function ovh-rescue-setup { local packages=( 'byobu' 'mosh' ) # apt / conf echo -n "\ Acquire::AllowInsecureRepositories False; Acquire::AllowWeakRepositories False; Acquire::AllowDowngradeToInsecureRepositories False; Acquire::Check-Valid-Until True; APT::Install-Recommends False; APT::Install-Suggests False; APT::Get::Show-Versions True; Dir::Etc::SourceParts ''; Dpkg::Progress True; " > '/etc/apt/apt.conf' # apt / sources echo -n "\ deb https://deb.debian.org/debian buster main contrib non-free deb https://deb.debian.org/debian buster-backports main contrib non-free deb https://deb.debian.org/debian buster-updates main contrib non-free deb https://deb.debian.org/debian-security buster/updates main contrib non-free " > '/etc/apt/sources.list' # bash / rc main_link_bashrc # host name hostname 'ovh' # locales echo -n "\ en_US.UTF-8 UTF-8 fr_FR.UTF-8 UTF-8 " > '/etc/locale.gen' # fix alias rm --force '/usr/share/locale/locale.alias' ln --symbolic '/etc/locale.alias' '/usr/share/locale/locale.alias' # generate locales locale-gen # update catalog apt-get update # debian_disable_frontend # install packages apt-get install --assume-yes "${packages[@]}" } function ovh-rescue-install { local release='buster' local packages=( # installed 'parted' 'mdadm' 'lvm2' # install 'lshw' 'file' 'micro' 'grub-efi-amd64-bin' 'grub-pc-bin' 'htop' 'iotop' 'lsof' 'exa' 'ncdu' 'nnn' 'ranger' 'tree' 'squashfs-tools' 'uuid-runtime' ) local backports=( # installed 'cryptsetup-bin' 'rsync' # install 'git' ) # update catalog apt-get update # debian_disable_frontend # upgrade packages apt-get upgrade --assume-yes # install packages apt-get install --assume-yes "${packages[@]}" # install backports apt-get install --assume-yes \ --target-release "${release}-backports" "${backports[@]}" # clean cache apt-get clean } function ovh-rescue-upload { local host="${1}" if [ "${host}" ] ; then local user='root' # local user_host="${user}@${host}" # remove fingerprints ssh-keygen -R "${host}" # copy ssh id ssh-copy-id \ -o 'StrictHostKeyChecking=accept-new' \ "${user_host}" # upload root rsync --delete --recursive "${MAIN_BASH_ROOT}/" "${user_host}:/etc/bash/" # call setup # TODO variable ssh "${user_host}" -- "source '/etc/bash/main.sh' ; ovh-rescue-setup" # create session ssh "${user_host}" -- byobu new-session -d # send keys ssh "${user_host}" -- byobu send-keys 'ovh-rescue-install' 'C-m' # attach session mosh "${user_host}" -- byobu attach-session else echo 'Host?' return 1 fi } function ovh-rescue-wipe-1-2TB { local device='/dev/sda' local unit='mib' # lsblk echo -n 'WIPE' "${device}" '/?\ OR CANCEL /!\' read # parted "${device}" --script mktable gpt # parted "${device}" unit "${unit}" mkpart 'crypt' 65795 1907729 # parted "${device}" unit "${unit}" mkpart 'boot' 259 65795 # parted "${device}" unit "${unit}" mkpart 'esp' 2 259 parted "${device}" set 3 esp on # parted "${device}" unit "${unit}" mkpart bios 1 2 parted "${device}" set 4 bios_grub on # wipe bios dd if='/dev/zero' of='/dev/sda4' # format esp mkfs.vfat -F 32 -n 'esp' '/dev/sda3' # format boot mkfs.ext4 -F -L 'boot' '/dev/sda2' # read passphrase local passphrase echo -n 'PassPhrase: ' read -r -s passphrase # encrypt echo "${passphrase}" \ | cryptsetup \ --verbose \ --batch-mode \ --type 'luks2' \ --pbkdf 'argon2id' \ --cipher 'aes-xts-plain64' \ --iter-time 8192 \ --key-size 512 \ --hash 'sha512' \ --use-random \ luksFormat \ '/dev/sda1' # open echo "${passphrase}" \ | cryptsetup luksOpen '/dev/sda1' 'crypt' # pv pvcreate '/dev/mapper/crypt' # vg vgcreate 'crypt' '/dev/mapper/crypt' # lv swap lvcreate --name 'swap' --size '68719476736b' 'crypt' # lv data lvcreate --name 'data' --extents '100%FREE' 'crypt' # format swap mkswap --label 'swap' '/dev/mapper/crypt-swap' # format data mkfs.ext4 -L 'data' '/dev/mapper/crypt-data' # vg off vgchange --activate n 'crypt' # close cryptsetup luksClose 'crypt' }