fix multiple containers for debian 13

conf/zamba.conf.example

@@ -165,18 +165,6 @@ CMK_ADMIN_PW='Start!123'
 # free = limited version of the enterprise edition (25 hosts, 1 instance)
 CMK_EDITION=raw
 
-############### Kopano-Section ###############
-
-# Define the FQDN of your Nextcloud server
-KOPANO_FQDN="kopano.zmb.rocks"
-
-# Defines the trusted reverse proxy, which will enable the detection of source ip to fail2ban
-KOPANO_MAILGW="192.168.100.254"
-
-# Kopano test- or subscription-key offerd from 
-# https://kopano.com/downloads-demo/?demo=Kopano+Groupware&headline=Packages&target=Debian+10
-KOPANO_REPKEY="1234567890abcdefghijklmno"
-
 ############### vaultwarden Section ###############
 
 # Enable/disable signups (true/false)

src/functions.sh

@@ -130,6 +130,6 @@ inst_mongodb() {
 inst_bashclub() {
     BASHCLUB_COMPONENT=${1:-release}
 
-    apt_repo "bashclub" "https://apt.bashclub.org/gpg/bashclub.pub" "https://apt.bashclub.org/$BASHCLUB_COMPONENT" "$(lsb_release -cs)" "main"
+    apt_repo "bashclub-$BASHCLUB_COMPONENT" "https://apt.bashclub.org/gpg/bashclub.pub" "https://apt.bashclub.org/$BASHCLUB_COMPONENT" "$(lsb_release -cs)" "main"
     apt update
 }

src/icinga2/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0
@@ -34,4 +34,4 @@ SERVICE_TAGS="php-fpm,nginx,mariadb"
 
 CRED_FILE="/root/.zamba_credentials/icinga_stack.txt"
 
-PHP_VERSION=8.2
+PHP_VERSION=8.4

src/icinga2/install-service.sh

@@ -18,8 +18,8 @@ echo "deb [signed-by=/usr/share/keyrings/icinga-archive-keyring.gpg] https://pac
 curl -fsSL https://packages.netways.de/netways-repo.asc | gpg --dearmor -o /usr/share/keyrings/netways-archive-keyring.gpg
 echo "deb [signed-by=/usr/share/keyrings/netways-archive-keyring.gpg] https://packages.netways.de/extras/debian/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/netways.list
 
-curl -fsSL https://repos.influxdata.com/influxdata-archive_compat.key | gpg --dearmor -o /usr/share/keyrings/influxdata-archive_compat-keyring.gpg
-echo "deb [signed-by=/usr/share/keyrings/influxdata-archive_compat-keyring.gpg] https://repos.influxdata.com/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/influxdata.list
+curl -fsSL https://repos.influxdata.com/influxdata-archive.key | gpg --dearmor -o /usr/share/keyrings/influxdata-archive_compat-keyring.gpg
+echo "deb [signed-by=/usr/share/keyrings/influxdata-archive_compat-keyring.gpg] https://repos.influxdata.com/debian bookworm stable" > /etc/apt/sources.list.d/influxdata.list
 
 apt update
 
@@ -347,7 +347,8 @@ database:
   password: ${NOTIFICATIONS_DB_PASS}
 EOF
 
-cat << EOF > /etc/icingaweb2/modules/notifications/config.ini 
+mkdir -p /etc/icingaweb2/modules/notifications/
+cat << EOF > /etc/icingaweb2/modules/notifications/config.ini
 [database]
 resource = "notifications"
 EOF
@@ -468,7 +469,7 @@ EOF
 
 icinga2 feature enable icingadb api influxdb2-writer perfdata
 
-icingacli x509 import --file /etc/ssl/certs/ca-certificates.crt
+#icingacli x509 import --file /etc/ssl/certs/ca-certificates.crt
 
 echo "[INFO] Icinga Web 2 Module werden in korrekter Reihenfolge aktiviert."
 icingacli module enable reactbundle

src/nextcloud/install-service.sh

@@ -576,4 +576,3 @@ echo "=> Modifying Crowdsec ..."
 mod_crowdsec
 
 echo -e "\n######################################################################\n\n    Please note this user and password for the nextcloud login:\n        '$NEXTCLOUD_ADMIN_USR' / '$NEXTCLOUD_ADMIN_PWD'\n                Enjoy your Nextcloud intallation.\n\n######################################################################"
-shutdown -r now

