depenguin-me / depenguin-run Goto Github PK
View Code? Open in Web Editor NEWInstaller script for mfsBSD image to install FreeBSD 14.0 with zfs-on-root using qemu
License: MIT License
Installer script for mfsBSD image to install FreeBSD 14.0 with zfs-on-root using qemu
License: MIT License
ada0 and ada1
2 x 960 GB NVMe SSD Datacenter Edition
https://www.hetzner.com/dedicated-rootserver/px62-nvme
Now that 13.2 is EoL, it would be great if we could get a 13.3 ISO (as installing 13.2 and then upgrading is not a real option anymore). Prettyplease? ;)
Test request: IONOS Dedicated Servers
Most options have 2 SATA disks.
https://www.ionos.com/servers/dedicated-servers
recovery console info, linux-based
https://www.ionos.com/help/server-cloud-infrastructure/server-administration-dedicated-servers/booting-the-dedicated-server-to-the-linux-rescue-system/
older recovery console info, linux-based
https://www.ionos.com/help/server-cloud-infrastructure/dedicated-server-for-servers-purchased-before-102818/rescue-and-recovery/working-with-the-linux-rescue-system/
outline for an ansible playbook which can provision a host, from rescue system to end server:
doing this requires multiple stages with different usernames, and removing ssh host keys at steps:
root@ip
, get script from site, run itmfsbsd@ip
root@ip
, cancel qemu, rebootuser@ip
for post-install setupIdeally a drop-in role for other ansible playbooks?
Test request: Servers.com Dell Servers
https://www.servers.com/products/dedicated-servers/
Cheapest have 2 drives. This is a premium price service provider.
Recovery console is "DMGMTSrvInit 1.0 x86_64 [based on CentOS 6 x86_64]"
mentions Dell OpenManage Deployment Toolkit
https://www.servers.com/support/knowledge/dedicated-servers/how-to-restore-a-dedicated-server-using-rescue-mode
Test request: Leaseweb Dedicated Servers
https://www.leaseweb.com/dedicated-servers
Most options are dual drive.
They have a recovery console, with a FreeBSD image
https://kb.leaseweb.com/products/dedicated-server/starting-your-dedicated-server-in-rescue-mode
FreeBSD is listed as supported install image too
https://kb.leaseweb.com/products/dedicated-server/reinstalling-your-dedicated-server
Successful installation as follows:
wget https://depenguin.me/run.sh && chmod +x run.sh && ./run.sh KEYURL
error popped up, can safely ignore
./run.sh: line 277: kvm-ok: command not found
continue till script says ssh available, and connect via ssh on port 1022, change to root with sudo su -
and then run
zfsinstall -d ada0 -d ada1 -r mirror -s 4G -A -4 -c -p zroot
successful install ends with:
===============
Extracting FreeBSD distribution ... done
Writing /boot/loader.conf... done
Writing /etc/fstab...Writing /etc/rc.conf... done
Copying /boot/zfs/zpool.cache ... done
Installation complete.
The system will boot from ZFS with clean install on next reboot
You may make adjustments to the installed system using chroot:
chroot /mnt
Some adjustments may require a mounted devfs:
mount -t devfs devfs /mnt/dev
WARNING - Don't export ZFS pool "zroot"!
===============
However we have additional steps to do
cat /home/mfsbsd/.ssh/authorized_keys
*copy to clipboard*
root@mfsbsd:~ # chroot /mnt
pw groupadd <your user>
pw useradd -m -n <your user> -g <your user> -G wheel -h - -c "your name"
cd /home/<your user>
mkdir .ssh
cd .ssh
vi authorized_keys
*paste in keys copied to clipboard earlier*
chmod 600 authorized_keys
cd ..
chmod 700 .ssh
chown -R <your user>:<your user> .ssh
root@mfsbsd:/ # cat /etc/rc.conf
zfs_enable="YES"
vi /etc/rc.conf
hostname="yourhostname"
ifconfig_igb0_name="untrusted"
ifconfig_untrusted="up"
ifconfig_untrusted_ipv6="up"
ifconfig_untrusted_aliases="inet 1.2.3.4/32 inet6 1234::123:123:1234::2/64"
ipv6_activate_all_interfaces="YES"
static_routes="gateway default"
route_gateway="-host 6.7.8.9 -interface untrusted"
route_default="default 6.7.8.9"
ipv6_defaultrouter="fe80::1%untrusted"
sshd_enable="YES"
zfs_enable="YES"
*save and exit*
ctrl-d to exit chroot
back in rescue ssh session, control-c to exit, type reboot
.
wait a while, connect ssh youruser@yourip
there is no sudo
installed by default, but su -
works without password if steps above followed.
proceed with freebsd-update fetch
and freebsd-update install
and other steps.
