add reinstall and bootloader
This commit is contained in:
parent
1d901448ca
commit
e992772134
GPG Key ID:
8A3EF0226518C12D
506
elf_os.sh
506
elf_os.sh
@ -4,6 +4,16 @@ SCRIPT_DIR="$(cd "$(dirname "$BASH_SOURCE[0]")" && pwd)"
|
|||||||
|
|
||||||
. "$1"
|
. "$1"
|
||||||
|
|
||||||
|
ROOT_PARTITION_MAP=""
|
||||||
|
ROOT_PARTITION_MAP_NAME=""
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]
|
||||||
|
then
|
||||||
|
ROOT_PARTITION_MAP="/dev/mapper/cryptelfroot"
|
||||||
|
ROOT_PARTITION_MAP_NAME="cryptelfroot"
|
||||||
|
else
|
||||||
|
ROOT_PARTITION_MAP="${ROOT_PARTITION}"
|
||||||
|
fi
|
||||||
|
|
||||||
function run(){
|
function run(){
|
||||||
echo "[ ] $1"
|
echo "[ ] $1"
|
||||||
echo "# $1" >>install.log
|
echo "# $1" >>install.log
|
||||||
@ -32,205 +42,319 @@ function run-chroot(){
|
|||||||
echo >>install.log
|
echo >>install.log
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function preperations() {
|
||||||
|
echo
|
||||||
|
echo === preperations
|
||||||
|
echo
|
||||||
|
|
||||||
|
run "install git" "pacman -Sy --noconfirm git"
|
||||||
|
run "enable ntp" "timedatectl set-ntp true"
|
||||||
|
run "set timezone" "timedatectl set-timezone Europe/Amsterdam"
|
||||||
|
}
|
||||||
|
|
||||||
|
function format_disk() {
|
||||||
|
echo
|
||||||
|
echo === format disk
|
||||||
|
echo
|
||||||
|
|
||||||
|
run "applly partion table" "sfdisk $DISK <$SFDISK_FILE"
|
||||||
|
run "format boot partition" "mkfs.fat -F 32 ${UEFI_PARTITION}"
|
||||||
|
run "format swap partition" "mkswap ${SWAP_PARTITION}"
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]; then
|
||||||
|
echo -n "$PASS" >keyfile.luks
|
||||||
|
run "encrypt root partition" "cryptsetup luksFormat --batch-mode --key-file keyfile.luks ${ROOT_PARTITION}" "rm keyfile.luks"
|
||||||
|
run "map root partitaion" "cryptsetup open --batch-mode --key-file keyfile.luks ${ROOT_PARTITION} ${ROOT_PARTITION_MAP_NAME}" "rm keyfile.luks"
|
||||||
|
rm keyfile.luks
|
||||||
|
run "format root partition" "mkfs.btrfs ${ROOT_PARTITION_MAP}"
|
||||||
|
else
|
||||||
|
run "format root partition" "mkfs.btrfs ${ROOT_PARTITION}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
run "mount root partition" "mount ${ROOT_PARTITION_MAP} /mnt"
|
||||||
|
run "create root btrfs subvolume" "btrfs subvolume create /mnt/@elfRoot_a"
|
||||||
|
run "create root btrfs subvolume" "btrfs subvolume create /mnt/@elfRoot_b"
|
||||||
|
run "create home btrfs subvolume" "btrfs subvolume create /mnt/@home"
|
||||||
|
run "create home btrfs subvolume" "btrfs subvolume create /mnt/@var"
|
||||||
|
run "unmount btrfs" "umount /mnt"
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]; then
|
||||||
|
run "unmap root partitaion" "cryptsetup close ${ROOT_PARTITION_MAP_NAME}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function mount_disk() {
|
||||||
|
subvol="@elfRoot_$1"
|
||||||
|
echo
|
||||||
|
echo === mount disk with subvol $1
|
||||||
|
echo
|
||||||
|
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]; then
|
||||||
|
run "map root partitaion" "cryptsetup open --batch-mode --key-file keyfile.luks ${ROOT_PARTITION} ${ROOT_PARTITION_MAP_NAME}"
