commit dc4b370c03a34f17503191d981935add67b9bfb7
Author: milan <milan@my-web.xyz>
Date:   Sun Sep 2 13:01:37 2018 +0200

    first

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b28eec7
--- /dev/null
+++ b/README.md
@@ -0,0 +1,42 @@
+__Features:__
+
+setup-usl-mm_install_requirements ->
+configure main and universe repo in sources.list,
+install dialog utility
+
+setup-usl-mm
+1. Pre-reboot script ->
+change timezone to Prague,
+crypt swap partition with ecryptfs-utils,
+crypt some partition with dmcrypt to use with /var/lib/lxd and LXD ZFS storage,
+add some config to sysctl.conf,
+disable lxd service,
+delete everything in /var/lib/lxd/*,
+delete netplan, install ifupdown,
+configure bridged networking (you can put LXD container to your network simple by add br0 to container),
+create zpool with ashift=12,
+set compression=on on crypted zpool,
+configure zfs cache min 256MB max 1024MB,
+do dist-upgrade,
+create /root/onstart script to decrypt crypted parition with password and start lxd (you need start this script on every reboot),
+reboot
+
+2. Post-reboot script ->
+for sure, stop lxd service and delete everything in /var/lib/lxd/*,
+exec /root/onstart to decrypt partition and import zpool,
+configure LXD to use encrypted partition as storage,
+add some config to /root/.screenrc (for gnuscreen utility),
+install htop mc zfsnap and screen
+
+3. Install uptrack-upgrade ->
+install ksplice tool for kernel live patching
+
+__Requirements:__
+
+Fresh installation of Ubuntu 18.04.1, swap partition and some paritition to crypted data
+
+
+
+__THE PROGRAM IS DISTRIBUTED IN THE HOPE THAT IT WILL BE USEFUL, BUT WITHOUT ANY WARRANTY. IT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.__
+
+__IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW THE AUTHOR WILL BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.__
diff --git a/license.txt b/license.txt
new file mode 100644
index 0000000..8b1a9d8
--- /dev/null
+++ b/license.txt
@@ -0,0 +1,13 @@
+           DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                   Version 2, December 2004
+
+Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
+
+Everyone is permitted to copy and distribute verbatim or modified
+copies of this license document, and changing it is allowed as long
+as the name is changed.
+
+           DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+  TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. You just DO WHAT THE FUCK YOU WANT TO.
diff --git a/setup-usl-mm b/setup-usl-mm
new file mode 100755
index 0000000..b254234
--- /dev/null
+++ b/setup-usl-mm
@@ -0,0 +1,192 @@
+#!/bin/bash
+
+pre_reboot_script () {
+	echo "Setting timezone to Prague"
+	timedatectl set-timezone Europe/Prague
+
+	echo "Installing requirements"
+	apt install cryptsetup ecryptfs-utils zfsutils-linux -y
+
+	echo "Starting ecryptfs-setup-swap"
+	ecryptfs-setup-swap
+
+	echo "Starting lsblk"
+	lsblk
+
+	read -p "Enter partition to encrypt:" PARTITION
+	pass_var=$(dialog --passwordbox "Enter password to crypted partition:" 25 25  --output-fd 1)
+
+	echo "Starting luksFormat"
+	echo -n "$pass_var" | cryptsetup luksFormat $PARTITION -
+
+	echo "Opening crypted partition"
+	echo "$pass_var" | cryptsetup open $PARTITION crypt -c -
+
+	echo "Creating zpool"
+	zpool create crypt /dev/mapper/crypt -o ashift=12
+
+	echo "Enabling compression on zpool"
+	zfs set compression=on crypt
+
+	echo "Creating datasets crypt/lxd/dir crypt/lxd/storage"
+	zfs create crypt/lxd
+	zfs create crypt/lxd/dir
+	zfs create crypt/lxd/storage
+
+	echo "Stopping and disabling lxd"
+	systemctl disable lxd
+	systemctl disable lxd.socket
+	systemctl stop lxd
+
+	echo "Deleting everything in /var/lib/lxd/*"
+	rm /var/lib/lxd/* -r
+
+	echo "Creating mountpoint /var/lib/lxd to crypt/lxd/dir"
+	zfs set mountpoint=/var/lib/lxd crypt/lxd/dir
+
+	echo "Configuring sysctl"
+	echo "vm.swappiness = 1" > /etc/sysctl.d/50-usl-mm.conf
+	echo "vm.min_free_kbytes = 131072" >> /etc/sysctl.d/50-usl-mm.conf
+	echo "vm.dirty_background_ratio = 5" >> /etc/sysctl.d/50-usl-mm.conf
+
+	echo "Configuring arc cache for zfs to min 256MB and max 1024MB"
+	echo "options zfs zfs_arc_min=268435456" > /etc/modprobe.d/zfs.conf
+	echo "options zfs zfs_arc_max=1073741824" >> /etc/modprobe.d/zfs.conf
+
+	echo "Configuring network to use bridge"
+echo "Exec ifconfig"
+ifconfig
+read -p "Enter interface for configure bridge:" NET_IF
