From b08808d63af3ece4aaa4c31c7342cd093e06b793 Mon Sep 17 00:00:00 2001
From: Jake Ginesin <jakeginesin@gmail.com>
Date: Sat, 11 Apr 2026 10:06:29 -0400
Subject: [PATCH] lxc patch 3

---
 home/scripts/lxc/lab-create.sh | 47 ++++++++++++++++++----------------
 1 file changed, 25 insertions(+), 22 deletions(-)

diff --git a/home/scripts/lxc/lab-create.sh b/home/scripts/lxc/lab-create.sh
index c5aa6fc..336b377 100644
--- a/home/scripts/lxc/lab-create.sh
+++ b/home/scripts/lxc/lab-create.sh
@@ -5,31 +5,43 @@ USER="$1"
 KEYFILE="$2"
 CONTAINER="lxc-${USER}"
 
-echo "Creating LXC container ${CONTAINER}..."
-# lxc-create -n "$CONTAINER" -t download -- -d ubuntu -r noble -a amd64
+# pick next available IP
+LAST=$(grep -rh 'lxc.net.0.ipv4.address' /var/lib/lxc/*/config 2>/dev/null \
+  | grep -oP '10\.100\.0\.\K\d+' | sort -n | tail -1)
+NEXT_OCTET=$(( ${LAST:-9} + 1 ))
+CONTAINER_IP="10.100.0.${NEXT_OCTET}"
+
+echo "Creating LXC container ${CONTAINER} (${CONTAINER_IP})..."
 lxc-create -n "$CONTAINER" -f /etc/lxc/default.conf -t download -- -d ubuntu -r noble -a amd64
 
+# assign static IP via LXC config (host-side, always works)
+cat >> "/var/lib/lxc/${CONTAINER}/config" <<EOF
+lxc.net.0.ipv4.address = ${CONTAINER_IP}/24
+lxc.net.0.ipv4.gateway = 10.100.0.1
+lxc.start.auto = 1
+EOF
 
-# configure DHCP before first boot
+# write resolv.conf into rootfs before boot
+echo "nameserver 8.8.8.8" > "/var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf"
+
+# disable any in-container networking that might fight us
+rm -f "/var/lib/lxc/${CONTAINER}/rootfs/etc/netplan/"*.yaml 2>/dev/null
 mkdir -p "/var/lib/lxc/${CONTAINER}/rootfs/etc/netplan"
-cat > "/var/lib/lxc/${CONTAINER}/rootfs/etc/netplan/10-dhcp.yaml" <<EOF
+cat > "/var/lib/lxc/${CONTAINER}/rootfs/etc/netplan/10-lxc.yaml" <<EOF
 network:
   version: 2
+  renderer: networkd
   ethernets:
     eth0:
-      dhcp4: true
-      nameservers:
-        addresses: [8.8.8.8, 1.1.1.1]
+      dhcp4: false
 EOF
 
 # start it
 lxc-start -n "$CONTAINER"
-
-# wait for networking
 sleep 5
 
-# set root password, install SSH, inject key
-lxc-attach -n "$CONTAINER" -- /bin/bash -c "
+# install SSH, inject key
+lxc-attach --clear-env -n "$CONTAINER" -- /bin/bash -c "
   export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
   apt-get update && apt-get install -y openssh-server
   mkdir -p /root/.ssh
@@ -39,27 +51,18 @@ lxc-attach -n "$CONTAINER" -- /bin/bash -c "
   systemctl restart ssh
 "
 
-# push the key in
-cat "$KEYFILE" | lxc-attach -n "$CONTAINER" -- /bin/bash -c "
+cat "$KEYFILE" | lxc-attach --clear-env -n "$CONTAINER" -- /bin/bash -c "
   export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
   tee /root/.ssh/authorized_keys > /dev/null
   chmod 600 /root/.ssh/authorized_keys
 "
 
-# auto-start on boot
-echo "lxc.start.auto = 1" >> "/var/lib/lxc/${CONTAINER}/config"
-
-# get container IP
-CONTAINER_IP=$(lxc-info -n "$CONTAINER" -iH | head -1)
-
-# create host user that maps to this container
+# create host user
 useradd -m -s /bin/bash -G labmates "$USER" 2>/dev/null || true
 mkdir -p "/home/${USER}/.ssh"
 cp "$KEYFILE" "/home/${USER}/.ssh/authorized_keys"
 chown -R "${USER}:${USER}" "/home/${USER}/.ssh"
 chmod 700 "/home/${USER}/.ssh"
 
-# store mapping
 echo "$CONTAINER" > "/home/${USER}/.lxc-container"
-
 echo "Done. ${USER} SSH -> root@${CONTAINER} (${CONTAINER_IP})"