Merge pull request #20 from zentonic/patch-1

Update proxmox-zfs-postinstall.sh

.gitignore

@@ -0,0 +1 @@
+ZPOOL_SIZE_SUM_BYTES

README.md

@@ -1,10 +1,27 @@
-# proxmox-zfs-postinastall
+# proxmox-zfs-postinstall
 
 This script installs and configures basic tools for running a Proxmox Server.
 Following settings are made:
-- Remove `pve-enterprise` repo
+- Disable `pve-enterprise` repo
 - Add `pve-no-subscription` repo
 - Upgrade system to latest version
-- Install basic tools: `vim ifupdown2 net-tools dnsutils ethtool git curl unzip screen iftop lshw smartmontools nvme-cli lsscsi sysstat zfs-auto-snapshot`
-- Configure snapshot retention for `zfs-auto-snapshot`
-- Set limits for level 1 arc (`zfs_arc_min` and `zfs_arc_max`)
+- Install basic tools: `sudo vim ifupdown2 net-tools dnsutils ethtool git curl unzip screen iftop lshw smartmontools nvme-cli lsscsi sysstat zfs-auto-snapshot htop mc rpl`
+- Configure snapshot retention for `zfs-auto-snapshot` interactively
+- `zfs_arc_[min|max]` will be calculated by size sum of all zpools in 512 MB steps
+- Configure backup of `/etc` folder to new zfs dataset on `rpool/pveconf`
+- Configure `vm.swappiness` interactively
+- Install checkmk Agent with optional encryption and registration
+- Added Support for Proxmox VE 7.0
+- Added Proxmox SDN features
+
+# Usage
+
+Just download and execute the script, all settings are made interactively.
+```
+wget https://github.com/bashclub/proxmox-zfs-postinstall/raw/main/proxmox-zfs-postinstall.sh
+bash ./proxmox-zfs-postinstall.sh
+```
+
+# Author
+### Thorsten Spille
+[<img src="https://storage.ko-fi.com/cdn/brandasset/kofi_s_tag_dark.png" rel="Support me on Ko-Fi">](https://ko-fi.com/thorakel)

install-cockpit-zfs-manager

@@ -0,0 +1,61 @@
+#!/bin/bash
+source /etc/os-release
+echo "deb http://deb.debian.org/debian $VERSION_CODENAME-backports main" > /etc/apt/sources.list.d/$VERSION_CODENAME-backports.list
+apt update
+cat << EOF > /etc/apt/preferences.d/90_cockpit
+Package: cockpit cockpit-*
+Pin: release n=$VERSION_CODENAME-backports
+Pin-Priority: 990
+EOF
+apt install --yes --no-install-recommends cockpit
+git clone https://github.com/optimans/cockpit-zfs-manager.git && cp -r cockpit-zfs-manager/zfs /usr/share/cockpit
+mkdir -p /etc/cockpit/zfs
+mkdir -p /etc/cockpit/zfs/shares
+mkdir -p /etc/cockpit/zfs/snapshots
+cat << EOF > /etc/cockpit/zfs/config.json 
+{
+  "#1": "COCKPIT ZFS MANAGER",
+  "#2": "WARNING: DO NOT EDIT, AUTO-GENERATED CONFIGURATION",
+  "cockpit": {
+    "manage": true
+  },
+  "disks": {
+    "base2": false
+  },
+  "loglevel": "2",
+  "samba": {
+    "manage": false,
+    "windowscompatibility": true
+  },
+  "updates": {
+    "check": true
+  },
+  "zfs": {
+    "filesystem": {
+      "cloneorigin": false,
+      "quotarestrict": true,
+      "readonlylockdown": false,
+      "snapshotactions": true
+    },
+    "snapshot": {
+      "filesystemlist": true
+    },
+    "status": {
+      "errorcolors": true,
+      "trimunsupported": false
+    },
+    "storagepool": {
+      "activetab": 1,
+      "boot": true,
+      "bootlockdown": true,
+      "count": true,
+      "refreshall": false,
+      "root": true
+    }
+  }
+}
+EOF
+cat << EOF > /etc/cockpit/zfs/shares.conf 
+# COCKPIT ZFS MANAGER
+# WARNING: DO NOT EDIT, AUTO-GENERATED CONFIGURATION
+EOF

