mirror/bashclub.zamba-lxc-toolbox
1
0
Fork 0
mirror of https://git.bashclub.org/bashclub/zamba-lxc-toolbox.git synced 2025-08-30 06:39:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

t

Browse source
This commit is contained in:
Hayden Lee 2025-05-03 08:15:17 -04:00
parent 0c91d48778
commit 831d9b7318
2 changed files with 28 additions and 253 deletions
Download patch file Download diff file Expand all files Collapse all files

56
conf/README.md
View file

@ -57,27 +57,27 @@ LXC_HOSTNAME="zamba"
### LXC_DOMAIN
Defines the domain name / search domain of your LXC container
```bash
LXC_DOMAIN="zmb.rocks"
LXC_DOMAIN="y2hay.com"
```
### LXC_DHCP
Enable DHCP on LAN (eth0) - (Obtain an IP address automatically) [true/false]
```bash
LXC_DHCP=false
LXC_DHCP=true
```
### LXC_IP
Defines the local IP address and subnet of your LXC container in CIDR format
```bash
LXC_IP="10.10.80.20/24"
LXC_IP="10.10.0.101/24"
```
### LXC_GW
Defines the default gateway IP address of your LXC container
```bash
LXC_GW="10.10.80.254"
LXC_GW="10.10.0.1"
```
### LXC_DNS
Defines the DNS server ip address of your LXC container
```bash
LXC_DNS="10.10.80.254"
LXC_DNS="1.1.1.1"
```
`zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
@ -94,7 +94,7 @@ LXC_VLAN="80"
### LXC_PWD
Defines the `root` password of your LXC container. Please use 'single quotation marks' to avoid unexpected behaviour.
```bash
LXC_PWD="Start!123"
LXC_PWD='666666'
```
### LXC_AUTHORIZED_KEY
Defines an authorized_keys file to push into the LXC container.
@ -104,18 +104,18 @@ LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys"
```
### LXC_TOOLSET
Define your (administrative) tools, you always want to have installed into your LXC container
```bash
LXC_TOOLSET="vim htop net-tools dnsutils sysstat mc"
``` bash
LXC_TOOLSET="vim htop net-tools dnsutils btop sysstat mc"
```
### LXC_TIMEZONE
Define the local timezone of your LXC container (default: Euroe/Berlin)
```bash
LXC_TIMEZONE="Europe/Berlin"
LXC_TIMEZONE="UTC"
```
### LXC_LOCALE
Define system language on LXC container (locales)
```bash
LXC_LOCALE="de_DE.utf8"
LXC_LOCALE="en_US.utf8"
```
This parameter is not used yet, but will be integrated in future releases.
@ -134,12 +134,12 @@ This section configures the Zamba server (AD DC, AD member and standalone)
### ZMB_REALM
Defines the REALM for the Active Directory (AD DC, AD member)
```bash
ZMB_REALM="ZMB.ROCKS"
ZMB_REALM="y2hay.y2home"
```
### ZMB_DOMAIN
Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone)
```bash
ZMB_DOMAIN="ZMB"
ZMB_DOMAIN="y2home"
```
### ZMB_ADMIN_USER
Defines the name of your domain administrator account (AD DC, AD member, standalone)
@ -149,14 +149,14 @@ ZMB_ADMIN_USER="Administrator"
### ZMB_ADMIN_PASS
Defines the domain administrator's password (AD DC, AD member).
```bash
ZMB_ADMIN_PASS='Start!123'
ZMB_ADMIN_PASS='Parabola617!'
```
Please use 'single quotation marks' to avoid unexpected behaviour.
`zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail.
### ZMB_SHARE
Defines the name of your Zamba share
```bash
ZMB_SHARE="share"
ZMB_SHARE="lclpool"
```
<br>
@ -167,12 +167,12 @@ This section configures the mailpiler email archive
### PILER_FQDN
Defines the (public) FQDN of your piler mail archive
```bash
PILER_FQDN="piler.zmb.rocks"
PILER_FQDN="piler.y2hay.com"
```
### PILER_SMARTHOST
Defines the smarthost for piler mail archive
```bash
PILER_SMARTHOST="your.mailserver.tld"
PILER_SMARTHOST="mail.y2hay.com"
```
<br>
@ -183,13 +183,13 @@ This section configures the matrix chat server
### MATRIX_FQDN
Define the FQDN of your Matrix server
```bash
MATRIX_FQDN="matrix.zmb.rocks"
MATRIX_FQDN="enterthe.matrix.y2hay.com"
```
### MATRIX_ELEMENT_FQDN
Define the FQDN for the Element Web virtual host
```bash
MATRIX_ELEMENT_FQDN="element.zmb.rocks"
MATRIX_ELEMENT_FQDN="element.y2hay.com"
```
### MATRIX_ADMIN_USER
@ -201,7 +201,7 @@ MATRIX_ADMIN_USER="admin"
### MATRIX_ADMIN_PASSWORD
Define the admin password
```bash
MATRIX_ADMIN_PASSWORD="Start!123"
MATRIX_ADMIN_PASSWORD="Parabola617!"
```
## Nextcloud-Section
@ -209,7 +209,7 @@ MATRIX_ADMIN_PASSWORD="Start!123"
### NEXTCLOUD_FQDN
Define the FQDN of your Nextcloud server
```bash
NEXTCLOUD_FQDN="nc1.zmb.rocks"
NEXTCLOUD_FQDN="cloudy.y2hay.com"
```
### NEXTCLOUD_ADMIN_USR
@ -221,7 +221,7 @@ NEXTCLOUD_ADMIN_USR="zmb-admin"
### NEXTCLOUD_ADMIN_PWD
Build a strong password for this user. Username and password will shown at the end of the instalation.
```bash
NEXTCLOUD_ADMIN_PWD="$(random_password)"
NEXTCLOUD_ADMIN_PWD="Parabola617!"
```
### NEXTCLOUD_DATA
Defines the data directory, which will be createt under LXC_SHAREFS_MOUNTPOINT
@ -231,7 +231,7 @@ NEXTCLOUD_DATA="nc_data"
### NEXTCLOUD_REVPROX
Defines the trusted reverse proxy, which will enable the detection of source ip to fail2ban
```bash
NEXTCLOUD_REVPROX="192.168.100.254"
NEXTCLOUD_REVPROX="10.10.0.254"
```
## Check_MK-Section
@ -245,7 +245,7 @@ CMK_INSTANCE=zmbrocks
### CMK_ADMIN_PW
Define the password of user 'cmkadmin'
```bash
CMK_ADMIN_PW='Start!123'
CMK_ADMIN_PW='666666'
```
### CMK_EDITION
@ -260,14 +260,14 @@ CMK_EDITION=raw
### KOPANO_FQDN
Define the FQDN of your Nextcloud server
```bash
KOPANO_FQDN="kopano.zmb.rocks
KOPANO_FQDN="kopano.y2hay.com"
```
### KOPANO_MAILGW=
Define the host, to which mails will send.
```bash
KOPANO_MAILGW="192.168.100.254"
KOPANO_MAILGW="10.10.0.114"
```
### KOPANO_REPKEY
@ -296,7 +296,7 @@ display name to send from
```bash
VW_SMTP_FROM_NAME="Vaultwarden Password Manager"
```
### VW_SMTP_PORT
Smtp-port of your mailserver
```bash
@ -306,7 +306,7 @@ VW_SMTP_PORT=587
### VW_SMTP_SSL
Use ssl true/false
```bash
VW_SMTP_SSL=true
VW_SMTP_SSL=false
```
### VW_SMTP_EXPLICIT_TLS
@ -324,6 +324,6 @@ VW_SMTP_USERNAME=vaultwarden@bashclub.org
### VW_SMTP_PASSWORD
Password of your mailbox
```bash
VW_SMTP_PASSWORD='<yourEmailPassword>'
VW_SMTP_PASSWORD="Parabola617!"
