% Serveur Proxmox : ecaz.aezi.fr # Présenter la procédure de démarrage en mode rescue # Nom Ecaz: Ecaz est la quatrième planète d'Alpha Centuri B. L'un de ses produits est le « bois-brouillard », une substance végétale prisée des sculpteurs, car la seule pensée humaine parvient à le façonner. C'est une planète dissociée avant le Jihad butlérien. [Liste des planètes de Dune — Wikipédia](https://fr.wikipedia.org/wiki/Liste_des_plan%C3%A8tes_de_Dune) # Matériel ## Serveur OVH KS-LE-1 KS-LE-1 ### Centre de données rbx (ROUBAIX) RBX-3 42F13 [VMS - Visual Monitoring System - OVHcloud](http://vms.status-ovhcloud.com/) [OVHcloud VMS - Realtime datacenter monitoring](http://vms.status-ovhcloud.com/index_rbx3.html) ### Matériel Intel Xeon E3-1245v2 32GB DDR3 1333MHz 3x 2TB HDD Soft RAID Enterprise Class 300Mbps unmetered public bandwidth # Configuration ## Disques durs ### Schéma de partitionnement #### Boot 512Mo en RAID1 #### Swap - 3 x 11.5Go de RAM #### Données en RAID Le reste de chaque disque dur ### Partitionnement ```bash # for identifier in {a..c} ; do fdisk -l /dev/sd${identifier} ; done Disk /dev/sda: 1.8 TiB, 2000398934016 bytes, 3907029168 sectors Disk model: HGST HUS724020AL Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/sdb: 1.8 TiB, 2000398934016 bytes, 3907029168 sectors Disk model: HGST HUS724020AL Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/sdc: 1.8 TiB, 2000398934016 bytes, 3907029168 sectors Disk model: HGST HUS724020AL Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes ``` Taille partition boot: 536870912 Taille swap sur chaque partition: 12348030976 Taille partition stockage: 2000398934016 - 12348030976 #### Procédure ##### Partitionnement du premier disque ```bash fdisk /dev/sda ``` ##### Sur un système avec UEFI :::warning Bien vérifier si vous avez un système UEFI: ```bash ls /sys/firmware/efi ``` **Si ce fichier n'existe pas, il faut utiliser une table MBR** Source: [Check if Computer Uses UEFI or Legacy BIOS [Linux & Windows]](https://itsfoss.com/check-uefi-or-bios/) ::: ###### Table GPT Création d'une partition de type `gpt` (recommandé [ici](https://unix.stackexchange.com/a/289401/33297)) ``` Command (m for help): g Created a new GPT disklabel (GUID: 7559B5A2-8614-2643-A902-83E81B2F0BBC). ``` ###### Table MBR Création d'une partition de type `MBR` (pour les firmware BIOS) ``` Create a new label g create a new empty GPT partition table G create a new empty SGI (IRIX) partition table o create a new empty DOS partition table s create a new empty Sun partition table Command (m for help): o Created a new DOS disklabel with disk identifier 0xf9044d6d. ``` TODO: à compléter ##### Création des partitions ``` Command (m for help): n Partition number (1-128, default 1): First sector (2048-3907029134, default 2048): Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-3907029134, default 3907029134): +512M Created a new partition 1 of type 'Linux filesystem' and of size 512 MiB. Command (m for help): t Selected partition 1 Partition type (type L to list all types): 29 Changed type of partition 'Linux swap' to 'Linux RAID'. Command (m for help): n Partition number (2-128, default 2): First sector (1050624-3907029134, default 1050624): Last sector, +/-sectors or +/-size{K,M,G,T,P} (1050624-3907029134, default 3907029134): +24117248 Created a new partition 2 of type 'Linux filesystem' and of size 11.5 GiB. Partition type (type L to list all types): 19 Command (m for help): t Partition number (1,2, default 2): 2 Changed type of partition 'Linux filesystem' to 'Linux swap'. Command (m for help): n Partition number (3-128, default 3): First sector (25167873-3907029134, default 25169920): Last sector, +/-sectors or +/-size{K,M,G,T,P} (25169920-3907029134, default 3907029134): Created a new partition 3 of type 'Linux filesystem' and of size 1.8 TiB. Command (m for help): t Partition number (1-3, default 3): Partition type (type L to list all types): 29 Changed type of partition 'Linux filesystem' to 'Linux RAID'. ``` ##### Duplication sur les autres disques **Utilisation de `sfdisk` pour dupliquer sur les autres partitions** `sfdisk` permet de facilement scripter le partitionnement ```bash sfdisk --dump /dev/sda > sda.dump ``` ```bash cat sda.dump ``` :::warning La sortie ci-dessous concerne un disque GPT ::: ```bash # sfdisk -d /dev/sda # cat sda.dump label: gpt label-id: 7559B5A2-8614-2643-A902-83E81B2F0BBC device: /dev/sda unit: sectors first-lba: 2048 last-lba: 3907029134 /dev/sda1 : start= 2048, size= 1048576, type=A19D880F-05FC-4D3B-A006-743F0F84911E, uuid=3699B538-F0E4-A34B-BCCB-F61C4185D75C /dev/sda2 : start= 1050624, size= 24117249, type=0657FD6D-A4AB-43C4-84E5-0933C84B4F4F, uuid=621CE8D2-A4F0-6347-8F4A-70F163ADAE1F /dev/sda3 : start= 25169920, size= 3881859215, type=A19D880F-05FC-4D3B-A006-743F0F84911E, uuid=BD5576BF-1C28-334B-A0EE-9B012DA19F08 ``` Duplication vers les deux autres partitions: ```bash sfdisk /dev/sdb < sda.dump sfdisk /dev/sdc < sda.dump ``` # Chiffrement et configuration du RAID ## Chiffrement des swap Voir [Chiffrement des swap](../../partitionnement/swap-chiffre.html) Exemple pour une partition: ```bash cryptsetup open --type plain --cipher aes-xts-plain64 --key-file /dev/urandom /dev/sda2 cryptswapa ``` Pour les trois: ```bash for identifier in {a..c} ; do cryptsetup open --type plain --cipher aes-xts-plain64 --key-file /dev/urandom /dev/sd${identifier}2 cryptswap${identifier} ; done ``` Puis: ```bash # for identifier in {a..c} ; do mkswap /dev/mapper/cryptswap${identifier}; done Setting up swapspace version 1, size = 11.5 GiB (12348026880 bytes) no label, UUID=239af6e4-fdc8-4467-bcae-ccaa14554461 Setting up swapspace version 1, size = 11.5 GiB (12348026880 bytes) no label, UUID=031019fe-d32b-46fb-98ad-c981e00c351b Setting up swapspace version 1, size = 11.5 GiB (12348026880 bytes) no label, UUID=3f6b2d2c-b07c-4b3e-b981-bf3b00928bd2 ``` Ou en une seule fois: ```bash for identifier in {a..c} ; do cryptsetup open --type plain --cipher aes-xts-plain64 --key-file /dev/urandom /dev/sd${identifier}2 cryptswap${identifier} ; mkswap /dev/mapper/cryptswap${identifier}; done ``` ## Configuration du RAID ### Pour la partition de démarrage ```bash mdadm --create --verbose /dev/md1 --level=1 --raid-devices=3 /dev/sd[a-c]1 ``` Il demande si on est sûr: ```bash # mdadm --create --verbose /dev/md1 --level=1 --raid-devices=3 /dev/sd[a-c]1 mdadm: Note: this array has metadata at the start and may not be suitable as a boot device. If you plan to store '/boot' on this device please ensure that your boot-loader understands md/v1.x metadata, or use --metadata=0.90 mdadm: size set to 523264K Continue creating array? y mdadm: Defaulting to version 1.2 metadata mdadm: array /dev/md1 started. ``` Ensuite on formate cette partition: ```bash mkfs.ext4 /dev/md1 ``` ### Création du RAID5 ```bash mdadm --create --verbose /dev/md0 --level=5 --raid-devices=3 /dev/sd[a-c]3 ``` ### Chiffrement LUKS de la partition principale Initialiser le chiffrement LUKS sur le RAID : ```bash cryptsetup -q -s 512 -c aes-xts-plain64 luksFormat /dev/md0 ``` ```bash # cryptsetup -q -s 512 -c aes-xts-plain64 luksFormat /dev/md0 Enter passphrase for /dev/md0: ``` On récupère l'UUID et **on le note précieusement** : ```bash cryptsetup luksDump /dev/md0 | grep UUID | awk '{print $2}' ``` :::information Cette information (UUID) sera nécessaire au moment de configurer le déchiffrement au démarrage ::: Ouvrir le conteneur chiffré : ```bash cryptsetup luksOpen /dev/md0 raid_crypt ``` Saisir la passphrase: ``` Enter passphrase for /dev/md0: ``` #### Initialisation de LVM ```bash apt update && apt install -y cryptsetup lvm2 debian-keyring ``` #### Configurer LVM Création du *Physical Volume* sur le conteneur LUKS : ```bash pvcreate /dev/mapper/raid_crypt ``` Qui devrait indiquer: ``` Physical volume "/dev/mapper/raid_crypt" successfully created. ``` Création du *Volume Group* ```bash vgcreate vg_raid /dev/mapper/raid_crypt ``` Qui devrait indiquer: ``` Volume group "vg_raid" successfully created ``` Création des volumes logiques : ```bash lvcreate -L 100G -n lv_root vg_raid lvcreate -l 100%FREE -n lv_data vg_raid ``` ``` Logical volume "lv_root" created. Logical volume "lv_data" created. ``` #### Formater et monter les volumes Formater en ext4 : ```bash mkfs.ext4 /dev/vg_raid/lv_root mkfs.ext4 /dev/vg_raid/lv_data ``` # Debootstrap Aller sur la page [Debian -- Details of package debootstrap in bookworm](https://packages.debian.org/bookworm/debootstrap)[Debian -- Details of package debootstrap in bookworm](https://packages.debian.org/bookworm/debootstrap) Récupérer l'adresse dans la section Télécharger et en cliquant sur `all` COpier un des liens et l'utiliser pour télécharger sur le serveur: ```bash wget http://ftp.fr.debian.org/debian/pool/main/d/debootstrap/debootstrap_1.0.128+nmu2+deb12u2_all.deb ``` On l'exécute: ```bash dpkg -i debootstrap*.deb && rm -f debootstrap*.deb ``` ## Préparation montage pour boot Monter les volumes : ```bash mount /dev/vg_raid/lv_root /mnt mkdir /mnt/data mount /dev/vg_raid/lv_data /mnt/data mount /dev/md1 /mnt/boot ``` ```bash apt install -y debian-keyring debootstrap --arch amd64 stable /mnt https://deb.debian.org/debian/ ``` ## Chroot et configuration ### chroot ```bash mount -o bind /dev /mnt/dev mount -t proc proc /mnt/proc mount -t sysfs sys /mnt/sys mount -t devpts devpts /mnt/dev/pts mount -o bind /run /mnt/run ``` Exécuter la commande: ```bash chroot /mnt /bin/bash ``` Autre commande: ```bash XTERM=xterm-color LANG=C.UTF-8 chroot /mnt /bin/bash ``` Voir aussi: [Manually installing Debian 12 (Bookworm) with fully encrypted LUKS (besides /boot) using debootstrap | Steffen’s random thoughts](https://blog.scheib.me/2023/08/28/debootstrapping-debian-bookworm.html) ### Installation de `ifupdown` ``` apt install ifupdown ``` Configuration des interfaces réseau: ```bash cat << EOF > /etc/network/interfaces auto lo iface lo inet loopback auto eth0 allow-hotplug eth0 iface eth0 inet dhcp EOF cat << EOF > /etc/resolv.conf nameserver 1.1.1.1 nameserver 1.0.0.1 EOF _hostname=ecaz _domain=aezi.fr echo "$_hostname" > /etc/hostname echo "127.0.1.1 $_hostname.