Debian 12 on Oracle Cloud (Free Tier) - (AMD64/ARM64)

README.md

Requirements:

⚠️ Only FRESH and CLEAN instances are supported. Ubuntu 22.04 (Minimal) images ONLY ⚠️

⚠️ Also you NEED to temporarily open the connection to the 1022 port in Security List / Ingress Rules for your VCN ⚠️

⚠️ After transformation YOU get a clean Debian 12 instance. All other data will be lost. ⚠️

The tmpfs partition is limited to 700m for x86_64 (free tier) compatibility.

Transformation from Ubuntu to Debian (x86_64/arm64) steps:

1. Download the script (to YOUR local machine with SSH (public key) access to a remote Oracle Cloud Instance)

wget https://gist.githubusercontent.com/ishad0w/10a536f82c79d3b890d04243634df806/raw/oci_ubuntu_to_debian.multiarch.sh

2. Make it executable.

chmod +x oci_ubuntu_to_debian.multiarch.sh

3. Replace '1.1.1.1' with your OCI Instance DNS name or IP address:

./oci_ubuntu_to_debian.multiarch.sh 1.1.1.1

4. Profit.

oci_ubuntu_to_debian.multiarch.sh

#!/bin/bash
trap "exit" INT
echo -e "\nHost:"
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 ubuntu@$1 \
    'uname -a && arch && uptime && sudo touch /home/ubuntu/.hushlogin /root/.hushlogin'

echo -e "\nAdding temporary SSH-key for Ubuntu root user..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 ubuntu@$1 \
    'sudo cat /home/ubuntu/.ssh/authorized_keys | sudo tee /root/.ssh/authorized_keys'

echo -e "\nSystem trimming..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
export DEBIAN_FRONTEND=noninteractive
snap remove --purge oracle-cloud-agent && snap remove --purge core18
apt-get purge -y linux-* lxc* lxd* vim* snapd* python*
apt-get update && apt-get install -y lsof
apt-get -y autoremove --purge
apt-get -y autoclean
rm -rf /var/log/* /var/lib/apt/* /var/cache/apt/*
df -h
EOL
echo "Check free space! for "/" mountpoint. <=700mb"
waittime=15
while [ $waittime -gt 0 ]; do
   echo -ne "$waittime\033[0K\r"
   sleep 1
   : $((waittime--))
done

echo -e "\nPreparing system..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
cd /
echo "Mounting tmpfs..."
mount -t tmpfs -o size=700m tmpfs mnt && tar --one-file-system -c . | tar -C /mnt -x
mount --make-private -o remount,rw /
mount --move dev mnt/dev && mount --move proc mnt/proc
mount --move run mnt/run && mount --move sys mnt/sys
sed -i "/^[^#]/d;" mnt/etc/fstab
echo "tmpfs / tmpfs defaults 0 0" >> mnt/etc/fstab
cd mnt && mkdir old_root
mount --make-private /
sleep 2

echo "Changing the root mount..."
unshare -m
pivot_root . old_root
sleep 5

echo "Starting SSH on 1022..."
iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 1022 -j ACCEPT
nohup /usr/sbin/sshd -D -p 1022 > /dev/null 2>&1 &
EOL

echo -e "\nFlashing the Debian image..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 1022 root@$1 -T <<'EOL'
echo "Arch is $(arch)..."

IMAGEMIRROR="https://cloud.debian.org/images/cloud/bookworm"
IMAGEVERSION="debian-12-genericcloud"
IMAGEBUILD="20240701-1795"

for i in agetty dbus-daemon atd iscsid rpcbind unattended-upgrades; do pkill $i; done; kill 1; umount -l /dev/sda1
if [ $(arch) = "x86_64" ]
    then curl -L $IMAGEMIRROR/$IMAGEBUILD/$IMAGEVERSION-amd64-$IMAGEBUILD.tar.xz | tar -OJxvf - disk.raw | dd of=/dev/sda bs=1M; 
elif [ $(arch) = "aarch64" ]
    then curl -L $IMAGEMIRROR/$IMAGEBUILD/$IMAGEVERSION-arm64-$IMAGEBUILD.tar.xz | tar -OJxvf - disk.raw | dd of=/dev/sda bs=1M; 
else 
    echo Unsported architecture!
fi
sleep 5