It seems, depending on the debian version used for the rescue image, you need to install a different package. In the case of a OVH/Kimsufi KS-GAME-1, I needed to remove the "mkisofs:mkisofs"
from the DEPS
variable and installed xorriso
and genisoimage
packages by hand.
It looks like the OVH rescue-pro uses Debian Jessie, but I'm not very familiar with those things.
Specs:
FreeBSD support seems more likely in FreeBSD-14, however the script should work provided that:
System will fail to boot correctly otherwise.
Test request: Scaleway Dedibox
https://www.scaleway.com/en/dedibox/
Most options have only a single disk according to docs screenshots, indeterminate otherwise.
"Currently we offer three different types of rescue mode:
- An Ubuntu distribution
- A Windows PE distribution
- A FreeBSD distribution"
https://www.scaleway.com/en/docs/dedibox/dedicated-servers/how-to/use-rescue-mode/
Wide OS support including FreeBSD
https://www.scaleway.com/en/dedibox/operating-systems/
The current OVH rescue system is based on Debian 10 and it needs the ovmf
package to be installed in order for qemu to run properly
It's not known how the script works with ipv6-only instances. ipv4 addresses are an addon now.
There is a corresponding issue here
depenguin-me/depenguin-builder#2
The source post links to a statically compiled qemu binary at
there is also a copy at
This binary is QEMU 2.2.0, the current version is 7.0.0, dated Apr 19th 2022
.
The command line parameters are:
QEMU emulator version 2.2.0, Copyright (c) 2003-2008 Fabrice Bellard
usage: qemu-system-x86_64 [options] [disk_image]
'disk_image' is a raw hard disk image for IDE hard disk 0
Standard options:
-h or -help display this help and exit
-version display version information and exit
-machine [type=]name[,prop[=value][,...]]
selects emulated machine ('-machine help' for list)
property accel=accel1[:accel2[:...]] selects accelerator
supported accelerators are kvm, xen, tcg (default: tcg)
kernel_irqchip=on|off controls accelerated irqchip support
vmport=on|off|auto controls emulation of vmport (default: auto)
kvm_shadow_mem=size of KVM shadow MMU
dump-guest-core=on|off include guest memory in a core dump (default=on)
mem-merge=on|off controls memory merge support (default: on)
iommu=on|off controls emulated Intel IOMMU (VT-d) support (default=off)
-cpu cpu select CPU ('-cpu help' for list)
-smp [cpus=]n[,maxcpus=cpus][,cores=cores][,threads=threads][,sockets=sockets]
set the number of CPUs to 'n' [default=1]
maxcpus= maximum number of total cpus, including
offline CPUs for hotplug, etc
cores= number of CPU cores on one socket
threads= number of threads on one CPU core
sockets= number of discrete sockets in the system
-numa node[,mem=size][,cpus=cpu[-cpu]][,nodeid=node]
-numa node[,memdev=id][,cpus=cpu[-cpu]][,nodeid=node]
-add-fd fd=fd,set=set[,opaque=opaque]
Add 'fd' to fd 'set'
-set group.id.arg=value
set <arg> parameter for item <id> of type <group>
i.e. -set drive.$id.file=/path/to/image
-global driver.prop=value
set a global default for a driver property
-boot [order=drives][,once=drives][,menu=on|off]
[,splash=sp_name][,splash-time=sp_time][,reboot-timeout=rb_time][,strict=on|off]
'drives': floppy (a), hard disk (c), CD-ROM (d), network (n)
'sp_name': the file's name that would be passed to bios as logo picture, if menu=on
'sp_time': the period that splash picture last if menu=on, unit is ms
'rb_timeout': the timeout before guest reboot when boot failed, unit is ms
-m[emory] [size=]megs[,slots=n,maxmem=size]
configure guest RAM
size: initial amount of guest memory (default: 128MiB)
slots: number of hotplug slots (default: none)
maxmem: maximum amount of guest memory (default: none)
NOTE: Some architectures might enforce a specific granularity
-mem-path FILE provide backing storage for guest RAM
-mem-prealloc preallocate guest memory (use with -mem-path)
-k language use keyboard layout (for example 'fr' for French)
-audio-help print list of audio drivers and their options
-soundhw c1,... enable audio support
and only specified sound cards (comma separated list)
use '-soundhw help' to get the list of supported cards
use '-soundhw all' to enable all of them
-balloon none disable balloon device
-balloon virtio[,addr=str]
enable virtio balloon device (default)
-device driver[,prop[=value][,...]]
add device (based on driver)
prop=value,... sets driver properties
use '-device help' to print all possible drivers
use '-device driver,help' to print all possible properties
-name string1[,process=string2][,debug-threads=on|off]
set the name of the guest
string1 sets the window title and string2 the process name (on Linux)
When debug-threads is enabled, individual threads are given a separate name (on Linux)
NOTE: The thread names are for debugging and not a stable API.