install-docker-portainer

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+# create zfs filesystems
+zfs create -o com.sun:auto-snapshot=false -o mountpoint=/var/lib/docker rpool/docker
+zfs create -o com.sun:auto-snapshot=true -o mountpoint=/portainer rpool/portainer
+
+# add docker repository
+curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+# update package lists and install docker engine + docker-compose
+apt update
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -qq --no-install-recommends docker-ce docker-ce-cli containerd.io
+
+dc_version=$(wget -O - -q https://api.github.com/repos/docker/compose/releases/latest | grep -m1 "\"name\":" | cut -d'"' -f4)
+wget -O /usr/local/bin/docker-compose https://github.com/docker/compose/releases/download/${dc_version}/docker-compose-linux-x86_64
+chmod +x /usr/local/bin/docker-compose
+
+# install portainer
+cd /portainer
+mkdir data
+cat << EOF > /portainer/docker-compose.yml
+version: '3.2'
+
+services:
+
+  portainer:
+    image: portainer/portainer-ce
+    ports:
+      - "9443:9443"
+      - "8000:8000"
+    volumes:
+      - /portainer/data:/data
+      - /var/run/docker.sock:/var/run/docker.sock
+    restart: always
+EOF
+# start portainer
+docker-compose up -d

install.sh

@@ -1,45 +0,0 @@
-#!/bin/bash
-
-# Define basic tools to install
-TOOLS="vim ifupdown2 net-tools dnsutils ethtool git curl unzip screen iftop lshw smartmontools nvme-cli lsscsi sysstat zfs-auto-snapshot"
-
-# Define zfs-auto-snapshot retention policy
-SNAP_FREQUENT=8
-SNAP_HOURLY=48
-SNAP_DAILY=31
-SNAP_WEEKLY=8
-SNAP_MONTHLY=3
-
-# Define zfs arcsize in Megabytes (MB)
-ZFS_ARC_MIN=128
-ZFS_ARC_MAX=256
-
-# remove pve-enterprise repo and add pve-no-subscription repo
-rm -f /etc/apt/sources.list.d/pve-enterprise.list
-echo "deb http://download.proxmox.com/debian/pve buster pve-no-subscription" > /etc/apt/sources.list.d/pve-no-subscription.list
-apt update
-
-# update system and install basic tools
-DEBIAN_FRONTEND=nonintercative DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade
-DEBIAN_FRONTEND=nonintercative DEBIAN_PRIORITY=critical apt -y -qq install $TOOLS
-
-# configure zfs-auto-snapshot
-sed -i 's/keep=4/keep=$SNAP_FREQUENT/g' /etc/cron.d/zfs-auto-snapshot
-sed -i 's/keep=24/keep=$SNAP_HOURLY/g' /etc/cron.hourly/zfs-auto-snapshot
-sed -i 's/keep=31/keep=$SNAP_DAILY/g' /etc/cron.hourly/zfs-auto-snapshot
-sed -i 's/keep=8/keep=$SNAP_WEEKLY/g' /etc/cron.weekly/zfs-auto-snapshot
-sed -i 's/keep=8/keep=$SNAP_MONTHLY/g' /etc/cron.monthly/zfs-auto-snapshot
-
-# set zfs_arc_limits
-ZFS_ARC_MIN_BYTES=$(($ZFS_ARC_MIN+1024*1024))
-ZFS_ARC_MAX_BYTES=$(($ZFS_ARC_MAX+1024*1024))
-
-echo $ZFS_ARC_MIN_BYTES > /sys/module/zfs/parameters/zfs_arc_min
-echo $ZFS_ARC_MAX_BYTES > /sys/module/zfs/parameters/zfs_arc_max
-
-cat << EOF > /etc/modprobe.d/zfs.conf
-options zfs zfs_arc_min=$ZFS_ARC_MIN_BYTES
-options zfs zfs_arc_min=$ZFS_ARC_MAX_BYTES
-EOF
-update-initramfs -u -k all
-

