root/zfs-hetzner-vm
1
0
Fork 0
mirror of https://github.com/terem42/zfs-hetzner-vm.git synced 2025-12-23 23:38:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: root:debian10
Branches Tags
root:master root:new_os root:new_pkg root:encr root:deb12 root:tmpdir root:terem42-patch-1 root:newzfs root:vmtest root:newres root:ubuntu20 root:debian10 root:debian11
root:v1.4.3 root:v1.4.2 root:v1.4.1 root:v1.4 root:v1.3 root:v1.2 root:v1.1
..
compare: root:vmtest
Branches Tags
root:master root:new_os root:new_pkg root:encr root:deb12 root:tmpdir root:terem42-patch-1 root:newzfs root:vmtest root:newres root:ubuntu20 root:debian10 root:debian11
root:v1.4.3 root:v1.4.2 root:v1.4.1 root:v1.4 root:v1.3 root:v1.2 root:v1.1

22 Commits
debian10 ... vmtest

Author SHA1 Message Date
Andrey Prokopenko
dd395798a4 update 2021-09-18 17:45:20 +02:00
Andrey Prokopenko
eeb4f33154 update 2021-09-18 14:50:20 +02:00
Andrey Prokopenko
d911bab768 set to non-interactive 2021-09-18 13:37:53 +02:00
Andrey Prokopenko
01cc08383d update 2021-09-18 13:26:53 +02:00
Andrey Prokopenko
5e254ccdd1 update 2021-09-18 13:24:41 +02:00
Andrey Prokopenko
54d97134e2 update 2021-09-18 13:19:09 +02:00
Andrey Prokopenko
deeb74d45d added wget 2021-09-18 13:06:53 +02:00
Andrey Prokopenko
473643ca74 update 2021-09-18 12:59:26 +02:00
Andrey Prokopenko
4e7540f014 added deb11 script 2021-09-18 12:41:41 +02:00
Andrey Prokopenko
2ee5ba5a9e merged 2021-09-18 11:56:30 +02:00
Andrey Prokopenko
2da5a92743 updated to new apt repo 2021-09-18 11:53:40 +02:00
terem42
2bc53ff84f Update virtualbox-debian10-zfs-setup.sh 2020-10-15 23:48:47 +02:00
terem42
77b6069a44 Update virtualbox-debian10-zfs-setup.sh 2020-10-15 20:11:37 +02:00
Andrey Prokopenko
1d5c0a3faa updated repo name 2020-10-15 16:15:19 +02:00
Andrey Prokopenko
42434f1578 repo name updated 2020-04-18 00:23:51 +02:00
Andrey Prokopenko
edc32f0585 added back ip6 2020-03-14 17:05:05 +01:00
Andrey Prokopenko
8a4ecef1c8 removed ip6 2020-03-14 15:41:33 +01:00
Andrey Prokopenko
21e3c872cb added pkg install 2020-03-14 15:15:56 +01:00
Andrey Prokopenko
879feb651f added repos 2020-03-14 14:55:48 +01:00
Andrey Prokopenko
0f53cabb6d removed ssh key check 2020-03-14 14:49:18 +01:00
Andrey Prokopenko
fa584aeea8 added keys 2020-03-14 14:46:43 +01:00
Andrey Prokopenko
28ff4a2f55 added virtualbox test setup 2020-03-14 14:37:44 +01:00
6 changed files with 254 additions and 350 deletions
Expand all files Collapse all files

25
README.md
View File

@@ -1,6 +1,6 @@
# zfs-hetzner-vm # zfs-hetzner-vm
Scripts to install Debian 11, 10 or Ubuntu 18 with ZFS root on Hetzner root servers (virtual and dedicated).<br/> Scripts to install Debian 10 or Ubuntu 18 with ZFS root on Hetzner root servers (virtual and dedicated).<br/>
__WARNING:__ all data on the disk will be destroyed. __WARNING:__ all data on the disk will be destroyed.
## How to use: ## How to use:
@@ -10,36 +10,23 @@ __WARNING:__ all data on the disk will be destroyed.
* Click "enable rescue and power cycle", add SSH key to the rescue console, set it OS to linux64, then press mount rescue and power cycle" button. * Click "enable rescue and power cycle", add SSH key to the rescue console, set it OS to linux64, then press mount rescue and power cycle" button.
* connect via SSH to rescue console, and run the script from this repo. * connect via SSH to rescue console, and run the script from this repo.
Debian 11 minimal setup with SSH server
````bash
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian11-zfs-setup.sh | bash -
````
Ubuntu 20 LTS minimal setup with SSH server
````bash
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-ubuntu20-zfs-setup.sh | bash -
````
Debian 10 minimal setup with SSH server Debian 10 minimal setup with SSH server
````bash ````
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian10-zfs-setup.sh | bash - wget -qO- https://raw.githubusercontent.com/andrey42/zfs-hetzner-vm/master/hetzner-debian10-zfs-setup.sh | bash -
```` ````
Ubuntu 18.04 LTS minimal setup with SSH server Ubuntu 18.04 LTS minimal setup with SSH server
````bash ````
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-ubuntu18-zfs-setup.sh | bash - wget -qO- https://raw.githubusercontent.com/andrey42/zfs-hetzner-vm/master/hetzner-ubuntu18-zfs-setup.sh | bash -
```` ````
Answer script questions about desired hostname and ZFS ARC cache size. Answer script questions about desired hostname and ZFS ARC cache size.
To cope with network failures its higly recommended to run the commands above inside screen console, type `man screen` for more info. To cope with network failures its higly recommended to run the commands above inside screen console, type `man screen` for more info.
Example of screen utility usage: Example of screen utility usage:
````
````bash
screen -S zfs screen -S zfs
```` ````
To detach from screen console, hit Ctrl-d then a To detach from screen console, hit Ctrl-d then a

1
authorized_keys Normal file
View File

@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqK6rUM7EfLlMPPHGyLsOFswtvWKXxzo6DRLZdY9bSMUfB4TlgjaOE/VxQphzpfd47xELMixja03DmQKLcJAgUeuL2UXJQY7FlPqNzbJaXikju60YWy0GzPAMmG/DXsA9qneJ1iv2jmCovG+3EtbsDc2xKLEawvM9G0viWF84Z0/6swLqRDUARQlJkrxKPTDDyc0ixEUNpjwrTRupogqlHeQ1xOriEewCEfXIKv+CVlU86o9t1+R+lN54cJ/U+EyP3YF20JNHIjQMsQm0j2R8wNgr7xXK+9NEDHdMApsfkDBpHfpJt1Nrf4qmct/RMukwPr/Oqdwe7JJ09UjyZTb1KQ==

78
hetzner-debian10-zfs-setup.sh
View File

@@ -135,7 +135,7 @@ function check_prerequisites {
function initial_load_debian_zed_cache { function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache" chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool" chroot_execute "touch /etc/zfs/zfs-list.cache/rpool"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/" chroot_execute "ln -s /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &" chroot_execute "zed -F &"
@@ -450,7 +450,6 @@ function unmount_and_export_fs {
#################### MAIN ################################ #################### MAIN ################################
export LC_ALL=en_US.UTF-8 export LC_ALL=en_US.UTF-8
export NCURSES_NO_UTF8_ACS=1
check_prerequisites check_prerequisites
@@ -492,19 +491,10 @@ done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
cd "$(mktemp -d)"
wget "$(curl -Ls https://api.github.com/repos/openzfs/zfs/releases/latest| grep "browser_download_url.*tar.gz"|grep -E "tar.gz\"$"| cut -d '"' -f 4)"
apt update
apt install libssl-dev uuid-dev zlib1g-dev libblkid-dev -y
tar xfv zfs*.tar.gz
rm *.tar.gz
cd zfs*
./configure
make -j "$(nproc)"
make install
ldconfig
modprobe zfs
apt update
apt install --yes -t buster-backports libelf-dev zfs-dkms
modprobe zfs
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -562,8 +552,8 @@ zfs create -o canmount=off -o mountpoint=none "$v_bpool_name/BOOT"
zfs create -o canmount=noauto -o mountpoint=/ "$v_rpool_name/ROOT/debian" zfs create -o canmount=noauto -o mountpoint=/ "$v_rpool_name/ROOT/debian"
zfs mount "$v_rpool_name/ROOT/debian" zfs mount "$v_rpool_name/ROOT/debian"
zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian" zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/debian" zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root" zfs create -o mountpoint=/root "$v_rpool_name/home/root"
@@ -708,17 +698,20 @@ echo "======= installing aux packages =========="
chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg" chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg"
echo "======= installing zfs packages ==========" echo "======= installing zfs packages =========="
chroot_execute 'echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections'
if [[ $v_zfs_experimental == "1" ]]; then if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "wget -O - https://terem42.github.io/zfs-debian/apt_pub.gpg | apt-key add -" chroot_execute "wget -O - https://terem42.github.io/zfs-debian/apt_pub.gpg | apt-key add -"
chroot_execute "add-apt-repository 'deb https://terem42.github.io/zfs-debian/public zfs-debian-experimental main'" chroot_execute "add-apt-repository 'deb https://terem42.github.io/zfs-debian/public zfs-debian-experimental main'"
chroot_execute "apt update" chroot_execute "apt update"
chroot_execute "apt install -t zfs-debian-experimental --yes zfs-initramfs zfs-dkms zfsutils-linux"
else else
chroot_execute "apt install --yes -t buster-backports zfs-initramfs zfs-dkms zfsutils-linux" chroot_execute "apt install --yes zfs-initramfs zfs-dkms"
fi fi
chroot_execute 'echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections'
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "apt install --yes zfs-initramfs zfs-dkms zfsutils-linux"
else
chroot_execute "apt install -t zfs-debian-experimental --yes zfs-initramfs zfs-dkms zfsutils-linux"
fi
echo "======= installing OpenSSH and network tooling ==========" echo "======= installing OpenSSH and network tooling =========="
chroot_execute "apt install --yes openssh-server net-tools" chroot_execute "apt install --yes openssh-server net-tools"
@@ -744,7 +737,7 @@ Before=zfs-import-cache.service
Type=oneshot Type=oneshot
RemainAfterExit=yes RemainAfterExit=yes
ExecStartPre=/bin/sh -c '[ -f /etc/zfs/zpool.cache ] && mv /etc/zfs/zpool.cache /etc/zfs/preboot_zpool.cache || true' ExecStartPre=/bin/sh -c '[ -f /etc/zfs/zpool.cache ] && mv /etc/zfs/zpool.cache /etc/zfs/preboot_zpool.cache || true'
ExecStart=/sbin/zpool import -N -o cachefile=none -d /dev/disk/by-id $v_bpool_name ExecStart=/sbin/zpool import -N -o cachefile=none $v_bpool_name
ExecStartPost=/bin/sh -c '[ -f /etc/zfs/preboot_zpool.cache ] && mv /etc/zfs/preboot_zpool.cache /etc/zfs/zpool.cache || true' ExecStartPost=/bin/sh -c '[ -f /etc/zfs/preboot_zpool.cache ] && mv /etc/zfs/preboot_zpool.cache /etc/zfs/zpool.cache || true'
[Install] [Install]
@@ -794,6 +787,18 @@ if [[ $v_encrypt_rpool == "1" ]]; then
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
fi fi
#cd "$c_zfs_mount_dir/root"
#wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.1.0-3_amd64.deb
#wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2018.76-5_amd64.deb
#wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2018.76-5_all.deb
#chroot_execute "dpkg -i /root/libtommath1_1.1.0-3_amd64.deb"
#chroot_execute "dpkg -i /root/dropbear-bin_2018.76-5_amd64.deb"
#chroot_execute "dpkg -i /root/dropbear-initramfs_2018.76-5_all.deb"
#rm $c_zfs_mount_dir/root/*.deb
#cd /root
echo "============setup root prompt============" echo "============setup root prompt============"
cat > "$c_zfs_mount_dir/root/.bashrc" <<CONF cat > "$c_zfs_mount_dir/root/.bashrc" <<CONF
export PS1='\[\033[01;31m\]\u\[\033[01;33m\]@\[\033[01;32m\]\h \[\033[01;33m\]\w \[\033[01;35m\]\$ \[\033[00m\]' export PS1='\[\033[01;31m\]\u\[\033[01;33m\]@\[\033[01;32m\]\h \[\033[01;33m\]\w \[\033[01;35m\]\$ \[\033[00m\]'
@@ -805,31 +810,8 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug =========" #echo "===========add static route to initramfs via hook to add default routes due to initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" # removed
cat > "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route" <<'CONF'
#!/bin/sh
PREREQ=""
prereqs()
{
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
# Begin real processing below this line
configure_networking
ip route add 172.31.1.1/255.255.255.255 dev ens3
ip route add default via 172.31.1.1 dev ens3
CONF
echo "======= update initramfs ==========" echo "======= update initramfs =========="
chroot_execute "update-initramfs -u -k all" chroot_execute "update-initramfs -u -k all"
@@ -845,8 +827,8 @@ else
fi fi
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/debian" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"
chroot_execute "echo $v_bpool_name/BOOT/debian /boot zfs nodev,relatime,x-systemd.requires=zfs-import-bpool.service 0 0 > /etc/fstab" chroot_execute "echo $v_bpool_name/BOOT/ubuntu /boot zfs nodev,relatime,x-systemd.requires=zfs-import-bpool.service 0 0 > /etc/fstab"
chroot_execute "zfs set mountpoint=legacy $v_rpool_name/var/log" chroot_execute "zfs set mountpoint=legacy $v_rpool_name/var/log"
chroot_execute "echo $v_rpool_name/var/log /var/log zfs nodev,relatime 0 0 >> /etc/fstab" chroot_execute "echo $v_rpool_name/var/log /var/log zfs nodev,relatime 0 0 >> /etc/fstab"

4
hetzner-ubuntu18-zfs-setup.sh
View File

@@ -417,7 +417,6 @@ function unmount_and_export_fs {
#################### MAIN ################################ #################### MAIN ################################
export LC_ALL=en_US.UTF-8 export LC_ALL=en_US.UTF-8
export NCURSES_NO_UTF8_ACS=1
check_prerequisites check_prerequisites
@@ -619,7 +618,7 @@ CONF
chroot_execute "apt update" chroot_execute "apt update"
echo "======= setting locale, console and language ==========" echo "======= setting locale, console and language =========="
chroot_execute "apt install --yes -qq locales debconf-i18n apt-utils keyboard-configuration console-setup" chroot_execute "apt install --yes -qq locales debconf-i18n apt-utils"
sed -i 's/# en_US.UTF-8/en_US.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# en_US.UTF-8/en_US.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
@@ -661,6 +660,7 @@ CONF'
chroot_execute "dpkg-reconfigure locales -f noninteractive" chroot_execute "dpkg-reconfigure locales -f noninteractive"
echo -e "LC_ALL=en_US.UTF-8\nLANG=en_US.UTF-8\n" >> "$c_zfs_mount_dir/etc/environment" echo -e "LC_ALL=en_US.UTF-8\nLANG=en_US.UTF-8\n" >> "$c_zfs_mount_dir/etc/environment"
chroot_execute "apt install -qq --yes keyboard-configuration console-setup"
chroot_execute "dpkg-reconfigure keyboard-configuration -f noninteractive" chroot_execute "dpkg-reconfigure keyboard-configuration -f noninteractive"
chroot_execute "dpkg-reconfigure console-setup -f noninteractive" chroot_execute "dpkg-reconfigure console-setup -f noninteractive"
chroot_execute "setupcon" chroot_execute "setupcon"

212
hetzner-debian11-zfs-setup.sh → virtualbox-debian10-zfs-setup.sh
View File

@@ -2,11 +2,11 @@
: <<'end_header_info' : <<'end_header_info'
(c) Andrey Prokopenko job@terem.fr (c) Andrey Prokopenko job@terem.fr
fully automatic script to install Debian 11 with ZFS root on Hetzner VPS fully automatic script to install Debian 10 with ZFS root on Hetzner VPS
WARNING: all data on the disk will be destroyed WARNING: all data on the disk will be destroyed
How to use: add SSH key to the rescue console, set it OS to linux64, then press "mount rescue and power cycle" button How to use: add SSH key to the rescue console, set it OS to linux64, then press mount rescue and power sysle
Next, connect via SSH to console, and run the script Next, connect via SSH to console, and run the script
Answer script questions about desired hostname, ZFS ARC cache size et cetera Answer script questions about desired hostname and ZFS ARC cache size
To cope with network failures its higly recommended to run the script inside screen console To cope with network failures its higly recommended to run the script inside screen console
screen -dmS zfs screen -dmS zfs
screen -r zfs screen -r zfs
@@ -35,12 +35,12 @@ v_zfs_experimental=
v_suitable_disks=() v_suitable_disks=()
# Constants # Constants
c_deb_packages_repo=https://mirror.hetzner.com/debian/packages c_deb_packages_repo=http://deb.debian.org/debian
c_deb_security_repo=https://mirror.hetzner.com/debian/security c_deb_security_repo=http://deb.debian.org/debian-security/
c_default_zfs_arc_max_mb=250 c_default_zfs_arc_max_mb=250
c_default_bpool_tweaks="-o ashift=12 -O compression=lz4" c_default_bpool_tweaks="-o ashift=12 -O compression=lz4"
c_default_rpool_tweaks="-o ashift=12 -O acltype=posixacl -O compression=zstd-9 -O dnodesize=auto -O relatime=on -O xattr=sa -O normalization=formD" c_default_rpool_tweaks="-o ashift=12 -O acltype=posixacl -O compression=lz4 -O dnodesize=auto -O relatime=on -O xattr=sa -O normalization=formD"
c_default_hostname=terem c_default_hostname=terem
c_zfs_mount_dir=/mnt c_zfs_mount_dir=/mnt
c_log_dir=$(dirname "$(mktemp)")/zfs-hetzner-vm c_log_dir=$(dirname "$(mktemp)")/zfs-hetzner-vm
@@ -102,11 +102,11 @@ function display_intro_banner {
print_step_info_header print_step_info_header
local dialog_message='Hello! local dialog_message='Hello!
This script will prepare the ZFS pools, then install and configure minimal Debian 11 with ZFS root on Hetzner hosting VPS instance This script will prepare the ZFS pools, then install and configure minimal Debian 10 with ZFS root on Hetzner hosting VPS instance
The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system. The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system.
In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running. In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running.
' '
dialog --msgbox "$dialog_message" 30 100 dialog --ascii-lines --msgbox "$dialog_message" 30 100
} }
function store_os_distro_information { function store_os_distro_information {
@@ -123,10 +123,10 @@ function check_prerequisites {
echo 'This script must be run with administrative privileges!' echo 'This script must be run with administrative privileges!'
exit 1 exit 1
fi fi
if [[ ! -r /root/.ssh/authorized_keys ]]; then # if [[ ! -r /root/.ssh/authorized_keys ]]; then
echo "SSH pubkey file is absent, please add it to the rescue system setting, then reboot into rescue system and run the script" # echo "SSH pubkey file is absent, please add it to the rescue system setting, then reboot into rescue system and run the script"
exit 1 # exit 1
fi # fi
if ! dpkg-query --showformat="\${Status}" -W dialog 2> /dev/null | grep -q "install ok installed"; then if ! dpkg-query --showformat="\${Status}" -W dialog 2> /dev/null | grep -q "install ok installed"; then
apt install --yes dialog apt install --yes dialog
fi fi
@@ -135,7 +135,7 @@ function check_prerequisites {
function initial_load_debian_zed_cache { function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache" chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool" chroot_execute "touch /etc/zfs/zfs-list.cache/rpool"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/" chroot_execute "ln -s /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &" chroot_execute "zed -F &"
@@ -210,7 +210,7 @@ LOG
If you think this is a bug, please open an issue on https://github.com/terem42/zfs-hetzner-vm/issues, and attach the file `'"$c_disks_log"'`. If you think this is a bug, please open an issue on https://github.com/terem42/zfs-hetzner-vm/issues, and attach the file `'"$c_disks_log"'`.
' '
dialog --msgbox "$dialog_message" 30 100 dialog --ascii-lines --msgbox "$dialog_message" 30 100
exit 1 exit 1
fi fi
@@ -239,7 +239,7 @@ function select_disks {
Devices with mounted partitions, cdroms, and removable devices are not displayed! Devices with mounted partitions, cdroms, and removable devices are not displayed!
" "
mapfile -t v_selected_disks < <(dialog --separate-output --checklist "$dialog_message" 30 100 $((${#menu_entries_option[@]} / 3)) "${menu_entries_option[@]}" 3>&1 1>&2 2>&3) mapfile -t v_selected_disks < <(dialog --ascii-lines --separate-output --checklist "$dialog_message" 30 100 $((${#menu_entries_option[@]} / 3)) "${menu_entries_option[@]}" 3>&1 1>&2 2>&3)
if [[ ${#v_selected_disks[@]} -gt 0 ]]; then if [[ ${#v_selected_disks[@]} -gt 0 ]]; then
break break
@@ -256,7 +256,7 @@ function ask_swap_size {
local swap_size_invalid_message= local swap_size_invalid_message=
while [[ ! $v_swap_size =~ ^[0-9]+$ ]]; do while [[ ! $v_swap_size =~ ^[0-9]+$ ]]; do
v_swap_size=$(dialog --inputbox "${swap_size_invalid_message}Enter the swap size in GiB (0 for no swap):" 30 100 2 3>&1 1>&2 2>&3) v_swap_size=$(dialog --ascii-lines --inputbox "${swap_size_invalid_message}Enter the swap size in GiB (0 for no swap):" 30 100 2 3>&1 1>&2 2>&3)
swap_size_invalid_message="Invalid swap size! " swap_size_invalid_message="Invalid swap size! "
done done
@@ -271,7 +271,7 @@ function ask_free_tail_space {
local tail_space_invalid_message= local tail_space_invalid_message=
while [[ ! $v_free_tail_space =~ ^[0-9]+$ ]]; do while [[ ! $v_free_tail_space =~ ^[0-9]+$ ]]; do
v_free_tail_space=$(dialog --inputbox "${tail_space_invalid_message}Enter the space to leave at the end of each disk (0 for none):" 30 100 0 3>&1 1>&2 2>&3) v_free_tail_space=$(dialog --ascii-lines --inputbox "${tail_space_invalid_message}Enter the space to leave at the end of each disk (0 for none):" 30 100 0 3>&1 1>&2 2>&3)
tail_space_invalid_message="Invalid size! " tail_space_invalid_message="Invalid size! "
done done
@@ -286,7 +286,7 @@ function ask_zfs_arc_max_size {
local zfs_arc_max_invalid_message= local zfs_arc_max_invalid_message=
while [[ ! $v_zfs_arc_max_mb =~ ^[0-9]+$ ]]; do while [[ ! $v_zfs_arc_max_mb =~ ^[0-9]+$ ]]; do
v_zfs_arc_max_mb=$(dialog --inputbox "${zfs_arc_max_invalid_message}Enter ZFS ARC cache max size in Mb (minimum 64Mb, enter 0 for ZFS default value, the default will take up to 50% of memory):" 30 100 "$c_default_zfs_arc_max_mb" 3>&1 1>&2 2>&3) v_zfs_arc_max_mb=$(dialog --ascii-lines --inputbox "${zfs_arc_max_invalid_message}Enter ZFS ARC cache max size in Mb (minimum 64Mb, enter 0 for ZFS default value, the default will take up to 50% of memory):" 30 100 "$c_default_zfs_arc_max_mb" 3>&1 1>&2 2>&3)
zfs_arc_max_invalid_message="Invalid size! " zfs_arc_max_invalid_message="Invalid size! "
done done
@@ -302,14 +302,14 @@ function ask_pool_names {
local bpool_name_invalid_message= local bpool_name_invalid_message=
while [[ ! $v_bpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do while [[ ! $v_bpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do
v_bpool_name=$(dialog --inputbox "${bpool_name_invalid_message}Insert the name for the boot pool" 30 100 bpool 3>&1 1>&2 2>&3) v_bpool_name=$(dialog --ascii-lines --inputbox "${bpool_name_invalid_message}Insert the name for the boot pool" 30 100 bpool 3>&1 1>&2 2>&3)
bpool_name_invalid_message="Invalid pool name! " bpool_name_invalid_message="Invalid pool name! "
done done
local rpool_name_invalid_message= local rpool_name_invalid_message=
while [[ ! $v_rpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do while [[ ! $v_rpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do
v_rpool_name=$(dialog --inputbox "${rpool_name_invalid_message}Insert the name for the root pool" 30 100 rpool 3>&1 1>&2 2>&3) v_rpool_name=$(dialog --ascii-lines --inputbox "${rpool_name_invalid_message}Insert the name for the root pool" 30 100 rpool 3>&1 1>&2 2>&3)
rpool_name_invalid_message="Invalid pool name! " rpool_name_invalid_message="Invalid pool name! "
done done
@@ -321,8 +321,8 @@ function ask_pool_tweaks {
# shellcheck disable=SC2119 # shellcheck disable=SC2119
print_step_info_header print_step_info_header
v_bpool_tweaks=$(dialog --inputbox "Insert the tweaks for the boot pool" 30 100 -- "$c_default_bpool_tweaks" 3>&1 1>&2 2>&3) v_bpool_tweaks=$(dialog --ascii-lines --inputbox "Insert the tweaks for the boot pool" 30 100 -- "$c_default_bpool_tweaks" 3>&1 1>&2 2>&3)
v_rpool_tweaks=$(dialog --inputbox "Insert the tweaks for the root pool" 30 100 -- "$c_default_rpool_tweaks" 3>&1 1>&2 2>&3) v_rpool_tweaks=$(dialog --ascii-lines --inputbox "Insert the tweaks for the root pool" 30 100 -- "$c_default_rpool_tweaks" 3>&1 1>&2 2>&3)
print_variables v_bpool_tweaks v_rpool_tweaks print_variables v_bpool_tweaks v_rpool_tweaks
} }
@@ -337,8 +337,8 @@ function ask_root_password {
local password_repeat=- local password_repeat=-
while [[ "$v_root_password" != "$password_repeat" || "$v_root_password" == "" ]]; do while [[ "$v_root_password" != "$password_repeat" || "$v_root_password" == "" ]]; do
v_root_password=$(dialog --passwordbox "${password_invalid_message}Please enter the root account password (can't be empty):" 30 100 3>&1 1>&2 2>&3) v_root_password=$(dialog --ascii-lines --passwordbox "${password_invalid_message}Please enter the root account password (can't be empty):" 30 100 3>&1 1>&2 2>&3)
password_repeat=$(dialog --passwordbox "Please repeat the password:" 30 100 3>&1 1>&2 2>&3) password_repeat=$(dialog --ascii-lines --passwordbox "Please repeat the password:" 30 100 3>&1 1>&2 2>&3)
password_invalid_message="Passphrase empty, or not matching! " password_invalid_message="Passphrase empty, or not matching! "
done done
@@ -348,7 +348,7 @@ function ask_root_password {
function ask_encryption { function ask_encryption {
print_step_info_header print_step_info_header
if dialog --defaultno --yesno 'Do you want to encrypt the root pool?' 30 100; then if dialog --ascii-lines --yesno 'Do you want to encrypt the root pool?' 30 100; then
v_encrypt_rpool=1 v_encrypt_rpool=1
fi fi
set +x set +x
@@ -356,8 +356,8 @@ function ask_encryption {
local passphrase_invalid_message= local passphrase_invalid_message=
local passphrase_repeat=- local passphrase_repeat=-
while [[ "$v_passphrase" != "$passphrase_repeat" || ${#v_passphrase} -lt 8 ]]; do while [[ "$v_passphrase" != "$passphrase_repeat" || ${#v_passphrase} -lt 8 ]]; do
v_passphrase=$(dialog --passwordbox "${passphrase_invalid_message}Please enter the passphrase for the root pool (8 chars min.):" 30 100 3>&1 1>&2 2>&3) v_passphrase=$(dialog --ascii-lines --passwordbox "${passphrase_invalid_message}Please enter the passphrase for the root pool (8 chars min.):" 30 100 3>&1 1>&2 2>&3)
passphrase_repeat=$(dialog --passwordbox "Please repeat the passphrase:" 30 100 3>&1 1>&2 2>&3) passphrase_repeat=$(dialog --ascii-lines --passwordbox "Please repeat the passphrase:" 30 100 3>&1 1>&2 2>&3)
passphrase_invalid_message="Passphrase too short, or not matching! " passphrase_invalid_message="Passphrase too short, or not matching! "
done done
@@ -368,7 +368,7 @@ function ask_encryption {
function ask_zfs_experimental { function ask_zfs_experimental {
print_step_info_header print_step_info_header
if dialog --defaultno --yesno 'Do you want to use experimental zfs module build?' 30 100; then if dialog --ascii-lines --yesno 'Do you want to use experimental zfs module build?' 30 100; then
v_zfs_experimental=1 v_zfs_experimental=1
fi fi
} }
@@ -380,7 +380,7 @@ function ask_hostname {
local hostname_invalid_message= local hostname_invalid_message=
while [[ ! $v_hostname =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do while [[ ! $v_hostname =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do
v_hostname=$(dialog --inputbox "${hostname_invalid_message}Set the host name" 30 100 "$c_default_hostname" 3>&1 1>&2 2>&3) v_hostname=$(dialog --ascii-lines --inputbox "${hostname_invalid_message}Set the host name" 30 100 "$c_default_hostname" 3>&1 1>&2 2>&3)
hostname_invalid_message="Invalid host name! " hostname_invalid_message="Invalid host name! "
done done
@@ -450,7 +450,6 @@ function unmount_and_export_fs {
#################### MAIN ################################ #################### MAIN ################################
export LC_ALL=en_US.UTF-8 export LC_ALL=en_US.UTF-8
export NCURSES_NO_UTF8_ACS=1
check_prerequisites check_prerequisites
@@ -491,18 +490,20 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs on rescue system =========="
cd "$(mktemp -d)" cat > "/etc/apt/sources.list" <<CONF
wget "$(curl -Ls https://api.github.com/repos/openzfs/zfs/releases/latest| grep "browser_download_url.*tar.gz"|grep -E "tar.gz\"$"| cut -d '"' -f 4)" deb [arch=i386,amd64] $c_deb_packages_repo buster main contrib non-free
deb [arch=i386,amd64] $c_deb_packages_repo buster-updates main contrib non-free
deb [arch=i386,amd64] $c_deb_packages_repo buster-backports main contrib non-free
deb [arch=i386,amd64] $c_deb_security_repo buster/updates main contrib non-free
CONF
apt update
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt update apt update
apt install libssl-dev uuid-dev zlib1g-dev libblkid-dev -y apt install --yes -t buster-backports libelf-dev zfs-dkms wget debootstrap
tar xfv zfs*.tar.gz modprobe zfs
rm *.tar.gz
cd zfs*
./configure
make -j "$(nproc)"
make install
ldconfig
modprobe zfs
zfs --version zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -514,7 +515,7 @@ echo "======= partitioning the disk =========="
fi fi
for selected_disk in "${v_selected_disks[@]}"; do for selected_disk in "${v_selected_disks[@]}"; do
wipefs --all --force "$selected_disk" wipefs --all "$selected_disk"
sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk" sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk"
sgdisk -n2:0:+512M -t2:BF01 "$selected_disk" # Boot pool sgdisk -n2:0:+512M -t2:BF01 "$selected_disk" # Boot pool
sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool
@@ -560,8 +561,8 @@ zfs create -o canmount=off -o mountpoint=none "$v_bpool_name/BOOT"
zfs create -o canmount=noauto -o mountpoint=/ "$v_rpool_name/ROOT/debian" zfs create -o canmount=noauto -o mountpoint=/ "$v_rpool_name/ROOT/debian"
zfs mount "$v_rpool_name/ROOT/debian" zfs mount "$v_rpool_name/ROOT/debian"
zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian" zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/debian" zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home" zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root" zfs create -o mountpoint=/root "$v_rpool_name/home/root"
@@ -591,12 +592,12 @@ if [[ $v_swap_size -gt 0 ]]; then
"$v_rpool_name/swap" "$v_rpool_name/swap"
udevadm settle udevadm settle
mkswap -f "/dev/zvol/$v_rpool_name/swap" mkswap -f "/dev/zvol/$v_rpool_name/swap"
fi fi
echo "======= setting up initial system packages ==========" echo "======= setting up initial system packages =========="
debootstrap --arch=amd64 bullseye "$c_zfs_mount_dir" "$c_deb_packages_repo" debootstrap --arch=amd64 buster "$c_zfs_mount_dir" "$c_deb_packages_repo"
zfs set devices=off "$v_rpool_name" zfs set devices=off "$v_rpool_name"
@@ -617,7 +618,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr=$(ip -6 a s | grep -E "inet6.+scope.+link" | sed -nE 's/.+inet6\s(([0-9a-z]{4,4}:{0,2}){5,5}\/[0-9]{2,2}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -625,9 +626,11 @@ Name=eth0
[Network] [Network]
DHCP=ipv4 DHCP=ipv4
Address=${ip6addr_prefix}:1/64
Address=${ip6addr}
Gateway=fe80::1 Gateway=fe80::1
CONF CONF
chroot_execute "systemctl enable systemd-networkd.service" chroot_execute "systemctl enable systemd-networkd.service"
@@ -640,16 +643,16 @@ done
echo "======= setting apt repos ==========" echo "======= setting apt repos =========="
cat > "$c_zfs_mount_dir/etc/apt/sources.list" <<CONF cat > "$c_zfs_mount_dir/etc/apt/sources.list" <<CONF
deb $c_deb_packages_repo bullseye main contrib non-free deb [arch=i386,amd64] $c_deb_packages_repo buster main contrib non-free
deb $c_deb_packages_repo bullseye-updates main contrib non-free deb [arch=i386,amd64] $c_deb_packages_repo buster-updates main contrib non-free
deb $c_deb_security_repo bullseye-security main contrib non-free deb [arch=i386,amd64] $c_deb_packages_repo buster-backports main contrib non-free
deb $c_deb_packages_repo bullseye-backports main contrib non-free deb [arch=i386,amd64] $c_deb_security_repo buster/updates main contrib non-free
CONF CONF
chroot_execute "apt update" chroot_execute "apt update"
echo "======= setting locale, console and language ==========" echo "======= setting locale, console and language =========="
chroot_execute "apt install --yes -qq locales debconf-i18n apt-utils" chroot_execute "apt install --yes -qq locales debconf-i18n apt-utils keyboard-configuration console-setup"
sed -i 's/# en_US.UTF-8/en_US.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# en_US.UTF-8/en_US.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
@@ -659,15 +662,15 @@ sed -i 's/# de_DE.UTF-8/de_DE.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
chroot_execute 'cat <<CONF | debconf-set-selections chroot_execute 'cat <<CONF | debconf-set-selections
locales locales/default_environment_locale select en_US.UTF-8 locales locales/default_environment_locale select en_US.UTF-8
keyboard-configuration keyboard-configuration/store_defaults_in_debconf_db boolean true keyboard-configuration keyboard-configuration/store_defaults_in_debconf_db boolean true
keyboard-configuration keyboard-configuration/variant select German keyboard-configuration keyboard-configuration/variant select English
keyboard-configuration keyboard-configuration/unsupported_layout boolean true keyboard-configuration keyboard-configuration/unsupported_layout boolean true
keyboard-configuration keyboard-configuration/modelcode string pc105 keyboard-configuration keyboard-configuration/modelcode string pc105
keyboard-configuration keyboard-configuration/unsupported_config_layout boolean true keyboard-configuration keyboard-configuration/unsupported_config_layout boolean true
keyboard-configuration keyboard-configuration/layout select German keyboard-configuration keyboard-configuration/layout select English
keyboard-configuration keyboard-configuration/layoutcode string de keyboard-configuration keyboard-configuration/layoutcode string en
keyboard-configuration keyboard-configuration/optionscode string keyboard-configuration keyboard-configuration/optionscode string
keyboard-configuration keyboard-configuration/toggle select No toggling keyboard-configuration keyboard-configuration/toggle select No toggling
keyboard-configuration keyboard-configuration/xkb-keymap select de keyboard-configuration keyboard-configuration/xkb-keymap select en
keyboard-configuration keyboard-configuration/switch select No temporary switch keyboard-configuration keyboard-configuration/switch select No temporary switch
keyboard-configuration keyboard-configuration/unsupported_config_options boolean true keyboard-configuration keyboard-configuration/unsupported_config_options boolean true
keyboard-configuration keyboard-configuration/ctrl_alt_bksp boolean false keyboard-configuration keyboard-configuration/ctrl_alt_bksp boolean false
@@ -691,7 +694,6 @@ CONF'
chroot_execute "dpkg-reconfigure locales -f noninteractive" chroot_execute "dpkg-reconfigure locales -f noninteractive"
echo -e "LC_ALL=en_US.UTF-8\nLANG=en_US.UTF-8\n" >> "$c_zfs_mount_dir/etc/environment" echo -e "LC_ALL=en_US.UTF-8\nLANG=en_US.UTF-8\n" >> "$c_zfs_mount_dir/etc/environment"
chroot_execute "apt install -qq --yes keyboard-configuration console-setup"
chroot_execute "dpkg-reconfigure keyboard-configuration -f noninteractive" chroot_execute "dpkg-reconfigure keyboard-configuration -f noninteractive"
chroot_execute "dpkg-reconfigure console-setup -f noninteractive" chroot_execute "dpkg-reconfigure console-setup -f noninteractive"
chroot_execute "setupcon" chroot_execute "setupcon"
@@ -700,29 +702,36 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive " chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel=============" echo "======= installing latest kernel============="
chroot_execute "apt install --yes linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64" chroot_execute "apt install --yes -t buster-backports linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64"
echo "======= installing aux packages ==========" echo "======= installing aux packages =========="
chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg" chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg"
echo "======= installing zfs packages ==========" echo "======= installing zfs packages =========="
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "apt install software-properties-common"
chroot_execute "wget -O - https://apt.terem.fr/apt_pub.gpg | apt-key add -"
chroot_execute "add-apt-repository 'deb [arch=amd64] http://apt.terem.fr/public zfs-debian main'"
chroot_execute "apt update"
chroot_execute "bash -c \"echo 'zfs-dkms zfs-dkms/note-incompatible-licenses note true' | debconf-set-selections\""
chroot_execute "apt install -t zfs-debian --yes zfs-dkms zfsutils-linux"
else
chroot_execute "apt install --yes zfs-initramfs zfs-dkms"
fi
chroot_execute 'echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections' chroot_execute 'echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections'
if [[ $v_zfs_experimental == "1" ]]; then if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "wget -O - https://terem42.github.io/zfs-debian/apt_pub.gpg | apt-key add -" chroot_execute "apt install --yes -t zfs-debian-experimental zfs-initramfs zfs-dkms zfsutils-linux"
chroot_execute "add-apt-repository 'deb https://terem42.github.io/zfs-debian/public zfs-debian-experimental main'"
chroot_execute "apt update"
chroot_execute "apt install -t zfs-debian-experimental --yes zfs-initramfs zfs-dkms zfsutils-linux"
else else
chroot_execute "apt install --yes zfs-initramfs zfs-dkms zfsutils-linux" chroot_execute "apt install --yes zfs-initramfs zfs-dkms zfsutils-linux"
fi fi
echo "======= installing OpenSSH and network tooling ==========" echo "======= installing OpenSSH and network tooling =========="
chroot_execute "apt install --yes openssh-server net-tools" chroot_execute "apt install --yes openssh-server net-tools"
echo "======= setup OpenSSH ==========" echo "======= setup OpenSSH =========="
mkdir -p "$c_zfs_mount_dir/root/.ssh/" mkdir -p "$c_zfs_mount_dir/root/.ssh/"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys" wget https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/vmtest/authorized_keys -O "$c_zfs_mount_dir/root/.ssh/authorized_keys"
#cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys"
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config" sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config" sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
chroot_execute "rm /etc/ssh/ssh_host_*" chroot_execute "rm /etc/ssh/ssh_host_*"
@@ -731,34 +740,13 @@ chroot_execute "dpkg-reconfigure openssh-server -f noninteractive"
echo "======= set root password ==========" echo "======= set root password =========="
chroot_execute "echo root:$(printf "%q" "$v_root_password") | chpasswd" chroot_execute "echo root:$(printf "%q" "$v_root_password") | chpasswd"
echo "======= setting up zfs services =========="
chroot_execute "cat > /etc/systemd/system/zfs-import-bpool.service <<UNIT
[Unit]
DefaultDependencies=no
Before=zfs-import-scan.service
Before=zfs-import-cache.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStartPre=/bin/sh -c '[ -f /etc/zfs/zpool.cache ] && mv /etc/zfs/zpool.cache /etc/zfs/preboot_zpool.cache || true'
ExecStart=/sbin/zpool import -N -o cachefile=none -d /dev/disk/by-id $v_bpool_name
ExecStartPost=/bin/sh -c '[ -f /etc/zfs/preboot_zpool.cache ] && mv /etc/zfs/preboot_zpool.cache /etc/zfs/zpool.cache || true'
[Install]
WantedBy=zfs-import.target
UNIT"
chroot_execute "systemctl enable zfs-import-bpool.service"
echo "========setting up zfs module parameters========" echo "========setting up zfs module parameters========"
chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf" chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf"
echo "======= setting up grub ==========" echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections" chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-legacy"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc" chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install --recheck ${v_selected_disks[0]}" chroot_execute "grub-install ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
@@ -777,7 +765,8 @@ if [[ $v_encrypt_rpool == "1" ]]; then
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" cp "$c_zfs_mount_dir/root/.ssh/authorized_keys" "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
#cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
@@ -791,7 +780,19 @@ if [[ $v_encrypt_rpool == "1" ]]; then
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
fi fi
#cd "$c_zfs_mount_dir/root"
#wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.1.0-3_amd64.deb
#wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2018.76-5_amd64.deb
#wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2018.76-5_all.deb
#chroot_execute "dpkg -i /root/libtommath1_1.1.0-3_amd64.deb"
#chroot_execute "dpkg -i /root/dropbear-bin_2018.76-5_amd64.deb"
#chroot_execute "dpkg -i /root/dropbear-initramfs_2018.76-5_all.deb"
#rm $c_zfs_mount_dir/root/*.deb
#cd /root
echo "============setup root prompt============" echo "============setup root prompt============"
cat > "$c_zfs_mount_dir/root/.bashrc" <<CONF cat > "$c_zfs_mount_dir/root/.bashrc" <<CONF
@@ -804,33 +805,8 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug =========" #echo "===========add static route to initramfs via hook to add default routes due to initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" # removed
cat > "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route" <<'CONF'
#!/bin/sh
PREREQ=""
prereqs()
{
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
# Begin real processing below this line
configure_networking
ip route add 172.31.1.1/255.255.255.255 dev ens3
ip route add default via 172.31.1.1 dev ens3
CONF
chmod 755 "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route"
echo "======= update initramfs ==========" echo "======= update initramfs =========="
chroot_execute "update-initramfs -u -k all" chroot_execute "update-initramfs -u -k all"
@@ -846,8 +822,8 @@ else
fi fi
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/debian" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"
chroot_execute "echo $v_bpool_name/BOOT/debian /boot zfs nodev,relatime,x-systemd.requires=zfs-import-bpool.service 0 0 > /etc/fstab" chroot_execute "echo $v_bpool_name/BOOT/ubuntu /boot zfs nodev,relatime,x-systemd.requires=zfs-import-bpool.service 0 0 > /etc/fstab"
chroot_execute "zfs set mountpoint=legacy $v_rpool_name/var/log" chroot_execute "zfs set mountpoint=legacy $v_rpool_name/var/log"
chroot_execute "echo $v_rpool_name/var/log /var/log zfs nodev,relatime 0 0 >> /etc/fstab" chroot_execute "echo $v_rpool_name/var/log /var/log zfs nodev,relatime 0 0 >> /etc/fstab"

284
hetzner-ubuntu20-zfs-setup.sh → virtualbox-debian11-zfs-setup.sh
View File

@@ -2,9 +2,9 @@
: <<'end_header_info' : <<'end_header_info'
(c) Andrey Prokopenko job@terem.fr (c) Andrey Prokopenko job@terem.fr
fully automatic script to install Ubuntu 20 LTS with ZFS root on Hetzner VPS fully automatic script to install Debian 10 with ZFS root on Hetzner VPS
WARNING: all data on the disk will be destroyed WARNING: all data on the disk will be destroyed
How to use: add SSH key to the rescue console, set it OS to linux64, then press "mount rescue and power cycle" button How to use: add SSH key to the rescue console, set it OS to linux64, then press mount rescue and power sysle
Next, connect via SSH to console, and run the script Next, connect via SSH to console, and run the script
Answer script questions about desired hostname and ZFS ARC cache size Answer script questions about desired hostname and ZFS ARC cache size
To cope with network failures its higly recommended to run the script inside screen console To cope with network failures its higly recommended to run the script inside screen console
@@ -35,8 +35,8 @@ v_zfs_experimental=
v_suitable_disks=() v_suitable_disks=()
# Constants # Constants
c_deb_packages_repo=http://mirror.hetzner.de/ubuntu/packages c_deb_packages_repo=http://deb.debian.org/debian
c_deb_security_repo=http://mirror.hetzner.de/ubuntu/security c_deb_security_repo=http://deb.debian.org/debian-security/
c_default_zfs_arc_max_mb=250 c_default_zfs_arc_max_mb=250
c_default_bpool_tweaks="-o ashift=12 -O compression=lz4" c_default_bpool_tweaks="-o ashift=12 -O compression=lz4"
@@ -102,11 +102,11 @@ function display_intro_banner {
print_step_info_header print_step_info_header
local dialog_message='Hello! local dialog_message='Hello!
This script will prepare the ZFS pools, then install and configure minimal Ubuntu 20 LTS with ZFS root on Hetzner hosting VPS instance This script will prepare the ZFS pools, then install and configure minimal Debian 10 with ZFS root on Hetzner hosting VPS instance
The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system. The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system.
In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running. In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running.
