tweaks

README.md

@@ -2,4 +2,4 @@ Server Setup Script
 =====================
 
 #Use#
-curl -sSL https://code.totosearch.org/Sean/ServerSetup/setup.sh | sh
+wget -qO - https://code.totosearch.org/Sean/ServerSetup/raw/branch/master/setup.sh | sudo bash

setup.sh

@@ -0,0 +1,670 @@
+#! /bin/bash
+
+echo ""
+echo "Updating local packages..."
+errors=`apt-add-repository universe >/dev/null 2>/dev/null && apt update 2>&1 >/dev/null`
+if [ "$?" = "0" ]; then
+	echo "Done."
+else
+	echo "Failed to add universal repository, update apt repository - $errors"
+	exit 1
+fi
+
+echo ""
+echo "Installing required setup configuration utilities..."
+errors=$(apt install -y dialog net-tools gdisk zfs-initramfs debootstrap >/dev/null 2>/dev/null)
+if [ "$?" = "0" ]; then
+	echo "Done."
+else
+	echo "Failed to install net-tools, gdisk, zfs-initramfs, or debootstrap - $errors"
+	exit 2
+fi
+
+#calculate width and height of console
+width=`tput cols`
+height=`tput lines`
+window=$((height - 5))
+
+if [ -d "/sys/firmware/efi" ]; then efi="1"; echo -e "\nUEFI detected..." else efi="0"; echo -e "\nBIOS detected..."; fi
+
+# gather input at the start
+devices=""; for device in $(ls /dev/disk/by-id | grep -v part); do devices="$devices $device off"; done
+disks=`dialog --separate-output --no-cancel --no-items --title "Root devices" --checklist "Select root OS disks:" $height $width ${window}$devices 2>&1 1>/dev/tty`
+boots=`dialog --separate-output --no-cancel --no-items --title "Boot devices" --checklist "Select boot devices:" $height $width ${window}$devices 2>&1 1>/dev/tty`
+
+alldisks=$( (for d in `echo "$disks"`; do echo "$d"; done; for d in `echo "$boots"`; do echo "$d"; done) | sort -u)
+echo "alldisks: $alldisks"
+
+diskcount=`echo "$disks" | wc -l`
+diskoptions="12 35 5 raidz off raidz2 off raidz3 off mirror off none off"
+if [ "$diskcount" = "0" ] ; then echo "No disks found to use for boot device"; exit 112; fi
+if [ "$diskcount" = "1" ]; then diskoptions="8 35 1 none off"; fi
+if [ "$diskcount" = "2" ]; then diskoptions="9 35 2 mirror off none off"; fi
+if [ "$diskcount" = "3" ]; then diskoptions="10 35 3 raidz off mirror off none off"; fi
+if [ "$diskcount" = "4" ]; then diskoptions="12 35 5 raidz off raidz2 off raidz3 off mirror off none off"; fi
+if [ "$diskcount" = "5" ]; then diskoptions="12 35 5 raidz off raidz2 off raidz3 off mirror off none off"; fi
+if [ "$diskcount" = "6" ]; then diskoptions="12 35 5 raidz off raidz2 off raidz3 off mirror off none off"; fi
+if [ "$diskcount" -gt "6" ]; then diskoptions="11 35 4 raidz2 off raidz3 off mirror off none off"; fi
+if [ "$diskcount" -gt "11" ]; then diskoptions="10 35 3 raidz3 off mirror off none off"; fi
+raidtype=`dialog --no-items --no-cancel --title "Root pool ZFS RAID" --radiolist "Select root pool ZFS RAID type:" $diskoptions 2>&1 1>/dev/tty`
+hostname=""; while [ -z "$hostname" ]; do hostname=`dialog --no-cancel --inputbox "Hostname:" 8 40 2>&1 >/dev/tty`; done
+domainname=""; while [ -z "$domainname" ]; do domainname=`dialog --no-cancel --inputbox "Domain name root (for fully qualified domain, e.g. company.com):" 8 40 2>&1 >/dev/tty`; done
+fqdn="${hostname}.${domainname}"
+nicdevices=""; for nic in $(ip -o link show | awk -F': ' '{print $2}' | grep -v '^lo'); do nicdevices="$nicdevices $nic off"; done
+totalram=`cat /proc/meminfo | grep -e "^MemTotal" | sed 's/MemTotal: *\(.*\) kB *$/\1/g'`
+swapspace=$(($totalram / 5))
+swapspace=$(($swapspace / `getconf PAGESIZE`))
+swapspace=$(($swapspace * `getconf PAGESIZE`))
+# 20% swap space with 2G minimum
+if [ "$swapspace" -lt "2048000" ]; then swapspace="2048000" ; fi
+
+nics=`dialog --separate-output --no-cancel --no-items --title "Bridged network devices" --checklist "Select the network devices to be bridged to br0:" $height $width ${window}$nicdevices 2>&1 1>/dev/tty`
+networktype=`dialog --no-items --no-cancel --title "Network type" --radiolist "Select the network type:" 9 40 2 dhcp off static off 2>&1 1>/dev/tty`
+if [ "$networktype" = "static" ]; then
+	address=""; while [ -z "$address" ]; do address=`dialog --no-cancel --inputbox "IP Address:" 8 40 2>&1 >/dev/tty`; done
+	subnet=""; while [ -z "$subnet" ]; do subnet=`dialog --no-cancel --inputbox "Subnet mask:" 8 40 2>&1 >/dev/tty`; done
+	gateway=""; while [ -z "$gateway" ]; do gateway=`dialog --no-cancel --inputbox "Gateway:" 8 40 2>&1 >/dev/tty`; done
+	dns1=""; while [ -z "$dns1" ]; do dns1=`dialog --no-cancel --inputbox "Primary DNS server:" 8 40 2>&1 >/dev/tty`; done
+	dns2=`dialog --no-cancel --inputbox "Secondary DNS server:" 8 40 2>&1 >/dev/tty`
+fi
+
