like a pxe rom). I use this for bare metal and vms, and two scripts
which can run post boot so I use them on vps distributed image as well.
-Features people may find useful: installs encrypted trisquel belenos, ,
-debian jessie, debian stretch, ubuntu 16.04, and arch (havne't done
-recently, probably a bit broken), in a multi-boot setup using multiple
-subvolumes of a single btrfs filesystem. Utilizes multiple disks, with
-scripts to automatically decrypt on intentional reboots, but not after
-shutdown or power loss.
+Features people may find useful: installs encrypted trisquel, debian,
+ubuntu, and arch (havne't done recently, probably a bit broken), in a
+multi-boot setup using multiple subvolumes of a single btrfs filesystem.
+Utilizes multiple disks, with scripts to automatically decrypt on
+intentional reboots, but not after shutdown or power loss.
The partititioning and filesystem script is at
-fai/config/hooks/partition.DEFAULT. Other debian based distros at least
-as new as ubuntu 14.04 should work fine, and I'm planning to add Fedora
-support. Disks are grouped as ssd or hdd and raided in raid 1 or raid 0
-per configuration. The base partitions are divided into boot, swap, and
-root, (only boot is unencrypted). There are scripts to resize those
-partitions post-provision and while the system is running.
+fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and
+raided in raid 1 or raid 0 per configuration. The base partitions are
+divided into boot, swap, and root, (only boot is unencrypted). There are
+scripts to resize those partitions post-provision and while the system
+is running.
People who use fai may find these things as useful examples: it uses
dnsmasq (on a openwrt machine) for dhcp instead of the isc
Setup arch pxe boot server from the base image
Requires manually downloading image. Image path is hardcoded below to
-/a/opt/image_name. Run pxe-server HOST|default arch to enable it.
+/a/opt/image_name without .iso on the end. adjust the code for a new image. After this, run pxe-server.
+HOST|default arch to enable it.
-h|--help Print help and exit.
EOF
x="$(readlink -f "$BASH_SOURCE")"
script_dir="${x%/*}"
cd /a/opt
-iso="archlinux-2017.02.01-dual"
-sfs=$iso/arch/x86_64/airootfs.sfs
+iso="parabola-systemd-cli-x86_64-netinstall-2017.10.18-00.07-alpha"
rm -rf $iso
ex $iso.iso
-sed -i --follow-symlinks -f - $iso/arch/boot/syslinux/archiso_pxe64.cfg <<EOF
+n=parabola
+if [[ ! -e $iso/parabola ]]; then
+ n=arch
+fi
+sfs=$iso/$n/x86_64/*.sfs
+
+sed -i --follow-symlinks -f - $iso/$n/boot/syslinux/${n}iso_pxe64.cfg <<EOF
1itotaltimeout 1
/^LABEL arch64_nfs/a menu default
s/^APPEND .*/\0 script=arch-iso-init/
s rm $sfs
s mksquashfs squashfs-root $sfs -comp xz
# file transfer to wrt is slow, so remove some useless files
-rm $iso/arch/i686/airootfs.sfs $iso/arch/boot/i686/archiso.img
+rm -f $iso/$n/i686/airootfs.sfs $iso/$n/boot/i686/${n}iso.img
pushd $(dirname $sfs); md5sum ${sfs##*/} > airootfs.md5; popd
# seems if you've done a pxe boot, mounted the nfs,
+++ /dev/null
-# meant to be sourced. copy/pasted from https://iankelling.org/git/?p=errhandle;a=summary
-
-bash-trace() {
- local -i argc_index=0 arg frame i start=${1:-1} max_indent=8 indent
- local source
- local extdebug=false
- if [[ $(shopt -p extdebug) == *-s* ]]; then
- extdebug=true
- fi
-
- for ((frame=0; frame < ${#FUNCNAME[@]}-1; frame++)); do
- argc=${BASH_ARGC[frame]}
- argc_index+=$argc
- ((frame < start)) && continue
- if (( ${#BASH_SOURCE[@]} > 1 )); then
- source="${BASH_SOURCE[frame+1]}:${BASH_LINENO[frame]}:"
- fi
- indent=$((frame-start+1))
- indent=$((indent < max_indent ? indent : max_indent))
- printf "%${indent}s↳%sin \`%s" '' "$source" "${FUNCNAME[frame]}"
- if $extdebug; then
- for ((i=argc_index-1; i >= argc_index-argc; i--)); do
- printf " %s" "${BASH_ARGV[i]}"
- done
- fi
- echo \'
- done
-}
-
-
-errcatch() {
- set -E; shopt -s extdebug
- _err-trap() {
- err=$?
- exec >&2
- set +x
- echo "${BASH_SOURCE[1]}:${BASH_LINENO[0]}:in \`$BASH_COMMAND' returned $err"
- bash-trace 2
- set -e
- "${_errcatch_cleanup[@]}"
- echo "$0: exiting with code $err"
- exit $err
- }
- trap _err-trap ERR
- set -o pipefail
-}
-
-errcatch
--- /dev/null
+./fai/config/files/boot/bash-trace/DEFAULT
\ No newline at end of file
# The base distro:
# UBUNTU, DEBIAN
#
-# The base disto version, which is also the basefile name if it exists:
+# The base disto version, which is also the basefile name if it exists.
+# Debian stable basefile gets built by faisetup and gets used otherwise,:
# STRETCH64, XENIAL64, BELENOS64, FLIDAS64
#
# The distro subvol name, we can add as many of these as we want:
}
# fai_check is so we can act like a pxe boot, but just for fai, and by
-# using /debian_bootstrap to do it. We toggle on and off the grub var
+# using /stretch_bootstrap to do it. We toggle on and off the grub var
# did_fai_check so we can do the check every other boot. Then
# /debian_bootstrap checks for that var on boot and if we want to do a
-# fai check, it does it, then reboots. But it also sets did_fai_check to
-# a 3rd state os_true which means we did the fai check, and we don't
-# want to do it again. This is useful for systems without libreboot.
+# fai check, it does it, then reboots. But fai-check also sets
+# did_fai_check to a 3rd state os_true which means we did the fai check,
+# and we don't want to do it again. This is useful for systems without
+# libreboot, although it's not used yet.
# We don't set this to fai check so we can't get into
# an infinite reboot cycle. We depend on the os to
# create the initial grubenv file.
-set default=/debianstable_bootstrap # could use 0 here.
+set default=/debianstretch_bootstrap # could use 0 here.
set timeout=1
for part in (ahci*4) (ata*4); do
did_fai_check=false
-bs_dir=/debianstable_bootstrap
+bs_dir=/debianstretch_bootstrap
menuentry $bs_dir --id=$bs_dir {
# note, we might be able to use $chosen and avoid setting this here,
# and set it inside save_chosen. but I haven't tested it,
--- /dev/null
+# meant to be sourced. copy/pasted from https://iankelling.org/git/?p=errhandle;a=summary
+
+bash-trace() {
+ local -i argc_index=0 arg frame i start=${1:-1} max_indent=8 indent
+ local source
+ local extdebug=false
+ if [[ $(shopt -p extdebug) == *-s* ]]; then
+ extdebug=true
+ fi
+
+ for ((frame=0; frame < ${#FUNCNAME[@]}-1; frame++)); do
+ argc=${BASH_ARGC[frame]}
+ argc_index+=$argc
+ ((frame < start)) && continue
+ if (( ${#BASH_SOURCE[@]} > 1 )); then
+ source="${BASH_SOURCE[frame+1]}:${BASH_LINENO[frame]}:"
+ fi
+ indent=$((frame-start+1))
+ indent=$((indent < max_indent ? indent : max_indent))
+ printf "%${indent}s↳%sin \`%s" '' "$source" "${FUNCNAME[frame]}"
+ if $extdebug; then
+ for ((i=argc_index-1; i >= argc_index-argc; i--)); do
+ printf " %s" "${BASH_ARGV[i]}"
+ done
+ fi
+ echo \'
+ done
+}
+
+
+errcatch() {
+ set -E; shopt -s extdebug
+ _err-trap() {
+ err=$?
+ exec >&2
+ set +x
+ echo "${BASH_SOURCE[1]}:${BASH_LINENO[0]}:in \`$BASH_COMMAND' returned $err"
+ bash-trace 2
+ set -e
+ "${_errcatch_cleanup[@]}"
+ echo "$0: exiting with code $err"
+ exit $err
+ }
+ trap _err-trap ERR
+ set -o pipefail
+}
+
+errcatch
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace"
+x="$(readlink -f "$BASH_SOURCE")"
+f="${x%/*}/bash-trace"
+if [[ -e $f ]]; then
+ source $f
+else
+ source ${x%/*}/../bash-trace/DEFAULT
+fi
[[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@"
For a system without libreboot, which is failing completely to
boot on one distro, here is how I did a chboot for it:
# arch-pxe had been run previously
-pxe-server treetowl arch
-# reboot treetowl into arch live env
+pxe-server some_hostname arch
+# reboot some_hostname into arch live env
pxe-server # disable pxe server
-ssh root@treetowl
+ssh root@some_hostname
lsblk # identify boot dev. if boot dev is a raid, this could be repeated on all boot devs.
mount /dev/sdd3 /mnt
mount_point=/mnt/boot_debiantesting # the subvol i want to chboot to
# connection. So, we wait for 10 seconds.
# ref: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
try-kexec ||:
- else
- return 0
fi
else
# we make sure there is only 1 grubenv,
exit 0
fi
-#chattr -Rf +C /target
fcopy -Bi /etc/apt/apt.conf.d/force_confdef
ainsl -a /etc/ucf.conf "^conf_force_conffold=YES"
-# in case the locales are already included inside the base file (Ubuntu)
-if [ -f $target/usr/sbin/locale-gen ]; then
- $ROOTCMD dpkg-reconfigure -fnoninteractive locales
- exit
-fi
+# ian: on flidas this gives an error: update-locale: Error: invalid locale settings: LANG=en_US.UTF-8
+# # in case the locales are already included inside the base file (Ubuntu)
+# if [ -f $target/usr/sbin/locale-gen ]; then
+# $ROOTCMD dpkg-reconfigure -fnoninteractive locales
+# exit
+# fi
# if we want to install locales, install them now
install_packages -l 2>/dev/null | egrep -q ' locales|locales '
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+# for calling outside of FAI, first
+# source /a/bin/fai-wrapper
+# then to set classes with: fai-setclass OPT1...
+# which sets CLASS_OPT1=true...
+#
+# OPTIONS:
+#
+# environment variables:
+#
+# HOSTNAME: if frodo, we exclude 2 devices from the /boot array, which
+# the bios does not see. if demohost, we set the luks password to just
+# 'x'.
+#
+# SPECIAL_DISK: For use outside of fai. A base disk name like
+# /dev/sdk. If set, we just cryptsetup and partition this one disk then
+# exit. This is useful for partitioning a disk in preparation to replace
+# a failed or failing disk from a raid10 array.
+#
+# classes:
+#
+# REPARTITION: forces repartitioning even if we detect the proper amount
+# of partitions already exist.
+#
+# ROTATIONAL: forces to install onto hdds instead of sdds. normally sdds
+# are chosen if they exist.
+#
+# PARTITION_PROMPT: command line prompt before partitioning
+#
+# RAID0: forces raid0 filesystem. Normally with 4+ devices, we use
+# raid10.
+
+if [[ $SPECIAL_DISK ]]; then
+ export CLASS_REPARTITION=true
+fi
+
# # fai's setup-storage won't do btrfs on luks,
# # so we do it ourself :)
# inspiration taken from files in fai-setup-storage package
+# if we are not running in fai, skiptask won't be defined, so carry on.
+skiptask partition || ! type skiptask
+
-skiptask partition || ! type skiptask # for running not in fai
#### begin configuration
local f
for f in $FAI/distro-install-common/devbyid \
/a/bin/fai/fai/config/distro-install-common/devbyid; do
- if [[ -e $f ]]; then $f "$@"; fi
+ if [[ -e $f ]]; then $f "$@"; break; fi
done
}
if [[ ! $DISTRO ]]; then
if ifclass VOL_STRETCH_BOOTSTRAP; then
- DISTRO=stretch_bootstrap
+ DISTRO=debianstretch_bootstrap
elif ifclass VOL_STRETCH; then
DISTRO=debianstretch
elif ifclass VOL_TESTING; then
exit 1
fi
-if ifclass tp; then
- lukspw=$(cat $luks_dir/traci)
-else
- lukspw=$(cat $luks_dir/iank)
-fi
+lukspw=$(cat $luks_dir/iank)
+# # ian: disabled while I use the tp host.
+# if ifclass tp; then
+# lukspw=$(cat $luks_dir/traci)
+# fi
if ifclass demohost; then
lukspw=x
fi
done
shopt -s nullglob
if $partition; then
- for dev in ${devs[@]}; do
- # if we repartition to the same as an old partition,
- # we don't want any old fses hanging around.
- for (( i=1; i <= lastn; i++ )); do
- x=$(add-part $dev $i)
- [[ -e $x ]] || continue
- count_down=10
- # wipefs has failed, manual run works, google suggests timing issue
- while ! wipefs -a $x; do
- sleep 2
- count_down=$((count_down - 1))
- (( count_down > 0 )) || exit 1
+
+ ### begin wipefs
+ if [[ ! $SPECIAL_DISK ]]; then
+ for dev in ${devs[@]}; do
+ # if we repartition to the same as an old partition,
+ # we don't want any old fses hanging around.
+ for (( i=1; i <= lastn; i++ )); do
+ x=$(add-part $dev $i)
+ [[ -e $x ]] || continue
+ count_down=10
+ # wipefs has failed, manual run works, google suggests timing issue
+ while ! wipefs -a $x; do
+ sleep 2
+ count_down=$((count_down - 1))
+ (( count_down > 0 )) || exit 1
+ done
done
done
- done
+ fi
+ ### end wipefs
+
for dev in ${devs[@]}; do
+ if [[ $SPECIAL_DISK ]]; then
+ dev=$(devbyid $SPECIAL_DISK)
+ fi
+
# parted will round up the disk size. Do -1 so we can have
# fully 1MiB unit partitions for easy resizing of the last partition.
# Otherwise we would pass in -0 for the end argument for the last partition.
#
- # parted print error output is expected. example:
+ # Note: parted print error output is expected. example:
# Error: /dev/vda: unrecognised disk label
disk_mib=$(( $(parted -m $dev unit MiB print | \
sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
cryptsetup luksOpen `rootdev` `root-cryptname` \
--key-file $luks_dir/host-$HOSTNAME
+
+ if [[ $SPECIAL_DISK ]]; then
+ exit 0
+ fi
done
ls -la /dev/btrfs-control # this was probably for debugging...
sleep 1
fi
-if [[ $DISTRO != stretch_bootstrap ]]; then
+if [[ $DISTRO != debianstretch_bootstrap ]]; then
# bootstrap distro doesn't use separate encrypted root.
mount -o subvolid=0 $first_root_crypt /mnt
# systemd creates subvolumes we want to delete.
mkdir -p /mnt/grub2
cp $FAI/distro-install-common/libreboot_grub.cfg /mnt/grub2
-if [[ $DISTRO == stretch_bootstrap ]]; then
+if [[ $DISTRO == debianstretch_bootstrap ]]; then
# this is just convenience for the libreboot_grub config
# so we can glob the other ones easier.
boot_vol=$DISTRO
grub-editenv /mnt/grubenv set last_boot=/$boot_vol
umount /mnt
-if [[ $DISTRO == stretch_bootstrap ]]; then
+if [[ $DISTRO == debianstretch_bootstrap ]]; then
cat > /tmp/fai/fstab <<EOF
$first_boot_dev / btrfs noatime,subvol=$boot_vol 0 0
EOF
isc-dhcp-client
# ian: note everything after the grub package should be refactored into
-# a new class.
+# a new class. This line is duplicated in UBUNTU
+# lsof is used in my btrfs util scritps.
+# netcat is used for proxy.
+# resolvconf because if we don't install it now we have to reboot for it to
+# take effect.
PACKAGES install GRUB_PC
-grub-pc cryptsetup btrfs-tools sudo bridge-utils netcat-openbsd resolvconf
+grub-pc cryptsetup btrfs-tools sudo bridge-utils netcat-openbsd resolvconf lsof
PACKAGES install GRUB_EFI
-grub-efi cryptsetup btrfs-tools sudo bridge-utils netcat-openbsd resolvconf
+grub-efi cryptsetup btrfs-tools sudo bridge-utils netcat-openbsd resolvconf lsof
#resolvconf because dpkg-reconfigure on it has this message in flidas:
isc-dhcp-client
PACKAGES install GRUB_PC
-grub-pc cryptsetup btrfs-tools bridge-utils netcat-openbsd
+grub-pc cryptsetup btrfs-tools bridge-utils netcat-openbsd lsof
PACKAGES install XORG
ubuntu-desktop
e() { echo "$@"; "$@"; }
-# When stretch becomes stable, change this to stretch.
-# I\'ve tested this with stretch, it works, but notably,
# the automatic basefile getting will be for stretch
# instead of jessie, so if you install jessie, you need
# to setup the basefile and it\'s corresponding class.
if armhf; then
cd /srv/fai
rm -rf nfsroot
- tar Jxf /a/bin/fai-basefiles/base.tar.xz
+ tar Jxf /a/bin/fai-basefiles/basefiles/STRETCH64.tar.xz
# background: Can't build the nfsroot on my arm system now. First,
# fai-make-nfsroot won't work out of the box. One idea to make it work
# is by installing qemu-user-static, then copying qemu-x86_64-static
# seem contradictory, but it works.
fai-setup -evag
-else
- e fai-setup -e -vf
+else # not armhf
+ # note, this copies the -B arg to
+ # /srv/fai/nfsroot/var/tmp/base.tar.xz
+ e fai-setup -evf -B /a/bin/fai-basefiles/basefiles/STRETCH64.tar.xz
# make the faiserver also the apt proxy server
apt-get -y install apt-cacher-ng
fi
if [[ -e $dir/boot ]]; then
dir=$dir/boot
fi
+ e install -m 755 -o root -g root bash-trace $dir
e install -m 755 -o root -g root chboot $dir
done
e umount $mount_point
# assuming ipv4, or else we might need to deal with multiple addresses
# in an ipv4 + ipv6 network.
my_ip=$(ip -4 route get 8.8.8.8 | sed -nr 's,^.*src\s+(\S+).*,\1,p')
-if [[ $x =~ [[:space:]] ]]; then
+if [[ ! $my_ip || $my_ip =~ [[:space:]] ]]; then
echo "$0: error: failed to get \$my_ip, got: $my_ip"
exit 1
fi
if [[ $host == default ]]; then
- ip=$network
+ ip='*'
elif [[ $host == [0-9]*.[0-9]*.[0-9]*.[0-9]* ]]; then
- ip=$host
+ ip=$host/32
else
type -t host &>/dev/null || apt-get -y install dnsutils
ip=$(host $host | sed -rn 's/^\S+ has address //p;T;q')/32
+ if [[ ! $ip || $ip =~ [[:space:]] ]]; then
+ echo "$0: error: failed to get \$my_ip, got: $my_ip"
+ exit 1
+ fi
+
fi
if modprobe nfsd &>/dev/null; then
redep=true
acks=2
wait=false
-temp=$(getopt -l help harSw "$@") || usage 1
+temp=$(getopt -l help adrSwh "$@") || usage 1
eval set -- "$temp"
while true; do
case $1 in
;;
esac
+if $wait && ! $dhcp; then
+ echo "$0: error -w conflicts with -d, choose one or other"
+ exit 1
+fi
+
+
if [[ $host && $host != default ]]; then
host_tag="tag:$host,"
fi
# todo: at some later time, i found /mnt/usb not mounted, watch to see if
# that is the case after running this or rebooting.
# wiki says safe to do in case of fstab changes:
-cedit /etc/config/fstab <<'EOF' || { v block umount; v block mount; }
-config global automount
- option from_fstab 1
- option anon_mount 1
-
-config global autoswap
- option from_fstab 1
- option anon_swap 1
-
-config mount
- option target /mnt/usb
- option device /dev/sda2
- option fstype ext4
- option options rw,async,noatime,nodiratime
- option enabled 1
- option enabled_fsck 0
-
-config swap
- option device /dev/sda1
- option enabled 1
-EOF
+## ian: commented and replaced with just an echo
+## since usb port seems to be busted.
+echo | cedit /etc/config/fstab
+# cedit /etc/config/fstab <<'EOF' || { v block umount; v block mount; }
+# config global automount
+# option from_fstab 1
+# option anon_mount 1
+
+# config global autoswap
+# option from_fstab 1
+# option anon_swap 1
+
+# config mount
+# option target /mnt/usb
+# option device /dev/sda2
+# option fstype ext2
+# option options rw,async,noatime,nodiratime
+# option enabled 1
+# option enabled_fsck 0
+
+# config swap
+# option device /dev/sda1
+# option enabled 1
+
+# EOF
v cedit /etc/hosts <<EOF || dnsmasq_restart=true
127.0.1.1 wrt
192.168.1.1 wrt
-192.168.1.2 treetowl b8.nz faiserver
+192.168.1.2 treetowl
192.168.1.3 frodo
192.168.1.4 htpc
-192.168.1.5 x2
+192.168.1.5 x2 faiserver b8.nz
192.168.1.6 demohost
#192.168.1.7 faiserver
192.168.1.8 tp
192.168.1.9 n5
+192.168.1.10 kw
72.14.176.105 li
45.33.9.11 lj
138.68.10.24 dopub
# so might as well use it.
# hostname is the name it uses according to telnet
dhcp-host=b4:75:0e:94:29:ca,set:switch9429ca,192.168.1.251,switch9429ca
+dhcp-host=10:78:d2:da:28:4f,set:kw,192.168.1.10,kw
# template
iankelling.org / git / automated-distro-installer / commitdiff