Compare commits
61 Commits
Author | SHA1 | Date |
---|---|---|
Milan Meduna | b57795901f | |
Milan Meduna | 186c0bbd8e | |
Milan Meduna | 9b9efd797c | |
Milan Meduna | ad393b7700 | |
Milan Meduna | 03ae7f4432 | |
Milan Meduna | 8ad6e00382 | |
Milan Meduna | d96d93bdd8 | |
Milan Meduna | 01f304e3ec | |
Milan Meduna | 262dcc9953 | |
Milan Meduna | 395ed99e21 | |
Milan Meduna | 75202bfe29 | |
Milan Meduna | 6c111338a6 | |
root | b9507a3502 | |
Milan Meduna | 3b3e03b828 | |
milanm | 5702680ef9 | |
Milan Meduna | 0ec2a074b7 | |
Milan Meduna | 8ae1f0710b | |
Milan Meduna | b80129b4d9 | |
Milan Meduna | 46c47c94e0 | |
Milan Meduna | 2b86c2e0ca | |
Milan Meduna | 4fc28b70d9 | |
Milan Meduna | d0628fbf8e | |
root | 2c99b22b88 | |
Milan Meduna | ca52475ef4 | |
root | 46874ecef2 | |
root | 5c82619b34 | |
root | 2bbd38efe4 | |
Milan Meduna | c8b3feae40 | |
Milan Meduna | 55f8f3d018 | |
Milan Meduna | b136b877cf | |
Milan Meduna | 342c9df609 | |
Milan Meduna | 644d9272d0 | |
Milan Meduna | c11a87dfda | |
Milan Meduna | 7128c9c67a | |
Milan Meduna | 74a38ffb0b | |
Milan Meduna | 9d85bcd269 | |
Milan Meduna | 64d9bf78ec | |
Milan Meduna | 7f55f9fb5a | |
Milan Meduna | b088aa920e | |
Milan Meduna | 9637bfd296 | |
Milan Meduna | 7f71201f69 | |
Milan Meduna | 304c31f95b | |
Milan Meduna | 445f459e2b | |
Milan Meduna | 456f7ab71a | |
Milan Meduna | a658964bab | |
Milan Meduna | b6e276bbea | |
Milan Meduna | 6c5dd3a148 | |
Milan Meduna | 8ac9dbb94d | |
Milan Meduna | 5b03d6ae0e | |
Milan Meduna | 8a1ecbf5cd | |
Milan Meduna | 926da85c67 | |
Milan Meduna | 34d1efd489 | |
Milan Meduna | 2ef9b8711e | |
Milan Meduna | 08edfdc8de | |
Milan Meduna | 9f23e613c4 | |
Milan Meduna | 2608a62072 | |
Milan Meduna | b842777b38 | |
Milan Meduna | a68b30bc79 | |
Milan Meduna | ec710ee354 | |
Milan Meduna | e09ed19624 | |
Milan Meduna | c75f311eee |
23
README.md
23
README.md
|
@ -1,18 +1,25 @@
|
|||
__LXD INIT not work for now, i dont have time to fix it. So, after installation via script, you need to run lxd init manually and set up it like script.__
|
||||
|
||||
__Features:__
|
||||
|
||||
copy_containers ->
|
||||
script for easy bulk container migrate via SSH between instalations of usl-mm, is also possible use it in non-interactive mode with parameters in this order: container-name, destination-host, destination-port(optional)
|
||||
|
||||
zfs-backup-mm-example-config ->
|
||||
example config for zfs-backup-mm script, that backup all running containers, except those with "testing" or "deluge "in container name.