+admin=""; while [ -z "$admin" ]; do admin=`dialog --no-cancel --inputbox "Admin user:" 8 40 2>&1 >/dev/tty`; done
+rootpassword=""
+while [ "$rootpassword" = "" ]; do
+	rootpassword=`dialog --no-cancel --title "Root password" --insecure --passwordbox "Enter root password:" 8 40 2>&1 1>/dev/tty`
+	confirmpassword=`dialog --no-cancel --title "Root password confirmation" --insecure --passwordbox "Re-enter root password:" 8 40 2>&1 1>/dev/tty`
+	if ! [ "$rootpassword" = "$confirmpassword" ]; then
+		echo "Password does not match confirmation - please retry the setup"
+		rootpassword=""
+	fi
+done
+admins=`dialog --no-items --no-cancel --title "Administrators" --inputbox "List administrator e-mail addresses separated by comma:" 10 40 2>&1 1>/dev/tty`
+a=""; for x in `timedatectl list-timezones`; do a="$a $x" ; done
+
+
+smtp=""; while [ -z "$smtp" ]; do smtp=`dialog --no-cancel --inputbox "Outoing e-mail SMTP proxy server:" 8 40 2>&1 >/dev/tty`; done
+email=""; while [ -z "$email" ]; do email=`dialog --no-cancel --inputbox "Outgoing mail username:" 8 40 2>&1 >/dev/tty`; done
+emailpassword=""
+while [ "$emailpassword" = "" ]; do
+	emailpassword=`dialog --no-cancel --title "Outgoing e-mail SMTP mail password" --insecure --passwordbox "Enter outgoing e-mail SMTP password:" 8 40 2>&1 1>/dev/tty`
+	confirmpassword=`dialog --no-cancel --title "Outgoing e-mail SMTP mail password" --insecure --passwordbox "Re-enter outgoing e-mail SMTP password:" 8 40 2>&1 1>/dev/tty`
+	if ! [ "$emailpassword" = "$confirmpassword" ]; then
+		echo "Password does not match confirmation - please retry the setup"
+		emailpassword=""
+	fi
+done
+
+
+timezone=`dialog --no-items --no-cancel --menu "Select time zone:" $height 40 ${window}${a} 2>&1 1>/dev/tty`
+
+for disk in `echo "$alldisks"`; do
+		echo ""
+        echo "Erasing partition table for device $disk..."
+		errors=`sgdisk --zap-all /dev/disk/by-id/$disk 2>&1 1>/dev/null`
+		if ! [ "$?" = "0" ]; then
+			echo "Failed to erase partition table for device $disk - $errors"
+			exit 3
+		fi
+        echo "Done."
+done
+
+if [ "$efi" = "1" ]; then
+
+	for disk in `echo "$boots"`; do
+			echo ""
+			echo "Creating boot partitions for device $disk..."
+			errors=`sgdisk -n1:1M:+512M -t1:EF00 /dev/disk/by-id/$disk 2>&1 1>/dev/null`
+			if ! [ "$?" = "0" ]; then
+				echo "Failed to create boot partition for device $disk - $errors"
+				exit 3
+			fi
+			echo "Done."
+	done
+
+	for disk in `echo "$boots"`; do
+			echo ""
+			echo "Creating boot partitions for device $disk..."
+			errors=`sgdisk -n3:0:+512M -t3:BF01 /dev/disk/by-id/$disk 2>&1 1>/dev/null`
+			if ! [ "$?" = "0" ]; then
+				echo "Failed to create boot partition for device $disk - $errors"
+				exit 3
+			fi
+			echo "Done."
+	done
+
+else
+
+	for disk in `echo "$boots"`; do
+			echo ""
+			echo "Creating boot partitions for device $disk..."
+			errors=`sgdisk -a1 -n1:24K:+1000K -t1:EF02 /dev/disk/by-id/$disk 2>&1 1>/dev/null`
+			if ! [ "$?" = "0" ]; then
+				echo "Failed to create boot partition for device $disk - $errors"
+				exit 3
+			fi
+			echo "Done."
+	done
+
+fi
+
+for disk in `echo "$disks"`; do
+		echo ""
+        echo "Creating main storage for device $disk..."
+		errors=`sgdisk -n4:0:0 -t4:BF01 /dev/disk/by-id/$disk 2>&1 1>/dev/null`
+		if ! [ "$?" = "0" ]; then
+			echo "Failed to create main storage for device $disk - $errors"
+			exit 3
+		fi
+        echo "Done."
+done
+
+# create boot mirror list and root list
+
+count="0"; bootmirror=""; for disk in `echo "$boots"`; do bootmirror="$bootmirror /dev/disk/by-id/${disk}-part3"; count=$((count + 1)); done; if [ "$count" -gt "1" ]; then bootmirror="mirror $bootmirror"; fi
+rootraidz=""; for disk in `echo "$disks"`; do rootraidz="$rootraidz /dev/disk/by-id/${disk}-part4"; done
+
+# refresh drives or there are missing partitions
+partprobe 2>/dev/null 1>/dev/null
+
+# wait for the partitions to show up
+
+for disk in `echo "$boots"`; do
+	pending="0"
+	while ! [ -e "/dev/disk/by-id/${disk}-part3" ]; do
+		partprobe 2>/dev/null 1>/dev/null
+		if [ "$pending" = "0" ]; then echo "" && echo "Waiting for ${disk} boot pool partition to update on device ${disk}..."; pending="1"; fi
+		sleep 3
+	done
+	if [ "$pending" = "1" ]; then echo "Done."; fi
+done
+
+for disk in `echo "$boots"`; do
+	pending="0"
+	while ! [ -e "/dev/disk/by-id/${disk}-part1" ]; do
+		partprobe 2>/dev/null 1>/dev/null
+		if [ "$pending" = "0" ]; then echo "" && echo "Waiting for ${disk} boot partition to update on device ${disk}..."; pending="1"; fi
+		sleep 3
+	done
+	if [ "$pending" = "1" ]; then echo "Done."; fi
+done
+
+echo ""
+echo "Creating boot zpool..."
