Mirrors/ProxMenux
1
0
Fork 0
mirror of https://github.com/MacRimi/ProxMenux.git synced 2025-10-02 08:06:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/MacRimi/ProxMenux

Browse Source
This commit is contained in:
MacRimi
2025-09-01 17:21:41 +02:00
parent ce25a167f1 1c44969580
commit 5d1338e485
7 changed files with 237 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
json/helpers_cache.json
View File

@@ -498,7 +498,9 @@
"categories": [
13
],
"notes": [],
"notes": [
"Starting Booklore (Web UI) may take up to 2 minutes after a restart or fresh installation."
],
"type": "ct"
},
{

144
scripts/global/share-common.func
View File

@@ -138,6 +138,150 @@ pmx_ensure_host_group() {
pmx_choose_or_create_group_() {
local default_group="${1:-$PROXMENUX_DEFAULT_SHARE_GROUP}"
local choice group_name groups menu_args gid_min
# Detect GID_MIN (fallback 1000)
gid_min="$(awk '/^\s*GID_MIN\s+[0-9]+/ {print $2}' /etc/login.defs 2>/dev/null | tail -n1)"
[[ -z "$gid_min" ]] && gid_min=1000
choice=$(whiptail --title "$(translate "Shared Group")" \
--menu "$(translate "Choose a group policy for this shared directory:")" 18 78 6 \
"1" "$(translate "Use default group:") $default_group $(translate "(recommended)")" \
"2" "$(translate "Create a new group for isolation")" \
"3" "$(translate "Select an existing group")" \
3>&1 1>&2 2>&3) || { echo ""; return 1; }
case "$choice" in
1)
# Ensure exists; auto GID >= 101000 if creation is needed
pmx_ensure_host_group "$default_group" >/dev/null || { echo ""; return 1; }
echo "$default_group"
;;
2)
group_name=$(whiptail --inputbox "$(translate "Enter new group name:")" 10 70 "sharedfiles-project" \
--title "$(translate "New Group")" 3>&1 1>&2 2>&3) || { echo ""; return 1; }
if [[ -z "$group_name" ]]; then
msg_error "$(translate "Group name cannot be empty.")"
echo ""; return 1
fi
# POSIX-ish validation: start with letter/_ ; then letters/digits/_/-
if ! [[ "$group_name" =~ ^[a-zA-Z_][a-zA-Z0-9_-]*$ ]]; then
msg_error "$(translate "Invalid group name. Use letters, digits, underscore or hyphen, and start with a letter or underscore.")"
echo ""; return 1
fi
pmx_ensure_host_group "$group_name" >/dev/null || { echo ""; return 1; }
echo "$group_name"
;;
3)
# Build list of real user groups (>= GID_MIN), exclude nogroup and pve*
groups=$(getent group | awk -F: -v MIN="$gid_min" '
$3 >= MIN && $1 != "nogroup" && $1 !~ /^pve/ {print $0}
' | sort -t: -k1,1)
if [[ -z "$groups" ]]; then
whiptail --title "$(translate "Groups")" --msgbox "$(translate "No user groups found.")" 8 60
echo ""; return 1
fi
menu_args=()
while IFS=: read -r gname _ gid members; do
menu_args+=("$gname" "GID=$gid")
done <<< "$groups"
group_name=$(whiptail --title "$(translate "Existing Groups")" \
--menu "$(translate "Select an existing group:")" 20 70 12 \
"${menu_args[@]}" 3>&1 1>&2 2>&3) || { echo ""; return 1; }
# Ensure (no-op if exists)
pmx_ensure_host_group "$group_name" >/dev/null || { echo ""; return 1; }
echo "$group_name"
;;
*)
echo ""; return 1
;;
esac
}
pmx_ensure_host_group_() {
local group_name="$1"
local suggested_gid="${2:-}"
local base_gid=101000
local new_gid gid
# Si ya existe, devuelve su GID
if getent group "$group_name" >/dev/null 2>&1; then
gid="$(getent group "$group_name" | cut -d: -f3)"
echo "$gid"
return 0
fi
if [[ -n "$suggested_gid" ]]; then
# Verifica que el GID sugerido esté libre
if getent group "$suggested_gid" >/dev/null 2>&1; then
msg_error "$(translate "GID already in use:") $suggested_gid"
echo ""
return 1
fi
if ! groupadd -g "$suggested_gid" "$group_name" >/dev/null 2>&1; then
msg_error "$(translate "Failed to create group:") $group_name"
echo ""
return 1
fi
msg_ok "$(translate "Group created:") $group_name"
else
# Busca el primer GID libre >= 101000
new_gid="$base_gid"
while getent group "$new_gid" >/dev/null 2>&1; do
new_gid=$((new_gid+1))
done
if ! groupadd -g "$new_gid" "$group_name" >/dev/null 2>&1; then
msg_error "$(translate "Failed to create group:") $group_name"
echo ""
return 1
fi
msg_ok "$(translate "Group created:") $group_name"
fi
gid="$(getent group "$group_name" | cut -d: -f3)"
if [[ -z "$gid" ]]; then
msg_error "$(translate "Failed to resolve group GID for") $group_name"
echo ""
return 1
fi
echo "$gid"
return 0
}
pmx_prepare_host_shared_dir() {
local dir="$1" group_name="$2"

