root/zfs-hetzner-vm
1
0
Fork 0
mirror of https://github.com/terem42/zfs-hetzner-vm.git synced 2025-12-25 08:18:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: root:v1.4.2
Branches Tags
root:master root:new_os root:new_pkg root:encr root:deb12 root:tmpdir root:terem42-patch-1 root:newzfs root:vmtest root:newres root:ubuntu20 root:debian10 root:debian11
root:v1.4.3 root:v1.4.2 root:v1.4.1 root:v1.4 root:v1.3 root:v1.2 root:v1.1
..
compare: root:terem42-patch-1
Branches Tags
root:master root:new_os root:new_pkg root:encr root:deb12 root:tmpdir root:terem42-patch-1 root:newzfs root:vmtest root:newres root:ubuntu20 root:debian10 root:debian11
root:v1.4.3 root:v1.4.2 root:v1.4.1 root:v1.4 root:v1.3 root:v1.2 root:v1.1

1 Commits
v1.4.2 ... terem42-pa

Author SHA1 Message Date
terem42
4c29270339 Update hetzner-ubuntu22-zfs-setup.sh 2023-09-30 21:05:07 +02:00
7 changed files with 163 additions and 259 deletions
Expand all files Collapse all files

10
README.md
View File

@@ -2,7 +2,7 @@
[![shellcheck](https://github.com/terem42/zfs-hetzner-vm/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/terem42/zfs-hetzner-vm/actions/workflows/shellcheck.yml)
Scripts to install Debian 10, 11, 12 or Ubuntu 18 LTS, 20 LTS, 22 LTS with ZFS root on Hetzner root servers (virtual and dedicated).<br/>
Scripts to install Debian 11, 10 or Ubuntu 18 LTS, 20 LTS, 22 LTS with ZFS root on Hetzner root servers (virtual and dedicated).<br/>
__WARNING:__ all data on the disk will be destroyed.
## How to use:
@@ -24,12 +24,6 @@ Debian 11 minimal setup with SSH server
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian11-zfs-setup.sh | bash -
````
Debian 12 minimal setup with SSH server
````bash
wget -qO- https://raw.githubusercontent.com/terem42/zfs-hetzner-vm/master/hetzner-debian12-zfs-setup.sh | bash -
````
Ubuntu 18.04 LTS minimal setup with SSH server
````bash
@@ -54,7 +48,7 @@ To cope with network failures its higly recommended to run the commands above in
Example of screen utility usage:
````bash
export LC_ALL=en_US.UTF-8 && screen -S zfs
screen -S zfs
````
To detach from screen console, hit Ctrl-d then a
To reattach, type `screen -r zfs`

56
hetzner-debian10-zfs-setup.sh
View File

@@ -17,8 +17,6 @@ set -o errexit
set -o pipefail
set -o nounset
export TMPDIR=/tmp
# Variables
v_bpool_name=
v_bpool_tweaks=
@@ -138,20 +136,20 @@ function check_prerequisites {
function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/$v_rpool_name"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &"
local success=0
if [[ ! -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] || [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto $v_rpool_name"
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool"
SECONDS=0
while (( SECONDS++ <= 120 )); do
if [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) > 0 )); then
while (( SECONDS++ <= 300 )); do
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) > 0 )); then
success=1
break
else
@@ -169,7 +167,7 @@ function initial_load_debian_zed_cache {
chroot_execute "pkill zed"
sed -Ei "s|/$c_zfs_mount_dir/?|/|g" "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool
}
function find_suitable_disks {
@@ -399,7 +397,7 @@ function determine_kernel_variant {
}
function chroot_execute {
chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
chroot $c_zfs_mount_dir bash -c "$1"
}
function unmount_and_export_fs {
@@ -494,20 +492,9 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done
echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
# echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common
echo "y" | zfs
zfs --version
echo "======= partitioning the disk =========="
@@ -573,7 +560,9 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian"
zfs mount "$v_bpool_name/BOOT/debian"
zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool"
@@ -624,7 +613,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match]
@@ -638,6 +627,9 @@ CONF
chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service"
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do
mount --rbind "/$virtual_fs_dir" "$c_zfs_mount_dir/$virtual_fs_dir"
@@ -750,14 +742,12 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-pc"
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -771,8 +761,7 @@ if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs"
mkdir -p "$c_zfs_mount_dir/etc/dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
@@ -799,7 +788,6 @@ CONF
echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -832,7 +820,7 @@ auto lo
iface lo inet loopback
iface lo inet6 loopback
allow-hotplug eth0
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 dhcp
CONF
@@ -847,7 +835,7 @@ chroot_execute "update-grub"
echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto $v_rpool_name"
chroot_execute "zfs set canmount=noauto rpool"
else
initial_load_debian_zed_cache
fi

