"
What I tried as a backup recovery plan is to use a drive that's the same size as the one in the firewall in a usb adapter and have zfs mirror the install partion onto the usb drive.
The usb drive has a clean install of OPNsense with zfs and that's it.
Plug the usb drive into the firewall and do the following
# gpart show
=> 40 2000409184 ada0 GPT (954G)
40 532480 1 efi (260M)
532520 1024 2 freebsd-boot (512K)
533544 984 - free - (492K)
534528 16777216 3 freebsd-swap (8.0G)
17311744 1983096832 4 freebsd-zfs (946G)
2000408576 648 - free - (324K)
=> 40 2000409184 da0 GPT (954G)
40 532480 1 efi (260M)
532520 1024 2 freebsd-boot (512K)
533544 984 - free - (492K)
534528 16777216 3 freebsd-swap (8.0G)
17311744 1983096832 4 freebsd-zfs (946G)
2000408576 648 - free - (324K)
The usb drive is da0 and partition 4 is the clean install of OPNsense.
# gpart delete -i 4 da0
# gpart add -i 4 -a 1m -t freebsd-zfs da0
Then attach the new partition. (had to use -f since it complains that /dev/da0p4 is part of potentially active pool 'zroot' from the clean install,
if the usb drive is from a prior attach then issue # zpool labelclear -f /dev/da0p4)
# zpool attach -f zroot ada0p4 da0p4
Let it resilver then shutdown and unplug the usb drive and power the firewall back up and detach the now missing usb drive.
# zpool detach zroot da0p4
After this verify the usb drive works by booting off of the usb drive in a test system. If you don't have a test system you will need to temporaraly disconnect the drive in the firewall in order to boot off the usb drive.
To clean up the cloned drive in the usb adapter.
# zpool detach zroot ada0p4
Login through the web interface and verify everything looks good.
If the drive in the firewall goes I can boot off the usb drive untill I get around to replacing the failed drive.
If the hardware goes I have a drive in the usb adapter I can use in a new firewall to get back up and running.
...and this works for me, YMMV.
The usb drive has a clean install of OPNsense with zfs and that's it.
Plug the usb drive into the firewall and do the following
# gpart show
=> 40 2000409184 ada0 GPT (954G)
40 532480 1 efi (260M)
532520 1024 2 freebsd-boot (512K)
533544 984 - free - (492K)
534528 16777216 3 freebsd-swap (8.0G)
17311744 1983096832 4 freebsd-zfs (946G)
2000408576 648 - free - (324K)
=> 40 2000409184 da0 GPT (954G)
40 532480 1 efi (260M)
532520 1024 2 freebsd-boot (512K)
533544 984 - free - (492K)
534528 16777216 3 freebsd-swap (8.0G)
17311744 1983096832 4 freebsd-zfs (946G)
2000408576 648 - free - (324K)
The usb drive is da0 and partition 4 is the clean install of OPNsense.
# gpart delete -i 4 da0
# gpart add -i 4 -a 1m -t freebsd-zfs da0
Then attach the new partition. (had to use -f since it complains that /dev/da0p4 is part of potentially active pool 'zroot' from the clean install,
if the usb drive is from a prior attach then issue # zpool labelclear -f /dev/da0p4)
# zpool attach -f zroot ada0p4 da0p4
Let it resilver then shutdown and unplug the usb drive and power the firewall back up and detach the now missing usb drive.
# zpool detach zroot da0p4
After this verify the usb drive works by booting off of the usb drive in a test system. If you don't have a test system you will need to temporaraly disconnect the drive in the firewall in order to boot off the usb drive.
To clean up the cloned drive in the usb adapter.
# zpool detach zroot ada0p4
Login through the web interface and verify everything looks good.
If the drive in the firewall goes I can boot off the usb drive untill I get around to replacing the failed drive.
If the hardware goes I have a drive in the usb adapter I can use in a new firewall to get back up and running.
...and this works for me, YMMV.
