# Build MD RAID-1 mirror + LUKS encryption + LVM Copyright 2018 Tj This collection of scripts, designed for use with Ubuntu, create disk image files which are used as the raw devices for a RAID-1 mirror in which LUKS-encrypted GRUB bootloader and LVM container are configured which can be booted as a virtual machine. The scripts names are all prefixed with: raid1-luks-lvm-test_ and the name suffixes are: CONFIG build unwind chroot-mount launch_vm These all symbolic links to make executing the scripts easier. If operating as a regular user *sudo* will be required to execute: build unwind chroot-mount But `launch-vm` can be executed as the regular user (the files are owned by this user, not root) ## CONFIG Contains sensible defaults for all the environmental variables used to control the scripts. All variables can be over-ridden in the environment before executing a script. E.g to change the disk-file size from the default to 8GiB: DISK_SIZE=$((8 * 1024 * 1024 *1024)) sudo ./build or, if more than one variables needs over-riding: export DISK_SIZE=$((8 * 1024 * 1024 *1024)) export LUKS_PASSPHRASE="test" sudo ./build ## build sudo ./build Creates the disk-files and loop devices on the host then configures the RAID, LUKS, and LVM containers before installing the OS. The result leaves the built system attached as a chroot. ## unwind sudo ./unwind Unwinds the chroot, mounts, LVM, LUKS and RAID and detaches the loop devices to leave just the disk-files. Always do this after using the chroot and *ESPECIALLY before launching a virtual machine*. ## chroot-mount sudo ./chroot-mount Attachs the existing disk-files to loop devices and establishes the full chroot environment. ## launch-vm ./launch-vm Uses QEMU (with kvm acceleration) to attach the disk-files and boot the operating system.o When entering the LUKS passphrase it may take several seconds before the device is unlocked so please be patient. The user may need to be a member of the `kvm` group: sudo aduser $USER kvm (don't forget to log-out/log-in for this change to take effect). ## Notes To check if the disk-files are currently in use: losetup -a