62
hetzner-debian11-zfs-setup.sh
View File

@@ -17,8 +17,6 @@ set -o errexit
set -o pipefail
set -o nounset
export TMPDIR=/tmp
# Variables
v_bpool_name=
v_bpool_tweaks=
@@ -139,20 +137,20 @@ function check_prerequisites {
function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/$v_rpool_name"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &"
local success=0
if [[ ! -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] || [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto $v_rpool_name"
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool"
SECONDS=0
while (( SECONDS++ <= 120 )); do
if [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) > 0 )); then
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) > 0 )); then
success=1
break
else
@@ -170,7 +168,7 @@ function initial_load_debian_zed_cache {
chroot_execute "pkill zed"
sed -Ei "s|/$c_zfs_mount_dir/?|/|g" "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool
}
function find_suitable_disks {
@@ -400,7 +398,7 @@ function determine_kernel_variant {
}
function chroot_execute {
chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
chroot $c_zfs_mount_dir bash -c "$1"
}
function unmount_and_export_fs {
@@ -495,20 +493,9 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done
echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
# echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common
echo "y" | zfs
zfs --version
echo "======= partitioning the disk =========="
@@ -574,7 +561,9 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian"
zfs mount "$v_bpool_name/BOOT/debian"
zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool"
@@ -625,7 +614,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match]
@@ -639,7 +628,8 @@ CONF
chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service"
#cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do
@@ -754,15 +744,13 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-legacy"
chroot_execute "apt install --yes grub-pc"
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install --recheck $disk"
done
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-legacy"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install --recheck ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -776,22 +764,21 @@ if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs"
mkdir -p "$c_zfs_mount_dir/etc/dropbear/initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear/initramfs/authorized_keys"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear/initramfs/dropbear_rsa_host_key"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear-initramfs/dropbear_rsa_host_key"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear/initramfs/dropbear_ecdsa_host_key"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear-initramfs/dropbear_ecdsa_host_key"
chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear/initramfs/dropbear_dss_host_key"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
fi
echo "============setup root prompt============"
@@ -804,7 +791,6 @@ CONF
echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -844,7 +830,7 @@ chroot_execute "update-grub"
echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto $v_rpool_name"
chroot_execute "zfs set canmount=noauto rpool"
else
initial_load_debian_zed_cache
fi

126
hetzner-debian12-zfs-setup.sh → hetzner-debian12-zfs-setup .sh
View File

@@ -2,7 +2,7 @@
: <<'end_header_info'
(c) Andrey Prokopenko job@terem.fr
fully automatic script to install Debian 12 with ZFS root on Hetzner VPS
fully automatic script to install Debian 11 with ZFS root on Hetzner VPS
WARNING: all data on the disk will be destroyed
How to use: add SSH key to the rescue console, set it OS to linux64, then press "mount rescue and power cycle" button
Next, connect via SSH to console, and run the script
@@ -17,8 +17,6 @@ set -o errexit
set -o pipefail
set -o nounset
export TMPDIR=/tmp
# Variables
v_bpool_name=
v_bpool_tweaks=
@@ -49,7 +47,6 @@ c_log_dir=$(dirname "$(mktemp)")/zfs-hetzner-vm
c_install_log=$c_log_dir/install.log
c_lsb_release_log=$c_log_dir/lsb_release.log
c_disks_log=$c_log_dir/disks.log
c_efimode_enabled="$(if [[ -d /sys/firmware/efi/efivars ]]; then echo 1; else echo 0; fi)"
function activate_debug {
mkdir -p "$c_log_dir"
@@ -108,7 +105,7 @@ function display_intro_banner {
print_step_info_header
local dialog_message='Hello!
This script will prepare the ZFS pools, then install and configure minimal Debian 12 with ZFS root on Hetzner hosting VPS instance
This script will prepare the ZFS pools, then install and configure minimal Debian 11 with ZFS root on Hetzner hosting VPS instance
The script with minimal changes may be used on any other hosting provider supporting KVM virtualization and offering Debian-based rescue system.
In order to stop the procedure, hit Esc twice during dialogs (excluding yes/no ones), or Ctrl+C while any operation is running.
'
@@ -140,20 +137,20 @@ function check_prerequisites {
function initial_load_debian_zed_cache {
chroot_execute "mkdir /etc/zfs/zfs-list.cache"
chroot_execute "touch /etc/zfs/zfs-list.cache/$v_rpool_name"
chroot_execute "touch /etc/zfs/zfs-list.cache/rpool"
chroot_execute "ln -sf /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh /etc/zfs/zed.d/"
chroot_execute "zed -F &"
local success=0
if [[ ! -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] || [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto $v_rpool_name"
if [[ ! -e /mnt/etc/zfs/zfs-list.cache/rpool ]] || [[ -e /mnt/etc/zfs/zfs-list.cache/rpool && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) == 0 )) ]]; then
chroot_execute "zfs set canmount=noauto rpool"
SECONDS=0
while (( SECONDS++ <= 120 )); do
if [[ -e "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" ]] && (( $(find "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name" -type f -printf '%s' 2> /dev/null) > 0 )); then
if [[ -e /mnt/etc/zfs/zfs-list.cache/rpool ]] && (( $(find /mnt/etc/zfs/zfs-list.cache/rpool -type f -printf '%s' 2> /dev/null) > 0 )); then
success=1
break
else
@@ -171,7 +168,7 @@ function initial_load_debian_zed_cache {
chroot_execute "pkill zed"
sed -Ei "s|/$c_zfs_mount_dir/?|/|g" "$c_zfs_mount_dir/etc/zfs/zfs-list.cache/$v_rpool_name"
sed -Ei 's|/mnt/?|/|g' /mnt/etc/zfs/zfs-list.cache/rpool
}
function find_suitable_disks {
@@ -401,7 +398,7 @@ function determine_kernel_variant {
}
function chroot_execute {
chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
chroot $c_zfs_mount_dir bash -c "$1"
}
function unmount_and_export_fs {
@@ -496,21 +493,9 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done
echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
# echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common
echo "y" | zfs
zfs --version
echo "======= partitioning the disk =========="
@@ -523,11 +508,7 @@ echo "======= partitioning the disk =========="
for selected_disk in "${v_selected_disks[@]}"; do
wipefs --all --force "$selected_disk"
if (( c_efimode_enabled == 1 )); then
sgdisk -a1 -n1:24K:+1G -t1:EF00 "$selected_disk" # EFI partition
else
sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk"
fi
sgdisk -a1 -n1:24K:+1000K -t1:EF02 "$selected_disk"
sgdisk -n2:0:+2G -t2:BF01 "$selected_disk" # Boot pool
sgdisk -n3:0:"$tail_space_parameter" -t3:BF01 "$selected_disk" # Root pool
done
@@ -551,15 +532,15 @@ echo "======= create zfs pools and datasets =========="
pools_mirror_option=
if [[ ${#v_selected_disks[@]} -gt 1 ]]; then
if dialog --defaultno --yesno "Do you want to use mirror mode for ${v_selected_disks[*]}?" 30 100; then
if dialog --defaultno --yesno "Do you want to use mirror mode for ${v_selected_disks[@]}?" 30 100; then
pools_mirror_option=mirror
fi
fi
# shellcheck disable=SC2086
zpool create \
$v_bpool_tweaks -O canmount=off -O devices=off \
-o cachefile=/etc/zpool.cache \
-o compatibility=grub2 \
-O mountpoint=/boot -R $c_zfs_mount_dir -f \
$v_bpool_name $pools_mirror_option "${bpool_disks_partitions[@]}"
@@ -581,8 +562,9 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/debian"
zfs mount "$v_bpool_name/BOOT/debian"
zfs create "$v_rpool_name/home"
#zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool"
@@ -611,16 +593,6 @@ if [[ $v_swap_size -gt 0 ]]; then
mkswap -f "/dev/zvol/$v_rpool_name/swap"
fi
if (( c_efimode_enabled == 1 )); then
echo "======= create filesystem on EFI partition(s) =========="
for selected_disk in "${v_selected_disks[@]}"; do
mkfs.fat -F32 "${selected_disk}-part1"
done
mkdir -p "$c_zfs_mount_dir/boot/efi"
mount "${v_selected_disks[0]}-part1" "$c_zfs_mount_dir/boot/efi"
fi
echo "======= setting up initial system packages =========="
debootstrap --arch=amd64 bookworm "$c_zfs_mount_dir" "$c_deb_packages_repo"
@@ -643,9 +615,9 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p')
cat <<CONF > "$c_zfs_mount_dir/etc/systemd/network/10-eth0.network"
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match]
Name=eth0
@@ -655,6 +627,10 @@ Address=${ip6addr_prefix}:1/64
Gateway=fe80::1
CONF
chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service"
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do
@@ -709,6 +685,7 @@ console-setup console-setup/fontsize-text47 select 8x16
console-setup console-setup/codesetcode string Lat15
tzdata tzdata/Areas select Europe
tzdata tzdata/Zones/Europe select Vienna
grub-pc grub-pc/install_devices_empty boolean true
CONF'
chroot_execute "dpkg-reconfigure locales -f noninteractive"
@@ -719,11 +696,10 @@ chroot_execute "dpkg-reconfigure console-setup -f noninteractive"
chroot_execute "setupcon"
chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel============="
# linux-headers-generic linux-image-generic
chroot_execute "apt install --yes linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64 dpkg-dev"
chroot_execute "apt install --yes linux-image${v_kernel_variant}-amd64 linux-headers${v_kernel_variant}-amd64"
echo "======= installing aux packages =========="
chroot_execute "apt install --yes man wget curl software-properties-common nano htop gnupg"
@@ -750,6 +726,8 @@ echo "======= installing OpenSSH and network tooling =========="
chroot_execute "apt install --yes openssh-server net-tools"
echo "======= setup OpenSSH =========="
mkdir -p "$c_zfs_mount_dir/root/.ssh/"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys"
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' "$c_zfs_mount_dir/etc/ssh/sshd_config"
chroot_execute "rm /etc/ssh/ssh_host_*"
@@ -760,32 +738,20 @@ chroot_execute "echo root:$(printf "%q" "$v_root_password") | chpasswd"
echo "======= setting up zfs cache =========="
cp /etc/zpool.cache "$c_zfs_mount_dir/etc/zfs/zpool.cache"
cp /etc/zpool.cache /mnt/etc/zfs/zpool.cache
echo "========setting up zfs module parameters========"
chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024)) >> /etc/modprobe.d/zfs.conf"
echo "======= setting up grub =========="
if (( c_efimode_enabled == 1 )); then
chroot_execute "apt install --yes grub-efi-amd64"
else
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-legacy"
chroot_execute "apt install --yes grub-pc"
fi
if (( c_efimode_enabled == 1 )); then
#chroot_execute grub-probe /boot
chroot_execute grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=debian --recheck
else
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install --recheck $disk"
done
fi
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-legacy"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install --recheck ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/debian\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -799,22 +765,21 @@ if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs"
mkdir -p "$c_zfs_mount_dir/etc/dropbear/initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear/initramfs/authorized_keys"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear/initramfs/dropbear_rsa_host_key"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear-initramfs/dropbear_rsa_host_key"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear/initramfs/dropbear_ecdsa_host_key"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear-initramfs/dropbear_ecdsa_host_key"
chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear/initramfs/dropbear_dss_host_key"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
fi
echo "============setup root prompt============"
@@ -825,13 +790,8 @@ export LS_OPTIONS='--color=auto -h'
eval "\$(dircolors)"
CONF
echo "========= add root pubkey for login via SSH"
mkdir -p "$c_zfs_mount_dir/root/.ssh/"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/root/.ssh/authorized_keys"
echo "========running packages upgrade and autoremove==========="
echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes for Hetzner due to Debian/Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -866,23 +826,17 @@ chmod 755 "$c_zfs_mount_dir/etc/network/interfaces"
echo "======= update initramfs =========="
chroot_execute "update-initramfs -u -k all"
chroot_execute "apt remove cryptsetup* --yes"
echo "======= update grub =========="
chroot_execute "update-grub"
echo "======= setting up zed =========="
if [[ $v_zfs_experimental == "1" ]]; then
chroot_execute "zfs set canmount=noauto $v_rpool_name"
chroot_execute "zfs set canmount=noauto rpool"
else
initial_load_debian_zed_cache
fi
echo "======= setting mountpoints =========="
if (( c_efimode_enabled == 1 )); then
umount "$c_zfs_mount_dir/boot/efi"
fi
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/debian"
chroot_execute "echo $v_bpool_name/BOOT/debian /boot zfs nodev,relatime,x-systemd.requires=zfs-mount.service,x-systemd.device-timeout=10 0 0 > /etc/fstab"

