Last active
September 29, 2023 07:30
-
-
Save abcdabcd987/d9ab8a8a36272678567e9fb23aed475b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# save as /root/del_user.sh | |
USERNAME=$1 | |
if [[ -z "$USERNAME" ]]; then | |
echo "Please give me a username" | |
exit 1 | |
fi | |
echo "This script will" | |
echo "1. Change the shell of $USERNAME to /bin/bash" | |
echo "2. Stop lxc container $USERNAME" | |
echo "3. rm /public/ports/$USERNAME" | |
echo "4. sed -i '/$USERNAME /d' /etc/lxc/lxc-usernet" | |
echo "5. userdel -f -r $USERNAME" | |
echo "" | |
read -p "Are you sure (y/n)? " -n 1 -r | |
echo | |
if [[ $REPLY =~ ^[Yy]$ ]]; then | |
chsh -s /bin/bash $USERNAME | |
su - $USERNAME -c "lxc-stop -n $USERNAME" | |
rm /public/ports/$USERNAME | |
sed -i '/$USERNAME /d' /etc/lxc/lxc-usernet | |
userdel -f -r $USERNAME | |
echo "Done!" | |
else | |
echo "Canceled" | |
exit 1 | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# save as /public/login.bash | |
# chmod a+x /public/login.bash | |
IP=$(ifconfig em1 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*') | |
PORT=$(cat /public/ports/$USER) | |
INFO=$(lxc-info -n $USER) | |
function print_help { | |
echo "========== Tips:" | |
printf "Start your container: \e[96;1mssh $USER@$IP\e[0m\n" | |
printf "Login your container: \e[96;1mssh $USER@$IP -p$PORT\e[0m\n" | |
printf "Change password: \e[96;1mssh -t $USER@$IP passwd\e[0m\n" | |
printf "Manually stop your container: \e[96;1mssh $USER@$IP stop\e[0m\n" | |
printf "Use \e[96;1mscp\e[0m or \e[96;1mSFTP\e[0m to transfer data to your container\n" | |
printf "SSD mounted at \e[96;1m/SSD\e[0m\n" | |
printf "NAS mounted at \e[96;1m/NAS\e[0m\n" | |
printf "See GPU load: \e[96;1mnvidia-smi\e[0m\n" | |
printf "More detailed guide: \e[96;1;4mhttp://apex.sjtu.edu.cn/guides/50\e[0m\n" | |
} | |
function do_stop { | |
echo "========== Stopping your container..." | |
LXCIP=$(lxc-info -n $USER | grep 'IP:' | grep -Eo '[0-9].+') | |
sudo iptables -t nat -D PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $LXCIP:22 | |
sudo iptables -t nat -D POSTROUTING -p tcp -d $LXCIP --dport 22 -j MASQUERADE | |
lxc-stop -n $USER | |
lxc-info -n $USER | |
} | |
function do_passwd { | |
echo "$INFO" | grep RUNNING > /dev/null 2>&1 | |
if [ $? -ne 0 ]; then | |
echo "========== It seems that your container is not running" | |
echo "========== Please start your container first" | |
exit 1 | |
fi | |
echo "========== Changing password in the host..." | |
passwd $USER | |
echo "========== Changing password in your container..." | |
lxc-attach -n $USER -- passwd $USER | |
} | |
function do_start { | |
echo "$INFO" | grep RUNNING > /dev/null 2>&1 | |
if [ $? -ne 0 ]; then | |
echo "========== It seems that your container is not running" | |
echo "========== Starting your container..." | |
lxc-start -n $USER -d | |
if [ $? -ne 0 ]; then | |
echo "========== Fail. Please contact administrators" | |
exit 1 | |
fi | |
sleep 2 | |
LXCIP=$(lxc-info -n $USER | grep 'IP:' | grep -Eo '[0-9].+') | |
if [[ -z "$LXCIP" ]]; then | |
lxc-stop -n $USER | |
echo "Failed to get your container IP." | |
echo "If this problem cannot be solved by retrying, please contact administrators." | |
exit 1 | |
fi | |
sudo iptables -t nat -A PREROUTING -p tcp --dport $PORT -j DNAT --to-destination $LXCIP:22 | |
sudo iptables -t nat -A POSTROUTING -p tcp -d $LXCIP --dport 22 -j MASQUERADE | |
lxc-info -n $USER | |
fi | |
print_help | |
} | |
printf "========== Hi, \e[96;1m$USER\e[0m\n" | |
echo "========== Welcome to APEX GPU Server (IP: $IP)" | |
if [[ -z "$PORT" ]]; then | |
echo "Failed to get your allocated port." | |
echo "If this problem cannot be solved by retrying, please contact administrators." | |
exit 1 | |
fi | |
echo "========== Your LXC Container Information:" | |
echo "$INFO" | |
if [ "$2" == "stop" ]; then do_stop | |
elif [ "$2" == "passwd" ]; then do_passwd | |
elif [ "$2" == "help" ]; then print_help | |
elif [[ -z "$2" ]]; then do_start | |
else | |
echo "========== Unknown command" | |
print_help | |
exit 1 | |
fi | |
echo "========== Have a good day :-)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# save as /root/new_lxc.sh | |
### add user | |
USERNAME=$1 | |
if [[ -z "$USERNAME" ]]; then | |
echo "Please give me a username" | |
exit 1 | |
fi | |
printf "Allocating LXC Container for \e[96;1m$USERNAME\e[0m...\n" | |
# create user | |
echo "Creating user..." | |
useradd -m -G sudo -p WjBvLfnOeZocg $USERNAME # temporary password is 123456 | |
# grant lxc virtual network permission | |
echo "Granting LXC virtual network permission..." | |
echo $USERNAME veth lxcbr0 10 >> /etc/lxc/lxc-usernet | |
# clone and config the container | |
echo "Cloning the container..." | |
SUBUID=$(cat /etc/subuid | grep "$USERNAME:" | awk -F : '{print $2 " " $3}') | |
SUBGID=$(cat /etc/subgid | grep "$USERNAME:" | awk -F : '{print $2 " " $3}') | |
LXCROOT=/home/$USERNAME/.local/share/lxc/$USERNAME | |
MACADDR=$(tr -dc A-F0-9 < /dev/urandom | head -c 6 | sed -r 's/(..)/\1:/g;s/:$//;s/^/00:16:3e:/') | |
mkdir -p /home/$USERNAME/.local/share/lxc | |
cp -r /root/lxc-public-images/template $LXCROOT | |
cat >> $LXCROOT/config <<-EOM | |
lxc.network.hwaddr = $MACADDR | |
lxc.id_map = u 0 $SUBUID | |
lxc.id_map = g 0 $SUBGID | |
lxc.rootfs = $LXCROOT/rootfs | |
lxc.utsname = $USERNAME | |
EOM | |
HOSTNAME=$(hostname) | |
echo $HOSTNAME-$USERNAME > $LXCROOT/rootfs/etc/hostname | |
sed -i "s/template/$HOSTNAME-$USERNAME/g" $LXCROOT/rootfs/etc/hosts | |
LXCUID=$(cat /etc/subuid | grep "$USERNAME:" | awk -F : '{print $2}') | |
LXCGID=$(cat /etc/subgid | grep "$USERNAME:" | awk -F : '{print $2}') | |
# fix filesystem permission | |
echo "Fixing filesystem permission..." | |
chown $USERNAME:$USERNAME /home/$USERNAME/.local | |
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share | |
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc | |
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc/$USERNAME | |
chown $USERNAME:$USERNAME /home/$USERNAME/.local/share/lxc/$USERNAME/config | |
chown -R $LXCUID:$LXCGID $LXCROOT/rootfs | |
chmod a+x /home/$USERNAME/.local | |
chmod a+x /home/$USERNAME/.local/share | |
chmod a+x /home/$USERNAME/.local/share/lxc | |
chmod a+x /home/$USERNAME/.local/share/lxc/$USERNAME | |
# adduser in the container | |
echo "Adding user in the container..." | |
sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-start -n $USERNAME -d | |
sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-attach -n $USERNAME -- useradd -m -G sudo -s /bin/bash -p WjBvLfnOeZocg $USERNAME | |
sshpass -p 123456 ssh -o StrictHostKeyChecking=no $USERNAME@localhost lxc-stop -n $USERNAME | |
# set up password in the container | |
echo "Setting password in the container:" | |
chroot $LXCROOT/rootfs passwd $USERNAME | |
# fix filesystem permission | |
echo "Fixing filesystem permission..." | |
chmod -f u+s $LXCROOT/rootfs/bin/{mount,ping,ping6,su,umount} | |
chmod -f u+s $LXCROOT/rootfs/usr/bin/{chfn,chsh,gpasswd,newgrp,nvidia-modprobe,passwd,sudo} | |
chmod -f g+s $LXCROOT/rootfs/usr/bin/{chage,crontab,dotlockfile,expiry,mail-lock,mail-touchlock,mail-unlock,ssh-agent,wall} | |
chmod -f u+s $LXCROOT/rootfs/usr/sbin/* | |
chmod -f 7777 $LXCROOT/rootfs/tmp | |
# allocate ssh port | |
printf "Allocating ssh port: " | |
PORTFILE=/public/next-port | |
PORT=$(cat $PORTFILE) | |
echo $PORT > /public/ports/$USERNAME | |
echo $(( $PORT+1 )) > $PORTFILE | |
printf "\e[96;1m$PORT\e[0m\n" | |
# change password | |
echo "Setting password in the host:" | |
passwd $USERNAME | |
# finish | |
usermod -s /public/login.bash $USERNAME | |
echo "Done!" | |
printf "Have a try: \e[96;1mssh $USERNAME@localhost\e[0m\n" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# save as /root/start_nvidia.sh | |
# run this script at /etc/rc.local | |
# see: http://askubuntu.com/questions/590319/how-do-i-enable-automatically-nvidia-uvm | |
/sbin/modprobe nvidia | |
if [ "$?" -eq 0 ]; then | |
# Count the number of NVIDIA controllers found. | |
NVDEVS=`lspci | grep -i NVIDIA` | |
N3D=`echo "$NVDEVS" | grep "3D controller" | wc -l` | |
NVGA=`echo "$NVDEVS" | grep "VGA compatible controller" | wc -l` | |
N=`expr $N3D + $NVGA - 1` | |
for i in `seq 0 $N`; do | |
mknod -m 666 /dev/nvidia$i c 195 $i | |
done | |
mknod -m 666 /dev/nvidiactl c 195 255 | |
else | |
exit 1 | |
fi | |
/sbin/modprobe nvidia-uvm | |
if [ "$?" -eq 0 ]; then | |
# Find out the major device number used by the nvidia-uvm driver | |
D=`grep nvidia-uvm /proc/devices | awk '{print $1}'` | |
mknod -m 666 /dev/nvidia-uvm c $D 0 | |
else | |
exit 1 | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment