T-Gander/ProxmoxVEDHelperScripts
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
f5ee1e7d0efea9bc7a2be4774cd05c14f474e4d0
ProxmoxVEDHelperScripts/vm/netbird-server.sh

810 lines
28 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# Copyright (c) 2021-2026 community-scripts ORG
# Author: MickLesk (CanbiZ)
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
# Source: https://netbird.io
source <(curl -fsSL "${COMMUNITY_SCRIPTS_URL:-https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main}/misc/vm-core.func")
source <(curl -fsSL "${COMMUNITY_SCRIPTS_URL:-https://git.community-scripts.org/community-scripts/ProxmoxVED/raw/branch/main}/misc/cloud-init.func") 2>/dev/null || true
load_functions
function header_info {
clear
cat <<"EOF"
_ _ _ ____ _ _ ____
| \ | | ___| |_| __ )(_)_ __ __| | / ___| ___ _ ____ _____ _ __
| \| |/ _ \ __| _ \| | '__/ _` | \___ \ / _ \ '__\ \ / / _ \ '__|
| |\ | __/ |_| |_) | | | | (_| | ___) | __/ | \ V / __/ |
|_| \_|\___|\__|____/|_|_| \__,_| |____/ \___|_| \_/ \___|_|
EOF
}
APP="NetBird Server"
APP_TYPE="vm"
NSAPP="netbird-server"
RANDOM_UUID="$(cat /proc/sys/kernel/random/uuid)"
METHOD=""
DISK_SIZE="10G"
GEN_MAC=02:$(openssl rand -hex 5 | awk '{print toupper($0)}' | sed 's/\(..\)/\1:/g; s/.$//')
USE_CLOUD_INIT="no"
OS_TYPE=""
OS_VERSION=""
OS_CODENAME=""
OS_DISPLAY=""
THIN="discard=on,ssd=1,"
NETBIRD_DOMAIN_INPUT=""
NETBIRD_PROXY_TYPE_INPUT="0"
NETBIRD_EMAIL_INPUT=""
header_info
echo -e "\n Loading..."
set -e
trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
trap cleanup EXIT
trap 'post_update_to_api "failed" "130"' SIGINT
trap 'post_update_to_api "failed" "143"' SIGTERM
trap 'post_update_to_api "failed" "129"; exit 129' SIGHUP
TEMP_DIR=$(mktemp -d)
pushd "$TEMP_DIR" >/dev/null
if vm_confirm_new_vm "$APP" "This will create a New $APP VM. Proceed?"; then
:
else
header_info && exit_script
fi
check_root
arch_check
pve_check
# ==============================================================================
# NETBIRD CONFIGURATION PROMPTS
# ==============================================================================
function configure_netbird_setup() {
while true; do
if NETBIRD_DOMAIN_INPUT=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "NETBIRD DOMAIN" \
--inputbox "Enter the public domain for your NetBird server.\n(DNS A record must point to this VM's public IP)\n\ne.g. netbird.my-domain.com" 11 65 "" \
--cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [[ -z "$NETBIRD_DOMAIN_INPUT" ]] || [[ "$NETBIRD_DOMAIN_INPUT" == "netbird.example.com" ]]; then
whiptail --backtitle "Proxmox VE Helper Scripts" --title "INVALID DOMAIN" \
--msgbox "Please enter a valid domain name." 8 50
continue
fi
echo -e "${INFO}${BOLD}${DGN}NetBird Domain: ${BGN}${NETBIRD_DOMAIN_INPUT}${CL}"
break
else
exit_script
fi
done
if NETBIRD_PROXY_TYPE_INPUT=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "REVERSE PROXY" --radiolist \
"Select the reverse proxy for NetBird" 14 70 4 \
"0" "Traefik (recommended, built-in with auto TLS)" ON \
"2" "Nginx (generates config template)" OFF \
"3" "Nginx Proxy Manager" OFF \
"5" "Other/Manual" OFF \
3>&1 1>&2 2>&3); then
echo -e "${INFO}${BOLD}${DGN}Reverse Proxy: ${BGN}${NETBIRD_PROXY_TYPE_INPUT}${CL}"
else
exit_script
fi
if [[ "$NETBIRD_PROXY_TYPE_INPUT" == "0" ]]; then
while true; do
if NETBIRD_EMAIL_INPUT=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "LETSENCRYPT EMAIL" \
--inputbox "Enter your email for Let's Encrypt certificates:" 8 65 "" \
--cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [[ -z "$NETBIRD_EMAIL_INPUT" ]]; then
whiptail --backtitle "Proxmox VE Helper Scripts" --title "INVALID EMAIL" \
--msgbox "Email is required for Let's Encrypt." 8 50
continue
fi
echo -e "${INFO}${BOLD}${DGN}Let's Encrypt Email: ${BGN}${NETBIRD_EMAIL_INPUT}${CL}"
break
else
exit_script
fi
done
fi
}
# ==============================================================================
# OS SELECTION
# ==============================================================================
function select_os() {
if OS_CHOICE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "SELECT OS" --radiolist \
"Choose Operating System for NetBird Server VM" 14 68 3 \
"debian13" "Debian 13 (Trixie) - Latest" ON \
"debian12" "Debian 12 (Bookworm) - Stable" OFF \
"ubuntu2404" "Ubuntu 24.04 LTS (Noble)" OFF \
3>&1 1>&2 2>&3); then
case $OS_CHOICE in
debian13)
OS_TYPE="debian"
OS_VERSION="13"
OS_CODENAME="trixie"
OS_DISPLAY="Debian 13 (Trixie)"
;;
debian12)
OS_TYPE="debian"
OS_VERSION="12"
OS_CODENAME="bookworm"
OS_DISPLAY="Debian 12 (Bookworm)"
;;
ubuntu2404)
OS_TYPE="ubuntu"
OS_VERSION="24.04"
OS_CODENAME="noble"
OS_DISPLAY="Ubuntu 24.04 LTS"
;;
esac
echo -e "${OS}${BOLD}${DGN}Operating System: ${BGN}${OS_DISPLAY}${CL}"
else
exit_script
fi
}
function select_cloud_init() {
if [ "$OS_TYPE" = "ubuntu" ]; then
USE_CLOUD_INIT="yes"
echo -e "${CLOUD:- }${BOLD}${DGN}Cloud-Init: ${BGN}yes (Ubuntu requires Cloud-Init)${CL}"
return
fi
if (whiptail --backtitle "Proxmox VE Helper Scripts" --title "CLOUD-INIT" \
--yesno "Enable Cloud-Init for VM configuration?\n\nAllows automatic configuration of user accounts, SSH keys, and network settings.\n\nDebian without Cloud-Init uses nocloud image with console auto-login." 14 68); then
USE_CLOUD_INIT="yes"
echo -e "${CLOUD:- }${BOLD}${DGN}Cloud-Init: ${BGN}yes${CL}"
else
USE_CLOUD_INIT="no"
echo -e "${CLOUD:- }${BOLD}${DGN}Cloud-Init: ${BGN}no${CL}"
fi
}
function get_image_url() {
local arch
arch=$(dpkg --print-architecture)
case $OS_TYPE in
debian)
if [ "$USE_CLOUD_INIT" = "yes" ]; then
echo "https://cloud.debian.org/images/cloud/${OS_CODENAME}/latest/debian-${OS_VERSION}-generic-${arch}.qcow2"
else
echo "https://cloud.debian.org/images/cloud/${OS_CODENAME}/latest/debian-${OS_VERSION}-nocloud-${arch}.qcow2"
fi
;;
ubuntu)
echo "https://cloud-images.ubuntu.com/${OS_CODENAME}/current/${OS_CODENAME}-server-cloudimg-${arch}.img"
;;
esac
}
# ==============================================================================
# SETTINGS
# ==============================================================================
function default_settings() {
configure_netbird_setup
select_os
select_cloud_init
VMID=$(get_valid_nextid)
FORMAT=""
MACHINE=" -machine q35"
DISK_CACHE=""
DISK_SIZE="10G"
HN="netbird"
CPU_TYPE=" -cpu host"
CORE_COUNT="2"
RAM_SIZE="2048"
BRG="vmbr0"
MAC="$GEN_MAC"
VLAN=""
MTU=""
START_VM="yes"
METHOD="default"
echo -e "${CONTAINERID}${BOLD}${DGN}Virtual Machine ID: ${BGN}${VMID}${CL}"
echo -e "${CONTAINERTYPE}${BOLD}${DGN}Machine Type: ${BGN}Q35 (Modern)${CL}"
echo -e "${DISKSIZE}${BOLD}${DGN}Disk Size: ${BGN}${DISK_SIZE}${CL}"
echo -e "${DISKSIZE}${BOLD}${DGN}Disk Cache: ${BGN}None${CL}"
echo -e "${HOSTNAME}${BOLD}${DGN}Hostname: ${BGN}${HN}${CL}"
echo -e "${OS}${BOLD}${DGN}CPU Model: ${BGN}Host${CL}"
echo -e "${CPUCORE}${BOLD}${DGN}CPU Cores: ${BGN}${CORE_COUNT}${CL}"
echo -e "${RAMSIZE}${BOLD}${DGN}RAM Size: ${BGN}${RAM_SIZE}${CL}"
echo -e "${BRIDGE}${BOLD}${DGN}Bridge: ${BGN}${BRG}${CL}"
echo -e "${MACADDRESS}${BOLD}${DGN}MAC Address: ${BGN}${MAC}${CL}"
echo -e "${VLANTAG}${BOLD}${DGN}VLAN: ${BGN}Default${CL}"
echo -e "${DEFAULT}${BOLD}${DGN}Interface MTU Size: ${BGN}Default${CL}"
echo -e "${GATEWAY}${BOLD}${DGN}Start VM when completed: ${BGN}yes${CL}"
echo -e "${CREATING}${BOLD}${DGN}Creating a NetBird Server VM using the above default settings${CL}"
}
function advanced_settings() {
configure_netbird_setup
select_os
select_cloud_init
METHOD="advanced"
[ -z "${VMID:-}" ] && VMID=$(get_valid_nextid)
while true; do
if VMID=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set Virtual Machine ID" 8 58 $VMID --title "VIRTUAL MACHINE ID" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z "$VMID" ]; then VMID=$(get_valid_nextid); fi
if pct status "$VMID" &>/dev/null || qm status "$VMID" &>/dev/null; then
echo -e "${CROSS}${RD} ID $VMID is already in use${CL}"
sleep 2
continue
fi
echo -e "${CONTAINERID}${BOLD}${DGN}Virtual Machine ID: ${BGN}$VMID${CL}"
break
else
exit_script
fi
done
if MACH=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "MACHINE TYPE" --radiolist --cancel-button Exit-Script "Choose Type" 10 58 2 \
"q35" "Q35 (Modern, PCIe)" ON \
"i440fx" "i440fx (Legacy, PCI)" OFF \
3>&1 1>&2 2>&3); then
if [ $MACH = q35 ]; then
echo -e "${CONTAINERTYPE}${BOLD}${DGN}Machine Type: ${BGN}Q35 (Modern)${CL}"
FORMAT=""
MACHINE=" -machine q35"
else
echo -e "${CONTAINERTYPE}${BOLD}${DGN}Machine Type: ${BGN}i440fx (Legacy)${CL}"
FORMAT=",efitype=4m"
MACHINE=""
fi
else
exit_script
fi
if DISK_SIZE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set Disk Size in GiB (e.g., 10, 20)" 8 58 "10" --title "DISK SIZE" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
DISK_SIZE=$(echo "$DISK_SIZE" | tr -d ' ')
if [[ "$DISK_SIZE" =~ ^[0-9]+$ ]]; then
DISK_SIZE="${DISK_SIZE}G"
elif [[ ! "$DISK_SIZE" =~ ^[0-9]+G$ ]]; then
echo -e "${DISKSIZE}${BOLD}${RD}Invalid Disk Size.${CL}"
exit_script
fi
echo -e "${DISKSIZE}${BOLD}${DGN}Disk Size: ${BGN}$DISK_SIZE${CL}"
else
exit_script
fi
if DISK_CACHE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "DISK CACHE" --radiolist "Choose" --cancel-button Exit-Script 10 58 2 \
"0" "None (Default)" ON \
"1" "Write Through" OFF \
3>&1 1>&2 2>&3); then
if [ $DISK_CACHE = "1" ]; then
echo -e "${DISKSIZE}${BOLD}${DGN}Disk Cache: ${BGN}Write Through${CL}"
DISK_CACHE="cache=writethrough,"
else
echo -e "${DISKSIZE}${BOLD}${DGN}Disk Cache: ${BGN}None${CL}"
DISK_CACHE=""
fi
else
exit_script
fi
if VM_NAME=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set Hostname" 8 58 netbird --title "HOSTNAME" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z $VM_NAME ]; then
HN="netbird"
else
HN=$(echo "${VM_NAME,,}" | tr -cs 'a-z0-9-' '-' | sed 's/^-//;s/-$//')
fi
echo -e "${HOSTNAME}${BOLD}${DGN}Hostname: ${BGN}$HN${CL}"
else
exit_script
fi
if CPU_TYPE1=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "CPU MODEL" --radiolist "Choose" --cancel-button Exit-Script 10 58 2 \
"1" "Host (Recommended)" ON \
"0" "KVM64" OFF \
3>&1 1>&2 2>&3); then
if [ $CPU_TYPE1 = "1" ]; then
echo -e "${OS}${BOLD}${DGN}CPU Model: ${BGN}Host${CL}"
CPU_TYPE=" -cpu host"
else
echo -e "${OS}${BOLD}${DGN}CPU Model: ${BGN}KVM64${CL}"
CPU_TYPE=""
fi
else
exit_script
fi
while true; do
if CORE_COUNT=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Allocate CPU Cores" 8 58 2 --title "CORE COUNT" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z "$CORE_COUNT" ]; then CORE_COUNT="2"; fi
if [[ "$CORE_COUNT" =~ ^[1-9][0-9]*$ ]]; then
echo -e "${CPUCORE}${BOLD}${DGN}CPU Cores: ${BGN}$CORE_COUNT${CL}"
break
fi
else
exit_script
fi
done
while true; do