|
||||||
|
fi
|
||||||
|
run "mount root subvolume" "mount -o subvol=$subvol ${ROOT_PARTITION_MAP} /mnt"
|
||||||
|
run "mount home subvolume" "mount --mkdir -o subvol=@home ${ROOT_PARTITION_MAP} /mnt/home"
|
||||||
|
run "mount home subvolume" "mount --mkdir -o subvol=@var ${ROOT_PARTITION_MAP} /mnt/var"
|
||||||
|
run "mount boot partition" "mount --mkdir ${UEFI_PARTITION} /mnt/boot"
|
||||||
|
run "enable swap" "swapon ${SWAP_PARTITION}"
|
||||||
|
}
|
||||||
|
|
||||||
|
function umount_disk() {
|
||||||
|
echo
|
||||||
|
echo === mount disk
|
||||||
|
echo
|
||||||
|
|
||||||
|
run "mount root subvolume" "umount -R /mnt"
|
||||||
|
run "unmap root partitaion" "cryptsetup close ${ROOT_PARTITION_MAP_NAME}"
|
||||||
|
run "enable swap" "swapoff ${SWAP_PARTITION}"
|
||||||
|
}
|
||||||
|
|
||||||
|
function install_base() {
|
||||||
|
echo
|
||||||
|
echo === install arch
|
||||||
|
echo
|
||||||
|
|
||||||
|
run "install base of arch" "pacstrap /mnt base linux linux-firmware"
|
||||||
|
run "intall utitlities" "pacstrap /mnt btrfs-progs man vim sudo"
|
||||||
|
run "intall networkmanager" "pacstrap /mnt networkmanager"
|
||||||
|
run "generate fstab" "genfstab -U /mnt >>/mnt/etc/fstab"
|
||||||
|
}
|
||||||
|
|
||||||
|
function set_locals() {
|
||||||
|
echo
|
||||||
|
echo === set locals
|
||||||
|
echo
|
||||||
|
|
||||||
|
run-chroot "set timezone" "ln -sf /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime"
|
||||||
|
run-chroot "set hwclock to UTC" "hwclock --systohc"
|
||||||
|
run-chroot "update locals.gen" "sed --in-place -E -e 's/^#?en_GB.UTF-8/en_GB.UTF-8/' -e 's/^#?en_US.UTF-8/en_US.UTF-8/' /etc/locale.gen"
|
||||||
|
run-chroot "generate locals" "locale-gen"
|
||||||
|
run-chroot "config locals" "echo \"LANG=en_GB.UTF-8\" >/etc/locale.conf"
|
||||||
|
run-chroot "set hostname" "echo \"$HOSTNAME\" >/etc/hostname"
|
||||||
|
run-chroot "create hosts file" "cat >/etc/hosts <<EOF
|
||||||
|
127.0.0.1 localhost
|
||||||
|
::1 localhost
|
||||||
|
127.0.1.1 $HOSTNAME
|
||||||
|
EOF
|
||||||
|
"
|
||||||
|
}
|
||||||
|
|
||||||
|
function install_bootloader() {
|
||||||
|
echo
|
||||||
|
echo === install bootloader
|
||||||
|
echo
|
||||||
|
|
||||||
|
run-chroot "config initramfs" "sed --in-place -e 's/HOOKS=(.*)/HOOKS=(base udev autodetect microcode modconf kms keyboard block encrypt filesystems fsck)/' /etc/mkinitcpio.conf"
|
||||||
|
run-chroot "generate initramfs" "mkinitcpio -P"
|
||||||
|
|
||||||
|
DISKUUID=$(blkid --output export ${ROOT_PARTITION} | grep '^UUID' | sed 's/UUID=//')
|
||||||
|
BOAT_LOADER_OPTIONS_A=""
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]
|
||||||
|
then
|
||||||
|
BOAT_LOADER_OPTIONS_A="cryptdevice=UUID=${DISKUUID}:${ROOT_PARTITION_MAP_NAME}:allow-discards "
|
||||||
|
fi
|
||||||
|
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}root=${ROOT_PARTITION_MAP} "
|
||||||
|
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}rootflags=subvol=@elfRoot_a "
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]
|
||||||
|
then
|
||||||
|
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}rd.luks.options=discard "
