Grub does not seem to support EFI boot on software raid (MD) yet. See: wiki.debian.org
Make sure the target disks (sda and sdb in this example) are empty and can be overwritten.
Boot system from recovery image to install grub on two separate disks:
# create/clone boot + efi paritions on both boot-disks
# sdd = existing boot disk
dd if=/dev/sdd of=/dev/sda bs=1G count=2
dd if=/dev/sdd of=/dev/sdb bs=1G count=2
# mount system system
mount /dev/sdc /mnt
mount --rbind /dev /mnt/dev
mount --rbind /proc /mnt/proc
mount --rbind /sys /mnt/sys
# mount boot disk 1
mount /dev/sda2 /mnt/boot
mount /dev/sda1 /mnt/boot/efi
chroot /mnt
grub-install /dev/sda --efi-directory=/boot/efi --target=x86_64-efi
# ctrl+d
umount /mnt/boot/efi
umount /mnt/boot/efi
# mount boot disk 2
mount /dev/sdb2 /mnt/boot # boot disk 1
mount /dev/sdb1 /mnt/boot/efi
chroot /mnt
grub-install /dev/sdb --efi-directory=/boot/efi --target=x86_64-efi
# reboot & testSo the secondary boot partition stays up-to-date it should be synced ~once a day.
#!/bin/bash
set -euo pipefail
PATH_BAK='/var/backups/boot'
RETENTION_DAYS=30
if mount | grep "on /boot type" -q && mount | grep "on /boot2 type" -q
then
echo '### REMOVING OLD BACKUPS of /boot2'
find "${PATH_BAK}/" -mtime +${RETENTION_DAYS} -name "*.tar.gz" -type f # to show the files to be deleted
find "${PATH_BAK}/" -mtime +${RETENTION_DAYS} -name "*.tar.gz" -type f -delete
echo '### BACKING-UP current /boot2'
tar -czf "${PATH_BAK}/$(date '+%Y-%m-%d_%H-%M-%S').tar.gz" /boot2/ 2>/dev/null
echo '### SYNCING /boot to /boot2'
rsync -av --delete /boot/ /boot2 --exclude "lost+found"
else
echo 'Not both boot-partitions are mounted!'
exit 1
fi
Note: Hetzner uses Software Raid1 for the boot partition on their setups.
It seems this is doable at setup-time: