Screenshot
- Takes Btrfs snapshots of your live system.
- Extracts the kernel and initramfs from that exact snapshot.
- Build them into a single UKI using efibootguard similar to
objcopy. - Signs the UKI with your Secure Boot keys using
sbsigntools. - Automatically cleans up old snapshots, UKIs and limine entries.
- Builds a Limine boot menu with BLAKE2B hash, similar to limine-entry-tool.
- Support adding snapshot entries for multiple operating systems.
Configure the variables for your system by following the script instructions.
A minimal Linux system using LUKS+Btrfs with limine Bootloader, efibootguard and basic util-linux. And Add a optionally notification sender like fyi.
Currently OpenRC, runit, S6 and systemd can boot read-only snapshots, but Dinit systems may require write access on /etc, so only writable snapshots can boot up.
| Subvolume | Mount Point |
|---|---|
@ |
/ |
@home |
/home |
@.snapshots |
/.snapshots |
@var_cache |
/var/cache |
@var_log |
/var/log |
@var_tmp |
/var/tmp |
@opt |
/opt |
@tmp |
/tmp |
@swap |
/swap |
And ESP should be mounted under /efi.
Run the script with -v or --verbose for verbosity.
atomic-snapper --verboseBoot into one of your snapshots from Limine
Mount the Top Level
mount -o subvolid=5 /dev/mapper/root /mntMoving the Broken Root
mv /mnt/@ /mnt/@_brokenClone one of your latest origin generation Snapshot into the Writable root
btrfs subvolume snapshot /mnt/@.snapshots/@-2077 /mnt/@After restored
umount /mnt
reboot
Once you confirm everything works, you can mount the root and then btrfs subvolume delete /mnt/@_broken.
-
Its fast, portable and minimal, you can run with any service or cron job schedule, or hook into anywhere with zero maintainance.
-
It uses Btrfs immutable ogen for tagging snapshots instead of any xml db, so it never causes duplication and not affected by wrong system time/date.
-
It uses UKI, which makes it easy to Secure Boot and ensures the kernel cmdline is safe from modification from an unencrypted storage.