-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathZFS-root.conf.example
175 lines (158 loc) · 7.42 KB
/
ZFS-root.conf.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
#
# Pre-configuration for ZFS-root.sh
# Any vars not set here will be prompted for
#
#
# Proxy config - apt-cacher-ng
#
# PROXY="http://bondi.local:3142/"
PROXY=
#
# Main username and comment
#
USERNAME="cloud-user"
UCOMMENT="Cloud User"
UPASSWORD="password"
#
# Space-separated list of github users from which to pull SSH keys
#
AUTHKEYS=
#
# System name, main zfs pool name, boot pool name
#
MYHOSTNAME="test"
POOLNAME="test"
#
# What version of Ubuntu to install
# noble, jammy, focal, bionic
#
SUITE="noble"
#
# If multidisk, select main pool raid level
# single, mirror, raidz1, raidz2, raidz3
RAIDLEVEL="mirror"
#
# Swap size in megabytes - if HIBERNATE or LUKS set then this
# is a partition otherise it's a zfs dataset.
# Set to 0 to disable swap
SIZE_SWAP=300
#
# Disk encryption and passphrase if ZFSENC or LUKS
# NOENC, ZFSENC, LUKS
#
# If Disk encryption is enabled with ZFSENC or LUKS, then also decide
# on enabling Dropbear for remote unlocking.
# NOTE: Trap for young players ...
# Dropbear expects to see the network when the system boots.
# If it's NOT there (eg. laptop with docking station unplugged)
# then it might sit waiting until timout for the network to show up.
# RTNETLINK answers: File exists will appear and it will just sit ...
# So, do not enable Dropbear for laptops
#
# For ZFS encryption, the passphrase is stored in /etc/zfs/zroot.key and /etc/zfs/zroot.homekey
# zroot.key is for the root datasets, zroot.homekey for the home datasets
# This is so the user can change the key for home so it's different from root
# See `zfs change-key` command
# It is safe to store the keys there as they're not visible until the main root
# dataset is unlocked
#
DISCENC="NOENC"
PASSPHRASE="password"