-uuid %08x-%04x-%04x-%04x-%012x
specify machine UUID
Block device options:
-fda/-fdb file use 'file' as floppy disk 0/1 image
-hda/-hdb file use 'file' as IDE hard disk 0/1 image
-hdc/-hdd file use 'file' as IDE hard disk 2/3 image
-cdrom file use 'file' as IDE cdrom image (cdrom is ide1 master)
-drive [file=file][,if=type][,bus=n][,unit=m][,media=d][,index=i]
[,cyls=c,heads=h,secs=s[,trans=t]][,snapshot=on|off]
[,cache=writethrough|writeback|none|directsync|unsafe][,format=f]
[,serial=s][,addr=A][,rerror=ignore|stop|report]
[,werror=ignore|stop|report|enospc][,id=name][,aio=threads|native]
[,readonly=on|off][,copy-on-read=on|off]
[,discard=ignore|unmap][,detect-zeroes=on|off|unmap]
[[,bps=b]|[[,bps_rd=r][,bps_wr=w]]]
[[,iops=i]|[[,iops_rd=r][,iops_wr=w]]]
[[,bps_max=bm]|[[,bps_rd_max=rm][,bps_wr_max=wm]]]
[[,iops_max=im]|[[,iops_rd_max=irm][,iops_wr_max=iwm]]]
[[,iops_size=is]]
use 'file' as a drive image
-mtdblock file use 'file' as on-board Flash memory image
-sd file use 'file' as SecureDigital card image
-pflash file use 'file' as a parallel flash image
-snapshot write to temporary files instead of disk image files
-hdachs c,h,s[,t]
force hard disk 0 physical geometry and the optional BIOS
translation (t=none or lba) (usually QEMU can guess them)
-fsdev fsdriver,id=id[,path=path,][security_model={mapped-xattr|mapped-file|passthrough|none}]
[,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]
-virtfs local,path=path,mount_tag=tag,security_model=[mapped-xattr|mapped-file|passthrough|none]
[,writeout=immediate][,readonly][,socket=socket|sock_fd=sock_fd]
-virtfs_synth Create synthetic file system image
USB options:
-usb enable the USB driver (will be the default soon)
-usbdevice name add the host or guest USB device 'name'
Display options:
-display sdl[,frame=on|off][,alt_grab=on|off][,ctrl_grab=on|off]
[,window_close=on|off]|curses|none|
gtk[,grab_on_hover=on|off]|
vnc=<display>[,<optargs>]
select display type
-nographic disable graphical output and redirect serial I/Os to console
-curses use a curses/ncurses interface instead of SDL
-no-frame open SDL window without a frame and window decorations
-alt-grab use Ctrl-Alt-Shift to grab mouse (instead of Ctrl-Alt)
-ctrl-grab use Right-Ctrl to grab mouse (instead of Ctrl-Alt)
-no-quit disable SDL window close capability
-sdl enable SDL
-spice [port=port][,tls-port=secured-port][,x509-dir=<dir>]
[,x509-key-file=<file>][,x509-key-password=<file>]
[,x509-cert-file=<file>][,x509-cacert-file=<file>]
[,x509-dh-key-file=<file>][,addr=addr][,ipv4|ipv6]
[,tls-ciphers=<list>]
[,tls-channel=[main|display|cursor|inputs|record|playback]]
[,plaintext-channel=[main|display|cursor|inputs|record|playback]]
[,sasl][,password=<secret>][,disable-ticketing]
[,image-compression=[auto_glz|auto_lz|quic|glz|lz|off]]
[,jpeg-wan-compression=[auto|never|always]]
[,zlib-glz-wan-compression=[auto|never|always]]
[,streaming-video=[off|all|filter]][,disable-copy-paste]
[,disable-agent-file-xfer][,agent-mouse=[on|off]]
[,playback-compression=[on|off]][,seamless-migration=[on|off]]
enable spice
at least one of {port, tls-port} is mandatory
-portrait rotate graphical output 90 deg left (only PXA LCD)
-rotate <deg> rotate graphical output some deg left (only PXA LCD)
-vga [std|cirrus|vmware|qxl|xenfb|tcx|cg3|none]
select video card type
-full-screen start in full screen
-vnc display start a VNC server on display
i386 target only:
-win2k-hack use it when installing Windows 2000 to avoid a disk full bug
-no-fd-bootchk disable boot signature checking for floppy disks
-no-acpi disable ACPI
-no-hpet disable HPET
-acpitable [sig=str][,rev=n][,oem_id=str][,oem_table_id=str][,oem_rev=n][,asl_compiler_id=str][,asl_compiler_rev=n][,{data|file}=file1[:file2]...]
