRB_REALM}" create -s << EOL
${NFS_KRB_PWD}
${NFS_KRB_PWD}
EOL
echo "${DOMAIN}" > /etc/hostname
# setup logging
syslogd
rpcdebug -m nfsd -s all
rpcdebug -m nfs -s all
rpcdebug -m rpc -s all
kadmin.local << EOS
addprinc ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
${NFS_KRB_PWD}
${NFS_KRB_PWD}
ktadd -norandkey ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
EOS
export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3' export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3'
echo "OPTS_RPC_MOUNTD=\"${OPTS_RPC_MOUNTD}\"" >> /etc/conf.d/nfs echo "OPTS_RPC_MOUNTD=\"${OPTS_RPC_MOUNTD}\"" >> /etc/conf.d/nfs
service nfs restart service nfs restart

98
entrypoint.sh
View File

@ -21,6 +21,7 @@ UID=${NFS_UID:-0}
apk add --no-cache --update alpine-conf apk add --no-cache --update alpine-conf
setup-timezone -z "${SRV_TZ:-${DEFALUT_TIMEZONE}}" setup-timezone -z "${SRV_TZ:-${DEFALUT_TIMEZONE}}"
apk del alpine-conf apk del alpine-conf
cat > /etc/chrony/chrony.conf << 'EOF' cat > /etc/chrony/chrony.conf << 'EOF'
pool 0.pool.ntp.org iburst pool 0.pool.ntp.org iburst
pool 1.pool.ntp.org iburst pool 1.pool.ntp.org iburst
@ -40,101 +41,15 @@ EOE
chmod 777 "${SHARED_DIRECTORY}" chmod 777 "${SHARED_DIRECTORY}"
fi fi
cat > /etc/krb5.conf << EOL # setup logging
[logging] syslogd
default = SYSLOG:DEBUG
kdc = SYSLOG:DEBUG
admin_server = SYSLOG:DEBUG
[libdefaults] ./common.sh
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = ${NFS_KRB_REALM}
[realms]
${NFS_KRB_REALM} = {
kdc = localhost
admin_server = localhost
}
EOL
cat > /etc/idmapd.conf << EOC
[General]
Domain = ${NFS_KRB_REALM}
Verbosity = 5
EOC
cat > /etc/nfs.conf << EOC
[general]
pipefs-directory=/run/rpc_pipefs
[exports]
[exportfs]
debug=1
[gssd]
verbosity=5
rpc-verbosity=5
keytab-file=/etc/krb5.keytab
[exportd]
debug="all"
[mountd]
debug="all"
manage-gids=y
port=892
[nfsdcld]
debug=1
[nfsdcltrack]
debug=1
[nfsd]
debug=1
# threads=8
# host=
# grace-time=90
# lease-time=90
udp=y
tcp=y
vers3=y
vers4=y
vers4.0=y
vers4.1=y
vers4.2=y
EOC
touch /var/lib/krb5kdc/kadm5.acl
exportfs -rvaf exportfs -rvaf
kdb5_util -r "${NFS_KRB_REALM}" create -s << EOL
${NFS_KRB_PWD}
${NFS_KRB_PWD}
EOL
echo "${NFS_KRB_REALM}" > /etc/hostname echo "${NFS_KRB_REALM}" > /etc/hostname
# setup logging
syslogd
rpcdebug -m nfsd -s all
rpcdebug -m nfs -s all
rpcdebug -m rpc -s all
kadmin.local << EOS
addprinc ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
${NFS_KRB_PWD}
${NFS_KRB_PWD}
ktadd -norandkey ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
EOS
export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3' export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3'
cat >> /etc/conf.d/nfs <<EOC cat >> /etc/conf.d/nfs <<EOC
@ -147,11 +62,12 @@ EOC
rc-service krb5kdc start rc-service krb5kdc start
rc-service krb5kadmind start rc-service krb5kadmind start
rc-service nfs start rc-service nfs start
kill -9 `pidof rpc.svcgssd`
# shellcheck disable=SC2046
kill -9 $(pidof rpc.svcgssd)
rpc.gssd -vf &> /var/log/rpc-gssd.log & rpc.gssd -vf &> /var/log/rpc-gssd.log &
rpc.svcgssd -vf &> /var/log/gssd.log & rpc.svcgssd -vf &> /var/log/gssd.log &
cat /etc/krb5.conf cat /etc/krb5.conf
while true; do while true; do