Skip to content

Instantly share code, notes, and snippets.

@ishad0w
Last active October 8, 2024 23:14
Show Gist options
  • Save ishad0w/10a536f82c79d3b890d04243634df806 to your computer and use it in GitHub Desktop.
Save ishad0w/10a536f82c79d3b890d04243634df806 to your computer and use it in GitHub Desktop.
Debian 12 on Oracle Cloud (Free Tier) - (AMD64/ARM64)
#!/bin/bash
trap "exit" INT
echo -e "\nHost:"
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 ubuntu@$1 \
'uname -a && arch && uptime && sudo touch /home/ubuntu/.hushlogin /root/.hushlogin'
echo -e "\nAdding temporary SSH-key for Ubuntu root user..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 ubuntu@$1 \
'sudo cat /home/ubuntu/.ssh/authorized_keys | sudo tee /root/.ssh/authorized_keys'
echo -e "\nSystem trimming..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
export DEBIAN_FRONTEND=noninteractive
snap remove --purge oracle-cloud-agent && snap remove --purge core18
apt-get purge -y linux-* lxc* lxd* vim* snapd* python*
apt-get update && apt-get install -y lsof
apt-get -y autoremove --purge
apt-get -y autoclean
rm -rf /var/log/* /var/lib/apt/* /var/cache/apt/*
df -h
EOL
echo "Check free space! for "/" mountpoint. <=700mb"
waittime=15
while [ $waittime -gt 0 ]; do
echo -ne "$waittime\033[0K\r"
sleep 1
: $((waittime--))
done
echo -e "\nPreparing system..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
cd /
echo "Mounting tmpfs..."
mount -t tmpfs -o size=700m tmpfs mnt && tar --one-file-system -c . | tar -C /mnt -x
mount --make-private -o remount,rw /
mount --move dev mnt/dev && mount --move proc mnt/proc
mount --move run mnt/run && mount --move sys mnt/sys
sed -i "/^[^#]/d;" mnt/etc/fstab
echo "tmpfs / tmpfs defaults 0 0" >> mnt/etc/fstab
cd mnt && mkdir old_root
mount --make-private /
sleep 2
echo "Changing the root mount..."
unshare -m
pivot_root . old_root
sleep 5
echo "Starting SSH on 1022..."
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 1022 -j ACCEPT
nohup /usr/sbin/sshd -D -p 1022 > /dev/null 2>&1 &
EOL
echo -e "\nFlashing the Debian image..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 1022 root@$1 -T <<'EOL'
echo "Arch is $(arch)..."
IMAGEMIRROR="https://cloud.debian.org/images/cloud/bookworm"
IMAGEVERSION="debian-12-genericcloud"
IMAGEBUILD="20240701-1795"
for i in agetty dbus-daemon atd iscsid rpcbind unattended-upgrades; do pkill $i; done; kill 1; umount -l /dev/sda1
if [ $(arch) = "x86_64" ]
then curl -L $IMAGEMIRROR/$IMAGEBUILD/$IMAGEVERSION-amd64-$IMAGEBUILD.tar.xz | tar -OJxvf - disk.raw | dd of=/dev/sda bs=1M;
elif [ $(arch) = "aarch64" ]
then curl -L $IMAGEMIRROR/$IMAGEBUILD/$IMAGEVERSION-arm64-$IMAGEBUILD.tar.xz | tar -OJxvf - disk.raw | dd of=/dev/sda bs=1M;
else
echo Unsported architecture!
fi
sleep 5
echo "Syncing changes to the block storage..."
sync
sleep 5
echo "Rebooting into Debian!"
nohup sh -c 'echo "1" > /proc/sys/kernel/sysrq && sleep 5 && echo "b" > /proc/sysrq-trigger' > /dev/null 2>&1 &
EOL
echo -e "\nWaiting until Debian starts... (3 min)"
waittime=180
while [ $waittime -gt 0 ]; do
echo -ne "$waittime\033[0K\r"
sleep 1
: $((waittime--))
done
echo -e "\nAdding temporary SSH-key for Debian root user..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 debian@$1 \
'sudo cat /home/debian/.ssh/authorized_keys | sudo tee /root/.ssh/authorized_keys'
echo -e "\nDebian inititialisation..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
export DEBIAN_FRONTEND=noninteractive
echo "deb http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" > /etc/apt/sources.list
apt-get update && apt-get install -y locales-all
rm -rf /root/.ssh/
sync
reboot
EOL
sleep 10
echo -e "\nDone!"
@ishad0w
Copy link
Author

ishad0w commented Aug 19, 2023

Updated to Debian 12.

@Sr-Polilla
Copy link

Thanks!

Works perfectly!

@duqn
Copy link

duqn commented Nov 16, 2023

有三个方案可以安装Debian12

  1. 通过dd安装Debian
  2. 修改grub方式安装
  3. ”Custom images“ Debian12.vmdk

#1 AMD,目前只能正常安装Debian11,再升级到12,root密码为”XXXX“自己修改,
bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 11 -v 64 -p "XXXX" -a -firmware

#1 ARM,可以正常安装Debian12,root密码为”XXXX“自己修改
bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 12 -v arm64 -p "XXXX" -a -firmware

#2 grub 方式安装需要通过VNC,查看https://netboot.xyz/docs/kb/providers/oci/

#3 只适合已升级的账户
3.1 Storage > Buckets > Create Bucket, Upload debian12.vmdk or debian12.cow2
3.2 Compute > Custom images > Import image > Custom image details > Edit details > Compatible shapes
3.3 Create compute instance ...

@12ohit
Copy link

12ohit commented May 31, 2024

with SSH (public key) access to a remote Oracle Cloud Instance

Where do I put the ssh key address while doing /oci_ubuntu_to_debian.multiarch.sh my_vps_ip_address ?

This doesn't work: /oci_ubuntu_to_debian.multiarch.sh my_vps_ip_address -i ~/some_folder/my_public_ssh_key.pub

edit: I was accidentally using pub key, also I added -i ~/some_folder/my_public_ssh_key manually into the file wherever we login

@Baterka
Copy link

Baterka commented Sep 21, 2024

Same problem as afteroot, with a clean Canonical-Ubuntu-22.04-Minimal-aarch64-2023.04.18-0 Installation.

Also i get after the errors following:

Changing the root mount...
Starting SSH on 1022...

Flashing the Debian image...
ssh: connect to host 193.122.14.231 port 1022: No route to host

Waiting until Debian starts... (3 min)

Adding temporary SSH-key for Debian root user...
kex_exchange_identification: read: Connection reset by peer

Debian inititialisation...
kex_exchange_identification: read: Connection reset by peer

Done!

Note i`ve added the rule for the vcn.

I've got exactly the same result. Did you managed to open the port somehow in the Security List?

@kokomo123
Copy link

kokomo123 commented Sep 27, 2024

After applying the clean script and ubuntu-22.04-minimal--aarch64 image, I am unable to log in, but it appears the script was a success though. I tried using the debian user, ubuntu user, root user, or even a backdoor user that I tried to use, but debian keeps saying login incorrect or when sshing in, publickey denied when using the hostname for some reason?? I am not sure how to proceed. Not sure why the genericcloud/generic images for debian aren't working either

@tippfehlr
Copy link

This worked perfectly for me, thank you so much.

@kokomo123: the debian user worked for me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment