root/zfs-hetzner-vm
1
0
Fork 0
mirror of https://github.com/terem42/zfs-hetzner-vm.git synced 2025-12-22 23:08:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: root:deb12
Branches Tags
root:master root:new_os root:new_pkg root:encr root:deb12 root:tmpdir root:terem42-patch-1 root:newzfs root:vmtest root:newres root:ubuntu20 root:debian10 root:debian11
root:v1.4.3 root:v1.4.2 root:v1.4.1 root:v1.4 root:v1.3 root:v1.2 root:v1.1
...
compare: root:v1.4.2
Branches Tags
root:master root:new_os root:new_pkg root:encr root:deb12 root:tmpdir root:terem42-patch-1 root:newzfs root:vmtest root:newres root:ubuntu20 root:debian10 root:debian11
root:v1.4.3 root:v1.4.2 root:v1.4.1 root:v1.4 root:v1.3 root:v1.2 root:v1.1

16 Commits
deb12 ... v1.4.2

Author SHA1 Message Date
Tom Janssen
8858afa4a3 Update hetzner-debian12-zfs-setup.sh (#71) 2025-04-21 23:03:14 +02:00
Piotr Plenzler
d11cae2671 Fix typo in Debian 12 script (#67) 
"Debian 11" -> "Debian 12"
 2025-04-21 23:02:36 +02:00
tyl0re
373f77fa73 Rechtschreibfehler (#65) 2025-04-21 23:02:02 +02:00
Cong Zhang
587d3a1f4f fix grub install error (#75) 
Co-authored-by: Nemo <9478806+terem42@users.noreply.github.com>
 2025-04-21 23:01:11 +02:00
greenpsi
556157ed33 add ability to install debian 12 in UEFI mode (#76) 
check, whether the machine is booted in EFI mode, then setup an EFI
partition and install efi grub instead of legacy grub.
This is required, since new hetzner machines don't have the ability
to boot in legacy mode anymore.

Co-authored-by: Micha Goetz <mg@altasigma.com>
Co-authored-by: Nemo <9478806+terem42@users.noreply.github.com>
 2025-04-21 22:58:25 +02:00
Andrey Prokopenko
56e36a0987 fix for issue 74 2025-04-21 22:53:35 +02:00
Andrey Prokopenko
d5b4bf3034 fix for issue 77, originally authored by brianharte 2025-04-21 22:35:29 +02:00
rcn
f79b735143 Install GRUB on all selected disks (#66) 
Co-authored-by: Robert Flechtner <robert.flechtner@power.cloud>
 2023-11-28 17:22:23 +01:00
terem42
dc23d826e3 Grub fix (#64) 
* zed initial load proc fix
 2023-10-11 11:27:43 +02:00
terem42
3b9724e6af noauto set rpool name fix (#63) 
* rpool ref fix

* dropbear update
 2023-10-10 17:05:37 +02:00
terem42
23ec2c0e89 Grub fix (#62) 
* rpool dynamic naming fix
 2023-10-10 14:16:11 +02:00
terem42
00ed04d44e dropbear fixes for encrypted root (#61) 
dropbear fixes for encrypted root
 2023-10-07 14:27:41 +02:00
terem42
27bb8d8302 Update hetzner-ubuntu22-zfs-setup.sh 2023-10-06 21:50:03 +02:00
terem42
6c015b895d Update README.md 2023-10-06 20:32:34 +02:00
terem42
b40c5e0699 Fix dropbear setup (#60) 
fix dropbear across Ubuntu and Debian variants
 2023-10-06 20:31:31 +02:00
terem42
0053d63360 rescue updated (#59) 
* updated zfs for new rescue
 2023-10-05 16:05:31 +02:00
7 changed files with 245 additions and 161 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -2,7 +2,7 @@
[![shellcheck](https://github.com/terem42/zfs-hetzner-vm/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/terem42/zfs-hetzner-vm/actions/workflows/shellcheck.yml) [![shellcheck](https://github.com/terem42/zfs-hetzner-vm/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/terem42/zfs-hetzner-vm/actions/workflows/shellcheck.yml)
Scripts to install Debian 11, 10 or Ubuntu 18 LTS, 20 LTS, 22 LTS with ZFS root on Hetzner root servers (virtual and dedicated).<br/> Scripts to install Debian 10, 11, 12 or Ubuntu 18 LTS, 20 LTS, 22 LTS with ZFS root on Hetzner root servers (virtual and dedicated).<br/>
__WARNING:__ all data on the disk will be destroyed. __WARNING:__ all data on the disk will be destroyed.
## How to use: ## How to use:
@@ -24,6 +24,12 @@ Debian 11 minimal setup with SSH server
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian11-zfs-setup.sh | bash - wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian11-zfs-setup.sh | bash -
```` ````
Debian 12 minimal setup with SSH server
````bash
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian12-zfs-setup.sh | bash -
````
Ubuntu 18.04 LTS minimal setup with SSH server Ubuntu 18.04 LTS minimal setup with SSH server
````bash ````bash

