config/r815/SETUP

92 lines
2.7 KiB
Plaintext
Raw Permalink Normal View History

2020-06-01 16:40:56 +00:00
UEFI boot does not work, so use legacy boot.
Installed with ubuntu-20.04-live-server-amd64.iso
ssh-copy-id
2020-07-11 18:38:30 +00:00
mkdir privat
cd privat
2020-06-12 14:24:10 +00:00
git clone 192.168.1.129:privat/config
2020-07-11 18:38:30 +00:00
cp config/ubuntu-20.04/home/.* ~/
2020-06-12 14:24:10 +00:00
sudo cp config/ubuntu-20.04/home/.* /root
bash config/ubuntu-20.04/packages
2020-11-29 00:22:28 +00:00
sudo cp -a ubuntu-20.04/etc/ /
2020-06-12 14:24:10 +00:00
add_swap() {
truncate -s 16T /data/swapfile
mkswap swapfile
mkswap -L swap1 /dev/sdc
mkswap -L swap2 /dev/sdd
mkswap -L swap3 /dev/sde
2020-11-29 00:22:28 +00:00
mkswap -L swap4 /dev/sdc1
2020-06-12 14:24:10 +00:00
cat >> /etc/fstab <<_EOF
LABEL=swap1 none swap sw,pri=4 0 0
LABEL=swap2 none swap sw,pri=4 0 0
LABEL=swap3 none swap sw,pri=4 0 0
2020-11-29 00:22:28 +00:00
LABEL=swap4 none swap sw,pri=4 0 0
2020-06-12 14:24:10 +00:00
_EOF
}
2020-06-01 16:40:56 +00:00
LVM_extend_to_full_disk() {
2020-11-29 00:22:28 +00:00
while lvextend -L +10G /dev/ubuntu-vg/ubuntu-lv; do
true
done
2020-06-01 16:40:56 +00:00
resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv
}
Change_LUKS_password_to_USB_cryptkey() {
echo oldpassword:; read oldpassword
echo secretpassword:; read secretpassword
echo newpassword:; read newpassword </mnt/cryptkey.txt
echo "$oldpassword $secretpassword $newpassword"
DISK=/dev/disk/by-path/pci-0000:05:00.0-scsi-0:2:1:0
# Add secretpassword to keyslot 2 (this will be slow to decrypt)
(echo "$oldpassword"; echo "$secretpassword") |
cryptsetup -y -v luksAddKey \
--pbkdf-parallel 1 \
--pbkdf-memory 4000000 --pbkdf argon2id --iter-time 40000 \
${DISK}-part3
# Remove oldpassword from keyslot 1
(echo "$oldpassword") |
cryptsetup -y -v luksRemoveKey ${DISK}-part3
# Add newpassword to keyslot 1 (this will be fast to decrypt)
(echo "$secretpassword"; echo "$newpassword") |
cryptsetup -y -v luksAddKey \
--pbkdf-parallel 1 \
--pbkdf-memory 100000 --pbkdf argon2id --iter-time 1000 \
${DISK}-part3
# Check that slot 0 and 1 are in use
cryptsetup luksDump ${DISK}-part3
2020-07-11 18:38:30 +00:00
cryptsetup config --priority prefer --key-slot 0 ${DISK}-part3
2020-06-01 16:40:56 +00:00
# This should be fast
(echo "$newpassword"; echo "dummy") |
cryptsetup -y -v luksAddKey \
--pbkdf-parallel 1 \
--pbkdf-memory 100000 --pbkdf argon2id --iter-time 1000 \
${DISK}-part3
# This is still slow
(echo "dummy") |
cryptsetup -y -v luksRemoveKey ${DISK}-part3
}
autodecrypt() {
2020-07-11 18:38:30 +00:00
cd ~tange/privat/config/ubuntu-20.04/
2020-06-01 16:40:56 +00:00
cp usr/share/initramfs-tools/scripts/local-top/cryptroot /usr/share/initramfs-tools/scripts/local-top/cryptroot
update-initramfs -u -k all
}
2020-07-11 18:38:30 +00:00
autofs() {
perl -i.bak -pe 's:#/net:/nfs:' /etc/auto.master
ln -s /nfs/hpdisk/data /data
service autofs restart
ls /data
}