#!/bin/bash -x
+# Copyright (C) 2016 Ian Kelling
-# see t.org for how to call
-
-set -eE -o pipefail
-trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?"' ERR
-
-cd $(dirname $(readlink -f "$BASH_SOURCE"))
-
-export ROOTPW="$1"
-export hostname="$2"
-mirror=$3
-
-(( $# >= 2 )) || { echo "error: need 2 arguments"; exit 1; }
-
-case $hostname in
- x2)
- export grubdisk=/dev/sda
- ;;
- demohost)
- export grubdisk=/dev/vda
- ;;
- treetowl)
- bootid=64d495ee-c9fe-4174-b20a-6c5e47abcfa1
- export grubdisk=$(blkid|sed -nr "/$bootid/s/^([^0-9]+).*/\1/p")
- ;;
- frodo)
- rootid=e9ce7b46-9a21-4e79-b7f7-0b18acb57587
- export grubdisk=$(blkid|sed -nr "/$rootid/s/(^[^0-9]*).*/\1/p")
- ;;
- *)
- echo "unrecognized hostname: $hostname"
- exit 1
-esac
-
-if [[ -e /root/devbyid ]]; then
- mv /root/devbyid /usr/bin
-fi
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace"
+cd ${x%/*}
+
+export HOSTNAME="$1"
+mirror=$2
+
+(( $# >= 1 )) || { echo "$0: error: need 1 or 2 arguments"; exit 1; }
rm -f /etc/pacman.d/mirrorlist
# https://wiki.archlinux.org/index.php/Mirrors#Sorting_mirrors
curl -s 'https://www.archlinux.org/mirrorlist/?country=US&protocol=https&ip_version=4&ip_version=6&use_mirror_status=on' |
sed -r 's/^[ #]*(Server *=)/\1/' >> /etc/pacman.d/mirrorlist
-# export class vars with CLASS_ in front to avoid name colissions.
-ifclass() {
- local var=${1/#/CLASS_}
- [[ $hostname == $1 || ${!var} ]]
-}
-export -f ifclass
-for x in $(bash 50-host-classes); do
- export CLASS_$x=true
-done
-export CLASS_TWO_DISK=true
+. /a/bin/fai/fai-wrapper
export LUKS_DIR=/root/luks
-export HOSTNAME=$hostname
export DISTRO=arch
-chmod +x partition.DEFAULT
-./partition.DEFAULT
+partition_script=/a/bin/fai/fai/config/hooks/partition.DEFAULT
+chmod +x $partition_script
+
+export PARTITION_PROMPT=true
+
+# to be idempotent if we fail after partitioning
+already_partitioned=true
+mount_out=$(mount)
+for dir in /mnt{,/home,/boot,/a}; do
+ regex=" on $dir "
+ if [[ ! $mount_out =~ $regex ]]; then
+ already_partitioned=false
+ break
+ fi
+done
+
+if ! $already_partitioned; then
+ /a/bin/fai/fai/config/hooks/partition.DEFAULT
+fi
+
+. /tmp/fai/disk_var.sh
+
+
# arch doesn't need crypttab entries for initramfs crypt partititions
export rootn=1
export bootn=3
export swapn=2
-sed -ri '/^crypt_dev/d' /tmp/fai/crypttab
-mount -o subvol=root_$DISTRO /dev/mapper/crypt_dev_?da$rootn /mnt
-mkdir -p /mnt/{q,home}
-mount -o subvol=q /dev/mapper/crypt_dev_?da$rootn /mnt/q
-mount -o subvol=home_$DISTRO /dev/mapper/crypt_dev_?da$rootn /mnt/home
-mkdir -p /mnt/boot
-mount -o subvol=boot_$DISTRO /dev/?da$bootn /mnt/boot
+export BOOT_DEVICE
+export ROOT_PARTITIONS
+sed -ri --follow-symlinks "/^crypt_dev_\S+$rootn /d" /tmp/fai/crypttab
+
+if ! $already_partitioned; then
+ mount -o subvol=root_$DISTRO $ROOT_PARTITION /mnt
+ mkdir -p /mnt/boot
+ mount -o subvol=boot_$DISTRO $BOOT_PARTITION /mnt/boot
+fi
# https://wiki.archlinux.org/index.php/Dm-crypt/Device_encryption#Keyfiles
-cp /root/luks/host-$hostname /mnt/crypto_keyfile.bin
+cp /root/luks/host-$HOSTNAME /mnt/crypto_keyfile.bin
chmod 600 /mnt/crypto_keyfile.bin
-shopt -s extglob
-case $hostname in
- # these hosts are broken, not updated to new fai hyrbrid scripts.
- frodo)
-
- # for this system, no separate /boot, to keep partitions simple,
- # since we want simpler backup recovery.
- mount -U $rootid /mnt
- ;;&
- treetowl)
- mount /dev/mapper/vg_treetowl00-lv02 /mnt
- mount -U $bootid /mnt/boot
- ;;&
- frodo|treetowl)
- rm -rf /mnt/!(a|i|q|f|boot) /mnt/boot/*
- ;;
-esac
-
-
-
if [[ $mirror ]]; then
echo "$0: 404 errors about core.db etc are normal,
they will succeed using the secodary mirror"
fi
pacstrap /mnt base
cp /tmp/fai/{fstab,crypttab} /mnt/etc
-case $hostname in
- frodo)
- # the root .ssh needs to be like this,
- # because it\'s used to get the key to mount an encrypted filesystem
- # on top of itself.
- d=/mnt/q/root/.ssh
- rm -rf $d # for idempotency
- mkdir -p $d
- scp -oStrictHostKeyChecking=no ian@treetowl:/a/c/machine_specific/frodo/subdir_files/.ssh/* $d
- cp .ssh/* $d
- ln -s /q/root/.ssh /mnt/root
- # background: errors=remount-ro is a debian installer thing. seems like
- # not a bad idea. man mount says: The default is set in the filesystem
- # superblock, and can be changed using tune2fs(8)
-
- cat > /mnt/etc/fstab <<'EOF'
-UUID=e9ce7b46-9a21-4e79-b7f7-0b18acb57587 / ext4 noatime,errors=remount-ro 0 1
-UUID=dd67766f-93c5-4ce3-9877-a1d9841dd4a4 none swap sw 0 0
-/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
-/dev/mapper/crypta7 /mnt/btrfs_root btrfs subvolid=0,noatime,noauto 0 2
-/dev/mapper/crypta7 /a btrfs subvol=a,noatime,noauto 0 2
-EOF
- ;;
- *)
- cp -r .ssh /mnt/root
- cp -r /root/distro-install-common /mnt/root
- ;;&
- treetowl)
- echo "UUID=a9e83bb7-d23d-4de6-ba9f-d88b887f7206 /a ext4 noatime 0 2" >> /mnt/etc/fstab
- ;;
-esac
-
-cp /root/arch-init-chroot /mnt/root
+cp /a/bin/fai/encrypt /mnt/usr/lib/initcpio/hooks
+
+cp -r /root/.ssh /mnt/root
+
+bindmount() {
+ local mountpoint=$2
+ local source=$1
+ mkdir -p $mountpoint
+ mount -o bind $source $mountpoint
+}
+bindmount /root/shadow /mnt/q/root/shadow
+bindmount /a /mnt/a
+
+mkdir -p /mnt/etc/ssh
+cp /etc/ssh/ssh_host_* /mnt/etc/ssh
+
+cp /a/bin/fai/arch-init-chroot /mnt/root
# for manual commands, arch-chroot /mnt bash
arch-chroot /mnt /root/arch-init-chroot