Lab 1: Mission Briefing¶

The Phoenix Server: From Ashes to Automation¶

Your mission, should you choose it...

Your Mission: Build with Intention¶

Your goal is not just to "install Linux," but to construct a server with precision, efficiency, and control.

Scenario: You will be rebuilding a critical server from scratch.
Method: You will use the Debian netinst image for a minimal base.
Philosophy: Every package and every configuration choice must be deliberate.

Key Concepts You Will Master¶

Logical Volume Management (LVM)
Post-Installation Hardening
The chroot Environment
Disaster Recovery (GRUB)
debootstrap for Manual Installation

1. Logical Volume Management (LVM)¶

LVM adds a flexible abstraction layer between your physical disks and your filesystems. It is the industry standard for servers.

/dev/vda2 (Physical Disk Partition)

↓

Physical Volume (PV)

↓

Volume Group (VG) - "vg_phoenix" (A Pool of Storage)

LV: root

LV: home

LV: swap

LVM in Lab 1: Your Target Layout¶

This is the professional disk layout you will build. Note the separation of /boot.

/dev/vda
  ├─ /dev/vda1  (512M, ext4, mounted on /boot)
  └─ /dev/vda2  (19.5G, LVM Physical Volume)
      └─ vg_phoenix (Volume Group)
          ├─ lv_root (10G, ext4, mounted on /)
          ├─ lv_home (5G, ext4, mounted on /home)
          └─ lv_swap (2G, swap)

Why is /boot separate? The bootloader (GRUB) runs very early in the boot process. It needs to read the kernel and initramfs directly from a simple, standard filesystem. It doesn't understand LVM, so /boot must be outside of it.

2. Post-Installation Hardening¶

A fresh install is a vulnerable install. In Level 2, you will be challenged to harden the server:

SSH Hardening: You will disable direct root login and enforce the use of secure SSH keys.
Firewall (ufw): You will implement a "default-deny" policy and explicitly allow only the services you need.
Custom APT Repository: You will practice deploying your own software by creating a local package repository with nginx.

The Professional's Superpower:¶

`chroot`¶

The `chroot` Environment¶

chroot (Change Root) creates a temporary "bubble." When you chroot into a directory, that directory becomes the / root for all commands you run.

Why this is a superpower: - System Recovery: You can boot from a live CD, chroot into your broken system, and run commands to fix it as if you were actually logged in. You can reinstall kernels, fix configs, and manage packages. - Custom Builds: You can install a new system into a folder (debootstrap), chroot in, and configure it before it ever boots for the first time.

4. Your Mission: Disaster & Recovery¶

In the lab, you will intentionally break your server by wiping the bootloader, then bring it back to life.

Your recovery mission will be:

Boot from a Live ISO (the netinst CD).
Mount the broken system's partitions into a temporary location.
chroot into the mounted root filesystem.
Re-install GRUB using grub-install.
Reboot the resurrected server.

This is a fundamental, resume-worthy skill.

The Expert Challenge:¶

`debootstrap`¶

5. The `debootstrap` Challenge¶

For those who finish early, debootstrap is the ultimate tool for control. It allows you to install a complete Debian base system into a directory without needing an installer.

You will be challenged to: 1. Manually partition disks from a live CD. 2. Mount them to a temporary directory. 3. Run debootstrap to create the system files. 4. chroot into the new system to install a kernel and configure it from scratch.

This is how custom Linux images and many automated deployments are born.

Mission Briefing Complete.¶

Focus. Be precise. Learn from failure.

Good luck.