|
||||||
|
fi
|
||||||
|
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}rw"
|
||||||
|
BOAT_LOADER_OPTIONS_B="$(echo ${BOAT_LOADER_OPTIONS_A} | sed -e 's/@elfRoot_a/@elfRoot_b/g')"
|
||||||
|
run-chroot "install systemd-boot" "bootctl install"
|
||||||
|
run-chroot "create boot config A" "cat >/boot/loader/entries/elfA.conf <<EOF
|
||||||
|
title E.L.F. OS (A)
|
||||||
|
linux /vmlinuz-linux
|
||||||
|
initrd /initramfs-linux.img
|
||||||
|
options ${BOAT_LOADER_OPTIONS_A}
|
||||||
|
EOF
|
||||||
|
"
|
||||||
|
run-chroot "create boot config B" "cat >/boot/loader/entries/elfB.conf <<EOF
|
||||||
|
title E.L.F. OS (B)
|
||||||
|
linux /vmlinuz-linux
|
||||||
|
initrd /initramfs-linux-fallback.img
|
||||||
|
options ${BOAT_LOADER_OPTIONS_B}
|
||||||
|
EOF
|
||||||
|
"
|
||||||
|
run-chroot "create main boot config" "cat >/boot/loader/loader.conf <<EOF
|
||||||
|
default elfA.conf
|
||||||
|
timeout 4
|
||||||
|
console-mode max
|
||||||
|
editor no
|
||||||
|
EOF
|
||||||
|
"
|
||||||
|
}
|
||||||
|
|
||||||
|
function create_user() {
|
||||||
|
echo
|
||||||
|
echo === setup user
|
||||||
|
echo
|
||||||
|
|
||||||
|
run-chroot "add .ssh dir to skel" "mkdir -p /etc/skel/.ssh"
|
||||||
|
run-chroot "create admin group" "groupadd admin"
|
||||||
|
run-chroot "create user" "useradd --home-dir /home/${USERNAME} --create-home --skel /etc/skel ${USERNAME} --groups admin"
|
||||||
|
arch-chroot /mnt bash -c "echo \"${USERNAME}:${PASS_USER}\" | chpasswd" # don't log the password
|
||||||
|
run-chroot "add user to sudoers" "echo \"%admin ALL=(ALL:ALL) ALL\" >>/etc/sudoers"
|
||||||
|
run "clone keys repo" "git clone https://gitea.finnvanreenen.nl/LailaTheElf/keys.git /mnt/opt/keys"
|
||||||
|
run-chroot "create authoized keys" "cd /opt/keys/ssh && cat ${USER_SSH_KEYS} > /home/${USERNAME}/.ssh/authorized_keys"
|
||||||
|
}
|
||||||
|
|
||||||
|
function miscellaneous() {
|
||||||
|
echo
|
||||||
|
echo === miscellaneous
|
||||||
|
echo
|
||||||
|
|
||||||
|
run "set udev rules" "cp $SCRIPT_DIR/configs/udev/*.rules /mnt/etc/udev.d/rules/"
|
||||||
|
}
|
||||||
|
|
||||||
|
function prepair_firt_boot() {
|
||||||
|
echo
|
||||||
|
echo === prepair first boot
|
||||||
|
echo
|
||||||
|
|
||||||
|
run "copy config files" "cp -r $SCRIPT_DIR/configs /mnt/opt/elfOS_configFiles"
|
||||||
|
run "copy fist boot script" "cp $SCRIPT_DIR/first-boot.sh /mnt/first-boot.sh && chmod 700 /mnt/first-boot.sh"
|
||||||
|
run "make script executable" "cp $SCRIPT_DIR/first-boot.sh /mnt/first-boot.sh"
|
||||||
|
run "create fist boot config" "cat >/mnt/first-boot.env <<EOF
|
||||||
|
USERNAME=$USERNAME
|
||||||
|
HOSTNAME=$HOSTNAME
|
||||||
|
CONFIG_DIR=/opt/elfOS_configFiles
|
||||||
|
LOG_FILE=/var/log/elfOS/first-boot.log
|
||||||
|
EOF
|
||||||
|
"
|
||||||
|
run "set access fist boot script" "chmod 700 /mnt/first-boot.env"
|
||||||
|
run "create first boot service" "cat >/mnt/etc/systemd/system/first_boot.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=first boot install script
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
StandardOutput=journal+console
|
||||||
|