' '
dialog --msgbox "$dialog_message" 30 100 dialog --ascii-lines --msgbox "$dialog_message" 30 100
} }
function store_os_distro_information { function store_os_distro_information {
@@ -123,15 +123,51 @@ function check_prerequisites {
echo 'This script must be run with administrative privileges!' echo 'This script must be run with administrative privileges!'
exit 1 exit 1
fi fi
if [[ ! -r /root/.ssh/authorized_keys ]]; then # if [[ ! -r /root/.ssh/authorized_keys ]]; then
echo "SSH pubkey file is absent, please add it to the rescue system setting, then reboot into rescue system and run the script" # echo "SSH pubkey file is absent, please add it to the rescue system setting, then reboot into rescue system and run the script"
exit 1 # exit 1
fi # fi
if ! dpkg-query --showformat="\${Status}" -W dialog 2> /dev/null | grep -q "install ok installed"; then # if ! dpkg-query --showformat="\${Status}" -W dialog 2> /dev/null | grep -q "install ok installed"; then
apt install --yes dialog # apt install --yes dialog
fi # fi
apt install --yes dialog software-properties-common wget debootstrap
} }
function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool"
chroot_execute "ln -s /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &"
local success=0
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(ls -l /mnt/etc/zfs/zfs-list.cache/rpool 2> /dev/null | cut -d ' ' -f 5) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool"
SECONDS=0
while (( SECONDS++ <= 120 )); do
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( "$(ls -l /mnt/etc/zfs/zfs-list.cache/rpool | cut -d ' ' -f 5)" > 0 )); then
success=1
break
else
sleep 1
fi
done
else
success=1
fi
if (( success != 1 )); then
echo "Fatal zed daemon error: the ZFS cache hasn't been updated by ZED!"
exit 1
fi
chroot_execute "pkill zed"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool
}
function find_suitable_disks { function find_suitable_disks {
# shellcheck disable=SC2119 # shellcheck disable=SC2119
@@ -175,7 +211,7 @@ LOG
If you think this is a bug, please open an issue on https://github.com/terem42/zfs-hetzner-vm/issues, and attach the file `'"$c_disks_log"'`. If you think this is a bug, please open an issue on https://github.com/terem42/zfs-hetzner-vm/issues, and attach the file `'"$c_disks_log"'`.
' '
dialog --msgbox "$dialog_message" 30 100 dialog --ascii-lines --msgbox "$dialog_message" 30 100
exit 1 exit 1
fi fi
@@ -204,7 +240,7 @@ function select_disks {
Devices with mounted partitions, cdroms, and removable devices are not displayed! Devices with mounted partitions, cdroms, and removable devices are not displayed!
" "
mapfile -t v_selected_disks < <(dialog --separate-output --checklist "$dialog_message" 30 100 $((${#menu_entries_option[@]} / 3)) "${menu_entries_option[@]}" 3>&1 1>&2 2>&3) mapfile -t v_selected_disks < <(dialog --ascii-lines --separate-output --checklist "$dialog_message" 30 100 $((${#menu_entries_option[@]} / 3)) "${menu_entries_option[@]}" 3>&1 1>&2 2>&3)
if [[ ${#v_selected_disks[@]} -gt 0 ]]; then if [[ ${#v_selected_disks[@]} -gt 0 ]]; then
break break
@@ -221,7 +257,7 @@ function ask_swap_size {
local swap_size_invalid_message= local swap_size_invalid_message=
while [[ ! $v_swap_size =~ ^[0-9]+$ ]]; do while [[ ! $v_swap_size =~ ^[0-9]+$ ]]; do
v_swap_size=$(dialog --inputbox "${swap_size_invalid_message}Enter the swap size in GiB (0 for no swap):" 30 100 2 3>&1 1>&2 2>&3) v_swap_size=$(dialog --ascii-lines --inputbox "${swap_size_invalid_message}Enter the swap size in GiB (0 for no swap):" 30 100 2 3>&1 1>&2 2>&3)
swap_size_invalid_message="Invalid swap size! " swap_size_invalid_message="Invalid swap size! "
done done
@@ -236,7 +272,7 @@ function ask_free_tail_space {
local tail_space_invalid_message= local tail_space_invalid_message=
while [[ ! $v_free_tail_space =~ ^[0-9]+$ ]]; do while [[ ! $v_free_tail_space =~ ^[0-9]+$ ]]; do
v_free_tail_space=$(dialog --inputbox "${tail_space_invalid_message}Enter the space to leave at the end of each disk (0 for none):" 30 100 0 3>&1 1>&2 2>&3) v_free_tail_space=$(dialog --ascii-lines --inputbox "${tail_space_invalid_message}Enter the space to leave at the end of each disk (0 for none):" 30 100 0 3>&1 1>&2 2>&3)
tail_space_invalid_message="Invalid size! " tail_space_invalid_message="Invalid size! "
done done
@@ -251,7 +287,7 @@ function ask_zfs_arc_max_size {
local zfs_arc_max_invalid_message= local zfs_arc_max_invalid_message=
while [[ ! $v_zfs_arc_max_mb =~ ^[0-9]+$ ]]; do while [[ ! $v_zfs_arc_max_mb =~ ^[0-9]+$ ]]; do
v_zfs_arc_max_mb=$(dialog --inputbox "${zfs_arc_max_invalid_message}Enter ZFS ARC cache max size in Mb (minimum 64Mb, enter 0 for ZFS default value, the default will take up to 50% of memory):" 30 100 "$c_default_zfs_arc_max_mb" 3>&1 1>&2 2>&3) v_zfs_arc_max_mb=$(dialog --ascii-lines --inputbox "${zfs_arc_max_invalid_message}Enter ZFS ARC cache max size in Mb (minimum 64Mb, enter 0 for ZFS default value, the default will take up to 50% of memory):" 30 100 "$c_default_zfs_arc_max_mb" 3>&1 1>&2 2>&3)
zfs_arc_max_invalid_message="Invalid size! " zfs_arc_max_invalid_message="Invalid size! "
done done
@@ -267,14 +303,14 @@ function ask_pool_names {
local bpool_name_invalid_message= local bpool_name_invalid_message=
while [[ ! $v_bpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do while [[ ! $v_bpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do
v_bpool_name=$(dialog --inputbox "${bpool_name_invalid_message}Insert the name for the boot pool" 30 100 bpool 3>&1 1>&2 2>&3) v_bpool_name=$(dialog --ascii-lines --inputbox "${bpool_name_invalid_message}Insert the name for the boot pool" 30 100 bpool 3>&1 1>&2 2>&3)
bpool_name_invalid_message="Invalid pool name! " bpool_name_invalid_message="Invalid pool name! "
done done
local rpool_name_invalid_message= local rpool_name_invalid_message=
while [[ ! $v_rpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do while [[ ! $v_rpool_name =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do
v_rpool_name=$(dialog --inputbox "${rpool_name_invalid_message}Insert the name for the root pool" 30 100 rpool 3>&1 1>&2 2>&3) v_rpool_name=$(dialog --ascii-lines --inputbox "${rpool_name_invalid_message}Insert the name for the root pool" 30 100 rpool 3>&1 1>&2 2>&3)
rpool_name_invalid_message="Invalid pool name! " rpool_name_invalid_message="Invalid pool name! "
done done
@@ -286,8 +322,8 @@ function ask_pool_tweaks {
# shellcheck disable=SC2119 # shellcheck disable=SC2119
print_step_info_header print_step_info_header
v_bpool_tweaks=$(dialog --inputbox "Insert the tweaks for the boot pool" 30 100 -- "$c_default_bpool_tweaks" 3>&1 1>&2 2>&3) v_bpool_tweaks=$(dialog --ascii-lines --inputbox "Insert the tweaks for the boot pool" 30 100 -- "$c_default_bpool_tweaks" 3>&1 1>&2 2>&3)
v_rpool_tweaks=$(dialog --inputbox "Insert the tweaks for the root pool" 30 100 -- "$c_default_rpool_tweaks" 3>&1 1>&2 2>&3) v_rpool_tweaks=$(dialog --ascii-lines --inputbox "Insert the tweaks for the root pool" 30 100 -- "$c_default_rpool_tweaks" 3>&1 1>&2 2>&3)
print_variables v_bpool_tweaks v_rpool_tweaks print_variables v_bpool_tweaks v_rpool_tweaks
} }
@@ -302,8 +338,8 @@ function ask_root_password {
local password_repeat=- local password_repeat=-
while [[ "$v_root_password" != "$password_repeat" || "$v_root_password" == "" ]]; do while [[ "$v_root_password" != "$password_repeat" || "$v_root_password" == "" ]]; do
v_root_password=$(dialog --passwordbox "${password_invalid_message}Please enter the root account password (can't be empty):" 30 100 3>&1 1>&2 2>&3) v_root_password=$(dialog --ascii-lines --passwordbox "${password_invalid_message}Please enter the root account password (can't be empty):" 30 100 3>&1 1>&2 2>&3)
password_repeat=$(dialog --passwordbox "Please repeat the password:" 30 100 3>&1 1>&2 2>&3) password_repeat=$(dialog --ascii-lines --passwordbox "Please repeat the password:" 30 100 3>&1 1>&2 2>&3)
password_invalid_message="Passphrase empty, or not matching! " password_invalid_message="Passphrase empty, or not matching! "
done done
@@ -313,7 +349,7 @@ function ask_root_password {
function ask_encryption { function ask_encryption {
print_step_info_header print_step_info_header
if dialog --yesno 'Do you want to encrypt the root pool?' 30 100; then if dialog --ascii-lines --yesno 'Do you want to encrypt the root pool?' 30 100; then
v_encrypt_rpool=1 v_encrypt_rpool=1
fi fi
set +x set +x
@@ -321,8 +357,8 @@ function ask_encryption {
local passphrase_invalid_message= local passphrase_invalid_message=
local passphrase_repeat=- local passphrase_repeat=-
while [[ "$v_passphrase" != "$passphrase_repeat" || ${#v_passphrase} -lt 8 ]]; do while [[ "$v_passphrase" != "$passphrase_repeat" || ${#v_passphrase} -lt 8 ]]; do
v_passphrase=$(dialog --passwordbox "${passphrase_invalid_message}Please enter the passphrase for the root pool (8 chars min.):" 30 100 3>&1 1>&2 2>&3) v_passphrase=$(dialog --ascii-lines --passwordbox "${passphrase_invalid_message}Please enter the passphrase for the root pool (8 chars min.):" 30 100 3>&1 1>&2 2>&3)
passphrase_repeat=$(dialog --passwordbox "Please repeat the passphrase:" 30 100 3>&1 1>&2 2>&3) passphrase_repeat=$(dialog --ascii-lines --passwordbox "Please repeat the passphrase:" 30 100 3>&1 1>&2 2>&3)
passphrase_invalid_message="Passphrase too short, or not matching! " passphrase_invalid_message="Passphrase too short, or not matching! "