54
hetzner-debian10-zfs-setup.sh
View File

@@ -138,20 +138,20 @@ function check_prerequisites {
function initial_load_debian_zed_cache { function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache" chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool" chroot_execute "touch /etc/zfs/zfs-list.cache/$v_rpool_name"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/" chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &" chroot_execute "zed -F &"
local success=0 local success=0
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then if [[ ! -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] || [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
SECONDS=0 SECONDS=0
while (( SECONDS++ <= 300 )); do while (( SECONDS++ <= 120 )); do
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) > 0 )); then if [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) > 0 )); then
success=1 success=1
break break
else else
@@ -169,7 +169,7 @@ function initial_load_debian_zed_cache {
chroot_execute "pkill zed" chroot_execute "pkill zed"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool sed -Ei "s|/$c_zfs_mount_dir/?|/|g" "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name"
} }
function find_suitable_disks { function find_suitable_disks {
@@ -399,7 +399,7 @@ function determine_kernel_variant {
} }
function chroot_execute { function chroot_execute {
chroot $c_zfs_mount_dir bash -c "$1" chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
} }
function unmount_and_export_fs { function unmount_and_export_fs {
@@ -494,9 +494,20 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common # echo "y" | zfs
echo "y" | zfs # linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -562,9 +573,7 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian"
zfs mount "$v_bpool_name/BOOT/debian" zfs mount "$v_bpool_name/BOOT/debian"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var" zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log" zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool" zfs create "$v_rpool_name/var/spool"
@@ -615,7 +624,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -629,9 +638,6 @@ CONF
chroot_execute "systemctl enable systemd-networkd.service" chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service" chroot_execute "systemctl enable systemd-resolved.service"
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do for virtual_fs_dir in proc sys dev; do
mount --rbind "/$virtual_fs_dir" "$c_zfs_mount_dir/$virtual_fs_dir" mount --rbind "/$virtual_fs_dir" "$c_zfs_mount_dir/$virtual_fs_dir"
@@ -744,12 +750,14 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" chroot_execute "apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}" for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -763,7 +771,8 @@ if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear==============" echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
mkdir -p "$c_zfs_mount_dir/etc/dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
@@ -790,6 +799,7 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug =========" echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -822,7 +832,7 @@ auto lo
iface lo inet loopback iface lo inet loopback
iface lo inet6 loopback iface lo inet6 loopback
auto eth0 allow-hotplug eth0
iface eth0 inet dhcp iface eth0 inet dhcp
iface eth0 inet6 dhcp iface eth0 inet6 dhcp
CONF CONF
@@ -837,7 +847,7 @@ chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
else else
initial_load_debian_zed_cache initial_load_debian_zed_cache
fi fi

60
hetzner-debian11-zfs-setup.sh
View File

@@ -139,20 +139,20 @@ function check_prerequisites {
function initial_load_debian_zed_cache { function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache" chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool" chroot_execute "touch /etc/zfs/zfs-list.cache/$v_rpool_name"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/" chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &" chroot_execute "zed -F &"
local success=0 local success=0
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then if [[ ! -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] || [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
SECONDS=0 SECONDS=0
while (( SECONDS++ <= 120 )); do while (( SECONDS++ <= 120 )); do
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) > 0 )); then if [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) > 0 )); then
success=1 success=1
break break
else else
@@ -170,7 +170,7 @@ function initial_load_debian_zed_cache {
chroot_execute "pkill zed" chroot_execute "pkill zed"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool sed -Ei "s|/$c_zfs_mount_dir/?|/|g" "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name"
} }
function find_suitable_disks { function find_suitable_disks {
@@ -400,7 +400,7 @@ function determine_kernel_variant {
} }
function chroot_execute { function chroot_execute {
chroot $c_zfs_mount_dir bash -c "$1" chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
} }
function unmount_and_export_fs { function unmount_and_export_fs {
@@ -495,9 +495,20 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common # echo "y" | zfs
echo "y" | zfs # linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -563,9 +574,7 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian"
zfs mount "$v_bpool_name/BOOT/debian" zfs mount "$v_bpool_name/BOOT/debian"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var" zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log" zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool" zfs create "$v_rpool_name/var/spool"
@@ -616,7 +625,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -630,8 +639,7 @@ CONF
chroot_execute "systemctl enable systemd-networkd.service" chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service" chroot_execute "systemctl enable systemd-resolved.service"
#cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do for virtual_fs_dir in proc sys dev; do
@@ -746,13 +754,15 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-legacy" chroot_execute "apt install --yes grub-legacy"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" chroot_execute "apt install --yes grub-pc"
chroot_execute "grub-install --recheck ${v_selected_disks[0]}" for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install --recheck $disk"
done
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -766,21 +776,22 @@ if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear==============" echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" mkdir -p "$c_zfs_mount_dir/etc/dropbear/initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear/initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear-initramfs/dropbear_rsa_host_key" chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear/initramfs/dropbear_rsa_host_key"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear-initramfs/dropbear_ecdsa_host_key" chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear/initramfs/dropbear_ecdsa_host_key"
chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp" chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear/initramfs/dropbear_dss_host_key"
fi fi
echo "============setup root prompt============" echo "============setup root prompt============"
@@ -793,6 +804,7 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug =========" echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -832,7 +844,7 @@ chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
else else
initial_load_debian_zed_cache initial_load_debian_zed_cache
fi fi