ExecStart=/first-boot.sh
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
"
|
||||||
|
run-chroot "enable first boot service" "systemctl enable first_boot.service"
|
||||||
|
run "make elfOS log dir" "mkdir /mnt/var/log/elfOS && chmod 700 /mnt/var/log/elfOS"
|
||||||
|
run "copy install log to disk" "cp $SCRIPT_DIR/install.log /mnt/var/log/elfOS/install.log && chmod 700 /mnt/var/log/elfOS/install.log"
|
||||||
|
}
|
||||||
|
|
||||||
|
function copy_a_to_b() {
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]; then
|
||||||
|
run "map root partitaion" "cryptsetup open --batch-mode --key-file keyfile.luks ${ROOT_PARTITION} ${ROOT_PARTITION_MAP_NAME}"
|
||||||
|
fi
|
||||||
|
run "mount disk" "mount ${ROOT_PARTITION_MAP} /mnt"
|
||||||
|
run "copy a to b" "cp -R /mnt/@elfRoot_a /mnt/@elfRoot_b"
|
||||||
|
}
|
||||||
|
|
||||||
echo "" >install.log
|
echo "" >install.log
|
||||||
|
|
||||||
if [[ $ENCRYPT_DISK = "true" ]]
|
case $2 in
|
||||||
then
|
install)
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]
|
||||||
|
then
|
||||||
|
echo -n "disk encryption password: "
|
||||||
|
read -s PASS
|
||||||
|
echo
|
||||||
|
echo -n "retype password: "
|
||||||
|
read -s PASSRE
|
||||||
|
echo
|
||||||
|
if [ "$PASS" != "$PASSRE" ]; then
|
||||||
|
echo "password do not match"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo -n "disk encryption password: "
|
echo -n "password for $USERNAME: "
|
||||||
read -s PASS
|
read -s PASS_USER
|
||||||
echo
|
echo
|
||||||
echo -n "retype password: "
|
echo -n "retype password: "
|
||||||
read -s PASSRE
|
read -s PASSRE_USER
|
||||||
echo
|
echo
|
||||||
if [ "$PASS" != "$PASSRE" ]; then
|
|
||||||
echo "password do not match"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
fi
|
if [ "$PASS_USER" != "$PASSRE_USER" ]; then
|
||||||
|
echo "password do not match"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
echo -n "password for $USERNAME: "
|
echo -n "are you sure you want to format ${DISK} (y/N): "
|
||||||
read -s PASS_USER
|
read -s confirm
|
||||||
echo
|
echo
|
||||||
echo -n "retype password: "
|
if [ "$confirm" != "y" ]; then
|
||||||
read -s PASSRE_USER
|
echo "exit"
|
||||||
echo
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "$PASS_USER" != "$PASSRE_USER" ]; then
|
preperations
|
||||||
echo "password do not match"
|
format_disk
|
||||||
exit 2
|
mount_disk a
|
||||||
fi
|
install_base
|
||||||
echo
|
set_locals
|
||||||
|
install_bootloader
|
||||||
|
create_user
|
||||||
|
miscellaneous
|
||||||
|
prepair_firt_boot
|
||||||
|
umount_disk
|
||||||
|
copy_a_to_b
|
||||||
|
;;
|
||||||
|
reinstall_*)
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]; then
|
||||||
|
echo -n "disk encryption password: "
|
||||||
|
read -s PASS
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -n "password for $USERNAME: "
|
||||||
|
read -s PASS_USER
|
||||||
|
echo
|
||||||
|
echo -n "retype password: "
|
||||||
|
read -s PASSRE_USER
|
||||||
|
echo
|
||||||
|
if [ "$PASS_USER" != "$PASSRE_USER" ]; then
|
||||||
|
echo "password do not match"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
echo
|