58
hetzner-ubuntu18-zfs-setup.sh
View File

@@ -17,8 +17,6 @@ set -o errexit
set -o pipefail
set -o nounset
export TMPDIR=/tmp
# Variables
v_bpool_name=
v_bpool_tweaks=
@@ -366,7 +364,7 @@ function determine_kernel_variant {
}
function chroot_execute {
chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
chroot $c_zfs_mount_dir bash -c "$1"
}
function unmount_and_export_fs {
@@ -462,20 +460,9 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done
echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
# echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common
echo "y" | zfs
zfs --version
echo "======= partitioning the disk =========="
@@ -541,7 +528,9 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool"
@@ -592,7 +581,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match]
@@ -607,7 +596,6 @@ CONF
chroot_execute "systemctl enable systemd-networkd.service"
chroot_execute "systemctl enable systemd-resolved.service"
#cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
mkdir -p "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/"
cat > "$c_zfs_mount_dir/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg" <<CONF
@@ -617,6 +605,7 @@ CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do
@@ -685,10 +674,10 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel============="
chroot_execute "apt install --yes linux-headers${v_kernel_variant}-hwe-18.04 linux-image${v_kernel_variant}-hwe-18.04"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant}-hwe-18.04 linux-image${v_kernel_variant}-hwe-18.04"
if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts
chroot_execute "apt install --yes linux-image-extra-virtual-hwe-18.04"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual-hwe-18.04"
fi
echo "======= installing aux packages =========="
@@ -736,14 +725,12 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-pc"
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -771,6 +758,18 @@ if [[ $v_encrypt_rpool == "1" ]]; then
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
cd "$c_zfs_mount_dir/root"
wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.1.0-3_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2018.76-5_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2018.76-5_all.deb
chroot_execute "dpkg -i /root/libtommath1_1.1.0-3_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-bin_2018.76-5_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-initramfs_2018.76-5_all.deb"
rm $c_zfs_mount_dir/root/*.deb
cd /root
fi
echo "============setup root prompt============"
@@ -783,7 +782,6 @@ CONF
echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -807,8 +805,8 @@ esac
configure_networking
ip route add 172.31.1.1/255.255.255.255 dev eth0
ip route add default via 172.31.1.1 dev eth0
ip route add 172.31.1.1/255.255.255.255 dev ens3
ip route add default via 172.31.1.1 dev ens3
CONF
chmod 755 "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount/static-route"
@@ -821,7 +819,7 @@ chroot_execute "update-grub"
echo "======= setting up zed =========="
chroot_execute "zfs set canmount=noauto $v_rpool_name"
chroot_execute "zfs set canmount=noauto rpool"
echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"

