Rescue initramfs, anyone? With SSH, LUKS, LVM?

[szatox]

I did try debug, and it did help... A bit. I learned I do have eth0, so kernel is good enough for now. I also learned I don't have some pci devices.
I intentionally left out balloon, but my disk is missing too. I'll have to fix this one.
I wonder why there is no echo while typing commands though. Do you intentionally disable it? Just curious.

Meanwhile, I pulled net.net instead of net.static by mistake.
Once I fixed that, I it turned out netdev is still being autodetected by net.py. My interface names differ between machines, and also it stubbornly tried to pull configuration form /sys even though I already defined ip, gw and nic.
After disabling interface name and config checks I got stuck on error "net_device must be set". ugrd prints out this variable with empty value, even though I have set it in config (as a global one at the moment, right next to ip and gw, before any [headers] ). I could have broken this one with too nuclear @disabler though, since I went ahead and blocked _process_net_device as well as _validate_net_device.

It's like INI but in most ways stricter. The main gotcha is defining things under the wrong section

Yeah, and that's the gotcha that's bugging me.
I do like the part about all configs being similar to each other. Using module configs as reference does make things easier.

[zen_desu]

I did try debug, and it did help... A bit. I learned I do have eth0, so kernel is good enough for now. I also learned I don't have some pci devices.
I intentionally left out balloon, but my disk is missing too. I'll have to fix this one.
I wonder why there is no echo while typing commands though. Do you intentionally disable it? Just curious.

Meanwhile, I pulled net.net instead of net.static by mistake.
Once I fixed that, I it turned out netdev is still being autodetected by net.py. My interface names differ between machines, and also it stubbornly tried to pull configuration form /sys even though I already defined ip, gw and nic.
After disabling interface name and config checks I got stuck on error "net_device must be set". ugrd prints out this variable with empty value, even though I have set it in config (as a global one at the moment, right next to ip and gw, before any [headers] ). I could have broken this one with too nuclear @disabler though, since I went ahead and blocked _process_net_device as well as _validate_net_device.

It's like INI but in most ways stricter. The main gotcha is defining things under the wrong section

Yeah, and that's the gotcha that's bugging me.
I do like the part about all configs being similar to each other. Using module configs as reference does make things easier.

echo is not intentionally disabled, I'm not sure what would cause that. I've seen that only when using plymouth.

The net module needs a good bit of work; it's mostly a proof of concept at the moment. I think as you've pointed out, the validation only makes sense for hostonly cases. The network portion needs a mac address or something to use for configuration at runtime, since the interface names aren't very reliable.

At the very least, you'll need to ensure net_device_mac is set. I'll look into it and make sure the user can set that, and honestly it may make sense to have that as a cmdline option.

As a side note, the _process functions are kinda magic, they are called whenever that variable is set. This change could probably exist as a check here: https://github.com/desultory/ugrd/blob/ ... net.py#L13 because if the process portion is entirely skipped, the net_device_mac never gets set (unless the user sets it). Part of the consideration is the processor should update the mac if something weird happens, like the specified interface is defined twice in the config, or redefined.

I _think_ this should fix it: https://github.com/desultory/ugrd/pull/251
edit: https://github.com/desultory/ugrd/pull/252 this should fix the rest, with the static module checking that net_device is set while it should check for net_device_mac.

I really need test coverage for the network stuff, but I think that would require setting up some sort of server to try to talk to the vm (pretty complex compared to current tests)

And yes, I want config to be easy to approach, and the modules being configured the same way a user would manage config makes it feel very cohesive to me. Writing a module is kinda just like a config extension in that sense. That also means a user could reasonably read most of the module toml definitions, especially since I try to document them well. I've been considering writing a custom toml parser to read the modules and use the comments as the description in the config markdown bits. This also means a user can override just about any module setting, by design. At it's core, I want the project to mostly be a framework, so any "opinions" on the routine/flow of the build process can be changed as much as the user would like.

[powerN00b]

So, does anyone have a readily available initramfs (or a recipe for one) which would let me connect via SSH, repartition disk, encrypt it, create an LVM and format root?

Code: Select all

# create initramfs struct
mkdir --parents $PWD/{bin,dev,etc,lib,lib64,mnt/root,proc,root,sbin,sys,run}
cp --archive /dev/{null,console,tty,random,urandom,nvme0n1p1,nvme0n1p2} $PWD/dev/

# progs
for prog in busybox cryptsetup e2fsck; do cp /bin/$prog $PWD/bin; done
chmod +x -R $PWD/bin

#libs
cp /lib64/ld-linux-x86-64.so.2 $PWD/lib64
for line in $(ldd /bin/e2fsck | awk '{print $3}' | awk 'NF'); do cp $line $PWD/lib64/; done

[zen_desu]

BTW, looking at different things I noticed that in cmdline you're parsing boot_option=value pairs and turn them into variables. It's redundant; kernel already provides them as env to init.
Funny thing, a long time ago I saw a similar pattern in genkernel so I _obviously_ replicated it in my own initramfs, and then tried reusing using it for something else, and then - running in a different context - it finally turned out that code didn't even work

I'm looking into this more, I've noticed it will make option=value pairs available, but it doesn't seem to process booleans, like "quiet" or "debug". I'll probably implement the option=value portion at the very least, but grepping for "<space or start of line>option<space or end of line>" splitting before the first "--" if it exists should be reliable enough for bools. Thanks again for this suggestion.


I think it's still up to the initramfs to parse the "init" args (what are after --) and pass them to the init.

https://github.com/desultory/ugrd/pull/253 this should be an improvement.

[dewhite]

The dropbear module should be workable, but I could help make a proper openssh module. That is something I'd like to be included as a core module/option. I've honestly just been unsure how it should be presented because this is not something I use. Your use case has made it clear that one good option could be using SSH as a sort of recovery option, in the event of a timeout, which helps a lot.

Some months have passed since the last comment in this thread, and I now find myself switching to ugRD/Installkernel from Genkernel and wondered if you have made significant progress with an option to fail-over to an SSH server and integrate an MTA? In case you don't hear it often enough from other users - thank you for your contributions to the community and your obvious care for its users!

[zen_desu]

The dropbear module should be workable, but I could help make a proper openssh module. That is something I'd like to be included as a core module/option. I've honestly just been unsure how it should be presented because this is not something I use. Your use case has made it clear that one good option could be using SSH as a sort of recovery option, in the event of a timeout, which helps a lot.

Some months have passed since the last comment in this thread, and I now find myself switching to ugRD/Installkernel from Genkernel and wondered if you have made significant progress with an option to fail-over to an SSH server and integrate an MTA? In case you don't hear it often enough from other users - thank you for your contributions to the community and your obvious care for its users!

https://github.com/desultory/ugrd/tree/ssh

I made this, have not tested it since I made it but just rebased. You should be able to use that branch, add the "ugrd.net.ssh" module, and I believe it should automatically configure to use the same IP your system currently has. It won't support WiFi at all in the current state. It's not meant as a backup and acts as the primary way to receive input when it's used. I'm not sure how I'd be able to integrate this with a timeout mechanism, but it should be possible.

I have not thought of setting up MTA functionality. That sounds interesting, im mostly wondering how credentials would/could be safely stored?