DROPBEAR=n
#
# For zfsbootmenu there are 3 different ways to install
# EFI : Uses a single EFI image
# KERNEL : Same binary but with the vmlinuz/initrd extracted
# LOCAL : Built and install from the git repo
#
# The EFI image precludes a working syslinux config though - that requires
# a vmlunuz/initrd set to work. In general the KERNEL option is most flexible
#
ZFSBOOTMENU_BINARY_TYPE=KERNEL
#
# For the zfsbootmenu repo type you can choose
# TAGGED : Pulls the latest stable tagged release
# GIT : Pulls the latest full repo, which may be in flux
#
ZFSBOOTMENU_REPO_TYPE=TAGGED
#
# Basic options for install
# See script for descriptions
# Be sure to set ALL vars here to y or n, otherwise script will prompt for them
#
RESCUE=y
GOOGLE=n
HWE=y
ZFSPPA=n
ZREPL=n
HIBERNATE=n
DELAY=n
SOF=n
GNOME=n
KDE=n
NEON=n
XFCE=n
# If you have Nvidia video HW and you *know* which version of driver you want
# it can be preset here. Leaving undefined will cause the script to prompt.
# The package installed will be : nvidia-driver-${NVIDIA}
#
# none for no driver
# 390 or 470 for legacy driver
# 550 for current latest, or whatever version you prefer
NVIDIA=none
# If installing Sound Open Firmware binaries (mostly for laptops) choose
# the version here. Defaults to 2024.06
SOF_VERSION=2024.06
#
# Below are additional options that can be set that do NOT have a menu process
# to ask for their values. Less-likely to be used, and larger ones that are not
# conducive to entering via keyboard ...
#
# Any SSH pubkey to add to new system main user
# This can be in addition to the Github user keys specified above
## SSHPUBKEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3uB7roSJ3EYs9hBAQiUZ9Of53Lm3+JZ6ZVokZnp3CRoRfuVT3zND7DAQYSCo+0MZaaydGB1JrWQfgLImWouiC4bsZEzNhnX6uYQ8qSL8zxsK7xOfeVocP+FHdkKcB85giQFp/onuNwHBWLXw9iC2Z/rrbjN2dPSaDKFWQT7ukE2vqt9TQ6mMpYFBCiHpJUfSxXjgjL7Y1MN58QCJ+PesQEY8hh1DzRBwgY0lY9LYAdrqWwj6AIPPawZTcJnNAwz9wO3a8hAS6i9dK+zHDtSIlArevmP8mpcqhpHEtKZ4TbAel7YRtbvY+w7pENbXQiiNMRkdZ28m6FJAFlIHv/wMpUhgZG3SyfFTDg33VhVFlS0qzvIYjTxMPjGLT4oBXK3+CSBuZKwE3xG39S/oTu++feTCtSu5VZZm9rkzrE77tIoWfGi0eGbfJURP9F9q96F0YuNUAS+gnCw5LzR48sMjqXcUpNHVRwi8XE7TDgl7Fk4JHfJelL3LBjFsZC7uaLmy8I1tk+87xTFd0VyG0cAaX/jMbWn1XGVo1V1uXFYRVmfyiPcJBhUaPQ6z1QDXQzsQLed9nQL9qFFPyjoL0zN7Fp+AVka0kPNhkEl0HIL8KqU7cuoypSeA7EO8Qxk7ay8nSP1PLlYzVUZEvEleBjPHTzO6YZxNMRLZSljp8BoY+lw== Johnny Bravo"
## ####################################################################
## # Specify the host key for the new root-on-zfs system ?
