From 4282cbf6f265759732a1cd3ecb34d4cf2493d4b5 Mon Sep 17 00:00:00 2001
From: CanbiZ <47820557+MickLesk@users.noreply.github.com>
Date: Mon, 2 Jun 2025 10:39:09 +0200
Subject: [PATCH] Update create_lxc.sh

---
 ct/create_lxc.sh | 275 ++++++++++++++++++++++++-----------------------
 1 file changed, 142 insertions(+), 133 deletions(-)

diff --git a/ct/create_lxc.sh b/ct/create_lxc.sh
index 79f89f89..4734c04d 100644
--- a/ct/create_lxc.sh
+++ b/ct/create_lxc.sh
@@ -5,24 +5,24 @@
 # Co-Author: MickLesk
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 
+# This sets verbose mode if the global variable is set to "yes"
+# if [ "$VERBOSE" == "yes" ]; then set -x; fi
+
+if command -v curl >/dev/null 2>&1; then
+  source <(curl -fsSL https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main/misc/core.func)
+  load_functions
+  #echo "(create-lxc.sh) Loaded core.func via curl"
+elif command -v wget >/dev/null 2>&1; then
+  source <(wget -qO- https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main/misc/core.func)
+  load_functions
+  #echo "(create-lxc.sh) Loaded core.func via wget"
+fi
+
+# This sets error handling options and defines the error_handler function to handle errors
 set -Eeuo pipefail
 trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
 
-# Constants
-URL_CORE_FUNC="https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main/misc/core.func"
-EXIT_INVALID_PASSWORD=301
-EXIT_INVALID_VLAN=302
-EXIT_COREFUNC_LOAD=303
-EXIT_NO_DOWNLOADER=304
-EXIT_NO_CT_STORAGE=305
-EXIT_NO_TMPL_STORAGE=306
-EXIT_TEMPLATE_CORRUPT=308
-EXIT_TEMPLATE_DL_FAIL=309
-EXIT_CONTAINER_CREATE_FAIL=310
-EXIT_CONTAINER_NOT_FOUND=311
-EXIT_TEMPLATE_LOCK_TIMEOUT=312
-
-# Spinner cleanup
+# This function handles errors
 function error_handler() {
   printf "\e[?25h"
   local exit_code="$?"
@@ -33,63 +33,25 @@ function error_handler() {
   exit 200
 }
 
-# Load core.func
-if command -v curl >/dev/null 2>&1; then
-  if ! CORE_FUNC=$(curl -fsSL "$URL_CORE_FUNC"); then
-    echo "Failed to fetch core.func via curl. Check DNS or proxy." >&2
-    exit $EXIT_COREFUNC_LOAD
-  fi
-  source <(echo "$CORE_FUNC")
-elif command -v wget >/dev/null 2>&1; then
-  if ! CORE_FUNC=$(wget -qO- "$URL_CORE_FUNC"); then
-    echo "Failed to fetch core.func via wget. Check DNS or proxy." >&2
-    exit $EXIT_COREFUNC_LOAD
-  fi
-  source <(echo "$CORE_FUNC")
-else
-  echo "curl or wget not found. Cannot proceed." >&2
-  exit $EXIT_NO_DOWNLOADER
+# This checks for the presence of valid Container Storage and Template Storage locations
+msg_info "Validating Storage"
+VALIDCT=$(pvesm status -content rootdir | awk 'NR>1')
+if [ -z "$VALIDCT" ]; then
+  msg_error "Unable to detect a valid Container Storage location."
+  exit 1
 fi
-load_functions
-
-# Validate required inputs
-[[ "${CTID:-}" ]] || {
-  msg_error "CTID not set."
-  exit 203
-}
-[[ "${PCT_OSTYPE:-}" ]] || {
-  msg_error "PCT_OSTYPE not set."
-  exit 204
-}
-[[ "$CTID" -ge 100 ]] || {
-  msg_error "CTID must be >= 100."
-  exit 205
-}
-if qm status "$CTID" &>/dev/null || pct status "$CTID" &>/dev/null; then
-  msg_error "CTID $CTID already in use."
-  exit 206
-fi
-
-# Password validation
-[[ "${PCT_PASSWORD:-}" =~ ^- ]] && {
-  msg_error "Root password must not begin with '-' (interpreted as argument)."
-  exit $EXIT_INVALID_PASSWORD
-}
-
-# VLAN validation
-if [[ "${PCT_VLAN_TAG:-}" =~ ^[0-9]+$ ]]; then
-  if [ "$PCT_VLAN_TAG" -lt 1 ] || [ "$PCT_VLAN_TAG" -gt 4094 ]; then
-    msg_error "VLAN tag '${PCT_VLAN_TAG}' out of range (1-4094)."
-    exit $EXIT_INVALID_VLAN
-  fi
-elif [[ -n "${PCT_VLAN_TAG:-}" ]]; then
-  msg_warn "Invalid VLAN tag format. Skipping VLAN config."
-  unset PCT_VLAN_TAG
+VALIDTMP=$(pvesm status -content vztmpl | awk 'NR>1')
+if [ -z "$VALIDTMP" ]; then
+  msg_error "Unable to detect a valid Template Storage location."
+  exit 1
 fi
 
