mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-03-03 17:35:54 +00:00
5dc244a8c1
* Standardize exit codes and add mappings Replace generic exit 1 usages with specific numeric exit codes and add corresponding explanations to the error lookup. This commit updates multiple misc/* scripts to return distinct codes for validation, Proxmox/LXC, networking, download and curl errors (e.g. 103-123, 64, 107-120, 206, 0 for explicit user cancels). It also updates curl error handling to propagate the original curl exit code and adds new entries in explain_exit_code and the error handler to improve diagnostics. * Set exit code 115 for update_os errors Change exit status from 6 to 115 in misc/alpine-install.func's update_os() error handlers when failing to download tools.func or when the expected functions are missing. This gives a distinct exit code for these specific failure cases. * Add tools/addon exit codes and use them Introduce exit codes 232-238 for Tools & Addon scripts in misc/api.func and misc/error_handler.func. Update addon scripts (tools/addon/adguardhome-sync.sh, tools/addon/copyparty.sh, tools/addon/cronmaster.sh) to return specific codes instead of generic exit 1: 238 for unsupported OS and 233 when the application is not installed/upgrade prerequisites are missing. This makes failures more descriptive and aligns scripts with the central error explanations. * Standardize exit codes in exporter addons Unify exit codes across exporter addon scripts: return 238 for unsupported OS detections and 233 when an update is requested but the exporter is not installed. Applied to nextcloud-exporter.sh, pihole-exporter.sh, prometheus-paperless-ngx-exporter.sh, and qbittorrent-exporter.sh to make failure modes distinguishable for callers/automation. * Use specific exit codes in addon scripts Replace generic exit 1 with distinct exit codes across multiple addon scripts to enable finer-grained error handling in automation. Exit codes introduced: 10 for Docker/Compose missing or user-declined Docker install, 233 for "nothing to update" cases, and 238 for unsupported OS cases. Affected files: tools/addon/arcane.sh, coolify.sh, dockge.sh, dokploy.sh, filebrowser-quantum.sh, filebrowser.sh, immich-public-proxy.sh, jellystat.sh, runtipi.sh. * Use specific exit codes in addon scripts Replace generic exit 1 with specific exit codes across multiple addon scripts to improve error signaling and handling. Files updated: tools/addon/add-netbird-lxc.sh (exit 238 on unsupported distro), tools/addon/add-tailscale-lxc.sh (treat user cancel as exit 0), tools/addon/glances.sh (exit 233 when not installed), tools/addon/komodo.sh (distinct exits for missing compose, legacy DB, backup/download failures, docker checks), tools/addon/netdata.sh (distinct exits for unsupported PVE versions, OS/codename detection, repo lookups), and tools/addon/phpmyadmin.sh (distinct exits for unsupported OS, network/download issues, package install/start failures, and invalid input). These changes make failures easier to identify and automate recovery or reporting. * Use specific exit codes in PVE scripts Replace generic exit 1 with distinct exit codes across tools/pve scripts to provide clearer failure signals for callers. post-pve-install.sh now returns 105 for unsupported Proxmox versions; pve-privilege-converter.sh uses 104 for non-root, 234 when no containers, and 235 for backup/conversion failures; update-apps.sh maps backup failures to 235, missing containers/selections to 234 (and UI cancellations to 0), missing backup storage to 119, and returns the actual container update exit code on failure. These changes improve diagnostics and allow external tooling to react to specific error conditions. * Standardize exit codes and behaviors Adjust exit codes and abort handling across multiple PVE helper scripts to provide clearer outcomes for automation and interactive flows. Changes include: - container-restore-from-backup.sh, core-restore-from-backup.sh: return 235 when no backups found (was 1). - fstrim.sh: treat user cancellation of non-ext4 warning as non-error (exit 0 instead of 1). - kernel-clean.sh: treat no selection or user abort as non-error (exit 0 instead of 1). - lxc-delete.sh: return 234 when no containers are present; treat no selection as non-error (exit 0). - nic-offloading-fix.sh: use specific non-zero codes for root check and tool install failures (exit 104, 237) and 236 when no matching interfaces (was 1). - pbs_microcode.sh, post-pmg-install.sh, post-pbs-install.sh: use distinct exit codes (232 and 105) for detected VM/PVE/unsupported distro conditions instead of generic 1. These modifications make scripts return distinct codes for different failure modes and ensure user-initiated aborts or benign conditions exit with 0 where appropriate. * Use exit 105 for unsupported PVE versions Standardize error handling by replacing generic exit 1 with exit 105 in pve_check() across multiple VM template scripts to indicate unsupported Proxmox VE versions. Also add API exit code 226 message for "Proxmox: VM disk import or post-creation setup failed" in misc/api.func. Affected files include misc/api.func and various vm/*-vm.sh scripts. * Use specific exit codes in VM scripts Replace generic exit 1 with distinct exit codes across vm/*.sh to make failures more actionable for callers. Changes include: use 226 for missing imported-disk references, 237 for pv installation failures, 115 for download/extract/ISO-related failures, 214 for insufficient disk space during FreeBSD decompression, and 119 for missing storage detection. Updated scripts: archlinux-vm.sh, docker-vm.sh, haos-vm.sh, openwrt-vm.sh, opnsense-vm.sh, truenas-vm.sh, umbrel-os-vm.sh.