122
hetzner-debian12-zfs-setup.sh
View File

@@ -2,7 +2,7 @@
: <<'end_header_info' : <<'end_header_info'
(c) Andrey Prokopenko job@terem.fr (c) Andrey Prokopenko job@terem.fr
fully automatic script to install Debian 11 with ZFS root on Hetzner VPS fully automatic script to install Debian 12 with ZFS root on Hetzner VPS
WARNING: all data on the disk will be destroyed WARNING: all data on the disk will be destroyed
How to use: add SSH key to the rescue console, set it OS to linux64, then press "mount rescue and power cycle" button How to use: add SSH key to the rescue console, set it OS to linux64, then press "mount rescue and power cycle" button
Next, connect via SSH to console, and run the script Next, connect via SSH to console, and run the script
@@ -49,6 +49,7 @@ c_log_dir=$(dirname "$(mktemp)")/zfs-hetzner-vm
c_install_log=$c_log_dir/install.log c_install_log=$c_log_dir/install.log
c_lsb_release_log=$c_log_dir/lsb_release.log c_lsb_release_log=$c_log_dir/lsb_release.log
c_disks_log=$c_log_dir/disks.log c_disks_log=$c_log_dir/disks.log
c_efimode_enabled="$(if [[ -d /sys/firmware/efi/efivars ]]; then echo 1; else echo 0; fi)"
function activate_debug { function activate_debug {
mkdir -p "$c_log_dir" mkdir -p "$c_log_dir"
@@ -107,7 +108,7 @@ function display_intro_banner {
print_step_info_header print_step_info_header
local dialog_message='Hello! local dialog_message='Hello!
This script will prepare the ZFS pools, then install and configure minimal Debian 11 with ZFS root on Hetzner hosting VPS instance This script will prepare the ZFS pools, then install and configure minimal Debian 12 with ZFS root on Hetzner hosting VPS instance
The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system. The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system.
In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running. In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running.
' '
@@ -139,20 +140,20 @@ function check_prerequisites {
function initial_load_debian_zed_cache { function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache" chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool" chroot_execute "touch /etc/zfs/zfs-list.cache/$v_rpool_name"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/" chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &" chroot_execute "zed -F &"
local success=0 local success=0
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then if [[ ! -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] || [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
SECONDS=0 SECONDS=0
while (( SECONDS++ <= 120 )); do while (( SECONDS++ <= 120 )); do
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) > 0 )); then if [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) > 0 )); then
success=1 success=1
break break
else else
@@ -170,7 +171,7 @@ function initial_load_debian_zed_cache {
chroot_execute "pkill zed" chroot_execute "pkill zed"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool sed -Ei "s|/$c_zfs_mount_dir/?|/|g" "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name"
} }
function find_suitable_disks { function find_suitable_disks {
@@ -400,7 +401,7 @@ function determine_kernel_variant {
} }
function chroot_execute { function chroot_execute {
chroot $c_zfs_mount_dir bash -c "$1" chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
} }
function unmount_and_export_fs { function unmount_and_export_fs {
@@ -495,9 +496,21 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
echo "y" | zfs # echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -510,7 +523,11 @@ echo "======= partitioning the disk =========="
for selected_disk in "${v_selected_disks[@]}"; do for selected_disk in "${v_selected_disks[@]}"; do
wipefs --all --force "$selected_disk" wipefs --all --force "$selected_disk"
sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk" if (( c_efimode_enabled == 1 )); then
sgdisk -a1 -n1:24K:+1G -t1:EF00 "$selected_disk" # EFI partition
else
sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk"
fi
sgdisk -n2:0:+2G -t2:BF01 "$selected_disk" # Boot pool sgdisk -n2:0:+2G -t2:BF01 "$selected_disk" # Boot pool
sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool
done done
@@ -541,8 +558,8 @@ echo "======= create zfs pools and datasets =========="
# shellcheck disable=SC2086 # shellcheck disable=SC2086
zpool create \ zpool create \
$v_bpool_tweaks -O canmount=off -O devices=off \
-o cachefile=/etc/zpool.cache \ -o cachefile=/etc/zpool.cache \
-o compatibility=grub2 \
-O mountpoint=/boot -R $c_zfs_mount_dir -f \ -O mountpoint=/boot -R $c_zfs_mount_dir -f \
$v_bpool_name $pools_mirror_option "${bpool_disks_partitions[@]}" $v_bpool_name $pools_mirror_option "${bpool_disks_partitions[@]}"
@@ -564,9 +581,8 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian"
zfs mount "$v_bpool_name/BOOT/debian" zfs mount "$v_bpool_name/BOOT/debian"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root" #zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var" zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log" zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool" zfs create "$v_rpool_name/var/spool"
@@ -595,6 +611,16 @@ if [[ $v_swap_size -gt 0 ]]; then
mkswap -f "/dev/zvol/$v_rpool_name/swap" mkswap -f "/dev/zvol/$v_rpool_name/swap"
fi fi
if (( c_efimode_enabled == 1 )); then
echo "======= create filesystem on EFI partition(s) =========="
for selected_disk in "${v_selected_disks[@]}"; do
mkfs.fat -F32 "${selected_disk}-part1"
done
mkdir -p "$c_zfs_mount_dir/boot/efi"
mount "${v_selected_disks[0]}-part1" "$c_zfs_mount_dir/boot/efi"
fi
echo "======= setting up initial system packages ==========" echo "======= setting up initial system packages =========="
debootstrap --arch=amd64 bookworm "$c_zfs_mount_dir" "$c_deb_packages_repo" debootstrap --arch=amd64 bookworm "$c_zfs_mount_dir" "$c_deb_packages_repo"
@@ -617,9 +643,9 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > "$c_zfs_mount_dir/etc/systemd/network/10-eth0.network"
[Match] [Match]
Name=eth0 Name=eth0