|
||||
|
||||
setup-usl-mm_install_requirements ->
|
||||
configure main and universe repo in sources.list,
|
||||
install dialog utility
|
||||
|
||||
setup-usl-mm
|
||||
1. Pre-reboot script ->
|
||||
install zfs-utils and disable zpool auto-scrub,
|
||||
install zfs-utils,
|
||||
change timezone to Prague,
|
||||
crypt swap partition with ecryptfs-utils,
|
||||
crypt some partition with dmcrypt to use with /var/lib/lxd and LXD ZFS storage,
|
||||
crypt some partition with dmcrypt to use with /var/snap/lxd/common/lxd/* and LXD ZFS storage,
|
||||
add some config to sysctl.conf,
|
||||
disable lxd service,
|
||||
delete everything in /var/lib/lxd/*,
|
||||
disable snapd.lxd service,
|
||||
delete everything in /var/snap/lxd/common/lxd/*,
|
||||
delete netplan, install ifupdown,
|
||||
configure bridged networking (you can put LXD container to your network simple by add br0 to container),
|
||||
create zpool with ashift=12,
|
||||
|
@ -23,18 +30,18 @@ create /root/onstart script to decrypt crypted parition with password and start
|
|||
reboot
|
||||
|
||||
2. Post-reboot script ->
|
||||
for sure, stop lxd service and delete everything in /var/lib/lxd/*,
|
||||
for sure, stop snapd.lxd service and delete everything in /var/snap/lxd/common/lxd/*,
|
||||
exec /root/onstart to decrypt partition and import zpool,
|
||||
configure LXD to use encrypted partition as storage,
|
||||
add some config to /root/.screenrc (for gnuscreen utility),
|
||||
install htop mc zfsnap smartmontools and screen
|
||||
install htop mc zfsnap smartmontools screen and pv
|
||||
|
||||
3. Install uptrack-upgrade ->
|
||||
install ksplice tool for kernel live patching
|
||||
|
||||
__Requirements:__
|
||||
|
||||
Fresh installation of Ubuntu 18.04.1, swap partition and some paritition to crypted data
|
||||
Fresh installation of Ubuntu 20.04, swap partition and some paritition to crypted data
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,218 @@
|
|||
#!/bin/bash
|
||||
CONTS_LIST=$(lxc list | grep "RUNNING\|STOPPED" | awk {'print $2'})
|
||||
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
echo "No arguments supplied, doing interactive mode"
|
||||
sleep 1
|
||||
let i=0
|
||||
W=()
|
||||
while read -r line;
|
||||
do
|
||||
let i=$i+1
|
||||
W+=($i "$line" off)
|
||||
done < <( echo "$CONTS_LIST" )
|
||||
CONTS=$(dialog --checklist "Choose containers to copy" 24 80 17 "${W[@]}" 3>&2 2>&1 1>&3)
|
||||
DEST_IP=$(dialog --inputbox "Enter destination IP:" 25 25 --output-fd 1)
|
||||
DEST_PORT=$(dialog --inputbox "Enter destination SSH port(leave blank for default 22):" 25 25 --output-fd 1)
|
||||
fi
|
||||
|
||||
if [[ ! -z "$1" ]]; then
|
||||
if [[ ! -z "$2" ]]; then
|
||||
CONTS=$(echo "$CONTS_LIST" | nl | grep "$1" | awk {'print $1'})
|
||||
DEST_IP="$2"
|
||||
DEST_PORT="$3"
|
||||
fi
|
||||
fi
|
||||
|
||||
[ -z "$DEST_PORT" ] && DEST_PORT=22
|
||||
|
||||
|
||||
DEST_ZPOOL=$(echo crypt)
|
||||
DEST_ZPOOL_2=$(echo storage)
|
||||
|
||||
DATASETS=$(zfs list)
|
||||
SNAPS=$(zfs list -t snapshot)
|
||||
DEST_SNAPS=$(ssh $DEST_IP -p $DEST_PORT zfs list -t snapshot); (($? != 0)) && { echo "SSH command to fill DEST_SNAPS exited with non-zero"; exit 1; }
|
||||
|
||||
|
||||
bionic_checker=$(ssh $DEST_IP -p $DEST_PORT lsb_release -c | awk {'print $2'}); (($? != 0)) && { echo "SSH command to fill bionic_checker exited with non-zero"; exit 1; }
|
||||
|
||||
for CONT in $CONTS;
|
||||
do
|
||||
CONT_VAR=$(echo "$CONTS_LIST"| sed -n "`echo "$CONT p" | sed 's/ //'`")
|
||||
SNAPS_CLEANED=$(echo "$SNAPS" | grep crypt | grep lxd | grep storage | grep containers | grep -E "....-..-.._........--.d" | awk {'print $1'} | grep "$CONT_VAR"@)
|
||||
DEST_SNAPS_CLEANED=$(echo "$DEST_SNAPS" | grep crypt | grep lxd | grep storage | grep containers | grep -E "....-..-.._........--.d" | awk {'print $1'} | grep "$CONT_VAR"@)
|
||||
SOURCE_DEST_IDENTICAL_SNAPS=$(grep -Fxf <(echo "$SNAPS_CLEANED") <(echo "$DEST_SNAPS_CLEANED"))
|
||||
SNAP_TO_SEND_FIRST=$(echo "$SOURCE_DEST_IDENTICAL_SNAPS" | tail -n1)
|
||||
DATASET_VAR=$(echo "$DATASETS" | grep crypt | grep lxd | grep storage | grep containers | awk {'print $1'} | grep -E "$CONT_VAR"$)
|
||||
DATASET_RECORDSIZE_VAR=$(zfs get recordsize -H -o value "$DATASET_VAR")
|
||||
DATASET_ATIME_VAR=$(zfs get atime -H -o value "$DATASET_VAR")
|
||||
DATASET_RELATIME_VAR=$(zfs get relatime -H -o value "$DATASET_VAR")
|
||||
DATASET_QUOTA_VAR=$(zfs get quota -H -o value "$DATASET_VAR")
|
||||
|
||||
SNAP_TO_SEND_FIRST_FOR_LATER_CHECK=$(echo "$SNAP_TO_SEND_FIRST")
|
||||
IFS="
|
||||
"
|
||||
|
||||
echo "Start move "$CONT_VAR""
|
||||
|
||||
if [ -z "$SNAP_TO_SEND_FIRST" ]
|
||||
then
|
||||
|
||||
if [ -z "$SNAPS_CLEANED" ]
|
||||
then
|
||||
|
||||
echo "Creating first snapshot"
|
||||
for command in $(zfSnap -n -zpool28fix -a 7d "$DATASET_VAR" | grep snapshot | grep "$DATASET_VAR")
|
||||
do
|
||||
SNAP_TO_SEND_FIRST=$(echo "$command" | awk '{print $3}')
|
||||
echo "Doing "$command""
|
||||
eval "$command";
|
||||
done
|
||||
|
||||
else
|
||||
SNAP_TO_SEND_FIRST=$(echo "$SNAPS_CLEANED" | tail -n 48 | head -n 1)
|
||||
fi
|
||||
|
||||
echo "Sending first snapshot"
|
||||
echo "Sending "$SNAP_TO_SEND_FIRST""
|
||||
zfs send "$SNAP_TO_SEND_FIRST" | lzop | pv | ssh "$DEST_IP" -p $DEST_PORT "lzop -d | zfs recv -o recordsize="$DATASET_RECORDSIZE_VAR" -o atime="$DATASET_ATIME_VAR" -o relatime="$DATASET_RELATIME_VAR" -o quota="$DATASET_QUOTA_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR""; (($? != 0)) && { echo "SSH command to send first snapshot exited with non-zero"; exit 1; }
|
||||
|
||||
|
||||
echo "Sleep 2"
|
||||
sleep 2
|
||||
|
||||
fi
|
||||
|
||||
echo "Creating second snapshot"
|
||||
for command in $(zfSnap -n -zpool28fix -a 7d "$DATASET_VAR" | grep snapshot | grep "$DATASET_VAR")
|
||||
do
|
||||
SNAP_TO_SEND_SECOND=$(echo "$command" | awk '{print $3}')
|
||||
echo "Doing "$command""
|
||||
eval "$command";
|
||||
|
||||
done
|
||||
|
||||
echo "Sending second snapshot"
|
||||
echo "Sending "$SNAP_TO_SEND_FIRST" to "$SNAP_TO_SEND_SECOND" with -I parameter"
|
||||
zfs send -I "$SNAP_TO_SEND_FIRST" "$SNAP_TO_SEND_SECOND" | lzop | pv | ssh "$DEST_IP" -p $DEST_PORT "lzop -d | zfs recv -o recordsize="$DATASET_RECORDSIZE_VAR" -o atime="$DATASET_ATIME_VAR" -o relatime="$DATASET_RELATIME_VAR" -o quota="$DATASET_QUOTA_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR" -F"; (($? != 0)) && { echo "SSH command to send second snapshot exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Sleep 2"
|
||||
sleep 2
|
||||
|
||||
echo "Creating third snapshot"