echo "Syncing changes to the block storage..."
sync
sleep 5

echo "Rebooting into Debian!"
nohup sh -c 'echo "1" > /proc/sys/kernel/sysrq && sleep 5 && echo "b" > /proc/sysrq-trigger' > /dev/null 2>&1 &
EOL

echo -e "\nWaiting until Debian starts... (3 min)"
waittime=180
while [ $waittime -gt 0 ]; do
   echo -ne "$waittime\033[0K\r"
   sleep 1
   : $((waittime--))
done

echo -e "\nAdding temporary SSH-key for Debian root user..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 debian@$1 \
    'sudo cat /home/debian/.ssh/authorized_keys | sudo tee /root/.ssh/authorized_keys'

echo -e "\nDebian inititialisation..."
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -p 22 root@$1 -T <<'EOL'
export DEBIAN_FRONTEND=noninteractive
echo "deb http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" > /etc/apt/sources.list
apt-get update && apt-get install -y locales-all
rm -rf /root/.ssh/
sync
reboot
EOL

sleep 10
echo -e "\nDone!"

Something wrong with script. After mounting tmpfs

Mounting tmpfs...
tar: ./usr/lib/python3/dist-packages/psutil/_pslinux.py: Wrote only 5120 of 10240 bytes
tar: ./usr/lib/python3/dist-packages/psutil/_psutil_linux.cpython-310-aarch64-linux-gnu.so: Cannot write: No space left on device
tar: ./usr/lib/python3/dist-packages/psutil/_psaix.py: Cannot write: No space left on device
tar: ./usr/lib/python3/dist-packages/psutil/_common.py: Cannot write: No space left on device
tar: ./usr/lib/python3/dist-packages/psutil/__pycache__/_psosx.cpython-310.pyc: Cannot write: No space left on device
----

But free space exists

@afteroot, for me looks like its not a "clean \ fresh ubuntu-minimal instance".
"No space left on device" means no space on tmpfs (limited to 700MB due to x86_64 instance ram limits) temporary partition.

So, you need to create a CLEAN instance Canonical-Ubuntu-22.04-Minimal-20xx.xx.xx-x.
And after that run the script again.
I tested the script 2 days ago, works well for me (for both x86_64/aarch64).

Follow the steps. Don't forget to open the 1022 port for incoming connections inside VCNs Security List / Ingress Rules.

Maybe someday I will add a free space check and other "showstoppers".

Ok, thanks

Same problem as afteroot, with a clean Canonical-Ubuntu-22.04-Minimal-aarch64-2023.04.18-0 Installation.

Also i get after the errors following:

Changing the root mount...
Starting SSH on 1022...

Flashing the Debian image...
ssh: connect to host 193.122.14.231 port 1022: No route to host

Waiting until Debian starts... (3 min)

Adding temporary SSH-key for Debian root user...
kex_exchange_identification: read: Connection reset by peer

Debian inititialisation...
kex_exchange_identification: read: Connection reset by peer

Done!

Note i`ve added the rule for the vcn.

ok with Canonical-Ubuntu-22.04-Minimal-aarch64-2023.02.14-0 it worked now

Hi, thanks for the script, I managed to install Debian. I have a question, would this same script work to reinstall Debian to its initial version? If not, what steps of the script should we use to get Debian reinstalled?
Thanks for the help!

Hi, thanks for the script, I managed to install Debian. I have a question, would this same script work to reinstall Debian to its initial version? If not, what steps of the script should we use to get Debian reinstalled? Thanks for the help!

Probably... yes.
But you need to make some modifications to the script. Like changing username, and home folder path and delete ubuntu related stuff (like snapstore).
I don't test it, but it might work.