proxmox-zfs-postinstall.sh

@@ -0,0 +1,312 @@
+#!/bin/bash
+
+###### CONFIG SECTION ######
+
+# Define basic tools to install
+TOOLS="sudo vim ifupdown2 libpve-network-perl net-tools dnsutils ethtool git curl unzip screen tmux iftop lshw smartmontools nvme-cli lsscsi sysstat zfs-auto-snapshot htop mc rpl lsb-release"
+
+#### PVE CONF BACKUP CONFIGURATION ####
+
+# Define target dataset for backup of /etc
+# IMPORTANT NOTE: Don't type in the leading /, this will be set where needed
+PVE_CONF_BACKUP_TARGET=rpool/pveconf
+
+# Define timer for your backup cronjob (default: every 15 minutes from 3 through 59)
+PVE_CONF_BACKUP_CRON_TIMER="3,18,33,48 * * * *"
+
+# Get Debian version info
+source /etc/os-release
+
+###### SYSTEM INFO AND INTERACTIVE CONFIGURATION SECTION ######
+
+ROUND_FACTOR=512
+
+roundup(){
+    echo $(((($1 + $ROUND_FACTOR) / $ROUND_FACTOR) * $ROUND_FACTOR))
+}
+
+roundoff(){
+    echo $((($1 / $ROUND_FACTOR) * $ROUND_FACTOR))
+}
+
+#### L1ARC SIZE CONFIGURATION ####
+
+# get total size of all zpools
+ZPOOL_SIZE_SUM_BYTES=0
+for line in $(zpool list -o size -Hp); do ZPOOL_SIZE_SUM_BYTES=$(($ZPOOL_SIZE_SUM_BYTES+$line)); done
+
+# get information about available ram
+MEM_TOTAL_BYTES=$(($(awk '/MemTotal/ {print $2}' /proc/meminfo) * 1024))
+
+# get values if defaults are set
+ARC_MAX_DEFAULT_BYTES=$(($MEM_TOTAL_BYTES / 2))
+ARC_MIN_DEFAULT_BYTES=$(($MEM_TOTAL_BYTES / 32))
+
+# get current settings
+ARC_MIN_CUR_BYTES=$(cat /sys/module/zfs/parameters/zfs_arc_min)
+ARC_MAX_CUR_BYTES=$(cat /sys/module/zfs/parameters/zfs_arc_max)
+
+# calculate suggested l1arc sice
+ZFS_ARC_MIN_MEGABYTES=$(roundup $(($ZPOOL_SIZE_SUM_BYTES / 2048 / 1024 / 1024)))
+ZFS_ARC_MAX_MEGABYTES=$(roundoff $(($ZPOOL_SIZE_SUM_BYTES / 1024 / 1024 / 1024)))
+
+echo -e "######## CONFIGURE ZFS L1ARC SIZE ########\n"
+echo "System Summary:"
+echo -e "\tSystem Memory:\t\t$(($MEM_TOTAL_BYTES / 1024 / 1024))\tMB"
+echo -e "\tZpool size (sum):\t$(($ZPOOL_SIZE_SUM_BYTES / 1024 / 1024))\tMB"
+echo -e "Calculated l1arc if set to defaults:"
+if [ $ARC_MIN_DEFAULT_BYTES -lt 33554432 ]; then
+    echo -e "\tDefault zfs_arc_min:\t32\tMB"
+else
+    echo -e "\tDefault zfs_arc_min:\t$(($ARC_MIN_DEFAULT_BYTES / 1024 / 1024))\tMB"
+fi
+echo -e "\tDefault zfs_arc_max:\t$(($ARC_MAX_DEFAULT_BYTES / 1024 / 1024))\tMB"
+echo -e "Current l1arc configuration:"
+if [ $ARC_MIN_CUR_BYTES -gt 0 ]; then
+    echo -e "\tCurrent zfs_arc_min:\t$(($ARC_MIN_CUR_BYTES / 1024 / 1024))\tMB"
+else
+    echo -e "\tCurrent zfs_arc_min:\t0"
+fi
+if [ $ARC_MAX_CUR_BYTES -gt 0 ]; then
+    echo -e "\tCurrent zfs_arc_max:\t$(($ARC_MAX_CUR_BYTES / 1024 / 1024))\tMB"
+else
+    echo -e "\tCurrent zfs_arc_max:\t0"
+fi
+echo -e "Note: If your current values are 0, the calculated values above will apply."
+echo ""
