Aneb p\u0159\u00edb\u011bh o tom, jak jsem migroval syst\u00e9m na v\u011bt\u0161\u00ed \u0161ifrovan\u00fd disk, zachoval v\u0161echna data, p\u0159epsal si p\u00e1r n\u00e1zv\u016f volume group\u016f a trochu se zapotil s GRUBem. Pokud v\u00e1s podobn\u00e9 dobrodru\u017estv\u00ed \u010dek\u00e1, tenhle \u010dl\u00e1nek v\u00e1s provede cestou krok za krokem.<\/p>\n\n\n\n
Nejd\u0159\u00edv je pot\u0159eba vytvo\u0159it bootovac\u00ed USB s live Linuxem (doporu\u010duju t\u0159eba Kubuntu<\/strong> nebo Debian Live<\/strong>). Na to m\u016f\u017eete pou\u017e\u00edt t\u0159eba Po nabootov\u00e1n\u00ed live syst\u00e9mu nezapome\u0148te p\u0159ipojit Wi-Fi nebo s\u00ed\u0165 a otev\u0159\u00edt termin\u00e1l.<\/p>\n\n\n\n Doporu\u010duju otev\u0159\u00edt si dva termin\u00e1ly<\/strong>. V jednom budete zad\u00e1vat p\u0159\u00edkazy, v druh\u00e9m m\u00edt otev\u0159en\u00fd v\u00fdpis disk\u016f a UUID:<\/p>\n\n\n\n Pomoc\u00ed t\u011bchto n\u00e1stroj\u016f snadno identifikujete nov\u00e9 i star\u00e9 disky, odd\u00edly a jejich UUID, co\u017e se pozd\u011bji bude hodit.<\/p>\n\n\n\n Pokud jste je\u0161t\u011b nevytvo\u0159ili nov\u00e9 odd\u00edly, te\u010f je ten \u010das. Doporu\u010duju pomoc\u00ed Pak p\u0159ich\u00e1z\u00ed \u0161ifrov\u00e1n\u00ed:<\/p>\n\n\n\n N\u00e1sleduje vytvo\u0159en\u00ed LVM struktury:<\/p>\n\n\n\n A nakonec vytvo\u0159en\u00ed filesyst\u00e9m\u016f:<\/p>\n\n\n\n P\u0159ipoj\u00edme nov\u00fd root odd\u00edl a p\u0159iprav\u00edme chroot:<\/p>\n\n\n\n P\u0159\u00edpadn\u011b p\u0159ipojte i Pomoc\u00ed Zkontrolujte a upravte soubory:<\/p>\n\n\n\n Pak chrootn\u011bte do nov\u00e9ho syst\u00e9mu:<\/p>\n\n\n\n A aktualizujte initramfs:<\/p>\n\n\n\n Te\u010f p\u0159ich\u00e1z\u00ed ta z\u00e1bava s EFI:<\/p>\n\n\n\n Nejd\u0159\u00edv ov\u011b\u0159te, \u017ee Pokud chcete ru\u010dn\u011b p\u0159idat boot polo\u017eku p\u0159es EFI:<\/p>\n\n\n\n Odpojte instala\u010dn\u00ed m\u00e9dium a zkuste nabootovat z nov\u00e9ho disku. Pokud m\u00e1te Secure Boot, mo\u017en\u00e1 bude pot\u0159eba ho vypnout v BIOSu.<\/p>\n\n\n\n P\u0159i prvn\u00edm bootu se objev\u00ed v\u00fdzva na zad\u00e1n\u00ed hesla k \u0161ifrov\u00e1n\u00ed. Pokud v\u0161e prob\u011bhne dob\u0159e, nov\u00fd syst\u00e9m nabootuje.<\/p>\n\n\n\n Hotovo? Gratuluju. M\u00e1\u0161 v\u011bt\u0161\u00ed \u0161ifrovan\u00fd disk, p\u0159enesen\u00fd syst\u00e9m, a o p\u00e1r znalost\u00ed v\u00edc v ruk\u00e1vu. \u2615<\/p>\n","protected":false},"excerpt":{"rendered":" Aneb p\u0159\u00edb\u011bh o tom, jak jsem migroval syst\u00e9m na v\u011bt\u0161\u00ed \u0161ifrovan\u00fd disk, zachoval v\u0161echna data, p\u0159epsal si p\u00e1r n\u00e1zv\u016f volume group\u016f a trochu se zapotil s GRUBem. Pokud v\u00e1s podobn\u00e9 dobrodru\u017estv\u00ed \u010dek\u00e1, tenhle \u010dl\u00e1nek v\u00e1s provede cestou krok za krokem.<\/p>\n","protected":false},"author":1,"featured_media":276,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[57,77,61],"tags":[145,140,143,142,20,141,139,144],"class_list":["post-275","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops","category-technologie","category-ui","tag-debian","tag-disk","tag-efi","tag-ext4","tag-linux","tag-lvm","tag-sifrovani","tag-ubuntu"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/josefnemec.cz\/blog\/wp-content\/uploads\/2025\/04\/ChatGPT-Image-26.-4.