/ansible-debian-zfs-root

A set of playbook to automatically configure a Debian system with ZFS on root

Primary LanguageJinjaMIT LicenseMIT

Debian ZFS on root bootstrap

This project is a set of ansible playbooks to automate the installation of a Debian system with an encrypted ZFS on root system.

Assumptions on the setup

  • ⚠️ The disk(s) can be erased. ⚠️
  • You want encryption.
  • The system supports UEFI.
  • You want Debian Buster (will not work before Buster. Might work on later versions).
  • You have ansible >2.10 installed on your system.
  • You have a wired connection on your machine.

Installation

Preparing the system

The first step is to setup a live environment in which we will be able to start the installation.

You will need to disable SecureBoot for the installation. We will re-enable it later.

You will need to start by getting a Debian live CD and boot your system with it.

You will then need to install an ssh server an set it up:

sudo apt update
sudo apt install openssh-server
sudo systemctl start sshd

And gather the connection information:

ip addr show scope global | grep inet

Preparing the inventory

⚠️⚠️⚠️

This is the most critical part of the setup and later steps will wipe disks. Be careful with what you set here. You have been warned.

⚠️⚠️⚠️

Edit the inventory file ./inventory.yml and fill in the fields according to the inline documentation.

Starting the installation

⚠️⚠️⚠️ This will wipe the disks you have selected and you will loose all data on them. You have been warned.

In order to install the system, run:

ansible-playbook --diff playbook.yml

Once it is done, you can safely reboot your computer, and will be able to log in remotely!

Post cleanup

  • You should re-enable UEFI secure boot
  • Note that if you have decided to use a mirrored setup, the efi partitions are not replicated and you should setup that up yourself.