||||||
|
|
||||||
|
preperations
|
||||||
|
if [[ "$2" = "reinstall_a"]]; then
|
||||||
|
mount_disk a
|
||||||
|
else
|
||||||
|
mount_disk b
|
||||||
|
fi
|
||||||
|
install_base
|
||||||
|
set_locals
|
||||||
|
install_bootloader
|
||||||
|
create_user
|
||||||
|
miscellaneous
|
||||||
|
prepair_firt_boot
|
||||||
|
umount_disk
|
||||||
|
;;
|
||||||
|
bootloader)
|
||||||
|
if [[ $ENCRYPT_DISK = "true" ]]; then
|
||||||
|
echo -n "disk encryption password: "
|
||||||
|
read -s PASS
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
preperations
|
||||||
|
mount_disk a
|
||||||
|
install_bootloader
|
||||||
|
umount_disk
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "$0 <config_file> <action>"
|
||||||
|
echo
|
||||||
|
echo "action:"
|
||||||
|
echo " install: install the full os"
|
||||||
|
echo " reinstall_a: re install os on system A"
|
||||||
|
echo " reinstall_b: re install os on system B"
|
||||||
|
echo " bootloader: re setup the bootloader"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
echo
|
echo
|
||||||
echo === setup localisation
|
echo === reboot
|
||||||
echo
|
echo
|
||||||
|
|
||||||
run "install git" "pacman -Sy --noconfirm git"
|
|
||||||
run "enable ntp" "timedatectl set-ntp true"
|
|
||||||
run "set timezone" "timedatectl set-timezone Europe/Amsterdam"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === setup partitions
|
|
||||||
echo
|
|
||||||
|
|
||||||
run "applly partion table" "sfdisk $DISK <$SFDISK_FILE"
|
|
||||||
run "format boot partition" "mkfs.fat -F 32 ${UEFI_PARTITION}"
|
|
||||||
run "format swap partition" "mkswap ${SWAP_PARTITION}"
|
|
||||||
ROOT_PARTITION_MAP=""
|
|
||||||
if [[ $ENCRYPT_DISK = "true" ]]
|
|
||||||
then
|
|
||||||
ROOT_PARTITION_MAP="/dev/mapper/cryptelfroot"
|
|
||||||
ROOT_PARTITION_MAP_NAME="cryptelfroot"
|
|
||||||
echo -n "$PASS" >keyfile.luks
|
|
||||||
run "encrypt root partition" "cryptsetup luksFormat --batch-mode --key-file keyfile.luks ${ROOT_PARTITION}" "rm keyfile.luks"
|
|
||||||
run "map root partitaion" "cryptsetup open --batch-mode --key-file keyfile.luks ${ROOT_PARTITION} ${ROOT_PARTITION_MAP_NAME}" "rm keyfile.luks"
|
|
||||||
rm keyfile.luks
|
|
||||||
run "format root partition" "mkfs.btrfs ${ROOT_PARTITION_MAP}"
|
|
||||||
else
|
|
||||||
ROOT_PARTITION_MAP="${ROOT_PARTITION}"
|
|
||||||
run "format root partition" "mkfs.btrfs ${ROOT_PARTITION}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
run "mount root partition" "mount ${ROOT_PARTITION_MAP} /mnt"
|
|
||||||
run "create root btrfs subvolume" "btrfs subvolume create /mnt/@elfRoot_a"
|
|
||||||
run "create root btrfs subvolume" "btrfs subvolume create /mnt/@elfRoot_b"
|
|
||||||
run "create home btrfs subvolume" "btrfs subvolume create /mnt/@home"
|
|
||||||
run "create home btrfs subvolume" "btrfs subvolume create /mnt/@var"
|
|
||||||
run "unmount btrfs" "umount /mnt"
|
|
||||||
run "mount root subvolume" "mount -o subvol=@elfRoot_a ${ROOT_PARTITION_MAP} /mnt"
|
|
||||||
run "mount home subvolume" "mount --mkdir -o subvol=@home ${ROOT_PARTITION_MAP} /mnt/home"
|
|
||||||
run "mount home subvolume" "mount --mkdir -o subvol=@var ${ROOT_PARTITION_MAP} /mnt/var"