$_domain $_hostname" >> /etc/hosts ``` ### Configuration de l'heure ```bash echo "Europe/Paris" > /etc/timezone dpkg-reconfigure -f noninteractive tzdata ``` ### Configuration du gestionnaire APT ```bash cat << EOF > /etc/apt/sources.list deb http://deb.debian.org/debian bookworm main contrib non-free-firmware # deb-src http://deb.debian.org/debian bookworm main contrib non-free-firmware deb http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware # deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware # deb http://deb.debian.org/debian bookworm-backports main contrib non-free-firmware # deb-src http://deb.debian.org/debian bookworm-backports main contrib non-free-firmware deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware # deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware EOF ``` ### Désactivation de l'installation des paquest suggérés/recommandés ```bash cat << EOF > /etc/apt/apt.conf.d/999aptsettings APT::Install-Recommends "0"; APT::Install-Suggests "0"; EOF ``` # Installation des paquets nécessaires ```bash apt update && apt install -y busybox console-setup cryptsetup dropbear grub-pc initramfs-tools kbd linux-image-amd64 linux-perf locales ssh dropbear-initramfs cryptsetup-initramfs zstd lvm2 ``` :::information `zstd` est juste là pour éviter un warning lors d'`update-initramfs` ::: ```bash mkdir -p /root/.ssh && chmod 600 /root/.ssh echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEyzZAymNeWxeDjSUzkyEJLzwGqZt+VvdmidomWL0QLb lauhub@Mac-15-Laurent.local" >> /root/.ssh/authorized_keys mkdir -p /etc/dropbear/initramfs/ && chmod 600 /etc/dropbear/initramfs/ echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEyzZAymNeWxeDjSUzkyEJLzwGqZt+VvdmidomWL0QLb lauhub@Mac-15-Laurent.local" >> /etc/dropbear/initramfs/authorized_keys ``` ```bash sed -i.old s/GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"net.ifnames=0\ biosdevname=0\ ip=:::::eth0:dhcp\"/g /etc/default/grub ``` Voir: [debian - GRUB_CMDLINE_LINUX_DEFAULT vs GRUB_CMDLINE_LINUX - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/440961/grub-cmdline-linux-default-vs-grub-cmdline-linux) # Dropbear configuration [LUKS encryption: Enable remote ssh unlocking - iotechonline](https://iotechonline.com/luks-encryption-enable-remote-ssh-unlocking/) On va configurer Dropbear en éditant le fichier `/etc/dropbear/initramfs/dropbear.conf` On y place les options suivantes: ```bash DROPBEAR_OPTIONS="-F -E -p 64357 -s -j -k -I 60" ``` :::information Mais on pourrait ajouter `-c /usr/bin/cryptroot-unlock` comme indiqué ici: [Unlocking a LUKS-encrypted partition via ssh on Debian 12 Bookworm](https://neilzone.co.uk/2023/05/unlocking-a-luks-encrypted-partition-via-ssh-on-debian-12-bookworm/) ::: Édition: ```bash nano /etc/initramfs-tools/initramfs.conf ``` Changer: ``` BUSYBOX=auto ``` En : ``` BUSYBOX=y ``` Ajouter: ``` DEVICE=eth0 ``` #### crypttab Modifier `/etc/crypttab` Et y placer l'UUID notée précédemment en utilisant le label `raid_crypt` défini plus haut: ```bash raid_crypt UUID=203c6910-a804-4a08-8218-b92dc9381905 none luks ``` ### Édition du fichier `/etc/fstab` Éditer `/etc/fstab` et y placer les UUID correspondant respectivement à `/` et `/boot`: 1. celui donné par le volume LVM root (`/dev/mapper/root`): ```bash blkid | grep lv_root /dev/mapper/vg_raid-lv_root: UUID="xxxxxxxxxxxxxxxxxxxxxxxxxxxx" BLOCK_SIZE="4096" TYPE="ext4" ``` 2. celui donné par le volume RAID1: ```bash blkid | grep md1 /dev/md1: UUID="yyyyyyyyyyyyyyyyyyyyyyyyyyyy" BLOCK_SIZE="1024" TYPE="ext4" ``` ```bash UUID=xxxxxxxxxxxxxxxxxxxxxxxxxxxx / ext4 defaults,relatime 0 1 UUID=yyyyyyyyyyyyyyyyyyyyyyyyyyyy /boot ext4 defaults,relatime 0 2 ``` ### Installation de mdadm dans le nouveau système Il faut installer le paquet `mdadm` et/ou le reconfigurer: ```bash apt install mdadm ``` Ou: ```bash dpkg-reconfigure mdadm ``` Ceci va regénérer le fichier `/etc/mdadm/mdadm.conf` ### Installation de `grub` On installe grub sur les trois disques de sorte qu'ils puissent tous booter: ```bash for identifier in {a..c} ; do grub-install /dev/sd${identifier} ; done ``` Les trois sorties devraient donner: ``` Installing for i386-pc platform. Installation finished. No error reported. ``` ### Mise à jour de l'initramfs ```bash update-grub && update-initramfs -u -k all ``` Normalement il ne devrai pas y avoir de Warning (sauf pour gzip éventuellement) ### Clé SSH pour root Ceci c'est pour éviter de se retrouver coincé si l'utilisateur principal n'arrive pas à se connecter (pour des questions de permissions/propriété sur son dossier `.ssh`, erreur courante si on oublie ce détail): ```bash echo "ssh-ed25519 AAAAyourED25519publicKeyTextHere comment_about_the_key" >> /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys ``` ### Création de l'utilisateur ```bash adduser lauhub ``` Mettre un mot de passe fort !!! ```bash apt install sudo adduser lauhub sudo ``` Ajout du fichier `authorized_keys`: ```bash echo "ssh-ed25519 AAAAyourED25519publicKeyTextHere comment_about_the_key" >> /home/lauhub/.ssh/authorized_keys chmod 600 /home/lauhub/.ssh/authorized_keys chmod 700 /home/lauhub/.ssh chown -R lauhub:lauhub /home/lauhub ``` # Fin de l'installation ```bash exit ``` Puis: ```bash umount /mnt/dev/pts umount /mnt/{boot,dev,proc,sys,run} umount /mnt/data umount /mnt cryptsetup luksClose raid_crypt ``` # Dépannage en cas de non démarrage ## Remontage ```bash cryptsetup luksOpen /dev/sda2 root ``` Saisir passphrase: ```bash mount mount /dev/vg_raid/lv_root /mnt mount /dev/vg_raid/lv_data /mnt/data mount /dev/md1 /mnt/boot mount -o bind /dev /mnt/dev mount -t proc proc /mnt/proc mount -t sysfs sys /mnt/sys chroot /mnt /bin/bash ``` # Post