```

225
conf/zamba.conf.example
View file

@ -1,225 +0,0 @@
#!/bin/bash
# This ist the Zamba main configuration file.
# Please adjust the settings to your needs before running the installer.
# Authors:
# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
############### Linux Container Section ###############
# Defines the Proxmox storage where your LXC container template are stored (default: local)
LXC_TEMPLATE_STORAGE="local"
# Defines the size in GB of the LXC container's root filesystem (default: 32)
# Depending on your environment, you should consider increasing the size for use of `mailpiler` or `matrix`.
LXC_ROOTFS_SIZE="32"
# Defines the Proxmox storage where your LXC container's root filesystem will be generated (default: local-zfs)
LXC_ROOTFS_STORAGE="local-zfs"
# Defines the size in GB your LXC container's filesystem shared by Zamba (AD member & standalone) (default: 100)
LXC_SHAREFS_SIZE="100"
# Defines the Proxmox storage where your LXC container's filesystem shared by Zamba will be generated (default: local-zfs)
LXC_SHAREFS_STORAGE="local-zfs"
# Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank)
# Moved to constants-service.conf, be careful if you override this value
# LXC_SHAREFS_MOUNTPOINT="tank"
# cpu core count (default: 0 = unlimited)
LXC_THREADS=0
# Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
LXC_MEM=1024
# Defines the amount of swap space in MB your LXC container is allowed to use (default: 1024)
LXC_SWAP=1024
# Defines the hostname of your LXC container
LXC_HOSTNAME="${service}"
# Defines the domain name / search domain of your LXC container
LXC_DOMAIN="zmb.rocks"
# Enable DHCP on LAN (eth0) - (Obtain an IP address automatically) [true/false]
LXC_DHCP=false
# Defines the local IP address and subnet of your LXC container in CIDR format
LXC_IP="192.168.100.200/24"
# Defines the default gateway IP address of your LXC container
LXC_GW="192.168.100.254"
# Defines the DNS server ip address of your LXC container
# `zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
# For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
LXC_DNS="192.168.100.254"
# Defines the network bridge to bind the network adapter of your LXC container
LXC_BRIDGE="vmbr0"
# Defines the vlan id of the LXC container's network interface, if the network adapter should be connected untagged, just leave the value empty.
LXC_VLAN=NONE
# Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour.
LXC_PWD='Start!123'
# Defines an authorized_keys file to push into the LXC container.
# By default the authorized_keys will be inherited from your proxmox host.
LXC_AUTHORIZED_KEY=~/.ssh/authorized_keys
# Define your (administrative) tools, you always want to have installed into your LXC container
LXC_TOOLSET="vim htop net-tools dnsutils sysstat mc"
# Define the local timezone of your LXC container (default: Euroe/Berlin)
LXC_TIMEZONE="Europe/Berlin"