+errors=`zpool create -f -o ashift=12 -d -o feature@async_destroy=enabled -o feature@bookmarks=enabled -o feature@embedded_data=enabled -o feature@empty_bpobj=enabled -o feature@enabled_txg=enabled -o feature@extensible_dataset=enabled -o feature@filesystem_limits=enabled -o feature@hole_birth=enabled -o feature@large_blocks=enabled -o feature@lz4_compress=enabled -o feature@spacemap_histogram=enabled -o feature@userobj_accounting=enabled -O acltype=posixacl -O canmount=off -O compression=lz4 -O devices=off -O normalization=formD -O relatime=on -O xattr=sa -O mountpoint=/ -R /mnt bpool $bootmirror 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then
+	echo "Failed to create boot pool - $errors"
+	exit 4
+fi
+echo "Done."
+
+# no striped mirror support yet
+
+# special exception for none raid - this just operates the disks like a stripe, for 1 or more disk - *not* recommended
+if [ "$raidtype" = "none" ]; then
+	raidtype=""
+else
+	raidtype=" $raidtype"
+fi
+
+# wait for the partitions to show up
+for disk in `echo "$disks"`; do
+	pending="0"
+	while ! [ -e "/dev/disk/by-id/${disk}-part4" ]; do
+		partprobe 2>/dev/null 1>/dev/null
+		if [ "$pending" = "0" ]; then echo "" && echo "Waiting for ${disk} storage partition to update..."; pending="1"; fi
+		sleep 3
+	done
+	if [ "$pending" = "1" ]; then echo "Done."; fi
+done
+
+echo ""
+echo "Creating main zpool..."
+error=`zpool create -f -o ashift=12 -O acltype=posixacl -O canmount=off -O compression=lz4 -O dnodesize=auto -O normalization=formD -O relatime=on -O xattr=sa -O mountpoint=/ -R /mnt rpool${raidtype}${rootraidz} 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then
+	echo "Failed to create main pool - $errors"
+	exit 5
+fi
+echo "Done."
+
+
+echo ""
+echo "Setting up main zpool dataset configuration..."
+errors=`zfs create -o canmount=off -o mountpoint=none rpool/ROOT 2>&1 1>/dev/null && zfs create -o canmount=off -o mountpoint=none bpool/BOOT 2>&1 1>/dev/null && zfs create -o canmount=noauto -o mountpoint=/ rpool/ROOT/ubuntu 2>&1 1>/dev/null && zfs mount rpool/ROOT/ubuntu 2>&1 1>/dev/null && zfs create -o canmount=noauto -o mountpoint=/boot bpool/BOOT/ubuntu 2>&1 1>/dev/null && zfs mount bpool/BOOT/ubuntu 2>&1 1>/dev/null && zfs create                                 rpool/home 2>&1 1>/dev/null && zfs create -o mountpoint=/root             rpool/home/root 2>&1 1>/dev/null && zfs create -o canmount=off                 rpool/var 2>&1 1>/dev/null && zfs create -o canmount=off                 rpool/var/lib 2>&1 1>/dev/null && zfs create                                 rpool/var/log 2>&1 1>/dev/null &&  zfs create                                 rpool/var/spool 2>&1 1>/dev/null && zfs create -o com.sun:auto-snapshot=false  rpool/var/cache 2>&1 1>/dev/null && zfs create -o com.sun:auto-snapshot=false  rpool/var/tmp 2>&1 1>/dev/null && chmod 1777 /mnt/var/tmp 2>&1 1>/dev/null && zfs create                                 rpool/opt 2>&1 1>/dev/null && zfs create                                 rpool/srv 2>&1 1>/dev/null && zfs create -o canmount=off                 rpool/usr 2>&1 1>/dev/null && zfs create                                 rpool/usr/local 2>&1 1>/dev/null && zfs create                                 rpool/var/mail 2>&1 1>/dev/null && zfs create -o com.sun:auto-snapshot=false  rpool/var/lib/docker 2>&1 1>/dev/null && zfs create -o com.sun:auto-snapshot=false  rpool/var/lib/nfs 2>&1 1>/dev/null && zfs create -o com.sun:auto-snapshot=false  rpool/tmp 2>&1 1>/dev/null && chmod 1777 /mnt/tmp 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then 
+	echo "Error setting up ZFS settings - $errors"
+	exit 5
+fi
+echo "Done."
+
+echo ""
+echo "Bootstrapping..."
+errors=`debootstrap bionic /mnt 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then 
+	echo "Failed to bootstrap root - $errors"
+	exit 6
+fi
+echo "Done."
+
+echo ""
+echo "Disabling ZFS devices..."
+errors=`zfs set devices=off rpool 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then
+	echo "Failed to set devices=off for root pool- $errors"
+	exit 7
+fi
+echo "Done."
+
+echo ""
+echo "Setting hostname and e-mail admins..."
+echo "$hostname" > /mnt/etc/hostname
+echo "127.0.0.1 $hostname $fqdn" > /mnt/etc/hosts
+echo "127.0.1.1 $hostname" >> /mnt/etc/hosts
+echo "${admins}" > /mnt/admins
+chmod o+r /mnt/admins
+echo "Done."
+
+echo ""
+echo "Setting default apt repositories"
+echo "deb http://archive.ubuntu.com/ubuntu bionic main universe"  > /mnt/etc/apt/sources.list
+echo "deb-src http://archive.ubuntu.com/ubuntu bionic main universe" >> /mnt/etc/apt/sources.list
+echo "deb http://security.ubuntu.com/ubuntu bionic-security main universe" >> /mnt/etc/apt/sources.list
+echo "deb-src http://security.ubuntu.com/ubuntu bionic-security main universe" >> /mnt/etc/apt/sources.list
+echo "deb http://archive.ubuntu.com/ubuntu bionic-updates main universe" >> /mnt/etc/apt/sources.list
+echo "deb-src http://archive.ubuntu.com/ubuntu bionic-updates main universe" >> /mnt/etc/apt/sources.list
+echo "Done."
+
+echo ""
+echo "Setting up boot pool import service..."
+echo "[Unit]"> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    DefaultDependencies=no" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    Before=zfs-import-scan.service" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    Before=zfs-import-cache.service" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "[Service]" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    Type=oneshot" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    RemainAfterExit=yes" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    ExecStart=/sbin/zpool import -N -o cachefile=none bpool" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "[Install]" >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "    WantedBy=zfs-import.target	"  >> /mnt/etc/systemd/system/zfs-import-bpool.service
+echo "Done."
