‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, September 7, 2020 4:48 AM, Stuart Henderson <s...@spacehopper.org> wrote:
> On 2020-09-07, tom ryan tomry...@gmail.com wrote: > > > On 7/9/20 5:07 pm, Walt wrote: > > > > > I have a new server on order that should arrive in a few days. > > > It's intended purpose is to replace my current firewall. It has no CD > > > and so I'll make and use a bootable flash drive as described in the > > > Installation Guide section of the FAQ. > > > The server will have a second ssd drive and so I got to wondering > > > if it might be useful to create a bootable partition on the drive and > > > install the installation on it. > > > I'm probably not going to do this but I am curious about whether it > > > would work very well. I'll probably install a second copy of the OS on > > > the second drive and mirror all configuration files to it so that if > > > anything happens to the main drive, I can turn around and boot from the > > > second and be up and running almost immediately. > > It's possible, but it's a challenge to keep them in sync. > > > Maybe you want to just run them in a softraid mirror... > > https://www.openbsd.org/faq/faq14.html#softraidDI > > This helps with some types of problem (drive failure), but doesn't help > with fat-fingered commands or bad upgrades that periodic or manual syncs > would protect against. > > My suggestions would be to keep the config files in a management system > of some sort. Whether that's a full-blown config management system like > ansible/salt, one of the simpler tools like rset, judo, rdist, or even > just commiting config files directly to a version control repository, > they will all help get a system back up and running much more quickly. > Keeping config changes to the minimum necessary helps too of course. My primary reason for the second hard drive is to use faubackup to make copies of /etc and /home to the second hard drive. I will have a 1 TB drive on the new machine and so I will have plenty of room for an extra bootable copy of the OS on it. Also, I keep copies of all the configuration files in a user directory and make my changes there instead of /etc and /etc/sshd and then use a makefile to copy the individual configuration files as necessary to /etc and elsewhere. This makes it particularly easy to replace one computer with another with a fresh copy of OpenBSD. Walt
