#!/bin/bash set -xo pipefail trap "stop; exit 0;" SIGTERM SIGINT stop() { echo "signal caught, stopping the world..." exportfs -uav rc-service krb5kdc stop rc-service kadmin stop rc-service nfs stop echo "bye!" exit } DEFALUT_TIMEZONE="America/New_York" DEFAULT_PERMITTED="*" RW_MODE="rw" UID=${NFS_UID:-0} apk add --no-cache --update alpine-conf setup-timezone -z "${SRV_TZ:-${DEFALUT_TIMEZONE}}" apk del alpine-conf cat > /etc/chrony/chrony.conf << 'EOF' pool 0.pool.ntp.org iburst pool 1.pool.ntp.org iburst EOF rc-service chronyd start && rc-update add chronyd default if [ -n "${SHARED_DIRECTORY}" ]; then mkdir -p /exports"${SHARED_DIRECTORY}" options="(${RW_MODE:-rw},no_root_squash,sync,no_subtree_check,insecure,sec=krb5p:krb5i:krb5)" mount --bind "${SHARED_DIRECTORY}" /exports"${SHARED_DIRECTORY}" cat > /etc/exports <<- EOE /exports ${PERMITTED:-${DEFAULT_PERMITTED}}(${RW_MODE:-rw},no_root_squash,insecure,no_subtree_check,hide,fsid=0,sync,sec=krb5p:krb5i:krb5) /exports${SHARED_DIRECTORY} ${PERMITTED:-${DEFAULT_PERMITTED}}${options%?},fsid=1) EOE chmod 777 "${SHARED_DIRECTORY}" else cp /etc/exports.mnt /etc/exports grep -vi "^[[:space:]]*#" /etc/exports | while read -r line; do if [ -n "${line}" ]; then trimmed="${line##*([[:space:]])}" # shellcheck disable=SC2001 rcdir="$(eval "declare -a str=($( echo "$trimmed" | sed 's/[][`~!@#$%^&*():;<>.,?|{}=+-]/\\&/g' )); echo \${str[0]}")" cdir="${rcdir##*(\")}" echo "${cdir}" mkdir -p "/exports${cdir}" mount --bind -o rw "${cdir}" "/exports${cdir}" chmod 777 "/exports${cdir}" fi done sed -i -r '/^[[:space:]]*#/!s/^("?)/\1\/exports/' /etc/exports # root entry echo -e "\n/exports *(rw,no_root_squash,insecure,no_subtree_check,nohide,fsid=0,sync,sec=krb5p:krb5i:krb5)" >> /etc/exports fi # setup logging syslogd ./common.sh exportfs -rvaf export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3' cat >> /etc/conf.d/nfs < /var/log/rpc-gssd.log & rpc.svcgssd -vf &> /var/log/gssd.log & cat /etc/krb5.conf while true; do sleep 360 done