Hetzner's root servers (bare metal servers) come with installimage, giving you an interactive auto installer for a few distros. But their spin of Arch Linux comes with some extra cruft, and I want to recreate the process of installing locally from a live usb, without the usb.
Instead of booting into a live image, boot into Hetzner's rescue system (a debian based netboot environment). We're going to pull down a bootstrap environment, chroot into it and use that as our install environment.
1$ cd /tmp
2$ curl -L https://mirror.example.com/archlinux-bootstrap-0000-00-00-x86_64.tar.gz | tar xzvf -
3
4# enable some mirrors
5$ vim root.x86_64/etc/pacman.d/mirrorlist
6# comment out CheckSpace
7$ vim root.x86_64/etc/pacman.conf
8
9# chroot into the arch environment
10$ ./root.x86_64/bin/arch-chroot root.x86_64
11
12# pacman and some tools we need
13$ pacman-key --init
14$ pacman-key --populate archlinux
15$ pacman -Sy mdadm parted reflector
16$ reflector --save /etc/pacman.d/mirrorlist --threads 16 -p https -a 1 --score 5
We (or I) need disk space, and I have 2 8TB disks for this. I don't particularly care about safety, and instead prefer not to think about partitions. Software RAID 0 it is.
I'm aiming for a boot partition and everything else in /.
The extra space is for GRUB.
1# cleanup previous mdadm setup, repeat for all /dev/md*
2$ mdadm --stop /dev/md0
3$ mdadm --remove /dev/md0
4$ mdadm --zero-superblock /dev/sda2
5
6# repartition disks, repeat for all disks
7$ parted /dev/sda
8(parted) mktable gpt
9(parted) mkpart primary 0 1MB
10(parted) mkpart primary 1MB 1GB
11(parted) mkpart primary 1GB 100%
12(parted) set 1 bios_grub on
13(parted) set 2 raid on
14(parted) set 3 raid on
15(parted) quit
16
17$ mdadm --create --verbose --level=0 --metadata=1.2 --raid-devices=2 /dev/md/boot /dev/sda2 /dev/sdb2
18$ mdadm --create --verbose --level=0 --metadata=1.2 --raid-devices=2 /dev/md/root /dev/sda3 /dev/sdb3
19
20$ mkfs.ext4 -v -L root -b 4096 -E stride=128,stripe-width=256 /dev/md126
21$ mkfs.ext4 -v -L boot -b 4096 -E stride=128,stripe-width=256 /dev/md127
22
23$ mount /dev/md126 /mnt
24$ mkdir /mnt/boot
25$ mount /dev/md127 /mnt/boot
Now we can install the actual image we want onto our new disks.
1$ pacstrap /mnt \
2 base base-devel linux linux-firmware intel-ucode \
3 grub mdadm \ # boot
4 arch-install-scripts \ # nice to have arch-chroot when you mess up
5 openssh \ # it's a server, it needs this
6 neovim zsh zsh-completions sudo \
7 qemu-headless
8
9$ genfstab -U /mnt >> /mnt/etc/fstab
10$ mdadm --detail --scan >> /mnt/etc/mdadm.conf
11
12$ arch-chroot /mnt
13
14# add mdadm hooks
15$ nvim /etc/mkinitcpio.conf
16$ mkinitcpio -p linux
From inside our second level chroot (the actual system we'll be keeping), we need to run some extra setup to ensure it can boot up and be connectable.
1$ grub-install /dev/sda
2$ grub-install /dev/sdb
3# configure mdadm modules
4$ nvim /etc/default/grub
5$ grub-mkconfig -o /boot/grub/grub.cfg
Our system has a static IP, but we still need to configure that.
1$ echo medea > /etc/hostname
2$ nvim /etc/systemd/network/10-ether.network
3$ nvim /etc/resolv.conf
4$ systemctl enable systemd-timesyncd systemd-networkd
We also want ssh
1# lock it down, change port, use HostKeyAlgorithms to limit used keys
2$ nvim /etc/ssh/sshd_config
3# disable generation of unused keys
4# /etc/systemd/system/sshdgenkeys.service.d/override.conf
5# [Unit]
6# ConditionPathExists=
7# ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
8# ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
9#
10# [Service]
11# ExecStart=/usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
12$ systemctl edit sshdgenkeys
13$ systemctl enable sshd
14
15# keys to login
16$ nvim /root/.ssh/authorized_keys
1# locale
2$ nvim /etc/locale-gen
3$ locale-gen
4
5$ timedatectl set-timezone UTC
6
7# set better defaults
8$ chsh -s /bin/zsh
9$ nvim /etc/default/useradd
10$ rm /etc/skel/.bash*
11
12# passwordless sudo
13$ groupadd sudo
14$ echo '%sudo ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/sudo
15
16# my user
17$ useradd -m -G sudo arccy
18$ passwd arccy
Hope I didn't get anything wrong and reboot.
If it doesn't work, reboot into rescue,
mount the raid devices into /mnt and /mnt/boot,
and use the arch-chroot from in there to chroot into /mnt