diff --git a/bash/hetzner-rescue.sh b/bash/hetzner-rescue.sh index 58b695e..c6c4fe5 100644 --- a/bash/hetzner-rescue.sh +++ b/bash/hetzner-rescue.sh @@ -316,185 +316,3 @@ function hetzner-rescue-wipe-8-8-3-close { umount '/media/crypt' \ && cryptsetup luksClose 'crypt' } - -function hetzner-rescue-wipe-12-10-10-0 { - local device - local devices=( - '/dev/sdc' - '/dev/sda' - '/dev/sdb' - ) - local members - local number - local passphrase - local unit='mib' - # read passphrase - echo -n 'PassPhrase: ' - read -r -s passphrase - # - lsblk - echo -n 'WIPE' "${devices[@]}" '/?\ OR CANCEL /!\' - read - # - number=0 - for device in "${devices[@]}" ; do - ((number++)) - echo ; echo "#${number}: ${device}" - # - parted "${device}" --script mktable gpt - # - parted "${device}" unit "${unit}" \ - mkpart "crypt-${number}" 22359 9537535 - # - parted "${device}" unit "${unit}" \ - mkpart "boot-${number}" 513 22359 - # - parted "${device}" unit "${unit}" \ - mkpart "esp-${number}" 2 513 - parted "${device}" set 3 esp on - # - parted "${device}" unit "${unit}" \ - mkpart "bios-${number}" 1 2 - parted "${device}" set 4 bios_grub on - done - # - parted "${device}" unit "${unit}" \ - mkpart 'extra' 9537535 11444223 - # - number=0 - for device in "${devices[@]}" ; do - ((number++)) - echo ; echo "#${number}: ${device}4" - # wipe bios - dd \ - if='/dev/zero' of="${device}4" - done - # - number=0 - for device in "${devices[@]}" ; do - ((number++)) - echo ; echo "#${number}: ${device}3" - # format esp - dd \ - if='/dev/zero' of="${device}3" bs='1M' - mkfs.vfat -F 32 -n "esp-${number}" "${device}3" - done - # - number=0 - for device in "${devices[@]}" ; do - ((number++)) - echo ; echo "#${number}: ${device}2" - # wipe boot - dd status='progress' \ - if='/dev/zero' of="${device}2" bs='1G' - done - # - members=() - for device in "${devices[@]}" ; do - members+=("${device}2") - done - mdadm \ - --create '/dev/md/boot' \ - --name 'boot' \ - --uuid '6234a0eb:29a3a847:1dbd5ec4:bada5579' \ - --metadata 1 \ - --level 0 \ - --raid-devices ${#devices[@]} \ - "${members[@]}" - # - number=0 - for device in "${devices[@]}" ; do - ((number++)) - echo ; echo "#${number}: ${device}1" - # wipe crypt head - dd status='progress' \ - if='/dev/zero' of="${device}1" bs='1G' count=1 - done - # - members=() - for device in "${devices[@]}" ; do - members+=("${device}1") - done - mdadm \ - --create '/dev/md/crypt' \ - --name 'crypt' \ - --uuid '006234a0:eb29a3a8:471dbd5e:c4bada55' \ - --metadata 1 \ - --level 0 \ - --raid-devices ${#devices[@]} \ - "${members[@]}" - # format boot - mkfs.ext4 \ - -F \ - -L 'boot' \ - -U '6234a0eb-29a3-a847-1dbd-5ec4bada5579' \ - '/dev/md/boot' - # encrypt - echo "${passphrase}" \ - | cryptsetup \ - --verbose \ - --batch-mode \ - --type 'luks2' \ - --pbkdf 'argon2id' \ - --cipher 'aes-xts-plain64' \ - --iter-time 8192 \ - --key-size 512 \ - --hash 'sha512' \ - --use-random \ - luksFormat \ - '/dev/md/crypt' - # open - echo "${passphrase}" \ - | cryptsetup luksOpen '/dev/md/crypt' 'crypt' - # wipe crypt - dd status='progress' \ - if='/dev/zero' of='/dev/mapper/crypt' bs='16G' -} - -function hetzner-rescue-wipe-12-10-10-1 { - local passphrase - # close - cryptsetup luksClose 'crypt' - # read passphrase - echo -n 'PassPhrase: ' - read -r -s passphrase - # encrypt - echo "${passphrase}" \ - | cryptsetup \ - --verbose \ - --batch-mode \ - --type 'luks2' \ - --pbkdf 'argon2id' \ - --cipher 'aes-xts-plain64' \ - --iter-time 8192 \ - --key-size 512 \ - --hash 'sha512' \ - --use-random \ - luksFormat \ - '/dev/md/crypt' - # open - echo "${passphrase}" \ - | cryptsetup luksOpen '/dev/md/crypt' 'crypt' - # pv - pvcreate '/dev/mapper/crypt' - # vg - vgcreate 'crypt' '/dev/mapper/crypt' - # lv swap - lvcreate --name 'swap' --size '137438953472b' 'crypt' - # lv data - lvcreate --name 'data' --extents '100%FREE' 'crypt' - # format swap - mkswap \ - --label 'swap' \ - -U '06234a0e-b29a-3a84-71db-d5ec4bada557' \ - '/dev/mapper/crypt-swap' - # format data - mkfs.ext4 \ - -L 'data' \ - -U '006234a0-eb29-a3a8-471d-bd5ec4bada55' \ - '/dev/mapper/crypt-data' - # vg off - vgchange --activate n 'crypt' - # close - cryptsetup luksClose 'crypt' -}