|
||||
for command in $(zfSnap -n -zpool28fix -a 7d "$DATASET_VAR" | grep snapshot | grep "$DATASET_VAR")
|
||||
do
|
||||
SNAP_TO_SEND_THIRD=$(echo "$command" | awk '{print $3}')
|
||||
echo "Doing "$command""
|
||||
eval "$command";
|
||||
done
|
||||
|
||||
echo "Sending third snapshot"
|
||||
echo "Sending "$SNAP_TO_SEND_SECOND" to "$SNAP_TO_SEND_THIRD""
|
||||
zfs send -i "$SNAP_TO_SEND_SECOND" "$SNAP_TO_SEND_THIRD" | lzop | pv | ssh "$DEST_IP" -p $DEST_PORT "lzop -d | zfs recv -o recordsize="$DATASET_RECORDSIZE_VAR" -o atime="$DATASET_ATIME_VAR" -o relatime="$DATASET_RELATIME_VAR" -o quota="$DATASET_QUOTA_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR" -F"; (($? != 0)) && { echo "SSH command to send third snapshot exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Sleep 2"
|
||||
sleep 2
|
||||
|
||||
echo "Creating fourth snapshot"
|
||||
for command in $(zfSnap -n -zpool28fix -a 7d "$DATASET_VAR" | grep snapshot | grep "$DATASET_VAR")
|
||||
do
|
||||
SNAP_TO_SEND_FOURTH=$(echo "$command" | awk '{print $3}')
|
||||
echo "Doing "$command""
|
||||
eval "$command";
|
||||
done
|
||||
|
||||
echo "Sending fourth snapshot"
|
||||
echo "Sending "$SNAP_TO_SEND_THIRD" to "$SNAP_TO_SEND_FOURTH""
|
||||
zfs send -i "$SNAP_TO_SEND_THIRD" "$SNAP_TO_SEND_FOURTH" | lzop | pv | ssh "$DEST_IP" -p $DEST_PORT "lzop -d | zfs recv -o recordsize="$DATASET_RECORDSIZE_VAR" -o atime="$DATASET_ATIME_VAR" -o relatime="$DATASET_RELATIME_VAR" -o quota="$DATASET_QUOTA_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR" -F"; (($? != 0)) && { echo "SSH command to send fourth snapshot exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Sleep 2"
|
||||
sleep 2
|
||||
|
||||
echo "Stopping "$CONT_VAR" on source"
|
||||
lxc stop "$CONT_VAR" --timeout 30; (($? != 0)) && echo "lxc stop timed-out after 30 seconds, doing with force parameter" && lxc stop "$CONT_VAR" --force
|
||||
|
||||
echo "Sleep 2"
|
||||
sleep 2
|
||||
|
||||
echo "Creating fifth snapshot"
|
||||
for command in $(zfSnap -n -zpool28fix -a 7d "$DATASET_VAR" | grep snapshot | grep "$DATASET_VAR")
|
||||
do
|
||||
SNAP_TO_SEND_FIFTH=$(echo "$command" | awk '{print $3}')
|
||||
echo "Doing "$command""
|
||||
eval "$command";
|
||||
done
|
||||
|
||||
echo "Sending fifth snapshot"
|
||||
echo "Sending "$SNAP_TO_SEND_FOURTH" to "$SNAP_TO_SEND_FIFTH""
|
||||
zfs send -i "$SNAP_TO_SEND_FOURTH" "$SNAP_TO_SEND_FIFTH" | lzop | pv | ssh "$DEST_IP" -p $DEST_PORT "lzop -d | zfs recv -o recordsize="$DATASET_RECORDSIZE_VAR" -o atime="$DATASET_ATIME_VAR" -o relatime="$DATASET_RELATIME_VAR" -o quota="$DATASET_QUOTA_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR" -F"; (($? != 0)) && { echo "SSH command to send fifth snapshot exited with non-zero"; exit 1; }
|
||||
|
||||
if [ $bionic_checker == bionic ]
|
||||
then
|
||||
|
||||
if [ -z "$SNAP_TO_SEND_FIRST_FOR_LATER_CHECK" ]
|
||||
then
|
||||
|
||||
echo "Setting up mountpoint on destination for "$CONT_VAR""
|
||||
ssh "$DEST_IP" -p $DEST_PORT zfs set mountpoint=/var/lib/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR"; (($? != 0)) && { echo "SSH command to setup mountpoint on destination exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Fixing config for bionic"
|
||||
ssh "$DEST_IP" -p $DEST_PORT sed -i '/volatile.idmap.current/d' /var/lib/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"/backup.yaml; (($? != 0)) && { echo "SSH command to setup volatile.idmap exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT sed -i '/volatile.uuid/d' /var/lib/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"/backup.yaml; (($? != 0)) && { echo "SSH command to setup volatile.uuid exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT sed -i '/volatile.cloud-init.instance-id/d' /var/lib/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"/backup.yaml; (($? != 0)) && { echo "SSH command to setup volatile.cloud-init.instance-id exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT sed -i '/volatile.last_state.ready/d' /var/lib/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"/backup.yaml; (($? != 0)) && { echo "SSH command to setup volatile.last_state.ready exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Importing "$CONT_VAR" on destination"
|
||||
ssh "$DEST_IP" -p $DEST_PORT lxd import "$CONT_VAR" --force; (($? != 0)) && { echo "SSH command to import container exited with non-zero"; exit 1; }
|
||||
|
||||
fi
|
||||
|
||||
echo "Starting "$CONT_VAR" on destination"
|
||||
ssh "$DEST_IP" -p $DEST_PORT lxc start "$CONT_VAR"; (($? != 0)) && { echo "SSH command to start container exited with non-zero"; exit 1; }
|
||||
|
||||
echo " "
|
||||
|
||||
else
|
||||
|
||||
if [ -z "$SNAP_TO_SEND_FIRST_FOR_LATER_CHECK" ]
|
||||
then
|
||||
echo "Setting up mountpoint on destination for "$CONT_VAR""
|
||||
target_snap_version=$(ssh "$DEST_IP" -p $DEST_PORT snap info lxd| grep tracking: | awk {'print $2'} | cut -d"/" -f-1 | cut -d"." -f-1); (($? != 0)) && { echo "SSH command to fill target_snap_version exited with non-zero"; exit 1; }
|
||||
if [[ "$target_snap_version" == 4 ]]
|
||||
then
|
||||
ssh "$DEST_IP" -p $DEST_PORT zfs set canmount=noauto "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR"; (($? != 0)) && { echo "SSH command to setup mountpoint on destination exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT zfs set mountpoint=/var/snap/lxd/common/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR" "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR"; (($? != 0)) && { echo "SSH command to setup mountpoint on destination exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT zfs mount "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR"; (($? != 0)) && { echo "SSH command to setup mountpoint on destination exited with non-zero"; exit 1; }
|
||||
REMOTE_LXD_PID=$(ssh "$DEST_IP" -p $DEST_PORT cat /var/snap/lxd/common/lxd.pid); (($? != 0)) && { echo "SSH command to get REMOTE_LXD_PID on destination exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT "nsenter -t $REMOTE_LXD_PID -m bash -c \"mount -t zfs "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR" /var/snap/lxd/common/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"\""; (($? != 0)) && { echo "SSH command to set REMOTE_LXD_PID on destination exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Fixing config for lxd version 4"
|
||||
ssh "$DEST_IP" -p $DEST_PORT sed -i '/volatile.cloud-init.instance-id/d' /var/snap/lxd/common/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"/backup.yaml; (($? != 0)) && { echo "SSH command to setup volatile.cloud-init.instance-id exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT sed -i '/volatile.last_state.ready/d' /var/snap/lxd/common/lxd/storage-pools/"$DEST_ZPOOL_2"/containers/"$CONT_VAR"/backup.yaml; (($? != 0)) && { echo "SSH command to setup volatile.last_state.ready exited with non-zero"; exit 1; }
|
||||
|
||||
echo "Importing "$CONT_VAR" on destination"
|
||||
ssh "$DEST_IP" -p $DEST_PORT /snap/bin/lxd import "$CONT_VAR" --force; (($? != 0)) && { echo "SSH command to import container exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT zfs umount "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR"; (($? != 0)) && { echo "SSH command to import container exited with non-zero"; exit 1; }
|
||||
else
|
||||
|
||||
echo "Doing lxd recover"
|
||||
ssh "$DEST_IP" -p $DEST_PORT zfs set mountpoint=legacy "$DEST_ZPOOL"/lxd/storage/containers/"$CONT_VAR"; (($? != 0)) && { echo "SSH command to setup mountpoint=legacy on destination exited with non-zero"; exit 1; }
|
||||
ssh "$DEST_IP" -p $DEST_PORT "cat <<EOF | lxd recover
|
||||
no
|
||||
yes
|
||||
yes
|
||||
EOF"; (($? != 0)) && { echo "SSH command lxd recover exited with non-zero"; exit 1; }
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
echo "Starting "$CONT_VAR" on destination"
|
||||
ssh "$DEST_IP" -p $DEST_PORT /snap/bin/lxc start "$CONT_VAR"; (($? != 0)) && { echo "SSH command to start container exited with non-zero"; exit 1; }
|
||||
|
||||
echo " "
|
||||
|
||||
fi
|
||||
|
||||
done
|
74
setup-usl-mm
74
setup-usl-mm
|
@ -12,6 +12,9 @@ else
|
|||
exit 1
|
||||
fi
|
||||
|
||||
echo "Install net-tools"
|
||||
apt install net-tools -y
|
||||
|
||||
echo "Exec ifconfig"
|
||||
ifconfig
|
||||
read -p "Enter interface for configure bridge:" NET_IF
|
||||
|
@ -21,14 +24,11 @@ lsblk
|
|||
read -p "Enter partition to encrypt:" PARTITION
|
||||
|
||||
echo "Installing requirements"
|
||||
apt install cryptsetup ecryptfs-utils zfsutils-linux -y
|
||||
apt install cryptsetup ecryptfs-utils zfsutils-linux lzop -y
|
||||
|
||||
echo "Setting timezone to Prague"
|
||||
timedatectl set-timezone Europe/Prague
|
||||
|
||||
echo "Disabling zpool auto-scrub"
|
||||
sed -i 's/^/#/' /etc/cron.d/zfsutils-linux
|
||||
|
||||
echo "Starting ecryptfs-setup-swap"
|
||||
ecryptfs-setup-swap -f
|
||||
|
||||
|
@ -49,25 +49,35 @@ zfs create crypt/lxd
|
|||
zfs create crypt/lxd/dir
|
||||
zfs create crypt/lxd/storage
|
||||
|
||||
echo "Stopping and disabling lxd"
|
||||
systemctl disable lxd
|
||||
systemctl disable lxd.socket
|
||||
systemctl stop lxd
|
||||
echo "Switch to 5.19 LXD version"
|
||||
snap switch --channel 5.19/stable lxd
|
||||
snap refresh
|
||||
|
||||
echo "Deleting everything in /var/lib/lxd/*"
|
||||
rm /var/lib/lxd/* -r
|
||||
echo "Disabling lxd snap"
|
||||
snap disable lxd
|
||||
|
||||
echo "Creating mountpoint /var/lib/lxd to crypt/lxd/dir"
|
||||
zfs set mountpoint=/var/lib/lxd crypt/lxd/dir
|
||||
echo "Deleting everything in /var/snap/lxd/common/lxd/*"
|
||||
rm /var/snap/lxd/common/lxd/* -r
|
||||
|
||||
echo "Creating mountpoint /var/snap/lxd/common/lxd to crypt/lxd/dir"
|
||||
zfs set mountpoint=/var/snap/lxd/common/lxd crypt/lxd/dir
|
||||
|
||||
echo "Configuring sysctl"
|
||||
echo "vm.swappiness = 1" > /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "vm.min_free_kbytes = 131072" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "vm.dirty_background_ratio = 5" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "fs.inotify.max_queued_events = 1048576" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "fs.inotify.max_user_instances = 1048576" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "fs.inotify.max_user_watches = 1048576" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "kernel.dmesg_restrict = 1" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
echo "net.netfilter.nf_conntrack_max = 4194304" >> /etc/sysctl.d/50-usl-mm.conf
|
||||
#Ugly fix
|
||||
echo "@reboot root /sbin/sysctl -w net.netfilter.nf_conntrack_max=4194304" > /etc/cron.d/conntrack_cron
|
||||
|
||||
echo "Configuring arc cache for zfs to min 256MB and max 1536MB"
|
||||
echo "Configuring arc cache for zfs to min 256MB and max 1536MB + txg_timeout to 3"
|
||||
echo "options zfs zfs_arc_min=268435456" > /etc/modprobe.d/zfs.conf
|
||||
echo "options zfs zfs_arc_max=1610612736" >> /etc/modprobe.d/zfs.conf
|
||||
echo "options zfs zfs_txg_timeout=3" >> /etc/modprobe.d/zfs.conf
|
||||
|
||||
echo "Doing update-initramfs -u"
|
||||
update-initramfs -u
|
||||
|
@ -89,9 +99,13 @@ echo " bridge_ports $NET_IF" >> /etc/network/interfaces
|
|||
echo " bridge_stp off" >> /etc/network/interfaces
|
||||
echo " bridge_fd 0" >> /etc/network/interfaces
|
||||
|
||||
echo "Add DNS to systemd-resolved"
|
||||
echo "[Resolve]" > /etc/systemd/resolved.conf
|
||||
echo "DNS=8.8.8.8" >> /etc/systemd/resolved.conf
|
||||
echo "FallbackDNS=1.1.1.1" >> /etc/systemd/resolved.conf
|
||||
|
||||
echo "Purging netplan,disabling dhcpcd and install ifupdown"
|
||||
apt purge nplan -y
|
||||
apt purge nplan netplan.io -y
|
||||
rm /etc/netplan/* -f
|
||||
apt install bridge-utils ifupdown -y
|
||||
|
||||
|
@ -110,11 +124,14 @@ echo "else" >> /root/onstart
|
|||
echo "echo \"Passwords not match!\"" >> /root/onstart
|
||||
echo "exit 1" >> /root/onstart
|
||||
echo "fi" >> /root/onstart
|
||||
echo "echo \"Stopping LXD snap daemon and deleting /var/snap/lxd/common/lxd/*\"" >> /root/onstart
|
||||
echo "snap disable lxd" >> /root/onstart
|
||||
echo "rm /var/snap/lxd/common/lxd/* -rf" >> /root/onstart
|
||||
echo "echo \"Opening encrypted partition\"" >> /root/onstart
|
||||
echo "echo \$pass_var | cryptsetup open $PARTITION crypt -c -" >> /root/onstart
|
||||
echo "partprobe" >> /root/onstart
|
||||
echo "zpool import -d /dev/mapper crypt -f -m" >> /root/onstart
|
||||
echo "systemctl start lxd" >> /root/onstart
|
||||
echo "snap enable lxd" >> /root/onstart
|
||||
|
||||
chmod +x /root/onstart
|
||||
read -p "Press any key for reboot"
|
||||
|
@ -122,9 +139,9 @@ reboot
|
|||
}
|
||||
|
||||
post_reboot_script () {
|
||||
echo "Stopping lxd and delete /var/lib/lxd/*"
|
||||
systemctl stop lxd
|
||||
rm /var/lib/lxd/* -r
|
||||
echo "Disabling lxd and delete /var/snap/lxd/common/lxd/*"
|
||||
snap disable lxd
|
||||
rm /var/snap/lxd/common/lxd/* -r
|
||||
|
||||
echo "Executing /root/onstart"
|
||||
bash /root/onstart
|
||||
|
@ -168,7 +185,18 @@ echo "scrollback 5000" >> /root/.screenrc
|
|||
echo "hardstatus string \"%{=b kw} %?%-Lw%?%{=br kw}[%n %t]%{=b kw}%?%+Lw%? %= %c\"" >> /root/.screenrc
|
||||
