X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=README;h=32cd82954b4c117562c599ef5ca0573ee6eb58dc;hb=ee5c5007f3426705012f2943c345b1194a988c62;hp=72669bb4658496a349cd4a30f66dcf280e2cd3d8;hpb=efcfb463ceda4de1d9953da31a2c0737471e5cf8;p=automated-distro-installer diff --git a/README b/README index 72669bb..32cd829 100644 --- a/README +++ b/README @@ -6,20 +6,18 @@ not added a pxe rom, I use a minimal debian stable subvolume which acts like a pxe rom). I use this for bare metal and vms, and two scripts which can run post boot so I use them on vps distributed image as well. -Features people may find useful: installs encrypted trisquel belenos, , -debian jessie, debian stretch, ubuntu 16.04, and arch (havne't done -recently, probably a bit broken), in a multi-boot setup using multiple -subvolumes of a single btrfs filesystem. Utilizes multiple disks, with -scripts to automatically decrypt on intentional reboots, but not after -shutdown or power loss. +Features people may find useful: installs encrypted trisquel, debian, +ubuntu, and arch (havne't done recently, probably a bit broken), in a +multi-boot setup using multiple subvolumes of a single btrfs filesystem. +Utilizes multiple disks, with scripts to automatically decrypt on +intentional reboots, but not after shutdown or power loss. The partititioning and filesystem script is at -fai/config/hooks/partition.DEFAULT. Other debian based distros at least -as new as ubuntu 14.04 should work fine, and I'm planning to add Fedora -support. Disks are grouped as ssd or hdd and raided in raid 1 or raid 0 -per configuration. The base partitions are divided into boot, swap, and -root, (only boot is unencrypted). There are scripts to resize those -partitions post-provision and while the system is running. +fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and +raided in raid 1 or raid 0 per configuration. The base partitions are +divided into boot, swap, and root, (only boot is unencrypted). There are +scripts to resize those partitions post-provision and while the system +is running. People who use fai may find these things as useful examples: it uses dnsmasq (on a openwrt machine) for dhcp instead of the isc @@ -55,8 +53,8 @@ fai-redep # Deploy fai configuration to host "faiserver" faiserver-revm # using pxe & preseed, create a vm which is a fai server faiserver-uninstall # uninstall fai-server faiserver-setup # install fai-server on the current machine -myfai-chboot # setup fai tftp and nfs. useful with pxe-kexec -pxe-server # disable/enable pxe dhcp, tfp, and nfs +myfai-chboot # setup fai tftp and nfs. useful for doing pxe-kexec +pxe-server # disable/enable pxe dhcp, tfp, and nfs. calls myfai-chboot wrt-setup-remote # setup my router in general: dhcp, dns, etc. @@ -83,9 +81,56 @@ fai-wrapper # use fai classes outside of fai. sourced, not called. faiserver-disable # Disable the fai nfs server exports fresize # resize swap or boot partitions in a host +# Replacing a raid 10 disk + +pxe-server -S HOST fai +ssh root@HOST +cat >p +PASSWORD HERE(ctrl-d ctrl-d) +for d in /dev/disk/by-id/ata*part1; do cryptsetup luksOpen --key-file p $d crypt_dev_${d##*/}; done +# btrfs replace disk # i forget the actual command +x=(/dev/mapper/*part1); mount -o subvol=root_trisquelflidas $x /mnt +mount -o subvol=boot_trisquelflidas /dev/sda3 /mnt/boot +for x in dev proc sys; do mount -o bind /$x /mnt/$x; done +chroot /mnt /bin/bash +# replace disk in fstab +# replace disk in /etc/crypttab +update-grub +update-initramfs -u +mount /a +/a/exe/keyscript-on +exit +reboot + + +# dirinstall + +host=kw +distro=trisquel +t=/tmp/d +myfai-chboot default +sudo sed -i 's/^LOGUSER=/#LOGUSER=/' /etc/fai/fai.conf +# config umount required after a failed run, proc umount always required +sudo umount /var/lib/fai/config ||: ; sudo umount -R $t/proc ||: +fai-redep faiserver $distro +sudo rm -rf $t ; mkdir $t; time sudo LANG= fai -N -u $host dirinstall $t + +# cleanup: +sudo sed -i 's/^#LOGUSER=/LOGUSER=/' /etc/fai/fai.conf +sudo umount -R $t/proc + + +# Turning a dirinstall into a basefile. taken from mk-basefile + +sudo chroot $t apt-get clean +sudo rm -f $t/etc/hostname $t/etc/resolv.conf \ + $t/var/lib/apt/lists/*_* $t/usr/bin/qemu-*-static \ + $t/etc/udev/rules.d/70-persistent-net.rules +echo | sudo dd of=$t/etc/machine-id +sudo tar --one-file-system -C $t -cf - . | gzip > /a/bin/fai-basefiles/basefiles/FLIDAS64X.tar.gz License stuff: The license for the project is GPLv2 or later, mostly because fai is and -I periodically rebase off their example config, which contains small +I periodically merge the upstream example config, which contains small scripts. Also, there is a modified encrypt.upstream, which is from the cryptsetup package in arch, which is under the same license.