abcdabcd987/del_user.sh

## del_user.sh
#!/bin/bash
# save as /root/del_user.sh

USERNAME=$1
if [[ -z "$USERNAME" ]]; then
    echo "Please give me a username"
    exit 1
fi

echo "This script will"
echo "1. Change the shell of $USERNAME to /bin/bash"
echo "2. Stop lxc container $USERNAME"
echo "3. rm /public/ports/$USERNAME"
echo "4. sed -i '/$USERNAME /d' /etc/lxc/lxc-usernet"
echo "5. userdel -f -r $USERNAME"
echo ""
read -p "Are you sure (y/n)? " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
    chsh -s /bin/bash $USERNAME
    su - $USERNAME -c "lxc-stop -n $USERNAME"
    rm /public/ports/$USERNAME
    sed -i '/$USERNAME /d' /etc/lxc/lxc-usernet
    userdel -f -r $USERNAME
    echo "Done!"
else
    echo "Canceled"
    exit 1
fi

## login.bash
#!/bin/bash
# save as /public/login.bash
# chmod a+x /public/login.bash

IP=$(ifconfig em1 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*')
PORT=$(cat /public/ports/$USER)
INFO=$(lxc-info -n $USER)

function print_help {
    echo "========== Tips:"
    printf "Start your container: \e[96;1mssh $USER@$IP\e[0m\n"
    printf "Login your container: \e[96;1mssh $USER@$IP -p$PORT\e[0m\n"
    printf "Change password: \e[96;1mssh -t $USER@$IP passwd\e[0m\n"
    printf "Manually stop your container: \e[96;1mssh $USER@$IP stop\e[0m\n"
    printf "Use \e[96;1mscp\e[0m or \e[96;1mSFTP\e[0m to transfer data to your container\n"
    printf "SSD mounted at \e[96;1m/SSD\e[0m\n"
    printf "NAS mounted at \e[96;1m/NAS\e[0m\n"
    printf "See GPU load: \e[96;1mnvidia-smi\e[0m\n"
    printf "More detailed guide: \e[96;1;4mhttp://apex.sjtu.edu.cn/guides/50\e[0m\n"
}

function do_stop {
    echo "========== Stopping your container..."
    LXCIP=$(lxc-info -n $USER | grep 'IP:' | grep -Eo '[0-9].+')
    sudo iptables -t nat -D PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $LXCIP:22
    sudo iptables -t nat -D POSTROUTING -p tcp -d $LXCIP --dport 22 -j MASQUERADE
    lxc-stop -n $USER
    lxc-info -n $USER
}

function do_passwd {
    echo "$INFO" | grep RUNNING > /dev/null 2>&1
    if [ $? -ne 0 ]; then
        echo "========== It seems that your container is not running"
        echo "========== Please start your container first"
        exit 1
    fi
    echo "========== Changing password in the host..."
    passwd $USER
    echo "========== Changing password in your container..."
    lxc-attach -n $USER -- passwd $USER
}

function do_start {
    echo "$INFO" | grep RUNNING > /dev/null 2>&1
    if [ $? -ne 0 ]; then
        echo "========== It seems that your container is not running"
        echo "========== Starting your container..."
        lxc-start -n $USER -d
        if [ $? -ne 0 ]; then
           echo "========== Fail. Please contact administrators"
           exit 1
        fi
        sleep 2
        LXCIP=$(lxc-info -n $USER | grep 'IP:' | grep -Eo '[0-9].+')
        if [[ -z "$LXCIP" ]]; then
            lxc-stop -n $USER
            echo "Failed to get your container IP."
            echo "If this problem cannot be solved by retrying, please contact administrators."
            exit 1
        fi
        sudo iptables -t nat -A PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $LXCIP:22
        sudo iptables -t nat -A POSTROUTING -p tcp -d $LXCIP --dport 22 -j MASQUERADE
        lxc-info -n $USER
    fi
    print_help
}


printf "========== Hi, \e[96;1m$USER\e[0m\n"
echo "========== Welcome to APEX GPU Server (IP: $IP)"

if [[ -z "$PORT" ]]; then
    echo "Failed to get your allocated port."
    echo "If this problem cannot be solved by retrying, please contact administrators."
    exit 1
fi

echo "========== Your LXC Container Information:"
echo "$INFO"

if   [ "$2" == "stop" ];   then do_stop
elif [ "$2" == "passwd" ]; then do_passwd
elif [ "$2" == "help" ];   then print_help
elif [[ -z "$2" ]];        then do_start
else
    echo "========== Unknown command"
    print_help
    exit 1
fi
echo "========== Have a good day :-)"