ACPI table description
-smbios file=binary
load SMBIOS entry from binary file
-smbios type=0[,vendor=str][,version=str][,date=str][,release=%d.%d][,uefi=on|off]
specify SMBIOS type 0 fields
-smbios type=1[,manufacturer=str][,product=str][,version=str][,serial=str]
[,uuid=uuid][,sku=str][,family=str]
specify SMBIOS type 1 fields
Network options:
-net nic[,vlan=n][,macaddr=mac][,model=type][,name=str][,addr=str][,vectors=v]
create a new Network Interface Card and connect it to VLAN 'n'
-net user[,vlan=n][,name=str][,net=addr[/mask]][,host=addr][,restrict=on|off]
[,hostname=host][,dhcpstart=addr][,dns=addr][,dnssearch=domain][,tftp=dir]
[,bootfile=f][,hostfwd=rule][,guestfwd=rule][,smb=dir[,smbserver=addr]]
connect the user mode network stack to VLAN 'n', configure its
DHCP server and enabled optional services
-net tap[,vlan=n][,name=str][,fd=h][,fds=x:y:...:z][,ifname=name][,script=file][,downscript=dfile][,helper=helper][,sndbuf=nbytes][,vnet_hdr=on|off][,vhost=on|off][,vhostfd=h][,vhostfds=x:y:...:z][,vhostforce=on|off][,queues=n]
connect the host TAP network interface to VLAN 'n'
use network scripts 'file' (default=/etc/qemu-ifup)
to configure it and 'dfile' (default=/etc/qemu-ifdown)
to deconfigure it
use '[down]script=no' to disable script execution
use network helper 'helper' (default=/tmp/libexec/qemu-bridge-helper) to
configure it
use 'fd=h' to connect to an already opened TAP interface
use 'fds=x:y:...:z' to connect to already opened multiqueue capable TAP interfaces
use 'sndbuf=nbytes' to limit the size of the send buffer (the
default is disabled 'sndbuf=0' to enable flow control set 'sndbuf=1048576')
use vnet_hdr=off to avoid enabling the IFF_VNET_HDR tap flag
use vnet_hdr=on to make the lack of IFF_VNET_HDR support an error condition
use vhost=on to enable experimental in kernel accelerator
(only has effect for virtio guests which use MSIX)
use vhostforce=on to force vhost on for non-MSIX virtio guests
use 'vhostfd=h' to connect to an already opened vhost net device
use 'vhostfds=x:y:...:z to connect to multiple already opened vhost net devices
use 'queues=n' to specify the number of queues to be created for multiqueue TAP
-net bridge[,vlan=n][,name=str][,br=bridge][,helper=helper]
connects a host TAP network interface to a host bridge device 'br'
(default=br0) using the program 'helper'
(default=/tmp/libexec/qemu-bridge-helper)
-net l2tpv3[,vlan=n][,name=str],src=srcaddr,dst=dstaddr[,srcport=srcport][,dstport=dstport],txsession=txsession[,rxsession=rxsession][,ipv6=on/off][,udp=on/off][,cookie64=on/off][,counter][,pincounter][,txcookie=txcookie][,rxcookie=rxcookie][,offset=offset]
connect the VLAN to an Ethernet over L2TPv3 pseudowire
Linux kernel 3.3+ as well as most routers can talk
L2TPv3. This transport allows connecting a VM to a VM,
VM to a router and even VM to Host. It is a nearly-universal
standard (RFC3391). Note - this implementation uses static
pre-configured tunnels (same as the Linux kernel).
use 'src=' to specify source address
use 'dst=' to specify destination address
use 'udp=on' to specify udp encapsulation
use 'srcport=' to specify source udp port
use 'dstport=' to specify destination udp port
use 'ipv6=on' to force v6
L2TPv3 uses cookies to prevent misconfiguration as
well as a weak security measure
use 'rxcookie=0x012345678' to specify a rxcookie
use 'txcookie=0x012345678' to specify a txcookie
use 'cookie64=on' to set cookie size to 64 bit, otherwise 32
use 'counter=off' to force a 'cut-down' L2TPv3 with no counter
use 'pincounter=on' to work around broken counter handling in peer
use 'offset=X' to add an extra offset between header and data
-net socket[,vlan=n][,name=str][,fd=h][,listen=[host]:port][,connect=host:port]
connect the vlan 'n' to another VLAN using a socket connection
-net socket[,vlan=n][,name=str][,fd=h][,mcast=maddr:port[,localaddr=addr]]
connect the vlan 'n' to multicast maddr and port
use 'localaddr=addr' to specify the host address to send packets from
-net socket[,vlan=n][,name=str][,fd=h][,udp=host:port][,localaddr=host:port]
connect the vlan 'n' to another VLAN using an UDP tunnel
-net vde[,vlan=n][,name=str][,sock=socketpath][,port=n][,group=groupname][,mode=octalmode]
connect the vlan 'n' to port 'n' of a vde switch running
on host and listening for incoming connections on 'socketpath'.
