PXE install w multi-boot, btrfs & Libreboot support
Some things are specific to my home network, and uses files with secrets
-that are not in this repo. Uses pxe or pxe-kexec (on libreboot, I have
-not added a pxe rom, I use a minimal debian stable subvolume which acts
-like a pxe rom). I use this for bare metal and vms, and two scripts
-which can run post boot so I use them on vps distributed image as well.
+that are not in this repo. I use this for bare metal and vms, and two
+scripts which can run post boot so I use them on vps distributed image
+as well.
Features people may find useful: installs encrypted trisquel, debian,
ubuntu, and arch (havne't done recently, probably a bit broken), in a
Utilizes multiple disks, with scripts to automatically decrypt on
intentional reboots, but not after shutdown or power loss.
+Normal install mode for fai is using pxe, but on a libreboot system,
+there is no pxe. The pxe in a normal computer is nonfree firmware. What
+I've done instead:
+
+* Use a live cd to call pxe-kexec, this is described later in this file.
+
+* Use the fai autodiscover iso. This is more automated, so nicer.
+
+* Use an install method above to setup a gnu/linux disk partition that
+ acts like a pxe boot using kexec, but it takes a bit longer. This is
+ the bootstrap partition in my scripts.
+
+Things I haven't tried:
+
+* There is iPXE, which requires standard bios functions, which can be
+ provided by seabios, which can be a libreboot payload.
+
+* The bios chip has enough room for an initrd. This could be setup to
+ work like the partition I use to kexec, but it would be faster, and
+ not require installing to disk.
+
The partititioning and filesystem script is at
fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and
raided in raid 1 or raid 0 per configuration. The base partitions are
scripts from https://iankelling.org/git, and of course there are some
hostnames that are specific to my network.
+
+
All scripts meant to be used directly are listed here:
fresize # resize swap or boot partitions in a host
-License stuff:
+# Replacing a raid 10 disk
+
+pxe-server -S HOST fai
+ssh root@HOST
+cat >p
+PASSWORD HERE(ctrl-d ctrl-d)
+for d in /dev/disk/by-id/ata*part1; do cryptsetup luksOpen --key-file p $d crypt_dev_${d##*/}; done
+# btrfs replace disk # i forget the actual command
+x=(/dev/mapper/*part1); mount -o subvol=root_trisquelflidas $x /mnt
+mount -o subvol=boot_trisquelflidas /dev/sda3 /mnt/boot
+for x in dev proc sys; do mount -o bind /$x /mnt/$x; done
+chroot /mnt /bin/bash
+# replace disk in fstab
+# replace disk in /etc/crypttab
+update-grub
+update-initramfs -u
+mount /a
+/a/exe/keyscript-on
+exit
+reboot
+
+
+# dirinstall
+
+host=kw
+distro=trisquel
+t=/dev/shm/t
+myfai-chboot default
+sudo sed -i 's/^LOGUSER=/#LOGUSER=/' /etc/fai/fai.conf
+# config umount required after a failed run, proc umount always required
+sudo umount /var/lib/fai/config ||: ; sudo umount -R $t/proc ||:
+fai-redep faiserver $distro
+sudo rm -rf $t ; mkdir $t; time sudo LANG= fai -N -u $host dirinstall $t
+
+# cleanup:
+sudo sed -i 's/^#LOGUSER=/LOGUSER=/' /etc/fai/fai.conf
+sudo umount -R $t/proc
+
+
+# Turning a dirinstall into a basefile. taken from mk-basefile
+
+sudo chroot $t apt-get clean
+sudo rm -f $t/etc/hostname $t/etc/resolv.conf \
+ $t/var/lib/apt/lists/*_* $t/usr/bin/qemu-*-static \
+ $t/etc/udev/rules.d/70-persistent-net.rules
+echo | sudo dd of=$t/etc/machine-id
+sudo tar --one-file-system -C $t -cf - . | gzip > /a/bin/fai-basefiles/basefiles/FLIDAS64X.tar.gz
+
+
+
+# License
+
The license for the project is GPLv2 or later, mostly because fai is and
I periodically merge the upstream example config, which contains small
scripts. Also, there is a modified encrypt.upstream, which is from the
iankelling.org / git / automated-distro-installer / blobdiff