## new_lxc.sh
#!/bin/bash
# save as /root/new_lxc.sh

### add user
USERNAME=$1
if [[ -z "$USERNAME" ]]; then
    echo "Please give me a username"
    exit 1
fi
printf "Allocating LXC Container for \e[96;1m$USERNAME\e[0m...\n"

# create user
echo "Creating user..."
useradd -m -G sudo -p WjBvLfnOeZocg $USERNAME # temporary password is 123456

# grant lxc virtual network permission
echo "Granting LXC virtual network permission..."
echo $USERNAME veth lxcbr0 10 >> /etc/lxc/lxc-usernet

# clone and config the container
echo "Cloning the container..."
SUBUID=$(cat /etc/subuid | grep "$USERNAME:" | awk -F : '{print $2 " " $3}')
SUBGID=$(cat /etc/subgid | grep "$USERNAME:" | awk -F : '{print $2 " " $3}')
LXCROOT=/home/$USERNAME/.local/share/lxc/$USERNAME
MACADDR=$(tr -dc A-F0-9 < /dev/urandom | head -c 6 | sed -r 's/(..)/\1:/g;s/:$//;s/^/00:16:3e:/')
mkdir -p /home/$USERNAME/.local/share/lxc
cp -r /root/lxc-public-images/template $LXCROOT
cat >> $LXCROOT/config <<-EOM
lxc.network.hwaddr = $MACADDR

lxc.id_map = u 0 $SUBUID
lxc.id_map = g 0 $SUBGID
lxc.rootfs = $LXCROOT/rootfs
lxc.utsname = $USERNAME
EOM
HOSTNAME=$(hostname)
echo $HOSTNAME-$USERNAME > $LXCROOT/rootfs/etc/hostname
sed -i "s/template/$HOSTNAME-$USERNAME/g" $LXCROOT/rootfs/etc/hosts
LXCUID=$(cat /etc/subuid | grep "$USERNAME:" | awk -F : '{print $2}')
LXCGID=$(cat /etc/subgid | grep "$USERNAME:" | awk -F : '{print $2}')

# fix filesystem permission
echo "Fixing filesystem permission..."
chown $USERNAME:$USERNAME /home/$USERNAME/.local
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc/$USERNAME
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc/$USERNAME/config
chown -R $LXCUID:$LXCGID $LXCROOT/rootfs
chmod a+x /home/$USERNAME/.local
chmod a+x /home/$USERNAME/.local/share
chmod a+x /home/$USERNAME/.local/share/lxc
chmod a+x /home/$USERNAME/.local/share/lxc/$USERNAME

# adduser in the container
echo "Adding user in the container..."
sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-start -n $USERNAME -d
sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-attach -n $USERNAME -- useradd -m -G sudo -s /bin/bash -p WjBvLfnOeZocg $USERNAME
sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-stop -n $USERNAME

# set up password in the container
echo "Setting password in the container:"
chroot $LXCROOT/rootfs passwd $USERNAME

# fix filesystem permission
echo "Fixing filesystem permission..."
chmod -f u+s $LXCROOT/rootfs/bin/{mount,ping,ping6,su,umount}
chmod -f u+s $LXCROOT/rootfs/usr/bin/{chfn,chsh,gpasswd,newgrp,nvidia-modprobe,passwd,sudo}
chmod -f g+s $LXCROOT/rootfs/usr/bin/{chage,crontab,dotlockfile,expiry,mail-lock,mail-touchlock,mail-unlock,ssh-agent,wall}
chmod -f u+s $LXCROOT/rootfs/usr/sbin/*
chmod -f 7777 $LXCROOT/rootfs/tmp

# allocate ssh port
printf "Allocating ssh port: "
PORTFILE=/public/next-port
PORT=$(cat $PORTFILE)
echo $PORT > /public/ports/$USERNAME
echo $(( $PORT+1 )) > $PORTFILE
printf "\e[96;1m$PORT\e[0m\n"

# change password
echo "Setting password in the host:"
passwd $USERNAME

# finish
usermod -s /public/login.bash $USERNAME
echo "Done!"
printf "Have a try: \e[96;1mssh $USERNAME@localhost\e[0m\n"

## start_nvidia.sh
#!/bin/bash
# save as /root/start_nvidia.sh
# run this script at /etc/rc.local
# see: http://askubuntu.com/questions/590319/how-do-i-enable-automatically-nvidia-uvm

/sbin/modprobe nvidia

if [ "$?" -eq 0 ]; then
  # Count the number of NVIDIA controllers found.
  NVDEVS=`lspci | grep -i NVIDIA`
  N3D=`echo "$NVDEVS" | grep "3D controller" | wc -l`
  NVGA=`echo "$NVDEVS" | grep "VGA compatible controller" | wc -l`

  N=`expr $N3D + $NVGA - 1`
  for i in `seq 0 $N`; do
    mknod -m 666 /dev/nvidia$i c 195 $i
  done

  mknod -m 666 /dev/nvidiactl c 195 255

else
  exit 1
fi

/sbin/modprobe nvidia-uvm

if [ "$?" -eq 0 ]; then
  # Find out the major device number used by the nvidia-uvm driver
  D=`grep nvidia-uvm /proc/devices | awk '{print $1}'`

  mknod -m 666 /dev/nvidia-uvm c $D 0
else
  exit 1
fi
	#!/bin/bash
	# save as /root/del_user.sh

	USERNAME=$1
	if [[ -z "$USERNAME" ]]; then
	echo "Please give me a username"
	exit 1
	fi

	echo "This script will"
	echo "1. Change the shell of $USERNAME to /bin/bash"
	echo "2. Stop lxc container $USERNAME"
	echo "3. rm /public/ports/$USERNAME"
	echo "4. sed -i '/$USERNAME /d' /etc/lxc/lxc-usernet"
	echo "5. userdel -f -r $USERNAME"
	echo ""
	read -p "Are you sure (y/n)? " -n 1 -r
	echo
	if [[ $REPLY =~ ^[Yy]$ ]]; then
	chsh -s /bin/bash $USERNAME
	su - $USERNAME -c "lxc-stop -n $USERNAME"
	rm /public/ports/$USERNAME
	sed -i '/$USERNAME /d' /etc/lxc/lxc-usernet
	userdel -f -r $USERNAME
	echo "Done!"
	else
	echo "Canceled"
	exit 1
	fi
	#!/bin/bash
	# save as /public/login.bash
	# chmod a+x /public/login.bash

	IP=$(ifconfig em1 \| grep -Eo 'inet (addr:)?([0-9]\.){3}[0-9]' \| grep -Eo '([0-9]\.){3}[0-9]')
	PORT=$(cat /public/ports/$USER)
	INFO=$(lxc-info -n $USER)

	function print_help {
	echo "========== Tips:"
	printf "Start your container: \e[96;1mssh $USER@$IP\e[0m\n"
	printf "Login your container: \e[96;1mssh $USER@$IP -p$PORT\e[0m\n"
	printf "Change password: \e[96;1mssh -t $USER@$IP passwd\e[0m\n"
	printf "Manually stop your container: \e[96;1mssh $USER@$IP stop\e[0m\n"
	printf "Use \e[96;1mscp\e[0m or \e[96;1mSFTP\e[0m to transfer data to your container\n"
	printf "SSD mounted at \e[96;1m/SSD\e[0m\n"
	printf "NAS mounted at \e[96;1m/NAS\e[0m\n"
	printf "See GPU load: \e[96;1mnvidia-smi\e[0m\n"
	printf "More detailed guide: \e[96;1;4mhttp://apex.sjtu.edu.cn/guides/50\e[0m\n"
	}

