rescue_wipe_0_init_hetzner_8_8() { local device local devices=( "/dev/sda" "/dev/sdb" ) local members local number local passphrase local unit="mib" # read passphrase passphrase="$(read_passphrase)" # lsblk echo -n "WIPE" "${devices[@]}" "/?\\ OR CANCEL /!\\" read -r # number=0 for device in "${devices[@]}"; do ((number++)) echo echo "#${number}: ${device}" # parted "${device}" \ --script \ mktable gpt # parted "${device}" \ unit "${unit}" \ mkpart "crypt-${number}" 33282 7630885 # parted "${device}" \ unit "${unit}" \ mkpart "boot-${number}" 514 33282 # parted "${device}" \ unit "${unit}" \ mkpart "esp-${number}" 2 514 parted "${device}" \ set 3 esp on # parted "${device}" \ unit "${unit}" \ mkpart "bios-${number}" 1 2 parted "${device}" \ set 4 bios_grub on done # number=0 for device in "${devices[@]}"; do ((number++)) echo echo "#${number}: ${device}4" # wipe bios dd \ if="/dev/zero" of="${device}4" done # number=0 for device in "${devices[@]}"; do ((number++)) echo echo "#${number}: ${device}3" # format esp dd \ if="/dev/zero" of="${device}3" bs="1M" mkfs.vfat \ -F 32 \ -S 4096 \ -i "0000000${number}" \ -n "esp-${number}" \ "${device}3" # mount esp mkdir --parents "/media/esp/${number}" mount "${device}3" "/media/esp/${number}" done # number=0 for device in "${devices[@]}"; do ((number++)) echo echo "#${number}: ${device}2" # wipe boot dd status="progress" \ if="/dev/zero" of="${device}2" bs="1G" count=1 done # members=() for device in "${devices[@]}"; do members+=("${device}2") done mdadm \ --create "/dev/md/boot" \ --level 0 \ --metadata 1 \ --name "md:boot" \ --raid-devices ${#devices[@]} \ --uuid "00000000:00000000:00000000:00000002" \ "${members[@]}" # mkfs.btrfs --force \ --checksum "sha256" \ --label "boot" \ --uuid "00000000-0000-0000-0000-00000000000b" \ "/dev/md/boot" # mount boot mkdir --parents "/media/boot" mount \ --options "autodefrag,compress-force=zstd" \ "/dev/md/boot" "/media/boot" # number=0 for device in "${devices[@]}"; do ((number++)) echo echo "#${number}: ${device}1" # wipe crypt head dd status="progress" \ if="/dev/zero" of="${device}1" bs="1G" count=1 done # members=() for device in "${devices[@]}"; do members+=("${device}1") done mdadm \ --create "/dev/md/crypt" \ --level 0 \ --metadata 1 \ --name "md:crypt" \ --raid-devices ${#devices[@]} \ --uuid "00000000:00000000:00000000:00000001" \ "${members[@]}" # encrypt echo "${passphrase}" | cryptsetup \ --verbose \ --batch-mode \ --type "luks2" \ --pbkdf "argon2id" \ --cipher "aes-xts-plain64" \ --iter-time 8192 \ --key-size 512 \ --hash "sha512" \ --use-random \ luksFormat \ "/dev/md/crypt" # open echo "${passphrase}" | cryptsetup luksOpen "/dev/md/crypt" "crypt" # passphrase unset passphrase } rescue_wipe_2_make_hetzner_8_8() { local passphrase # close cryptsetup luksClose "crypt" # read passphrase passphrase="$(read_passphrase)" # encrypt echo "${passphrase}" | cryptsetup \ --verbose \ --batch-mode \ --type "luks2" \ --pbkdf "argon2id" \ --cipher "aes-xts-plain64" \ --iter-time 8192 \ --key-size 512 \ --hash "sha512" \ --use-random \ luksFormat \ "/dev/md/crypt" # open echo "${passphrase}" | cryptsetup luksOpen "/dev/md/crypt" "crypt" # passphrase unset passphrase # format crypt mkfs.btrfs --force \ --checksum "sha256" \ --label "crypt" \ --uuid "00000000-0000-0000-0000-00000000000c" \ "/dev/mapper/crypt" # mount crypt mkdir --parents "/media/crypt" mount \ --options "autodefrag,compress-force=zstd" \ "/dev/mapper/crypt" "/media/crypt" # make swap file btrfs filesystem mkswapfile \ --size "64g" \ --uuid "00000000-0000-0000-0000-000000000005" \ "/media/crypt/swap" }