- Introduction
- Features
- Prerequisites
- Detailed Installation and Usage Guide
- Documentation
- Security
- Monitoring
- Contributing
- License
- Acknowledgments
A USB boot system for automated Ubuntu 24.04 server deployment with secure remote management capabilities with Tailscale. Perfect for headless server deployments, edge computing, and automated infrastructure setups.
- Self-Healing: Automatic system recovery and maintenance
- Secure Remote Access: Integration with Tailscale for secure networking
- Dual-Partition System: Encrypted storage for sensitive data
- Monitoring: Built-in system health checks and alerts
- Remote Management: Secure command and control capabilities
- USB drive (minimum 16GB)
- Target system with:
- UEFI boot support
- x86_64 architecture
- Minimum 4GB RAM
- Minimum 20GB storage
- Ubuntu 24.04 Server ISO
- Required packages:
sudo apt update && sudo apt install -y \ cryptsetup \ grub-efi-amd64 \ parted \ tailscale \ mkpasswd \ whois
- Internet connection
- Tailscale account and auth key
# Clone and prepare installer
git clone https://github.com/ucli-tools/ubuntail
cd ubuntail
sudo bash ./install.sh
# Follow prompts for:
# - Ubuntu ISO location
# - USB device selection
# - Tailscale auth key
# - Node passwordBefore booting from the USB, configure the target system's BIOS/UEFI:
-
Access BIOS/UEFI
- During system startup, press the BIOS key (usually F2, F12, or Del)
- Different manufacturers use different keys:
- Dell: F2 or F12
- HP: F10
- Lenovo: F1 or F2
- ASUS: F2 or Del
- Acer: F2 or Del
-
Configure Boot Settings
- Disable Secure Boot
- Enable UEFI Boot Mode
- Disable Legacy/CSM Boot
- Enable USB Boot
- Set Boot Order:
- USB Drive
- Hard Drive
- Network Boot (optional)
-
Additional Settings
- Enable Intel VT-x/AMD-V (for virtualization)
- Enable Execute Disable Bit
- Disable Fast Boot
- Set Power On After Power Loss (if available)
-
Save and Exit
- Save changes and exit BIOS
- System will reboot
-
Boot from USB
- Insert the prepared USB drive
- Power on the system
- Wait for GRUB menu
-
Select Installation Mode
Available Options: 1. Fresh Installation (Requires Encryption Password) 2. Boot Installed System 3. Recovery Mode 4. Self-Healing Mode -
First-Time Installation
- Select "Fresh Installation"
- Enter the LUKS encryption password when prompted
- Installation will proceed automatically
- System will reboot when complete
-
Verify Installation
# From your management system ./src/scripts/remote-management.sh status node-[identifier] -
Configure Node
# Check system health ./src/scripts/remote-management.sh health node-[identifier] # Enable monitoring ./src/scripts/remote-management.sh monitor node-[identifier]
-
Node Management
# List all nodes ./src/scripts/remote-management.sh list # View node logs ./src/scripts/remote-management.sh logs node-[identifier] # Trigger self-healing ./src/scripts/remote-management.sh heal node-[identifier]
-
Recovery Operations
# Boot into recovery mode ./src/scripts/boot/manage-boot.sh recovery # Reset to normal boot ./src/scripts/boot/manage-boot.sh normal
-
USB Not Detected
- Verify USB is properly formatted
- Try different USB ports
- Check USB in another system
-
Boot Failures
- Verify BIOS settings
- Ensure Secure Boot is disabled
- Check UEFI boot order
-
Network Issues
- Verify network cable connection
- Check Tailscale status
- Ensure firewall rules allow Tailscale
-
Installation Hangs
- Check system meets minimum requirements
- Verify USB drive integrity
- Try re-creating USB installer
-
Regular Updates
# Update node software ./src/scripts/remote-management.sh update node-[identifier] # Check update status ./src/scripts/remote-management.sh status node-[identifier]
-
Backup Important Data
# Backup node configuration ./src/scripts/remote-management.sh backup node-[identifier] -
Monitor System Health
# View health metrics ./src/scripts/remote-management.sh metrics node-[identifier]
-
Password Management
- Change default passwords
- Use strong encryption passwords
- Regularly rotate credentials
-
Network Security
- Keep Tailscale updated
- Review access logs regularly
- Monitor network connections
-
Physical Security
- Secure physical access to nodes
- Store USB drives safely
- Document node locations and access
Detailed documentation is available in the docs directory:
Security is a top priority:
- All sensitive data is stored in an encrypted LUKS partition
- Network access is secured through Tailscale's zero-trust network
- Regular security updates and monitoring
- UEFI Secure Boot support
The system includes comprehensive monitoring:
- CPU, memory, and disk usage tracking
- Network connectivity monitoring
- Automatic issue detection and resolution
- Alert system for critical events
Contributions are welcome!
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- Ubuntu Server team for the base system
- Tailscale for secure networking
- GRUB developers for boot management
- Community contributors and testers