One thing that OCI does not have is the ability to reinstall the OS, you have to completely remove the "VPS" and try to create it again. Sometimes it can take more than a day to get another VPS created.
I will try, with the little knowledge I have, to find a way to reinstall Debian with the steps you mentioned, I hope I have luck.

Updated to Debian 12.

Thanks!

Works perfectly!

有三个方案可以安装Debian12

1. 通过dd安装Debian
2. 修改grub方式安装
3. ”Custom images“ Debian12.vmdk

#1 AMD，目前只能正常安装Debian11，再升级到12，root密码为”XXXX“自己修改，
bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 11 -v 64 -p "XXXX" -a -firmware

#1 ARM，可以正常安装Debian12，root密码为”XXXX“自己修改
bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -d 12 -v arm64 -p "XXXX" -a -firmware

#2 grub 方式安装需要通过VNC，查看https://netboot.xyz/docs/kb/providers/oci/

#3 只适合已升级的账户
3.1 Storage > Buckets > Create Bucket, Upload debian12.vmdk or debian12.cow2
3.2 Compute > Custom images > Import image > Custom image details > Edit details > Compatible shapes
3.3 Create compute instance ...

with SSH (public key) access to a remote Oracle Cloud Instance

Where do I put the ssh key address while doing /oci_ubuntu_to_debian.multiarch.sh my_vps_ip_address ?

This doesn't work: /oci_ubuntu_to_debian.multiarch.sh my_vps_ip_address -i ~/some_folder/my_public_ssh_key.pub

edit: I was accidentally using pub key, also I added -i ~/some_folder/my_public_ssh_key manually into the file wherever we login

Same problem as afteroot, with a clean Canonical-Ubuntu-22.04-Minimal-aarch64-2023.04.18-0 Installation.

Also i get after the errors following:

Changing the root mount...
Starting SSH on 1022...

Flashing the Debian image...
ssh: connect to host 193.122.14.231 port 1022: No route to host

Waiting until Debian starts... (3 min)

Adding temporary SSH-key for Debian root user...
kex_exchange_identification: read: Connection reset by peer

Debian inititialisation...
kex_exchange_identification: read: Connection reset by peer

Done!

Note i`ve added the rule for the vcn.

I've got exactly the same result. Did you managed to open the port somehow in the Security List?

After applying the clean script and ubuntu-22.04-minimal--aarch64 image, I am unable to log in, but it appears the script was a success though. I tried using the debian user, ubuntu user, root user, or even a backdoor user that I tried to use, but debian keeps saying login incorrect or when sshing in, publickey denied when using the hostname for some reason?? I am not sure how to proceed. Not sure why the genericcloud/generic images for debian aren't working either

This worked perfectly for me, thank you so much.

@kokomo123: the debian user worked for me

Same problem as afteroot, with a clean Canonical-Ubuntu-22.04-Minimal-aarch64-2023.04.18-0 Installation.
Also i get after the errors following:

Changing the root mount...
Starting SSH on 1022...

Flashing the Debian image...
ssh: connect to host 193.122.14.231 port 1022: No route to host

Waiting until Debian starts... (3 min)

Adding temporary SSH-key for Debian root user...
kex_exchange_identification: read: Connection reset by peer

Debian inititialisation...
kex_exchange_identification: read: Connection reset by peer

Done!

Note i`ve added the rule for the vcn.

I've got exactly the same result. Did you managed to open the port somehow in the Security List?

@LIONNNNNN @Baterka or anyone passing by here, try to use the oldest version of Ubuntu 22.04 Minimal. I made it work with version 2024.08.27-0, but was failing on the lastest 2024.10.06-0

After applying the clean script and ubuntu-22.04-minimal--aarch64 image, I am unable to log in, but it appears the script was a success though. I tried using the debian user, ubuntu user, root user, or even a backdoor user that I tried to use, but debian keeps saying login incorrect or when sshing in, publickey denied when using the hostname for some reason?? I am not sure how to proceed. Not sure why the genericcloud/generic images for debian aren't working either

Same problem here.