ソースを参照

Add 'startup.sh'

Toastie 1 年間 前
コミット
70e3c19cc2
1 ファイル変更33 行追加0 行削除
  1. 33 0
      startup.sh

+ 33 - 0
startup.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# 1. Open LUKS devices and sets up a mapping under /dev/mapper/
+cryptsetup luksOpen /dev/sda guests
+cryptsetup luksOpen /dev/sdb magnetic
+echo "Device mappings:" `find /dev/mapper/ -type l`
+
+# 2. Mount LUKS volumes
+mount --verbose /dev/mapper/guests    /srv/guests
+mount --verbose /dev/mapper/magnetic  /srv/magnetic
+
+# 3. Create a bind-mounts so we are not on the unecryped root volume
+mount --verbose --bind /srv/guests/lib/docker   /var/lib/docker
+mount --verbose --bind /srv/guests/docker       /opt/docker
+mount --verbose --bind /srv/guests/lib/libvirt  /var/lib/libvirt
+mount --verbose --bind /srv/guests/etc/libvirt  /etc/libvirt
+
+# 4. Start docker and libvird 
+# Those services should have been disabled
+# systemctl disable docker libvirtd libvirt-guests
+systemctl start docker &
+sleep 2 && systemctl status --no-pager docker
+systemctl start libvirtd &
+sleep 2 && systemctl status --no-pager libvirtd
+systemctl start libvirt-guests &
+sleep 2 && systemctl status --no-pager libvirt-guests 
+
+# 4. Fix forward chain which was set to default deny by docker
+# so our KVM containers on br0 have access to the network
+iptables -v -A FORWARD -i br0 -o br0 -j ACCEPT
+
+# Start docker containers
+# docker-compose --file /opt/docker/proxy/docker-compose.yml up --detach reverse-proxy