Check if arguments are present for setup.sh

Added config & hardware scripts for OVH KS-5 with 2x 2TB HDDs
Added my own authorized_keys and removed lubs
Removed longhorn volumes, dependencies and configs

README.md

@@ -11,7 +11,7 @@ reboot
 ./setup.sh <template> <fqdn>
 
 # example:
-apt-get update && apt-get -y dist-upgrade && git clone https://gitea.lubiland.de/lubiland/hardware-setup.git && cd hardware-setup
+apt-get update && apt-get -y dist-upgrade && git clone https://gitea.lubiland.de/pandro/hardware-setup.git && cd hardware-setup
 ./setup.sh hetzner_ax51-nvme asef.lubi.link
 
 

authorized_keys/lub

@@ -1,2 +0,0 @@
-sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINQ0EPy3cbfX/wmelSsjRvrXpq9kZWo8tRh68r4Z3QhTAAAABHNzaDo= lub@primary
-sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAUmJxFSwI95zf/NBKNMDXyiRViuKsWnVYl3Qd3DXdRWAAAABHNzaDo= lub@secondary

authorized_keys/pandro

@@ -0,0 +1 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAAsp+gJNn92bg7WWC4jITKBrEnhZPd7Q9wBF3CZV+80lB0OHlY/m9OSN0njtAAtDUTCY3owC4eXu8FNbzwzRT0pjAEwm2558sd5NCwfu075u0zypkDgZ/tedVLYjMhYlpgE1VrYW/Mn3tF5+e3RnAaSNk8OrRXMcd9BnjaC9TlppGo92g== peery@0WLH34RT

config/ovh_ks-5_2x2TB_hdd/etc/crypttab

@@ -0,0 +1,3 @@
+# <target>      <source device>         <key file>      <options>
+root-unlocked-sda1 /dev/sda1 none luks,discard
+root-unlocked-sdb1 /dev/sdb1 none luks,discard

config/ovh_ks-5_2x2TB_hdd/etc/fstab

@@ -0,0 +1,8 @@
+#
+# /etc/fstab: static file system information
+#
+# <file system> <dir>   <type>  <options>       <dump>  <pass>
+
+/dev/mapper/root-unlocked-sda1 / btrfs relatime,autodefrag 0 1
+UUID=%boot_uuid% /boot ext4 relatime 0 2
+UUID=%esp_uuid% /boot/efi vfat relatime 0 2

hardware/ovh_ks-5_2x2TB_hdd/boot

@@ -0,0 +1 @@
+/dev/md0

hardware/ovh_ks-5_2x2TB_hdd/esp

@@ -0,0 +1 @@
+/dev/sda3

hardware/ovh_ks-5_2x2TB_hdd/mkfs.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+set -e 
+
+# / 1990GB /dev/sda1 & /dev/sdb1 btrfs raid1
+# /boot 2GB /dev/md0
+# /boot/efi 1GB /dev/sda3 || /dev/sdb3
+# free 7GB
+
+chroot="$1"
+boot="hardware/${2}/boot"
+esp="hardware/${2}/esp"
+root="hardware/${2}/root"
+
+# encrypt and unlock the root partitions
+echo -n 'Enter LUKS password: '
+read -s root_pwd
+echo #to indicate progress after password prompt
+for root in "sda1" "sdb1"; do
+    echo -n $root_pwd | cryptsetup -q luksFormat "/dev/$root"
+    echo -n $root_pwd | cryptsetup open --type luks "/dev/$root" "root-unlocked-$root"
+done
+unset root_pwd
+
+
+# root device btrfs raid1
+mkfs.btrfs /dev/mapper/root-unlocked-sda1
+mount /dev/mapper/root-unlocked-sda1 "$chroot"
+btrfs device add /dev/mapper/root-unlocked-sdb1 "$chroot" -f
+btrfs balance start -dconvert=raid1 -mconvert=raid1 "$chroot"
+
+# boot device ext4
+echo mkfs.ext4 "$boot" 
+mkfs.ext4 "$boot" 
+echo mkdir "$chroot/boot" 
+mkdir "$chroot/boot" 
+echo mount "$boot" "$chroot/boot" 
+mount "$boot" "$chroot/boot" 
+ 
+# esp device FAT
+mkfs.fat "$esp" 
+mkdir "$chroot/boot/efi" 
+mount "$esp" "$chroot/boot/efi"

hardware/ovh_ks-5_2x2TB_hdd/network.sh

@@ -0,0 +1,16 @@
+#!/bin/bash -e
+
+address=$(ip addr show dev eth0 scope global | grep -F 'inet ' | perl -pe 's#.*inet (.*?) .*#$1#')
+gateway=$(echo "$address" | perl -pe 's#\d*/24$/#254#')
+
+# $interface differs from the live system because of different naming schemes
+# see https://wiki.debian.org/NetworkInterfaceNames for more details
+interface='eno1'
+
+
+echo "[Match]
+Name=$interface
+
+[Network]
+Address=$address
+Gateway=$gateway" > "/etc/systemd/network/${interface}.network"

