Skip to content

Instantly share code, notes, and snippets.

@ishad0w
Last active October 8, 2024 23:14
Show Gist options
  • Save ishad0w/10a536f82c79d3b890d04243634df806 to your computer and use it in GitHub Desktop.
Save ishad0w/10a536f82c79d3b890d04243634df806 to your computer and use it in GitHub Desktop.
Debian 12 on Oracle Cloud (Free Tier) - (AMD64/ARM64)
#!/bin/bash
trap "exit" INT
echo -e "\nHost:"
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 ubuntu@$1 \
'uname -a && arch && uptime && sudo touch /home/ubuntu/.hushlogin /root/.hushlogin'
echo -e "\nAdding temporary SSH-key for Ubuntu root user..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 ubuntu@$1 \
'sudo cat /home/ubuntu/.ssh/authorized_keys | sudo tee /root/.ssh/authorized_keys'
echo -e "\nSystem trimming..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
export DEBIAN_FRONTEND=noninteractive
snap remove --purge oracle-cloud-agent && snap remove --purge core18
apt-get purge -y linux-* lxc* lxd* vim* snapd* python*
apt-get update && apt-get install -y lsof
apt-get -y autoremove --purge
apt-get -y autoclean
rm -rf /var/log/* /var/lib/apt/* /var/cache/apt/*
df -h
EOL
echo "Check free space! for "/" mountpoint. <=700mb"
waittime=15
while [ $waittime -gt 0 ]; do
echo -ne "$waittime\033[0K\r"
sleep 1
: $((waittime--))
done
echo -e "\nPreparing system..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
cd /
echo "Mounting tmpfs..."
mount -t tmpfs -o size=700m tmpfs mnt && tar --one-file-system -c . | tar -C /mnt -x
mount --make-private -o remount,rw /
mount --move dev mnt/dev && mount --move proc mnt/proc
mount --move run mnt/run && mount --move sys mnt/sys
sed -i "/^[^#]/d;" mnt/etc/fstab
echo "tmpfs / tmpfs defaults 0 0" >> mnt/etc/fstab
cd mnt && mkdir old_root
mount --make-private /
sleep 2
echo "Changing the root mount..."
unshare -m
pivot_root . old_root
sleep 5
echo "Starting SSH on 1022..."
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 1022 -j ACCEPT
nohup /usr/sbin/sshd -D -p 1022 > /dev/null 2>&1 &
EOL
echo -e "\nFlashing the Debian image..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 1022 root@$1 -T <<'EOL'
echo "Arch is $(arch)..."
IMAGEMIRROR="https://cloud.debian.org/images/cloud/bookworm"
IMAGEVERSION="debian-12-genericcloud"
IMAGEBUILD="20240701-1795"
for i in agetty dbus-daemon atd iscsid rpcbind unattended-upgrades; do pkill $i; done; kill 1; umount -l /dev/sda1
if [ $(arch) = "x86_64" ]
then curl -L $IMAGEMIRROR/$IMAGEBUILD/$IMAGEVERSION-amd64-$IMAGEBUILD.tar.xz | tar -OJxvf - disk.raw | dd of=/dev/sda bs=1M;
elif [ $(arch) = "aarch64" ]
then curl -L $IMAGEMIRROR/$IMAGEBUILD/$IMAGEVERSION-arm64-$IMAGEBUILD.tar.xz | tar -OJxvf - disk.raw | dd of=/dev/sda bs=1M;
else
echo Unsported architecture!
fi
sleep 5
echo "Syncing changes to the block storage..."
sync
sleep 5
echo "Rebooting into Debian!"
nohup sh -c 'echo "1" > /proc/sys/kernel/sysrq && sleep 5 && echo "b" > /proc/sysrq-trigger' > /dev/null 2>&1 &
EOL
echo -e "\nWaiting until Debian starts... (3 min)"
waittime=180
while [ $waittime -gt 0 ]; do
echo -ne "$waittime\033[0K\r"
sleep 1
: $((waittime--))
done
echo -e "\nAdding temporary SSH-key for Debian root user..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 debian@$1 \
'sudo cat /home/debian/.ssh/authorized_keys | sudo tee /root/.ssh/authorized_keys'
echo -e "\nDebian inititialisation..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
export DEBIAN_FRONTEND=noninteractive
echo "deb http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" > /etc/apt/sources.list
apt-get update && apt-get install -y locales-all
rm -rf /root/.ssh/
sync
reboot
EOL
sleep 10
echo -e "\nDone!"
@ishad0w
Copy link
Author

ishad0w commented Mar 9, 2023

@afteroot, for me looks like its not a "clean \ fresh ubuntu-minimal instance".
"No space left on device" means no space on tmpfs (limited to 700MB due to x86_64 instance ram limits) temporary partition.

So, you need to create a CLEAN instance Canonical-Ubuntu-22.04-Minimal-20xx.xx.xx-x.
And after that run the script again.
I tested the script 2 days ago, works well for me (for both x86_64/aarch64).