Use group 'groupname' and mode 'octalmode' to change default
ownership and permissions for communication port.
-net dump[,vlan=n][,file=f][,len=n]
dump traffic on vlan 'n' to file 'f' (max n bytes per packet)
-net none use it alone to have zero network devices. If no -net option
is provided, the default is '-net nic -net user'
-netdev [user|tap|bridge|vde|vhost-user|socket|hubport],id=str[,option][,option][,...]
Character device options:
-chardev null,id=id[,mux=on|off]
-chardev socket,id=id[,host=host],port=port[,to=to][,ipv4][,ipv6][,nodelay][,reconnect=seconds]
[,server][,nowait][,telnet][,reconnect=seconds][,mux=on|off] (tcp)
-chardev socket,id=id,path=path[,server][,nowait][,telnet][,reconnect=seconds][,mux=on|off] (unix)
-chardev udp,id=id[,host=host],port=port[,localaddr=localaddr]
[,localport=localport][,ipv4][,ipv6][,mux=on|off]
-chardev msmouse,id=id[,mux=on|off]
-chardev vc,id=id[[,width=width][,height=height]][[,cols=cols][,rows=rows]]
[,mux=on|off]
-chardev ringbuf,id=id[,size=size]
-chardev file,id=id,path=path[,mux=on|off]
-chardev pipe,id=id,path=path[,mux=on|off]
-chardev pty,id=id[,mux=on|off]
-chardev stdio,id=id[,mux=on|off][,signal=on|off]
-chardev serial,id=id,path=path[,mux=on|off]
-chardev tty,id=id,path=path[,mux=on|off]
-chardev parallel,id=id,path=path[,mux=on|off]
-chardev parport,id=id,path=path[,mux=on|off]
Device URL Syntax:
-iscsi [user=user][,password=password]
[,header-digest=CRC32C|CR32C-NONE|NONE-CRC32C|NONE
[,initiator-name=initiator-iqn][,id=target-iqn]
iSCSI session parameters
Bluetooth(R) options:
-bt hci,null dumb bluetooth HCI - doesn't respond to commands
-bt hci,host[:id]
use host's HCI with the given name
-bt hci[,vlan=n]
emulate a standard HCI in virtual scatternet 'n'
-bt vhci[,vlan=n]
add host computer to virtual scatternet 'n' using VHCI
-bt device:dev[,vlan=n]
emulate a bluetooth device 'dev' in scatternet 'n'
TPM device options:
-tpmdev passthrough,id=id[,path=path][,cancel-path=path]
use path to provide path to a character device; default is /dev/tpm0
use cancel-path to provide path to TPM's cancel sysfs entry; if
not provided it will be searched for in /sys/class/misc/tpm?/device
Linux/Multiboot boot specific:
-kernel bzImage use 'bzImage' as kernel image
-append cmdline use 'cmdline' as kernel command line
-initrd file use 'file' as initial ram disk
-dtb file use 'file' as device tree image
Debug/Expert options:
-serial dev redirect the serial port to char device 'dev'
-parallel dev redirect the parallel port to char device 'dev'
-monitor dev redirect the monitor to char device 'dev'
-qmp dev like -monitor but opens in 'control' mode
-mon [chardev=]name[,mode=readline|control][,default]
-debugcon dev redirect the debug console to char device 'dev'
-pidfile file write PID to 'file'
-singlestep always run in singlestep mode
-S freeze CPU at startup (use 'c' to start execution)
-realtime [mlock=on|off]
run qemu with realtime features
mlock=on|off controls mlock support (default: on)
-gdb dev wait for gdb connection on 'dev'
-s shorthand for -gdb tcp::1234
-d item1,... enable logging of specified items (use '-d help' for a list of log items)
-D logfile output log to logfile (default stderr)
-L path set the directory for the BIOS, VGA BIOS and keymaps
-bios file set the filename for the BIOS
-enable-kvm enable KVM full virtualization support
-xen-domid id specify xen guest domain id
-xen-create create domain using xen hypercalls, bypassing xend
warning: should not be used when xend is in use
-xen-attach attach to existing xen domain
xend will use this when starting QEMU
-no-reboot exit instead of rebooting
-no-shutdown stop before shutdown
-loadvm [tag|id]
start right away with a saved state (loadvm in monitor)
-daemonize daemonize QEMU after initializing
-option-rom rom load a file, rom, into the option ROM space
-rtc [base=utc|localtime|date][,clock=host|rt|vm][,driftfix=none|slew]
set the RTC base and clock, enable drift fix for clock ticks (x86 only)
-icount [shift=N|auto][,align=on|off]
enable virtual instruction counter with 2^N clock ticks per
instruction and enable aligning the host and virtual clocks
-watchdog i6300esb|ib700
enable virtual hardware watchdog [default=none]
-watchdog-action reset|shutdown|poweroff|pause|debug|none
action when watchdog fires [default=reset]
-echr chr set terminal escape character instead of ctrl-a
-virtioconsole c
set virtio console
-show-cursor show cursor
-tb-size n set TB size
-incoming p prepare for incoming migration, listen on port p
-nodefaults don't create default devices
-chroot dir chroot to dir just before starting the VM
-runas user change to user id user just before starting the VM
-sandbox <arg> Enable seccomp mode 2 system call filter (default 'off').
-readconfig <file>
-writeconfig <file>
read/write config file
-nodefconfig
do not load default config files at startup
-no-user-config
do not load user-provided config files at startup
-trace [events=<file>][,file=<file>]
specify tracing options
-enable-fips enable FIPS 140-2 compliance
-object TYPENAME[,PROP1=VALUE1,...]
create an new object of type TYPENAME setting properties
in the order they are specified. Note that the 'id'
property must be set. These objects are placed in the
'/objects' path.
-msg timestamp[=on|off]
change the format of messages
on|off controls leading timestamps (default:on)
-dump-vmstate <file>
Output vmstate information in JSON format to file.
Use the scripts/vmstate-static-checker.py file to
check for possible regressions in migration code
by comparing two such vmstate dumps.
During emulation, the following keys are useful:
ctrl-alt-f toggle full screen
ctrl-alt-n switch to virtual console 'n'
ctrl-alt toggle mouse and keyboard grab
When using -nographic, press 'ctrl-a h' to get some help.
Useful notes:
../../qemu-system-x86_64 -parameter value
bios-256k.bin
and must be set as parameter -bios bios-256k.bin
-k keymaps/en-us
if in same directory as bios files, and only en-us
has been tested-vnc 127.0.0.1:1
and then use SSH to proxy connect to VNCwhen the script has loaded up qemu and outputs this text
ssh -p 1022 mfsbsd@ip-address
it should also indicate the likely name of the resulting network interface in the installed system.
I don't know an easy way to do this, however I found the following
FreeBSD interface naming
The name of a FreeBSD interface starts with the name of its network driver.
It is then followed by a number starting at 0 that increases incrementally by
one for each additional interface sharing that driver.
For example, a common driver used by Intel gigabit network interface cards is igb.
The first such card in a firewall will be igb0, the second is igb1, and so on.
Other common driver names include cxl (Chelsio 10G), em (Also Intel 1G),
ix (Intel 10G), bge (various Broadcom chipsets), amongst numerous others.
If a system mixes an Intel card and a Chelsio card, the interfaces will be igb0
and cxl0 respectively.
It's tricky because Xneelo servers show eno0
in rescue system, em0
in mfsBSD, and igb0
when in resulting installed FreeBSD system.
However in some Hetzner server-bidding servers it would be em0
in mfsBSD and installed FreeBSD system.
Detecting the likely result in end system, and informing user, or automatically setting, would be useful.
A vanilla build of MfsBSD with root password is enough for me.
The mandatory requirement to use ssh keys is superfluous.
ada0 and ada1
2 x 8 TB SATA Enterprise HDD
https://www.hetzner.com/dedicated-rootserver/px62
There are some listed at https://www.hivelocity.net/dedicated-servers/
We support Ubuntu 18.04 and 22.04, CentOS and Almalinux 8 or CloudLinux 8
Not clear if there is a rescue boot, or can use a recovery image, otherwise they have custom iPXE images too
The original post makes a note:
If you have drives larger than 2 TB, you still need to download the UEFI boot
The depenguinme script doesn't currently cater for this, and it's unclear what needs to happen.
The file exists as an additional mirror at https://depenguin.me/files/uefi.tar.gz
To-do: figure out what needs to happen with the extracted uefi.bin
file, perhaps it can be loaded with -bios uefi.bin
option?
See bsdpot/pot for examples.
IBM Cloud deprecation for FreeBSD on all server types starting December 31, 2022 according to this reddit post
ibm cloud lifecycle docs mention supporting FreeBSD 12.x (available only on bare metal servers) to 30 June 2024.
Rescue System mentions Centos 7
We'll need to test run script and qemu on Centos 7. Also IBM cloud dedicated boxes. Solutions seem region specific so not linking to servers yet.
Install zroot mirror to 2 x nvme ssd, then use 10 x 16TB for minio/ceph/other
10 x 16 TB Enterprise HDD 7200 rpm, 2 x 960 GB datacenter NVMe SSD
https://www.hetzner.com/dedicated-rootserver/sx134
ada0 and ada1
2 x 512 GB NVMe SSD
https://www.hetzner.com/dedicated-rootserver/ax41-nvme
- Installer script for mfsBSD image to install FreeBSD 13.1 with zfs-on-root using a statically compiled qemu binary
+ Installer script for mfsBSD image to install FreeBSD 13.1 with zfs-on-root using qemu
(we might as well use a statically compiled one in some setups, but being less specific manages expectations)
Subj.
