rwx.work/sh
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

− 12-10-10

Browse source
This commit is contained in:
Marc Beninca 2023-12-29 16:12:58 +01:00
parent e6d6487010
commit 18fa2453ea
1 changed files with 0 additions and 182 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

182
bash/hetzner-rescue.sh
View file

@ -316,185 +316,3 @@ function hetzner-rescue-wipe-8-8-3-close {
umount '/media/crypt' \
&& cryptsetup luksClose 'crypt'
}
function hetzner-rescue-wipe-12-10-10-0 {
local device
local devices=(
'/dev/sdc'
'/dev/sda'
'/dev/sdb'
)
local members
local number
local passphrase
local unit='mib'
# read passphrase
echo -n 'PassPhrase: '
read -r -s passphrase
#
lsblk
echo -n 'WIPE' "${devices[@]}" '/?\ OR CANCEL /!\'
read
#
number=0
for device in "${devices[@]}" ; do
((number++))
echo ; echo "#${number}: ${device}"
#
parted "${device}" --script mktable gpt
#
parted "${device}" unit "${unit}" \
mkpart "crypt-${number}" 22359 9537535
#
parted "${device}" unit "${unit}" \
mkpart "boot-${number}" 513 22359
#
parted "${device}" unit "${unit}" \
mkpart "esp-${number}" 2 513
parted "${device}" set 3 esp on
#
parted "${device}" unit "${unit}" \
mkpart "bios-${number}" 1 2
parted "${device}" set 4 bios_grub on
done
#
parted "${device}" unit "${unit}" \
mkpart 'extra' 9537535 11444223
#
number=0
for device in "${devices[@]}" ; do
((number++))
echo ; echo "#${number}: ${device}4"
# wipe bios
dd \
if='/dev/zero' of="${device}4"
done
#
number=0
for device in "${devices[@]}" ; do
((number++))
echo ; echo "#${number}: ${device}3"
# format esp
dd \
if='/dev/zero' of="${device}3" bs='1M'
mkfs.vfat -F 32 -n "esp-${number}" "${device}3"
done
#
number=0
for device in "${devices[@]}" ; do
((number++))
echo ; echo "#${number}: ${device}2"
# wipe boot
dd status='progress' \
if='/dev/zero' of="${device}2" bs='1G'
done
#
members=()
for device in "${devices[@]}" ; do
members+=("${device}2")
done
mdadm \
--create '/dev/md/boot' \
--name 'boot' \
--uuid '6234a0eb:29a3a847:1dbd5ec4:bada5579' \
--metadata 1 \
--level 0 \
--raid-devices ${#devices[@]} \
"${members[@]}"
#
number=0
for device in "${devices[@]}" ; do
((number++))
echo ; echo "#${number}: ${device}1"
# wipe crypt head
dd status='progress' \
if='/dev/zero' of="${device}1" bs='1G' count=1
done
#
members=()
for device in "${devices[@]}" ; do
members+=("${device}1")
done
mdadm \
--create '/dev/md/crypt' \
--name 'crypt' \
--uuid '006234a0:eb29a3a8:471dbd5e:c4bada55' \
--metadata 1 \
--level 0 \
--raid-devices ${#devices[@]} \
"${members[@]}"
# format boot
mkfs.ext4 \
-F \
-L 'boot' \
-U '6234a0eb-29a3-a847-1dbd-5ec4bada5579' \
'/dev/md/boot'
# encrypt
echo "${passphrase}" \
| cryptsetup \
--verbose \
--batch-mode \
--type 'luks2' \
--pbkdf 'argon2id' \
--cipher 'aes-xts-plain64' \
--iter-time 8192 \
--key-size 512 \
--hash 'sha512' \
--use-random \
luksFormat \
'/dev/md/crypt'
# open
echo "${passphrase}" \
| cryptsetup luksOpen '/dev/md/crypt' 'crypt'
# wipe crypt
dd status='progress' \
if='/dev/zero' of='/dev/mapper/crypt' bs='16G'
}
function hetzner-rescue-wipe-12-10-10-1 {
local passphrase
# close
cryptsetup luksClose 'crypt'
# read passphrase
echo -n 'PassPhrase: '
read -r -s passphrase
# encrypt
echo "${passphrase}" \
| cryptsetup \
--verbose \
--batch-mode \
--type 'luks2' \
--pbkdf 'argon2id' \
--cipher 'aes-xts-plain64' \
--iter-time 8192 \
--key-size 512 \
--hash 'sha512' \
--use-random \
luksFormat \
'/dev/md/crypt'
# open
echo "${passphrase}" \
| cryptsetup luksOpen '/dev/md/crypt' 'crypt'
# pv
pvcreate '/dev/mapper/crypt'
# vg
vgcreate 'crypt' '/dev/mapper/crypt'
# lv swap
lvcreate --name 'swap' --size '137438953472b' 'crypt'
# lv data
lvcreate --name 'data' --extents '100%FREE' 'crypt'
# format swap
mkswap \
--label 'swap' \
-U '06234a0e-b29a-3a84-71db-d5ec4bada557' \
'/dev/mapper/crypt-swap'
# format data
mkfs.ext4 \
-L 'data' \
-U '006234a0-eb29-a3a8-471d-bd5ec4bada55' \
'/dev/mapper/crypt-data'
# vg off
vgchange --activate n 'crypt'
# close
cryptsetup luksClose 'crypt'
}