+
+echo ""
+echo "Creating home directory..."
+errors=`zfs create rpool/home/${admin} 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then
+	echo "Unable to create home directory - $errors"
+	exit 9
+fi
+echo "Done."
+
+echo ""
+echo "Mounting chroot mounts..."
+mount --rbind /dev  /mnt/dev
+mount --rbind /proc /mnt/proc
+mount --rbind /sys  /mnt/sys
+echo "Done."
+
+echo ""
+echo "Entering chroot..."
+echo "#!/bin/bash" > /mnt/setup-chroot.sh
+echo "HOSTNAME=\"$hostname\"" >> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Mounting /proc/self/mounts...\"" >> /mnt/setup-chroot.sh
+echo "ln -s /proc/self/mounts /etc/mtab"  >> /mnt/setup-chroot.sh
+echo "echo \"Done.\""  >> /mnt/setup-chroot.sh
+echo "echo \"\""  >> /mnt/setup-chroot.sh
+echo "echo \"Updating apt repositories on root pool...\""  >> /mnt/setup-chroot.sh
+echo 'errors=`apt update 2>&1 1>/dev/null`' >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to update apt repositories on root pool - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"">> /mnt/setup-chroot.sh
+echo "echo \"\"">> /mnt/setup-chroot.sh
+echo "echo \"Setting locale...\"" >> /mnt/setup-chroot.sh
+echo 'errors=`locale-gen en_US.UTF-8 2>&1 1>/dev/null`' >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to set the locale to en_US.UTF-8 - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Setting time zone...\"" >> /mnt/setup-chroot.sh
+echo "cp /usr/share/zoneinfo/$timezone /etc/localtime" >> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Installing linux image, ifupdown dnsutils nfs-kernel-server apparmor-profiles vim, libvirt-bin, bridge-utils, net-tools, bash, screen, tmux, zfs-initramfs, dosfstools, mailutils, ssmtp, openssh-server, ufw, docker.io, sharutils...\"" >> /mnt/setup-chroot.sh
+echo "errors=\$(DEBCONF_FRONTEND='noninteractive' apt install -y --no-install-recommends linux-image-generic 2>&1 1>/dev/null && apt purge -y netplan 2>&1 1>/dev/null && apt autoremove -y 2>&1 1>/dev/null && DEBCONF_FRONTEND='noninteractive' apt install -y ifupdown efibootmgr htop iotop smartmontools dnsutils nfs-kernel-server apparmor-profiles vim libvirt-bin bridge-utils net-tools bash screen tmux zfs-initramfs dosfstools mailutils ssmtp openssh-server ufw docker.io sharutils 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to install preliminary software - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+# network configuration should have optional static configuration - not just DHCP, it's very important
+
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Enabling networking service...\"" >> /mnt/setup-chroot.sh
+echo "error=\$(systemctl unmask networking 2>&1 1>/dev/null && systemctl enable networking 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to enable networking service - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 118">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+# configure docker storage to use zfs
+mkdir -p /mnt/etc/docker
+echo "{\"storage-driver\":\"zfs\"}" > /mnt/etc/docker/daemon.json
+echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /mnt/etc/sysctl.conf
+echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /mnt/etc/sysctl.conf
+echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /mnt/etc/sysctl.conf
+
+echo 'echo ""' >> /mnt/setup-chroot.sh
+echo 'echo "Creating EFI partition..."' >> /mnt/setup-chroot.sh
+firstdisk=`echo "$boots" | head -n1`
+echo "error=\$(mkdosfs -F 32 -s 1 -n EFI /dev/disk/by-id/${firstdisk}-part1 2>&1 1>/dev/null && mkdir /boot/efi 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to create dos file system for EFI partition - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 100">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo PARTUUID=$(blkid -s PARTUUID -o value /dev/disk/by-id/${firstdisk}-part1) /boot/efi vfat nofail,x-systemd.device-timeout=0 0 1 >> /etc/fstab" >> /mnt/setup-chroot.sh
+
+echo "errors=\$(mount /boot/efi 2>&1 1>/dev/null && apt install -y grub-efi-amd64-signed shim-signed 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to mount EFI partition or install grub-EFI - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo 'echo "Done."' >> /mnt/setup-chroot.sh
+
+echo "echo ''" >> /mnt/setup-chroot.sh
+echo 'echo "Setting root password..."' >> /mnt/setup-chroot.sh
+echo "errors=\$(echo 'root:${rootpassword}' | chpasswd 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo "if ! [ \"\$?\" = \"0\" ]; then echo \"Could not set root password - \$errors\"; exit 21; fi" >> /mnt/setup-chroot.sh
+echo 'echo "Done."'>> /mnt/setup-chroot.sh
+
+echo 'echo ""' >> /mnt/setup-chroot.sh
+echo 'echo "Enabling boot pool import service..."'>> /mnt/setup-chroot.sh
+echo "errors=\$(systemctl enable zfs-import-bpool.service 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to enable boot pool import service - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 102">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo 'echo "Done."'>> /mnt/setup-chroot.sh
+
+echo 'echo ""'  >> /mnt/setup-chroot.sh
+echo "echo \"Checking ZFS root...\"" >> /mnt/setup-chroot.sh
+echo 'zfscheck=$(grub-probe /boot 2>&1 1>/dev/null)' >> /mnt/setup-chroot.sh
+echo "if ! [ \"\$?\" = \"0\" ]; then echo \"grub-probe check failed - \$zfscheck\"; exit 2; fi" >> /mnt/setup-chroot.sh
+echo "echo \"Success.\"" >> /mnt/setup-chroot.sh
+
+echo 'echo ""' >> /mnt/setup-chroot.sh
+echo 'echo "Updating initramfs..."' >> /mnt/setup-chroot.sh
+echo "echo \"vmd\" >> /etc/initramfs-tools/modules" >> /mnt/setup-chroot.sh
+echo 'errors=$(update-initramfs -u -k all 2>&1 1>/dev/null)'  >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to update initramfs - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+# you need sed to do this right!
+echo 'echo ""'  >> /mnt/setup-chroot.sh
+echo 'echo "Modifying grub for ZFS root..."' >> /mnt/setup-chroot.sh
+echo "errors=\$(sed -ir 's/quiet splash//g' /etc/default/grub 2>&1 1>/dev/null && sed -ir 's/GRUB_CMDLINE_LINUX=\".*\"/GRUB_CMDLINE_LINUX=\"root=ZFS=rpool\/ROOT\/ubuntu rootdelay=10 noresume\"/g' /etc/default/grub 2>&1 1>/dev/null && sed -ir 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo "if ! [ \"\$?\" = \"0\" ]; then echo \"Failed to set grub ZFS root - \$errors\"; exit 104; fi" >> /mnt/setup-chroot.sh
+echo 'echo "Done."' >> /mnt/setup-chroot.sh
+
+echo 'echo ""' >> /mnt/setup-chroot.sh
+echo 'echo "Updating grub..."' >> /mnt/setup-chroot.sh
+echo 'errors=$(update-grub 2>&1 1>/dev/null)'>> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to update grub - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+echo 'echo ""' >> /mnt/setup-chroot.sh
+echo 'echo "Installing grub UEFI on plex1..."' >> /mnt/setup-chroot.sh
+echo "errors=\$(grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=ubuntu --recheck --no-floppy 2>&1 1>/dev/null && umount /boot/efi 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo "if ! [ \"\$?\" = \"0\" ]; then echo \"Failed to install grub UEFI on plex1 - \$errors\"; exit 104; fi" >> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+if ! [ "$boots" = "" ]; then
+	if [ "$efi" = "1" ]; then
+
+		echo 'echo ""' >> /mnt/setup-chroot.sh
+		echo 'echo "Cloning EFI boot partition to all boot devices..."' >> /mnt/setup-chroot.sh
+		i="2"
+		for disk in `echo "$boots" | tail -n+2`; do
+			echo "errors=\$(dd if=/dev/disk/by-id/${firstdisk}-part1 of=/dev/disk/by-id/${disk}-part1 2>&1 1>/dev/null && efibootmgr -c -g -d /dev/disk/by-id/${disk} -p 3 -L "ubuntu-$i" -l '\EFI\ubuntu\grubx64.efi' 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+			echo "if ! [ \"\$?\" = \"0\" ]; then echo \"EFI copy failed - \$errors\"; exit 20; fi" >> /mnt/setup-chroot.sh
+			i=$((i + 1))
+		done
+
+		echo 'echo "Done."' >> /mnt/setup-chroot.sh
+	fi
+fi
+
+# error check this as one big block
+echo "zfs set mountpoint=legacy bpool/BOOT/ubuntu" >> /mnt/setup-chroot.sh
+echo "echo \"bpool/BOOT/ubuntu /boot zfs nodev,relatime,x-systemd.requires=zfs-import-bpool.service 0 0\" >> /etc/fstab" >> /mnt/setup-chroot.sh
+echo "zfs set mountpoint=legacy rpool/var/log">> /mnt/setup-chroot.sh
+echo "echo \"rpool/var/log /var/log zfs nodev,relatime 0 0\" >> /etc/fstab" >> /mnt/setup-chroot.sh
+echo "zfs set mountpoint=legacy rpool/var/spool">> /mnt/setup-chroot.sh
+echo "echo \"rpool/var/spool /var/spool zfs nodev,relatime 0 0\" >> /etc/fstab" >> /mnt/setup-chroot.sh
+echo "zfs set mountpoint=legacy rpool/var/tmp" >> /mnt/setup-chroot.sh
+echo "echo \"rpool/var/tmp /var/tmp zfs nodev,relatime 0 0\" >> /etc/fstab" >> /mnt/setup-chroot.sh
+echo "zfs set mountpoint=legacy rpool/tmp" >> /mnt/setup-chroot.sh
+echo "echo \"rpool/tmp /tmp zfs nodev,relatime 0 0\" >> /etc/fstab" >> /mnt/setup-chroot.sh
+
+echo 'echo ""' >> /mnt/setup-chroot.sh
+echo 'echo "Enabling SSH..."'>> /mnt/setup-chroot.sh
+echo "sed -ir 's/^ *#? *ChallengeResponseAuthentication.*/ChallengeResponseAuthentication no/g' /etc/ssh/sshd_config" >> /mnt/setup-chroot.sh
+echo "sed -ir 's/^#PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config" >> /mnt/setup-chroot.sh
+echo "sed -ir 's/^UsePAM.*/UsePAM no/g' /etc/ssh/sshd_config" >> /mnt/setup-chroot.sh
+echo "sed -ir 's/^#PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config" >> /mnt/setup-chroot.sh
+echo "errors=\$(systemctl enable ssh 2>&1 1>/dev/null)">> /mnt/setup-chroot.sh 
+#&& ufw allow in on any from any to any port 22 proto tcp 2>&1 1>/dev/null
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to enable SSH - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 101">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo 'echo "Done."'>> /mnt/setup-chroot.sh
+
+echo 'echo ""'>> /mnt/setup-chroot.sh
+echo 'echo "Creating admin user..."'>> /mnt/setup-chroot.sh
+#  error check this
+echo "useradd $admin" >> /mnt/setup-chroot.sh
+echo "cp -a /etc/skel/.[!.]* \"/home/$admin\"" >> /mnt/setup-chroot.sh
+echo "chown -R ${admin}:${admin} \"/home/$admin\"" >> /mnt/setup-chroot.sh
+echo "usermod -a -G adm,cdrom,dip,plugdev,sudo -s /bin/bash \"$admin\"" >> /mnt/setup-chroot.sh
+echo "echo '${admin}:${rootpassword}' | chpasswd" >> /mnt/setup-chroot.sh
+echo 'echo "Done."'>> /mnt/setup-chroot.sh
+
+echo "mkdir \"/home/${admin}/.ssh\"" >> /mnt/setup-chroot.sh
+echo "ssh-keygen -b 4096 -t rsa -q -f \"/home/${admin}/.ssh/id_rsa\" -N '$rootpassword'" >> /mnt/setup-chroot.sh
+echo "cat /home/${admin}/.ssh/id_rsa.pub > \"/home/${admin}/.ssh/authorized_keys\"" >> /mnt/setup-chroot.sh
+#echo "chmod 600 \"/home/${admin}/.ssh/id_rsa\"" >> /mnt/setup-chroot.sh
+echo "chown -R ${admin}:${admin} \"/home/${admin}\"/.ssh" >> /mnt/setup-chroot.sh
+
+echo "HOME=\"/root\"" >> /mnt/setup-chroot.sh
+echo "HOSTNAME=\"$hostname\"" >> /mnt/setup-chroot.sh
+
+echo "echo \"FromLineOverride=YES\" > /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"root=admin\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"hostname=${fqdn}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"AuthUser=${email}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"AuthPass=${emailpassword}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"mailhub=${smtp}\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"UseSTARTTLS=YES\" >> /etc/ssmtp/ssmtp.conf" >> /mnt/setup-chroot.sh
+echo "echo \"root:${admins}\" >> /etc/ssmtp/revaliases" >> /mnt/setup-chroot.sh
+echo "chfn -f '${email}' root" >> /mnt/setup-chroot.sh
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Sending SSH key via e-mail...\"" >> /mnt/setup-chroot.sh
+if [ "$networktype" = "dhcp" ]; then 
+	connection="`hostname -I` (`wget -qO - ifconfig.me`)"
+else 
+	connection="$address"
+fi
+
+echo "serverinfo=\`cat \"/home/${admin}/.ssh/id_rsa\"\`" >>  /mnt/setup-chroot.sh
+echo "serverinfo=\"Server available at $connection\\n\\n\$serverinfo\"; echo -e \"\$serverinfo\" | mail -s \"$hostname SSH key\" -r \"${email}\" \"\`cat /admins\`\"" >> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+errors=`chmod +x /mnt/setup-chroot.sh 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then
+	echo "Failed to set execution permission on chroot script - $errors"
+	exit 45
+fi
+
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Enabling UFW and apparmor on boot...\"" >> /mnt/setup-chroot.sh
+echo "errors=\$(systemctl enable ufw 2>&1 1>/dev/null && systemctl enable apparmor 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to enable UFW - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Enabling cron, smartd, and adding ZFS health script...\"" >> /mnt/setup-chroot.sh
+echo "errors=\$(echo \"0 0 * * 1 /zfshealth.sh\" | crontab 1>&2 2>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to add zfshealth.sh to crontab - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "errors=\$(systemctl enable cron 2>&1 1>/dev/null && systemctl enable smartd 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to enable cron service - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 1">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+echo "echo \"\"" >> /mnt/setup-chroot.sh
+echo "echo \"Upgrading OS and installing standard command line system...\"" >> /mnt/setup-chroot.sh
+echo "errors=\$(apt dist-upgrade --yes 2>&1 1>/dev/null && apt install --yes ubuntu-standard 2>&1 1>/dev/null)" >> /mnt/setup-chroot.sh
+echo 'if ! [ \"$?\" = \"0\" ]; then '>> /mnt/setup-chroot.sh
+echo '	echo "Failed to upgrade OS or install command line basics - $errors"' >> /mnt/setup-chroot.sh
+echo "	exit 122">> /mnt/setup-chroot.sh
+echo "fi">> /mnt/setup-chroot.sh
+echo "echo \"Done.\"" >> /mnt/setup-chroot.sh
+
+echo "exit 0" >> /mnt/setup-chroot.sh
+
+
+chroot /mnt /setup-chroot.sh
+if ! [ "$?" = "0" ]; then
+	exit $?
+fi
+
+echo ""
+echo "Creating swap space..."
+errors=$(zfs create -V ${swapspace}K -b $(getconf PAGESIZE) -o compression=zle -o logbias=throughput -o sync=always -o primarycache=metadata -o secondarycache=none -o com.sun:auto-snapshot=false rpool/swap 2>&1 1>/dev/null && (while ! [ -e "/dev/zvol/rpool/swap" ]; do sleep 1; done) && mkswap -f /dev/zvol/rpool/swap 2>&1 1>/dev/null)
+if ! [ "$?" = "0" ]; then
+	echo "Failed to create swap space - $errors"
+	exit 132
+fi
+echo "/dev/zvol/rpool/swap none swap discard 0 0" >> /mnt/etc/fstab
+echo "Done."
+
+echo ""
+echo "Writing network interfaces file..."
+macaddr=$(echo $hostname|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/')
+mkdir -p /mnt/etc/network && mkdir -p /mnt/etc/network/interfaces.d
+echo "auto lo br0" > /mnt/etc/network/interfaces.d/br0
+echo "iface lo inet loopback" >> /mnt/etc/network/interfaces.d/br0
+niclist=""
+for nic in `echo "$nics"`; do
+	echo "iface ${nic} inet manual" >> /mnt/etc/network/interfaces.d/br0
+	niclist="$niclist $nic"
+done
+if [ "$networktype" = "dhcp" ]; then
+	echo "iface br0 inet dhcp"  >> /mnt/etc/network/interfaces.d/br0
+else
+	echo "iface br0 inet static"  >> /mnt/etc/network/interfaces.d/br0
+	echo "        address $address" >> /mnt/etc/network/interfaces.d/br0
+	echo "        netmask $subnet" >> /mnt/etc/network/interfaces.d/br0
+	echo "        gateway $gateway" >> /mnt/etc/network/interfaces.d/br0
+	sed -ir "s/^#DNS=.*/DNS=${dns1}/g" /mnt/etc/systemd/resolved.conf
+	if ! [ -z "$dns2" ]; then sed -ir "s/^#FallbackDNS=.*/FallbackDNS=${dns2}/g" /mnt/etc/systemd/resolved.conf ; fi
+fi
+#echo "        bridge_hw $macaddr" >> /mnt/etc/network/interfaces.d/br0
+echo "        dns-nameservers 127.0.0.53" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_waitport 0" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_fd 0" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_ports${niclist}" >> /mnt/etc/network/interfaces.d/br0
+echo "        bridge_stp on" >> /mnt/etc/network/interfaces.d/br0
+echo "source-directory /etc/network/interfaces.d" > /mnt/etc/network/interfaces
+echo "Done."