## # Can be the RSA or ECDSA key from /etc/ssh
## # Leave blank for no specific key - ie: use whatever is generated by the openssh installation
# # Comes in handy for repeated testing/installs so you don't have to
# # keep editing ~/.ssh/known_hosts
## # Be sure to use SINGLE quotes for private key
## HOST_ECDSA_KEY='-----BEGIN EC PRIVATE KEY-----
## MHcCAQEEIO+XmG1AGCiQUejcjS/aVMGaocBe7TCsEmLctyNoJWFqoAoGCCqGSM49
## AwEHoUQDQgAEMG1kiuILJZsxJCi1j5xOrA2CpNETWQ5rA94tgjsX6aqpI8re1pwa
## /rnYIYrCL/JafwsmlqKG/HfrkvgozqVn/A==
## -----END EC PRIVATE KEY-----'
## # Be sure to use DOUBLE quotes for public key
## HOST_ECDSA_KEY_PUB="ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDBtZIriCyWbMSQotY+cTqwNgqTRE1kOawPeLYI7F+mqqSPK3tacGv652CGKwi/yWn8LJpaihvx365L4KM6lZ/w= root@installerbox"
## # Be sure to use SINGLE quotes for private key
## HOST_RSA_KEY='-----BEGIN RSA PRIVATE KEY-----
## MIIEpQIBAAKCAQEAzCR0pGQ2ITL2KSgzeASWCGgP+mNQRv+Z7VlOCyjmVctODDl3
## SiMHdsLRyhcP1M9jfTBEncKrt4AQIt1f1bjAG4kNEgh18dMUYWtIIZ3HlGP+Ieux
## EixkakZ2o1qnhmfPG7W3pnw6UHwwZw3Qg6H760PWAmU12gG3YOEuq9DKmBdw2i80
## jqcGGREj+BIdROuPKdH+n3DGE0phQ+NwQzMU77czPh1XwcLBGGpEvvk1zbavyqv5
## dunsz3msMuJZH2oBE2PeWr8E2x+nNQ2XZIZdHJD8WJMiPBvHUBYMo7CSEAzwdWcs
## g8f4umes/LKakv9/h4e47dOOzU1xFwCNo9lOnQIDAQABAoIBAQCPL8Lgy6lr/+LJ
## W3k+ZXkWzGboqWBVbFL7N/iVu0pUQxWrXWNejNNfaabcqPBhxFV0Kbb3MORhAWJQ
## EhZ2Qe/9YFPaojSYOgXBjw45BgJHAxvtjvPUW27TXDk6uwtmKsoKFZuLGveMHI+W
## uQnYSnX4vswNQhBTqYCGY2vo97oikoyTLGEPURbyNpc1NOI7TGuOXHmOAEhw7WN8
## jd1wTm2TEjdqMO6Zk03VJn9h5yu6sR7siqEkzIF5p/sfOXoA2Iwh3Sazrsv63R2p
## XBYhnfnrM3UuEd4cKGJjXrv1gxNu1AKGKdq34izjKw/YKJhGRuiLh+9gdMva2TcV
## dqOqfYQBAoGBAPm2ocF2Hn10Ud/UkcqQc2uPV7+bHhNALzHG5YeXH9vHJq/rm9D8
## UFt3OBneaZMXCWRSl1dTlidmt+yl2wk0JyWFmEHZK2wDu+qcRPKT6y4Du+7QRBQY
## IwrBHWi8reCbM/wL+s8cEGFt19ip6jw1K1JIxkTtC2vtG0ayPATJJyexAoGBANFI
## IAEnZuf3zqECjdNfSr8ITMIfLZhDs/oPBzWUkwMm9jaIi+cf96hSlLFhMWANZOM6
## i2x/68AHT9hINqo25cJeQB0UqLeHaU2JDAKn3LOLtCu7D0bpZKbAVFVgd3XsYrRJ
## z5+Zz80WyXa+pHTqnrhTP0xkvCCmbWjz+Q5T9jytAoGBAKAOzvmpE3wITd5xaw1y
## r3iXBYCcFZfzQQzf1wmk9Vey+/oww8wdnggyj3QNWpBcaLm0MqtXuVwB/AwkdxQc
## KKdlTSWP5MQ0VIPZrFvsMgdpf1FgjvJuUi+3fnk+zxizgougxh9wdpNsi7ilmK0E
## y4LPgL53TiXccepLnirXIFDRAoGAXLzaOcitCCO+c4i/Migq5iYWZXsNaEiwCyH3
## rt2Mm7v7JMUzQZLf2r3lWAjaqVamGy8JM2YoIKrczdmKJ7k17QB45qoN7W3a0tnk
## 8ZRS71j72NkGdwTbbi0R8ddSeHXsczm2AGJXO+laEv19wLVq6gExrneBCfLVzsk1
## 1wyLs+0CgYEAuux1i+/7TMh1LyaiNbqQt4uzlDR+EWnbOBTtku9cE7u/dHuy1roE
## QA4S2UhEX0sXdekqsFsIS/Qo3+H9pLC8mAZ1X0sQl102z2Cks1WVruodf8tF58iu
## FCMSOeHX+wYqyZSm1zLDONoneY5B3zu1Grc8dZRJSons3iaXWl7zj3M=
## -----END RSA PRIVATE KEY-----'
## # Be sure to use DOUBLE quotes for public key
## HOST_RSA_KEY_PUB="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMJHSkZDYhMvYpKDN4BJYIaA/6Y1BG/5ntWU4LKOZVy04MOXdKIwd2wtHKFw/Uz2N9MESdwqu3gBAi3V/VuMAbiQ0SCHXx0xRha0ghnceUY/4h67ESLGRqRnajWqeGZ88btbemfDpQfDBnDdCDofvrQ9YCZTXaAbdg4S6r0MqYF3DaLzSOpwYZESP4Eh1E648p0f6fcMYTSmFD43BDMxTvtzM+HVfBwsEYakS++TXNtq/Kq/l26ezPeawy4lkfagETY95avwTbH6c1DZdkhl0ckPxYkyI8G8dQFgyjsJIQDPB1ZyyDx/i6Z6z8spqS/3+Hh7jt047NTXEXAI2j2U6d root@installerbox"
## ####################################################################