Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F7107989
D102.id234.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D102.id234.diff
View Options
diff --git a/roles/mailserver/systemd-unit/files/lxc-containers.service b/roles/mailserver/systemd-unit/files/lxc-containers.service
new file mode 100755
--- /dev/null
+++ b/roles/mailserver/systemd-unit/files/lxc-containers.service
@@ -0,0 +1,11 @@
+[Unit]
+Description= Launch lxc mailserver container
+
+[Service]
+Type=simple
+RemainAfterExit=yes
+ExecStart=/usr/lib/systemd/system/lxc_start
+ExecStop=/usr/lib/systemd/system/lxc_stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/mailserver/systemd-unit/files/lxc_start b/roles/mailserver/systemd-unit/files/lxc_start
new file mode 100755
--- /dev/null
+++ b/roles/mailserver/systemd-unit/files/lxc_start
@@ -0,0 +1,22 @@
+#!/bin/bash
+#Let systemd launch a lxc mail container through /usr/lib/systemd/system/lxc-containers.service
+#Start a lxc container, and create iptable rules
+
+IPTABLES="/usr/sbin/iptables"
+LXC_START="/usr/bin/lxc-start"
+
+$LXC_START -n mailserver -d
+
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 25 -j DNAT --to-destination 10.0.3.8:25
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 21080 -j DNAT --to-destination 10.0.3.8:80
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 110 -j DNAT --to-destination 10.0.3.8:110
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 143 -j DNAT --to-destination 10.0.3.8:143
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 465 -j DNAT --to-destination 10.0.3.8:465
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 587 -j DNAT --to-destination 10.0.3.8:587
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 993 -j DNAT --to-destination 10.0.3.8:993
+$IPTABLES -t nat -I PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 995 -j DNAT --to-destination 10.0.3.8:995
+
+$IPTABLES -t nat -I PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 25 -j DNAT --to-destination 10.0.3.8:25
+$IPTABLES -t nat -I PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 143 -j DNAT --to-destination 10.0.3.8:143
+$IPTABLES -t nat -I PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 465 -j DNAT --to-destination 10.0.3.8:465
+$IPTABLES -t nat -I PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 587 -j DNAT --to-destination 10.0.3.8:587
diff --git a/roles/mailserver/systemd-unit/files/lxc_stop b/roles/mailserver/systemd-unit/files/lxc_stop
new file mode 100755
--- /dev/null
+++ b/roles/mailserver/systemd-unit/files/lxc_stop
@@ -0,0 +1,22 @@
+#!/bin/bash
+#Let systemd stop a lxc mail container through /usr/lib/systemd/system/lxc-containers.service
+#Stop the container, and undo all iptable rules
+
+IPTABLES="/usr/sbin/iptables"
+LXC_STOP="/usr/bin/lxc-stop"
+
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 25 -j DNAT --to-destination 10.0.3.8:25
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 21080 -j DNAT --to-destination 10.0.3.8:80
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 110 -j DNAT --to-destination 10.0.3.8:110
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 143 -j DNAT --to-destination 10.0.3.8:143
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 465 -j DNAT --to-destination 10.0.3.8:465
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 587 -j DNAT --to-destination 10.0.3.8:587
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 993 -j DNAT --to-destination 10.0.3.8:993
+$IPTABLES -t nat -D PREROUTING -i ens192 -p TCP -d 212.129.32.223/32 --dport 995 -j DNAT --to-destination 10.0.3.8:995
+
+$IPTABLES -t nat -D PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 25 -j DNAT --to-destination 10.0.3.8:25
+$IPTABLES -t nat -D PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 143 -j DNAT --to-destination 10.0.3.8:143
+$IPTABLES -t nat -D PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 465 -j DNAT --to-destination 10.0.3.8:465
+$IPTABLES -t nat -D PREROUTING -i docker0 -p TCP -d 212.129.32.223/32 --dport 587 -j DNAT --to-destination 10.0.3.8:587
+
+$LXC_STOP -n mailserver
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Apr 21, 20:03 (13 h, 31 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2592715
Default Alt Text
D102.id234.diff (4 KB)
Attached To
Mode
D102: Create a systemd unit and scripts in order to automatize a lxc mailserver container launch
Attached
Detach File
Event Timeline
Log In to Comment