src/open3a/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0

src/open3a/install-service.sh

@@ -15,10 +15,13 @@ webroot=/var/www/html
 
 LXC_RANDOMPWD=20
 MYSQL_PASSWORD="$(random_password)"
+PHP_VERSION=8.4
 
 apt update
 
-DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq --no-install-recommends unzip sudo nginx-full mariadb-server mariadb-client php php-cli php-fpm php-mysql php-xml php-mbstring php-gd
+inst_php cli,fpm,mysql,xml,mbstring,gd $PHP_VERSION
+
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq --no-install-recommends unzip sudo nginx-full mariadb-server mariadb-client 
 
 mkdir -p /etc/nginx/ssl
 openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/open3a.key -out /etc/nginx/ssl/open3a.crt -subj "/CN=$LXC_HOSTNAME.$LXC_DOMAIN" -addext "subjectAltName=DNS:$LXC_HOSTNAME.$LXC_DOMAIN"
@@ -41,13 +44,12 @@ server {
 
     index index.php;
 
-    ssl on;
     ssl_certificate /etc/nginx/ssl/open3a.crt;
     ssl_certificate_key /etc/nginx/ssl/open3a.key;
 
     location ~ .php$ {
         include snippets/fastcgi-php.conf;
-        fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
+        fastcgi_pass unix:/var/run/php/php${PHP_VERSION}-fpm.sock;
     }
 }
 
@@ -78,8 +80,8 @@ localhost                               &%%%&open3a              &%%%&$MYSQL_PAS
 */ ?>
 EOF
 
-systemctl enable --now php8.2-fpm
-systemctl restart php8.2-fpm nginx
+systemctl enable --now php${PHP_VERSION}-fpm
+systemctl restart php${PHP_VERSION}-fpm nginx
 
 LXC_IP=$(ip address show dev eth0 | grep "inet " | cut -d ' ' -f6)
 

src/piler/constants-service.conf

@@ -6,7 +6,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=1

src/piler/install-service.sh

@@ -5,13 +5,12 @@
 
 set -euo pipefail
 
-source zamba.conf
+source /root/functions.sh
+source /root/zamba.conf
+source /root/constants-service.conf
 
-wget -O - https://apt.bashclub.org/gpg/bashclub.pub | gpg --dearmor > /usr/share/keyrings/bashclub-keyring.gpg
-
-echo "deb [signed-by=/usr/share/keyrings/bashclub-keyring.gpg] https://apt.bashclub.org/manticore bookworm main" > /etc/apt/sources.list.d/bashclub-manticore.list
-echo "deb [signed-by=/usr/share/keyrings/bashclub-keyring.gpg] https://apt.bashclub.org/$PILER_BRANCH bookworm main" > /etc/apt/sources.list.d/bashclub-$PILER_BRANCH.list
-apt update
+inst_bashclub manticore
+inst_bashclub $PILER_BRANCH
 
 DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq --no-install-recommends piler
 

src/rei3/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0

src/rei3/install-service.sh

@@ -14,13 +14,12 @@ source /root/constants-service.conf
 mkdir /opt/rei3
 wget -c https://rei3.de/latest/x64_linux -O - | tar -zx -C /opt/rei3
 
-wget -q -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | sudo tee /usr/share/keyrings/postgres.gpg
-echo "deb [signed-by=/usr/share/keyrings/postgres.gpg] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list
+inst_postgresql
 
 apt update
 
 DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade
-DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install --no-install-recommends postgresql imagemagick ghostscript postgresql-client
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install --no-install-recommends imagemagick ghostscript
 
 timedatectl set-timezone ${LXC_TIMEZONE}
 

src/vaultwarden/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0

src/vaultwarden/install-service.sh

@@ -13,7 +13,9 @@ source /root/constants-service.conf
 
 admin_token=$(openssl rand -base64 48)
 
-DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq postgresql nginx git ssl-cert
+inst_postgresql 
+
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq nginx git ssl-cert
 
 systemctl enable --now postgresql
 

src/zabbix-proxy/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0
@@ -42,8 +42,8 @@ ZABBIX_DB_USR="zabbix"
 # Build a strong password for the SQL user - could be overwritten with something fixed
 ZABBIX_DB_PWD="$(random_password)"
 
-ZABBIX_VERSION=7.0 #zabbix 7 beta
-POSTGRES_VERSION=16 #postgres repo, latest release (2024-05-13) 
+ZABBIX_VERSION=7.4 #zabbix 7 beta
+POSTGRES_VERSION=18 #postgres repo, latest release (2024-05-13) 
 
 # Sets the minimum amount of RAM the service needs for operation
 LXC_MEM_MIN=4096

src/zabbix-proxy/install-service.sh

@@ -11,13 +11,14 @@ source /root/functions.sh
 source /root/zamba.conf
 source /root/constants-service.conf
 
-apt_repo "zabbix" "https://repo.zabbix.com/zabbix-official-repo.key" "https://repo.zabbix.com/zabbix/${ZABBIX_VERSION}/debian/ $(lsb_release -cs) main"
-apt_repo "postgresql" "https://www.postgresql.org/media/keys/ACCC4CF8.asc" "http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main"
+apt_repo "zabbix" "https://repo.zabbix.com/zabbix-official-repo.key" "https://repo.zabbix.com/zabbix/${ZABBIX_VERSION}/stable/debian/" "$(lsb_release -cs)" "main"
 
 apt update
 
+inst_postgresql $POSTGRES_VERSION
+
 DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade
-DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install --no-install-recommends postgresql-$POSTGRES_VERSION postgresql-client zabbix-proxy-pgsql zabbix-sql-scripts zabbix-agent2 zabbix-agent2-plugin-* ssl-cert
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install --no-install-recommends zabbix-proxy-pgsql zabbix-sql-scripts zabbix-agent2 zabbix-agent2-plugin-* ssl-cert
 
 timedatectl set-timezone ${LXC_TIMEZONE}
 
@@ -29,7 +30,7 @@ psql -c "CREATE DATABASE ${ZABBIX_DB_NAME} ENCODING UTF8 TEMPLATE template0 OWNE
 echo "Postgres User ${ZABBIX_DB_USR} and database ${ZABBIX_DB_NAME} created."
 EOF
 
-cat /usr/share/zabbix-sql-scripts/postgresql/proxy.sql | sudo -u zabbix psql ${ZABBIX_DB_NAME}
+cat /usr/share/zabbix/sql-scripts/postgresql/proxy.sql | sudo -u zabbix psql ${ZABBIX_DB_NAME}
 
 echo "DBPassword=${ZABBIX_DB_PWD}" >> /etc/zabbix/zabbix_proxy.conf
 
@@ -53,6 +54,8 @@ sed -i "s/# TLSAccept=unencrypted/TLSAccept=psk/g" /etc/zabbix/zabbix_proxy.conf
 sed -i "s/# TLSPSKIdentity=/TLSPSKIdentity=${LXC_HOSTNAME}.${LXC_DOMAIN}/g" /etc/zabbix/zabbix_proxy.conf
 sed -i "s|# TLSPSKFile=|TLSPSKFile=/var/lib/zabbix/proxy.psk|g" /etc/zabbix/zabbix_proxy.conf
 
+mv /etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf  /etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.off
+
 systemctl enable zabbix-proxy zabbix-agent2
 
 systemctl restart zabbix-proxy zabbix-agent2 

src/zabbix/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0
@@ -42,10 +42,10 @@ ZABBIX_DB_USR="zabbix"
 # Build a strong password for the SQL user - could be overwritten with something fixed
 ZABBIX_DB_PWD="$(random_password)"
 
-ZABBIX_VERSION=7.0 #zabbix 7 beta
-POSTGRES_VERSION=16 #postgres repo, latest release (2024-05-13) 
-PHP_VERSION=8.2 # debian 12 default
-TS_VERSION=2.16.1 # currently latest by zabbix supported version of timescaledb (2024-05-13)
+ZABBIX_VERSION=7.4 #zabbix 7 beta
+POSTGRES_VERSION=18 #postgres repo, latest release (2024-05-13) 
+PHP_VERSION=8.4 # debian 12 default
+TS_VERSION=2.23.0 # currently latest by zabbix supported version of timescaledb (2024-05-13)
 
 # Sets the minimum amount of RAM the service needs for operation
 LXC_MEM_MIN=4096

src/zabbix/install-service.sh

@@ -11,14 +11,15 @@ source /root/functions.sh
 source /root/zamba.conf
 source /root/constants-service.conf
 