-2025-20_41_27.png?fit=1024%2C1024&ssl=1","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/posts\/275","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/comments?post=275"}],"version-history":[{"count":1,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/posts\/275\/revisions"}],"predecessor-version":[{"id":277,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/posts\/275\/revisions\/277"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/media\/276"}],"wp:attachment":[{"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/media?parent=275"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/categories?post=275"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/josefnemec.cz\/blog\/wp-json\/wp\/v2\/tags?post=275"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}balenaEtcher<\/code>, Rufus<\/code> nebo dd<\/code>:<\/p>\n\n\n\nsudo dd if=kubuntu.iso of=\/dev\/sdX bs=4M status=progress oflag=sync\n<\/code><\/pre>\n\n\n\n2. P\u0159ipojen\u00ed disk\u016f a kontrola UUID<\/h3>\n\n\n\n
sudo lsblk -o NAME,SIZE,TYPE,MOUNTPOINT\nsudo blkid\n<\/code><\/pre>\n\n\n\n3. Vytvo\u0159en\u00ed nov\u00e9ho \u0161ifrovan\u00e9ho disku<\/h3>\n\n\n\n
gparted<\/code> vytvo\u0159it:<\/p>\n\n\n\n\n
boot, esp<\/code> flags)<\/li>\n\n\n\nsudo cryptsetup luksFormat \/dev\/nvme0n1p3\nsudo cryptsetup open \/dev\/nvme0n1p3 luksroot\n<\/code><\/pre>\n\n\n\nsudo pvcreate \/dev\/mapper\/luksroot\nsudo vgcreate vgnew \/dev\/mapper\/luksroot\nsudo lvcreate -L 64G -n swap vgnew\nsudo lvcreate -l 100%FREE -n root vgnew\n<\/code><\/pre>\n\n\n\nsudo mkfs.ext4 \/dev\/vgnew\/root\nsudo mkswap \/dev\/vgnew\/swap\n<\/code><\/pre>\n\n\n\n4. Mountov\u00e1n\u00ed nov\u00e9ho syst\u00e9mu<\/h3>\n\n\n\n
sudo mount \/dev\/vgnew\/root \/mnt\nsudo mkdir \/mnt\/boot\nsudo mkdir \/mnt\/boot\/efi\nsudo mount \/dev\/nvme0n1p1 \/mnt\/boot\/efi\n<\/code><\/pre>\n\n\n\n\/dev<\/code>, \/sys<\/code>, \/proc<\/code> a dal\u0161\u00ed:<\/p>\n\n\n\nsudo mount --bind \/dev \/mnt\/dev\nsudo mount --bind \/sys \/mnt\/sys\nsudo mount --bind \/proc \/mnt\/proc\n<\/code><\/pre>\n\n\n\n5. P\u0159enos syst\u00e9mu<\/h3>\n\n\n\n
rsync<\/code> p\u0159enesete star\u00fd syst\u00e9m na nov\u00fd disk:<\/p>\n\n\n\nsudo rsync -aAXv \/ \/mnt --exclude={\"\/dev\/*\",\"\/proc\/*\",\"\/sys\/*\",\"\/tmp\/*\",\"\/run\/*\",\"\/mnt\/*\",\"\/media\/*\",\"\/lost+found\"}\n<\/code><\/pre>\n\n\n\n6. Konfigurace: crypttab, fstab, initramfs<\/h3>\n\n\n\n
\n
\/mnt\/etc\/crypttab<\/code>: n\u00e1zev mapper za\u0159\u00edzen\u00ed, nap\u0159. luksroot UUID=xxxx none luks<\/code><\/li>\n\n\n\n\/mnt\/etc\/fstab<\/code>: opravte UUID a n\u00e1zvy volume group, nap\u0159. \/dev\/mapper\/vgnew-root \/ ext4 errors=remount-ro 0 1 \/dev\/nvme0n1p1 \/boot\/efi vfat umask=0077 0 1<\/code><\/li>\n<\/ul>\n\n\n\nsudo chroot \/mnt\n<\/code><\/pre>\n\n\n\nsudo update-initramfs -u\n<\/code><\/pre>\n\n\n\n7. Instalace GRUBu<\/h3>\n\n\n\n
\/boot\/efi<\/code> je p\u0159ipojen spr\u00e1vn\u011b. Pak:<\/p>\n\n\n\nsudo grub-install --target=x86_64-efi --efi-directory=\/boot\/efi --bootloader-id=debian\nsudo update-grub\n<\/code><\/pre>\n\n\n\nsudo efibootmgr --create --disk \/dev\/nvme0n1 --part 1 --label \"debian\" --loader \"\\\\EFI\\\\debian\\\\grubx64.efi\"\n<\/code><\/pre>\n\n\n\n8. Restart a test<\/h3>\n\n\n\n
\n\n\n\nZ\u00e1v\u011bre\u010dn\u00e9 tipy<\/h3>\n\n\n\n
\n
sudo<\/code> u v\u0161ech p\u0159\u00edkaz\u016f<\/strong> \u2013 tohle nen\u00ed m\u00edsto pro p\u0159eklepy.<\/li>\n\n\n\nlsblk<\/code>, blkid<\/code> a porovn\u00e1vejte.<\/li>\n\n\n\nupdate-initramfs -u && update-grub<\/code><\/li>\n\n\n\nsudo vgrename staranazev novynazev<\/code> a pot\u00e9 aktualizace v\u0161ech konfigurac\u00ed.<\/li>\n<\/ul>\n\n\n\n
\n\n\n\n