Snippets #
IT Links
Sammlung von Links die ich spannend finde und/oder genutzt habe, oder welche ich mir merken möchte.
- Microsoft Administrator Sites
- Microsoft Technische Dokumentation
- Samba Wiki
- LVM vergrößern
- Proxmox Festplatte vergrößern
-
Borgbackup bei Hetzner
Borgbackup mit einer Storagebox bei Hetzner einrichten
Ansible
Linksammlung zum Thema Ansible
- Ansible Lockdown
- Ansible Lockdown Git
- Ansible Lockdown Per-Host Lockdown Configuration
- Ansible Role Macos Defaults
- Ansible Hardening dev-sec.io
- Ansible hardening
- Testing Ansible
- Geerlingguy - Jeff Geerling
Macos
Macos related Links
Logcheck
- bootstrap.sh/rootfs/etc/logcheck/ignore.d.server at master · Samayel/bootstrap.sh
- bwesterb/x-logcheck: Extra ignore rules for logcheck
- fabi125/logcheck-rules: My personal set of additional logcheck rules
- frlan/logcheck-local-rules: A collection of addition local rules
- Logcheck
- logcheck-ignores/dovecot-extra at master · kheiken/logcheck-ignores
- logcheck-rules/ignore.d.server at master · Pilat66/logcheck-rules
- logcheck-rules/rules at master · trilader/logcheck-rules
- logcheck/rulefiles/linux/ignore.d.server at master · dnnr/logcheck
- logcheck/rulefiles/linux/ignore.d.server at master · tbarbette/logcheck
- muokata/logcheck-extra: extra logcheck rules
- my-logcheck-rules/ignore.d.server at master · sylvestre/my-logcheck-rules
SSH nur mit Passwort #
1ssh -o PubkeyAuthentication=no -o PreferredAuthentications=password
Download Spam #
1wget -q -N -P /var/lib/spamassassin/training/downloads/ http://untroubled.org/spam/$$(date +%%Y-%%m.7z -d 'last month')
2wget -q -N -P /var/lib/spamassassin/training/downloads/ http://untroubled.org/spam/$$(date +%%Y-%%m.7z)
Mastodon Wartung #
1bundle exec rake db:migrate
2tootctl statuses remove --days=7
3tootctl preview_cards remove --days=7
4tootctl media remove --days=14
5tootctl media remove-orphans
6tootctl cache clear
7tootctl accounts cull
Podman Kubernetes Manifest starten mit systemd #
1systemctl enable --now podman-kube@$(systemd-escape $(pwd)/).service
Container bauen mit Podman1 #
1export IMAGE_VERSION=$(git tag --sort=-version:refname | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -n 1)
2
3podman manifest create keel:${IMAGE_VERSION}
4
5podman build --platform linux/amd64,linux/arm64 --manifest localhost/keel:${IMAGE_VERSION} -f Dockerfile
6
7podman manifest push localhost/keel:${IMAGE_VERSION} docker://git.zyria.de/pyrox/keel:${IMAGE_VERSION}
8
9podman manifest push localhost/keel:${IMAGE_VERSION} docker://docker.io/ricariel/keel:${IMAGE_VERSION}
Ram cache leeren #
1sync; echo 1 > /proc/sys/vm/drop_caches
Leeren branch in git erstellen #
1git switch --orphan pages
2git commit --allow-empty -m "Initial commit on orphan branch"
3git push -u origin pages
Zone aus Samba extrahieren #
1#!/bin/sh
2#
3# Extract DNS zone from Samba4 native DNS using samba-tool
4#
5# Prerequistes:
6# samba krb5-workstation
7
8SAMBA_TOOL=samba-tool
9
10#kinit Administrator
11#trap "kdestroy; rm -f $TMPFILE" 0 1 2 15
12#klist
13## -k=yes doesn't work...
14## Using --password isn't secure.
15USER=Administrator
16echo -n "$USER password:" >&2; stty -echo; read PASS; stty echo; echo '' >&2
17echo 'Please ignore "Cannot do GSSAPI to an IP address" errors...' >&2
18
19## Extract zones
20# 2 zone(s) found
21#
22# pszZoneName : a.example.or.jp
23# Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
24# ZoneType : DNS_ZONE_TYPE_PRIMARY
25# Version : 50
26# dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
27# pszDpFqdn : DomainDnsZones.a.example.or.jp
28#
29# pszZoneName : _msdcs.a.example.or.jp
30# Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
31# ZoneType : DNS_ZONE_TYPE_PRIMARY
32# Version : 50
33# dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
34# pszDpFqdn : ForestDnsZones.a.example.or.jp
35
36#$SAMBA_TOOL dns zonelist localhost --kerberos=yes > $TMPFILE
37ZONES=`$SAMBA_TOOL dns zonelist localhost -U "$USER" --password "$PASS" | awk '$1 ~ /pszZoneName/{print $3}'`
38
39## queryzone $zone "ForestDnsZones"
40queryzone () {
41 local zone="$1"
42 local entry="$2"
43 local qentry="$entry"
44 local name
45 local children
46 local lhs
47 test -z "$entry" && qentry="@"
48
49 $SAMBA_TOOL dns query localhost $zone "$qentry" ALL -U "$USER" --password "$PASS" |
50# Name=, Records=3, Children=0
51# SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
52# NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
53# A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
54# Name=_msdcs, Records=0, Children=0
55# Name=_sites, Records=0, Children=1
56# Name=_tcp, Records=0, Children=4
57 while read line; do
58 set $line
59 case "$1" in
60 Name=*,)
61 name=`expr $1 : 'Name=\([^,]*\)*,'`
62 children=`expr $3 : 'Children=\([0-9]*\)'`
63 if [ $children -gt 0 ]; then
64 queryzone $zone $name${entry:+.}$entry
65 fi
66 if [ -z "$name" ]; then
67 if [ -z "$entry" ]; then
68 lhs="@"
69 else
70 lhs="${entry}"
71 fi
72 else
73 lhs="${name}${entry:+.}${entry}"
74 fi
75 ;;
76 SOA:)
77# SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
78 echo "$@" | sed -e 's/.*serial=\([0-9]*\), refresh=\([0-9]*\), retry=\([0-9]*\), expire=\([0-9]*\), minttl=\([0-9]*\), ns=\([^,]*\), email=\([^,]*\) (flags=.*, serial=[0-9]*, ttl=\([0-9]*\))/'"${name:-@}"' \8 IN SOA \6 \7 \1 \2 \3 \4 \5/'
79 ;;
80# NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
81# A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
82 NS:|A:|AAAA:)
83 echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \3 IN \1 \2/p'
84 ;;
85# SRV: ad01.a.example.or.jp. (88, 0, 100) (flags=f0, serial=1, ttl=900)
86 SRV:|MX:)
87 echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (\([0-9]*\), \([0-9]*\), \([0-9]*\)) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \6 IN \1 \4 \5 \3 \2/p'
88 ;;
89# CNAME: ad01.a.example.or.jp. (flags=f0, serial=1, ttl=900)
90 CNAME:)
91 echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \3 IN \1 \2/p'
92 ;;
93 *)
94 echo "ERROR unknown record type $1; aborting" >&2; exit 1
95 ;;
96 esac
97 done
98}
99
100echo Zones: $ZONES >&2
101for zone in $ZONES; do
102 echo '$ORIGIN' $zone
103 echo ''
104 queryzone $zone ""
105 echo ''
106done ;# zone $ZONES
Schlüssel aus Windows extrahieren #
1Set WshShell = CreateObject("WScript.Shell")
2MsgBox ConvertToKey(WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId"))
3
4Function ConvertToKey(Key)
5Const KeyOffset = 52
6i = 28
7Chars = "BCDFGHJKMPQRTVWXY2346789"
8Do
9Cur = 0
10x = 14
11Do
12Cur = Cur * 256
13Cur = Key(x + KeyOffset) + Cur
14Key(x + KeyOffset) = (Cur \ 24) And 255
15Cur = Cur Mod 24
16x = x -1
17Loop While x >= 0
18i = i -1
19KeyOutput = Mid(Chars, Cur + 1, 1) & KeyOutput
20If (((29 - i) Mod 6) = 0) And (i <> -1) Then
21i = i -1
22KeyOutput = "-" & KeyOutput
23End If
24Loop While i >= 0
25ConvertToKey = KeyOutput
26End Function
Festplatten in Proxmox bewegen #
Dieses Script migriert alle Festplatten einer VM auf einen anderen Storage
1#!/bin/bash
2
3VMID=0
4STORAGE_DEST=""
5HOST_DEST=""
6
7while getopts ":i:s:h" opt
8do
9 case $opt in
10 i ) VMID=$OPTARG ;;
11 s ) STORAGE_DEST=$OPTARG ;;
12 h ) HOST_DEST=$OPTARG ;;
13 \? ) echo "Error"
14 exit 1 ;;
15 : ) echo "Option -$OPTARG requires an argument"
16 exit 1 ;;
17 esac
18done
19