53
scripts/menus/share_menu.sh
View File

@@ -28,39 +28,56 @@ while true; do
OPTION=$(dialog --clear --backtitle "ProxMenux" \
--title "$(translate "Network Storage Manager")" \
--menu "\n$(translate "Select an option:")" 25 80 15 \
"1" "$(translate "Set up NFS Server in LXC")" \
"2" "$(translate "Set up Samba Server in LXC")" \
"3" "$(translate "Configure NFS Client in LXC")" \
"4" "$(translate "Configure Samba Client in LXC")" \
"5" "$(translate "Configure NFS Storage on Host (Proxmox)")" \
"6" "$(translate "Configure Samba Storage on Host (Proxmox)")" \
"7" "$(translate "Help & Info (commands)")" \
"8" "$(translate "Return to Main Menu")" \
2>&1 >/dev/tty)
"" "\Z4──────────── $(translate "LXC") ────────────\Zn" \
"1" "$(translate "Mount Host Directory into LXC (Mount Manager)")" \
"2" "$(translate "Configure NFS Client in LXC (only privileged)")" \
"3" "$(translate "Configure Samba Client in LXC (only privileged)")" \
"4" "$(translate "Set up NFS Server in LXC")" \
"5" "$(translate "Set up Samba Server in LXC")" \
"" "\Z4──────────── $(translate "HOST") ─────────────\Zn" \
"6" "$(translate "Configure NFS share on Host")" \
"7" "$(translate "Configure Samba share on Host")" \
"8" "$(translate "Configure Local Shared on Host")" \
"" "" \
"9" "$(translate "Help & Info (commands)")" \
"0" "$(translate "Return to Main Menu")" \
2>&1 >/dev/tty
) || { exec bash <(curl -s "$REPO_URL/scripts/menus/main_menu.sh"); }
case "$OPTION" in
lxctitle|hosttitle)
continue
;;
case $OPTION in
1)
bash <(curl -s "$REPO_URL/scripts/share/nfs.sh")
bash <(curl -s "$REPO_URL/scripts/share/lxc-mount-manager.sh")
;;
2)
bash <(curl -s "$REPO_URL/scripts/share/samba.sh")
;;
3)
bash <(curl -s "$REPO_URL/scripts/share/nfs_client.sh")
;;
4)
3)
bash <(curl -s "$REPO_URL/scripts/share/samba_client.sh")
;;
4)
bash <(curl -s "$REPO_URL/scripts/share/nfs.sh")
;;
5)
bash <(curl -s "$REPO_URL/scripts/share/nfs_host.sh")
bash <(curl -s "$REPO_URL/scripts/share/samba.sh")
;;
6)
bash <(curl -s "$REPO_URL/scripts/share/samba_host.sh")
bash <(curl -s "$REPO_URL/scripts/share/nfs_host.sh")
;;
7)
bash <(curl -s "$REPO_URL/scripts/share/commands_share.sh")
bash <(curl -s "$REPO_URL/scripts/share/samba_host.sh")
;;
8)
bash <(curl -s "$REPO_URL/scripts/share/local-shared-manager.sh")
;;
9)
bash <(curl -s "$REPO_URL/scripts/share/commands_share.sh")
;;
0)
exec bash <(curl -s "$REPO_URL/scripts/menus/main_menu.sh")
;;
*)

