49 lines
912 B
Bash
49 lines
912 B
Bash
#!/bin/bash
|
|
#
|
|
#
|
|
tfR=TofuUser
|
|
tfU=tofuer
|
|
tk=tofu
|
|
|
|
pveum role add "${tfR}" -privs "\
|
|
Datastore.Allocate \
|
|
Datastore.AllocateSpace \
|
|
Datastore.Audit \
|
|
Pool.Allocate \
|
|
Pool.Audit \
|
|
Sys.Audit \
|
|
Sys.Console \
|
|
Sys.Modify \
|
|
Sys.Syslog \
|
|
VM.Allocate \
|
|
VM.Audit \
|
|
VM.Clone \
|
|
VM.Config.CDROM \
|
|
VM.Config.Cloudinit \
|
|
VM.Config.CPU \
|
|
VM.Config.Disk \
|
|
VM.Config.HWType \
|
|
VM.Config.Memory \
|
|
VM.Config.Network \
|
|
VM.Config.Options \
|
|
VM.Console \
|
|
VM.Migrate \
|
|
VM.GuestAgent.Audit \
|
|
VM.GuestAgent.FileRead \
|
|
VM.GuestAgent.FileWrite \
|
|
VM.GuestAgent.FileSystemMgmt \
|
|
VM.GuestAgent.Unrestricted \
|
|
VM.PowerMgmt \
|
|
Mapping.Audit \
|
|
Mapping.Use \
|
|
SDN.Audit \
|
|
SDN.Use"
|
|
|
|
|
|
pveum user add "${tfU}@pve" --password 'Azerty1+-'
|
|
|
|
pveum aclmod / -user "${tfU}@pve" -role "${tfR}"
|
|
|
|
pveum user token add "${tfU}@pve" "$tk" -expire 0 -privsep 0 -comment "Tofu token"|tee "tk-${tk}.txt"
|
|
|