20VMS="$(qm list | egrep "[0-9]{3}" | awk '{print $1}')"
21echo $VMS
22
23if [[ $VMID=="all" ]]
24then
25 for j in $VMS; do
26 DISCOS="$(qm config $j | egrep "^virtio[0-9]|^scsi[0-9]" | awk '{print $1}' | tr -d ":")"
27 echo $DISCOS
28 for i in $DISCOS; do
29 qm move_disk $j $i $STORAGE_DEST --delete --format qcow2
30 done
31 done
32else
33 DISCOS="$(qm config $VMID | egrep "^virtio[0-9]|^scsi[0-9]" | awk '{print $1}' | tr -d ":")"
34 for i in $DISCOS; do
35 qm move_disk $VMID $i $STORAGE_DEST --delete --format qcow2
36 done
37
38fi
39#qm migrate $VMID $HOST_DEST --online
Reset aller lokalem Sicherheitsrichtlinien #
1secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
Einspielen neuer lokaler Sicherheitsrichtlinien #
1secedit /configure /db %windir%\security\new.sdb /cfg C:\Temp\Unternehmenssicherheit_W11.inf /overwrite /log C:\Temp\security_log.txt
Reset aller Policies unter Windows #
1secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
2
3RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
4RD /S /Q "%WinDir%\System32\GroupPolicy"
5
6reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies" /f
7reg delete "HKCU\Software\Microsoft\WindowsSelfHost" /f
8reg delete "HKCU\Software\Policies" /f
9reg delete "HKLM\Software\Microsoft\Policies" /f
10reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies" /f
11reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
12reg delete "HKLM\Software\Microsoft\WindowsSelfHost" /f
13reg delete "HKLM\Software\Policies" /f
14reg delete "HKLM\Software\WOW6432Node\Microsoft\Policies" /f
15reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies" /f
16reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
17
18gpupdate /force
Reset der User Folder Redirection Policy unter Windows #
1Windows Registry Editor Version 5.00
2
3[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
4"AppData"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
5 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
6 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,00,00
7"Cache"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,4c,\
8 00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,4c,00,\
9 6f,00,63,00,61,00,6c,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,\
10 00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,54,00,65,00,\
11 6d,00,70,00,6f,00,72,00,61,00,72,00,79,00,20,00,49,00,6e,00,74,00,65,00,72,\
12 00,6e,00,65,00,74,00,20,00,46,00,69,00,6c,00,65,00,73,00,00,00
13"Cookies"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
14 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
15 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,\
16 73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,\
17 00,43,00,6f,00,6f,00,6b,00,69,00,65,00,73,00,00,00
18"Desktop"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
19 4c,00,45,00,25,00,5c,00,44,00,65,00,73,00,6b,00,74,00,6f,00,70,00,00,00
20"Favorites"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
21 4c,00,45,00,25,00,5c,00,46,00,61,00,76,00,6f,00,72,00,69,00,74,00,65,00,73,\
22 00,00,00
23"History"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
24 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,4c,\
25 00,6f,00,63,00,61,00,6c,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,\
26 66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,48,00,69,\
27 00,73,00,74,00,6f,00,72,00,79,00,00,00
28"Local AppData"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,\
29 49,00,4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,\
30 00,4c,00,6f,00,63,00,61,00,6c,00,00,00
31"My Music"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
32 4c,00,45,00,25,00,5c,00,4d,00,75,00,73,00,69,00,63,00,00,00
33"My Pictures"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,\
34 00,4c,00,45,00,25,00,5c,00,50,00,69,00,63,00,74,00,75,00,72,00,65,00,73,00,\
35 00,00
36"My Video"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
37 4c,00,45,00,25,00,5c,00,56,00,69,00,64,00,65,00,6f,00,73,00,00,00
38"NetHood"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
39 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
40 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,\
41 73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,\
42 00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,20,00,53,00,68,00,6f,00,72,00,\
43 74,00,63,00,75,00,74,00,73,00,00,00
44"Personal"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
45 4c,00,45,00,25,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,73,\
46 00,00,00
47"Programs"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
48 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
49 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,\
50 73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,\
51 00,53,00,74,00,61,00,72,00,74,00,20,00,4d,00,65,00,6e,00,75,00,5c,00,50,00,\
52 72,00,6f,00,67,00,72,00,61,00,6d,00,73,00,00,00
53"Recent"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,4c,\
54 00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,00,\
55 6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,\
56 00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,\
57 52,00,65,00,63,00,65,00,6e,00,74,00,00,00
58"SendTo"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,4c,\
59 00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,00,\
60 6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,\
61 00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,\
62 53,00,65,00,6e,00,64,00,54,00,6f,00,00,00
63"Startup"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
64 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
65 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,\
66 73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,\
67 00,53,00,74,00,61,00,72,00,74,00,20,00,4d,00,65,00,6e,00,75,00,5c,00,50,00,\
68 72,00,6f,00,67,00,72,00,61,00,6d,00,73,00,5c,00,53,00,74,00,61,00,72,00,74,\
69 00,75,00,70,00,00,00
70"Start Menu"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,\
71 00,4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,\
72 52,00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,\
73 00,73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,\
74 5c,00,53,00,74,00,61,00,72,00,74,00,20,00,4d,00,65,00,6e,00,75,00,00,00
75"Templates"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
76 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
77 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,\
78 73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,\
79 00,54,00,65,00,6d,00,70,00,6c,00,61,00,74,00,65,00,73,00,00,00
80"{374DE290-123F-4565-9164-39C4925E467B}"=hex(2):25,00,55,00,53,00,45,00,52,00,\
81 50,00,52,00,4f,00,46,00,49,00,4c,00,45,00,25,00,5c,00,44,00,6f,00,77,00,6e,\
82 00,6c,00,6f,00,61,00,64,00,73,00,00,00
83"PrintHood"=hex(2):25,00,55,00,53,00,45,00,52,00,50,00,52,00,4f,00,46,00,49,00,\
84 4c,00,45,00,25,00,5c,00,41,00,70,00,70,00,44,00,61,00,74,00,61,00,5c,00,52,\
85 00,6f,00,61,00,6d,00,69,00,6e,00,67,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,\
86 73,00,6f,00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,\
87 00,50,00,72,00,69,00,6e,00,74,00,65,00,72,00,20,00,53,00,68,00,6f,00,72,00,\
88 74,00,63,00,75,00,74,00,73,00,00,00
Raid löschen #
1mdadm --stop /dev/md0
2for i in "0" "1"; do mdadm --zero-superblock /dev/nvme"$i"n1; done
Raid erstellen #
1yes | mdadm --create -n 2 -l 1 /dev/md0 /dev/nvme[01]n1p1
Partition mit ext4 formatieren #
mkfs.ext4 /dev/md0
oder
yes | mkfs.ext4 -L boot /dev/md0
Swap:
mkswap -f /dev/vg-name/swap
Festplatten Verschlüsselung #
verschlüsseln #
cryptsetup –batch-mode -c aes-cbc-essiv:sha256 -s 256 -y luksFormat /dev/nvme0n1p4
öffnen #
cryptsetup luksOpen /dev/md1 crypt-root
Festplatte Partitionieren #
1for i in "0" "1"; do
2parted -a optimal /dev/nvme"$i"n1 --script \
3unit s \
4mklabel gpt \
5mkpart esp 2048 128MB \
6mkpart grub 128MB 2048MB \
7mkpart raid 2048MB 50GB \
8mkpart linux 50GB 100% \
9set 1 esp on \
10set 2 raid on \
11set 3 raid on;
12done
13
14set 2 bios_grub on \
15set 2 boot on \
LVM #
Gerät hinzufügen #
1pvcreate /dev/mapper/crypt-root
2vgcreate vg-name /dev/mapper/crypt-root
3
4lvcreate -n root -L 4G vg-name
5lvcreate -n var-log -l100%FREE vg-name
Git #
Alle Repos mit Zugriff auf den lokalen Rechner clonen
1tea login add
2for i in $(tea repos ls --fields ssh -o simple -l git.zyria.de -T source); do git clone $i; done