+
+# add the firewall rule for SSH, but there may already be an exception for this, test the network in the live environment
+
+echo ""
+echo "Opening SSH port on firewall..."
+sed -ir 's/### RULES ###/### RULES ###\n-A ufw-user-input -i br0 -p tcp --dport 22 -j ACCEPT/g' /mnt/etc/ufw/user.rules 2>&1 1>/dev/null
+echo "Done."
+# commented out for debugging
+echo ""
+echo "Clearing chroot configuration script..."
+rm /mnt/setup-chroot.sh
+echo "Done."
+
+echo "#! /bin/bash" > /mnt/zfshealth.sh
+echo "problems=0; emailSubject=\"\`hostname\` - ZFS pool - HEALTH check\"; emailMessage=\"\"" >> /mnt/zfshealth.sh
+echo "condition=\$(/sbin/zpool status | grep -e \"^ *state:\" | egrep -i '(DEGRADED|FAULTED|OFFLINE|UNAVAIL|REMOVED|FAIL|DESTROYED|corrupt|cannot|unrecover)')" >> /mnt/zfshealth.sh
+echo "if [ \"\${condition}\" ]; then emailSubject=\"\$emailSubject - fault\"; problems=1; fi" >> /mnt/zfshealth.sh
+echo "maxCapacity=80" >> /mnt/zfshealth.sh
+echo "if [ \${problems} -eq 0 ]; then" >> /mnt/zfshealth.sh
+echo "  capacity=\$(/sbin/zpool list -H -o capacity)" >> /mnt/zfshealth.sh
+echo "  for line in \${capacity//%/}" >> /mnt/zfshealth.sh
+echo "  do" >> /mnt/zfshealth.sh
+echo "    if [ \$line -ge \$maxCapacity ]; then emailSubject=\"\$emailSubject - Capacity Exceeded\"; problems=1; fi" >> /mnt/zfshealth.sh
+echo "  done" >> /mnt/zfshealth.sh
+echo "fi" >> /mnt/zfshealth.sh
+echo "if [ \${problems} -eq 0 ]; then" >> /mnt/zfshealth.sh
+echo "  errors=\$(/sbin/zpool status | grep ONLINE | grep -v state | awk '{print \$3 \$4 \$5}' | grep -v 000)" >> /mnt/zfshealth.sh
+echo "  if [ \"\${errors}\" ]; then emailSubject=\"\$emailSubject - Drive Errors\"; problems=1; fi" >> /mnt/zfshealth.sh
+echo "fi" >> /mnt/zfshealth.sh
+echo "scrubExpire=691200" >> /mnt/zfshealth.sh
+echo "if [ \${problems} -eq 0 ]; then" >> /mnt/zfshealth.sh
+echo "  currentDate=\$(date +%s)" >> /mnt/zfshealth.sh
+echo "  zfsVolumes=\$(/sbin/zpool list -H -o name)" >> /mnt/zfshealth.sh
+echo "  for volume in \${zfsVolumes}" >> /mnt/zfshealth.sh
+echo "  do" >> /mnt/zfshealth.sh
+echo "    if [ \$(/sbin/zpool status \$volume | egrep -c \"none requested\") -ge 1 ]; then echo \"ERROR: You need to run \\\"zpool scrub \$volume\\\" before this script can monitor the scrub expiration time.\"; break; fi" >> /mnt/zfshealth.sh
+echo "    if [ \$(/sbin/zpool status \$volume | egrep -c \"scrub in progress|resilver\") -ge 1 ]; then break; fi" >> /mnt/zfshealth.sh
+echo "    scrubRawDate=\$(/sbin/zpool status \$volume | grep scrub | awk '{print \$15 \$12 \$13}' | sed 's/\([0-9]\+\)\([A-Za-z]*\)\([0-9]\+\)/\\2 \\3, \\1/g')" >> /mnt/zfshealth.sh
+echo "    scrubDate=\$(date -d \"\$scrubRawDate\" +%s)" >> /mnt/zfshealth.sh
+echo "    if [ \$((\$currentDate - \$scrubDate)) -ge \$scrubExpire ]; then" >> /mnt/zfshealth.sh
+echo "      if [ \${problems} -eq 0 ]; then emailSubject=\"\$emailSubject - Scrub Time Expired. Scrub Needed on Volume(s)\"; fi" >> /mnt/zfshealth.sh
+echo "      problems=1" >> /mnt/zfshealth.sh
+echo "      emailMessage=\"\${emailMessage}Pool: \$volume needs scrub \n\"" >> /mnt/zfshealth.sh
+echo "    fi" >> /mnt/zfshealth.sh
+echo "  done" >> /mnt/zfshealth.sh
+echo "fi" >> /mnt/zfshealth.sh
+echo "echo -e \"\$emailMessage \n\n\n \`/sbin/zpool list\` \n\n\n \`/sbin/zpool status\`\" | mail -r \"${email}\" -s \"\$emailSubject\" \"\`cat /admins\`\"" >> /mnt/zfshealth.sh
+echo "if [ \"\$problems\" -ne 0 ]; then logger \$emailSubject; fi" >> /mnt/zfshealth.sh
+
+chmod +x /mnt/zfshealth.sh
+
+echo ""
+echo "Unmounting chroot mounts..."
+mount | grep -v zfs | tac | awk '/\/mnt/ {print $3}' | xargs -i{} umount -lf {}
+echo "Done."
+
+echo ""
+echo "Exporting zpools..."
+errors=`zpool export -a 2>&1 1>/dev/null`
+if ! [ "$?" = "0" ]; then
+	echo "Couldn't export mounted zpools - $errors"
+	exit 8
+fi
+echo "Done."
+
+echo ""
+echo "Congratulations! The install was successful. Please reboot and set your boot device using UEFI in the BIOS. You should receive an e-mail with the server's SSH private key shortly."