|
||||
echo "Install utilities"
|
||||
apt install -y mc htop screen zfsnap smartmontools
|
||||
apt install -y mc htop screen zfsnap smartmontools pv
|
||||
|
||||
echo "Setting-up wireguard"
|
||||
apt update
|
||||
apt install wireguard -y
|
||||
lxc profile set default linux.kernel_modules wireguard
|
||||
|
||||
echo "Set max processes to 3000 in default profile in LXD"
|
||||
lxc profile set default limits.processes 3000
|
||||
|
||||
echo "Set refresh.retain=2 in snap"
|
||||
snap set system refresh.retain=2
|
||||
|
||||
read -p "Done, press any key to return to main menu"
|
||||
main_menu
|
||||
|
@ -176,9 +204,11 @@ main_menu
|
|||
|
||||
install_uptrack () {
|
||||
cd /tmp
|
||||
wget https://ksplice.oracle.com/uptrack/dist/bionic/ksplice-uptrack.deb
|
||||
apt install libgtk2-perl dbus-x11 libglade2-0 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib python python-cairo python-dbus python-gi python-glade2 python-gobject-2 python-gtk2 python-minimal python-pycurl python-yaml python2.7 python2.7-minimal -y
|
||||
dpkg -i ksplice-uptrack.deb
|
||||
wget https://ksplice.oracle.com/uptrack/dist/focal/uptrack.deb
|
||||
apt install python3-pycurl libgtk2-perl dbus-x11 libglade2-0 libpython2-stdlib libpython2.7-minimal libpython2.7-stdlib python2 python-cairo python-dbus python-gi python-gobject-2 python2-minimal python-pycurl python-yaml python2.7 python2.7-minimal -y
|
||||
dpkg -i uptrack.deb
|
||||
uptrack-upgrade -y
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 82562EA9AD986DA3
|
||||
read -p "Done, press any key to return to main menu"
|
||||
main_menu
|
||||
}
|
||||
|
|
|
@ -1,6 +1,3 @@
|
|||
#!/bin/bash
|
||||
echo "deb http://archive.ubuntu.com/ubuntu bionic main universe" > /etc/apt/sources.list
|
||||
echo "deb http://archive.ubuntu.com/ubuntu bionic-security main universe" >> /etc/apt/sources.list
|
||||
echo "deb http://archive.ubuntu.com/ubuntu bionic-updates main universe" >> /etc/apt/sources.list
|
||||
apt update
|
||||
apt install dialog
|
||||
apt install dialog -y
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
#Backup server settings
|
||||
|
||||
backup_server="192.168.0.10"
|
||||
backup_server_port="22"
|
||||
backup_server_ipv=4
|
||||
backup_server_dataset="tank/backups"
|
||||
backup_server_delete_old_snaps=y
|
||||
backup_server_number_keep_snaps=31
|
||||
|
||||
shape_megabytes=20
|
||||
#Source server settings
|
||||
#DO NOT CHANGE zfsnap_days_keep_snaps AFTER FIRST FULL BACKUP!
|
||||
|
||||
zfsnap_enable=y
|
||||
zfsnap_days_keep_snaps=7
|
||||
|
||||
running_containers=$(lxc list | grep RUNNING | awk {'print $2'})
|
||||
stopped_containers=$(lxc list | grep STOPPED | awk {'print $2'})
|
||||
|
||||
excluded_strings="deluge\|testing"
|
||||
|
||||
if [ -z "$stopped_containers" ]
|
||||
then
|
||||
source_datasets="$(zfs list | awk {'print $1'} | grep "crypt/lxd/storage/containers" | grep -ve "crypt/lxd/storage/containers$" | grep -e "$running_containers" | grep -ve "$excluded_strings")"
|
||||
else
|
||||
source_datasets="$(zfs list | awk {'print $1'} | grep "crypt/lxd/storage/containers" | grep -ve "crypt/lxd/storage/containers$" | grep -e "$running_containers" | grep -ve "$stopped_containers" | grep -ve "$excluded_strings")"
|
||||
fi
|
||||
|
Loading…
Reference in New Issue