44
hetzner-ubuntu20-zfs-setup.sh
View File

@@ -17,8 +17,6 @@ set -o errexit
set -o pipefail
set -o nounset
export TMPDIR=/tmp
# Variables
v_bpool_name=
v_bpool_tweaks=
@@ -366,7 +364,7 @@ function determine_kernel_variant {
}
function chroot_execute {
chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
chroot $c_zfs_mount_dir bash -c "$1"
}
function unmount_and_export_fs {
@@ -462,20 +460,9 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done
echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
# echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common
echo "y" | zfs
zfs --version
echo "======= partitioning the disk =========="
@@ -541,7 +528,9 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool"
@@ -592,7 +581,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match]
@@ -616,7 +605,7 @@ CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
#cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do
@@ -685,10 +674,10 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel============="
chroot_execute "apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}"
if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts
chroot_execute "apt install --yes linux-image-extra-virtual"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual"
fi
@@ -737,14 +726,12 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-pc"
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -757,7 +744,7 @@ done
if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
@@ -796,7 +783,6 @@ CONF
echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -834,7 +820,7 @@ chroot_execute "update-grub"
echo "======= setting up zed =========="
chroot_execute "zfs set canmount=noauto $v_rpool_name"
chroot_execute "zfs set canmount=noauto rpool"
echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"