	function do_stop {
	echo "========== Stopping your container..."
	LXCIP=$(lxc-info -n $USER \| grep 'IP:' \| grep -Eo '[0-9].+')
	sudo iptables -t nat -D PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $LXCIP:22
	sudo iptables -t nat -D POSTROUTING -p tcp -d $LXCIP --dport 22 -j MASQUERADE
	lxc-stop -n $USER
	lxc-info -n $USER
	}

	function do_passwd {
	echo "$INFO" \| grep RUNNING > /dev/null 2>&1
	if [ $? -ne 0 ]; then
	echo "========== It seems that your container is not running"
	echo "========== Please start your container first"
	exit 1
	fi
	echo "========== Changing password in the host..."
	passwd $USER
	echo "========== Changing password in your container..."
	lxc-attach -n $USER -- passwd $USER
	}

	function do_start {
	echo "$INFO" \| grep RUNNING > /dev/null 2>&1
	if [ $? -ne 0 ]; then
	echo "========== It seems that your container is not running"
	echo "========== Starting your container..."
	lxc-start -n $USER -d
	if [ $? -ne 0 ]; then
	echo "========== Fail. Please contact administrators"
	exit 1
	fi
	sleep 2
	LXCIP=$(lxc-info -n $USER \| grep 'IP:' \| grep -Eo '[0-9].+')
	if [[ -z "$LXCIP" ]]; then
	lxc-stop -n $USER
	echo "Failed to get your container IP."
	echo "If this problem cannot be solved by retrying, please contact administrators."
	exit 1
	fi
	sudo iptables -t nat -A PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $LXCIP:22
	sudo iptables -t nat -A POSTROUTING -p tcp -d $LXCIP --dport 22 -j MASQUERADE
	lxc-info -n $USER
	fi
	print_help
	}


	printf "========== Hi, \e[96;1m$USER\e[0m\n"
	echo "========== Welcome to APEX GPU Server (IP: $IP)"

	if [[ -z "$PORT" ]]; then
	echo "Failed to get your allocated port."
	echo "If this problem cannot be solved by retrying, please contact administrators."
	exit 1
	fi

	echo "========== Your LXC Container Information:"
	echo "$INFO"

	if [ "$2" == "stop" ]; then do_stop
	elif [ "$2" == "passwd" ]; then do_passwd
	elif [ "$2" == "help" ]; then print_help
	elif [[ -z "$2" ]]; then do_start
	else
	echo "========== Unknown command"
	print_help
	exit 1
	fi
	echo "========== Have a good day :-)"
	#!/bin/bash
	# save as /root/new_lxc.sh

	### add user
	USERNAME=$1
	if [[ -z "$USERNAME" ]]; then
	echo "Please give me a username"
	exit 1
	fi
	printf "Allocating LXC Container for \e[96;1m$USERNAME\e[0m...\n"

	# create user
	echo "Creating user..."
	useradd -m -G sudo -p WjBvLfnOeZocg $USERNAME # temporary password is 123456

	# grant lxc virtual network permission
	echo "Granting LXC virtual network permission..."
	echo $USERNAME veth lxcbr0 10 >> /etc/lxc/lxc-usernet

	# clone and config the container
	echo "Cloning the container..."
	SUBUID=$(cat /etc/subuid \| grep "$USERNAME:" \| awk -F : '{print $2 " " $3}')
	SUBGID=$(cat /etc/subgid \| grep "$USERNAME:" \| awk -F : '{print $2 " " $3}')
	LXCROOT=/home/$USERNAME/.local/share/lxc/$USERNAME
	MACADDR=$(tr -dc A-F0-9 < /dev/urandom \| head -c 6 \| sed -r 's/(..)/\1:/g;s/:$//;s/^/00:16:3e:/')
	mkdir -p /home/$USERNAME/.local/share/lxc
	cp -r /root/lxc-public-images/template $LXCROOT
	cat >> $LXCROOT/config <<-EOM
	lxc.network.hwaddr = $MACADDR

	lxc.id_map = u 0 $SUBUID
	lxc.id_map = g 0 $SUBGID
	lxc.rootfs = $LXCROOT/rootfs
	lxc.utsname = $USERNAME
	EOM
	HOSTNAME=$(hostname)
	echo $HOSTNAME-$USERNAME > $LXCROOT/rootfs/etc/hostname
	sed -i "s/template/$HOSTNAME-$USERNAME/g" $LXCROOT/rootfs/etc/hosts
	LXCUID=$(cat /etc/subuid \| grep "$USERNAME:" \| awk -F : '{print $2}')
	LXCGID=$(cat /etc/subgid \| grep "$USERNAME:" \| awk -F : '{print $2}')

