Universal secure LXD Install script
Find a file
2022-01-28 15:40:40 +01:00
copy_containers add_lzop_to_copy_containers 2022-01-28 15:40:40 +01:00
license.txt first 2018-09-02 13:01:37 +02:00
README.md Merge branch 'master' of ssh://git.my-web.xyz:2222/milan/usl-mm 2022-01-28 15:23:16 +01:00
setup-usl-mm add_lzop 2022-01-28 15:31:59 +01:00
setup-usl-mm_install_requirements first 2018-09-02 13:01:37 +02:00
usl-mm-bionic-upgrade Merge branch 'master' of ssh://git.my-web.xyz:2222/milan/usl-mm 2021-07-22 15:46:22 +02:00
zfs-backup-mm-example-config example conf for zfs-backup-mm script and copy_containers is now compatible for instalations, where is my backup-script used 2020-05-17 11:05:28 +02:00

Features:

copy_containers -> script for easy bulk container migrate via SSH between instalations of usl-mm, is also possible use it in non-interactive mode with parameters in this order: container-name, destination-host, destination-port(optional)

zfs-backup-mm-example-config -> example config for zfs-backup-mm script, that backup all running containers, except those with "testing" or "deluge "in container name.

setup-usl-mm_install_requirements -> configure main and universe repo in sources.list, install dialog utility

usl-mm-bionic-upgrade -> replace current release codename with codename in first argument, upgrade LXD to 4.16 SNAP version, upgrade system, replace some lines in /root/onstart, reboot

setup-usl-mm ->

  1. Pre-reboot script -> install zfs-utils, change timezone to Prague, crypt swap partition with ecryptfs-utils, crypt some partition with dmcrypt to use with /var/lib/lxd and LXD ZFS storage, add some config to sysctl.conf, disable lxd service, delete everything in /var/lib/lxd/*, delete netplan, install ifupdown, configure bridged networking (you can put LXD container to your network simple by add br0 to container), create zpool with ashift=12, set compression=on on crypted zpool, configure zfs cache min 256MB max 1536MB, do dist-upgrade, create /root/onstart script to decrypt crypted parition with password and start lxd (you need start this script on every reboot), reboot

  2. Post-reboot script -> for sure, stop lxd service and delete everything in /var/lib/lxd/*, exec /root/onstart to decrypt partition and import zpool, configure LXD to use encrypted partition as storage, add some config to /root/.screenrc (for gnuscreen utility), install htop mc zfsnap smartmontools screen and pv

  3. Install uptrack-upgrade -> install ksplice tool for kernel live patching

Requirements:

Fresh installation of Ubuntu 18.04.1, swap partition and some paritition to crypted data

THE PROGRAM IS DISTRIBUTED IN THE HOPE THAT IT WILL BE USEFUL, BUT WITHOUT ANY WARRANTY. IT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW THE AUTHOR WILL BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.