Skip to content

Instantly share code, notes, and snippets.

@meetmangukiya

meetmangukiya/instructions.md

Created January 4, 2022 08:22
Show Gist options
  • Save meetmangukiya/8707efaebb4e004132ac78abf5998f90 to your computer and use it in GitHub Desktop.
Save meetmangukiya/8707efaebb4e004132ac78abf5998f90 to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu full disk encryption - hetzner
Raw
instructions.md
Raw
post-install.sh
#!/bin/bash
add_rfc3442_hook() {
cat << EOF > /etc/initramfs-tools/hooks/add-rfc3442-dhclient-hook
#!/bin/sh
PREREQ=""
prereqs()
{
echo "\$PREREQ"
}
case \$1 in
prereqs)
prereqs
exit 0
;;
esac
if [ ! -x /sbin/dhclient ]; then
exit 0
fi
. /usr/share/initramfs-tools/scripts/functions
. /usr/share/initramfs-tools/hook-functions
mkdir -p \$DESTDIR/etc/dhcp/dhclient-exit-hooks.d/
cp -a /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes \$DESTDIR/etc/dhcp/dhclient-exit-hooks.d/
EOF
chmod +x /etc/initramfs-tools/hooks/add-rfc3442-dhclient-hook
}
# Install hook
add_rfc3442_hook
# Copy SSH keys for dropbear
mkdir -p /etc/dropbear-initramfs
cp -a /root/.ssh/authorized_keys /etc/dropbear-initramfs/authorized_keys
# Update system
apt-get update >/dev/null
apt-get -y install cryptsetup-initramfs dropbear-initramfs
Raw
setup.conf
CRYPTPASSWORD secret
DRIVE1 /dev/sda
BOOTLOADER grub
HOSTNAME host.example.com
PART /boot ext4 1G
PART / ext4 all crypt
IMAGE /root/images/Debian-1101-bullseye-amd64-base.tar.gz
SSHKEYS_URL /tmp/authorized_keys
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment