From 69ca504daa3283e17b1006ea05005a86d9a14096 Mon Sep 17 00:00:00 2001 From: Vaslim Date: Thu, 9 Oct 2025 00:46:14 +0200 Subject: [PATCH 1/5] Update to Trixie --- README.md | 14 +++++++------- src/commands/chroot-proxmox.ts | 6 +++--- src/commands/debian-3-system-installation.ts | 2 +- src/commands/files/etc/apt/sources.list | 12 ++++++------ src/commands/zfs-reboot-instructions.ts | 2 +- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 3f08bb2..15e5383 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ with native encryption. This is a more automated way of following these guides: -- [Debian Bookworm Root on ZFS](https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Bookworm%20Root%20on%20ZFS.html) +- [Debian Trixie Root on ZFS](https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Bookworm%20Root%20on%20ZFS.html) (via [OpenZFS Documentation](https://openzfs.github.io/openzfs-docs/)) -- [Install Proxmox VE on Debian 12 Bookworm](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm) +- [Install Proxmox VE on Debian 13 Trixie](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie) (via [Proxmox VE official wiki](https://pve.proxmox.com/wiki)) ## Opinionated @@ -92,8 +92,8 @@ encryption key. Login as `root`. Continue manually at -[Install Proxmox VE Kernel etc](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm#Install_the_Proxmox_VE_Kernel) -in the _Install Proxmox VE on Debian 12 Bookworm_ guide. +[Install Proxmox VE Kernel etc](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie#Install_the_Proxmox_VE_Kernel) +in the _Install Proxmox VE on Debian 13 Trixie_ guide. ## Opinionated: Specifics @@ -198,7 +198,7 @@ Skip the rest; ### Proxmox VE -#### Install a standard Debian 12 Bookworm (amd64) +#### Install a standard Debian 13 Trixie (amd64) ##### Add an /etc/hosts entry for your IP address @@ -220,6 +220,6 @@ Skip the rest; leaving it up to manual installation and configuration. See -[Install Proxmox VE Kernel](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm#Install_the_Proxmox_VE_Kernel) -and the following sections in the _Install Proxmox VE on Debian 12 Bookworm_ +[Install Proxmox VE Kernel](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie#Install_the_Proxmox_VE_Kernel) +and the following sections in the _Install Proxmox VE on Debian 13 Trixie guide. diff --git a/src/commands/chroot-proxmox.ts b/src/commands/chroot-proxmox.ts index b5a8216..39e078d 100644 --- a/src/commands/chroot-proxmox.ts +++ b/src/commands/chroot-proxmox.ts @@ -10,11 +10,11 @@ echo EDITOR=vim >> /etc/environment byobu-enable apt install -y wget -echo "deb [arch=amd64] http://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list +echo "deb [arch=amd64] http://download.proxmox.com/debian/pve trixie pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list cd /etc/apt/trusted.gpg.d/ -wget https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg -O proxmox-release-bookworm.gpg -echo '7da6fe34168adc6e479327ba517796d4702fa2f8b4f0a9833f5ea6e6b48f6507a6da403a274fe201595edc86a84463d50383d07f64bdde2e3658108db7d6dc87 *proxmox-release-bookworm.gpg' | sha512sum --check --strict +wget https://enterprise.proxmox.com/debian/proxmox-release-trixie.gpg -O proxmox-release-trixie.gpg +echo '136673be77aba35dcce385b28737689ad64fd785a797e57897589aed08db6e45 *proxmox-release-trixie.gpg' | sha256sum --check --strict apt update apt full-upgrade -y diff --git a/src/commands/debian-3-system-installation.ts b/src/commands/debian-3-system-installation.ts index 0cd9d36..e6295a7 100644 --- a/src/commands/debian-3-system-installation.ts +++ b/src/commands/debian-3-system-installation.ts @@ -42,7 +42,7 @@ mkdir /mnt/run mount -t tmpfs tmpfs /mnt/run mkdir /mnt/run/lock -debootstrap bookworm /mnt +debootstrap trixie /mnt mkdir /mnt/etc/zfs cp /etc/zfs/zpool.cache /mnt/etc/zfs/ diff --git a/src/commands/files/etc/apt/sources.list b/src/commands/files/etc/apt/sources.list index 3ec89fb..522a8e9 100644 --- a/src/commands/files/etc/apt/sources.list +++ b/src/commands/files/etc/apt/sources.list @@ -1,8 +1,8 @@ -deb http://deb.debian.org/debian bookworm main contrib non-free-firmware -# deb-src http://deb.debian.org/debian bookworm main contrib non-free-firmware +deb http://deb.debian.org/debian trixie main contrib non-free-firmware +# deb-src http://deb.debian.org/debian trixie main contrib non-free-firmware -deb http://deb.debian.org/debian-security bookworm-security main contrib non-free-firmware -# deb-src http://deb.debian.org/debian-security bookworm-security main contrib non-free-firmware +deb http://deb.debian.org/debian-security trixie-security main contrib non-free-firmware +# deb-src http://deb.debian.org/debian-security trixie-security main contrib non-free-firmware -deb http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware -# deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware +deb http://deb.debian.org/debian trixie-updates main contrib non-free-firmware +# deb-src http://deb.debian.org/debian trixie-updates main contrib non-free-firmware diff --git a/src/commands/zfs-reboot-instructions.ts b/src/commands/zfs-reboot-instructions.ts index 230df2f..da4582b 100644 --- a/src/commands/zfs-reboot-instructions.ts +++ b/src/commands/zfs-reboot-instructions.ts @@ -39,7 +39,7 @@ password for zfs: ------------------------------------------------------------- Continue installing Proxmox VE Kernel etc, at -https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm#Install_the_Proxmox_VE_Kernel +https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie#Install_the_Proxmox_VE_Kernel ============================================================= `); From 9084117db7771adc65a0d0f2c7a43e66d5a3ece8 Mon Sep 17 00:00:00 2001 From: Vaslim Date: Thu, 9 Oct 2025 12:19:19 +0200 Subject: [PATCH 2/5] Update readme --- README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 15e5383..0fc58a1 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ with native encryption. This is a more automated way of following these guides: -- [Debian Trixie Root on ZFS](https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Bookworm%20Root%20on%20ZFS.html) +- [Debian (Bookworm) Root on ZFS](https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Bookworm%20Root%20on%20ZFS.html) (via [OpenZFS Documentation](https://openzfs.github.io/openzfs-docs/)) - [Install Proxmox VE on Debian 13 Trixie](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie) (via [Proxmox VE official wiki](https://pve.proxmox.com/wiki)) @@ -68,6 +68,15 @@ sudo NON_INTERACTIVE=true \ https://raw.githubusercontent.com/hugojosefson/proxmox-root-on-encrypted-zfs/main/src/cli.ts \ debian ``` +If the installation fails with an error about ZFS module not being loaded, try this first + +```bash +sudo apt install -y zfs-dkms zfsutils-linux +sudo apt install linux-headers-$(uname -r) +sudo dpkg-reconfigure zfs-dkms +sudo modprobe zfs +``` +and then re-run the installation script. > If you want to inspect the chroot: > From 46c239ad46f7b9e7ad22476aec906419d7359a64 Mon Sep 17 00:00:00 2001 From: Vaslim Date: Thu, 9 Oct 2025 15:27:03 +0200 Subject: [PATCH 3/5] Adapt tmp.mount for Debian 13 --- src/commands/chroot-tmpfs.