@@ -629,10 +655,6 @@ Address=${ip6addr_prefix}:1/64
Gateway=fe80::1 Gateway=fe80::1
CONF CONF
chroot_execute "systemctl enable systemd-networkd.service" chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service"
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do for virtual_fs_dir in proc sys dev; do
@@ -687,7 +709,6 @@ console-setup console-setup/fontsize-text47 select 8x16
console-setup console-setup/codesetcode string Lat15 console-setup console-setup/codesetcode string Lat15
tzdata tzdata/Areas select Europe tzdata tzdata/Areas select Europe
tzdata tzdata/Zones/Europe select Vienna tzdata tzdata/Zones/Europe select Vienna
grub-pc grub-pc/install_devices_empty boolean true
CONF' CONF'
chroot_execute "dpkg-reconfigure locales -f noninteractive" chroot_execute "dpkg-reconfigure locales -f noninteractive"
@@ -698,10 +719,11 @@ chroot_execute "dpkg-reconfigure console-setup -f noninteractive"
chroot_execute "setupcon" chroot_execute "setupcon"
chroot_execute "rm -f /etc/localtime /etc/timezone" chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive " chroot_execute "dpkg-reconfigure tzdata -f noninteractive"
echo "======= installing latest kernel=============" echo "======= installing latest kernel============="
chroot_execute "apt install --yes linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64" # linux-headers-generic linux-image-generic
chroot_execute "apt install --yes linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64 dpkg-dev"
echo "======= installing aux packages ==========" echo "======= installing aux packages =========="
chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg" chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg"
@@ -728,8 +750,6 @@ echo "======= installing OpenSSH and network tooling =========="
chroot_execute "apt install --yes openssh-server net-tools" chroot_execute "apt install --yes openssh-server net-tools"
echo "======= setup OpenSSH ==========" echo "======= setup OpenSSH =========="
mkdir -p "$c_zfs_mount_dir/root/.ssh/"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys"
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config" sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config" sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
chroot_execute "rm /etc/ssh/ssh_host_*" chroot_execute "rm /etc/ssh/ssh_host_*"
@@ -740,20 +760,32 @@ chroot_execute "echo root:$(printf "%q" "$v_root_password") | chpasswd"
echo "======= setting up zfs cache ==========" echo "======= setting up zfs cache =========="
cp /etc/zpool.cache /mnt/etc/zfs/zpool.cache cp /etc/zpool.cache "$c_zfs_mount_dir/etc/zfs/zpool.cache"
echo "========setting up zfs module parameters========" echo "========setting up zfs module parameters========"
chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf" chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf"
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" if (( c_efimode_enabled == 1 )); then
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-legacy" chroot_execute "apt install --yes grub-efi-amd64"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" else
chroot_execute "grub-install --recheck ${v_selected_disks[0]}" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-legacy"
chroot_execute "apt install --yes grub-pc"
fi
if (( c_efimode_enabled == 1 )); then
#chroot_execute grub-probe /boot
chroot_execute grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=debian --recheck
else
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install --recheck $disk"
done
fi
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -767,21 +799,22 @@ if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear==============" echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" mkdir -p "$c_zfs_mount_dir/etc/dropbear/initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear/initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear-initramfs/dropbear_rsa_host_key" chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear/initramfs/dropbear_rsa_host_key"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear-initramfs/dropbear_ecdsa_host_key" chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear/initramfs/dropbear_ecdsa_host_key"
chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp" chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear/initramfs/dropbear_dss_host_key"
fi fi
echo "============setup root prompt============" echo "============setup root prompt============"
@@ -792,8 +825,13 @@ export LS_OPTIONS='--color=auto -h'
eval "\$(dircolors)" eval "\$(dircolors)"
CONF CONF
echo "========running packages upgrade===========" echo "========= add root pubkey for login via SSH"
mkdir -p "$c_zfs_mount_dir/root/.ssh/"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys"
echo "========running packages upgrade and autoremove==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug =========" echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -828,17 +866,23 @@ chmod 755 "$c_zfs_mount_dir/etc/network/interfaces"
echo "======= update initramfs ==========" echo "======= update initramfs =========="
chroot_execute "update-initramfs -u -k all" chroot_execute "update-initramfs -u -k all"
chroot_execute "apt remove cryptsetup* --yes"
echo "======= update grub ==========" echo "======= update grub =========="
chroot_execute "update-grub" chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
else else
initial_load_debian_zed_cache initial_load_debian_zed_cache
fi fi
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
if (( c_efimode_enabled == 1 )); then
umount "$c_zfs_mount_dir/boot/efi"
fi
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/debian" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/debian"
chroot_execute "echo $v_bpool_name/BOOT/debian /boot zfs nodev,relatime,x-systemd.requires=zfs-mount.service,x-systemd.device-timeout=10 0 0 > /etc/fstab" chroot_execute "echo $v_bpool_name/BOOT/debian /boot zfs nodev,relatime,x-systemd.requires=zfs-mount.service,x-systemd.device-timeout=10 0 0 > /etc/fstab"

56
hetzner-ubuntu18-zfs-setup.sh
View File

@@ -366,7 +366,7 @@ function determine_kernel_variant {
} }
function chroot_execute { function chroot_execute {
chroot $c_zfs_mount_dir bash -c "$1" chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
} }
function unmount_and_export_fs { function unmount_and_export_fs {
@@ -462,9 +462,20 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common # echo "y" | zfs
echo "y" | zfs # linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -530,9 +541,7 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu" zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var" zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log" zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool" zfs create "$v_rpool_name/var/spool"
@@ -583,7 +592,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -598,6 +607,7 @@ CONF
chroot_execute "systemctl enable systemd-networkd.service" chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service" chroot_execute "systemctl enable systemd-resolved.service"
#cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
mkdir -p "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/" mkdir -p "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/"
cat > "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg" <<CONF cat > "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg" <<CONF
@@ -607,7 +617,6 @@ CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do for virtual_fs_dir in proc sys dev; do
@@ -676,10 +685,10 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive " chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel=============" echo "======= installing latest kernel============="
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant}-hwe-18.04 linux-image${v_kernel_variant}-hwe-18.04" chroot_execute "apt install --yes linux-headers${v_kernel_variant}-hwe-18.04 linux-image${v_kernel_variant}-hwe-18.04"
if [[ $v_kernel_variant == "-virtual" ]]; then if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts # linux-image-extra is only available for virtual hosts
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual-hwe-18.04" chroot_execute "apt install --yes linux-image-extra-virtual-hwe-18.04"
fi fi
echo "======= installing aux packages ==========" echo "======= installing aux packages =========="
@@ -727,12 +736,14 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" chroot_execute "apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}" for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -760,18 +771,6 @@ if [[ $v_encrypt_rpool == "1" ]]; then
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
cd "$c_zfs_mount_dir/root"
wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.1.0-3_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2018.76-5_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2018.76-5_all.deb
chroot_execute "dpkg -i /root/libtommath1_1.1.0-3_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-bin_2018.76-5_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-initramfs_2018.76-5_all.deb"
rm $c_zfs_mount_dir/root/*.deb
cd /root
fi fi
echo "============setup root prompt============" echo "============setup root prompt============"
@@ -784,6 +783,7 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug =========" echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -807,8 +807,8 @@ esac
configure_networking configure_networking
ip route add 172.31.1.1/255.255.255.255 dev ens3 ip route add 172.31.1.1/255.255.255.255 dev eth0
ip route add default via 172.31.1.1 dev ens3 ip route add default via 172.31.1.1 dev eth0
CONF CONF
chmod 755 "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route" chmod 755 "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route"
@@ -821,7 +821,7 @@ chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"