+echo -e "The l1arc cache will be set relative to the size (sum) of your zpools by policy"
+echo -e "zfs_arc_min:\t\t\t$(($ZFS_ARC_MIN_MEGABYTES))\tMB\t\t= 512 MB RAM per 1 TB ZFS storage (round off in 512 MB steps)"
+echo -e "zfs_arc_max:\t\t\t$(($ZFS_ARC_MAX_MEGABYTES))\tMB\t\t= 1 GB RAM per 1 TB ZFS storage (round up in 512 MB steps)"
+echo ""
+RESULT=not_set
+while [ "$(echo $RESULT | awk '{print tolower($0)}')" != "y" ] && [ "$(echo $RESULT | awk '{print tolower($0)}')" != "n" ] && [ "$(echo $RESULT | awk '{print tolower($0)}')" != "" ]; do
+    read -p "If you want to apply the values by script policy type 'y', type 'n' to adjust the values yourself [Y/n]? "
+    RESULT=${REPLY}
+done
+if [[ "$(echo $RESULT | awk '{print tolower($0)}')" == "n" ]]; then
+    read -p "Please type in the desired value in MB for 'zfs_arc_min' [$(($ZFS_ARC_MIN_MEGABYTES))]: "
+    if [[ ${REPLY} -gt 0 ]]; then
+        ZFS_ARC_MIN_MEGABYTES=$((${REPLY}))
+    fi
+    read -p "Please type in the desired value in MB for 'zfs_arc_max' [$(($ZFS_ARC_MAX_MEGABYTES))]: "
+    if [[ ${REPLY} -gt 0 ]]; then
+        ZFS_ARC_MAX_MEGABYTES=$((${REPLY}))
+    fi
+fi
+
+#### SWAPPINESS ####
+
+echo -e "######## CONFIGURE SWAPPINESS ########\n"
+SWAPPINESS=$(cat /proc/sys/vm/swappiness)
+echo "The current swappiness is configured to '$SWAPPINESS %' of free memory until using swap."
+read -p "If you want to change the swappiness, please type in the percentage as number (0 = disabled):" user_input
+if echo "$user_input" | grep -qE '^[0-9]+$'; then
+    echo "Changing swappiness from '$SWAPPINESS %' to '$user_input %'"
+    SWAPPINESS=$user_input
+else
+    echo "No input - swappiness unchanged at '$SWAPPINESS %'."
+fi
+
+#### ZFS AUTO SNAPSHOT CONFIGURATION ####
+
+# get information about zfs-auto-snapshot and ask for snapshot retention
+declare -A auto_snap_keep=( ["frequent"]="8" ["hourly"]="48" ["daily"]="31" ["weekly"]="8" ["monthly"]="3" )
+dpkg -l zfs-auto-snapshot > /dev/null
+
+if [ $? -eq 0 ]; then
+    echo "'zfs-auto-snapshot' already installed. Reading config..."
+    for interval in "${!auto_snap_keep[@]}"; do
+        if [[ "$interval" == "frequent" ]]; then
+            auto_snap_keep[$interval]=$(cat /etc/cron.d/zfs-auto-snapshot | grep keep | cut -d' ' -f19 | cut -d '=' -f2)
+        else
+            auto_snap_keep[$interval]=$(cat /etc/cron.$interval/zfs-auto-snapshot | grep keep | cut -d' ' -f6 | cut -d'=' -f2)
+        fi
+    done
+else
+    echo "'zfs-auto-snapshot' not installed yet, using script defaults..."
+fi
+echo -e "######## CONFIGURE ZFS AUTO SNAPSHOT ########\n"
+for interval in "${!auto_snap_keep[@]}"; do
+    read -p "Please set how many $interval snapshots to keep (current: keep=${auto_snap_keep[$interval]})" user_input
+    if echo "$user_input" | grep -qE '^[0-9]+$'; then
+        echo "Changing $interval from ${auto_snap_keep[$interval]} to $user_input"
+        auto_snap_keep[$interval]=$user_input
+    else
+        echo "No input - $interval unchanged at ${auto_snap_keep[$interval]}."
+    fi
+done
+
+#### CHECKMK AGENT CONFIGURATION ####
+read -p "Do you want to install checkmk agent on this machine? [y/N] " install_checkmk
+if [[ "$install_checkmk" == "y" ]]; then
+    read -p "Please specify the base url to your checkmk server (e.g. https://check.zmb.rocks/bashclub): " cmk_agent_url
+    read -p "Enable agent encryption (requires setup of Agent Encryption on your checkmk instance). Do you want to activate agent encryption? [y/N] " cmk_encrypt
+    if [[ "$cmk_encrypt" == "y" ]]; then
+        read -p "Please enter the encryption passphrase: " cmk_enc_pass
+    fi
+    read -p "Register your machine on your checkmk server (requires preconfigured automation secret)? [y/N] " cmk_register
+    if [[ "$cmk_register" == "y" ]]; then
+        read -p "Please enter your automation secret: " cmk_secret
+        read -p "Please enter the folder where to store the host: " cmk_folder
+        cmk_site=$(echo $cmk_agent_url | cut -d'/' -f4)
+        read -p "Please enter the checkmk site name: [$cmk_site]" user_input
+        if [[ $(echo -n "$user_input") != "" ]]; then
+            cmk_site=$user_input
+        fi
+        echo "Please select which agent ip address to register:"
+        select ip in $(ip a | grep "inet " | cut -d ' ' -f6 | cut -d/ -f1); do
+            cmk_reg_ip=$ip
+            break
+        done
+    fi
+fi
+
+
+###### INSTALLER SECTION ######
+
+# disable pve-enterprise repo and add pve-no-subscription repo
+
+#Not tested, yet!
+read -p "Do you want to disable pve-enterprise repo and add pve-no-subscription repo (y/N)? " response
+
+if [ "${response,,}" == "y" ]; then
+    if [[ "$(uname -r)" == *"-pve" ]]; then
+        echo "Deactivating pve-enterprise repository"
+        mv /etc/apt/sources.list.d/pve-enterprise.list /etc/apt/sources.list.d/pve-enterprise.list.bak > /dev/null 2>&1
+        echo "Activating pve-no-subscription repository"
+        q=$(cat /etc/apt/sources.list | grep "pve-no-subscription")
+        if [ $? -gt 0 ]; then
+            echo "deb http://download.proxmox.com/debian/pve $VERSION_CODENAME pve-no-subscription" >> /etc/apt/sources.list
+        fi
+        rm -f /etc/apt/sources.list.d/pve-no-subscription.list
+    fi
+fi
+
+echo "Getting latest package lists"
+apt update > /dev/null 2>&1
+
+# include interfaces.d to enable SDN features
+q=$(cat /etc/network/interfaces | grep "source /etc/network/interfaces.d/*")
+if [ $? -gt 0 ]; then
+    echo "source /etc/network/interfaces.d/*" >> /etc/network/interfaces
+fi
+