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/commands/chroot-tmpfs.ts b/src/commands/chroot-tmpfs.ts index f253edc..85ccc7b 100644 --- a/src/commands/chroot-tmpfs.ts +++ b/src/commands/chroot-tmpfs.ts @@ -4,8 +4,8 @@ import { chrootZfsBpool } from "./chroot-zfs-bpool.ts"; export const chrootTmpfs = inChrootCommand( "chrootTmpfs", ` -cp /usr/share/systemd/tmp.mount /etc/systemd/system/ +cp /usr/lib/systemd/system/tmp.mount /etc/systemd/system/ systemctl enable tmp.mount `, ) - .withDependencies([chrootZfsBpool]); + .withDependencies([chrootZfsBpool]); \ No newline at end of file From acd723ab9ae05c49584b632057edff3d824e51e0 Mon Sep 17 00:00:00 2001 From: Vaslim Date: Thu, 9 Oct 2025 15:54:30 +0200 Subject: [PATCH 4/5] Fix pve repos --- src/commands/chroot-proxmox.ts | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/commands/chroot-proxmox.ts b/src/commands/chroot-proxmox.ts index 39e078d..09c9ed5 100644 --- a/src/commands/chroot-proxmox.ts +++ b/src/commands/chroot-proxmox.ts @@ -10,11 +10,10 @@ echo EDITOR=vim >> /etc/environment byobu-enable apt install -y wget -echo "deb [arch=amd64] http://download.proxmox.com/debian/pve trixie pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list +echo "deb [arch=amd64 signed-by=/usr/share/keyrings/proxmox-archive-keyring.gpg] http://download.proxmox.com/debian/pve trixie pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list -cd /etc/apt/trusted.gpg.d/ -wget https://enterprise.proxmox.com/debian/proxmox-release-trixie.gpg -O proxmox-release-trixie.gpg -echo '136673be77aba35dcce385b28737689ad64fd785a797e57897589aed08db6e45 *proxmox-release-trixie.gpg' | sha256sum --check --strict +wget https://enterprise.proxmox.com/debian/proxmox-archive-keyring-trixie.gpg -O /usr/share/keyrings/proxmox-archive-keyring.gpg +echo '136673be77aba35dcce385b28737689ad64fd785a797e57897589aed08db6e45 /usr/share/keyrings/proxmox-archive-keyring.gpg' | sha256sum --check --strict apt update apt full-upgrade -y @@ -24,4 +23,4 @@ apt install -y --download-only proxmox-default-kernel proxmox-ve ); export const chrootProxmox = Command.custom("chrootProxmox") - .withDependencies([chrootBasicSystemEnvironment]); + .withDependencies([chrootBasicSystemEnvironment]); \ No newline at end of file From d53f51c59418c9a847760d0cdc4ba64cc07f1d51 Mon Sep 17 00:00:00 2001 From: Vaslim Date: Mon, 13 Oct 2025 17:52:20 +0200 Subject: [PATCH 5/5] Update readme --- README.md | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0fc58a1..9331f9e 100644 --- a/README.md +++ b/README.md @@ -32,13 +32,24 @@ Only do the first item in the list (until _Open a terminal_). > **Tip!** > > If you want to boot much faster, and get dropped into a shell immediately, you -> may want to use `debian-live-12.*-amd64-standard.iso`! Download it from the +> may want to use `debian-live-13.*-amd64-standard.iso`! Download it from the > same place as the other ISO: > > [https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/](https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/) > > Log in as `user`, with password `live`, if asked. +Also, it might be helpful to install openssh and connect to it from another machine: +```bash +sudo apt install openssh-server +``` + +Make sure that the drives you want to install to are empty, as the script will only use the free (unformatted) space before and you might get errors due to lack of space: + +```bash +wipefs -a /dev/disk-device +``` + Instead of editing files etc. manually, launch this automated script from the terminal: @@ -232,3 +243,14 @@ See [Install Proxmox VE Kernel](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie#Install_the_Proxmox_VE_Kernel) and the following sections in the _Install Proxmox VE on Debian 13 Trixie guide. + +#### Additional notes about Dropbear +- use ```zfsunlock``` to get the password prompt when you login to Dropbear-initramfs +- use the user 'root' +- to generate a compatible key (run on a client computer): ```ssh-keygen -t rsa -f ~/.ssh/pve-dropbear``` +- then copy the generated .pub to ``` /etc/dropbear/initramfs/authorized_keys``` +- if you want dropbear to only ask for the password, add this in front of the public key in auhtorized_keys: +``` no-port-forwarding,no-agent-forwarding,command="/bin/zfsunlock" ssh-rsa ...``` +- to update initramfs after updating the key, run +``` update-initramfs -u -k all ``` +