From ebb11c549310e3123c19a1233e220daa153da0ab Mon Sep 17 00:00:00 2001
From: "Rodrigo Rodriguez (Pragmatismo)" <me@rodrigorodriguez.com>
Date: Sun, 6 Jul 2025 12:27:20 -0300
Subject: [PATCH] - GB DNS added.

---
 .../alm-ci => scripts/containers}/alm-ci.sh   |  0
 .../alm => scripts/containers}/alm.sh         |  0
 .../bot => scripts/containers}/bot.sh         |  0
 .../desktop => scripts/containers}/desktop.sh |  0
 .../containers}/directory.sh                  |  0
 src/scripts/containers/dns.sh                 | 82 +++++++++++++++++++
 .../containers}/doc-editor.sh                 |  0
 .../drive => scripts/containers}/drive.sh     |  0
 .../email => scripts/containers}/email.sh     |  0
 .../meeting => scripts/containers}/meeting.sh |  0
 .../proxy => scripts/containers}/proxy.sh     |  0
 .../.sh => scripts/containers/social.sh}      |  0
 .../system => scripts/containers}/system.sh   |  0
 .../containers}/table-editor.sh               |  0
 .../tables => scripts/containers}/tables.sh   |  0
 .../webmail => scripts/containers}/webmail.sh |  0
 .../containers => scripts}/prompt.txt         |  0
 src/scripts/{containers => utils}/cleaner.sh  |  0
 .../install-libreoffice-online.sh             |  0
 .../{containers => utils}/set-limits.sh       |  0
 .../{containers => utils}/set-size-5GB.sh     |  0
 .../{containers => utils}/setup-host.sh       |  0
 src/scripts/{containers => utils}/startup.sh  |  0
 23 files changed, 82 insertions(+)
 rename src/{templates/containers/alm-ci => scripts/containers}/alm-ci.sh (100%)
 rename src/{templates/containers/alm => scripts/containers}/alm.sh (100%)
 rename src/{templates/containers/bot => scripts/containers}/bot.sh (100%)
 rename src/{templates/containers/desktop => scripts/containers}/desktop.sh (100%)
 rename src/{templates/containers/directory => scripts/containers}/directory.sh (100%)
 create mode 100644 src/scripts/containers/dns.sh
 rename src/{templates/containers/doc-editor => scripts/containers}/doc-editor.sh (100%)
 rename src/{templates/containers/drive => scripts/containers}/drive.sh (100%)
 rename src/{templates/containers/email => scripts/containers}/email.sh (100%)
 rename src/{templates/containers/meeting => scripts/containers}/meeting.sh (100%)
 rename src/{templates/containers/proxy => scripts/containers}/proxy.sh (100%)
 rename src/{templates/containers/social/.sh => scripts/containers/social.sh} (100%)
 rename src/{templates/containers/system => scripts/containers}/system.sh (100%)
 rename src/{templates/containers/table-editor => scripts/containers}/table-editor.sh (100%)
 rename src/{templates/containers/tables => scripts/containers}/tables.sh (100%)
 rename src/{templates/containers/webmail => scripts/containers}/webmail.sh (100%)
 rename src/{templates/containers => scripts}/prompt.txt (100%)
 rename src/scripts/{containers => utils}/cleaner.sh (100%)
 rename src/scripts/{containers => utils}/install-libreoffice-online.sh (100%)
 rename src/scripts/{containers => utils}/set-limits.sh (100%)
 rename src/scripts/{containers => utils}/set-size-5GB.sh (100%)
 rename src/scripts/{containers => utils}/setup-host.sh (100%)
 rename src/scripts/{containers => utils}/startup.sh (100%)

diff --git a/src/templates/containers/alm-ci/alm-ci.sh b/src/scripts/containers/alm-ci.sh
similarity index 100%
rename from src/templates/containers/alm-ci/alm-ci.sh
rename to src/scripts/containers/alm-ci.sh
diff --git a/src/templates/containers/alm/alm.sh b/src/scripts/containers/alm.sh
similarity index 100%
rename from src/templates/containers/alm/alm.sh