333 lines
13 KiB
Bash
333 lines
13 KiB
Bash
# Copyright (c) 2021-2026 community-scripts ORG
|
|
# Author: tteck (tteckster)
|
|
# Co-Author: MickLesk
|
|
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
|
|
|
# ==============================================================================
|
|
# INSTALL.FUNC - CONTAINER INSTALLATION & SETUP
|
|
# ==============================================================================
|
|
#
|
|
# This file provides installation functions executed inside LXC containers
|
|
# after creation. Handles:
|
|
#
|
|
# - Network connectivity verification (IPv4/IPv6)
|
|
# - OS updates and package installation
|
|
# - DNS resolution checks
|
|
# - MOTD and SSH configuration
|
|
# - Container customization and auto-login
|
|
#
|
|
# Usage:
|
|
# - Sourced by <app>-install.sh scripts
|
|
# - Executes via pct exec inside container
|
|
# - Requires internet connectivity
|
|
#
|
|
# ==============================================================================
|
|
|
|
# ==============================================================================
|
|
# SECTION 1: INITIALIZATION
|
|
# ==============================================================================
|
|
|
|
if ! command -v curl >/dev/null 2>&1; then
|
|
printf "\r\e[2K%b" '\033[93m Setup Source \033[m' >&2
|
|
apt update >/dev/null 2>&1
|
|
apt install -y curl >/dev/null 2>&1
|
|
fi
|
|
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/core.func)
|
|
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/error_handler.func)
|
|
load_functions
|
|
catch_errors
|
|
|
|
# Persist diagnostics setting inside container (exported from build.func)
|
|
# so addon scripts running later can find the user's choice
|
|
if [[ ! -f /usr/local/community-scripts/diagnostics ]]; then
|
|
mkdir -p /usr/local/community-scripts
|
|
echo "DIAGNOSTICS=${DIAGNOSTICS:-no}" >/usr/local/community-scripts/diagnostics
|
|
fi
|
|
|
|
# Get LXC IP address (must be called INSIDE container, after network is up)
|
|
get_lxc_ip
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# post_progress_to_api()
|
|
#
|
|
# - Lightweight progress ping from inside the container
|
|
# - Updates the existing telemetry record status
|
|
# - Arguments:
|
|
# * $1: status (optional, default: "configuring")
|
|
# - Signals that the installation is actively progressing (not stuck)
|
|
# - Fire-and-forget: never blocks or fails the script
|
|
# - Only executes if DIAGNOSTICS=yes and RANDOM_UUID is set
|
|
# ------------------------------------------------------------------------------
|
|
post_progress_to_api() {
|
|
command -v curl &>/dev/null || return 0
|
|
[[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0
|
|
[[ -z "${RANDOM_UUID:-}" ]] && return 0
|
|
|
|
local progress_status="${1:-configuring}"
|
|
|
|
curl -fsS -m 5 -X POST "https://telemetry.community-scripts.org/telemetry" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"lxc\",\"nsapp\":\"${app:-unknown}\",\"status\":\"${progress_status}\"}" &>/dev/null || true
|
|
}
|
|
|
|
# ==============================================================================
|
|
# SECTION 2: NETWORK & CONNECTIVITY
|
|
# ==============================================================================
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# verb_ip6()
|
|
#
|
|
# - Configures IPv6 based on DISABLEIPV6 variable
|
|
# - If DISABLEIPV6=yes: disables IPv6 via sysctl
|
|
# - Sets verbose mode via set_std_mode()
|
|
# ------------------------------------------------------------------------------
|
|
verb_ip6() {
|
|
set_std_mode # Set STD mode based on VERBOSE
|
|
|
|
if [ "${IPV6_METHOD:-}" = "disable" ]; then
|
|
msg_info "Disabling IPv6 (this may affect some services)"
|
|
mkdir -p /etc/sysctl.d
|
|
$STD tee /etc/sysctl.d/99-disable-ipv6.conf >/dev/null <<EOF
|
|
# Disable IPv6 (set by community-scripts)
|
|
net.ipv6.conf.all.disable_ipv6 = 1
|
|
net.ipv6.conf.default.disable_ipv6 = 1
|
|
net.ipv6.conf.lo.disable_ipv6 = 1
|
|
EOF
|
|
$STD sysctl -p /etc/sysctl.d/99-disable-ipv6.conf
|
|
msg_ok "Disabled IPv6"
|
|
fi
|
|
}
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# setting_up_container()
|
|
#
|
|
# - Verifies network connectivity via hostname -I
|
|
# - Retries up to RETRY_NUM times with RETRY_EVERY seconds delay
|
|
# - Removes Python EXTERNALLY-MANAGED restrictions
|
|
# - Disables systemd-networkd-wait-online.service for faster boot
|
|
# - Exits with error if network unavailable after retries
|
|
# ------------------------------------------------------------------------------
|
|
setting_up_container() {
|
|
msg_info "Setting up Container OS"
|
|
|
|
# Fix Debian 13 LXC template bug where / is owned by nobody
|
|
# Only attempt in privileged containers (unprivileged cannot chown /)
|
|
if [[ "$(stat -c '%U' /)" != "root" ]]; then
|
|
(chown root:root / 2>/dev/null) || true
|
|
fi
|
|
|
|
for ((i = RETRY_NUM; i > 0; i--)); do
|
|
if [ "$(hostname -I)" != "" ]; then
|
|
break
|
|
fi
|
|
echo 1>&2 -en "${CROSS}${RD} No Network! "
|
|
sleep $RETRY_EVERY
|
|
done
|
|
if [ "$(hostname -I)" = "" ]; then
|
|
echo 1>&2 -e "\n${CROSS}${RD} No Network After $RETRY_NUM Tries${CL}"
|
|
echo -e "${NETWORK}Check Network Settings"
|
|
exit 121
|
|
fi
|
|
rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
|
|
systemctl disable -q --now systemd-networkd-wait-online.service
|
|
msg_ok "Set up Container OS"
|
|
#msg_custom "${CM}" "${GN}" "Network Connected: ${BL}$(hostname -I)"
|
|
msg_ok "Network Connected: ${BL}$(hostname -I)"
|
|
post_progress_to_api
|
|
}
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# network_check()
|
|
#
|
|
# - Comprehensive network connectivity check for IPv4 and IPv6
|
|
# - Tests connectivity to multiple DNS servers:
|
|
# * IPv4: 1.1.1.1 (Cloudflare), 8.8.8.8 (Google), 9.9.9.9 (Quad9)
|
|
# * IPv6: 2606:4700:4700::1111, 2001:4860:4860::8888, 2620:fe::fe
|
|
# - Verifies DNS resolution for GitHub and Community-Scripts domains
|
|
# - Prompts user to continue if no internet detected
|
|
# - Uses fatal() on DNS resolution failure for critical hosts
|
|
# ------------------------------------------------------------------------------
|
|
network_check() {
|
|
set +e
|
|
trap - ERR
|
|
ipv4_connected=false
|
|
ipv6_connected=false
|
|
sleep 1
|
|
|
|
# Check IPv4 connectivity to Google, Cloudflare & Quad9 DNS servers.
|
|
if ping -c 1 -W 1 1.1.1.1 &>/dev/null || ping -c 1 -W 1 8.8.8.8 &>/dev/null || ping -c 1 -W 1 9.9.9.9 &>/dev/null; then
|
|
msg_ok "IPv4 Internet Connected"
|
|
ipv4_connected=true
|
|
else
|
|
msg_error "IPv4 Internet Not Connected"
