community-scripts/ProxmoxVED
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/community-scripts/ProxmoxVED

Browse Source
This commit is contained in:
CanbiZ 2025-04-07 08:49:21 +02:00
commit e6ebc2024e
2 changed files with 335 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
frontend/public/json/versions.json
View File

@ -1,13 +1,73 @@
[ [
{ {
"name": "semaphoreui/semaphore", "name": "semaphoreui/semaphore",
"version": "v2.13.8-beta2", "version": "v2.13.8",
"date": "2025-04-06T06:36:42Z" "date": "2025-04-06T20:59:11Z"
},
{
"name": "fhem/fhem-mirror",
"version": "6.2",
"date": "2025-04-06T20:28:01Z"
},
{
"name": "Luligu/matterbridge",
"version": "2.2.7",
"date": "2025-04-06T20:00:53Z"
},
{
"name": "Dolibarr/dolibarr",
"version": "21.0.1",
"date": "2025-04-06T19:22:59Z"
},
{
"name": "pelican-dev/wings",
"version": "v1.0.0-beta11",
"date": "2025-04-06T18:52:35Z"
},
{
"name": "stonith404/pingvin-share",
"version": "v1.11.1",
"date": "2025-04-06T18:39:42Z"
},
{
"name": "wavelog/wavelog",
"version": "2.0.3",
"date": "2025-04-06T17:35:41Z"
},
{
"name": "TandoorRecipes/recipes",
"version": "1.5.34",
"date": "2025-03-27T16:17:38Z"
},
{
"name": "runtipi/runtipi",
"version": "e2e",
"date": "2025-03-23T22:08:04Z"
},
{
"name": "stackblitz-labs/bolt.diy",
"version": "v0.0.7-hf1",
"date": "2025-03-10T20:49:39Z"
},
{
"name": "msgbyte/tianji",
"version": "v1.19.7",
"date": "2025-04-06T14:22:44Z"
},
{
"name": "Prowlarr/Prowlarr",
"version": "v1.32.2.4987",
"date": "2025-03-16T09:41:37Z"
},
{
"name": "Radarr/Radarr",
"version": "v5.21.1.9799",
"date": "2025-03-24T15:52:12Z"
}, },
{ {
"name": "karakeep-app/karakeep", "name": "karakeep-app/karakeep",
"version": "ios/v1.6.9-1", "version": "extension/v1.2.4",
"date": "2025-04-06T10:51:57Z" "date": "2025-04-06T11:56:18Z"
}, },
{ {
"name": "fallenbagel/jellyseerr", "name": "fallenbagel/jellyseerr",
@ -19,11 +79,6 @@
"version": "v0.92.6", "version": "v0.92.6",
"date": "2025-04-06T10:38:54Z" "date": "2025-04-06T10:38:54Z"
}, },
{
"name": "fhem/fhem-mirror",
"version": "6.2",
"date": "2025-04-06T10:31:42Z"
},
{ {
"name": "kimai/kimai", "name": "kimai/kimai",
"version": "2.32.0", "version": "2.32.0",
@ -79,11 +134,6 @@
"version": "26.1.4", "version": "26.1.4",
"date": "2025-03-13T15:41:42Z" "date": "2025-03-13T15:41:42Z"
}, },
{
"name": "stonith404/pingvin-share",
"version": "v1.11.0",
"date": "2025-04-05T14:56:47Z"
},
{ {
"name": "bastienwirtz/homer", "name": "bastienwirtz/homer",
"version": "v25.04.1", "version": "v25.04.1",
@ -154,11 +204,6 @@
"version": "9.0.104", "version": "9.0.104",
"date": "2025-04-04T12:58:11Z" "date": "2025-04-04T12:58:11Z"
}, },
{
"name": "Dolibarr/dolibarr",
"version": "21.0.1",
"date": "2025-04-04T12:56:35Z"
},
{ {
"name": "sabnzbd/sabnzbd", "name": "sabnzbd/sabnzbd",
"version": "4.5.0", "version": "4.5.0",
@ -254,11 +299,6 @@
"version": "v10.1.4", "version": "v10.1.4",
"date": "2025-04-02T09:38:52Z" "date": "2025-04-02T09:38:52Z"
}, },
{
"name": "runtipi/runtipi",
"version": "v3.10.0",
"date": "2025-03-15T14:38:16Z"
},
{ {
"name": "immich-app/immich", "name": "immich-app/immich",
"version": "v1.131.3", "version": "v1.131.3",
@ -269,11 +309,6 @@
"version": "v2.31.0", "version": "v2.31.0",
"date": "2025-04-01T18:12:45Z" "date": "2025-04-01T18:12:45Z"
}, },
{
"name": "msgbyte/tianji",
"version": "v1.19.6",
"date": "2025-04-01T17:26:31Z"
},
{ {
"name": "influxdata/influxdb", "name": "influxdata/influxdb",
"version": "v3.0.0-0.beta.3", "version": "v3.0.0-0.beta.3",
@ -284,11 +319,6 @@
"version": "v1.127.1", "version": "v1.127.1",
"date": "2025-03-26T21:44:28Z" "date": "2025-03-26T21:44:28Z"
}, },
{
"name": "Luligu/matterbridge",
"version": "2.2.6",
"date": "2025-04-01T14:01:36Z"
},
{ {
"name": "theonedev/onedev", "name": "theonedev/onedev",
"version": "v11.8.6", "version": "v11.8.6",
@ -379,11 +409,6 @@
"version": "v0.26.6", "version": "v0.26.6",
"date": "2025-03-30T08:02:19Z" "date": "2025-03-30T08:02:19Z"
}, },
{
"name": "Prowlarr/Prowlarr",
"version": "v1.32.2.4987",
"date": "2025-03-16T09:41:37Z"
},
{ {
"name": "Readarr/Readarr", "name": "Readarr/Readarr",
"version": "v2.0.0.4645", "version": "v2.0.0.4645",
@ -394,11 +419,6 @@
"version": "v2.10.3.4602", "version": "v2.10.3.4602",
"date": "2025-03-23T11:00:37Z" "date": "2025-03-23T11:00:37Z"
}, },
{
"name": "Radarr/Radarr",
"version": "v5.21.1.9799",
"date": "2025-03-24T15:52:12Z"
},
{ {
"name": "aceberg/WatchYourLAN", "name": "aceberg/WatchYourLAN",
"version": "2.1.2-alpine", "version": "2.1.2-alpine",
@ -443,30 +463,5 @@
"name": "gristlabs/grist-core", "name": "gristlabs/grist-core",
"version": "v1.5.0", "version": "v1.5.0",
"date": "2025-03-28T20:43:51Z" "date": "2025-03-28T20:43:51Z"
},
{
"name": "grocy/grocy",
"version": "v4.5.0",
"date": "2025-03-28T19:02:22Z"
},
{
"name": "Brandawg93/PeaNUT",
"version": "v5.6.1",
"date": "2025-03-28T18:40:22Z"
},
{
"name": "louislam/uptime-kuma",
"version": "2.0.0-beta.2-temp",
"date": "2025-03-28T08:45:58Z"
},
{
"name": "emqx/emqx",
"version": "e5.9.0-beta.2",
"date": "2025-03-28T15:06:27Z"
},
{
"name": "goauthentik/authentik",
"version": "version/2025.2.3",
"date": "2025-03-28T14:28:34Z"
} }
] ]

343
scripts/tools/add-iptag.sh
View File

@ -6,8 +6,8 @@
# Source: https://github.com/gitsang/iptag # Source: https://github.com/gitsang/iptag
function header_info { function header_info {
clear clear
cat <<"EOF" cat <<"EOF"
___ ____ _____ ___ ____ _____
|_ _| _ \ _ |_ _|_ _ __ _ |_ _| _ \ _ |_ _|_ _ __ _
| || |_) (_) | |/ _` |/ _` | | || |_) (_) | |/ _` |/ _` |
@ -40,7 +40,9 @@ catch_errors() {
# This function is called when an error occurs. It receives the exit code, line number, and command that caused the error, and displays an error message. # This function is called when an error occurs. It receives the exit code, line number, and command that caused the error, and displays an error message.
error_handler() { error_handler() {
if [ -n "$SPINNER_PID" ] && ps -p $SPINNER_PID >/dev/null; then kill $SPINNER_PID >/dev/null; fi if [ -n "$SPINNER_PID" ] && ps -p $SPINNER_PID >/dev/null; then
kill $SPINNER_PID >/dev/null
fi
printf "\e[?25h" printf "\e[?25h"
local exit_code="$?" local exit_code="$?"
local line_number="$1" local line_number="$1"
@ -59,9 +61,9 @@ spinner() {
local color="${YWB}" local color="${YWB}"
while true; do while true; do
printf "\r ${color}%s${CL}" "${frames[spin_i]}" printf "\r ${color}%s${CL}" "${frames[spin_i]}"
spin_i=$(((spin_i + 1) % ${#frames[@]})) spin_i=$(((spin_i + 1) % ${#frames[@]}))
sleep "$interval" sleep "$interval"
done done
} }
@ -75,7 +77,9 @@ msg_info() {
# This function displays a success message with a green color. # This function displays a success message with a green color.
msg_ok() { msg_ok() {
if [ -n "$SPINNER_PID" ] && ps -p $SPINNER_PID >/dev/null; then kill $SPINNER_PID >/dev/null; fi if [ -n "$SPINNER_PID" ] && ps -p $SPINNER_PID >/dev/null; then
kill $SPINNER_PID >/dev/null
fi
printf "\e[?25h" printf "\e[?25h"
local msg="$1" local msg="$1"
echo -e "${BFR}${CM}${GN}${msg}${CL}" echo -e "${BFR}${CM}${GN}${msg}${CL}"
@ -83,7 +87,9 @@ msg_ok() {
# This function displays a error message with a red color. # This function displays a error message with a red color.
msg_error() { msg_error() {
if [ -n "$SPINNER_PID" ] && ps -p $SPINNER_PID >/dev/null; then kill $SPINNER_PID >/dev/null; fi if [ -n "$SPINNER_PID" ] && ps -p $SPINNER_PID >/dev/null; then
kill $SPINNER_PID >/dev/null
fi
printf "\e[?25h" printf "\e[?25h"
local msg="$1" local msg="$1"
echo -e "${BFR}${CROSS}${RD}${msg}${CL}" echo -e "${BFR}${CROSS}${RD}${msg}${CL}"
@ -119,6 +125,11 @@ update_installation() {
msg_info "Updating IP-Tag Scripts" msg_info "Updating IP-Tag Scripts"
systemctl stop iptag.service &>/dev/null systemctl stop iptag.service &>/dev/null
# Create directory if it doesn't exist
if [[ ! -d "/opt/iptag" ]]; then
mkdir -p /opt/iptag
fi
# Migrate config if needed # Migrate config if needed
migrate_config migrate_config
@ -146,17 +157,65 @@ ip_to_int() {
ip_in_cidr() { ip_in_cidr() {
local ip="$1" local ip="$1"
local cidr="$2" local cidr="$2"
local ip_int=$(ip_to_int "$ip")
local netmask_int=$(ip_to_int "$(ipcalc -b "$cidr" | grep Broadcast | awk '{print $2}')") # Use ipcalc with the -c option (check), which returns 0 if the IP is in the network
[[ $((ip_int & netmask_int)) -eq $((ip_int & netmask_int)) ]] && return 0 || return 1 if ipcalc -c "$ip" "$cidr" >/dev/null 2>&1; then
# Get network address and mask from CIDR
local network prefix
network=$(echo "$cidr" | cut -d/ -f1)
prefix=$(echo "$cidr" | cut -d/ -f2)
# Check if IP is in the network
local ip_a ip_b ip_c ip_d net_a net_b net_c net_d
IFS=. read -r ip_a ip_b ip_c ip_d <<< "$ip"
IFS=. read -r net_a net_b net_c net_d <<< "$network"
# Check octets match based on prefix length
local result=0
if (( prefix >= 8 )); then
[[ "$ip_a" != "$net_a" ]] && result=1
fi
if (( prefix >= 16 )); then
[[ "$ip_b" != "$net_b" ]] && result=1
fi
if (( prefix >= 24 )); then
[[ "$ip_c" != "$net_c" ]] && result=1
fi
return $result
fi
return 1
}
# Format IP address according to the configuration
format_ip_tag() {
local ip="$1"
local format="${TAG_FORMAT:-full}"
case "$format" in
"last_octet")
echo "${ip##*.}"
;;
"last_two_octets")
echo "${ip#*.*.}"
;;
*)
echo "$ip"
;;
esac
} }
# Check if IP is in any CIDRs # Check if IP is in any CIDRs
ip_in_cidrs() { ip_in_cidrs() {
local ip="$1" local ip="$1"
local cidrs=() local cidrs="$2"
mapfile -t cidrs < <(echo "$2" | tr ' ' '\n')
for cidr in "${cidrs[@]}"; do # Check that cidrs is not empty
[[ -z "$cidrs" ]] && return 1
local IFS=' '
for cidr in $cidrs; do
ip_in_cidr "$ip" "$cidr" && return 0 ip_in_cidr "$ip" "$cidr" && return 0
done done
return 1 return 1
@ -210,16 +269,16 @@ get_vm_ips() {
local ips="" local ips=""
# Check if VM is running # Check if VM is running
qm status "$vmid" | grep -q "status: running" || return qm status "$vmid" 2>/dev/null | grep -q "status: running" || return
# Get MAC addresses from VM configuration # Get MAC addresses from VM configuration
local macs local macs