rename to src/scripts/containers/alm.sh
diff --git a/src/templates/containers/bot/bot.sh b/src/scripts/containers/bot.sh
similarity index 100%
rename from src/templates/containers/bot/bot.sh
rename to src/scripts/containers/bot.sh
diff --git a/src/templates/containers/desktop/desktop.sh b/src/scripts/containers/desktop.sh
similarity index 100%
rename from src/templates/containers/desktop/desktop.sh
rename to src/scripts/containers/desktop.sh
diff --git a/src/templates/containers/directory/directory.sh b/src/scripts/containers/directory.sh
similarity index 100%
rename from src/templates/containers/directory/directory.sh
rename to src/scripts/containers/directory.sh
diff --git a/src/scripts/containers/dns.sh b/src/scripts/containers/dns.sh
new file mode 100644
index 0000000..d711416
--- /dev/null
+++ b/src/scripts/containers/dns.sh
@@ -0,0 +1,82 @@
+#!/bin/bash
+HOST_BASE="/opt/gbo/tenants/$PARAM_TENANT/dns"
+HOST_CONF="$HOST_BASE/conf"
+HOST_DATA="$HOST_BASE/data"
+HOST_LOGS="$HOST_BASE/logs"
+mkdir -p "$HOST_BASE" "$HOST_CONF" "$HOST_DATA" "$HOST_LOGS"
+chmod -R 750 "$HOST_BASE"
+
+# Clear existing rules
+sudo iptables -F
+
+# Allow DNS traffic
+sudo iptables -A INPUT -p udp --dport 53 -j ACCEPT
+sudo iptables -A INPUT -p tcp --dport 53 -j ACCEPT
+sudo iptables -A FORWARD -p udp --dport 53 -j ACCEPT
+sudo iptables -A FORWARD -p tcp --dport 53 -j ACCEPT
+
+# Enable NAT
+sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+
+# Save rules (if using iptables-persistent)
+sudo netfilter-persistent save
+
+lxc launch images:debian/12 "${PARAM_TENANT}-dns" -c security.privileged=true
+until lxc exec "${PARAM_TENANT}-dns" -- true; do sleep 3; done
+
+# Remove existing proxy devices
+lxc config device remove "${PARAM_TENANT}-dns" dns-udp
+lxc config device remove "${PARAM_TENANT}-dns" dns-tcp
+
+# Add correct proxy configuration
+lxc config device add "${PARAM_TENANT}-dns" dns-udp proxy listen=udp:0.0.0.0:53 connect=udp:127.0.0.1:53
+lxc config device add "${PARAM_TENANT}-dns" dns-tcp proxy listen=tcp:0.0.0.0:53 connect=tcp:127.0.0.1:53
+
+lxc exec "${PARAM_TENANT}-dns" -- bash -c "
+mkdir /opt/gbo
+mkdir /opt/gbo/{bin,conf,data,logs} 
+
+echo 'nameserver 8.8.8.8' > /etc/resolv.conf
+
+
+apt-get upgrade -y && apt-get install -y wget
+wget -qO /opt/gbo/bin/coredns https://github.com/coredns/coredns/releases/download/v1.11.1/coredns_1.11.1_linux_amd64.tgz
+tar -xzf /opt/gbo/bin/coredns -C /opt/gbo/bin/
+useradd --system --no-create-home --shell /bin/false gbuser
+setcap cap_net_bind_service=+ep /opt/gbo/bin/coredns
+
+
+cat > /etc/systemd/system/dns.service <<EOF2
+[Unit]
+Description=DNS
+After=network.target
+[Service]
+User=gbuser
+ExecStart=/opt/gbo/bin/coredns -conf /opt/gbo/conf/Corefile
+Restart=always
+[Install]
+WantedBy=multi-user.target
+EOF2
+
+systemctl stop systemd-resolved
+systemctl disable systemd-resolved
+rm /etc/resolv.conf
+
+systemctl daemon-reload
+systemctl enable dns
+"
+
+GBUSER_UID=$(lxc exec "${PARAM_TENANT}-dns" -- id -u gbuser)
+HOST_UID=$((100000 + GBUSER_UID))
+chown -R "$HOST_UID:$HOST_UID" "$HOST_BASE"
+
+lxc exec "${PARAM_TENANT}-dns" -- bash -c "
+chown -R gbuser:gbuser /opt/gbo
+
+"
+
+lxc config device add "${PARAM_TENANT}-dns" dnsdata disk source="$HOST_DATA" path=/opt/gbo/data
+lxc config device add "${PARAM_TENANT}-dns" dnsconf disk source="$HOST_CONF" path=/opt/gbo/conf
+lxc config device add "${PARAM_TENANT}-dns" dnslogs disk source="$HOST_LOGS" path=/opt/gbo/logs
+
+lxc exec "${PARAM_TENANT}-dns" -- systemctl start dns
\ No newline at end of file
diff --git a/src/templates/containers/doc-editor/doc-editor.sh b/src/scripts/containers/doc-editor.sh
similarity index 100%
rename from src/templates/containers/doc-editor/doc-editor.sh
rename to src/scripts/containers/doc-editor.sh
diff --git a/src/templates/containers/drive/drive.sh b/src/scripts/containers/drive.sh
similarity index 100%
rename from src/templates/containers/drive/drive.sh
rename to src/scripts/containers/drive.sh
diff --git a/src/templates/containers/email/email.sh b/src/scripts/containers/email.sh
similarity index 100%
rename from src/templates/containers/email/email.sh
rename to src/scripts/containers/email.sh
diff --git a/src/templates/containers/meeting/meeting.sh b/src/scripts/containers/meeting.sh
similarity index 100%
rename from src/templates/containers/meeting/meeting.sh
rename to src/scripts/containers/meeting.sh
diff --git a/src/templates/containers/proxy/proxy.sh b/src/scripts/containers/proxy.sh
similarity index 100%
rename from src/templates/containers/proxy/proxy.sh
rename to src/scripts/containers/proxy.sh
diff --git a/src/templates/containers/social/.sh b/src/scripts/containers/social.sh
similarity index 100%
rename from src/templates/containers/social/.sh
rename to src/scripts/containers/social.sh
diff --git a/src/templates/containers/system/system.sh b/src/scripts/containers/system.sh
similarity index 100%
rename from src/templates/containers/system/system.sh
rename to src/scripts/containers/system.sh
diff --git a/src/templates/containers/table-editor/table-editor.sh b/src/scripts/containers/table-editor.sh
similarity index 100%
rename from src/templates/containers/table-editor/table-editor.sh
rename to src/scripts/containers/table-editor.sh
diff --git a/src/templates/containers/tables/tables.sh b/src/scripts/containers/tables.sh
similarity index 100%
rename from src/templates/containers/tables/tables.sh
rename to src/scripts/containers/tables.sh
diff --git a/src/templates/containers/webmail/webmail.sh b/src/scripts/containers/webmail.sh
similarity index 100%
rename from src/templates/containers/webmail/webmail.sh
rename to src/scripts/containers/webmail.sh
diff --git a/src/templates/containers/prompt.txt b/src/scripts/prompt.txt
similarity index 100%
rename from src/templates/containers/prompt.txt
rename to src/scripts/prompt.txt
diff --git a/src/scripts/containers/cleaner.sh b/src/scripts/utils/cleaner.sh
similarity index 100%
rename from src/scripts/containers/cleaner.sh
rename to src/scripts/utils/cleaner.sh
diff --git a/src/scripts/containers/install-libreoffice-online.sh b/src/scripts/utils/install-libreoffice-online.sh
similarity index 100%
rename from src/scripts/containers/install-libreoffice-online.sh
rename to src/scripts/utils/install-libreoffice-online.sh
diff --git a/src/scripts/containers/set-limits.sh b/src/scripts/utils/set-limits.sh
similarity index 100%
rename from src/scripts/containers/set-limits.sh
rename to src/scripts/utils/set-limits.sh
diff --git a/src/scripts/containers/set-size-5GB.sh b/src/scripts/utils/set-size-5GB.sh
similarity index 100%
rename from src/scripts/containers/set-size-5GB.sh
rename to src/scripts/utils/set-size-5GB.sh
diff --git a/src/scripts/containers/setup-host.sh b/src/scripts/utils/setup-host.sh
similarity index 100%
rename from src/scripts/containers/setup-host.sh
rename to src/scripts/utils/setup-host.sh
diff --git a/src/scripts/containers/startup.sh b/src/scripts/utils/startup.sh
similarity index 100%
rename from src/scripts/containers/startup.sh
rename to src/scripts/utils/startup.sh