Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "User:Ben/FuntooServer UEFI LUKS RAID1"

From Funtoo
Jump to navigation Jump to search
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
This is a quick write up on how I installed an encrypted Funtoo Server on my OVH Server
This is a quick write up on how I installed an encrypted Funtoo Server on my OVH Server
{{warning|You may try this installation method at your own risk! Please note: this guide is outside of the official installation documentation and cannot be supported. If you choose to use this, we assume you know what you are doing and you are on your own.}}


== Special Thanks To: ==
== Special Thanks To: ==
Line 6: Line 9:


== Open TODOs ==
== Open TODOs ==
* second raid for /home will currently not be mounted automatically.
* storage raid will currently not be decrypted and mounted automatically.


== Assumptions ==
== Assumptions ==


You will have an Ryzen/Epyc Server with:
You will have an Ryzen or Epyc Server with:
* 2x NVMe SSDs
* 2x NVMe SSDs
* 2+ Storage Disks
* 2+ Storage Disks
* IPMI or remote KVM access when the server boots
* a running Linux installation on one of the storage disks
== Target Setup ==
{{console|body=
NAME            MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
sda              8:0    0  3.6T  0 disk 
└─sda1            8:1    0  3.6T  0 part 
  └─md127        9:127  0  3.6T  0 raid1
    └─home      254:3    0  3.6T  0 crypt /home
sdb              8:16  0  3.6T  0 disk 
└─sdb1            8:17  0  3.6T  0 part 
  └─md127        9:127  0  3.6T  0 raid1
    └─home      254:3    0  3.6T  0 crypt /home
nvme1n1        259:0    0 894.3G  0 disk 
├─nvme1n1p1    259:1    0  512M  0 part 
└─nvme1n1p2    259:2    0 893.8G  0 part 
  └─md126        9:126  0 893.6G  0 raid1
    └─root      254:0    0 893.6G  0 crypt
      ├─vg-swap 254:1    0    64G  0 lvm  [SWAP]
      └─vg-root 254:2    0 829.6G  0 lvm  /
nvme0n1        259:3    0 894.3G  0 disk 
├─nvme0n1p1    259:4    0  512M  0 part 
└─nvme0n1p2    259:5    0 893.8G  0 part 
  └─md126        9:126  0 893.6G  0 raid1
    └─root      254:0    0 893.6G  0 crypt
      ├─vg-swap 254:1    0    64G  0 lvm  [SWAP]
      └─vg-root 254:2    0 829.6G  0 lvm  /
}}
== Getting Started ==
First we need to ssh into our temporary Linux system that we will use to install our FuntooServer. In my case I used the management interface from OVH to install an Ubuntu 20.04 Server on <code>/dev/sda</code>
After we ssh'ed into our Server we can start with preparing the funtoo boot raid.
{{console|body=
# gdisk /dev/nvme0n1
[...]
Command (? for help): o
This option deletes all partitions and creates a new protective MBR.
Proceed? (Y/N): y
[...]
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-167772126, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-167772126, default = 167772126) or {+-}size{KMGTP}: +512M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): EF00
[...]
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-167772126, default = 1050624) or {+-}size{KMGTP}:
Last sector (1050624-167772126, default = 167772126) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300):
[...]
Command (? for help): w
[...]
Do you want to proceed? (Y/N): Y
}}
As the disks are the same size we can just copy the partition table
{{console|body=
# sgdisk -R /dev/nvme1n1 /dev/nvme0n1
The operation has completed successfully.
# sgdisk -G /dev/nvme1n1
The operation has completed successfully.
}}

Latest revision as of 14:58, July 30, 2021

This is a quick write up on how I installed an encrypted Funtoo Server on my OVH Server


   Warning

You may try this installation method at your own risk! Please note: this guide is outside of the official installation documentation and cannot be supported. If you choose to use this, we assume you know what you are doing and you are on your own.

Special Thanks To:

Open TODOs

  • storage raid will currently not be decrypted and mounted automatically.

Assumptions

You will have an Ryzen or Epyc Server with:

  • 2x NVMe SSDs
  • 2+ Storage Disks
  • IPMI or remote KVM access when the server boots
  • a running Linux installation on one of the storage disks

Target Setup

NAME            MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda               8:0    0   3.6T  0 disk  
└─sda1            8:1    0   3.6T  0 part  
  └─md127         9:127  0   3.6T  0 raid1 
    └─home      254:3    0   3.6T  0 crypt /home
sdb               8:16   0   3.6T  0 disk  
└─sdb1            8:17   0   3.6T  0 part  
  └─md127         9:127  0   3.6T  0 raid1 
    └─home      254:3    0   3.6T  0 crypt /home
nvme1n1         259:0    0 894.3G  0 disk  
├─nvme1n1p1     259:1    0   512M  0 part  
└─nvme1n1p2     259:2    0 893.8G  0 part  
  └─md126         9:126  0 893.6G  0 raid1 
    └─root      254:0    0 893.6G  0 crypt 
      ├─vg-swap 254:1    0    64G  0 lvm   [SWAP]
      └─vg-root 254:2    0 829.6G  0 lvm   /
nvme0n1         259:3    0 894.3G  0 disk  
├─nvme0n1p1     259:4    0   512M  0 part  
└─nvme0n1p2     259:5    0 893.8G  0 part  
  └─md126         9:126  0 893.6G  0 raid1 
    └─root      254:0    0 893.6G  0 crypt 
      ├─vg-swap 254:1    0    64G  0 lvm   [SWAP]
      └─vg-root 254:2    0 829.6G  0 lvm   /

Getting Started

First we need to ssh into our temporary Linux system that we will use to install our FuntooServer. In my case I used the management interface from OVH to install an Ubuntu 20.04 Server on /dev/sda

After we ssh'ed into our Server we can start with preparing the funtoo boot raid.

root # gdisk /dev/nvme0n1
[...]
Command (? for help): o
This option deletes all partitions and creates a new protective MBR.
Proceed? (Y/N): y
[...]
Command (? for help): n
Partition number (1-128, default 1): 
First sector (34-167772126, default = 2048) or {+-}size{KMGTP}: 
Last sector (2048-167772126, default = 167772126) or {+-}size{KMGTP}: +512M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): EF00
[...]
Command (? for help): n
Partition number (2-128, default 2): 
First sector (34-167772126, default = 1050624) or {+-}size{KMGTP}: 
Last sector (1050624-167772126, default = 167772126) or {+-}size{KMGTP}: 
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 
[...]
Command (? for help): w
[...]
Do you want to proceed? (Y/N): Y

As the disks are the same size we can just copy the partition table

root # sgdisk -R /dev/nvme1n1 /dev/nvme0n1
The operation has completed successfully.
root # sgdisk -G /dev/nvme1n1
The operation has completed successfully.