macs=$(qm config "$vmid" | grep -E 'net[0-9]+' | grep -o -E '[a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}') macs=$(qm config "$vmid" 2>/dev/null | grep -E 'net[0-9]+' | grep -o -E '[a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}')
# Look up IPs from ARP table using MAC addresses # Look up IPs from ARP table using MAC addresses
for mac in $macs; do for mac in $macs; do
local ip local ip
ip=$(arp -an | grep -i "$mac" | grep -o -E '([0-9]{1,3}\.){3}[0-9]{1,3}') ip=$(arp -an 2>/dev/null | grep -i "$mac" | grep -o -E '([0-9]{1,3}\.){3}[0-9]{1,3}')
if [ -n "$ip" ]; then if [ -n "$ip" ]; then
ips+="$ip " ips+="$ip "
fi fi
@ -238,7 +297,8 @@ update_tags() {
# Get current IPs # Get current IPs
local current_ips_full local current_ips_full
if [[ "$type" == "lxc" ]]; then if [[ "$type" == "lxc" ]]; then
current_ips_full=$(lxc-info -n "${vmid}" -i | awk '{print $2}') # Redirect error output to suppress AppArmor warnings
current_ips_full=$(lxc-info -n "${vmid}" -i 2>/dev/null | grep -E "^IP:" | awk '{print $2}')
else else
current_ips_full=$(get_vm_ips "${vmid}") current_ips_full=$(get_vm_ips "${vmid}")
fi fi
@ -246,20 +306,40 @@ update_tags() {
# Parse current tags and get valid IPs # Parse current tags and get valid IPs
local current_tags=() local current_tags=()
local next_tags=() local next_tags=()
mapfile -t current_tags < <($config_cmd config "${vmid}" | grep tags | awk '{print $2}' | sed 's/;/\n/g') mapfile -t current_tags < <($config_cmd config "${vmid}" 2>/dev/null | grep tags | awk '{print $2}' | sed 's/;/\n/g')
for tag in "${current_tags[@]}"; do for tag in "${current_tags[@]}"; do
is_valid_ipv4 "${tag}" || next_tags+=("${tag}") # Skip tag if it looks like an IP (full or partial)
if ! is_valid_ipv4 "${tag}" && ! [[ "$tag" =~ ^[0-9]+(\.[0-9]+)*$ ]]; then
next_tags+=("${tag}")
fi
done done
# Add valid IPs to tags # Add valid IPs to tags
local added_ips=()
local skipped_ips=()
for ip in ${current_ips_full}; do for ip in ${current_ips_full}; do
is_valid_ipv4 "${ip}" && ip_in_cidrs "${ip}" "${CIDR_LIST[*]}" && next_tags+=("${ip}") if is_valid_ipv4 "${ip}"; then
if ip_in_cidrs "${ip}" "${CIDR_LIST[*]}"; then
local formatted_ip=$(format_ip_tag "$ip")
next_tags+=("${formatted_ip}")
added_ips+=("${formatted_ip}")
else
skipped_ips+=("${ip}")
fi
fi
done done
# Log only if there are changes
if [ ${#added_ips[@]} -gt 0 ]; then
echo "${type^} ${vmid}: added IP tags: ${added_ips[*]}"
fi
# Update if changed # Update if changed
[[ "$(IFS=';'; echo "${current_tags[*]}")" != "$(IFS=';'; echo "${next_tags[*]}")" ]] && \ if [[ "$(IFS=';'; echo "${current_tags[*]}")" != "$(IFS=';'; echo "${next_tags[*]}")" ]]; then
$config_cmd set "${vmid}" -tags "$(IFS=';'; echo "${next_tags[*]}")" $config_cmd set "${vmid}" -tags "$(IFS=';'; echo "${next_tags[*]}")" &>/dev/null
fi
} }
# Check if status changed # Check if status changed
@ -269,17 +349,17 @@ check_status_changed() {
case "$type" in case "$type" in
"lxc") "lxc")
current_status=$(pct list 2>/dev/null) current_status=$(pct list 2>/dev/null | grep -v VMID)
[[ "${last_lxc_status}" == "${current_status}" ]] && return 1 [[ "${last_lxc_status}" == "${current_status}" ]] && return 1
last_lxc_status="${current_status}" last_lxc_status="${current_status}"
;; ;;
"vm") "vm")
current_status=$(qm list 2>/dev/null) current_status=$(qm list 2>/dev/null | grep -v VMID)
