-Scripts for initial setup of OSes on my home network.
+PXE install w multi-boot, btrfs & Libreboot support
-My network is a wndr3700v2 router with openwrt on it and a few pcs
-with atm: arch, debian jessie and debian stretch on them.
+Some things are specific to my home network, and uses files with secrets
+that are not in this repo. Uses pxe or pxe-kexec (on libreboot, I have
+not added a pxe rom, I use a minimal debian stable subvolume which acts
+like a pxe rom). I use this for bare metal and vms, and two scripts
+which can run post boot so I use them on vps distributed image as well.
+Features people may find useful: installs encrypted trisquel, debian,
+ubuntu, and arch (havne't done recently, probably a bit broken), in a
+multi-boot setup using multiple subvolumes of a single btrfs filesystem.
+Utilizes multiple disks, with scripts to automatically decrypt on
+intentional reboots, but not after shutdown or power loss.
-Scripts meant to be called interactively:
+The partititioning and filesystem script is at
+fai/config/hooks/partition.DEFAULT. Disks are grouped as ssd or hdd and
+raided in raid 1 or raid 0 per configuration. The base partitions are
+divided into boot, swap, and root, (only boot is unencrypted). There are
+scripts to resize those partitions post-provision and while the system
+is running.
+People who use fai may find these things as useful examples: it uses
+dnsmasq (on a openwrt machine) for dhcp instead of the isc
+dhcp. fai-wrapper is a small script to use basic fai classes outside of
+fai. It does not use the fai partitioning tool, but the script is
+inspired from it and works outside of fai. It supports running a fai
+server on debian within android via Maru.
+
+It also automates configuration of an openwrt router after manual
+initial installation.
+
+After provisionining is done, I sync files using btrfs, or unison for
+vps, then automate further setup using a different set of scripts,
+https://iankelling.org/git/?p=distro-setup;a=tree.
+
+My network is a wndr3700v2 router with openwrt on it and a few pcs/laptops.
+
+Since fai requires a debian server as the fai server, there are also
+scripts to automate a debian install using pxe and preseeding, which can
+be done from any distro.
+
+Some of the scripts have dependencies for some simple obvious utility
+scripts from https://iankelling.org/git, and of course there are some
+hostnames that are specific to my network.
+
+All scripts meant to be used directly are listed here:
+
+
+# Scripts to setup the environment for the install
+
+arch-pxe # Setup arch pxe boot server from an arch base image
+fai-redep # Deploy fai configuration to host "faiserver"
+faiserver-revm # using pxe & preseed, create a vm which is a fai server
+faiserver-uninstall # uninstall fai-server
+faiserver-setup # install fai-server on the current machine
+myfai-chboot # setup fai tftp and nfs. useful for doing pxe-kexec
+pxe-server # disable/enable pxe dhcp, tfp, and nfs. calls myfai-chboot
+wrt-setup-remote # setup my router in general: dhcp, dns, etc.
+
+
+# Script to do a distro install
+
+dsfull # install & post-install a new fai distro
+arch-init-remote # install arch after it's been booted into it's setup env
+fai-kexec # Kexec this or a remote machine using host faiserver
+live-kexec # fai kexec from upstream live cds, e.g. curl live-kexec|bash
+
+
+# Test scripts
+
+arch-revm # test arch install on a fresh vm
+fai-revm # test fai install on a fresh vm
+
+
+# Scripts to call after a distro install for various reasons
-arch-init-remote # install arch (after it's been booted into it's setup env)
chboot # Set grub to boot into a different distro (installed earlier)
-dsfull # install & setup a new fai distro (if data partition already synced)
-fai-revm # test fai on a fresh vm
-faiserver-revm # create a vm which is a fai server
-faiserver-uninstall
+install-chboot # reinstall chboot to /boot subvols, for chboot updates.
+eboot # reboot without automatic disk decryption
+fai-wrapper # use fai classes outside of fai. sourced, not called.
+faiserver-disable # Disable the fai nfs server exports
fresize # resize swap or boot partitions in a host
-pxe-server # temporarily enable (usually) fai or arch boot server
-wrt-setup-remote # setup my router
+
+# Replacing a raid 10 disk
+
+pxe-server -S HOST fai
+ssh root@HOST
+cat >p
+PASSWORD HERE(ctrl-d ctrl-d)
+for d in /dev/disk/by-id/ata*part1; do cryptsetup luksOpen --key-file p $d crypt_dev_${d##*/}; done
+# btrfs replace disk # i forget the actual command
+x=(/dev/mapper/*part1); mount -o subvol=root_trisquelflidas $x /mnt
+mount -o subvol=boot_trisquelflidas /dev/sda3 /mnt/boot
+for x in dev proc sys; do mount -o bind /$x /mnt/$x; done
+chroot /mnt /bin/bash
+# replace disk in fstab
+# replace disk in /etc/crypttab
+update-grub
+update-initramfs -u
+mount /a
+/a/exe/keyscript-on
+exit
+reboot
+
+
+# dirinstall
+
+host=kw
+distro=flidas
+t=/tmp/d
+# be root:
+sudo sed -i 's/^LOGUSER=/#LOGUSER=/' /etc/fai/fai.conf
+# required after a failed run
+umount /var/lib/fai/config ||:
+fai-redep faiserver $distro
+rm -rf $t ; mkdir $t; fai -N -u $host dirinstall $t
+
+# cleanup:
+sudo sed -i 's/^#LOGUSER=/LOGUSER=/' /etc/fai/fai.conf
+s umount -R $t/proc
+
+
+# Turning a dirinstall into a basefile. taken from mk-basefile
+
+chroot $t apt-get clean
+rm -f $t/etc/hostname $t/etc/resolv.conf \
+ $t/var/lib/apt/lists/*_* $t/usr/bin/qemu-*-static \
+ $t/etc/udev/rules.d/70-persistent-net.rules
+> $t/etc/machine-id
+tar --one-file-system -C $t -cf - . | gzip > /a/bin/fai-basefiles/basefiles/FLIDAS64X.tar.gz
+
+License stuff:
+The license for the project is GPLv2 or later, mostly because fai is and
+I periodically merge the upstream example config, which contains small
+scripts. Also, there is a modified encrypt.upstream, which is from the
+cryptsetup package in arch, which is under the same license.
iankelling.org / git / automated-distro-installer / blobdiff