I have a server with an Intel Atom processor where there is no virtualization support.
Therefore, instead of the mandatory qemu options ( -enable-kvm
-cpu host
), you need to check for virtualization support.
The default ZFS datasets in mfsbsd setup are very limited:
root@depenguintest:~ # zfs list
NAME USED AVAIL REFER MOUNTPOINT
zroot 1.05G 1.76T 24K none
zroot/root 1.05G 1.76T 938M /
zroot/root/tmp 25K 1.76T 25K /tmp
zroot/root/var 133M 1.76T 133M /var
By comparison a normal FreeBSD setup (13.0) would create something more like
zroot 53.7G 373G 96K /zroot
zroot/ROOT 46.4G 373G 96K none
zroot/ROOT/default 46.4G 373G 46.4G /
zroot/tmp 2.50G 373G 2.50G /tmp
zroot/usr 3.45G 373G 96K /usr
zroot/usr/home 2.51G 373G 2.51G /usr/home
zroot/usr/ports 96K 373G 96K /usr/ports
zroot/usr/src 963M 373G 963M /usr/src
zroot/var 9.98M 373G 96K /var
zroot/var/audit 96K 373G 96K /var/audit
zroot/var/crash 96K 373G 96K /var/crash
zroot/var/log 4.52M 373G 4.52M /var/log
zroot/var/mail 5.07M 373G 5.07M /var/mail
zroot/var/tmp 112K 373G 112K /var/tmp
with user, or other programs like pot
, creating additional datasets.
I'd like to suggest an improvement here, but not sure what. Or draw more attention to the limited setup somehow.
Starting to play with this one.
So far depenguin.me does not start properly (doing a plain run.sh):
KVM acceleration can be used
Starting qemu...
Please wait, booting... 30s
Please wait, booting... 25s
Please wait, booting... 20s
Please wait, booting... 15s
Please wait, booting... 10s
Please wait, booting... 5s
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
Waiting for sshd to become available...
...
I tried to install FreeBSD based on the:
https://depenguin.me/
In the zfsinstall step it died and I cannot run it again:
Installation
root@mfsbsd:~ # zfsinstall -d ada0 -d ada1 -r mirror -s 4G -A -4 -c -p zroot
Fetching base files from: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/13.1-RELEASE
/tmp/base.txz 186 MB 25 MBps 07s
/tmp/kernel.txz 49 MB 25 MBps 02s
Creating GUID partitions on ada0 ... done
Configuring ZFS bootcode on ada0 ... done
=> 40 1000215136 ada0 GPT (477G)
40 472 1 freebsd-boot (236K)
512 3584 - free - (1.8M)
4096 8388608 2 freebsd-swap (4.0G)
8392704 991821824 3 freebsd-zfs (473G)
1000214528 648 - free - (324K)
Creating GUID partitions on ada1 ... done
Configuring ZFS bootcode on ada1 ... done
=> 40 1000215136 ada1 GPT (477G)
40 472 1 freebsd-boot (236K)
512 3584 - free - (1.8M)
4096 8388608 2 freebsd-swap (4.0G)
8392704 991821824 3 freebsd-zfs (473G)
1000214528 648 - free - (324K)
Creating ZFS pool zroot on ada0p3 ada1p3 ... done
Setting default checksum to fletcher4 for zroot ... done
Enabling default compression on zroot ... done
Creating zroot root partition: ... done
Creating zroot partitions: var tmp ... done
Setting bootfs for zroot to zroot/root ... done
NAME USED AVAIL REFER MOUNTPOINT
zroot 248K 457G 24K none
zroot/root 72K 457G 24K /mnt
zroot/root/tmp 24K 457G 24K /mnt/tmp
zroot/root/var 24K 457G 24K /mnt/var
Extracting FreeBSD distribution ...Killed
error
If I try it again
root@mfsbsd:~ # zfsinstall -d ada0 -d ada1 -r mirror -s 4G -A -4 -c -p zroot
Error: ZFS pool "zroot" already exists
DF
root@mfsbsd:~ # df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/md0 82M 71M 5.3M 93% /
devfs 1.0K 1.0K 0B 100% /dev
tmpfs 628M 598M 30M 95% /rw
devfs 1.0K 1.0K 0B 100% /rw/dev
zroot/root 457G 155M 457G 0% /rw/mnt
zroot/root/var 457G 24K 457G 0% /rw/mnt/var
zroot/root/tmp 457G 24K 457G 0% /rw/mnt/tmp
Whatever I try it fails:
root@mfsbsd:~ # zfsinstall -d ada0 -d ada1 -r mirror -s 4G -A -4 -c -p zroot
Error: An exported ZFS pool "zroot" already exists
Please choose another pool name or rename/destroy the exported pool.
root@mfsbsd:~ # zpool remove zroot
cannot open 'zroot': no such pool
root@mfsbsd:~ # zpool destroy zroot
cannot open 'zroot': no such pool
root@mfsbsd:~ # zpool destroy -f zroot
cannot open 'zroot': no such pool
root@mfsbsd:~ # zpool status
no pools available
Any ideas how to continue or restart completely?