installation ## Désactivation de `dropbear` Ceci pour éviter qu'il ne soit en conflit avec `openssh-server`: ```bash systemctl disable dropbear ``` ## Installation des paquets ```bash apt install man manpages sudo dbus dbus-user-session systemd libsystemd-dev libsystemd0 ``` ## COnfiguration ```bash sudo dpkg-reconfigure tzdata tasksel install standard ```` ```bash $ sudo ufw allow ssh Rules updated Rules updated (v6) $ sudo ufw allow http Rules updated Rules updated (v6) $ sudo ufw allow https Rules updated Rules updated (v6) $ sudo ufw allow out to any port 53 $ sudo ufw default allow outgoing $ sudo ufw default allow routed ``` ``` sudo nano /etc/default/ufw ``` Mettre: `DEFAULT_FORWARD_POLICY="ACCEPT"` Source: [Proxmox - Server setup · GitHub](https://gist.github.com/rdroro/9988478) ## Verrouillage de `cryptroot-unlock` dans `dropbear` On vérifie que le fichier /usr/bin/cryptroot-unlock est bien présent dans le fichier *initramfs* Par exemple (adapter le nom du `initrd`): ```bash # lsinitramfs /boot/initrd.img-6.1.0-30-amd64 | grep cryptroot ... usr/bin/cryptroot-unlock ``` La dernière ligne montre que ce fichier existe bien. On peut donc ajouter `-c /usr/bin/cryptroot-unlock` dans `/etc/dropbear/initramfs/dropbear.conf` : ```bash DROPBEAR_OPTIONS="-F -E -p 64357 -s -j -k -I 60 -c /usr/bin/cryptroot-unlock" ``` Puis on update l'*initramfs* et on *reboote* pour tester: ```bash update-initramfs -u -k all ``` # Autres ## Gérer les locales ```bash dpkg-reconfigure locales ``` ## Fingerprint du serveur ```bash # ssh-keyscan localhost 2> /dev/null | ssh-keygen -l -f - 256 SHA256:kRU92vV61Pwx+A3Vsj/qW5nnOZrNzcnRTR21JiyRoYc localhost (ECDSA) 256 SHA256:dx3SHsBKaScxp8tr8CWB/9PGBX+V1GnMLPSQxiAiqDw localhost (ED25519) 3072 SHA256:jzYg1XEI63CIs8Y8bdVWQzB2FJHLNl95XMWpksKZ8VA localhost (RSA) ``` ### Fingerprint dropbear ```bash # dropbearkey -y -f /etc/dropbear/dropbear_ecdsa_host_key Public key portion is: ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDjX6nBrFFgAArq0Q7mew5lPWczswjfgtWySaYfjetOnRYSmHzB4vLosmToCBX6uJxmThKtcMkAmATRl9jzEKic= root@rescue-customer-eu Fingerprint: SHA256:vVNjmNthQRiVWgt+GsARWCg4Er2zXpswyARdDphJO0Q # dropbearkey -y -f /etc/dropbear/dropbear_ed25519_host_key Public key portion is: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICThqIP4UA4sD9eXUXfsihQOlFclk4WGxZs7b8okDrJE root@rescue-customer-eu Fingerprint: SHA256:OfKnch1/6/bLv0s4GRkQ8RNiMEQJp2I4XfJr3YqYKFI # dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key Public key portion is: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUDlNRIjVvfmzgxuUnIROA9kVHgscTTQ55N0hUX31S1IcsP/A7bU4ZLFknL3rW0BtVGMIu9qagQW5+p8QnnOenG6EAL/tZvYnOKRRS4fCbiDMISpeillyZSXv/SDKiTyoxAel10B9m94vQDowM7nyTpeL3Kw8cCew6/hniIWTVJV94PdTundJX97ZwxkE3kNsFMz4bCKmLm2D1IlMRTdOBibMYbgwgWzH4LuSMJPsqMh/GWiuE1LXpM6dfG4zKt0hEFs7MQdailiFpKM30Gq8QzBlOwO+yMMAIK38A+znA0TkJbXwbOXIiqG2y+/tKjJmlveVOrf/OMADQfc4dui3t root@rescue-customer-eu Fingerprint: SHA256:wPwMGdA3zaQVdx5VOY+QIpHRd68ME+z8lcwwSSq930E ``` ## En mode rescue Le name server de ecaz: nameserver 213.186.33.99 ### interface réseau / DHCP ```bash # cat /etc/network/interfaces.d/55-rescue auto eth0 allow-hotplug eth0 iface eth0 inet dhcp accept_ra 0 ``` ```bash # cat /etc/network/interfaces.d/60-rescue-ipv6 iface eth0 inet6 static address 2001:41d0:2:b647::1/128 gateway 2001:41d0:0002:b6ff:ff:ff:ff:ff ``` ## Remplacer une table GPT en MBR :::information Nécessaire si `install-grub` indique ce genre d'erreur ``` # grub-install /dev/sda Installing for i386-pc platform. grub-install: warning: this GPT partition label contains no BIOS Boot Partition; embedding won't be possible. grub-install: error: embedding is not possible, but this is required for RAID and LVM install. ``` ::: Pour convertir une partition GPT en MBR: Lancer `gdisk`: ```bash gdisk /dev/sdX ``` Utiliser `r` (*recovery and transformation*) puis `g` pour transformer GPT en MBR: ``` Found valid GPT with protective MBR; using GPT. Command (? for help): r Recovery/transformation command (? for help): g ``` Vérifier avec `p` puis écrire la table avec `w` (en confirmant la modification ensuite) : ``` MBR command (? for help): p ** NOTE: Partition numbers do NOT indicate final primary/logical status, ** unlike in most MBR partitioning tools! ** Extended partitions are not displayed, but will be generated as required. Disk size is 3907029168 sectors (1.8 TiB) MBR disk identifier: 0x00000000 MBR partitions: Can Be Can Be Number Boot Start Sector End Sector Status Logical Primary Code 1 2048 1050623 primary Y Y 0xFD 2 1050624 25167872 primary Y 0x82 3 25169920 3907029134 primary Y Y 0xFD MBR command (? for help): w ``` Confirmer: ``` Converted 3 partitions. Finalize and exit? (Y/N): y ``` ``` Warning: The kernel is still using the old partition table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) GPT data structures destroyed! You may now partition the disk using fdisk or other utilities. ``` Recommencer pour les deux autres disques `sdb` et `sdc` À ce niveau il semble utile de démonter toutes les partitions ete de fermer le volume chiffré avant de faire le `partprobe` :::warning Il est possible que les UUID changent !!! **Bien vérifier !** ::: Ensuite, on remonte tout et on [`chroot` à nouveau](#chroot) ### Aide du recovery de gdisk ``` # gdisk /dev/sda GPT fdisk (gdisk) version 1.0.3 Partition table scan: MBR: protective BSD: not present APM: not present GPT: present Found valid GPT with protective MBR; using GPT. Command (? for help): r Recovery/transformation command (? for help): ? b use backup GPT header (rebuilding main) c load backup partition table from disk (rebuilding main) d use main GPT header (rebuilding backup) e load main partition table from disk (rebuilding backup) f load MBR and build fresh GPT from it g convert GPT into MBR and exit h make hybrid MBR i show detailed information on a partition l load partition data from a backup file m return to main menu o print protective MBR data p print the partition table q quit without saving changes t transform BSD disklabel partition v verify disk w write table to disk and exit x extra functionality (experts only) ? print this menu ``` Source: [Converting between GPT and MBR hard drive without losing data - Super User](https://superuser.com/questions/1250895/converting-between-gpt-and-mbr-hard-drive-without-losing-data) # Références [raid_logiciel [Wiki ubuntu-fr]](https://doc.ubuntu-fr.org/raid_logiciel) # Fichiers de configuration ## Première installation 20250125 /etc/mdadm/mdadm.conf :::information ```bash mdadm --detail --scan >> /etc/mdadm/mdadm.conf ``` ::: ``` # mdadm.conf # # !NB! Run update-initramfs -u after updating this file. # !NB! This will ensure that initramfs has an uptodate copy. # # Please refer to mdadm.conf(5) for information about this file. # # by default (built-in), scan all partitions (/proc/partitions) and all # containers for MD superblocks. alternatively, specify devices to scan, using # wildcards if desired. #DEVICE partitions containers # automatically tag new arrays as belonging to the local system HOMEHOST # instruct the monitoring daemon where to send mail alerts MAILADDR root # definitions of existing MD arrays # This configuration was auto-generated on Sat, 25 Jan 2025 00:00:23 +0000 by mkconf ARRAY /dev/md1 metadata=1.2 name=rescue-customer-eu:1 UUID=002796eb:8cba5b52:335ca63b:ec14cf91 ARRAY /dev/md0 metadata=1.2 name=rescue-customer-eu:0 UUID=ba46c22d:137098a7:4876ebc9:18bf0148 ``` /etc/fstab ``` UUID=b890c459-64a5-4db7-b526-3e677be8cdb9 / ext4 defaults,relatime 0 1 UUID=7e4d9e7d-970a-4aaf-a9fc-f365033348ed /boot ext4 defaults,relatime 0 2 ``` /etc/crypttab ``` # raid_crypt UUID=5e99eca6-5db2-4f4b-bea8-6c6dff404406 none luks ``` /etc/default/grub ``` # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet ip=:::::eno1:dhcp" GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0 ip=:::::eth0:dhcp" #GRUB_DEVICE_UUID=7e4d9e7d-970a-4aaf-a9fc-f365033348ed # If your computer has multiple operating systems installed, then you # probably want to run os-prober. However, if your computer is a host # for guest OSes installed via LVM or raw disk devices, running # os-prober can cause damage to those guest OSes as it mounts # filesystems to look for things. #GRUB_DISABLE_OS_PROBER=false # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" ``` /etc/dropbear/initramfs/dropbear.conf ``` # Configuration options for the dropbear-initramfs boot scripts. # Variable assignment follow shell semantics and escaping/quoting rules. # You must run update-initramfs(8) to effect changes to this file (like # for other files in the '/etc/dropbear/initramfs' directory). # # Command line options to pass to dropbear(8) # #DROPBEAR_OPTIONS="" DROPBEAR_OPTIONS="-F -E -p 64357 -s -j -k -I 60" # # On local (non-NFS) mounts, interfaces matching this pattern are # brought down before exiting the ramdisk to avoid dirty network # configuration in the normal kernel. # The special value 'none' keeps all interfaces up and preserves routing # tables and addresses. # #IFDOWN="*" # # On local (non-NFS) mounts, the network stack and dropbear are started # asynchronously at init-premount stage. This value specifies the # maximum number of seconds to wait (while the network/dropbear are # being configured) at init-bottom stage before terminating dropbear and # bringing the network down. # If the timeout is too short, and if the boot process is not blocking # on user input supplied via SSHd (ie no remote unlocking), then the # initrd might pivot to init(1) too early, thereby causing a race # condition between network configuration from initramfs vs from the # normal system. # #DROPBEAR_SHUTDOWN_TIMEOUT=60 ``` # Webographie ## Partitionnement * [Linux Partitioning Recommendations | Average Linux User](https://averagelinuxuser.com/linux-partitioning-recommendations/) * [Utiliser LVM pour la swap](https://j.hommet.net/utiliser-lvm-pour-la-swap/) * [11.2.2. Creating an LVM2 Logical Volume for Swap | Red Hat Product Documentation](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/4/html/system_administration_guide/adding_swap_space-creating_an_lvm2_logical_volume_for_swap#Adding_Swap_Space-Creating_an_LVM2_Logical_Volume_for_Swap) * [partitioning - How can I modify the size of swap with LVM partitions? - Ask Ubuntu](https://askubuntu.com/questions/226520/how-can-i-modify-the-size-of-swap-with-lvm-partitions) * [proxmox partition scheme - Lilo](https://search.lilo.org/?q=proxmox+partition+scheme&plugin=lilose) * [How to hard drive partitioning | Page 2 | Proxmox Support Forum](https://forum.proxmox.com/threads/how-to-hard-drive-partitioning.52863/page-2) * [Partitionnement du disque du serveur Proxmox – Manon Biaudelle. Administration systèmes et réseaux](https://www.biaudelle.fr/partitionnement-du-disque-du-serveur-proxmox/) * [Proxmox : partitionner un disque - RDR-IT](https://rdr-it.com/proxmox-partitionner-un-disque/) * [proxmox debian zfs or ext4 - Recherche Google](https://www.google.fr/search?q=proxmox%20debian%20zfs%20or%20ext4) * [Best practices question (Ext4/zfs/raw/qcow2) | Proxmox Support Forum](https://forum.proxmox.com/threads/best-practices-question-ext4-zfs-raw-qcow2.142094/) * [ZFS and EXT4 mixed? | Proxmox Support Forum](https://forum.proxmox.com/threads/zfs-and-ext4-mixed.66730/) * [ZFS or something else? | Proxmox Support Forum](https://forum.proxmox.com/threads/zfs-or-something-else.73917/) * [[SOLVED] - Good Practice for Disks Setup | Proxmox Support Forum](https://forum.proxmox.com/threads/good-practice-for-disks-setup.113957/) * [luks | Proxmox Support Forum](https://forum.proxmox.com/tags/luks/) * [[TUTORIAL] - Adding Full Disk Encryption to Proxmox | Proxmox Support Forum](https://forum.proxmox.com/threads/adding-full-disk-encryption-to-proxmox.137051/) ## Installation * [Install Proxmox VE on Debian 12 Bookworm - Proxmox VE](https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm) * [Installing Proxmox VE](https://pve.proxmox.com/pve-docs/chapter-pve-installation.html#install_recommended_requirements) * [Encrypting Proxmox VE (Best Methods) | Proxmox Support Forum](https://forum.proxmox.com/threads/encrypting-proxmox-ve-best-methods.88191/) * [[SOLVED] How to remove an MDADM Raid Array, Once and For All!](https://ubuntuforums.org/showthread.php?t=884556) * [Using multiple swap partitions in a specific order on Linux | www.bentasker.co.uk](https://www.bentasker.co.uk/posts/documentation/linux/using-multiple-swap-partitions-in-a-specific-order-on-linux.html) * [Architecture de services avec Proxmox sur un serveur kimsufi - Vincent Dillenschneider](https://vdillenschneider.fr/architecture-de-services-avec-proxmox-sur-un-serveur-kimsufi) * [lvcreate with max size available](https://www.linuxquestions.org/questions/linux-hardware-18/lvcreate-with-max-size-available-749253/) * [Manually installing Debian 12 (Bookworm) with fully encrypted LUKS (besides /boot) using debootstrap | Steffen’s random thoughts](https://blog.scheib.me/2023/08/28/debootstrapping-debian-bookworm.html) * [linux - How to wait for mdadm RAID array's resync process to fully complete? - Stack Overflow](https://stackoverflow.com/questions/77328149/how-to-wait-for-mdadm-raid-arrays-resync-process-to-fully-complete) * [mdadm(8): manage MD devices aka Software RAID - Linux man page](https://linux.die.net/man/8/mdadm) * [Re: restarting a debootstrap install ...](https://lists.debian.org/debian-user/2003/11/msg00053.html) * [windows server 2008 - How long does a RAID-5 array of 4x1TB disks take to format ad synchronize? - Server Fault](https://serverfault.com/questions/197916/how-long-does-a-raid-5-array-of-4x1tb-disks-take-to-format-ad-synchronize) * [windows - Is it safe to transfer files to a raid 5 array while it is re-synching? - Super User](https://superuser.com/questions/734837/is-it-safe-to-transfer-files-to-a-raid-5-array-while-it-is-re-synching) * [LUKS encryption: Enable remote ssh unlocking - iotechonline](https://iotechonline.com/luks-encryption-enable-remote-ssh-unlocking/) * [How to fix the missing keymaps in Debian and Ubuntu (localectl: Failed to read list of keymaps)](https://www.claudiokuenzler.com/blog/1257/how-to-fix-missing-keymaps-debian-ubuntu-localectl-failed-read-list) * ["cryptsetup: WARNING: target" "not found in /etc/crypttab" raid - Recherche Google](https://www.google.fr/search?q=%22cryptsetup%3A+WARNING%3A+target%22+%22not+found+in+%2Fetc%2Fcrypttab%22+raid&sca_esv=6f6ef97cc27b3c94&ei=-S-UZ5-6NdGkkdUP1KjA6Ak&ved=0ahUKEwjfmrrIzo-LAxVRUqQEHVQUEJ0Q4dUDCBA&uact=5&oq=%22cryptsetup%3A+WARNING%3A+target%22+%22not+found+in+%2Fetc%2Fcrypttab%22+raid&gs_lp=Egxnd3Mtd2l6LXNlcnAiPyJjcnlwdHNldHVwOiBXQVJOSU5HOiB0YXJnZXQiICJub3QgZm91bmQgaW4gL2V0Yy9jcnlwdHRhYiIgcmFpZEiYMVDnDFi7LHAEeACQAQCYAVigAfIBqgEBM7gBA8gBAPgBAZgCAKACAJgDAIgGAZIHAKAH2AU&sclient=gws-wiz-serp) * [Manually installing Debian 11 (Bullseye) with fully encrypted LUKS (besides /boot) using debootstrap | Steffen’s random thoughts](https://blog.scheib.me/2023/05/01/debootstrapping-debian.html) * [updates - Ubuntu 20.04 kernel upgrade -> encrypted Volume group cannot be found + crypttab empty - Ask Ubuntu](https://askubuntu.com/questions/1256247/ubuntu-20-04-kernel-upgrade-encrypted-volume-group-cannot-be-found-crypttab) * [ubuntu - /etc/crypttab not updating in initramfs - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/708445/etc-crypttab-not-updating-in-initramfs) * [SOLVED encrypted devices naming in fstab and crypttab - Debian User Forums](https://forums.debian.net/viewtopic.php?t=143295) * [cryptsetup - Why my encrypted LVM volume (LUKS device) won't mount at boot time? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/107810/why-my-encrypted-lvm-volume-luks-device-wont-mount-at-boot-time) * [debian - Luks, ssh unlock, Strange behaviour, Invalid authorized_keys file - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/411945/luks-ssh-unlock-strange-behaviour-invalid-authorized-keys-file) * [Unlocking a LUKS-encrypted partition via ssh on Debian 12 Bookworm](https://neilzone.co.uk/2023/05/unlocking-a-luks-encrypted-partition-via-ssh-on-debian-12-bookworm/) * [Remote Unlocking LUKS Drive at Boot | Proxmox Support Forum](https://forum.proxmox.com/threads/remote-unlocking-luks-drive-at-boot.38745/) * [dns - How to advertise hostname to router (via DHCP) in initramfs with dropbear? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/736965/how-to-advertise-hostname-to-router-via-dhcp-in-initramfs-with-dropbear) * ["bookworm" dropbear initramfs - Lilo](https://search.lilo.org/?q=%22bookworm%22+dropbear+initramfs&plugin=lilose&page=1) * [Linux kernel parameters: what is the difference of net.ifnames=0 and biosdevname=0 - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/637295/linux-kernel-parameters-what-is-the-difference-of-net-ifnames-0-and-biosdevname) * [debian - How to enable "Predictable Network Interface Names"? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/141227/how-to-enable-predictable-network-interface-names) * [raid - Getting debug output from a debian initramfs - Server Fault](https://serverfault.com/questions/47875/getting-debug-output-from-a-debian-initramfs) * [Chapter 3. The system initialization](https://www.debian.org/doc/manuals/debian-reference/ch03.en.html) * [docs/maintainer-notes.md · debian/latest · Debian kernel team / initramfs-tools · GitLab](https://salsa.debian.org/kernel-team/initramfs-tools/-/blob/debian/latest/docs/maintainer-notes.md) * [initramfs - Debian Wiki](https://wiki.debian.org/initramfs) * [Debian: Unlock LUKS root partition remotely by SSH using dropbear – arminpech.de](https://www.arminpech.de/2019/12/23/debian-unlock-luks-root-partition-remotely-by-ssh-using-dropbear/) * [grub-install mdadm - Lilo](https://search.lilo.org/?q=grub-install+mdadm&plugin=lilose&page=1) * [debian - How do I make grub install on a software-raid disk? - Server Fault](https://serverfault.com/questions/1019079/how-do-i-make-grub-install-on-a-software-raid-disk) * [grub2 - Required GRUB modules for booting on mdadm RAID1 - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/196212/required-grub-modules-for-booting-on-mdadm-raid1) * [grub2 - Simple mdadm RAID 1 setup for booting degraded and reverting upgrades? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/564665/simple-mdadm-raid-1-setup-for-booting-degraded-and-reverting-upgrades) * [linux - How to correctly install GRUB on a soft RAID 1? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/230349/how-to-correctly-install-grub-on-a-soft-raid-1) * [grub-install: warning: this GPT partition label contains no BIOS Boot Partition; embedding won't be possible. - Lilo](https://search.lilo.org/?q=grub-install:+warning:+this+GPT+partition+label+contains+no+BIOS+Boot+Partition;+embedding+won%27t+be+possible.&plugin=lilose) * [partitioning - grub2-install: "this GPT partition label contains no BIOS Boot Partition" - Super User](https://superuser.com/questions/903112/grub2-install-this-gpt-partition-label-contains-no-bios-boot-partition) * [ssh-keyscan remote host - Lilo](https://search.lilo.org/?q=ssh-keyscan+remote+host&plugin=lilose) * [arguments - How can I force ssh to accept a new host fingerprint from the command line? - Stack Overflow](https://stackoverflow.com/questions/21383806/how-can-i-force-ssh-to-accept-a-new-host-fingerprint-from-the-command-line) * [How to unlock LUKS disk encryption remotely via SSH](https://www.privex.io/articles/unlock-luks-remotely-ssh-dropbear/) * [ubuntu - Display public keys + fingerprints of Dropbear SSH server - Server Fault](https://serverfault.com/questions/974928/display-public-keys-fingerprints-of-dropbear-ssh-server) * [Check if Computer Uses UEFI or Legacy BIOS [Linux & Windows]](https://itsfoss.com/check-uefi-or-bios/) * [initramfs log /boot - Recherche Google](https://www.google.fr/search?q=initramfs%20log%20/boot) * [boot - How to debug initramfs scripts? - Ask Ubuntu](https://askubuntu.com/questions/469246/how-to-debug-initramfs-scripts) * [Converting between GPT and MBR hard drive without losing data - Super User](https://superuser.com/questions/1250895/converting-between-gpt-and-mbr-hard-drive-without-losing-data) * [sudo shutdown -r now Failed to connect to bus: No such file or directory - Recherche Google](https://www.google.fr/search?q=sudo%20shutdown%20-r%20now%20Failed%20to%20connect%20to%20bus:%20No%20such%20file%20or%20directory) * [server - How to debug: Failed to connect to bus: No such file or directory (systemctl --user status)? - Ask Ubuntu](https://askubuntu.com/questions/1458082/how-to-debug-failed-to-connect-to-bus-no-such-file-or-directory-systemctl-u) * [docker - Failed to connect to bus: No such file or directory - Stack Overflow](https://stackoverflow.com/questions/45014584/failed-to-connect-to-bus-no-such-file-or-directory) * [16.04 - I can't use the shutdown command because the system "Failes to Connect to bus: No such file or directory" - Ask Ubuntu](https://askubuntu.com/questions/999042/i-cant-use-the-shutdown-command-because-the-system-failes-to-connect-to-bus-n) * [macos - Keyboard preferences are lost after each restart - Ask Different](https://apple.stackexchange.com/questions/343842/keyboard-preferences-are-lost-after-each-restart/343843?noredirect=1#comment717541_343843) * [finalize debootstrap debian - Lilo](https://search.lilo.org/?q=finalize+debootstrap+debian&plugin=lilose) * [Proxmox Storage Configuration for Beginners - Virtualization Howto](https://www.virtualizationhowto.com/2025/01/proxmox-storage-configuration-for-beginners/) * [Proxmox 8: New Features and Home Lab Upgrade Instructions - Virtualization Howto](https://www.virtualizationhowto.com/2023/06/proxmox-8-new-features-and-home-lab-upgrade-instructions/) * [Proxmox - Page 3 of 6 - Virtualization Howto](https://www.virtualizationhowto.com/category/proxmox/page/3/) * [Proxmox Network Configuration for Beginners including VLANs - Virtualization Howto](https://www.virtualizationhowto.com/2025/01/proxmox-network-configuration-for-beginners-including-vlans/) * [Proxmox 8: New Features and Home Lab Upgrade Instructions - Virtualization Howto](https://www.virtualizationhowto.com/2023/06/proxmox-8-new-features-and-home-lab-upgrade-instructions/) * [Install Proxmox in VMware Workstation Pro - Virtualization Howto](https://www.virtualizationhowto.com/2024/05/install-proxmox-in-vmware-workstation-pro/) * [Proxmox Subscription and Update Repositories Beginners Guide - Virtualization Howto](https://www.virtualizationhowto.com/2024/05/proxmox-subscription-and-update-repositories-beginners-guide/) * [Creating a Resource Pool & VM in Proxmox - Part 4 - BDRSuite](https://www.bdrsuite.com/blog/creating-a-resource-pool-vm-in-proxmox-part-4/) * [Proxmox Homelab: First 5 Basic Configuration Steps - Virtualization Howto](https://www.virtualizationhowto.com/2023/10/proxmox-homelab-first-5-basic-configuration-steps/) Stockage * [Storage - Proxmox VE](https://pve.proxmox.com/wiki/Storage) * [Storage: Directory - Proxmox VE](https://pve.proxmox.com/wiki/Storage:_Directory) * [Disks and partitions best practices questions | Proxmox Support Forum](https://forum.proxmox.com/threads/disks-and-partitions-best-practices-questions.145879/) * [(1) [SOLVED] - Good Practice for Disks Setup | Proxmox Support Forum](https://forum.proxmox.com/threads/good-practice-for-disks-setup.113957/) Réseau * [Proxmox: Configure a network bridge for internal networking – WirelessThings](https://wirelessthings.io/index.php/2023/11/02/proxmox-configure-a-network-bridge-for-internal-networking/) * [Proxmox: Set up NAT for VMs - techlr.de](https://techlr-de.translate.goog/proxmox-nat-vms-einrichten/?_x_tr_sl=de&_x_tr_tl=en&_x_tr_hl=de&_x_tr_pto=wapp) * [Configurer un serveur proxmox avec une seule ip publique - Ludovic Meurot](https://meurot.me/articles/proxmox-avec-une-seule-ip-publique/2) * [Utiliser Proxmox avec une adresse ip publique | Wiki - The Abyss Project](https://wiki.abyssproject.net/fr/proxmox/proxmox-with-one-public-ip) * [(1) [SOLVED] - How to configure the network correct | Proxmox Support Forum](https://forum.proxmox.com/threads/how-to-configure-the-network-correct.24335/) * [Network Configuration - Proxmox VE](https://pve.proxmox.com/wiki/Network_Configuration) * [(1) [SOLVED] - Proxmox single IP Setup | Proxmox Support Forum](https://forum.proxmox.com/threads/proxmox-single-ip-setup.141153/) * [(1) [SOLVED] - Proper vlan setting in proxmox. | Proxmox Support Forum](https://forum.proxmox.com/threads/proper-vlan-setting-in-proxmox.121645/) * [(1) NAT masquerading on VLAN interfaces doesn't work | Proxmox Support Forum](https://forum.proxmox.com/threads/nat-masquerading-on-vlan-interfaces-doesnt-work.143001/) ## Réseau et container * [Proxmox Permissions for Users, Groups, and Pools : r/Proxmox](https://www.reddit.com/r/Proxmox/comments/txajsi/proxmox_permissions_for_users_groups_and_pools/) * [Proxmox - UCC Wiki](https://wiki.ucc.asn.au/Proxmox) * [reseau:cloud:proxmox:pool [Les cours du BTS SIO]](https://siocours.lycees.nouvelle-aquitaine.pro/doku.php/reseau/cloud/proxmox/pool) * [Boost Your ProxmoxVE Efficiency: Unlock the Power of Resource Pools and Tags | by Deepen Dhulla | Medium](https://deependhulla.medium.com/boost-your-proxmoxve-efficiency-unlock-the-power-of-resource-pools-and-tags-1e292a352ea6) * [Linux Container - Proxmox VE](https://pve.proxmox.com/wiki/Linux_Container) ## Bootloader Grub * [debian - How do I make grub install on a software-raid disk? - Server Fault](https://serverfault.com/questions/1019079/how-do-i-make-grub-install-on-a-software-raid-disk) * [grub2 - Required GRUB modules for booting on mdadm RAID1 - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/196212/required-grub-modules-for-booting-on-mdadm-raid1) * [grub2 - Simple mdadm RAID 1 setup for booting degraded and reverting upgrades? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/564665/simple-mdadm-raid-1-setup-for-booting-degraded-and-reverting-upgrades) * [linux - How to correctly install GRUB on a soft RAID 1? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/230349/how-to-correctly-install-grub-on-a-soft-raid-1) * [partitioning - grub2-install: "this GPT partition label contains no BIOS Boot Partition" - Super User](https://superuser.com/questions/903112/grub2-install-this-gpt-partition-label-contains-no-bios-boot-partition)