+# This function is used to select the storage class and determine the corresponding storage content type and label.
 function select_storage() {
   local CLASS="$1"
-  local CONTENT CONTENT_LABEL
+  local CONTENT
+  local CONTENT_LABEL
+
   case "$CLASS" in
   container)
     CONTENT='rootdir'
@@ -105,28 +67,37 @@ function select_storage() {
     ;;
   esac
 
+  # Collect storage options
   local -a MENU
   local MSG_MAX_LENGTH=0
+
   while read -r TAG TYPE _ _ _ FREE _; do
-    local TYPE_PADDED FREE_FMT
+    local TYPE_PADDED
+    local FREE_FMT
+
     TYPE_PADDED=$(printf "%-10s" "$TYPE")
     FREE_FMT=$(numfmt --to=iec --from-unit=K --format %.2f <<<"$FREE")B
     local ITEM="Type: $TYPE_PADDED Free: $FREE_FMT"
-    ((${#ITEM} + 2 > MSG_MAX_LENGTH)) && MSG_MAX_LENGTH=${#ITEM} + 2
+
+    ((${#ITEM} + 2 > MSG_MAX_LENGTH)) && MSG_MAX_LENGTH=$((${#ITEM} + 2))
     MENU+=("$TAG" "$ITEM" "OFF")
   done < <(pvesm status -content "$CONTENT" | awk 'NR>1')
 
   local OPTION_COUNT=$((${#MENU[@]} / 3))
+
+  # Auto-select if only one option available
   if [[ "$OPTION_COUNT" -eq 1 ]]; then
     echo "${MENU[0]}"
     return 0
   fi
 
+  # Display selection menu
   local STORAGE
   while [[ -z "${STORAGE:+x}" ]]; do
     STORAGE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Storage Pools" --radiolist \
       "Select the storage pool to use for the ${CONTENT_LABEL,,}.\nUse the spacebar to make a selection.\n" \
-      16 $((MSG_MAX_LENGTH + 23)) 6 "${MENU[@]}" 3>&1 1>&2 2>&3) || {
+      16 $((MSG_MAX_LENGTH + 23)) 6 \
+      "${MENU[@]}" 3>&1 1>&2 2>&3) || {
       msg_error "Storage selection cancelled."
       exit 202
     }
@@ -135,122 +106,157 @@ function select_storage() {
   echo "$STORAGE"
 }
 
-# Storage Checks
-msg_info "Validating Storage"
-VALIDCT=$(pvesm status -content rootdir | awk 'NR>1')
-[[ -z "$VALIDCT" ]] && {
-  msg_error "No valid Container Storage."
-  exit $EXIT_NO_CT_STORAGE
+# Test if required variables are set
+[[ "${CTID:-}" ]] || {
+  msg_error "You need to set 'CTID' variable."
+  exit 203
 }
-VALIDTMP=$(pvesm status -content vztmpl | awk 'NR>1')
-[[ -z "$VALIDTMP" ]] && {
-  msg_error "No valid Template Storage."
-  exit $EXIT_NO_TMPL_STORAGE
+[[ "${PCT_OSTYPE:-}" ]] || {
+  msg_error "You need to set 'PCT_OSTYPE' variable."
+  exit 204
 }
 
+# Test if ID is valid
+[ "$CTID" -ge "100" ] || {
+  msg_error "ID cannot be less than 100."
+  exit 205
+}
+
+# Test if ID is in use
+if qm status "$CTID" &>/dev/null || pct status "$CTID" &>/dev/null; then
+  echo -e "ID '$CTID' is already in use."
+  unset CTID
+  msg_error "Cannot use ID that is already in use."
+  exit 206
+fi
+
+# # Get template storage
+# TEMPLATE_STORAGE=$(select_storage template)
+# CONTAINER_STORAGE=$(select_storage container) || exit
+# msg_ok "Template Storage: ${BL}$TEMPLATE_STORAGE${CL} ${GN}Container Storage: ${BL}$CONTAINER_STORAGE${CL}."
+
+# Get template storage
 TEMPLATE_STORAGE=$(select_storage template)
 msg_ok "Using ${BL}$TEMPLATE_STORAGE${CL} ${GN}for Template Storage."
 
+# Get container storage
 CONTAINER_STORAGE=$(select_storage container)
 msg_ok "Using ${BL}$CONTAINER_STORAGE${CL} ${GN}for Container Storage."
 
+# Update LXC template list
 $STD msg_info "Updating LXC Template List"
-timeout 10 pveam update >/dev/null || {
-  msg_error "LXC template list update failed. Check Internet or DNS."
+if ! timeout 10 pveam update >/dev/null 2>&1; then
+  msg_error "Failed to update LXC template list. Please check your Proxmox host's internet connection and DNS resolution."
   exit 201
-}
+fi
 $STD msg_ok "LXC Template List Updated"
 
+# Get LXC template string
 TEMPLATE_SEARCH="${PCT_OSTYPE}-${PCT_OSVERSION:-}"
 mapfile -t TEMPLATES < <(pveam available -section system | sed -n "s/.*\($TEMPLATE_SEARCH.*\)/\1/p" | sort -t - -k 2 -V)
-[[ ${#TEMPLATES[@]} -eq 0 ]] && {
-  msg_error "No template found for '${TEMPLATE_SEARCH}'."
+
+if [ ${#TEMPLATES[@]} -eq 0 ]; then
+  msg_error "No matching LXC template found for '${TEMPLATE_SEARCH}'. Make sure your host can reach the Proxmox template repository."
   exit 207
-}
+fi
 
 TEMPLATE="${TEMPLATES[-1]}"
 TEMPLATE_PATH="$(pvesm path "$TEMPLATE_STORAGE":vztmpl/$TEMPLATE)"
 
-# Ensure template exists and is valid
-if ! pvesm list "$TEMPLATE_STORAGE" | awk '{print $2}' | grep -Fxq "$TEMPLATE" ||
-  ! zstdcat "$TEMPLATE_PATH" | tar -tf - &>/dev/null; then
-  msg_warn "Template missing or corrupted. Downloading new copy."
-  rm -f "$TEMPLATE_PATH"
+# Check if template exists and is valid
+if ! pveam list "$TEMPLATE_STORAGE" | grep -q "$TEMPLATE" || ! zstdcat "$TEMPLATE_PATH" | tar -tf - >/dev/null 2>&1; then
+  msg_warn "Template $TEMPLATE not found or appears to be corrupted. Re-downloading."
+
+  [[ -f "$TEMPLATE_PATH" ]] && rm -f "$TEMPLATE_PATH"
+
   for attempt in {1..3}; do
-    msg_info "Attempt $attempt: Downloading template..."
-    if timeout 120 pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >/dev/null; then
-      msg_ok "Download successful."
+    msg_info "Attempt $attempt: Downloading LXC template..."
+
+    if timeout 120 pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >/dev/null 2>&1; then
+      msg_ok "Template download successful."
       break
     fi
-    ((attempt == 3)) && {
-      msg_error "Template download failed after 3 attempts."
-      exit $EXIT_TEMPLATE_DL_FAIL
-    }
+
+    if [ $attempt -eq 3 ]; then
+      msg_error "Failed after 3 attempts. Please check your Proxmox host’s internet access or manually run:\n  pveam download $TEMPLATE_STORAGE $TEMPLATE"
+      exit 208
+    fi
+
     sleep $((attempt * 5))
   done
 fi
-msg_ok "LXC Template '$TEMPLATE' is ready."
 
-# subuid/subgid fix
+msg_ok "LXC Template '$TEMPLATE' is ready to use."
+
+# Check and fix subuid/subgid
 grep -q "root:100000:65536" /etc/subuid || echo "root:100000:65536" >>/etc/subuid
 grep -q "root:100000:65536" /etc/subgid || echo "root:100000:65536" >>/etc/subgid
 
-# PCT Options
+# Combine all options
 PCT_OPTIONS=(${PCT_OPTIONS[@]:-${DEFAULT_PCT_OPTIONS[@]}})
 [[ " ${PCT_OPTIONS[@]} " =~ " -rootfs " ]] || PCT_OPTIONS+=(-rootfs "$CONTAINER_STORAGE:${PCT_DISK_SIZE:-8}")
 
-# Lock file to prevent race
+# Secure creation of the LXC container with lock and template check
 lockfile="/tmp/template.${TEMPLATE}.lock"
 exec 9>"$lockfile"
 flock -w 60 9 || {
-  msg_error "Timeout while waiting for template lock."
-  exit $EXIT_TEMPLATE_LOCK_TIMEOUT
+  msg_error "Timeout while waiting for template lock"
+  exit 211
 }
 
 msg_info "Creating LXC Container"
 if ! pct create "$CTID" "${TEMPLATE_STORAGE}:vztmpl/${TEMPLATE}" "${PCT_OPTIONS[@]}" &>/dev/null; then
-  msg_warn "Initial container creation failed. Checking template..."
+  msg_error "Container creation failed. Checking if template is corrupted or incomplete."
 
-  if [[ ! -s "$TEMPLATE_PATH" || "$(stat -c%s "$TEMPLATE_PATH")" -lt 1000000 ]] ||
-    ! zstdcat "$TEMPLATE_PATH" | tar -tf - &>/dev/null; then
-    msg_error "Template appears broken. Re-downloading..."
+  if [[ ! -s "$TEMPLATE_PATH" || "$(stat -c%s "$TEMPLATE_PATH")" -lt 1000000 ]]; then
+    msg_error "Template file too small or missing – re-downloading."
     rm -f "$TEMPLATE_PATH"
-    for attempt in {1..3}; do
-      msg_info "Attempt $attempt: Re-downloading template..."
-      if timeout 120 pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >/dev/null; then
-        msg_ok "Re-download successful."
-        break
-      fi
-      ((attempt == 3)) && {
-        msg_error "Template could not be recovered after 3 attempts."
-        exit $EXIT_TEMPLATE_DL_FAIL
-      }
-      sleep $((attempt * 5))
-    done
+  elif ! zstdcat "$TEMPLATE_PATH" | tar -tf - &>/dev/null; then
+    msg_error "Template appears to be corrupted – re-downloading."
+    rm -f "$TEMPLATE_PATH"
+  else
+    msg_error "Template is valid, but container creation still failed."
+    exit 209
   fi
 
+  # Retry download
+  for attempt in {1..3}; do
+    msg_info "Attempt $attempt: Re-downloading template..."
+    if timeout 120 pveam download "$TEMPLATE_STORAGE" "$TEMPLATE" >/dev/null; then
+      msg_ok "Template re-download successful."
+      break
+    fi
+    if [ "$attempt" -eq 3 ]; then
+      msg_error "Three failed attempts. Aborting."
+      exit 208
+    fi
+    sleep $((attempt * 5))
+  done
+
+  sleep 1 # I/O-Sync-Delay
+
   if ! pct create "$CTID" "${TEMPLATE_STORAGE}:vztmpl/${TEMPLATE}" "${PCT_OPTIONS[@]}" &>/dev/null; then
-    msg_error "Container creation failed even after re-downloading template."
-    exit $EXIT_CONTAINER_CREATE_FAIL
+    msg_error "Container creation failed after re-downloading template."
+    exit 200
   fi
 fi
 
-pct status "$CTID" &>/dev/null || {
+if ! pct status "$CTID" &>/dev/null; then
   msg_error "Container not found after pct create – assuming failure."
-  exit $EXIT_CONTAINER_NOT_FOUND
-}
-
-# Optionaler DNS-Fix für Alpine-Container
+  exit 210
+fi
 : "${UDHCPC_FIX:=}"
 if [ "$UDHCPC_FIX" == "yes" ]; then
-  CONFIG_FILE="/var/lib/lxc/${CTID}/rootfs/etc/udhcpc/udhcpc.conf"
-  MOUNTED_HERE=false
-
+  # Ensure container is mounted
   if ! mount | grep -q "/var/lib/lxc/${CTID}/rootfs"; then
-    pct mount "$CTID" >/dev/null 2>&1 && MOUNTED_HERE=true
+    pct mount "$CTID" >/dev/null 2>&1
+    MOUNTED_HERE=true
+  else
+    MOUNTED_HERE=false
   fi
 
-  # Warten auf Datei (max. 5 Sek.)
+  CONFIG_FILE="/var/lib/lxc/${CTID}/rootfs/etc/udhcpc/udhcpc.conf"
+
   for i in {1..10}; do
     [ -f "$CONFIG_FILE" ] && break
     sleep 0.5
@@ -272,7 +278,10 @@ if [ "$UDHCPC_FIX" == "yes" ]; then
     msg_error "udhcpc.conf not found in $CONFIG_FILE after waiting"
   fi
 
-  $MOUNTED_HERE && pct unmount "$CTID" >/dev/null 2>&1
+  # Clean up: only unmount if we mounted it here
+  if [ "${MOUNTED_HERE}" = true ]; then
+    pct unmount "$CTID" >/dev/null 2>&1
+  fi
 fi
 
 msg_ok "LXC Container ${BL}$CTID${CL} ${GN}was successfully created."