done done
@@ -333,7 +369,7 @@ function ask_encryption {
function ask_zfs_experimental { function ask_zfs_experimental {
print_step_info_header print_step_info_header
if dialog --yesno 'Do you want to use experimental zfs module build?' 30 100; then if dialog --ascii-lines --yesno 'Do you want to use experimental zfs module build?' 30 100; then
v_zfs_experimental=1 v_zfs_experimental=1
fi fi
} }
@@ -345,7 +381,7 @@ function ask_hostname {
local hostname_invalid_message= local hostname_invalid_message=
while [[ ! $v_hostname =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do while [[ ! $v_hostname =~ ^[a-z][a-zA-Z_:.-]+$ ]]; do
v_hostname=$(dialog --inputbox "${hostname_invalid_message}Set the host name" 30 100 "$c_default_hostname" 3>&1 1>&2 2>&3) v_hostname=$(dialog --ascii-lines --inputbox "${hostname_invalid_message}Set the host name" 30 100 "$c_default_hostname" 3>&1 1>&2 2>&3)
hostname_invalid_message="Invalid host name! " hostname_invalid_message="Invalid host name! "
done done
@@ -355,9 +391,7 @@ function ask_hostname {
function determine_kernel_variant { function determine_kernel_variant {
if dmidecode | grep -q vServer; then if dmidecode | grep -q vServer; then
v_kernel_variant="-virtual" v_kernel_variant="-cloud"
else
v_kernel_variant="-generic"
fi fi
} }
@@ -417,14 +451,13 @@ function unmount_and_export_fs {
#################### MAIN ################################ #################### MAIN ################################
export LC_ALL=en_US.UTF-8 export LC_ALL=en_US.UTF-8
export NCURSES_NO_UTF8_ACS=1
check_prerequisites check_prerequisites
display_intro_banner
activate_debug activate_debug
display_intro_banner
find_suitable_disks find_suitable_disks
select_disks select_disks
@@ -457,23 +490,15 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
apt purge --yes "linux-image-$kver" apt purge --yes "linux-image-$kver"
done done
echo "======= installing zfs on rescue system ==========" echo "======= installing zfs stable on live system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections wget -O - https://apt.terem.fr/apt_pub.gpg | apt-key add -
add-apt-repository 'deb [arch=amd64] http://apt.terem.fr/public zfs-debian main'
cd "$(mktemp -d)" apt update
wget "$(curl -Ls https://api.github.com/repos/openzfs/zfs/releases/latest| grep "browser_download_url.*tar.gz"|grep -E "tar.gz\"$"| cut -d '"' -f 4)" echo 'zfs-dkms zfs-dkms/note-incompatible-licenses note true' | debconf-set-selections
apt update apt install --yes libelf-dev
apt install libssl-dev uuid-dev zlib1g-dev libblkid-dev -y apt install -t zfs-debian --yes zfs-dkms zfsutils-linux
tar xfv zfs*.tar.gz modprobe zfs
rm *.tar.gz zfs --version
cd zfs*
./configure
make -j "$(nproc)"
make install
ldconfig
modprobe zfs
zfs --version
echo "======= partitioning the disk ==========" echo "======= partitioning the disk =========="
@@ -484,7 +509,7 @@ echo "======= partitioning the disk =========="
fi fi
for selected_disk in "${v_selected_disks[@]}"; do for selected_disk in "${v_selected_disks[@]}"; do
wipefs --all --force "$selected_disk" wipefs --all "$selected_disk"
sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk" sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk"
sgdisk -n2:0:+512M -t2:BF01 "$selected_disk" # Boot pool sgdisk -n2:0:+512M -t2:BF01 "$selected_disk" # Boot pool
sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool
@@ -515,6 +540,7 @@ echo "======= create zfs pools and datasets =========="
zpool create \ zpool create \
$v_bpool_tweaks -O canmount=off -O devices=off \ $v_bpool_tweaks -O canmount=off -O devices=off \
-o cachefile=/etc/zfs/zpool.cache \
-O mountpoint=/boot -R $c_zfs_mount_dir -f \ -O mountpoint=/boot -R $c_zfs_mount_dir -f \
$v_bpool_name $pools_mirror_option "${bpool_disks_partitions[@]}" $v_bpool_name $pools_mirror_option "${bpool_disks_partitions[@]}"
@@ -522,13 +548,14 @@ echo -n "$v_passphrase" | zpool create \
$v_rpool_tweaks \ $v_rpool_tweaks \
"${encryption_options[@]}" \ "${encryption_options[@]}" \
-O mountpoint=/ -R $c_zfs_mount_dir -f \ -O mountpoint=/ -R $c_zfs_mount_dir -f \
-o cachefile=/etc/zfs/zpool.cache \
$v_rpool_name $pools_mirror_option "${rpool_disks_partitions[@]}" $v_rpool_name $pools_mirror_option "${rpool_disks_partitions[@]}"
zfs create -o canmount=off -o mountpoint=none "$v_rpool_name/ROOT" zfs create -o canmount=off -o mountpoint=none "$v_rpool_name/ROOT"
zfs create -o canmount=off -o mountpoint=none "$v_bpool_name/BOOT" zfs create -o canmount=off -o mountpoint=none "$v_bpool_name/BOOT"
zfs create -o canmount=noauto -o mountpoint=/ "$v_rpool_name/ROOT/ubuntu" zfs create -o canmount=noauto -o mountpoint=/ "$v_rpool_name/ROOT/debian"
zfs mount "$v_rpool_name/ROOT/ubuntu" zfs mount "$v_rpool_name/ROOT/debian"
zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu" zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu" zfs mount "$v_bpool_name/BOOT/ubuntu"
@@ -561,12 +588,12 @@ if [[ $v_swap_size -gt 0 ]]; then
"$v_rpool_name/swap" "$v_rpool_name/swap"
udevadm settle udevadm settle
mkswap -f "/dev/zvol/$v_rpool_name/swap" mkswap -f "/dev/zvol/$v_rpool_name/swap"
fi fi
echo "======= setting up initial system packages ==========" echo "======= setting up initial system packages =========="
debootstrap --arch=amd64 focal "$c_zfs_mount_dir" "$c_deb_packages_repo" debootstrap --arch=amd64 bullseye "$c_zfs_mount_dir" "$c_deb_packages_repo"
zfs set devices=off "$v_rpool_name" zfs set devices=off "$v_rpool_name"
@@ -587,7 +614,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts ff02::3 ip6-allhosts
CONF CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p') ip6addr=$(ip -6 a s | grep -E "inet6.+scope.+link" | sed -nE 's/.+inet6\s(([0-9a-z]{4,4}:{0,2}){5,5}\/[0-9]{2,2}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match] [Match]
@@ -595,21 +622,14 @@ Name=eth0
[Network] [Network]
DHCP=ipv4 DHCP=ipv4
Address=${ip6addr_prefix}:1/64
Address=${ip6addr}
Gateway=fe80::1 Gateway=fe80::1
CONF CONF
chroot_execute "systemctl enable systemd-networkd.service" chroot_execute "systemctl enable systemd-networkd.service"
mkdir -p "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/"
cat > "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg" <<CONF
network:
config: disabled
CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot ==========" echo "======= preparing the jail for chroot =========="
@@ -619,17 +639,16 @@ done
echo "======= setting apt repos ==========" echo "======= setting apt repos =========="
cat > "$c_zfs_mount_dir/etc/apt/sources.list" <<CONF cat > "$c_zfs_mount_dir/etc/apt/sources.list" <<CONF
deb [arch=i386,amd64] $c_deb_packages_repo focal main restricted deb $c_deb_packages_repo bullseye main contrib non-free
deb [arch=i386,amd64] $c_deb_packages_repo focal-updates main restricted deb $c_deb_packages_repo bullseye-updates main contrib non-free
deb [arch=i386,amd64] $c_deb_packages_repo focal-backports main restricted deb $c_deb_security_repo bullseye-security main contrib non-free
deb [arch=i386,amd64] $c_deb_packages_repo focal universe deb $c_deb_packages_repo bullseye-backports main contrib non-free
deb [arch=i386,amd64] $c_deb_security_repo focal-security main restricted
CONF CONF
chroot_execute "apt update" chroot_execute "apt update"
echo "======= setting locale, console and language ==========" echo "======= setting locale, console and language =========="
chroot_execute "apt install --yes -qq locales debconf-i18n apt-utils keyboard-configuration console-setup" chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes -qq locales debconf-i18n apt-utils keyboard-configuration console-setup"
sed -i 's/# en_US.UTF-8/en_US.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# en_US.UTF-8/en_US.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen" sed -i 's/# fr_FR.UTF-8/fr_FR.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
@@ -639,15 +658,15 @@ sed -i 's/# de_DE.UTF-8/de_DE.UTF-8/' "$c_zfs_mount_dir/etc/locale.gen"
chroot_execute 'cat <<CONF | debconf-set-selections chroot_execute 'cat <<CONF | debconf-set-selections
locales locales/default_environment_locale select en_US.UTF-8 locales locales/default_environment_locale select en_US.UTF-8
keyboard-configuration keyboard-configuration/store_defaults_in_debconf_db boolean true keyboard-configuration keyboard-configuration/store_defaults_in_debconf_db boolean true
keyboard-configuration keyboard-configuration/variant select German keyboard-configuration keyboard-configuration/variant select English
keyboard-configuration keyboard-configuration/unsupported_layout boolean true keyboard-configuration keyboard-configuration/unsupported_layout boolean true
keyboard-configuration keyboard-configuration/modelcode string pc105 keyboard-configuration keyboard-configuration/modelcode string pc105
keyboard-configuration keyboard-configuration/unsupported_config_layout boolean true keyboard-configuration keyboard-configuration/unsupported_config_layout boolean true
keyboard-configuration keyboard-configuration/layout select German keyboard-configuration keyboard-configuration/layout select English
keyboard-configuration keyboard-configuration/layoutcode string de keyboard-configuration keyboard-configuration/layoutcode string en
keyboard-configuration keyboard-configuration/optionscode string keyboard-configuration keyboard-configuration/optionscode string