2 x Micron 1 TB, 1300 SSD
or
2 x Micron 960 GB, 5200 ECO SSD
https://xneelo.co.za/dedicated-servers/
edit: adding Recovery console info
https://xneelo.co.za/help-centre/control-panel/linux-rescue-system-self-managed-server/
edit 2: try for free for 7 days
https://xneelo.co.za/help-centre/products-and-services/how-do-i-terminate-server/
Should you be cancelling your server within the 7 day grace period
after placing your order, we will proceed to decommission the server
with immediate effect. You will not be liable for any fees associated
with this server.
There are some machines that come with 4 or 6 drives and it would be nice to use them as a raidz(2) pool, but the script currently only supports <=2 drive machines, right?
ada0 and ada1
2 x 8 TB SATA Enterprise HDD
https://www.hetzner.com/dedicated-rootserver/ax51
Hi,
I am currently bootstrapping a server with four drives, and the script always only selects /dev/sd[ab] and not /dev/sd[abcd] as its listed in lsblk
.
I found there is a limitation that you can only add 4 drives to qemu, but if you use if=virtio
more can be added.
What can be done about this, so that the installation can directly take care of all disks?
Kind regards.
Test Request: OVH Baremetal servers
https://www.ovhcloud.com/en/bare-metal/
Multiple tiers/ranges of servers with common entry level disk setup of 2 x 2TB or 2 x 512GB SSD:
Linux based rescue system
https://docs.ovh.com/gb/en/dedicated/ovh-rescue/
Right now, running the script listens to the public internet with fixed, known, weak credentials.
It would be cool if the script could generate a random password for mfsbsd and show it on start. This way the security risk for the server would be greatly reduced.
Another great feature would be supporting an ssh public key (and therefore using no password at all) and/or limiting access by IP address.
This server works mostly out of the box, but requires a special network driver from ports to work.
In this test, the network adapter was a Realtek RTL8125 2.5GbE Controller (vendor=0x10ec device=0x8125). This should work with net/realtek-re-kmod
, but at the time of writing (March 2024) it doesn't. Instead, net/realtek-re-kmod198
is required (see https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275882 for details).
After finishing the installation, but before rebooting, drop into a shell and install the driver:
pkg install realtek-re-kmod198
Then adapt /boot/loader.conf to make use of it:
if_re_load="YES"
if_re_name="/boot/modules/if_re.ko"
hw.re.max_rx_mbuf_sz="2048" # optional
Finally configure the interface in /etc/rc.conf:
ifconfig_re0_name="untrusted"
ifconfig_untrusted="up"
ifconfig_untrusted_ipv6="up"
ifconfig_untrusted_aliases="inet 1.2.3.4/32 inet6 2a01:4f8:1:2a::2/64"
static_routes="gateway default"
route_gateway="-host 1.2.3.1 -interface untrusted"
route_default="default 1.2.3.1"
ipv6_defaultrouter="fe80::1%untrusted"
Legend:
1.2.3.4
: host IPv4 IP1.2.3.1
: IPv4 default gateway2a01:4f8:1:2a::2
: host IPv6 IPCan this be used on PhoenixNAP Bare Metal Cloud?
Test request: Equinix Metal
https://metal.equinix.com/product/servers/
Most have 1-2 drives or more.
There is a recovery console "which loads a vanilla Alpine Linux image into your server's RAM"
https://metal.equinix.com/developers/docs/resilience-recovery/rescue-mode/
http://wiki.alpinelinux.org
install missing packages withapk
such asapk add e2fsprogs
FreeBSD is listed as supported install option
https://metal.equinix.com/developers/docs/operating-systems/supported/
Really cool script, just tested and it seems to work ok.
It would be good to remove sudo from the script (and maybe check for uid 0 on start)., sinceHetzner servers don't have sudo installed by default and one connects to servers running the rescue image using root anyway.
The depenguinme.sh script can only work with the binaries that exist in the linux rescue environment, or with statically-compiled binaries that are downloaded.
It would be useful to have a list of binaries available /bin and /usr/bin and /usr/sbin etc from a rescue console such as Hetzner.
For example:
Is it possible to create an ISO file in the rescue system? Does mkisofs
exist by default or do we need a statically-compiled copy?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.