+echo ""
+exit 0

zfshealth.sh

@@ -1,139 +0,0 @@
-#! /bin/bash
-#
-# Calomel.org 
-#     https://calomel.org/zfs_health_check_script.html
-#     FreeBSD 9.1 ZFS Health Check script 
-#     zfs_health.sh @ Version 0.15
-
-# Check health of ZFS volumes and drives. On any faults send email. In FreeBSD
-# 10 there is supposed to be a ZFSd daemon to monitor the health of the ZFS
-# pools. For now, in FreeBSD 9, we will make our own checks and run this script
-# through cron a few times a day.
-
-# Changelog
-# Peter van der Does - Always send an email, even if there is no problem.
-#                      I prefer to know a script has run even when there is no problem.
-# June 24, 2015
-# Peter van der Does - When a scrub is needed the email subject line only has to inform us once.
-
-# 99 problems but ZFS ain't one
-problems=0
-emailSubject="`hostname` - ZFS pool - HEALTH check"
-emailMessage=""
-
-# Health - Check if all zfs volumes are in good condition. We are looking for
-# any keyword signifying a degraded or broken array.
-
-condition=$(/sbin/zpool status | egrep -i '(DEGRADED|FAULTED|OFFLINE|UNAVAIL|REMOVED|FAIL|DESTROYED|corrupt|cannot|unrecover)')
-if [ "${condition}" ]; then
-  emailSubject="$emailSubject - fault"
-  problems=1
-fi
-
-
-# Capacity - Make sure pool capacities are below 80% for best performance. The
-# percentage really depends on how large your volume is. If you have a 128GB
-# SSD then 80% is reasonable. If you have a 60TB raid-z2 array then you can
-# probably set the warning closer to 95%. 
-#
-# ZFS uses a copy-on-write scheme. The file system writes new data to
-# sequential free blocks first and when the uberblock has been updated the new
-# inode pointers become valid. This method is true only when the pool has
-# enough free sequential blocks. If the pool is at capacity and space limited,
-# ZFS will be have to randomly write blocks. This means ZFS can not create an
-# optimal set of sequential writes and write performance is severely impacted.
-
-maxCapacity=80
-
-if [ ${problems} -eq 0 ]; then
-  capacity=$(/sbin/zpool list -H -o capacity)
-  for line in ${capacity//%/}
-  do
-    if [ $line -ge $maxCapacity ]; then
-      emailSubject="$emailSubject - Capacity Exceeded"
-      problems=1
-    fi
-  done
-fi
-
-
-# Errors - Check the columns for READ, WRITE and CKSUM (checksum) drive errors
-# on all volumes and all drives using "zpool status". If any non-zero errors
-# are reported an email will be sent out. You should then look to replace the
-# faulty drive and run "zpool scrub" on the affected volume after resilvering.
-
-if [ ${problems} -eq 0 ]; then
-  errors=$(/sbin/zpool status | grep ONLINE | grep -v state | awk '{print $3 $4 $5}' | grep -v 000)
-  if [ "${errors}" ]; then
-    emailSubject="$emailSubject - Drive Errors"
-    problems=1
-  fi
-fi
-
-
-# Scrub Expired - Check if all volumes have been scrubbed in at least the last
-# 8 days. The general guide is to scrub volumes on desktop quality drives once
-# a week and volumes on enterprise class drives once a month. You can always
-# use cron to schedule "zpool scrub" in off hours. We scrub our volumes every
-# Sunday morning for example.
-#
-# Scrubbing traverses all the data in the pool once and verifies all blocks can
-# be read. Scrubbing proceeds as fast as the devices allows, though the
-# priority of any I/O remains below that of normal calls. This operation might
-# negatively impact performance, but the file system will remain usable and
-# responsive while scrubbing occurs. To initiate an explicit scrub, use the
-# "zpool scrub" command.
-#
-# The scrubExpire variable is in seconds. So for 8 days we calculate 8 days
-# times 24 hours times 3600 seconds to equal 691200 seconds. 
-
-scrubExpire=691200
-
-if [ ${problems} -eq 0 ]; then
-  currentDate=$(date +%s)
-  zfsVolumes=$(/sbin/zpool list -H -o name)
-
-  for volume in ${zfsVolumes}
-  do
-    if [ $(/sbin/zpool status $volume | egrep -c "none requested") -ge 1 ]; then
-      echo "ERROR: You need to run \"zpool scrub $volume\" before this script can monitor the scrub expiration time."
-      break
-    fi
-    if [ $(/sbin/zpool status $volume | egrep -c "scrub in progress|resilver") -ge 1 ]; then
-      break
-    fi
-
-    ### FreeBSD with *nix supported date format
-    scrubRawDate=$(/sbin/zpool status $volume | grep scrub | awk '{print $15 $12 $13}')
-    scrubDate=$(date -j -f '%Y%b%e-%H%M%S' $scrubRawDate'-000000' +%s)
-
-    ### Ubuntu with GNU supported date format
-    #scrubRawDate=$(/sbin/zpool status $volume | grep scrub | awk '{print $11" "$12" " $13" " $14" "$15}')
-    #scrubDate=$(date -d "$scrubRawDate" +%s)
-
-    if [ $(($currentDate - $scrubDate)) -ge $scrubExpire ]; then
-      if [ ${problems} -eq 0 ]; then
-        emailSubject="$emailSubject - Scrub Time Expired. Scrub Needed on Volume(s)"
-      fi
-      problems=1
-      emailMessage="${emailMessage}Pool: $volume needs scrub \n"
-    fi
-  done
-fi
-
-
-# Notifications - On any problems send email with drive status information and
-# capacities including a helpful subject line to root. Also use logger to write
-# the email subject to the local logs. This is the place you may want to put
-# any other notifications like:
-#
-# + Update an anonymous twitter account with your ZFS status (https://twitter.com/zfsmonitor)
-# + Playing a sound file or beep the internal speaker
-# + Update Nagios, Cacti, Zabbix, Munin or even BigBrother
-
-echo -e "$emailMessage \n\n\n `/sbin/zpool list` \n\n\n `/sbin/zpool status`" | mail -s "$emailSubject" root
-if [ "$problems" -ne 0 ]; then
-  logger $emailSubject
-fi
-
-### EOF ###