-Multi-boot/distro btrfs provisioning
+PXE install w multi-boot, btrfs & Libreboot support
-Some things are specific to my home network. Uses pxe or pxe-kexec (on
-libreboot, I have not addded a pxe rom. I use a minimal debian stable
-subvolume which acts like a pxe rom). I use this for bare metal and vms,
-and two scripts which can run post boot so I use them on vps distributed
-image as well.
+Some things are specific to my home network, and uses files with secrets
+that are not in this repo. I use this for bare metal and vms, and two
+scripts which can run post boot so I use them on vps distributed image
+as well.
-Features people may find useful: installs encrypted trisquel belanos, ,
-debian jessie, debian stretch, ubuntu 16.04, and arch (havne't done
-recently, probably a bit broken), in a multi-boot setup using multiple
+Features people may find useful: installs encrypted trisquel, debian,
+ubuntu, arch, and parabola (archlike install is likely broken, I've only
+done pxe boots recently), in a multi-boot setup using multiple
subvolumes of a single btrfs filesystem. Utilizes multiple disks, with
scripts to automatically decrypt on intentional reboots, but not after
shutdown or power loss.
+Normal install mode for fai is using pxe, but on a libreboot system,
+there is no pxe. The pxe in a normal computer is nonfree
+firmware. Alternatives to normal pxe that I've tried:
+
+* libreboot + seabios + ipxe
+
+* Use a live cd to call pxe-kexec, this is described later in this file.
+
+* Use the fai autodiscover iso. This is more automated, so nicer.
+
+* Use an install method above to setup a gnu/linux disk partition that
+ coordinates with libreboot grub to acts like a pxe boot using
+ kexec. The boot process takes a bit longer than normal pxe. This is
+ the bootstrap partition in my scripts.
+
+Things I haven't tried:
+
+* The bios chip has enough room for an initrd. This could be setup to
+ work like the partition I use to kexec, but it would be faster, and
+ not require installing to disk.
+
The partititioning and filesystem script is at
-fai/config/hooks/partition.DEFAULT. Other debian based distros at least
-as new as ubuntu 14.04 should work fine, and I'm planning to add Fedora
-support. Disks are grouped as ssd or hdd and raided in raid 1 or raid 0
-per configuration. The base partitions are divided into boot, swap, and
-root, (only boot is unencrypted). There are scripts to resize those
-partitions post-provision and while the system is running.
+fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and
+raided in raid 1 or raid 0 per configuration. The base partitions are
+divided into boot, swap, and root, (only boot is unencrypted). There are
+scripts to resize those partitions post-provision and while the system
+is running.
People who use fai may find these things as useful examples: it uses
dnsmasq (on a openwrt machine) for dhcp instead of the isc
dhcp. fai-wrapper is a small script to use basic fai classes outside of
fai. It does not use the fai partitioning tool, but the script is
-inspired from it and works outside of fai.
+inspired from it and works outside of fai. It supports running a fai
+server on debian within android via Maru.
It also automates configuration of an openwrt router after manual
initial installation.
scripts from https://iankelling.org/git, and of course there are some
hostnames that are specific to my network.
-Main scripts meant to be called interactively:
+Before doing a fai install, you will need to populate a class file. I
+use one called 5-multi-boot, which you can see example of in
+fai/config/class/50-host-classes.
-arch-init-remote # install arch (after it's been booted into it's setup env)
-chboot # Set grub to boot into a different distro (installed earlier)
-install-chboot # reinstall chboot to /boot subvols, for when it changes
-dsfull # install & setup a new fai distro (if data partition already synced)
-eboot # reboot without automatic disk decryption
-fai-kexec # kexec to fai tftp server that pxe would normally point to
-fai-revm # test fai on a fresh vm
-fai-wrapper # Evaluate and use fai classes outside of fai.
-faiserver-revm # create a vm which is a fai server using pxe & preseed file
+Before doing a fai install, you will need to populate /q/root/luks and
+/q/root/shadow, see their references.