|
|
fi
|
|
|
|
# Check IPv6 connectivity to Google, Cloudflare & Quad9 DNS servers.
|
|
if ping6 -c 1 -W 1 2606:4700:4700::1111 &>/dev/null || ping6 -c 1 -W 1 2001:4860:4860::8888 &>/dev/null || ping6 -c 1 -W 1 2620:fe::fe &>/dev/null; then
|
|
msg_ok "IPv6 Internet Connected"
|
|
ipv6_connected=true
|
|
else
|
|
msg_error "IPv6 Internet Not Connected"
|
|
fi
|
|
|
|
# If both IPv4 and IPv6 checks fail, prompt the user
|
|
if [[ $ipv4_connected == false && $ipv6_connected == false ]]; then
|
|
read -r -p "No Internet detected, would you like to continue anyway? <y/N> " prompt
|
|
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
|
|
echo -e "${INFO}${RD}Expect Issues Without Internet${CL}"
|
|
else
|
|
echo -e "${NETWORK}Check Network Settings"
|
|
exit 122
|
|
fi
|
|
fi
|
|
|
|
# DNS resolution checks for GitHub-related domains (IPv4 and/or IPv6)
|
|
GIT_HOSTS=("github.com" "raw.githubusercontent.com" "api.github.com" "git.community-scripts.org")
|
|
GIT_STATUS="Git DNS:"
|
|
DNS_FAILED=false
|
|
|
|
for HOST in "${GIT_HOSTS[@]}"; do
|
|
RESOLVEDIP=$(getent hosts "$HOST" | awk '{ print $1 }' | grep -E '(^([0-9]{1,3}\.){3}[0-9]{1,3}$)|(^[a-fA-F0-9:]+$)' | head -n1)
|
|
if [[ -z "$RESOLVEDIP" ]]; then
|
|
GIT_STATUS+="$HOST:($DNSFAIL)"
|
|
DNS_FAILED=true
|
|
else
|
|
GIT_STATUS+=" $HOST:($DNSOK)"
|
|
fi
|
|
done
|
|
|
|
if [[ "$DNS_FAILED" == true ]]; then
|
|
fatal "$GIT_STATUS"
|
|
else
|
|
msg_ok "$GIT_STATUS"
|
|
fi
|
|
|
|
set -e
|
|
trap 'error_handler' ERR
|
|
}
|
|
|
|
# ==============================================================================
|
|
# SECTION 3: OS UPDATE & PACKAGE MANAGEMENT
|
|
# ==============================================================================
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# update_os()
|
|
#
|
|
# - Updates container OS via apt-get update and dist-upgrade
|
|
# - Configures APT cacher proxy if CACHER=yes (accelerates package downloads)
|
|
# - Removes Python EXTERNALLY-MANAGED restrictions for pip
|
|
# - Sources tools.func for additional setup functions after update
|
|
# - Uses $STD wrapper to suppress output unless VERBOSE=yes
|
|
# ------------------------------------------------------------------------------
|
|
update_os() {
|
|
msg_info "Updating Container OS"
|
|
if [[ "$CACHER" == "yes" ]]; then
|
|
echo 'Acquire::http::Proxy-Auto-Detect "/usr/local/bin/apt-proxy-detect.sh";' >/etc/apt/apt.conf.d/00aptproxy
|
|
cat <<EOF >/usr/local/bin/apt-proxy-detect.sh
|
|
#!/bin/bash
|
|
if nc -w1 -z "${CACHER_IP}" 3142; then
|
|
echo -n "http://${CACHER_IP}:3142"
|
|
else
|
|
echo -n "DIRECT"
|
|
fi
|
|
EOF
|
|
chmod +x /usr/local/bin/apt-proxy-detect.sh
|
|
fi
|
|
apt_update_safe
|
|
$STD apt-get -o Dpkg::Options::="--force-confold" -y dist-upgrade
|
|
rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
|
|
msg_ok "Updated Container OS"
|
|
post_progress_to_api
|
|
|
|
local tools_content
|
|
tools_content=$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/tools.func) || {
|
|
msg_error "Failed to download tools.func"
|
|
exit 115
|
|
}
|
|
source /dev/stdin <<<"$tools_content"
|
|
if ! declare -f fetch_and_deploy_gh_release >/dev/null 2>&1; then
|
|
msg_error "tools.func loaded but incomplete — missing expected functions"
|
|
exit 115
|
|
fi
|
|
}
|
|
|
|
# ==============================================================================
|
|
# SECTION 4: MOTD & SSH CONFIGURATION
|
|
# ==============================================================================
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# motd_ssh()
