Skip to content

sabuj66/atomic-snapper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
LICENSE
LICENSE
 
 
README.md
README.md
 
 
atomic-snapper
atomic-snapper
 
 
limine-ss.png
limine-ss.png
 
 

Repository files navigation

atomic-snapper

Screenshot

screenshot

What this script does

  • Supports taking Btrfs snapshots for multiple subvolumes.
  • Automatically extracts kernel and initramfs from the root snapshot.
  • Builds extracted files into a single UKI using efibootguard.
  • Generates Limine boot menu entries for root snapshots and enrolls a BLAKE2B hashed Limine configuration.
  • Signs the UKI & bootloader for Secure Boot.
  • Automatically cleans up old snapshots, UKIs and limine menu entries.
  • Can be use to managing boot menu entries for multiple operating systems.

Configure the variables on the script by following the commented instructions.

Requirements

  • A Btrfs file system with necessary subvolumes.
  • An ESP with sufficient space for storing UKIs.
  • efibootguard for generating UKI.
  • Optionally, Secure Boot signing using sbsigntools.
  • limine bootloader for managing UKI entries.
  • An optional notification sender like fyi or notify-send with dbus.
  • Additional dependencies: util-linux, bash, btrfs-progs.

Currently, tested init systems for booting read-only snapshots work on OpenRC, runit, S6, and systemd. Notably, Dinit systems will require writable snapshots to boot up.

Example Btrfs layout

Btrfs Subvolume Mount Point
@ /
@home /home
@.snapshots /.snapshots
@var_cache /var/cache
@var_log /var/log
@var_tmp /var/tmp
@tmp /tmp

Running

Run the script with -v or --verbose for verbosity.

atomic-snapper --verbose

Example Recovery from root snapshot

Boot into one of your snapshots from Limine

Mount the Top Level

mount -o subvolid=5 /dev/mapper/root /mnt

Moving the Broken Root

mv /mnt/@ /mnt/@_broken

Clone one of your latest generation Snapshot into the Writable root

btrfs subvolume snapshot /mnt/@.snapshots/@-2077 /mnt/@

After restored

umount /mnt
reboot

Once you confirm everything is working, you can mount the root and then btrfs subvolume delete /mnt/@_broken.

Why

  • It's fast, portable, and designed to be extremely safe, making it well-suited for use on servers. It can be run automatically with any service or cron job schedule without manual intervention.
  • It uses immutable Btrfs Origin Generation for managing snapshots instead of any xml db, eliminating duplication issues and no impact from incorrect system time/date.
  • The use of UKI simplifies Secure Boot setup and ensures that the kernel command line remains safe from modification.

A sample setup on Artix Linux can be found here.

About

A single bash script for creating Bootable Btrfs snapshots with UKI, and syncing with Limine, in a minimalist way.

Topics

linux shellscript uefi-boot btrfs-snapshots secureboot uki limine-bootloader

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Contributors

Languages