if RAM_SIZE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Allocate RAM in MiB (min 2048)" 8 58 2048 --title "RAM" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z "$RAM_SIZE" ]; then RAM_SIZE="2048"; fi
if [[ "$RAM_SIZE" =~ ^[1-9][0-9]*$ ]]; then
echo -e "${RAMSIZE}${BOLD}${DGN}RAM Size: ${BGN}$RAM_SIZE${CL}"
break
fi
else
exit_script
fi
done
if BRG=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set a Bridge" 8 58 vmbr0 --title "BRIDGE" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z $BRG ]; then BRG="vmbr0"; fi
echo -e "${BRIDGE}${BOLD}${DGN}Bridge: ${BGN}$BRG${CL}"
else
exit_script
fi
while true; do
if MAC1=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set a MAC Address" 8 58 $GEN_MAC --title "MAC ADDRESS" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z "$MAC1" ]; then
MAC="$GEN_MAC"
echo -e "${MACADDRESS}${BOLD}${DGN}MAC Address: ${BGN}$MAC${CL}"
break
fi
if [[ "$MAC1" =~ ^([0-9A-Fa-f]{2}:){5}[0-9A-Fa-f]{2}$ ]]; then
MAC="$MAC1"
echo -e "${MACADDRESS}${BOLD}${DGN}MAC Address: ${BGN}$MAC${CL}"
break
fi
else
exit_script
fi
done
while true; do
if VLAN1=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set a Vlan (leave blank for default)" 8 58 --title "VLAN" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z "$VLAN1" ]; then
VLAN=""
echo -e "${VLANTAG}${BOLD}${DGN}VLAN: ${BGN}Default${CL}"
break
fi
if [[ "$VLAN1" =~ ^[0-9]+$ ]] && [ "$VLAN1" -ge 1 ] && [ "$VLAN1" -le 4094 ]; then
VLAN=",tag=$VLAN1"
echo -e "${VLANTAG}${BOLD}${DGN}VLAN: ${BGN}$VLAN1${CL}"
break
fi
else
exit_script
fi
done
while true; do
if MTU1=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Set Interface MTU Size (leave blank for default)" 8 58 --title "MTU SIZE" --cancel-button Exit-Script 3>&1 1>&2 2>&3); then
if [ -z "$MTU1" ]; then
MTU=""
echo -e "${DEFAULT}${BOLD}${DGN}Interface MTU Size: ${BGN}Default${CL}"
break
fi
if [[ "$MTU1" =~ ^[0-9]+$ ]] && [ "$MTU1" -ge 576 ] && [ "$MTU1" -le 65520 ]; then
MTU=",mtu=$MTU1"
echo -e "${DEFAULT}${BOLD}${DGN}Interface MTU Size: ${BGN}$MTU1${CL}"
break
fi
else
exit_script
fi
done
if (whiptail --backtitle "Proxmox VE Helper Scripts" --title "START VIRTUAL MACHINE" --yesno "Start VM when completed?" 10 58); then
echo -e "${GATEWAY}${BOLD}${DGN}Start VM when completed: ${BGN}yes${CL}"
START_VM="yes"
else
echo -e "${GATEWAY}${BOLD}${DGN}Start VM when completed: ${BGN}no${CL}"
START_VM="no"
fi
if (whiptail --backtitle "Proxmox VE Helper Scripts" --title "ADVANCED SETTINGS COMPLETE" --yesno "Ready to create a NetBird Server VM?" --no-button Do-Over 10 58); then
echo -e "${CREATING}${BOLD}${DGN}Creating a NetBird Server VM using the above advanced settings${CL}"
else
header_info
echo -e "${ADVANCED}${BOLD}${RD}Using Advanced Settings${CL}"
advanced_settings
fi
}
function start_script() {
if (whiptail --backtitle "Proxmox VE Helper Scripts" --title "SETTINGS" --yesno "Use Default Settings?" --no-button Advanced 10 58); then
header_info
echo -e "${DEFAULT}${BOLD}${BL}Using Default Settings${CL}"
default_settings
else
header_info
echo -e "${ADVANCED}${BOLD}${RD}Using Advanced Settings${CL}"
advanced_settings
fi
}
# ==============================================================================
# MAIN EXECUTION
# ==============================================================================
start_script
post_to_api_vm
# ==============================================================================
# STORAGE SELECTION
# ==============================================================================
msg_info "Validating Storage"
while read -r line; do
TAG=$(echo $line | awk '{print $1}')
TYPE=$(echo $line | awk '{printf "%-10s", $2}')
FREE=$(echo $line | numfmt --field 4-6 --from-unit=K --to=iec --format %.2f | awk '{printf( "%9sB", $6)}')
ITEM=" Type: $TYPE Free: $FREE "
OFFSET=2
if [[ $((${#ITEM} + $OFFSET)) -gt ${MSG_MAX_LENGTH:-} ]]; then
MSG_MAX_LENGTH=$((${#ITEM} + $OFFSET))
fi
STORAGE_MENU+=("$TAG" "$ITEM" "OFF")
done < <(pvesm status -content images | awk 'NR>1')
VALID=$(pvesm status -content images | awk 'NR>1')
if [ -z "$VALID" ]; then
msg_error "Unable to detect a valid storage location."
exit
elif [ $((${#STORAGE_MENU[@]} / 3)) -eq 1 ]; then
STORAGE=${STORAGE_MENU[0]}
else
while [ -z "${STORAGE:+x}" ]; do
STORAGE=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Storage Pools" --radiolist \
"Which storage pool would you like to use for ${HN}?\nTo make a selection, use the Spacebar.\n" \
16 $(($MSG_MAX_LENGTH + 23)) 6 \
"${STORAGE_MENU[@]}" 3>&1 1>&2 2>&3)
done
fi
msg_ok "Using ${CL}${BL}$STORAGE${CL} ${GN}for Storage Location."
msg_ok "Virtual Machine ID is ${CL}${BL}$VMID${CL}."
# ==============================================================================
# PREREQUISITES
# ==============================================================================
if ! command -v virt-customize &>/dev/null; then
msg_info "Installing libguestfs-tools"
apt-get -qq update >/dev/null
apt-get -qq install libguestfs-tools -y >/dev/null
msg_ok "Installed libguestfs-tools"
fi
# ==============================================================================
# IMAGE DOWNLOAD
# ==============================================================================
msg_info "Retrieving the URL for the ${OS_DISPLAY} Disk Image"
URL=$(get_image_url)
CACHE_DIR="/var/lib/vz/template/cache"
CACHE_FILE="$CACHE_DIR/$(basename "$URL")"
mkdir -p "$CACHE_DIR"
msg_ok "${CL}${BL}${URL}${CL}"
if [[ ! -s "$CACHE_FILE" ]]; then
curl -f#SL -o "$CACHE_FILE" "$URL"
echo -en "\e[1A\e[0K"
msg_ok "Downloaded ${CL}${BL}$(basename "$CACHE_FILE")${CL}"
else
msg_ok "Using cached image ${CL}${BL}$(basename "$CACHE_FILE")${CL}"
fi
# ==============================================================================
# STORAGE TYPE DETECTION
# ==============================================================================
STORAGE_TYPE=$(pvesm status -storage "$STORAGE" | awk 'NR>1 {print $2}')
case $STORAGE_TYPE in
nfs | dir)
DISK_EXT=".qcow2"
DISK_REF="$VMID/"
DISK_IMPORT="--format qcow2"
THIN=""
;;
btrfs)
DISK_EXT=".raw"
DISK_REF="$VMID/"
DISK_IMPORT="--format raw"
FORMAT=",efitype=4m"
THIN=""
;;
*)
DISK_EXT=""
DISK_REF=""
DISK_IMPORT="--format raw"
;;
esac
# ==============================================================================
# IMAGE CUSTOMIZATION
# ==============================================================================
msg_info "Preparing ${OS_DISPLAY} image with Docker & prerequisites"
WORK_FILE=$(mktemp --suffix=.qcow2)
cp "$CACHE_FILE" "$WORK_FILE"
export LIBGUESTFS_BACKEND_SETTINGS=dns=8.8.8.8,1.1.1.1
DOCKER_PREINSTALLED="no"
msg_info "Installing base packages (qemu-guest-agent, curl, ca-certificates, jq)"
if virt-customize -a "$WORK_FILE" --install qemu-guest-agent,curl,ca-certificates,jq >/dev/null 2>&1; then
msg_ok "Installed base packages"
msg_info "Installing Docker (this may take 2-5 minutes)"
if virt-customize -q -a "$WORK_FILE" --run-command "curl -fsSL https://get.docker.com | sh" >/dev/null 2>&1 &&
virt-customize -q -a "$WORK_FILE" --run-command "systemctl enable docker" >/dev/null 2>&1; then
msg_ok "Installed Docker"
msg_info "Configuring Docker daemon"
virt-customize -q -a "$WORK_FILE" --run-command "mkdir -p /etc/docker" >/dev/null 2>&1
virt-customize -q -a "$WORK_FILE" --run-command 'cat > /etc/docker/daemon.json << EOF
{
"storage-driver": "overlay2",
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
}
}
EOF' >/dev/null 2>&1
DOCKER_PREINSTALLED="yes"
msg_ok "Configured Docker daemon"
else
msg_ok "Docker will be installed on first boot"
fi
else
msg_ok "Packages will be installed on first boot"
fi
# Write NetBird env file (host variables expanded into the image)
msg_info "Writing NetBird configuration"
NETBIRD_ENV_TMP=$(mktemp)
cat >"$NETBIRD_ENV_TMP" <<ENVEOF
NETBIRD_DOMAIN="${NETBIRD_DOMAIN_INPUT}"
NETBIRD_AUTO_PROXY_TYPE="${NETBIRD_PROXY_TYPE_INPUT}"
NETBIRD_AUTO_EMAIL="${NETBIRD_EMAIL_INPUT}"
NETBIRD_AUTO_ENABLE_PROXY="false"
NETBIRD_AUTO_ENABLE_CROWDSEC="false"
ENVEOF
virt-customize -q -a "$WORK_FILE" --upload "${NETBIRD_ENV_TMP}:/root/netbird.env" >/dev/null 2>&1
rm -f "$NETBIRD_ENV_TMP"
# Write first-boot setup script (no host variable expansion needed — single-quoted heredoc)
NETBIRD_SETUP_TMP=$(mktemp)
cat >"$NETBIRD_SETUP_TMP" <<'SETUPEOF'
#!/bin/bash
exec > /var/log/netbird-setup.log 2>&1
set -e
echo "[$(date)] Starting NetBird automated setup"
# Wait for Docker (up to 5 minutes)
for i in {1..60}; do
docker info >/dev/null 2>&1 && break
sleep 5
done
docker info >/dev/null 2>&1 || { echo "[$(date)] ERROR: Docker not ready after 5 min"; exit 1; }
# Load pre-configured values
set -a
source /root/netbird.env
set +a
# Download getting-started.sh
curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started.sh \
-o /root/getting-started.sh
# Patch interactive reads: use NETBIRD_AUTO_* env vars (never overwritten by initialize_default_values)
sed -i \
-e 's/REVERSE_PROXY_TYPE=$(read_reverse_proxy_type)/REVERSE_PROXY_TYPE="${NETBIRD_AUTO_PROXY_TYPE:-$(read_reverse_proxy_type)}"/'\
-e 's/TRAEFIK_ACME_EMAIL=$(read_traefik_acme_email)/TRAEFIK_ACME_EMAIL="${NETBIRD_AUTO_EMAIL:-$(read_traefik_acme_email)}"/'\
-e 's/ENABLE_PROXY=$(read_enable_proxy)/ENABLE_PROXY="${NETBIRD_AUTO_ENABLE_PROXY:-$(read_enable_proxy)}"/'\
-e 's/ENABLE_CROWDSEC=$(read_enable_crowdsec)/ENABLE_CROWDSEC="${NETBIRD_AUTO_ENABLE_CROWDSEC:-$(read_enable_crowdsec)}"/'\
/root/getting-started.sh
echo "[$(date)] Running NetBird getting-started.sh"
bash /root/getting-started.sh
touch /root/.netbird-setup-done
echo "[$(date)] NetBird setup completed"
SETUPEOF
virt-customize -q -a "$WORK_FILE" \
--upload "${NETBIRD_SETUP_TMP}:/root/netbird-setup.sh" \
--run-command "chmod +x /root/netbird-setup.sh" >/dev/null 2>&1
rm -f "$NETBIRD_SETUP_TMP"
# Write first-boot systemd service
NETBIRD_SVC_TMP=$(mktemp)
cat >"$NETBIRD_SVC_TMP" <<'SVCEOF'
[Unit]
Description=NetBird Initial Setup
After=network-online.target docker.service
Wants=network-online.target
ConditionPathExists=!/root/.netbird-setup-done
[Service]
Type=oneshot
ExecStart=/root/netbird-setup.sh
RemainAfterExit=yes
StandardOutput=journal+console
StandardError=journal+console
TimeoutStartSec=600
[Install]
WantedBy=multi-user.target
SVCEOF
virt-customize -q -a "$WORK_FILE" \
--upload "${NETBIRD_SVC_TMP}:/etc/systemd/system/netbird-setup.service" \
--run-command "systemctl enable netbird-setup.service" >/dev/null 2>&1
rm -f "$NETBIRD_SVC_TMP"
msg_ok "Configured NetBird first-boot automation"
msg_info "Finalizing image"
virt-customize -q -a "$WORK_FILE" --hostname "${HN}" >/dev/null 2>&1 || true
virt-customize -q -a "$WORK_FILE" --run-command "truncate -s 0 /etc/machine-id" >/dev/null 2>&1 || true
virt-customize -q -a "$WORK_FILE" --run-command "rm -f /var/lib/dbus/machine-id" >/dev/null 2>&1 || true
if [ "$USE_CLOUD_INIT" = "yes" ]; then
virt-customize -q -a "$WORK_FILE" --run-command "sed -i 's/^#*PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config" >/dev/null 2>&1 || true
virt-customize -q -a "$WORK_FILE" --run-command "sed -i 's/^#*PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config" >/dev/null 2>&1 || true
else
virt-customize -q -a "$WORK_FILE" --run-command "mkdir -p /etc/systemd/system/serial-getty@ttyS0.service.d" >/dev/null 2>&1 || true
virt-customize -q -a "$WORK_FILE" --run-command 'cat > /etc/systemd/system/serial-getty@ttyS0.service.d/autologin.conf << EOF
[Service]
ExecStart=
ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM
EOF' >/dev/null 2>&1 || true
fi
msg_ok "Finalized image"
if [ "$DOCKER_PREINSTALLED" = "no" ]; then
DOCKER_INSTALL_TMP=$(mktemp)
cat >"$DOCKER_INSTALL_TMP" <<'DOCKEREOF'
#!/bin/bash
exec > /var/log/install-docker.log 2>&1
echo "[$(date)] Starting Docker installation"
for i in {1..30}; do
ping -c 1 8.8.8.8 >/dev/null 2>&1 && break
sleep 2
done
apt-get update
apt-get install -y qemu-guest-agent curl ca-certificates jq
curl -fsSL https://get.docker.com | sh
systemctl enable docker
systemctl start docker
touch /root/.docker-installed
echo "[$(date)] Docker installation completed"
DOCKEREOF
DOCKER_SVC_TMP=$(mktemp)
cat >"$DOCKER_SVC_TMP" <<'DOCKERSVCEOF'
[Unit]
Description=Install Docker on First Boot
After=network-online.target
Wants=network-online.target
ConditionPathExists=!/root/.docker-installed
[Service]
Type=oneshot
ExecStart=/root/install-docker.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
DOCKERSVCEOF
virt-customize -q -a "$WORK_FILE" \
--upload "${DOCKER_INSTALL_TMP}:/root/install-docker.sh" \
--upload "${DOCKER_SVC_TMP}:/etc/systemd/system/install-docker.service" \
--run-command "chmod +x /root/install-docker.sh" \
--run-command "systemctl enable install-docker.service" >/dev/null 2>&1 || true
rm -f "$DOCKER_INSTALL_TMP" "$DOCKER_SVC_TMP"
fi
msg_info "Resizing disk image to ${DISK_SIZE}"
qemu-img resize "$WORK_FILE" "${DISK_SIZE}" >/dev/null 2>&1
msg_ok "Resized disk image"
# ==============================================================================
# VM CREATION
# ==============================================================================
msg_info "Creating NetBird Server VM shell"
qm create $VMID -agent 1${MACHINE} -tablet 0 -localtime 1 -bios ovmf${CPU_TYPE} -cores $CORE_COUNT -memory $RAM_SIZE \
-name $HN -tags community-script -net0 virtio,bridge=$BRG,macaddr=$MAC$VLAN$MTU -onboot 1 -ostype l26 -scsihw virtio-scsi-pci >/dev/null
msg_ok "Created VM shell"
# ==============================================================================
# DISK IMPORT
# ==============================================================================
msg_info "Importing disk into storage ($STORAGE)"
if qm disk import --help >/dev/null 2>&1; then
IMPORT_CMD=(qm disk import)
else
IMPORT_CMD=(qm importdisk)
fi
IMPORT_OUT="$("${IMPORT_CMD[@]}" "$VMID" "$WORK_FILE" "$STORAGE" ${DISK_IMPORT:-} 2>&1 || true)"
DISK_REF_IMPORTED="$(printf '%s\n' "$IMPORT_OUT" | sed -n "s/.*successfully imported disk '\([^']\+\)'.*/\1/p" | tr -d "\r\"'")"
[[ -z "$DISK_REF_IMPORTED" ]] && DISK_REF_IMPORTED="$(pvesm list "$STORAGE" | awk -v id="$VMID" '$5 ~ ("vm-"id"-disk-") {print $1":"$5}' | sort | tail -n1)"
[[ -z "$DISK_REF_IMPORTED" ]] && {
msg_error "Unable to determine imported disk reference."
