admin_jk/mapletree
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update lxc bootstrap

Browse source
This commit is contained in:
admin 2026-02-05 09:42:25 -07:00
parent b372e7c661
commit ea85352a5f
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
~host-setups/LXC-bootstrap.sh
View file

@ -4,15 +4,18 @@ apt update && apt upgrade -y
#apply all the packages I need #apply all the packages I need
apt install -y ca-certificates curl ethtool iptables-persistent git htop apt install -y ca-certificates curl ethtool iptables-persistent git htop
#enable IP forwarding #Enable IP Forwarding (Persistent)
Enable IP Forwarding (Persistent)
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
grep -qF "net.ipv4.ip_forward=1" /etc/sysctl.conf || echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf grep -qF "net.ipv4.ip_forward=1" /etc/sysctl.conf || echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p sysctl -p
#add the NAT rule for IPtables and save # Add the "Catch-All" NAT rule for eth0
iptables -C POSTROUTING -t nat -s 172.16.0.0/12 -d 172.16.201.0/24 -j MASQUERADE 2>/dev/null || \ # "If traffic leaves eth0, masquerade it (make it look like the LXC's IP)"
iptables -t nat -I POSTROUTING 1 -s 172.16.0.0/12 -d 172.16.201.0/24 -j MASQUERADE # This works for ANY internal Docker subnet (172.x, 192.x, 10.x)
iptables -C POSTROUTING -t nat -o eth0 -j MASQUERADE 2>/dev/null || \
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Save the rules (Requires iptables-persistent / netfilter-persistent installed)
netfilter-persistent save netfilter-persistent save
#change the virtio settings and Apply checksum fix immediately #change the virtio settings and Apply checksum fix immediately