* The cover image is originally by KevinYi and edited with great appreciation.
Summary
Hi : )
This post shows how to create OpenBSD droplet in DigitalOcean.
The process is simple and small:
- DigitalOcean Panel
- Create FreeBSD drolpet with SSH login enabled.
- SSH
- Download OS image.
- Write it into the storage.
- DigitalOcean Droplet Console
- Reboot and run the installer.
The detailed steps are below.
Preparation
DigitalOcean Panel
First of all, (sign up as needed and) sign in DigitalOcean.
Then, create FreeBSD droplet in the menu of DigitalOcean: "Create Droplets".
* Note: Both ufs and zfs are acceptable.
Remember to set up "Add your SSH keys".
Besides, we can generate the key via command line like this:
$ ssh-keygen -t rsa -C "%YOUR-EMAIL-ADDRESS%"
SSH
Connect to the droplet as root or superusers with SSH client:
$ ssh -i ~/.ssh/%id_rsa% root@%YOUR-HOST%
Download the installer image as minirootXX.fs file:
# fetch https://cdn.openbsd.org/pub/OpenBSD/6.5/amd64/miniroot65.fs
miniroot65.fs 100% of 4800 kB 35 MBps 00m00s
Then, stop swap:
# # case ufs:
# swapoff /dev/gpt/swap
# # case zfs:
# swapoff /dev/gpt/swap0
Also, stop geom debugging in order to enable writing data into storage:
# sysctl kern.geom.debugflags=0x10
kern.geom.debugflags: 0 -> 16
Write the installer image into the storage:
# dd if=miniroot65.fs of=/dev/vtbd0 bs=512k
9+1 records in
9+1 records out
4915200 bytes transferred in 0.032766 secs (150008149 bytes/sec)
Are you ready to "Access console"?
Click this button to start DigitalOcean console:
Keep it open.
OK. Let's reboot the virtual machine.
Type this in your ssh session:
# reboot
Now, ssh is finished.
Switch to DigitalOcean console.
Installation
DigitalOcean Droplet Console
Wait for the boot completion with DigitalOcean console open.
The OpenBSD installer will ask you which option to choose clearly as usual!
* Tip: Choosing shell instead of install or autoinstall enables us to apply full disk encryption.
In order to do so, run the command like this (Excerpt) on the shell:
bioctl -c C -l /dev/sd0a softraid0
Run install afterwards.
When configuring networking with the installer, you need to use the value of "PUBLIC IP ADDRESS"/"GATEWAY"/"NETMASK" at the bottom of the console instead of DHCP and so on:
- IPv4 address for vio0? = "PUBLIC IP ADDRESS"
- Netmask for vio0? = "NETMASK"
- Default IPv4 Route = "GATEWAY"
- DNS nameservers: 8.8.8.8 8.8.4.4 (For example)
You will get location of sets via http.
After all of the installation are finished and the virtual machine is rebooted, you would say "Hello, OpenBSD":
I wish you enjoy happy computing with OpenBSD on DigitalOcean, the cool system and the cool service : )
Top comments (5)
How do you mitigate the crypto password upon reboot when you cant access the web console?
Hi, 0x746461,
I have checked the detail.
This is why I didn't have to enter the password to reboot the virtual machine.
I did twice; One is after running
dd if=miniroot??.fs of=/dev/vtbd0 bs=512k. The other is after installation of OpenBSD.ssh -i ~/.ssh/%id_rsa% root@%YOUR-HOST%above. Additionally, DigitalOcean console is open then. (Well, I updated my post about it.)I hope this would be the answer to your question.
Hi, 0x746461.
Thank you for your question.
Excuse me, but would you tell me in which part of my tutorial you have trouble?
You can't click or run "Access console" to reboot the virtual machine?
I didnt say I had a problem with the tutorial. I was wondering how you mitigate the necessity of having access to the console of the virtual machine to enter the password to unlock the disk upon every reboot.
Thank you for your detail.
I'll check it this week or next week!