#!/bin/bash ############################################################################### # Module 03 - CT Dockhand # - Crée un CT Debian 12 # - Installe Docker # - Déploie Dockhand ############################################################################### set -euo pipefail log() { echo -e "\033[0;34m[$(date +%H:%M:%S)]\033[0m $*"; } ok() { echo -e "\033[0;32m[OK]\033[0m $*"; } err() { echo -e "\033[0;31m[ERROR]\033[0m $*"; } CT_ID="${CT_DOCKHAND_ID}" CT_HOSTNAME="dockhand-${CLIENT_NAME,,}-${SITE_NAME,,}" CT_HOSTNAME=$(echo "$CT_HOSTNAME" | tr -cs 'a-z0-9-' '-' | sed 's/^-//;s/-$//') TEMPLATE_PATH=$(cat /tmp/ng-debian-template-path) # ---------------------------------------------------------------------------- # Création du CT # ---------------------------------------------------------------------------- log "Création du CT ${CT_ID} (Dockhand)..." pct create "$CT_ID" "$TEMPLATE_PATH" \ --hostname "$CT_HOSTNAME" \ --cores "$CT_DOCKHAND_CORES" \ --memory "$CT_DOCKHAND_RAM" \ --swap 512 \ --rootfs "${STORAGE}:${CT_DOCKHAND_DISK}" \ --net0 "name=eth0,bridge=vmbr0,ip=${DOCKHAND_IP}/24,gw=${GATEWAY}" \ --nameserver "1.1.1.1 8.8.8.8" \ --password "$ROOT_PASS" \ --features "nesting=1,keyctl=1" \ --onboot 1 \ --start 0 \ --unprivileged 0 \ --description "Dockhand - ${CLIENT_NAME} / ${SITE_NAME}" ok "CT ${CT_ID} créé" # ---------------------------------------------------------------------------- # Configuration pour Docker dans LXC # ---------------------------------------------------------------------------- log "Configuration LXC pour Docker..." cat >> "/etc/pve/lxc/${CT_ID}.conf" </dev/null 2>&1; then ok "CT démarré et connecté" break fi if [[ $i -eq 30 ]]; then err "Le CT ne répond pas après 60s" exit 1 fi sleep 2 done # ---------------------------------------------------------------------------- # Mise à jour et prérequis # ---------------------------------------------------------------------------- log "Mise à jour APT dans le CT..." pct exec "$CT_ID" -- bash -c "apt-get update -qq && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y -qq" >/dev/null log "Installation des prérequis..." pct exec "$CT_ID" -- bash -c "apt-get install -y -qq \ ca-certificates curl gnupg lsb-release" >/dev/null # ---------------------------------------------------------------------------- # Installation de Docker # ---------------------------------------------------------------------------- log "Installation de Docker (depuis le repo officiel Docker)..." pct exec "$CT_ID" -- bash <<'DOCKER_INSTALL' set -e # Ajout du GPG key Docker install -m 0755 -d /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc chmod a+r /etc/apt/keyrings/docker.asc # Ajout du repo echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ tee /etc/apt/sources.list.d/docker.list > /dev/null apt-get update -qq # Installation DEBIAN_FRONTEND=noninteractive apt-get install -y -qq \ docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin # Activation systemctl enable --now docker DOCKER_INSTALL ok "Docker installé et démarré" # Vérification Docker if ! pct exec "$CT_ID" -- docker run --rm hello-world >/dev/null 2>&1; then err "Docker ne fonctionne pas correctement dans le CT" err "Test : pct exec ${CT_ID} -- docker run hello-world" exit 1 fi ok "Docker fonctionne correctement" # ---------------------------------------------------------------------------- # Déploiement de Dockhand # ---------------------------------------------------------------------------- log "Déploiement du container Dockhand..." pct exec "$CT_ID" -- bash <<'DOCKHAND_DEPLOY' set -e docker run -d \ --name dockhand \ --restart unless-stopped \ -p 3000:3000 \ -v /var/run/docker.sock:/var/run/docker.sock \ -v dockhand_data:/app/data \ fnsys/dockhand:latest DOCKHAND_DEPLOY ok "Dockhand déployé" # Vérification sleep 5 if pct exec "$CT_ID" -- docker ps | grep -q dockhand; then ok "Container Dockhand opérationnel" log "Accès web : http://${DOCKHAND_IP}:3000 (créer le compte admin au premier login)" else err "Le container Dockhand ne semble pas tourner" pct exec "$CT_ID" -- docker logs dockhand | tail -20 fi ok "Module 03 (CT Dockhand) terminé"