# Define system language on LXC container (locales)
# With this paramater you can generate additional locales, the default language will be inherited from proxmox host.
# en_US.UTF-8 english
# de_DE.UTF-8 german (default)
LXC_LOCALE="de_DE.UTF-8"
# Set dark background for vim syntax highlighting (0 or 1)
LXC_VIM_BG_DARK=1
# Default random password length
LXC_RANDOMPWD=32
# Move lxc to specific ressource pool
LXC_RESSOURCE_POOL=""
# Automatically add meta tags to lxc container
LXC_AUTOTAG=1
# Add meta tags to linux container
LXC_TAGS="linux,debian,${service}"
############### Zamba-Server-Section ###############
# Defines the REALM for the Active Directory (AD DC, AD member)
ZMB_REALM="ZMB.ROCKS"
# Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone)
ZMB_DOMAIN="ZMB"
# Defines the name of your domain administrator account (AD DC, AD member, standalone)
ZMB_ADMIN_USER="administrator"
# The admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour
# `zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail
ZMB_ADMIN_PASS='Start!123'
# Defines the name of your Zamba share
ZMB_SHARE="share"
############### Mailpiler-Section ###############
PILER_BRANCH=release
############### Matrix-Section ###############
# Define the FQDN of your Matrix server
MATRIX_FQDN="matrix.zmb.rocks"
# Define the FQDN for the Element Web virtual host
MATRIX_ELEMENT_FQDN="element.zmb.rocks"
# Define the administrative user of matrix service
MATRIX_ADMIN_USER="admin"
# Define the admin password
MATRIX_ADMIN_PASSWORD='Start!123'
############### Nextcloud-Section ###############
# Define the FQDN of your Nextcloud server
NEXTCLOUD_FQDN="nextcloud.zmb.rocks"
# The initial admin-user which will be configured
NEXTCLOUD_ADMIN_USR="zmb-admin"
# Build a strong password for this user. Username and password will shown at the end of the installation.
# NEXTCLOUD_ADMIN_PWD='very_secure_password'
# Defines the data directory, which will be createt under LXC_SHAREFS_MOUNTPOINT
NEXTCLOUD_DATA="nc_data"
# Defines the trusted reverse proxy, which will enable the detection of source ip to fail2ban
NEXTCLOUD_REVPROX="192.168.100.254"
############### Check_MK-Section ###############
# Define the name of your checkmk instance
CMK_INSTANCE=zmbrocks
# Define the password of user 'cmkadmin'
CMK_ADMIN_PW='Start!123'
# checkmk edition (raw or free)
# raw = completely free
# free = limited version of the enterprise edition (25 hosts, 1 instance)
CMK_EDITION=raw
############### Kopano-Section ###############
# Define the FQDN of your Nextcloud server
KOPANO_FQDN="kopano.zmb.rocks"
# Defines the trusted reverse proxy, which will enable the detection of source ip to fail2ban
KOPANO_MAILGW="192.168.100.254"
# Kopano test- or subscription-key offerd from
# https://kopano.com/downloads-demo/?demo=Kopano+Groupware&headline=Packages&target=Debian+10
KOPANO_REPKEY="1234567890abcdefghijklmno"
############### vaultwarden Section ###############
# Enable/disable signups (true/false)
VW_SIGNUPS_ALLOWED=false
# Hostname of your mailserver
VW_SMTP_HOST=mail.bashclub.org
# email address to send from
VW_SMTP_FROM="vaultwarden@bashclub.org"
# display name to send from
VW_SMTP_FROM_NAME="Vaultwarden Password Manager"
# port of your mailserver
VW_SMTP_PORT=587
# use ssl?
VW_SMTP_SSL=true
# use starttls?
VW_SMTP_EXPLICIT_TLS=false
# username of your mailbox
VW_SMTP_USERNAME=vaultwarden@bashclub.org
# password of your mailbox
VW_SMTP_PASSWORD='<yourEmailPassword>'
############### ansible-semaphore Section ###############
SEMAPHORE_ADMIN=admin
SEMAPHORE_ADMIN_DISPLAY_NAME="Semaphore Administrator"
SEMAPHORE_ADMIN_EMAIL="admin@zmb.rocks"
SEMAPHORE_ADMIN_PASSWORD='Start123'
############### docker Section ###############
# Install Portainer (=full), Protainer Agent (=agent) or none
PORTAINER=none
############### zabbix Section ###############
# (Zabbix Proxy) Name:Port of the zabbix server
ZBX_ADDR=zabbix.zmb.rocks:10051
############### freescout Section ################
FS_FIRSTNAME=Max
FS_LASTNAME=Mustermann
FS_EMAIL=mail@zmb.rocks