Follow the steps. Don't forget to open the 1022 port for incoming connections inside VCNs Security List / Ingress Rules.

Maybe someday I will add a free space check and other "showstoppers".

@afteroot
Copy link

Ok, thanks

@LIONNNNNN
Copy link

LIONNNNNN commented May 1, 2023

Same problem as afteroot, with a clean Canonical-Ubuntu-22.04-Minimal-aarch64-2023.04.18-0 Installation.

Also i get after the errors following:

Changing the root mount...
Starting SSH on 1022...

Flashing the Debian image...
ssh: connect to host 193.122.14.231 port 1022: No route to host

Waiting until Debian starts... (3 min)

Adding temporary SSH-key for Debian root user...
kex_exchange_identification: read: Connection reset by peer

Debian inititialisation...
kex_exchange_identification: read: Connection reset by peer

Done!

Note i`ve added the rule for the vcn.

@LIONNNNNN
Copy link

ok with Canonical-Ubuntu-22.04-Minimal-aarch64-2023.02.14-0 it worked now

@luisee
Copy link

luisee commented Jun 5, 2023

Hi, thanks for the script, I managed to install Debian. I have a question, would this same script work to reinstall Debian to its initial version? If not, what steps of the script should we use to get Debian reinstalled?
Thanks for the help!

@ishad0w
Copy link
Author

ishad0w commented Jun 7, 2023

Hi, thanks for the script, I managed to install Debian. I have a question, would this same script work to reinstall Debian to its initial version? If not, what steps of the script should we use to get Debian reinstalled? Thanks for the help!

Probably... yes.
But you need to make some modifications to the script. Like changing username, and home folder path and delete ubuntu related stuff (like snapstore).
I don't test it, but it might work.

@luisee
Copy link

luisee commented Jun 7, 2023

One thing that OCI does not have is the ability to reinstall the OS, you have to completely remove the "VPS" and try to create it again. Sometimes it can take more than a day to get another VPS created.
I will try, with the little knowledge I have, to find a way to reinstall Debian with the steps you mentioned, I hope I have luck.

@ishad0w
Copy link
Author

ishad0w commented Aug 19, 2023

Updated to Debian 12.

@Sr-Polilla
Copy link

Thanks!

Works perfectly!

@duqn
Copy link

duqn commented Nov 16, 2023

有三个方案可以安装Debian12

  1. 通过dd安装Debian
  2. 修改grub方式安装
  3. ”Custom images“ Debian12.vmdk

#1 AMD,目前只能正常安装Debian11,再升级到12,root密码为”XXXX“自己修改,
bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 11 -v 64 -p "XXXX" -a -firmware

#1 ARM,可以正常安装Debian12,root密码为”XXXX“自己修改
bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 12 -v arm64 -p "XXXX" -a -firmware

#2 grub 方式安装需要通过VNC,查看https://netboot.xyz/docs/kb/providers/oci/

#3 只适合已升级的账户
3.1 Storage > Buckets > Create Bucket, Upload debian12.vmdk or debian12.cow2
3.2 Compute > Custom images > Import image > Custom image details > Edit details > Compatible shapes
3.3 Create compute instance ...

@12ohit
Copy link

12ohit commented May 31, 2024

with SSH (public key) access to a remote Oracle Cloud Instance

Where do I put the ssh key address while doing /oci_ubuntu_to_debian.multiarch.sh my_vps_ip_address ?

This doesn't work: /oci_ubuntu_to_debian.multiarch.sh my_vps_ip_address -i ~/some_folder/my_public_ssh_key.pub

edit: I was accidentally using pub key, also I added -i ~/some_folder/my_public_ssh_key manually into the file wherever we login

@Baterka
Copy link

Baterka commented Sep 21, 2024

Same problem as afteroot, with a clean Canonical-Ubuntu-22.04-Minimal-aarch64-2023.04.18-0 Installation.

Also i get after the errors following:

Changing the root mount...
Starting SSH on 1022...

Flashing the Debian image...
ssh: connect to host 193.122.14.231 port 1022: No route to host

Waiting until Debian starts... (3 min)

Adding temporary SSH-key for Debian root user...
kex_exchange_identification: read: Connection reset by peer

Debian inititialisation...
kex_exchange_identification: read: Connection reset by peer

Done!

Note i`ve added the rule for the vcn.

I've got exactly the same result. Did you managed to open the port somehow in the Security List?

@kokomo123
Copy link

kokomo123 commented Sep 27, 2024

After applying the clean script and ubuntu-22.04-minimal--aarch64 image, I am unable to log in, but it appears the script was a success though. I tried using the debian user, ubuntu user, root user, or even a backdoor user that I tried to use, but debian keeps saying login incorrect or when sshing in, publickey denied when using the hostname for some reason?? I am not sure how to proceed. Not sure why the genericcloud/generic images for debian aren't working either

@tippfehlr
Copy link

This worked perfectly for me, thank you so much.

@kokomo123: the debian user worked for me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment