~~ODT~~
====== Anforderungen ======
  * Das "master" System dient Pannonia IT als Basis für diverse Virtualisierungen die mit "KVM" durchgeführt werden und soll as simple as possible sein
  * Virtualisierungshost für zB: fileserver / firewall / webserver / backup u.v.m.


====== Installation von Rescue System bei Hetzner für Root Server ======
  * Achtung hier Debian 11 Scratchpad / kein UEFI sondern legacy bios

<code>

master setup base


root@rescue ~ # gdisk /dev/sda
GPT fdisk (gdisk) version 1.0.6

Warning: Partition table header claims that the size of partition table
entries is 0 bytes, but this program  supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Warning: Partition table header claims that the size of partition table
entries is 16843009 bytes, but this program  supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Partition table scan:
  MBR: not present
  BSD: not present
  APM: not present
  GPT: not present

Creating new GPT entries in memory.

Command (? for help): ?
b	back up GPT data to a file
c	change a partition's name
d	delete a partition
i	show detailed information on a partition
l	list known partition types
n	add a new partition
o	create a new empty GUID partition table (GPT)
p	print the partition table
q	quit without saving changes
r	recovery and transformation options (experts only)
s	sort partitions
t	change a partition's type code
v	verify disk
w	write table to disk and exit
x	extra functionality (experts only)
?	print this menu

Command (? for help): n
Partition number (1-128, default 1): 
First sector (34-3907029134, default = 2048) or {+-}size{KMGTP}: 
Last sector (2048-3907029134, default = 3907029134) or {+-}size{KMGTP}: +150M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 
Changed type of partition to 'Linux filesystem'

Command (? for help): n
Partition number (2-128, default 2): 
First sector (34-3907029134, default = 309248) or {+-}size{KMGTP}: 
Last sector (309248-3907029134, default = 3907029134) or {+-}size{KMGTP}: 
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'

Command (? for help): w

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!

Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.


-----


root@rescue ~ # gdisk /dev/sdb
GPT fdisk (gdisk) version 1.0.6

Warning: Partition table header claims that the size of partition table
entries is 0 bytes, but this program  supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Caution: invalid main GPT header, but valid backup; regenerating main header
from backup!

Warning: Invalid CRC on main header data; loaded backup partition table.
Warning! One or more CRCs don't match. You should repair the disk!
Main header: ERROR
Backup header: OK
Main partition table: OK
Backup partition table: OK

Partition table scan:
  MBR: not present
  BSD: not present
  APM: not present
  GPT: damaged

Found invalid MBR and corrupt GPT. What do you want to do? (Using the
GPT MAY permit recovery of GPT data.)
 1 - Use current GPT
 2 - Create blank GPT

Your answer: 2

Command (? for help): n
Partition number (1-128, default 1): 
First sector (34-3907029134, default = 2048) or {+-}size{KMGTP}: 
Last sector (2048-3907029134, default = 3907029134) or {+-}size{KMGTP}: +150M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 
Changed type of partition to 'Linux filesystem'

Command (? for help): n
Partition number (2-128, default 2): 
First sector (34-3907029134, default = 309248) or {+-}size{KMGTP}: 
Last sector (309248-3907029134, default = 3907029134) or {+-}size{KMGTP}: 
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'

Command (? for help): w

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!

Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sdb.
The operation has completed successfully

----

create RAID1

# mdadm --create /dev/md0 --level=raid1 --raid-devices=2 /dev/sda2 /dev/sdb2
---

create physical volume device for lvm

root@rescue ~ # pvcreate /dev/md0 
  Physical volume "/dev/md0" successfully created.

----

create volume group 
root@rescue ~ # vgcreate master /dev/md0
  Volume group "master" successfully created

----

create logical volume for root filesystem

root@rescue ~ # man lvcreate
root@rescue ~ # lvcreate -L 35G -n root  master
  Logical volume "root" created.

---

create ext4 filesystem for root Filesystem

root@rescue ~ # mkfs.ext4 /dev/mapper/master-root -L ROOT_FS
mke2fs 1.46.2 (28-Feb-2021)
Creating filesystem with 9175040 4k blocks and 2293760 inodes
Filesystem UUID: 100ea202-f3c5-4f02-8b0a-d59596af5f00
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
	4096000, 7962624

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (65536 blocks): done
Writing superblocks and filesystem accounting information: done

--


mount ext4 filesystem on /mnt/tmp/
root@rescue ~ # mkdir /mnt/tmp
root@rescue ~ # mount /dev/mapper/master-root /mnt/tmp/

----

deboostrap a current debian system

root@rescue /mnt/tmp # debootstrap bullseye ./ http://deb.debian.org/debian

----
chroot into new environment

root@rescue /mnt/tmp # mount -t proc none proc/
root@rescue /mnt/tmp # mount -t sysfs none sys
root@rescue /mnt/tmp # mount -o bind /dev dev/
root@rescue /mnt/tmp # chroot ./ /bin/bash

---
install necessary packages mdadm / lvm2 for system to work

root@rescue:/# apt-get install mdadm lvm2 vim openssh-server man htop

---

erlaube temporär Root Login mit Passwort und setze ordentliches Passwort >20 Zeichen

root@rescue:/# vim /etc/ssh/sshd_config
root@rescue:/# passwd
New password: 
Retype new password: 
passwd: password updated successfully
root@rescue:/# grep -i PermitRoot /etc/ssh/sshd_config
PermitRootLogin yes

----
---

grub2 installieren zum booten der maschine

root@rescue:/# apt-get install grub2 
root@master:/# grub-install /dev/sda
Installing for i386-pc platform.
grub-install: warning: this GPT partition label contains no BIOS Boot Partition; embedding won't be possible.
grub-install: error: embedding is not possible, but this is required for RAID and LVM install.


---

sda1 anpassen mach ma bios boot partition draus - ef02


root@rescue /mnt/tmp # gdisk /dev/sdb
GPT fdisk (gdisk) version 1.0.6

Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: present

Found valid GPT with protective MBR; using GPT.

Command (? for help): ?
b	back up GPT data to a file
c	change a partition's name
d	delete a partition
i	show detailed information on a partition
l	list known partition types
n	add a new partition
o	create a new empty GUID partition table (GPT)
p	print the partition table
q	quit without saving changes
r	recovery and transformation options (experts only)
s	sort partitions
t	change a partition's type code
v	verify disk
w	write table to disk and exit
x	extra functionality (experts only)
?	print this menu

Command (? for help): t
Partition number (1-2): 1
Current type is EF01 (MBR partition scheme)
Hex code or GUID (L to show codes, Enter = EF01): ef02
Changed type of partition to 'BIOS boot partition'

Command (? for help): w

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!

Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sdb.
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot or after you
run partprobe(8) or kpartx(8)
The operation has completed successfully

...

so muss es aussehen wenn von mbr / bios legacy gebootet wird

root@rescue /mnt/tmp # chroot ./ /bin/bash
root@master:/# grub-install /dev/sda
Installing for i386-pc platform.
Installation finished. No error reported.
root@master:/# grub-install /dev/sdb
Installing for i386-pc platform.
Installation finished. No error reported

---

raid1 infos vom hostsystem ins chroot

root@master:/# /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf

---

Kernel Installation

apt-get install linux-image-amd64


---

Netzwerk konfigurieren damit die MAschine auch korrekte IP Infos bekommt beim booten e.g.

/etc/default/grub
..
GRUB_CMDLINE_LINUX="net.ifnames=0"
...
update-grub2
...

--

Warning wegen fehlender Firmware sources (in dem Fall realtek Netzwerkkarte) anpassen non-free hinzufügen 

root@master:~# cat /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main non-free 
deb http://security.debian.org/debian-security bullseye-security main non-free
deb http://ftp.de.debian.org/debian bullseye-updates main non-free

root@master:~# apt-get install firmware-realtek


root@master:~# update-initramfs -k all -u

---

root@master:/# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source /etc/network/interfaces.d/*


auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
           address IP
           netmask NETMASK 
           gateway GATEWAY
           
           
-----

fstab für root partition konfigurieren

root@master:/# cat /etc/fstab 
# UNCONFIGURED FSTAB FOR BASE SYSTEM

LABEL=ROOT_FS /               ext4    errors=remount-ro    0       1

---

check ob ich bereits booten kann

root@master /mnt # cat /proc/mdstat 
Personalities : [raid1] 
md0 : active raid1 sdb2[1] sda2[0]
      1953227840 blocks super 1.2 [2/2] [UU]
      [=====>...............]  resync = 29.2% (571644672/1953227840) finish=157.0min speed=146638K/sec
      bitmap: 11/15 pages [44KB], 65536KB chunk

unused devices: <none>

reboot 
--

ja geht :)



</code>


====== Installation von USB Stick (dvd iso)  ======
  * Die folgende Installation wurde mit 2x M.2 Crucial 500GB (https://www.amazon.de/-/en/dp/B0B25LQQPC?ref=ppx_yo2ov_dt_b_product_details&th=1)  und dieser Firewall Appliance (https://www.amazon.de/-/en/dp/B0B53MKZBX?psc=1&ref=ppx_yo2ov_dt_b_product_details , https://www.amazon.de/-/en/dp/B08C4WV6FT?psc=1&ref=ppx_yo2ov_dt_b_product_details) durchgeführt. 
  * Basissystem: Debian 12 Bookworm :) FIXME preseed erstellen für die Automatisierung der Installationsfragen

{{:know-how:0_master_installation_language.jpg?400|}}
{{:know-how:1_master_installation_location.jpg?400|}}
{{:know-how:2_master_installation_location.jpg?400|}}
{{:know-how:3_master_installation_locale_setting.jpg?400|}}
{{:know-how:4_master_installation_keyboard_layout.jpg?400|}}
{{:know-how:5_master_installation_nic_interface_dhcp.jpg?400|}}
{{:know-how:6_master_installation_nic_physical_link.jpg?400|}}
{{:know-how:7_master_installation_hostname.jpg?400|}}
{{:know-how:8_master_installation_root_password.jpg?400|}}
{{:know-how:9_master_installation_root_password_repeat.jpg?400|}}
{{:know-how:10_master_installation_username.jpg?400|}}
{{:know-how:11_master_installation_username.jpg?400|}}
{{:know-how:12_master_installation_user_password.jpg?400|}}
{{:know-how:13_master_installation_user_password_repeat.jpg?400|}}
{{:know-how:14_master_installation_partition_disks.jpg?400|}}
{{:know-how:15_master_installation_2_nvme_disks.jpg?400|}}
{{:know-how:16_master_installation_partition_1_esp_efi.jpg?400|}}
{{:know-how:17_master_installation_configure_raid.jpg?400|}}
{{:know-how:18_master_installation_raid1.jpg?400|}}
{{:know-how:19_master_installation_active_devices_2.jpg?400|}}
{{:know-how:20_master_installation_spare_devices_0.jpg?400|}}
{{:know-how:21_master_installation_choose_raid1_devices_partition_2.jpg?400|}}
{{:know-how:22_master_installation_overview_devices_md.jpg?400|}}
{{:know-how:23_master_installation_create_volume_group_physical_md0.jpg?400|}}
{{:know-how:24_master_installation_volume_group_name.jpg?400|}}
{{:know-how:25_master_installation_select_physical_volume_md0.jpg?400|}}
{{:know-how:26_master_installation_overview_lvm2.jpg?400|}}
{{:know-how:27_master_installation_partition_disks.jpg?400|}}
{{:know-how:28_master_installation_logical_volume_root.jpg?400|}}
{{:know-how:29_master_installation_root_size.jpg?400|}}
{{:know-how:30_master_installation_logical_volume_var.jpg?400|}}
{{:know-how:31_master_installation_var_size.jpg?400|}}
{{:know-how:32_master_installation_overview_lvm2.jpg?400|}}
{{:know-how:32_master_installation_overview_partitions.jpg?400|}}
{{:know-how:33_master_installation_root_filesystem.jpg?400|}}
{{:know-how:34_master_installation_root_ext4.jpg?400|}}
{{:know-how:35_master_installation_overview_filesystems.jpg?400|}}
{{:know-how:36_master_installation_no_swap_space.jpg?400|}}
{{:know-how:37_master_installation_write_disk_changes.jpg?400|}}
{{:know-how:38_master_installation_install_base_system.jpg?400|}}
{{:know-how:39_master_installation_select_network_mirrors.jpg?400|}}
{{:know-how:40_master_installation_packages_mirror_austria.jpg?400|}}
{{:know-how:41_master_installation_packages_at_debian.jpg?400|}}
{{:know-how:42_master_installation_no_proxy_needed.jpg?400|}}
{{:know-how:43_master_installation_no_package_survey.jpg?400|}}
{{:know-how:44_master_installation_ssh_server_yes.jpg?400|}}
{{:know-how:45_master_installation_grub.jpg?400|}}
{{:know-how:46_master_installation_finished_first_boot.jpg?400|}}
{{:know-how:47_master_installation_raid_build_times.jpg?400|}}