iankelling.org Git - automated-distro-installer/blob - README

   1 PXE install w multi-boot, btrfs & Libreboot support
   2
   3 Some things are specific to my home network, and uses files with secrets
   4 that are not in this repo. Uses pxe or pxe-kexec (on libreboot, I have
   5 not added a pxe rom, I use a minimal debian stable subvolume which acts
   6 like a pxe rom). I use this for bare metal and vms, and two scripts
   7 which can run post boot so I use them on vps distributed image as well.
   8
   9 Features people may find useful: installs encrypted trisquel, debian,
  10 ubuntu, and arch (havne't done recently, probably a bit broken), in a
  11 multi-boot setup using multiple subvolumes of a single btrfs filesystem.
  12 Utilizes multiple disks, with scripts to automatically decrypt on
  13 intentional reboots, but not after shutdown or power loss.
  14
  15 The partititioning and filesystem script is at
  16 fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and
  17 raided in raid 1 or raid 0 per configuration. The base partitions are
  18 divided into boot, swap, and root, (only boot is unencrypted). There are
  19 scripts to resize those partitions post-provision and while the system
  20 is running.
  21
  22 People who use fai may find these things as useful examples: it uses
  23 dnsmasq (on a openwrt machine) for dhcp instead of the isc
  24 dhcp. fai-wrapper is a small script to use basic fai classes outside of
  25 fai. It does not use the fai partitioning tool, but the script is
  26 inspired from it and works outside of fai. It supports running a fai
  27 server on debian within android via Maru.
  28
  29 It also automates configuration of an openwrt router after manual
  30 initial installation.
  31
  32 After provisionining is done, I sync files using btrfs, or unison for
  33 vps, then automate further setup using a different set of scripts,
  34 https://iankelling.org/git/?p=distro-setup;a=tree.
  35
  36 My network is a wndr3700v2 router with openwrt on it and a few pcs/laptops.
  37
  38 Since fai requires a debian server as the fai server, there are also
  39 scripts to automate a debian install using pxe and preseeding, which can
  40 be done from any distro.
  41
  42 Some of the scripts have dependencies for some simple obvious utility
  43 scripts from https://iankelling.org/git, and of course there are some
  44 hostnames that are specific to my network.
  45
  46 All scripts meant to be used directly are listed here:
  47
  48
  49 # Scripts to setup the environment for the install
  50
  51 arch-pxe # Setup arch pxe boot server from an arch base image
  52 fai-redep # Deploy fai configuration to host "faiserver"
  53 faiserver-revm # using pxe & preseed, create a vm which is a fai server
  54 faiserver-uninstall # uninstall fai-server
  55 faiserver-setup # install fai-server on the current machine
  56 myfai-chboot # setup fai tftp and nfs. useful for doing pxe-kexec
  57 pxe-server # disable/enable pxe dhcp, tfp, and nfs. calls myfai-chboot
  58 wrt-setup-remote  # setup my router in general: dhcp, dns, etc.
  59
  60
  61 # Script to do a distro install
  62
  63 dsfull # install & post-install a new fai distro
  64 arch-init-remote # install arch after it's been booted into it's setup env
  65 fai-kexec # Kexec this or a remote machine using host faiserver
  66 live-kexec # fai kexec from upstream live cds, e.g. curl live-kexec|bash
  67
  68
  69 # Test scripts
  70
  71 arch-revm # test arch install on a fresh vm
  72 fai-revm  # test fai install on a fresh vm
  73
  74
  75 # Scripts to call after a distro install for various reasons
  76
  77 chboot # Set grub to boot into a different distro (installed earlier)
  78 install-chboot # reinstall chboot to /boot subvols, for chboot updates.
  79 eboot # reboot without automatic disk decryption
  80 fai-wrapper # use fai classes outside of fai. sourced, not called.
  81 faiserver-disable # Disable the fai nfs server exports
  82 fresize # resize swap or boot partitions in a host
  83
  84 # Replacing a raid 10 disk
  85
  86 pxe-server -S HOST fai
  87 ssh root@HOST
  88 cat >p
  89 PASSWORD HERE(ctrl-d ctrl-d)
  90 for d in /dev/disk/by-id/ata*part1; do cryptsetup luksOpen --key-file p $d crypt_dev_${d##*/}; done
  91 # btrfs replace disk # i forget the actual command
  92 x=(/dev/mapper/*part1); mount -o subvol=root_trisquelflidas $x /mnt
  93 mount -o subvol=boot_trisquelflidas /dev/sda3 /mnt/boot
  94 for x in dev proc sys; do mount -o bind /$x /mnt/$x; done
  95 chroot /mnt /bin/bash
  96 # replace disk in fstab
  97 # replace disk in /etc/crypttab
  98 update-grub
  99 update-initramfs -u
 100 mount /a
 101 /a/exe/keyscript-on
 102 exit
 103 reboot
 104
 105
 106 # dirinstall
 107
 108 host=kw
 109 distro=flidas
 110 t=/tmp/d
 111 # be root:
 112 sudo sed -i 's/^LOGUSER=/#LOGUSER=/' /etc/fai/fai.conf
 113 # required after a failed run
 114 umount /var/lib/fai/config ||:
 115 fai-redep faiserver $distro
 116 rm -rf $t ; mkdir $t; fai -N -u $host dirinstall $t
 117
 118 # cleanup:
 119 sudo sed -i 's/^#LOGUSER=/LOGUSER=/' /etc/fai/fai.conf
 120 s umount -R $t/proc
 121
 122
 123 # Turning a dirinstall into a basefile. taken from mk-basefile
 124
 125 chroot $t apt-get clean
 126 rm -f $t/etc/hostname $t/etc/resolv.conf \
 127       $t/var/lib/apt/lists/*_* $t/usr/bin/qemu-*-static \
 128       $t/etc/udev/rules.d/70-persistent-net.rules
 129 > $t/etc/machine-id
 130 tar --one-file-system -C $t -cf - . | gzip > /a/bin/fai-basefiles/basefiles/FLIDAS64X.tar.gz
 131
 132 License stuff:
 133 The license for the project is GPLv2 or later, mostly because fai is and
 134 I periodically merge the upstream example config, which contains small
 135 scripts. Also, there is a modified encrypt.upstream, which is from the
 136 cryptsetup package in arch, which is under the same license.