+
+
+
+All scripts meant to be used directly are listed here:
+
+
+# Scripts to setup the environment for the install
+
+sudo fai-cd -g grub.cfg.autodiscover -f -A $BASEFILE_DIR/autodiscover.iso # create autodiscover cd
+mymk-basefile # Create basefiles for various distros
+archlike-pxe # Setup pxe boot server from an archlike base image
+fai-redep # Deploy fai configuration to host "faiserver"
faiserver-uninstall # uninstall fai-server
faiserver-setup # install fai-server on the current machine
+myfai-chboot # setup fai tftp and nfs. useful for doing pxe-kexec
+pxe-server # disable/enable pxe dhcp, tfp, and nfs. calls myfai-chboot
+wrt-setup # setup my router in general: dhcp, dns, etc.
+
+
+# Script to do a distro install
+
+faiserver-revm # using pxe & preseed, create a vm which is a fai server
+dsfull # install & post-install a new fai distro
+arch-init-remote # install arch after it's been booted into it's setup env
+fai-kexec # Kexec this or a remote machine using host faiserver
+live-kexec # fai kexec from upstream live cds, e.g. curl live-kexec|bash
+
+
+# Test scripts
+
+arch-revm # test arch install on a fresh vm
+fai-revm # test fai install on a fresh vm
+
+
+# Scripts to call after a distro install for various reasons
+
+chboot # Set grub to boot into a different distro (installed earlier)
+install-chboot # reinstall chboot to /boot subvols, for chboot updates.
+eboot # reboot without automatic disk decryption
+fai-wrapper # use fai classes outside of fai. sourced, not called.
+faiserver-disable # Disable the fai nfs server exports
fresize # resize swap or boot partitions in a host
-myfai-chboot # Sets up tftp pxe config on fai server
-pxe-server # temporarily enable (usually) fai or arch boot server
-wrt-setup-remote # setup my router
-ubuntu-xenial-live-fai-kexec # do fai install from xenial live cd using kexec
-myfai-chboot # use instead of pxe-server for fai kexec based install
-
-License stuff:
-The license for the project is GPLv2 or later, mostly because fai is
-and I periodically rebase off their example setup for debian. Also,
-there is a modified encrypt.upstream, which is from the cryptsetup
-package in arch, which is under the same license.
+
+
+# Replacing a raid 10 disk
+
+pxe-server -S HOST fai
+ssh root@HOST
+cat >p
+for x in /target/*; do umount $x; done
+PASSWORD HERE(ctrl-d ctrl-d)
+for d in /dev/disk/by-id/ata*part1; do cryptsetup luksOpen --key-file p $d crypt_dev_${d##*/}; done
+# btrfs replace disk # i forget the actual command
+x=(/dev/mapper/*part1); mount -o subvol=root_trisquelflidas $x /mnt
+mount -o subvol=boot_trisquelflidas /dev/sda3 /mnt/boot
+for x in dev proc sys; do mount -o bind /$x /mnt/$x; done
+chroot /mnt /bin/bash
+# replace disk in fstab
+# replace disk in /etc/crypttab
+update-grub
+update-initramfs -u
+mount /a
+/a/exe/keyscript-on
+exit
+reboot
+
+
+# Expected output in fai logs
+
+For flidas, when installing systemd, this error happens, and it's
+a superflous upstream bug based on reading the post install script:
+
+addgroup: The group `systemd-journal' already exists as a system group. Exiting.
+Operation failed: No such file or directory
+
+
+# TODO
+Change arch to archlike and to support arch and parabola
+
+
+# License
+
+The license for the project is GPLv2 or later, mostly because fai is and
+I periodically merge the upstream example config, which contains small
+scripts. Also, there is a modified encrypt.upstream, which is from the
+cryptsetup package in arch, which is under the same license.
iankelling.org / git / automated-distro-installer / blobdiff