|
|
#
|
|
# - Configures Message of the Day (MOTD) with container information
|
|
# - Creates /etc/profile.d/00_lxc-details.sh with:
|
|
# * Application name
|
|
# * Warning banner (DEV repository)
|
|
# * OS name and version
|
|
# * Hostname and IP address
|
|
# * GitHub repository link
|
|
# - Disables executable flag on /etc/update-motd.d/* scripts
|
|
# - Enables root SSH access if SSH_ROOT=yes
|
|
# - Configures TERM environment variable for better terminal support
|
|
# ------------------------------------------------------------------------------
|
|
motd_ssh() {
|
|
# Set terminal to 256-color mode
|
|
grep -qxF "export TERM='xterm-256color'" /root/.bashrc || echo "export TERM='xterm-256color'" >>/root/.bashrc
|
|
|
|
PROFILE_FILE="/etc/profile.d/00_lxc-details.sh"
|
|
echo "echo -e \"\"" >"$PROFILE_FILE"
|
|
echo -e "echo -e \"${BOLD}${APPLICATION} LXC Container${CL}"\" >>"$PROFILE_FILE"
|
|
echo -e "echo -e \"${TAB}${GATEWAY}${YW} Provided by: ${GN}community-scripts ORG ${YW}| GitHub: ${GN}https://github.com/community-scripts/ProxmoxVE${CL}\"" >>"$PROFILE_FILE"
|
|
echo "echo \"\"" >>"$PROFILE_FILE"
|
|
echo -e "echo -e \"${TAB}${OS}${YW} OS: ${GN}\$(grep ^NAME /etc/os-release | cut -d= -f2 | tr -d '\"') - Version: \$(grep ^VERSION_ID /etc/os-release | cut -d= -f2 | tr -d '\"')${CL}\"" >>"$PROFILE_FILE"
|
|
echo -e "echo -e \"${TAB}${HOSTNAME}${YW} Hostname: ${GN}\$(hostname)${CL}\"" >>"$PROFILE_FILE"
|
|
echo -e "echo -e \"${TAB}${INFO}${YW} IP Address: ${GN}\$(hostname -I | awk '{print \$1}')${CL}\"" >>"$PROFILE_FILE"
|
|
|
|
# Disable default MOTD scripts
|
|
chmod -x /etc/update-motd.d/*
|
|
|
|
if [[ "${SSH_ROOT}" == "yes" ]]; then
|
|
sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
|
|
systemctl restart sshd
|
|
fi
|
|
post_progress_to_api
|
|
}
|
|
|
|
# ==============================================================================
|
|
# SECTION 5: CONTAINER CUSTOMIZATION
|
|
# ==============================================================================
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# customize()
|
|
#
|
|
# - Customizes container for passwordless root login if PASSWORD is empty
|
|
# - Configures getty for auto-login via /etc/systemd/system/container-getty@1.service.d/override.conf
|
|
# - Creates /usr/bin/update script for easy application updates
|
|
# - Injects SSH authorized keys if SSH_AUTHORIZED_KEY variable is set
|
|
# - Sets proper permissions on SSH directories and key files
|
|
# ------------------------------------------------------------------------------
|
|
customize() {
|
|
if [[ "$PASSWORD" == "" ]]; then
|
|
msg_info "Customizing Container"
|
|
GETTY_OVERRIDE="/etc/systemd/system/container-getty@1.service.d/override.conf"
|
|
mkdir -p $(dirname $GETTY_OVERRIDE)
|
|
cat <<EOF >$GETTY_OVERRIDE
|
|
[Service]
|
|
ExecStart=
|
|
ExecStart=-/sbin/agetty --autologin root --noclear --keep-baud tty%I 115200,38400,9600 \$TERM
|
|
EOF
|
|
systemctl daemon-reload
|
|
systemctl restart $(basename $(dirname $GETTY_OVERRIDE) | sed 's/\.d//')
|
|
msg_ok "Customized Container"
|
|
fi
|
|
echo "bash -c \"\$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/${app}.sh)\"" >/usr/bin/update
|
|
chmod +x /usr/bin/update
|
|
|
|
if [[ -n "${SSH_AUTHORIZED_KEY}" ]]; then
|
|
mkdir -p /root/.ssh
|
|
echo "${SSH_AUTHORIZED_KEY}" >/root/.ssh/authorized_keys
|
|
chmod 700 /root/.ssh
|
|
chmod 600 /root/.ssh/authorized_keys
|
|
fi
|
|
post_progress_to_api
|
|
}
|