|
|
||||||
run "mount boot partition" "mount --mkdir ${UEFI_PARTITION} /mnt/boot"
|
|
||||||
run "enable swap" "swapon ${SWAP_PARTITION}"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === install arch
|
|
||||||
echo
|
|
||||||
|
|
||||||
run "install base of arch" "pacstrap /mnt base linux linux-firmware"
|
|
||||||
run "intall utitlities" "pacstrap /mnt btrfs-progs man vim sudo"
|
|
||||||
run "intall networkmanager" "pacstrap /mnt networkmanager"
|
|
||||||
run "generate fstab" "genfstab -U /mnt >>/mnt/etc/fstab"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === set locals
|
|
||||||
echo
|
|
||||||
|
|
||||||
run-chroot "set timezone" "ln -sf /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime"
|
|
||||||
run-chroot "set hwclock to UTC" "hwclock --systohc"
|
|
||||||
run-chroot "update locals.gen" "sed --in-place -E -e 's/^#?en_GB.UTF-8/en_GB.UTF-8/' -e 's/^#?en_US.UTF-8/en_US.UTF-8/' /etc/locale.gen"
|
|
||||||
run-chroot "generate locals" "locale-gen"
|
|
||||||
run-chroot "config locals" "echo \"LANG=en_GB.UTF-8\" >/etc/locale.conf"
|
|
||||||
run-chroot "set hostname" "echo \"$HOSTNAME\" >/etc/hostname"
|
|
||||||
run-chroot "create hosts file" "cat >/etc/hosts <<EOF
|
|
||||||
127.0.0.1 localhost
|
|
||||||
::1 localhost
|
|
||||||
127.0.1.1 $HOSTNAME
|
|
||||||
EOF
|
|
||||||
"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === install bootloader
|
|
||||||
echo
|
|
||||||
|
|
||||||
run-chroot "config initramfs" "sed --in-place -e 's/HOOKS=(.*)/HOOKS=(base udev autodetect microcode modconf kms keyboard block encrypt filesystems fsck)/' /etc/mkinitcpio.conf"
|
|
||||||
run-chroot "generate initramfs" "mkinitcpio -P"
|
|
||||||
|
|
||||||
DISKUUID=$(blkid --output export ${ROOT_PARTITION} | grep '^UUID' | sed 's/UUID=//')
|
|
||||||
BOAT_LOADER_OPTIONS_A=""
|
|
||||||
if [[ $ENCRYPT_DISK = "true" ]]
|
|
||||||
then
|
|
||||||
BOAT_LOADER_OPTIONS_A="cryptdevice=UUID=${DISKUUID}:${ROOT_PARTITION_MAP_NAME}:allow-discards "
|
|
||||||
fi
|
|
||||||
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}root=${ROOT_PARTITION_MAP} "
|
|
||||||
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}rootflags=subvol=@elfRoot_a "
|
|
||||||
BOAT_LOADER_OPTIONS_B="${BOAT_LOADER_OPTIONS_A}rootflags=subvol=@elfRoot_b "
|
|
||||||
if [[ $ENCRYPT_DISK = "true" ]]
|
|
||||||
then
|
|
||||||
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}rd.luks.options=discard "
|
|
||||||
BOAT_LOADER_OPTIONS_B="${BOAT_LOADER_OPTIONS_B}rd.luks.options=discard "
|
|
||||||
fi
|
|
||||||
BOAT_LOADER_OPTIONS_A="${BOAT_LOADER_OPTIONS_A}rw"
|
|
||||||
BOAT_LOADER_OPTIONS_B="${BOAT_LOADER_OPTIONS_B}rw"
|
|
||||||
run-chroot "install systemd-boot" "bootctl install"
|
|
||||||
run-chroot "create boot config A" "cat >/boot/loader/entries/elfA.conf <<EOF
|
|
||||||
title E.L.F. OS (A)
|
|
||||||
linux /vmlinuz-linux
|
|
||||||
initrd /initramfs-linux.img
|
|
||||||
options ${BOAT_LOADER_OPTIONS_A}
|
|
||||||
EOF
|
|
||||||
"
|
|
||||||
run-chroot "create boot config B" "cat >/boot/loader/entries/elfB.conf <<EOF
|
|
||||||
title E.L.F. OS (B)
|
|
||||||
linux /vmlinuz-linux
|
|
||||||
initrd /initramfs-linux-fallback.img
|
|
||||||
options ${BOAT_LOADER_OPTIONS_B}
|
|
||||||
EOF
|
|
||||||
"
|
|
||||||
run-chroot "create main boot config" "cat >/boot/loader/loader.conf <<EOF
|
|
||||||
default elfA.conf
|
|
||||||
timeout 4
|
|
||||||
console-mode max
|
|
||||||
editor no
|
|
||||||
EOF
|
|
||||||
"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === setup user
|
|
||||||
echo
|
|
||||||
|
|
||||||
run-chroot "add .ssh dir to skel" "mkdir -p /etc/skel/.ssh"
|
|
||||||
run-chroot "create admin group" "groupadd admin"
|
|
||||||
run-chroot "create user" "useradd --home-dir /home/${USERNAME} --create-home --skel /etc/skel ${USERNAME} --groups admin"
|
|
||||||
arch-chroot /mnt bash -c "echo \"${USERNAME}:${PASS_USER}\" | chpasswd" # don't log the password
|
|
||||||
run-chroot "add user to sudoers" "echo \"%admin ALL=(ALL:ALL) ALL\" >>/etc/sudoers"
|
|
||||||
run "clone keys repo" "git clone https://gitea.finnvanreenen.nl/LailaTheElf/keys.git /mnt/opt/keys"
|
|
||||||
run-chroot "create authoized keys" "cd /opt/keys/ssh && cat ${USER_SSH_KEYS} > /home/${USERNAME}/.ssh/authorized_keys"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === miscellaneous
|
|
||||||
echo
|
|
||||||
|
|
||||||
run "set udev rules" "cp $SCRIPT_DIR/configs/udev/*.rules /mnt/etc/udev.d/rules/"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === prepair first boot
|
|
||||||
echo
|
|
||||||
|
|
||||||
run "copy config files" "cp -r $SCRIPT_DIR/configs /mnt/opt/elfOS_configFiles"
|
|
||||||
run "copy fist boot script" "cp $SCRIPT_DIR/first-boot.sh /mnt/first-boot.sh && chmod 700 /mnt/first-boot.sh"
|
|
||||||
run "make script executable" "cp $SCRIPT_DIR/first-boot.sh /mnt/first-boot.sh"
|
|
||||||
run "create fist boot config" "cat >/mnt/first-boot.env <<EOF
|
|
||||||
USERNAME=$USERNAME
|
|
||||||
HOSTNAME=$HOSTNAME
|
|
||||||
CONFIG_DIR=/opt/elfOS_configFiles
|
|
||||||
LOG_FILE=/var/log/elfOS/first-boot.log
|
|
||||||
EOF
|
|
||||||
"
|
|
||||||
run "set access fist boot script" "chmod 700 /mnt/first-boot.env"
|
|
||||||
run "create first boot service" "cat >/mnt/etc/systemd/system/first_boot.service <<EOF
|
|
||||||
[Unit]
|
|
||||||
Description=first boot install script
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
StandardOutput=journal+console
|
|
||||||
ExecStart=/first-boot.sh
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
EOF
|
|
||||||
"
|
|
||||||
run-chroot "enable first boot service" "systemctl enable first_boot.service"
|
|
||||||
run "make elfOS log dir" "mkdir /mnt/var/log/elfOS && chmod 700 /mnt/var/log/elfOS"
|
|
||||||
run "copy install log to disk" "cp $SCRIPT_DIR/install.log /mnt/var/log/elfOS/install.log && chmod 700 /mnt/var/log/elfOS/install.log"
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo === umount and reboot
|
|
||||||
echo
|
|
||||||
|
|
||||||
run "umount drives" "umount -R /mnt"
|
|
||||||
run "close cryptelfroot" "cryptsetup close cryptelfroot"
|
|
||||||
run "reboot" "shutdown -r now"
|
run "reboot" "shutdown -r now"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user