hardware/ovh_ks-5_2x2TB_hdd/parted.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+set -e
+
+
+# / 1990GB
+# /boot 2GB
+# /boot/efi 1GB
+# free 7GB
+
+parted /dev/sda mklabel gpt
+parted /dev/sda mkpart primary 1 1990GB
+parted /dev/sda mkpart primary 1990GB 1992GB
+parted /dev/sda mkpart primary 1992GB 1993GB
+# set flag for ESP
+parted /dev/sda set 3 boot on
+
+parted /dev/sdb mklabel gpt
+parted /dev/sdb mkpart primary 1 1990GB
+parted /dev/sdb mkpart primary 1990GB 1992GB
+parted /dev/sdb mkpart primary 1992GB 1993GB
+# set flag for ESP
+parted /dev/sdb set 3 boot on
+
+sleep 1
+
+# $1=hostname
+echo 'yes' | mdadm -C /dev/md0 --homehost="$1" -l1 -n2 /dev/sd[ab]2  # /boot raid1

hardware/ovh_ks-5_2x2TB_hdd/root

@@ -0,0 +1 @@
+/dev/sda1

post-debootstrap-installer.sh

@@ -2,8 +2,10 @@
 export DEBIAN_FRONTEND=noninteractive
 
 
-# config files
+# common config files
-cp -a /hardware-setup/config/* /
+cp -aR /hardware-setup/config/base/* /
+# overwrite config files
+cp -aR /hardware-setup/config/$1/* /
 
 # update apt because sources.list.d is also in config/*
 apt-get update
@@ -23,7 +25,7 @@ apt-get -y install locales
 
 ### boot
 
-apt-get -y install lvm2 mdadm cryptsetup systemd systemd-sysv e2fsprogs firmware-linux
+apt-get -y install lvm2 mdadm cryptsetup systemd systemd-sysv e2fsprogs firmware-linux btrfs-progs
 systemctl enable fstrim.timer
 
 # --force-confold because we already provide /etc/dropbear/initramfs/dropbear.conf
@@ -52,10 +54,6 @@ esp_uuid=$(blkid --output value "/hardware-setup/hardware/${1}/esp" | head -n1)
 sed -i "s/%boot_uuid%/${boot_uuid}/" /etc/fstab
 sed -i "s/%esp_uuid%/${esp_uuid}/" /etc/fstab
 
-# install longhorn dependencies
-apt-get -y install open-iscsi nfs-common
-systemctl disable rpcbind.service # rpcbind is not used with NFS v4
-
 # after cryptsetup, mdadm, ... because of update-initramfs
 apt-get -y install linux-image-amd64
 update-grub
@@ -129,3 +127,5 @@ sed -i "s/%fqdn%/$(hostname)/g" /etc/hosts
 # as unbound isn't running in the live/rescue system chroot,
 # which is where this script usually runs
 echo 'nameserver 127.0.0.1' > /etc/resolv.conf
+
+update-initramfs -u

reset.sh

@@ -7,3 +7,4 @@ done
 wait
 
 sync
+partprobe

setup.sh

@@ -1,8 +1,13 @@
 #!/bin/bash
 set -e
 
+if [[ -z $1 ]] || [[ -z $2 ]]; then
+    echo "Missing some arguments!"
+    echo "Usage: ./setup.sh <template> <fqdn>"
+    exit 1
+fi
 
-apt-get -y install lvm2 mdadm cryptsetup debootstrap
+apt-get -y install lvm2 mdadm cryptsetup debootstrap btrfs-progs
 
 # returns /dev/md0 as root device
 # returns "$boot" as boot device
@@ -10,39 +15,11 @@ apt-get -y install lvm2 mdadm cryptsetup debootstrap
 root="hardware/${1}/root"
 boot="hardware/${1}/boot"
 esp="hardware/${1}/esp"
-longhorn="hardware/${1}/longhorn"
-
-# encrypt and unlock root device
-echo -n 'Enter LUKS password: '
-read -s root_pwd
-echo #to indicate progress after password prompt
-echo -n $root_pwd | cryptsetup -q luksFormat "$root"
-echo -n $root_pwd | cryptsetup open --type luks "$root" root-unlocked
-unset root_pwd
-
 
 # format
-
 chroot=/mnt/root-unlocked
-
+mkdir "$chroot"
-# root device
+"./hardware/${1}/mkfs.sh" "$chroot" "$1"
-mkfs.ext4 /dev/mapper/root-unlocked
-mkdir /mnt/root-unlocked
-mount /dev/mapper/root-unlocked /mnt/root-unlocked
-
-# boot device
-mkfs.ext4 "$boot"
-mkdir "$chroot/boot"
-mount "$boot" "$chroot/boot"
-
-# esp device
-mkfs.fat "$esp"
-mkdir "$chroot/boot/efi"
-mount "$esp" "$chroot/boot/efi"
-
-# additional data disks
-mkfs.ext4 "$longhorn"
-mkdir --parents "$chroot/var/lib/longhorn"
 
 
 # debootstrap