-apt_repo "zabbix" "https://repo.zabbix.com/zabbix-official-repo.key" "https://repo.zabbix.com/zabbix/${ZABBIX_VERSION}/debian/ $(lsb_release -cs) main"
-apt_repo "postgresql" "https://www.postgresql.org/media/keys/ACCC4CF8.asc" "http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main"
-apt_repo "timescaledb" "https://packagecloud.io/timescale/timescaledb/gpgkey" "https://packagecloud.io/timescale/timescaledb/debian/ $(lsb_release -c -s) main"
+apt_repo "zabbix" "https://repo.zabbix.com/zabbix-official-repo.key" "https://repo.zabbix.com/zabbix/${ZABBIX_VERSION}/stable/debian/" "$(lsb_release -cs)" "main"
+apt_repo "timescaledb" "https://packagecloud.io/timescale/timescaledb/gpgkey" "https://packagecloud.io/timescale/timescaledb/debian/" "$(lsb_release -cs)" "main"
+inst_postgresql ${POSTGRES_VERSION}
+inst_php pgsql,fpm $PHP_VERSION
 
 apt update
 
 DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade
-DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install --no-install-recommends postgresql-$POSTGRES_VERSION timescaledb-2-oss-$TS_VERSION-postgresql-$POSTGRES_VERSION postgresql-client-$POSTGRES_VERSION timescaledb-tools nginx php$PHP_VERSION-pgsql php$PHP_VERSION-fpm zabbix-server-pgsql zabbix-frontend-php zabbix-nginx-conf zabbix-sql-scripts zabbix-agent2 zabbix-agent2-plugin-* ssl-cert
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install --no-install-recommends timescaledb-2-oss-$TS_VERSION-postgresql-$POSTGRES_VERSION timescaledb-tools nginx  zabbix-server-pgsql zabbix-frontend-php zabbix-nginx-conf zabbix-sql-scripts zabbix-agent2 zabbix-agent2-plugin-* ssl-cert
 
 unlink /etc/nginx/sites-enabled/default
 
@@ -216,18 +217,20 @@ psql -c "CREATE DATABASE ${ZABBIX_DB_NAME} ENCODING UTF8 TEMPLATE template0 OWNE
 echo "Postgres User ${ZABBIX_DB_USR} and database ${ZABBIX_DB_NAME} created."
 EOF
 
-sed -i "s/false/true/g" /usr/share/zabbix/include/locales.inc.php
+#sed -i "s/false/true/g" /usr/share/zabbix/include/locales.inc.php
 
-zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psql ${ZABBIX_DB_NAME}
+zcat /usr/share/zabbix/sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psql ${ZABBIX_DB_NAME}
 
 timescaledb-tune --quiet --yes >> /etc/postgresql/$POSTGRES_VERSION/main/postgresql.conf
 
 systemctl restart postgresql
 
 echo "CREATE EXTENSION IF NOT EXISTS timescaledb CASCADE;" | sudo -u postgres psql zabbix
-cat /usr/share/zabbix-sql-scripts/postgresql/timescaledb/schema.sql | sudo -u zabbix psql ${ZABBIX_DB_NAME}
+cat /usr/share/zabbix/sql-scripts/postgresql/timescaledb/schema.sql | sudo -u zabbix psql ${ZABBIX_DB_NAME}
 
-echo "DBPassword=${ZABBIX_DB_PWD}" >> /etc/zabbix/zabbix_server.conf
+echo "DBPassword=${ZABBIX_DB_PWD}" >> /etc/zabbix/zabbix_server.d/dbpassword.conf
+
+mv /etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.conf  /etc/zabbix/zabbix_agent2.d/plugins.d/nvidia.off
 
 generate_dhparam
 

src/zammad/constants-service.conf

@@ -8,7 +8,7 @@
 # This file contains the project constants on service level
 
 # Debian Version, which will be installed
-LXC_TEMPLATE_VERSION="debian-12-standard"
+LXC_TEMPLATE_VERSION="debian-13-standard"
 
 # Create sharefs mountpoint
 LXC_MP=0

src/zmb-standalone/install-service.sh

@@ -19,7 +19,7 @@ DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -o DPkg::
 USER=$(echo "$ZMB_ADMIN_USER" | awk '{print tolower($0)}')
 useradd --comment "Zamba fileserver admin" --create-home --shell /bin/bash $USER
 echo "$USER:$ZMB_ADMIN_PASS" | chpasswd
-smbpasswd -x $USER
+smbpasswd -x $USER || true
 (echo $ZMB_ADMIN_PASS; echo $ZMB_ADMIN_PASS) | smbpasswd -a $USER
 
 usermod -aG sudo $USER