35
scripts/post_install/auto_post_install.sh
View File

@@ -479,46 +479,37 @@ apply_network_optimizations() {
# Core buffers & queues
net.core.netdev_max_backlog = 8192
net.core.optmem_max = 8192
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.somaxconn = 8151
net.core.somaxconn = 8192
# IPv4 security hardening
# IPv4
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.default.log_martians = 1
# ICMP handling
# rp_filter: loose multi-homed/bridges
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
# ICMP
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
# TCP/IP tuning
# TCP/IP
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_base_mss = 1024
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes= 3
net.ipv4.tcp_keepalive_time = 240
net.ipv4.tcp_limit_output_bytes = 65536
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.tcp_sack = 1
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.tcp_wmem = 8192 65536 16777216
# Unix sockets
@@ -701,7 +692,7 @@ install_log2ram_auto() {
if ! command -v git >/dev/null 2>&1; then
apt-get update -qq >/dev/null 2>&1
apt-get install -y git >/dev/null 2>&1
msg_ok "$(translate "Git installed successfully")"
#msg_ok "$(translate "Git installed successfully")"
fi
if ! git clone https://github.com/azlux/log2ram.git /tmp/log2ram >/dev/null 2>>/tmp/log2ram_install.log; then
@@ -858,7 +849,7 @@ run_complete_optimization() {
configure_kernel_panic
force_apt_ipv4
apply_network_optimizations
disable_rpc
#disable_rpc
customize_bashrc
install_log2ram_auto
setup_persistent_network

29
scripts/post_install/customizable_post_install.sh
View File

@@ -1325,46 +1325,35 @@ apply_network_optimizations() {
# Core buffers & queues
net.core.netdev_max_backlog = 8192
net.core.optmem_max = 8192
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.somaxconn = 8151
net.core.somaxconn = 8192
# IPv4 security hardening
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.default.log_martians = 1
# ICMP handling
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
# ICMP
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
# TCP/IP tuning
# TCP/IP
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_base_mss = 1024
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes= 3
net.ipv4.tcp_keepalive_time = 240
net.ipv4.tcp_limit_output_bytes = 65536
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_mtu_probing = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.tcp_sack = 1
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.tcp_wmem = 8192 65536 16777216
# Unix sockets

4
scripts/share/lxc-mount-manager.sh
View File

@@ -300,11 +300,14 @@ mount_host_directory_to_lxc() {
sleep 3
msg_ok "$(translate "Container started")"
else
show_proxmenux_logo
msg_title "$(translate 'Mount Host Directory to LXC Container')"
msg_error "$(translate "Failed to start container")"
return 1
fi
fi
msg_ok "$(translate 'Select LXC container')"
sleep 2
@@ -316,6 +319,7 @@ mount_host_directory_to_lxc() {
fi
msg_ok "$(translate 'Select Host directory')"
# Step 3: Setup group
local group_name="sharedfiles"
local group_gid

6
scripts/vm/zimaos.sh
View File

@@ -315,16 +315,12 @@ function advanced_settings() {
"$(translate "Select the bus type for the disks:")" 15 70 4 \
"scsi" "$(translate "SCSI (recommended for Linux)")" ON \
"sata" "$(translate "SATA (standard - high compatibility)")" OFF \
"virtio" "$(translate "VirtIO (advanced - high performance)")" OFF \
3>&1 1>&2 2>&3) || exit 1
case "$INTERFACE_TYPE" in
"scsi"|"sata")
DISCARD_OPTS=",discard=on,ssd=on"
;;
"virtio")
DISCARD_OPTS=",discard=on"
;;
esac
msg_ok "$(translate "Disk interface selected:") $INTERFACE_TYPE"
@@ -856,7 +852,7 @@ function select_storage_volume() {
else
while [ -z "${STORAGE:+x}" ]; do
STORAGE=$(whiptail --backtitle "ProxMenuX" --title "Storage Pools" --radiolist \
"$(translate "Choose the storage volume for $purpose:\n\nUse Spacebar to select.")" \
"$(translate "Choose the storage volume for $purpose:")" \
16 $(($MSG_MAX_LENGTH + 23)) 6 \
"${STORAGE_MENU[@]}" 3>&1 1>&2 2>&3) || exit
done