echo "$IMPORT_OUT"
exit 226
}
msg_ok "Imported disk (${CL}${BL}${DISK_REF_IMPORTED}${CL})"
rm -f "$WORK_FILE"
# ==============================================================================
# VM CONFIGURATION
# ==============================================================================
msg_info "Attaching EFI and root disk"
qm set "$VMID" \
--efidisk0 "${STORAGE}:0,efitype=4m" \
--scsi0 "${DISK_REF_IMPORTED},${DISK_CACHE}${THIN%,}" \
--boot order=scsi0 \
--serial0 socket >/dev/null
qm set $VMID --agent enabled=1 >/dev/null
msg_ok "Attached EFI and root disk"
set_description
if [ "$USE_CLOUD_INIT" = "yes" ]; then
msg_info "Configuring Cloud-Init"
setup_cloud_init "$VMID" "$STORAGE" "$HN" "yes"
msg_ok "Cloud-Init configured"
fi
# ==============================================================================
# START VM
# ==============================================================================
if [ "$START_VM" == "yes" ]; then
msg_info "Starting NetBird Server VM"
qm start $VMID >/dev/null 2>&1
msg_ok "Started NetBird Server VM"
fi
# ==============================================================================
# FINAL OUTPUT
# ==============================================================================
VM_IP=""
if [ "$START_VM" == "yes" ]; then
set +e
for i in {1..10}; do
VM_IP=$(qm guest cmd "$VMID" network-get-interfaces 2>/dev/null |
jq -r '.[] | select(.name != "lo") | ."ip-addresses"[]? | select(."ip-address-type" == "ipv4") | ."ip-address"' 2>/dev/null |
grep -v "^127\." | head -1) || true
[ -n "$VM_IP" ] && break
sleep 3
done
set -e
fi
echo -e "\n${INFO}${BOLD}${GN}NetBird Server VM Summary:${CL}"
echo -e "${TAB}${DGN}VM ID: ${BGN}${VMID}${CL}"
echo -e "${TAB}${DGN}Hostname: ${BGN}${HN}${CL}"
echo -e "${TAB}${DGN}OS: ${BGN}${OS_DISPLAY}${CL}"
[ -n "$VM_IP" ] && echo -e "${TAB}${DGN}IP Address: ${BGN}${VM_IP}${CL}"
if [ "$DOCKER_PREINSTALLED" = "yes" ]; then
echo -e "${TAB}${DGN}Docker: ${BGN}Pre-installed${CL}"
else
echo -e "${TAB}${DGN}Docker: ${BGN}Installing on first boot — check: ${BL}journalctl -u netbird-setup${CL}"
fi
echo -e ""
echo -e "${INFO}${BOLD}${GN}NetBird is being configured automatically on first boot!${CL}"
echo -e "${TAB}${DGN}Domain: ${BGN}https://${NETBIRD_DOMAIN_INPUT}${CL}"
echo -e "${TAB}${DGN}Setup log: ${BGN}journalctl -u netbird-setup -f${CL}"
echo -e "${TAB}${DGN}Required open ports: ${BGN}80/tcp, 443/tcp, 3478/udp${CL}"
if [ "$USE_CLOUD_INIT" = "yes" ]; then
display_cloud_init_info "$VMID" "$HN" 2>/dev/null || true
fi
post_update_to_api "done" "none"
msg_ok "Completed successfully!\n"
Reference in New Issue View Git Blame Copy Permalink