[[ "${last_vm_status}" == "${current_status}" ]] && return 1 [[ "${last_vm_status}" == "${current_status}" ]] && return 1
last_vm_status="${current_status}" last_vm_status="${current_status}"
;; ;;
"fw") "fw")
current_status=$(ifconfig | grep "^fw") current_status=$(ifconfig 2>/dev/null | grep "^fw")
[[ "${last_net_interface}" == "${current_status}" ]] && return 1 [[ "${last_net_interface}" == "${current_status}" ]] && return 1
last_net_interface="${current_status}" last_net_interface="${current_status}"
;; ;;
@ -287,6 +367,25 @@ check_status_changed() {
return 0 return 0
} }
# Update tags for all containers/VMs of specified type
update_all_tags() {
local type="$1"
local vmid_list=""
if [[ "$type" == "lxc" ]]; then
# Redirect stderr to /dev/null to suppress AppArmor messages
vmid_list=$(pct list 2>/dev/null | grep -v VMID | awk '{print $1}')
echo "Found $(echo "$vmid_list" | wc -w) LXC containers"
else
vmid_list=$(qm list 2>/dev/null | grep -v VMID | awk '{print $1}')
echo "Found $(echo "$vmid_list" | wc -w) virtual machines"
fi
for vmid in $vmid_list; do
update_tags "$type" "$vmid"
done
}
check() { check() {
current_time=$(date +%s) current_time=$(date +%s)
@ -294,10 +393,10 @@ check() {
time_since_last_lxc_status_check=$((current_time - last_lxc_status_check_time)) time_since_last_lxc_status_check=$((current_time - last_lxc_status_check_time))
if [[ "${LXC_STATUS_CHECK_INTERVAL}" -gt 0 ]] \ if [[ "${LXC_STATUS_CHECK_INTERVAL}" -gt 0 ]] \
&& [[ "${time_since_last_lxc_status_check}" -ge "${LXC_STATUS_CHECK_INTERVAL}" ]]; then && [[ "${time_since_last_lxc_status_check}" -ge "${LXC_STATUS_CHECK_INTERVAL}" ]]; then
echo "Checking lxc status..." echo "Checking LXC status..."
last_lxc_status_check_time=${current_time} last_lxc_status_check_time=${current_time}
if check_status_changed "lxc"; then if check_status_changed "lxc"; then
update_tags "lxc" "${vmid}" update_all_tags "lxc"
last_update_lxc_time=${current_time} last_update_lxc_time=${current_time}
fi fi
fi fi
@ -306,10 +405,10 @@ check() {
time_since_last_vm_status_check=$((current_time - last_vm_status_check_time)) time_since_last_vm_status_check=$((current_time - last_vm_status_check_time))
if [[ "${VM_STATUS_CHECK_INTERVAL}" -gt 0 ]] \ if [[ "${VM_STATUS_CHECK_INTERVAL}" -gt 0 ]] \
&& [[ "${time_since_last_vm_status_check}" -ge "${VM_STATUS_CHECK_INTERVAL}" ]]; then && [[ "${time_since_last_vm_status_check}" -ge "${VM_STATUS_CHECK_INTERVAL}" ]]; then
echo "Checking vm status..." echo "Checking VM status..."
last_vm_status_check_time=${current_time} last_vm_status_check_time=${current_time}
if check_status_changed "vm"; then if check_status_changed "vm"; then
update_tags "vm" "${vmid}" update_all_tags "vm"
last_update_vm_time=${current_time} last_update_vm_time=${current_time}
fi fi
fi fi
@ -318,11 +417,11 @@ check() {
time_since_last_fw_net_interface_check=$((current_time - last_fw_net_interface_check_time)) time_since_last_fw_net_interface_check=$((current_time - last_fw_net_interface_check_time))
if [[ "${FW_NET_INTERFACE_CHECK_INTERVAL}" -gt 0 ]] \ if [[ "${FW_NET_INTERFACE_CHECK_INTERVAL}" -gt 0 ]] \
&& [[ "${time_since_last_fw_net_interface_check}" -ge "${FW_NET_INTERFACE_CHECK_INTERVAL}" ]]; then && [[ "${time_since_last_fw_net_interface_check}" -ge "${FW_NET_INTERFACE_CHECK_INTERVAL}" ]]; then
echo "Checking fw net interface..." echo "Checking network interfaces..."
last_fw_net_interface_check_time=${current_time} last_fw_net_interface_check_time=${current_time}
if check_status_changed "fw"; then if check_status_changed "fw"; then
update_tags "lxc" "${vmid}" update_all_tags "lxc"
update_tags "vm" "${vmid}" update_all_tags "vm"
last_update_lxc_time=${current_time} last_update_lxc_time=${current_time}
last_update_vm_time=${current_time} last_update_vm_time=${current_time}
fi fi
@ -333,11 +432,8 @@ check() {
local last_update_var="last_update_${type}_time" local last_update_var="last_update_${type}_time"
local time_since_last_update=$((current_time - ${!last_update_var})) local time_since_last_update=$((current_time - ${!last_update_var}))
if [ ${time_since_last_update} -ge ${FORCE_UPDATE_INTERVAL} ]; then if [ ${time_since_last_update} -ge ${FORCE_UPDATE_INTERVAL} ]; then
echo "Force updating ${type} iptags..." echo "Force updating ${type} tags..."
case "$type" in update_all_tags "$type"
"lxc") update_tags "lxc" "${vmid}" ;;
"vm") update_tags "vm" "${vmid}" ;;
esac
eval "${last_update_var}=${current_time}" eval "${last_update_var}=${current_time}"
fi fi
done done
@ -395,7 +491,9 @@ if check_service_exists; then
msg_error "Installation cancelled." msg_error "Installation cancelled."
exit 0 exit 0
;; ;;
*) msg_error "Please answer yes or no." ;; *)
msg_error "Please answer yes or no."
;;
esac esac
done done
fi fi
@ -403,12 +501,16 @@ fi
while true; do while true; do
read -p "This will install ${APP} on ${hostname}. Proceed? (y/n): " yn read -p "This will install ${APP} on ${hostname}. Proceed? (y/n): " yn
case $yn in case $yn in
[Yy]*) break ;; [Yy]*)
[Nn]*) break
msg_error "Installation cancelled." ;;
exit [Nn]*)
;; msg_error "Installation cancelled."
*) msg_error "Please answer yes or no." ;; exit
;;
*)
msg_error "Please answer yes or no."
;;
esac esac
done done
@ -451,6 +553,12 @@ CIDR_LIST=(
100.64.0.0/10 100.64.0.0/10
) )
# Tag format options:
# - "full": full IP address (e.g., 192.168.0.100)
# - "last_octet": only the last octet (e.g., 100)
# - "last_two_octets": last two octets (e.g., 0.100)
TAG_FORMAT="full"
# Interval settings (in seconds) # Interval settings (in seconds)
LOOP_INTERVAL=60 LOOP_INTERVAL=60
VM_STATUS_CHECK_INTERVAL=60 VM_STATUS_CHECK_INTERVAL=60
@ -488,17 +596,65 @@ ip_to_int() {
ip_in_cidr() { ip_in_cidr() {
local ip="$1" local ip="$1"
local cidr="$2" local cidr="$2"
local ip_int=$(ip_to_int "$ip")
local netmask_int=$(ip_to_int "$(ipcalc -b "$cidr" | grep Broadcast | awk '{print $2}')") # Use ipcalc with the -c option (check), which returns 0 if the IP is in the network
[[ $((ip_int & netmask_int)) -eq $((ip_int & netmask_int)) ]] && return 0 || return 1 if ipcalc -c "$ip" "$cidr" >/dev/null 2>&1; then
# Get network address and mask from CIDR
local network prefix
network=$(echo "$cidr" | cut -d/ -f1)
prefix=$(echo "$cidr" | cut -d/ -f2)
# Check if IP is in the network
local ip_a ip_b ip_c ip_d net_a net_b net_c net_d
IFS=. read -r ip_a ip_b ip_c ip_d <<< "$ip"
IFS=. read -r net_a net_b net_c net_d <<< "$network"
# Check octets match based on prefix length
local result=0
if (( prefix >= 8 )); then
[[ "$ip_a" != "$net_a" ]] && result=1
fi
if (( prefix >= 16 )); then
[[ "$ip_b" != "$net_b" ]] && result=1
fi
if (( prefix >= 24 )); then
[[ "$ip_c" != "$net_c" ]] && result=1
fi
return $result
fi
return 1
}
# Format IP address according to the configuration
format_ip_tag() {
local ip="$1"
local format="${TAG_FORMAT:-full}"
case "$format" in
"last_octet")
echo "${ip##*.}"
;;
"last_two_octets")
echo "${ip#*.*.}"
;;
*)
echo "$ip"
;;
esac
} }
# Check if IP is in any CIDRs # Check if IP is in any CIDRs
ip_in_cidrs() { ip_in_cidrs() {
local ip="$1" local ip="$1"
local cidrs=() local cidrs="$2"
mapfile -t cidrs < <(echo "$2" | tr ' ' '\n')
for cidr in "${cidrs[@]}"; do # Check that cidrs is not empty
[[ -z "$cidrs" ]] && return 1
local IFS=' '
for cidr in $cidrs; do
ip_in_cidr "$ip" "$cidr" && return 0 ip_in_cidr "$ip" "$cidr" && return 0
done done
return 1 return 1
@ -552,16 +708,16 @@ get_vm_ips() {
local ips="" local ips=""
# Check if VM is running # Check if VM is running
qm status "$vmid" | grep -q "status: running" || return qm status "$vmid" 2>/dev/null | grep -q "status: running" || return
# Get MAC addresses from VM configuration # Get MAC addresses from VM configuration
local macs local macs
macs=$(qm config "$vmid" | grep -E 'net[0-9]+' | grep -o -E '[a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}') macs=$(qm config "$vmid" 2>/dev/null | grep -E 'net[0-9]+' | grep -o -E '[a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}')
# Look up IPs from ARP table using MAC addresses # Look up IPs from ARP table using MAC addresses
for mac in $macs; do for mac in $macs; do
local ip local ip
ip=$(arp -an | grep -i "$mac" | grep -o -E '([0-9]{1,3}\.){3}[0-9]{1,3}') ip=$(arp -an 2>/dev/null | grep -i "$mac" | grep -o -E '([0-9]{1,3}\.){3}[0-9]{1,3}')
if [ -n "$ip" ]; then if [ -n "$ip" ]; then
ips+="$ip " ips+="$ip "
fi fi
@ -580,7 +736,8 @@ update_tags() {
# Get current IPs # Get current IPs
local current_ips_full local current_ips_full
if [[ "$type" == "lxc" ]]; then if [[ "$type" == "lxc" ]]; then
current_ips_full=$(lxc-info -n "${vmid}" -i | awk '{print $2}') # Redirect error output to suppress AppArmor warnings
current_ips_full=$(lxc-info -n "${vmid}" -i 2>/dev/null | grep -E "^IP:" | awk '{print $2}')
else else
current_ips_full=$(get_vm_ips "${vmid}") current_ips_full=$(get_vm_ips "${vmid}")
fi fi
@ -588,20 +745,65 @@ update_tags() {
# Parse current tags and get valid IPs # Parse current tags and get valid IPs
local current_tags=() local current_tags=()
local next_tags=() local next_tags=()
mapfile -t current_tags < <($config_cmd config "${vmid}" | grep tags | awk '{print $2}' | sed 's/;/\n/g') mapfile -t current_tags < <($config_cmd config "${vmid}" 2>/dev/null | grep tags | awk '{print $2}' | sed 's/;/\n/g')
for tag in "${current_tags[@]}"; do for tag in "${current_tags[@]}"; do
is_valid_ipv4 "${tag}" || next_tags+=("${tag}") # Skip tag if it looks like an IP (full or partial)
if ! is_valid_ipv4 "${tag}" && ! [[ "$tag" =~ ^[0-9]+(\.[0-9]+)*$ ]]; then
next_tags+=("${tag}")
fi
done done
# Add valid IPs to tags # Add valid IPs to tags
local added_ips=()
local skipped_ips=()
for ip in ${current_ips_full}; do for ip in ${current_ips_full}; do
is_valid_ipv4 "${ip}" && ip_in_cidrs "${ip}" "${CIDR_LIST[*]}" && next_tags+=("${ip}") if is_valid_ipv4 "${ip}"; then
if ip_in_cidrs "${ip}" "${CIDR_LIST[*]}"; then
local formatted_ip=$(format_ip_tag "$ip")
next_tags+=("${formatted_ip}")
added_ips+=("${formatted_ip}")
else
skipped_ips+=("${ip}")
fi
fi
done done
# Log only if there are changes
if [ ${#added_ips[@]} -gt 0 ]; then
echo "${type^} ${vmid}: added IP tags: ${added_ips[*]}"
fi
# Update if changed # Update if changed
[[ "$(IFS=';'; echo "${current_tags[*]}")" != "$(IFS=';'; echo "${next_tags[*]}")" ]] && \ if [[ "$(IFS=';'; echo "${current_tags[*]}")" != "$(IFS=';'; echo "${next_tags[*]}")" ]]; then
$config_cmd set "${vmid}" -tags "$(IFS=';'; echo "${next_tags[*]}")" $config_cmd set "${vmid}" -tags "$(IFS=';'; echo "${next_tags[*]}")" &>/dev/null
fi
}
# Check if status changed
check_status_changed() {
local type="$1"
local current_status
case "$type" in
"lxc")
current_status=$(pct list 2>/dev/null | grep -v VMID)
[[ "${last_lxc_status}" == "${current_status}" ]] && return 1
last_lxc_status="${current_status}"
;;
"vm")
current_status=$(qm list 2>/dev/null | grep -v VMID)
[[ "${last_vm_status}" == "${current_status}" ]] && return 1
last_vm_status="${current_status}"
;;
"fw")
current_status=$(ifconfig 2>/dev/null | grep "^fw")
[[ "${last_net_interface}" == "${current_status}" ]] && return 1
last_net_interface="${current_status}"
;;
esac
return 0
} }
check() { check() {
@ -611,10 +813,10 @@ check() {
time_since_last_lxc_status_check=$((current_time - last_lxc_status_check_time)) time_since_last_lxc_status_check=$((current_time - last_lxc_status_check_time))
if [[ "${LXC_STATUS_CHECK_INTERVAL}" -gt 0 ]] \ if [[ "${LXC_STATUS_CHECK_INTERVAL}" -gt 0 ]] \
&& [[ "${time_since_last_lxc_status_check}" -ge "${LXC_STATUS_CHECK_INTERVAL}" ]]; then && [[ "${time_since_last_lxc_status_check}" -ge "${LXC_STATUS_CHECK_INTERVAL}" ]]; then
echo "Checking lxc status..." echo "Checking LXC status..."