+echo "auto lo" > /etc/network/interfaces
+echo "iface lo inet loopback" >> /etc/network/interfaces
+echo " " >> /etc/network/interfaces
+echo "iface $NET_IF inet manual" >> /etc/network/interfaces
+echo "iface $NET_IF inet6 manual" >> /etc/network/interfaces
+echo "auto br0" >> /etc/network/interfaces
+echo "iface br0 inet dhcp" >> /etc/network/interfaces
+echo "    bridge_ports $NET_IF" >> /etc/network/interfaces
+echo "    bridge_stp off" >> /etc/network/interfaces
+echo "    bridge_fd 0" >> /etc/network/interfaces
+echo " " >> /etc/network/interfaces
+echo "iface br0 inet6 auto" >> /etc/network/interfaces
+echo "    bridge_ports $NET_IF" >> /etc/network/interfaces
+echo "    bridge_stp off" >> /etc/network/interfaces
+echo "    bridge_fd 0" >> /etc/network/interfaces
+
+
+	echo "Purging netplan,disabling dhcpcd and install ifupdown"
+	apt purge nplan -y
+	rm /etc/netplan/50-cloud-init.yaml
+	apt install bridge-utils ifupdown -y
+
+	echo "Doing apt update and apt dist-upgrade"
+	apt update
+	apt dist-upgrade -y
+
+	echo "Creating onstart script in /root"
+	echo "#!/bin/bash" > /root/onstart
+	echo "read -p \"Press any button to start...\"" >> /root/onstart
+	echo "pass_var=\$(dialog --passwordbox \"Enter password:\" 25 25  --output-fd 1)" >> /root/onstart
+	echo "echo \"Opening encrypted partition\"" >> /root/onstart
+	echo "echo \$pass_var | cryptsetup open $PARTITION crypt -c -" >> /root/onstart
+	echo "partprobe" >> /root/onstart
+	echo "zpool import -d /dev/mapper crypt -f -m" >> /root/onstart
+	echo "systemctl start lxd" >> /root/onstart
+	chmod +x /root/onstart
+	read -p "Press any key for reboot"
+	reboot
+}
+
+post_reboot_script () {
+	echo "Stopping lxd and delete /var/lib/lxd/*"
+	systemctl stop lxd
+	rm /var/lib/lxd/* -r
+
+	echo "Executing /root/onstart"
+	bash /root/onstart
+
+	echo "Configuring LXD"
+lxd waitready
+cat <<EOF | lxd init
+no
+yes
+storage
+zfs
+no
+crypt/lxd/storage
+no
+yes
+lxdbr0
+10.10.10.1/24
+yes
+none
+no
+no
+no
+EOF
+
+	echo "Set screen settings"
+	echo "startup_message off" >> /root/.screenrc
+	echo "screen -t htop htop" >> /root/.screenrc
+	echo "screen -t mc mc" >> /root/.screenrc
+	echo "screen -t bash bash" >> /root/.screenrc
+	echo "altscreen on" >> /root/.screenrc
+	echo "term screen-256color" >> /root/.screenrc
+	echo "bind 'b' prev" >> /root/.screenrc
+	echo "bind 'n' next" >> /root/.screenrc
+	echo "hardstatus alwayslastline" >> /root/.screenrc
+	echo "autodetach on" >> /root/.screenrc
+	echo "mousetrack on" >> /root/.screenrc
+	echo "vbell off" >> /root/.screenrc
+	echo "termcapinfo xterm* ti@:te@" >> /root/.screenrc
+	echo "defscrollback 5000" >> /root/.screenrc
+	echo "scrollback 5000" >> /root/.screenrc
+	echo "hardstatus string \"%{=b kw} %?%-Lw%?%{=br kw}[%n %t]%{=b kw}%?%+Lw%? %= %c\"" >> /root/.screenrc
+
+	echo "Install utilities"
+	apt install -y mc htop screen zfsnap
+
+	read -p "Done, press any key to return to main menu"
+	main_menu
+}
+
+install_uptrack () {
+	cd /tmp
+	wget https://ksplice.oracle.com/uptrack/dist/bionic/ksplice-uptrack.deb
+	apt install libgtk2-perl dbus-x11 libglade2-0 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib python python-cairo python-dbus python-gi python-glade2 python-gobject-2 python-gtk2 python-minimal python-pycurl python-yaml python2.7 python2.7-minimal  -y
+	dpkg -i ksplice-uptrack.deb
+	read -p "Done, press any key to return to main menu"
+	main_menu
+}
+main_menu () {
+	cmd=(dialog --nocancel --menu "Welcome in setup-lxd-mm!" 22 76 16)
+	options=(
+		1 "Pre-reboot script"
+		2 "Post-reboot script"
+		3 "Install uptrack-upgrade"
+	)
+
+	choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty)
+
+	for choice in $choices
+	do
+	case $choice in
+
+        1)
+		pre_reboot_script
+	;;
+
+        2)
+		post_reboot_script
+	;;
+
+	3)
+		install_uptrack
+	;;
+
+	esac
+	done
+	clear
+}
+
+main_menu
diff --git a/setup-usl-mm_install_requirements b/setup-usl-mm_install_requirements
new file mode 100755
index 0000000..a284b70
--- /dev/null
+++ b/setup-usl-mm_install_requirements
@@ -0,0 +1,6 @@
+#!/bin/bash
+echo "deb http://archive.ubuntu.com/ubuntu bionic main universe" > /etc/apt/sources.list
+echo "deb http://archive.ubuntu.com/ubuntu bionic-security main universe" >> /etc/apt/sources.list
+echo "deb http://archive.ubuntu.com/ubuntu bionic-updates main universe" >> /etc/apt/sources.list
+apt update
+apt install dialog