66
hetzner-ubuntu22-zfs-setup.sh
View File

@@ -17,8 +17,6 @@ set -o errexit
set -o pipefail
set -o nounset
export TMPDIR=/tmp
# Variables
v_bpool_name=
v_bpool_tweaks=
@@ -366,7 +364,7 @@ function determine_kernel_variant {
}
function chroot_execute {
chroot $c_zfs_mount_dir bash -c "DEBIAN_FRONTEND=noninteractive $1"
chroot $c_zfs_mount_dir bash -c "$1"
}
function unmount_and_export_fs {
@@ -462,20 +460,9 @@ for kver in $(find /lib/modules/* -maxdepth 0 -type d | grep -v "$(uname -r)" |
done
echo "======= installing zfs on rescue system =========="
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
# echo "y" | zfs
# linux-headers-generic linux-image-generic
apt install --yes software-properties-common dpkg-dev dkms
rm -f "$(which zfs)"
rm -f "$(which zpool)"
echo -e "deb http://deb.debian.org/debian/ testing main contrib non-free\ndeb http://deb.debian.org/debian/ testing main contrib non-free\n" >/etc/apt/sources.list.d/bookworm-testing.list
echo -e "Package: src:zfs-linux\nPin: release n=testing\nPin-Priority: 990\n" > /etc/apt/preferences.d/90_zfs
apt update
apt install -t testing --yes zfs-dkms zfsutils-linux
rm /etc/apt/sources.list.d/bookworm-testing.list
rm /etc/apt/preferences.d/90_zfs
apt update
export PATH=$PATH:/usr/sbin
echo "zfs-dkms zfs-dkms/note-incompatible-licenses note true" | debconf-set-selections
apt-get install --yes software-properties-common
echo "y" | zfs
zfs --version
echo "======= partitioning the disk =========="
@@ -541,8 +528,9 @@ zfs create -o canmount=noauto -o mountpoint=/boot "$v_bpool_name/BOOT/ubuntu"
zfs mount "$v_bpool_name/BOOT/ubuntu"
zfs create "$v_rpool_name/home"
#zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o mountpoint=/root "$v_rpool_name/home/root"
zfs create -o canmount=off "$v_rpool_name/var"
zfs create -o canmount=off "$v_rpool_name/var/lib"
zfs create "$v_rpool_name/var/log"
zfs create "$v_rpool_name/var/spool"
@@ -593,7 +581,7 @@ ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
CONF
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p' | head -n 1)
ip6addr_prefix=$(ip -6 a s | grep -E "inet6.+global" | sed -nE 's/.+inet6\s(([0-9a-z]{1,4}:){4,4}).+/\1/p')
cat <<CONF > /mnt/etc/systemd/network/10-eth0.network
[Match]
@@ -617,6 +605,8 @@ CONF
rm -rf $c_zfs_mount_dir/etc/network/interfaces.d/50-cloud-init.cfg
cp /etc/resolv.conf $c_zfs_mount_dir/etc/resolv.conf
echo "======= preparing the jail for chroot =========="
for virtual_fs_dir in proc sys dev; do
mount --rbind "/$virtual_fs_dir" "$c_zfs_mount_dir/$virtual_fs_dir"
@@ -685,10 +675,10 @@ chroot_execute "rm -f /etc/localtime /etc/timezone"
chroot_execute "dpkg-reconfigure tzdata -f noninteractive "
echo "======= installing latest kernel============="
chroot_execute "apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-headers${v_kernel_variant} linux-image${v_kernel_variant}"
if [[ $v_kernel_variant == "-virtual" ]]; then
# linux-image-extra is only available for virtual hosts
chroot_execute "apt install --yes linux-image-extra-virtual"
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes linux-image-extra-virtual"
fi
@@ -737,14 +727,12 @@ chroot_execute "echo options zfs zfs_arc_max=$((v_zfs_arc_max_mb * 1024 * 1024))
echo "======= setting up grub =========="
chroot_execute "echo 'grub-pc grub-pc/install_devices_empty boolean true' | debconf-set-selections"
chroot_execute "apt install --yes grub-pc"
for disk in ${v_selected_disks[@]}; do
chroot_execute "grub-install $disk"
done
chroot_execute "DEBIAN_FRONTEND=noninteractive apt install --yes grub-pc"
chroot_execute "grub-install ${v_selected_disks[0]}"
chroot_execute "sed -i 's/#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT=\"net.ifnames=0\"|' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=$v_rpool_name/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's|GRUB_CMDLINE_LINUX=\"\"|GRUB_CMDLINE_LINUX=\"root=ZFS=rpool/ROOT/ubuntu\"|g' /etc/default/grub"
chroot_execute "sed -i 's/quiet//g' /etc/default/grub"
chroot_execute "sed -i 's/splash//g' /etc/default/grub"
@@ -757,22 +745,33 @@ done
if [[ $v_encrypt_rpool == "1" ]]; then
echo "=========set up dropbear=============="
chroot_execute "apt install --yes dropbear-initramfs"
mkdir -p "$c_zfs_mount_dir/etc/dropbear/initramfs"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear/initramfs/authorized_keys"
cp /root/.ssh/authorized_keys "$c_zfs_mount_dir/etc/dropbear-initramfs/authorized_keys"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_rsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear/initramfs/dropbear_rsa_host_key"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key_temp /etc/dropbear-initramfs/dropbear_rsa_host_key"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_rsa_key_temp"
cp "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key" "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "ssh-keygen -p -i -m pem -N '' -f /etc/ssh/ssh_host_ecdsa_key_temp"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear/initramfs/dropbear_ecdsa_host_key"
chroot_execute "/usr/lib/dropbear/dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key_temp /etc/dropbear-initramfs/dropbear_ecdsa_host_key"
chroot_execute "rm -rf /etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/ssh/ssh_host_ecdsa_key_temp"
rm -rf "$c_zfs_mount_dir/etc/dropbear/initramfs/dropbear_dss_host_key"
rm -rf "$c_zfs_mount_dir/etc/dropbear-initramfs/dropbear_dss_host_key"
cd "$c_zfs_mount_dir/root"
wget http://ftp.de.debian.org/debian/pool/main/libt/libtommath/libtommath1_1.2.0-6_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-bin_2020.81-3_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/d/dropbear/dropbear-initramfs_2020.81-3_all.deb
chroot_execute "dpkg -i /root/libtommath1_1.2.0-6_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-bin_2020.81-3_amd64.deb"
chroot_execute "dpkg -i /root/dropbear-initramfs_2020.81-3_all.deb"
rm $c_zfs_mount_dir/root/*.deb
cd /root
fi
echo "============setup root prompt============"
@@ -785,7 +784,6 @@ CONF
echo "========running packages upgrade==========="
chroot_execute "apt upgrade --yes"
chroot_execute "apt purge cryptsetup* --yes"
echo "===========add static route to initramfs via hook to add default routes due to Ubuntu initramfs DHCP bug ========="
mkdir -p "$c_zfs_mount_dir/usr/share/initramfs-tools/scripts/init-premount"
@@ -823,7 +821,7 @@ chroot_execute "update-grub"
echo "======= setting up zed =========="
chroot_execute "zfs set canmount=noauto $v_rpool_name"
chroot_execute "zfs set canmount=noauto rpool"
echo "======= setting mountpoints =========="
chroot_execute "zfs set mountpoint=legacy $v_bpool_name/BOOT/ubuntu"