+# update system and install basic tools
+echo "Upgrading system to latest version - Depending on your version this could take a while..."
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade > /dev/null 2>&1
+echo "Installing toolset - Depending on your version this could take a while..."
+DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install $TOOLS > /dev/null 2>&1
+
+# configure zfs-auto-snapshot
+for interval in "${!auto_snap_keep[@]}"; do
+    echo "Setting zfs-auto-snapshot retention: $interval = ${auto_snap_keep[$interval]}"
+    if [[ "$interval" == "frequent" ]]; then
+        CURRENT=$(cat /etc/cron.d/zfs-auto-snapshot | grep keep | cut -d' ' -f19 | cut -d '=' -f2)
+        if [[ "${auto_snap_keep[$interval]}" != "$CURRENT" ]]; then
+            rpl "keep=$CURRENT" "keep=${auto_snap_keep[$interval]}" /etc/cron.d/zfs-auto-snapshot > /dev/null 2>&1
+        fi
+    else
+        CURRENT=$(cat /etc/cron.$interval/zfs-auto-snapshot | grep keep | cut -d' ' -f6 | cut -d'=' -f2)
+        if [[ "${auto_snap_keep[$interval]}" != "$CURRENT" ]]; then
+            rpl "keep=$CURRENT" "keep=${auto_snap_keep[$interval]}" /etc/cron.$interval/zfs-auto-snapshot > /dev/null 2>&1
+        fi
+    fi
+done
+
+echo "Configuring swappiness"
+echo "vm.swappiness=$SWAPPINESS" > /etc/sysctl.d/swappiness.conf
+sysctl -w vm.swappiness=$SWAPPINESS
+
+echo "Configuring pve-conf-backup"
+# create backup jobs of /etc
+zfs list $PVE_CONF_BACKUP_TARGET > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    zfs create $PVE_CONF_BACKUP_TARGET
+fi
+
+if [[ "$(df -h -t zfs | grep /$ | cut -d ' ' -f1)" == "rpool/ROOT/pve-1" ]] ; then
+  echo "$PVE_CONF_BACKUP_CRON_TIMER root rsync -va --delete /etc /$PVE_CONF_BACKUP_TARGET > /$PVE_CONF_BACKUP_TARGET/pve-conf-backup.log" > /etc/cron.d/pve-conf-backup
+fi
+
+ZFS_ARC_MIN_BYTES=$((ZFS_ARC_MIN_MEGABYTES * 1024 *1024))
+ZFS_ARC_MAX_BYTES=$((ZFS_ARC_MAX_MEGABYTES * 1024 *1024))
+
+echo "Adjusting ZFS level 1 arc"
+echo $ZFS_ARC_MIN_BYTES > /sys/module/zfs/parameters/zfs_arc_min
+echo $ZFS_ARC_MAX_BYTES > /sys/module/zfs/parameters/zfs_arc_max
+
+cat << EOF > /etc/modprobe.d/zfs.conf
+options zfs zfs_arc_max=$ZFS_ARC_MAX_BYTES
+options zfs zfs_arc_min=$ZFS_ARC_MIN_BYTES
+EOF
+
+if [[ "$install_checkmk" == "y" ]]; then
+    echo "Installing checkmk agent..."
+    if [[ $( echo -n "$(openssl s_client -connect $(echo $cmk_agent_url | cut -d'/' -f3):443  <<< "Q" 2>/dev/null | grep "Verify return code" | cut -d ' ' -f4)" ) -gt 0 ]]; then
+        wget_opts="--no-check-certificate"
+        curl_opts="--insecure"
+    fi
+    wget -q -O /usr/local/bin/check_mk_agent $wget_opts $cmk_agent_url/check_mk/agents/check_mk_agent.linux
+    wget -q -O /usr/local/bin/mk-job $wget_opts $cmk_agent_url/check_mk/agents/mk-job
+    wget -q -O /usr/local/bin/check_mk_caching_agent  $wget_opts $cmk_agent_url/check_mk/agents/check_mk_caching_agent.linux
+    wget -q -O /usr/local/bin/waitmax  $wget_opts $cmk_agent_url/check_mk/agents/waitmax
+    chmod +x /usr/local/bin/check_mk_agent
+    chmod +x /usr/local/bin/mk-job
+    chmod +x /usr/local/bin/check_mk_caching_agent
+    chmod +x /usr/local/bin/waitmax
+    /usr/local/bin/check_mk_agent > /dev/null
+    wget -q -O /etc/systemd/system/check_mk.socket $wget_opts $cmk_agent_url/check_mk/agents/cfg_examples/systemd/check_mk.socket
+    cat << EOF > /etc/systemd/system/check_mk@.service
+# systemd service definition file
+[Unit]
+Description=Check_MK
+
+[Service]
+# "-" path prefix makes systemd record the exit code,
+# but the unit is not set to failed.
+ExecStart=-/usr/local/bin/check_mk_agent
+Type=forking
+
+User=root
+Group=root
+
+StandardInput=socket
+EOF
+
+    mkdir -p /etc/check_mk
+    if [[ "$cmk_encrypt" == "y" ]]; then
+        mkdir -p /etc/check_mk
+        cat << EOF > /etc/check_mk/encryption.cfg
+ENCRYPTED=yes
+PASSPHRASE='$cmk_enc_pass'
+EOF
+    chmod 600 /etc/check_mk/encryption.cfg
+    fi
+
+    mkdir -p /var/lib/check_mk_agent
+    mkdir -p /var/lib/check_mk_agent/spool
+    mkdir -p /var/lib/check_mk_agent/job
+    mkdir -p /usr/lib/check_mk_agent/local
+    mkdir -p /usr/lib/check_mk_agent/plugins
+    wget -q -O /usr/lib/check_mk_agent/plugins/smart $wget_opts $cmk_agent_url/check_mk/agents/plugins/smart
+    chmod +x /usr/lib/check_mk_agent/plugins/smart
+    wget -q -O /usr/lib/check_mk_agent/plugins/mk_inventory $wget_opts $cmk_agent_url/check_mk/agents/plugins/mk_inventory.linux
+    chmod +x /usr/lib/check_mk_agent/plugins/mk_inventory
+    wget -q -O /usr/lib/check_mk_agent/plugins/mk_apt $wget_opts $cmk_agent_url/check_mk/agents/plugins/mk_apt
+    chmod +x /usr/lib/check_mk_agent/plugins/mk_apt
+    #LocalDirectory: /usr/lib/check_mk_agent/local
+    systemctl daemon-reload
+    systemctl enable check_mk.socket
+    systemctl restart sockets.target
+
+    if [[ "$cmk_register" == "y" ]]; then
+        cmk_request="request={\"hostname\":\"$(echo -n $(hostname -f))\",\"folder\":\"$cmk_folder\",\"attributes\":{\"ipaddress\":\"$cmk_reg_ip\",\"site\":\"$cmk_site\",\"tag_agent\":\"cmk-agent\"},\"create_folders\":\"1\"}"
+        curl $curl_opts "$cmk_agent_url/check_mk/webapi.py?action=add_host&_secret=$cmk_secret&_username=automation" -d $cmk_request
+        curl $curl_opts "$cmk_agent_url/check_mk/webapi.py?action=activate_changes&_secret=$cmk_secret&_username=automation" -d "request={\"sites\":[\"$cmk_site\"],\"allow_foreign_changes\":\"0\"}"
+    fi
+fi
+
+echo "Updating initramfs - This will take some time..."
+update-initramfs -u -k all > /dev/null 2>&1
+
+echo "Proxmox postinstallation finished!"