last_lxc_status_check_time=${current_time} last_lxc_status_check_time=${current_time}
if check_status_changed "lxc"; then if check_status_changed "lxc"; then
update_tags "lxc" "${vmid}" update_all_tags "lxc"
last_update_lxc_time=${current_time} last_update_lxc_time=${current_time}
fi fi
fi fi
@ -623,10 +825,10 @@ check() {
time_since_last_vm_status_check=$((current_time - last_vm_status_check_time)) time_since_last_vm_status_check=$((current_time - last_vm_status_check_time))
if [[ "${VM_STATUS_CHECK_INTERVAL}" -gt 0 ]] \ if [[ "${VM_STATUS_CHECK_INTERVAL}" -gt 0 ]] \
&& [[ "${time_since_last_vm_status_check}" -ge "${VM_STATUS_CHECK_INTERVAL}" ]]; then && [[ "${time_since_last_vm_status_check}" -ge "${VM_STATUS_CHECK_INTERVAL}" ]]; then
echo "Checking vm status..." echo "Checking VM status..."
last_vm_status_check_time=${current_time} last_vm_status_check_time=${current_time}
if check_status_changed "vm"; then if check_status_changed "vm"; then
update_tags "vm" "${vmid}" update_all_tags "vm"
last_update_vm_time=${current_time} last_update_vm_time=${current_time}
fi fi
fi fi
@ -635,11 +837,11 @@ check() {
time_since_last_fw_net_interface_check=$((current_time - last_fw_net_interface_check_time)) time_since_last_fw_net_interface_check=$((current_time - last_fw_net_interface_check_time))
if [[ "${FW_NET_INTERFACE_CHECK_INTERVAL}" -gt 0 ]] \ if [[ "${FW_NET_INTERFACE_CHECK_INTERVAL}" -gt 0 ]] \
&& [[ "${time_since_last_fw_net_interface_check}" -ge "${FW_NET_INTERFACE_CHECK_INTERVAL}" ]]; then && [[ "${time_since_last_fw_net_interface_check}" -ge "${FW_NET_INTERFACE_CHECK_INTERVAL}" ]]; then
echo "Checking fw net interface..." echo "Checking network interfaces..."
last_fw_net_interface_check_time=${current_time} last_fw_net_interface_check_time=${current_time}
if check_status_changed "fw"; then if check_status_changed "fw"; then
update_tags "lxc" "${vmid}" update_all_tags "lxc"
update_tags "vm" "${vmid}" update_all_tags "vm"
last_update_lxc_time=${current_time} last_update_lxc_time=${current_time}
last_update_vm_time=${current_time} last_update_vm_time=${current_time}
fi fi
@ -650,11 +852,8 @@ check() {
local last_update_var="last_update_${type}_time" local last_update_var="last_update_${type}_time"
local time_since_last_update=$((current_time - ${!last_update_var})) local time_since_last_update=$((current_time - ${!last_update_var}))
if [ ${time_since_last_update} -ge ${FORCE_UPDATE_INTERVAL} ]; then if [ ${time_since_last_update} -ge ${FORCE_UPDATE_INTERVAL} ]; then
echo "Force updating ${type} iptags..." echo "Force updating ${type} tags..."
case "$type" in update_all_tags "$type"
"lxc") update_tags "lxc" "${vmid}" ;;
"vm") update_tags "vm" "${vmid}" ;;
esac
eval "${last_update_var}=${current_time}" eval "${last_update_var}=${current_time}"
fi fi
done done