keyboard-configuration keyboard-configuration/toggle select No toggling keyboard-configuration keyboard-configuration/toggle select No toggling
keyboard-configuration keyboard-configuration/xkb-keymap select de keyboard-configuration keyboard-configuration/xkb-keymap select en
keyboard-configuration keyboard-configuration/switch select No temporary switch keyboard-configuration keyboard-configuration/switch select No temporary switch
keyboard-configuration keyboard-configuration/unsupported_config_options boolean true keyboard-configuration keyboard-configuration/unsupported_config_options boolean true
keyboard-configuration keyboard-configuration/ctrl_alt_bksp boolean false keyboard-configuration keyboard-configuration/ctrl_alt_bksp boolean false
@@ -679,43 +698,30 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive " chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel=============" echo "======= installing latest kernel============="
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant}-hwe-18.04 linux-image${v_kernel_variant}-hwe-18.04" chroot_execute "apt install --yes -t bullseye-backports linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64"
if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual-hwe-20.04"
fi
echo "======= installing aux packages ==========" echo "======= installing aux packages =========="
chroot_execute "apt install --yes man-db wget curl software-properties-common nano htop gnupg" chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg"
chroot_execute "systemctl disable thermald"
echo "======= installing zfs packages ==========" echo "======= installing zfs packages =========="
chroot_execute "bash -c \"echo 'zfs-dkms zfs-dkms/note-incompatible-licenses note true' | debconf-set-selections\""
if [[ $v_zfs_experimental == "1" ]]; then if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "wget -O - https://terem42.github.io/zfs-debian/apt_pub.gpg | apt-key add -" chroot_execute "apt install software-properties-common"
chroot_execute "add-apt-repository 'deb https://terem42.github.io/zfs-debian/public zfs-debian-experimental main'" chroot_execute "wget -O - https://apt.terem.fr/apt_pub.gpg | apt-key add -"
chroot_execute "add-apt-repository 'deb [arch=amd64] http://apt.terem.fr/public zfs-debian main'"
chroot_execute "apt update" chroot_execute "apt update"
else chroot_execute "apt install -t zfs-debian --yes zfs-initramfs zfs-dkms zfsutils-linux"
echo "======= installing OpenZFS 2.0 stable package from Debian 10 backports zfs packages =========="
chroot_execute "apt-key adv --recv-key --keyserver keyserver.ubuntu.com 648ACFD622F3D138"
chroot_execute "sudo apt-key adv --recv-key --keyserver keyserver.ubuntu.com 0E98404D386FA1D9"
chroot_execute "add-apt-repository 'deb http://deb.debian.org/debian buster-backports main contrib non-free'"
chroot_execute "apt install -t buster-backports --yes zfs-dkms zfsutils-linux zfs-initramfs"
chroot_execute "add-apt-repository -r 'deb http://deb.debian.org/debian buster-backports main contrib non-free'"
fi
chroot_execute 'echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections'
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "apt install -t zfs-debian-experimental --yes zfs-initramfs zfs-dkms zfsutils-linux"
else else
chroot_execute "apt install --yes zfs-initramfs zfs-dkms zfsutils-linux" chroot_execute "apt install --yes zfs-initramfs zfs-dkms zfsutils-linux"
fi fi
echo "======= installing OpenSSH and network tooling ==========" echo "======= installing OpenSSH and network tooling =========="
chroot_execute "apt install --yes openssh-server net-tools" chroot_execute "apt install --yes openssh-server net-tools"
echo "======= setup OpenSSH ==========" echo "======= setup OpenSSH =========="
mkdir -p "$c_zfs_mount_dir/root/.ssh/" mkdir -p "$c_zfs_mount_dir/root/.ssh/"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys" wget https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/vmtest/authorized_keys -O "$c_zfs_mount_dir/root/.ssh/authorized_keys"
#cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys"
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config" sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config" sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
chroot_execute "rm /etc/ssh/ssh_host_*" chroot_execute "rm /etc/ssh/ssh_host_*"
@@ -724,25 +730,9 @@ chroot_execute "dpkg-reconfigure openssh-server -f noninteractive"
echo "======= set root password ==========" echo "======= set root password =========="
chroot_execute "echo root:$(printf "%q" "$v_root_password") | chpasswd" chroot_execute "echo root:$(printf "%q" "$v_root_password") | chpasswd"
echo "======= setting up zfs services ==========" echo "======= setting up zfs cache =========="
chroot_execute "cat > /etc/systemd/system/zfs-import-bpool.service <<UNIT
[Unit]
DefaultDependencies=no
Before=zfs-import-scan.service
Before=zfs-import-cache.service
[Service] cp /etc/zfs/zpool.cache "$c_zfs_mount_dir/etc/zfs/zpool.cache"
Type=oneshot
RemainAfterExit=yes
ExecStartPre=/bin/sh -c '[ -f /etc/zfs/zpool.cache ] && mv /etc/zfs/zpool.cache /etc/zfs/preboot_zpool.cache || true'
ExecStart=/sbin/zpool import -N -o cachefile=none $v_bpool_name
ExecStartPost=/bin/sh -c '[ -f /etc/zfs/preboot_zpool.cache ] && mv /etc/zfs/preboot_zpool.cache /etc/zfs/zpool.cache || true'
[Install]
WantedBy=zfs-import.target
UNIT"
chroot_execute "systemctl enable zfs-import-bpool.service"
echo "========setting up zfs module parameters========" echo "========setting up zfs module parameters========"
chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf" chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf"
@@ -754,7 +744,7 @@ chroot_execute "grub-install ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub" chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub" chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub" chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub" chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -766,9 +756,11 @@ done
if [[ $v_encrypt_rpool == "1" ]]; then if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear==============" echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs" chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys" cp "$c_zfs_mount_dir/root/.ssh/authorized_keys" "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
#cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp" cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp" chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
@@ -782,19 +774,7 @@ if [[ $v_encrypt_rpool == "1" ]]; then
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp" rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key" rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
fi
cd "$c_zfs_mount_dir/root"
wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.1.0-3_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2018.76-5_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2018.76-5_all.deb
chroot_execute "dpkg -i /root/libtommath1_1.1.0-3_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-bin_2018.76-5_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-initramfs_2018.76-5_all.deb"
rm $c_zfs_mount_dir/root/*.deb
cd /root
fi
echo "============setup root prompt============" echo "============setup root prompt============"
cat > "$c_zfs_mount_dir/root/.bashrc" <<CONF cat > "$c_zfs_mount_dir/root/.bashrc" <<CONF
@@ -807,33 +787,8 @@ CONF
echo "========running packages upgrade===========" echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes" chroot_execute "apt upgrade --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug =========" #echo "===========add static route to initramfs via hook to add default routes due to initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount" # removed
cat > "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route" <<'CONF'
#!/bin/sh
PREREQ=""
prereqs()
{
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
. /scripts/functions
# Begin real processing below this line
configure_networking
ip route add 172.31.1.1/255.255.255.255 dev ens3
ip route add default via 172.31.1.1 dev ens3
CONF
chmod 755 "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route"
echo "======= update initramfs ==========" echo "======= update initramfs =========="
chroot_execute "update-initramfs -u -k all" chroot_execute "update-initramfs -u -k all"
@@ -842,12 +797,15 @@ echo "======= update grub =========="
chroot_execute "update-grub" chroot_execute "update-grub"
echo "======= setting up zed ==========" echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto rpool" chroot_execute "zfs set canmount=noauto rpool"
else
initial_load_debian_zed_cache
fi
echo "======= setting mountpoints ==========" echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu" chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"
chroot_execute "echo $v_bpool_name/BOOT/ubuntu /boot zfs nodev,relatime,x-systemd.requires=zfs-import-bpool.service 0 0 > /etc/fstab" chroot_execute "echo $v_bpool_name/BOOT/ubuntu /boot zfs nodev,relatime,x-systemd.requires=zfs-mount.service,x-systemd.device-timeout=10 0 0 > /etc/fstab"
chroot_execute "zfs set mountpoint=legacy $v_rpool_name/var/log" chroot_execute "zfs set mountpoint=legacy $v_rpool_name/var/log"
chroot_execute "echo $v_rpool_name/var/log /var/log zfs nodev,relatime 0 0 >> /etc/fstab" chroot_execute "echo $v_rpool_name/var/log /var/log zfs nodev,relatime 0 0 >> /etc/fstab"