42
hetzner-ubuntu20-zfs-setup.sh
View File

@@ -366,7 +366,7 @@ function determine_kernel_variant {
} }
function chroot_execute { function chroot_execute {
chroot $c_zfs_mount_dir bash -c "$1" chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
} }
function unmount_and_export_fs { function unmount_and_export_fs {
@@ -462,9 +462,20 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common # echo "y" | zfs
echo "y" | zfs # linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -530,9 +541,7 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu" zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var" zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log" zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool" zfs create "$v_rpool_name/var/spool"
@@ -583,7 +592,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -607,7 +616,7 @@ CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf #cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do for virtual_fs_dir in proc sys dev; do
@@ -676,10 +685,10 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive " chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel=============" echo "======= installing latest kernel============="
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}" chroot_execute "apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}"
if [[ $v_kernel_variant == "-virtual" ]]; then if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts # linux-image-extra is only available for virtual hosts
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual" chroot_execute "apt install --yes linux-image-extra-virtual"
fi fi
@@ -728,12 +737,14 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" chroot_execute "apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}" for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -746,7 +757,7 @@ done
if [[ $v_encrypt_rpool == "1" ]]; then if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear==============" echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
@@ -785,6 +796,7 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug =========" echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -822,7 +834,7 @@ chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"

64
hetzner-ubuntu22-zfs-setup.sh
View File

@@ -366,7 +366,7 @@ function determine_kernel_variant {
} }
function chroot_execute { function chroot_execute {
chroot $c_zfs_mount_dir bash -c "$1" chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
} }
function unmount_and_export_fs { function unmount_and_export_fs {
@@ -462,9 +462,20 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common # echo "y" | zfs
echo "y" | zfs # linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -530,9 +541,8 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu" zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root" #zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var" zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log" zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool" zfs create "$v_rpool_name/var/spool"
@@ -583,7 +593,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -607,8 +617,6 @@ CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do for virtual_fs_dir in proc sys dev; do
mount --rbind "/$virtual_fs_dir" "$c_zfs_mount_dir/$virtual_fs_dir" mount --rbind "/$virtual_fs_dir" "$c_zfs_mount_dir/$virtual_fs_dir"
@@ -677,10 +685,10 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive " chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel=============" echo "======= installing latest kernel============="
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}" chroot_execute "apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}"
if [[ $v_kernel_variant == "-virtual" ]]; then if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts # linux-image-extra is only available for virtual hosts
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual" chroot_execute "apt install --yes linux-image-extra-virtual"
fi fi
@@ -729,12 +737,14 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" chroot_execute "apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}" for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -747,33 +757,22 @@ done
if [[ $v_encrypt_rpool == "1" ]]; then if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear==============" echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" mkdir -p "$c_zfs_mount_dir/etc/dropbear/initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear/initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear-initramfs/dropbear_rsa_host_key" chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear/initramfs/dropbear_rsa_host_key"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear-initramfs/dropbear_ecdsa_host_key" chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear/initramfs/dropbear_ecdsa_host_key"
chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp" chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear/initramfs/dropbear_dss_host_key"
cd "$c_zfs_mount_dir/root"
wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.2.0-6_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2020.81-3_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2020.81-3_all.deb
chroot_execute "dpkg -i /root/libtommath1_1.2.0-6_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-bin_2020.81-3_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-initramfs_2020.81-3_all.deb"
rm $c_zfs_mount_dir/root/*.deb
cd /root
fi fi
echo "============setup root prompt============" echo "============setup root prompt============"
@@ -786,6 +785,7 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug =========" echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -823,7 +823,7 @@ chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto $v_rpool_name"
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"