diff --git a/src/config.sh b/src/config.sh index 217f1780..0a262151 100644 --- a/src/config.sh +++ b/src/config.sh @@ -12,23 +12,23 @@ else [ -e /dev/kvm ] && KVM_ERR="(no write access)" || KVM_ERR="(device file missing)" fi -if [ -n "${KVM_ERR}" ]; then +if [ -n "$KVM_ERR" ]; then if [ "$ARCH" == "amd64" ]; then - error "KVM acceleration not detected ${KVM_ERR}, see the FAQ about this." - [[ "${DEBUG}" != [Yy1]* ]] && exit 88 + error "KVM acceleration not detected $KVM_ERR, see the FAQ about this." + [[ "$DEBUG" != [Yy1]* ]] && exit 88 fi else KVM_OPTS=",accel=kvm -enable-kvm -cpu host" fi DEF_OPTS="-nodefaults" -RAM_OPTS=$(echo "-m ${RAM_SIZE}" | sed 's/MB/M/g;s/GB/G/g;s/TB/T/g') -CPU_OPTS="-smp ${CPU_CORES},sockets=1,dies=1,cores=${CPU_CORES},threads=1" +RAM_OPTS=$(echo "-m $RAM_SIZE" | sed 's/MB/M/g;s/GB/G/g;s/TB/T/g') +CPU_OPTS="-smp $CPU_CORES,sockets=1,dies=1,cores=$CPU_CORES,threads=1" MAC_OPTS="-machine type=q35,usb=off,dump-guest-core=off,hpet=off${KVM_OPTS}" SERIAL_OPTS="-serial mon:stdio -device virtio-serial-pci,id=virtio-serial0,bus=pcie.0,addr=0x3" EXTRA_OPTS="-device virtio-balloon-pci,id=balloon0 -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0" -ARGS="${DEF_OPTS} ${CPU_OPTS} ${RAM_OPTS} ${MAC_OPTS} ${SERIAL_OPTS} ${NET_OPTS} ${DISK_OPTS} ${DISPLAY_OPTS} ${EXTRA_OPTS} ${ARGUMENTS}" +ARGS="$DEF_OPTS $CPU_OPTS $RAM_OPTS $MAC_OPTS $SERIAL_OPTS $NET_OPTS $DISK_OPTS $DISPLAY_OPTS $EXTRA_OPTS $ARGUMENTS" ARGS=$(echo "$ARGS" | sed 's/\t/ /g' | tr -s ' ') return 0 diff --git a/src/entry.sh b/src/entry.sh index 35eea178..bdfa177f 100755 --- a/src/entry.sh +++ b/src/entry.sh @@ -14,8 +14,8 @@ cd /run . config.sh # Configure arguments trap - ERR -info "Booting image using ${VERS}..." +info "Booting image using $VERS..." -[[ "${DEBUG}" == [Yy1]* ]] && set -x +[[ "$DEBUG" == [Yy1]* ]] && set -x exec qemu-system-x86_64 ${ARGS:+ $ARGS} { set +x; } 2>/dev/null diff --git a/src/install.sh b/src/install.sh index 3230248c..e7eeec8c 100644 --- a/src/install.sh +++ b/src/install.sh @@ -7,7 +7,7 @@ FILE="$STORAGE/boot.img" TMP="/boot.img" rm -f "$TMP" -info "Downloading ${BOOT} as boot image..." +info "Downloading $BOOT as boot image..." # Check if running with interactive TTY or redirected to docker log if [ -t 1 ]; then @@ -16,12 +16,12 @@ else PROGRESS="--progress=dot:giga" fi -[[ "${DEBUG}" == [Yy1]* ]] && set -x +[[ "$DEBUG" == [Yy1]* ]] && set -x { wget "$BOOT" -O "$TMP" -q --no-check-certificate --show-progress "$PROGRESS"; rc=$?; } || : -(( rc != 0 )) && error "Failed to download ${BOOT}, reason: $rc" && exit 60 -[ ! -f "$TMP" ] && error "Failed to download ${BOOT}" && exit 61 +(( rc != 0 )) && error "Failed to download $BOOT, reason: $rc" && exit 60 +[ ! -f "$TMP" ] && error "Failed to download $BOOT" && exit 61 SIZE=$(stat -c%s "$TMP") @@ -32,6 +32,6 @@ fi mv -f "$TMP" "$FILE" { set +x; } 2>/dev/null -[[ "${DEBUG}" == [Yy1]* ]] && echo +[[ "$DEBUG" == [Yy1]* ]] && echo return 0 diff --git a/src/network.sh b/src/network.sh index fb276ced..418b4d70 100644 --- a/src/network.sh +++ b/src/network.sh @@ -25,37 +25,37 @@ configureDHCP() { # Create a macvtap network for the VM guest - { ip link add link "${VM_NET_DEV}" name "${VM_NET_TAP}" address "${VM_NET_MAC}" type macvtap mode bridge ; rc=$?; } || : + { ip link add link "$VM_NET_DEV" name "$VM_NET_TAP" address "$VM_NET_MAC" type macvtap mode bridge ; rc=$?; } || : if (( rc != 0 )); then error "Cannot create macvtap interface. Please make sure the network type is 'macvlan' and not 'ipvlan'," error "and that the NET_ADMIN capability has been added to the container config: --cap-add NET_ADMIN" && exit 16 fi - while ! ip link set "${VM_NET_TAP}" up; do + while ! ip link set "$VM_NET_TAP" up; do info "Waiting for address to become available..." sleep 2 done - TAP_NR=$(>"$TAP_PATH"; rc=$?; } 2>/dev/null || : if (( rc != 0 )); then error "Cannot create TAP interface ($rc). Please add the following docker settings to your " - error "container: --device-cgroup-rule='c ${MAJOR}:* rwm' --device=/dev/vhost-net" && exit 21 + error "container: --device-cgroup-rule='c $MAJOR:* rwm' --device=/dev/vhost-net" && exit 21 fi { exec 40>>/dev/vhost-net; rc=$?; } 2>/dev/null || : @@ -76,17 +76,17 @@ configureDNS () { DNSMASQ_OPTS="$DNSMASQ_OPTS --dhcp-range=$VM_NET_IP,$VM_NET_IP --dhcp-host=$VM_NET_MAC,,$VM_NET_IP,$VM_NET_HOST,infinite --dhcp-option=option:netmask,255.255.255.0" # Create lease file for faster resolve - echo "0 $VM_NET_MAC $VM_NET_IP $VM_NET_HOST 01:${VM_NET_MAC}" > /var/lib/misc/dnsmasq.leases + echo "0 $VM_NET_MAC $VM_NET_IP $VM_NET_HOST 01:$VM_NET_MAC" > /var/lib/misc/dnsmasq.leases chmod 644 /var/lib/misc/dnsmasq.leases # Set DNS server and gateway DNSMASQ_OPTS="$DNSMASQ_OPTS --dhcp-option=option:dns-server,${VM_NET_IP%.*}.1 --dhcp-option=option:router,${VM_NET_IP%.*}.1" DNSMASQ_OPTS=$(echo "$DNSMASQ_OPTS" | sed 's/\t/ /g' | tr -s ' ' | sed 's/^ *//') - [[ "${DEBUG}" == [Yy1]* ]] && set -x + [[ "$DEBUG" == [Yy1]* ]] && set -x $DNSMASQ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} { set +x; } 2>/dev/null - [[ "${DEBUG}" == [Yy1]* ]] && echo + [[ "$DEBUG" == [Yy1]* ]] && echo return 0 } @@ -96,7 +96,7 @@ configureNAT () { # Create a bridge with a static IP for the VM guest VM_NET_IP='20.20.20.21' - [[ "${DEBUG}" == [Yy1]* ]] && set -x + [[ "$DEBUG" == [Yy1]* ]] && set -x { ip link add dev dockerbridge type bridge ; rc=$?; } || : @@ -113,29 +113,29 @@ configureNAT () { done # QEMU Works with taps, set tap to the bridge created - ip tuntap add dev "${VM_NET_TAP}" mode tap + ip tuntap add dev "$VM_NET_TAP" mode tap - while ! ip link set "${VM_NET_TAP}" up promisc on; do + while ! ip link set "$VM_NET_TAP" up promisc on; do info "Waiting for tap to become available..." sleep 2 done - ip link set dev "${VM_NET_TAP}" master dockerbridge + ip link set dev "$VM_NET_TAP" master dockerbridge - if [[ -z "${CONTROL_PORTS}" ]] && [[ "${DISPLAY,,}" == "vnc" ]]; then - CONTROL_PORTS='5900' + if [[ -z "$CONTROL_PORTS" ]] && [[ "${DISPLAY,,}" == "vnc" ]]; then + CONTROL_PORTS="5900" fi - CONTROL_PORT_ARGS='' + CONTROL_PORT_ARGS="" for PORT in $CONTROL_PORTS ; do CONTROL_PORT_ARGS="$CONTROL_PORT_ARGS ! --dport $PORT" done # Add internet connection to the VM - iptables -t nat -A POSTROUTING -o "${VM_NET_DEV}" -j MASQUERADE + iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE # shellcheck disable=SC2086 - iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -d "${IP}" -p tcp $CONTROL_PORT_ARGS -j DNAT --to $VM_NET_IP - iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -d "${IP}" -p udp -j DNAT --to $VM_NET_IP + iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp $CONTROL_PORT_ARGS -j DNAT --to "$VM_NET_IP" + iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp -j DNAT --to "$VM_NET_IP" if (( KERNEL > 4 )); then # Hack for guest VMs complaining about "bad udp checksums in 5 packets" @@ -143,7 +143,7 @@ configureNAT () { fi { set +x; } 2>/dev/null - [[ "${DEBUG}" == [Yy1]* ]] && echo + [[ "$DEBUG" == [Yy1]* ]] && echo # Check port forwarding flag if [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then @@ -153,7 +153,7 @@ configureNAT () { fi fi - NET_OPTS="-netdev tap,ifname=${VM_NET_TAP},script=no,downscript=no,id=hostnet0" + NET_OPTS="-netdev tap,ifname=$VM_NET_TAP,script=no,downscript=no,id=hostnet0" { exec 40>>/dev/vhost-net; rc=$?; } 2>/dev/null || : (( rc == 0 )) && NET_OPTS="$NET_OPTS,vhost=on,vhostfd=40" @@ -165,15 +165,15 @@ configureNAT () { closeNetwork () { - if [[ "${DHCP}" == [Yy1]* ]]; then + if [[ "$DHCP" == [Yy1]* ]]; then - ip link set "${VM_NET_TAP}" down || true - ip link delete "${VM_NET_TAP}" || true + ip link set "$VM_NET_TAP" down || true + ip link delete "$VM_NET_TAP" || true else - ip link set "${VM_NET_TAP}" down promisc off || true - ip link delete "${VM_NET_TAP}" || true + ip link set "$VM_NET_TAP" down promisc off || true + ip link delete "$VM_NET_TAP" || true ip link set dockerbridge down || true ip link delete dockerbridge || true @@ -205,16 +205,16 @@ update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null VM_NET_MAC="${VM_NET_MAC//-/:}" GATEWAY=$(ip r | grep default | awk '{print $3}') -IP=$(ip address show dev "${VM_NET_DEV}" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) +IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) -if [[ "${DEBUG}" == [Yy1]* ]]; then - info "Container IP is ${IP} with gateway ${GATEWAY}" && echo +if [[ "$DEBUG" == [Yy1]* ]]; then + info "Container IP is $IP with gateway $GATEWAY" && echo fi -if [[ "${DHCP}" == [Yy1]* ]]; then +if [[ "$DHCP" == [Yy1]* ]]; then if [[ "$GATEWAY" == "172."* ]]; then - if [[ "${DEBUG}" == [Yy1]* ]]; then + if [[ "$DEBUG" == [Yy1]* ]]; then info "Warning: Are you sure the container is on a macvlan network?" else error "You can only enable DHCP while the container is on a macvlan network!" && exit 86 @@ -231,6 +231,6 @@ else fi -NET_OPTS="${NET_OPTS} -device virtio-net-pci,romfile=,netdev=hostnet0,mac=${VM_NET_MAC},id=net0" +NET_OPTS="$NET_OPTS -device virtio-net-pci,romfile=,netdev=hostnet0,mac=$VM_NET_MAC,id=net0" return 0 diff --git a/src/reset.sh b/src/reset.sh index 63548aec..6d49c7c3 100644 --- a/src/reset.sh +++ b/src/reset.sh @@ -4,7 +4,7 @@ set -Eeuo pipefail info () { printf "%b%s%b" "\E[1;34m❯ \E[1;36m" "$1" "\E[0m\n"; } error () { printf "%b%s%b" "\E[1;31m❯ " "ERROR: $1" "\E[0m\n" >&2; } -trap 'error "Status $? while: ${BASH_COMMAND} (line $LINENO/$BASH_LINENO)"' ERR +trap 'error "Status $? while: $BASH_COMMAND (line $LINENO/$BASH_LINENO)"' ERR [ ! -f "/run/entry.sh" ] && error "Script must run inside Docker container!" && exit 11 [ "$(id -u)" -ne "0" ] && error "Script must be executed with root privileges." && exit 12 @@ -29,6 +29,6 @@ VERS=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1) # Check folder STORAGE="/storage" -[ ! -d "$STORAGE" ] && error "Storage folder (${STORAGE}) not found!" && exit 13 +[ ! -d "$STORAGE" ] && error "Storage folder ($STORAGE) not found!" && exit 13 return 0