	# fix filesystem permission
	echo "Fixing filesystem permission..."
	chown $USERNAME:$USERNAME /home/$USERNAME/.local
	chown $USERNAME:$USERNAME /home/$USERNAME/.local/share
	chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc
	chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc/$USERNAME
	chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc/$USERNAME/config
	chown -R $LXCUID:$LXCGID $LXCROOT/rootfs
	chmod a+x /home/$USERNAME/.local
	chmod a+x /home/$USERNAME/.local/share
	chmod a+x /home/$USERNAME/.local/share/lxc
	chmod a+x /home/$USERNAME/.local/share/lxc/$USERNAME

	# adduser in the container
	echo "Adding user in the container..."
	sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-start -n $USERNAME -d
	sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-attach -n $USERNAME -- useradd -m -G sudo -s /bin/bash -p WjBvLfnOeZocg $USERNAME
	sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-stop -n $USERNAME

	# set up password in the container
	echo "Setting password in the container:"
	chroot $LXCROOT/rootfs passwd $USERNAME

	# fix filesystem permission
	echo "Fixing filesystem permission..."
	chmod -f u+s $LXCROOT/rootfs/bin/{mount,ping,ping6,su,umount}
	chmod -f u+s $LXCROOT/rootfs/usr/bin/{chfn,chsh,gpasswd,newgrp,nvidia-modprobe,passwd,sudo}
	chmod -f g+s $LXCROOT/rootfs/usr/bin/{chage,crontab,dotlockfile,expiry,mail-lock,mail-touchlock,mail-unlock,ssh-agent,wall}
	chmod -f u+s $LXCROOT/rootfs/usr/sbin/*
	chmod -f 7777 $LXCROOT/rootfs/tmp

	# allocate ssh port
	printf "Allocating ssh port: "
	PORTFILE=/public/next-port
	PORT=$(cat $PORTFILE)
	echo $PORT > /public/ports/$USERNAME
	echo $(( $PORT+1 )) > $PORTFILE
	printf "\e[96;1m$PORT\e[0m\n"

	# change password
	echo "Setting password in the host:"
	passwd $USERNAME

	# finish
	usermod -s /public/login.bash $USERNAME
	echo "Done!"
	printf "Have a try: \e[96;1mssh $USERNAME@localhost\e[0m\n"
	#!/bin/bash
	# save as /root/start_nvidia.sh
	# run this script at /etc/rc.local
	# see: http://askubuntu.com/questions/590319/how-do-i-enable-automatically-nvidia-uvm

	/sbin/modprobe nvidia

	if [ "$?" -eq 0 ]; then
	# Count the number of NVIDIA controllers found.
	NVDEVS=`lspci \| grep -i NVIDIA`
	N3D=`echo "$NVDEVS" \| grep "3D controller" \| wc -l`
	NVGA=`echo "$NVDEVS" \| grep "VGA compatible controller" \| wc -l`

	N=`expr $N3D + $NVGA - 1`
	for i in `seq 0 $N`; do
	mknod -m 666 /dev/nvidia$i c 195 $i
	done

	mknod -m 666 /dev/nvidiactl c 195 255

	else
	exit 1
	fi

	/sbin/modprobe nvidia-uvm

	if [ "$?" -eq 0 ]; then
	# Find out the major device number used by the nvidia-uvm driver
	D=`grep nvidia-uvm /proc/devices \| awk '{print $1}'`

	mknod -m 666 /dev/nvidia-uvm c $D 0
	else
	exit 1
	fi