community-scripts/ProxmoxVED
5
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
ProxmoxVED/tools/pve/pve-privilege-converter.sh
CanbiZ 68034a1c59 Update pve-privilege-converter.sh
2025-06-02 09:27:34 +02:00

210 lines
5.8 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
if ! command -v curl >/dev/null 2>&1; then
printf "\r\e[2K%b" '\033[93m Setup Source \033[m' >&2
apt-get update >/dev/null 2>&1
apt-get install -y curl >/dev/null 2>&1
fi
source <(curl -fsSL https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main/misc/core.func)
load_functions
set -euo pipefail
shopt -s inherit_errexit nullglob
APP="PVE-Privilege-Converter"
APP_TYPE="tools"
header_info "$APP"
check_root() {
if [[ $EUID -ne 0 ]]; then
echo "[ERROR] Script must be run as root"
exit 1
fi
}
select_container() {
echo -e "\nChoose a Container to convert:\n"
mapfile -t lxc_list_raw < <(pct list | awk 'NR > 1 {print $1, $3}')
lxc_list=()
for entry in "${lxc_list_raw[@]}"; do
[[ -n "$entry" ]] && lxc_list+=("$entry")
done
if [[ ${#lxc_list[@]} -eq 0 ]]; then
echo "[ERROR] No containers found"
exit 1
fi
PS3="Enter number of container to convert: "
select opt in "${lxc_list[@]}"; do
if [[ -n "$opt" ]]; then
read -r CONTAINER_ID CONTAINER_NAME <<<"$opt"
CONTAINER_NAME="${CONTAINER_NAME:-}"
echo "[DEBUG] Selected container: ID=$CONTAINER_ID NAME=$CONTAINER_NAME"
break
else
echo "Invalid selection. Try again."
fi
done
}
select_backup_storage() {
echo -e "Select backup storage (temporary vzdump location):"
mapfile -t backup_storages < <(pvesm status --content backup | awk 'NR > 1 {print $1}')
echo "[DEBUG] Found backup storages: ${backup_storages[*]}"
local PS3="Enter number of backup storage: "
select opt in "${backup_storages[@]}"; do
if [[ -n "$opt" ]]; then
BACKUP_STORAGE="$opt"
echo "[DEBUG] Selected backup storage: $BACKUP_STORAGE"
break
else
echo "Invalid selection. Try again."
fi
done
}
backup_container() {
echo "[INFO] Backing up container $CONTAINER_ID to $BACKUP_STORAGE"
vzdump_output=$(mktemp)
echo "[DEBUG] Using temp file for vzdump output: $vzdump_output"
vzdump "$CONTAINER_ID" --compress zstd --storage "$BACKUP_STORAGE" --mode snapshot | tee "$vzdump_output"
echo "[DEBUG] vzdump completed. Parsing backup path …"
BACKUP_PATH=$(awk '/tar.zst/ {print $NF}' "$vzdump_output" | tr -d "'")
echo "[DEBUG] Parsed backup path: $BACKUP_PATH"
if [ -z "$BACKUP_PATH" ] || ! grep -q "Backup job finished successfully" "$vzdump_output"; then
rm "$vzdump_output"
echo "[ERROR] Backup failed"
exit 1
fi
rm "$vzdump_output"
echo "[OK] Backup complete: $BACKUP_PATH"
}
select_target_storage() {
echo -e "\nSelect target storage for new container:\n"
mapfile -t target_storages < <(pvesm status --content images | awk 'NR > 1 {print $1}')
echo "[DEBUG] Found target storages: ${target_storages[*]}"
PS3="Enter number of target storage: "
select opt in "${target_storages[@]}"; do
if [[ -n "$opt" ]]; then
TARGET_STORAGE="$opt"
echo "[DEBUG] Selected target storage: $TARGET_STORAGE"
break
else
echo "Invalid selection. Try again."
fi
done
}
select_container_id() {
USED_IDS=($(pvesh get /cluster/resources --type vm | jq -r '.[].vmid'))
next_free_id=$(pvesh get /cluster/nextid)
while true; do
read -rp "Enter new container ID (default: $next_free_id): " NEW_CONTAINER_ID
NEW_CONTAINER_ID=${NEW_CONTAINER_ID:-$next_free_id}
if [[ "$NEW_CONTAINER_ID" =~ ^[0-9]+$ ]] && [[ ! " ${USED_IDS[*]} " =~ " ${NEW_CONTAINER_ID} " ]]; then
echo "[DEBUG] Selected new container ID: $NEW_CONTAINER_ID"
break
else
echo "ID invalid or in use. Try again."
fi
done
}
perform_conversion() {
if pct config "$CONTAINER_ID" | grep -q 'unprivileged: 1'; then
UNPRIVILEGED=true
else
UNPRIVILEGED=false
fi
echo "[INFO] Restoring as $(if $UNPRIVILEGED; then echo privileged; else echo unprivileged; fi) container"
echo "[DEBUG] Backup path: $BACKUP_PATH"
echo "[DEBUG] Target storage: $TARGET_STORAGE"
restore_opts=("$NEW_CONTAINER_ID" "$BACKUP_PATH" --storage "$TARGET_STORAGE")
if $UNPRIVILEGED; then
restore_opts+=(--unprivileged false)
else
restore_opts+=(--unprivileged)
fi
echo "[DEBUG] Running: pct restore ${restore_opts[*]} -ignore-unpack-errors 1"
if pct restore "${restore_opts[@]}" -ignore-unpack-errors 1; then
echo "[OK] Conversion successful"
else
echo "[ERROR] Conversion failed"
exit 1
fi
}
manage_states() {
read -rp "Shutdown source and start new container? [Y/n]: " answer
answer=${answer:-Y}
if [[ $answer =~ ^[Yy] ]]; then
pct shutdown "$CONTAINER_ID"
for i in {1..36}; do
sleep 5
! pct status "$CONTAINER_ID" | grep -q running && break
done
if pct status "$CONTAINER_ID" | grep -q running; then
read -rp "Timeout reached. Force shutdown? [Y/n]: " force
if [[ ${force:-Y} =~ ^[Yy] ]]; then
pkill -9 -f "lxc-start -F -n $CONTAINER_ID"
fi
fi
pct start "$NEW_CONTAINER_ID"
echo "[OK] New container started"
else
echo "[INFO] Skipped container state change"
fi
}
cleanup_files() {
read -rp "Delete backup archive? [$BACKUP_PATH] [Y/n]: " cleanup
if [[ ${cleanup:-Y} =~ ^[Yy] ]]; then
rm -f "$BACKUP_PATH" && echo "[OK] Removed backup archive"
else
echo "[INFO] Retained backup archive"
fi
}
summary() {
echo -e "\n======== Summary ========"
echo "Original Container: $CONTAINER_ID ($CONTAINER_NAME)"
echo "Backup Storage: $BACKUP_STORAGE"
echo "Target Storage: $TARGET_STORAGE"
echo "Backup Path: $BACKUP_PATH"
echo "New Container ID: $NEW_CONTAINER_ID"
echo -n "Privilege Conversion: "
if $UNPRIVILEGED; then
echo "Unprivileged -> Privileged"
else
echo "Privileged -> Unprivileged"
fi
echo "=========================="
}
main() {
header_info
check_root
select_container
select_backup_storage
backup_container
select_target_storage
select_container_id
perform_conversion
manage_states
cleanup_files
summary
}
main
Reference in New Issue View Git Blame Copy Permalink