+++ /dev/null
-#!/bin/bash -x
-
-set -eE -o pipefail
-trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?"' ERR
-
-# # fai's setup-storage won't do btrfs on luks,
-# # so we do it ourself :)
-skiptask partition
-
-repartition=false
-
-# keyfiles generated like:
-# head -c 2048 /dev/urandom | od | s dd of=/q/root/luks/host-demohost
-luks_dir=/var/lib/fai/config/distro-install-common/luks
-
-letters=(a)
-
-if ifclass VM; then
- d=/dev/vd
- letters=(a b)
-else
- d=/dev/sd
-fi
-devs=()
-for letter in ${letters[@]}; do
- devs+=($d$letter)
-done
-
-
-boot_end=504
-
-! ifclass tp || letters=(a b)
-
-md() { ((${#letters[@]} > 1)); }
-
-if md; then
- # if partition with md0, then reboot into the installer,
- # it becomes md127. So might as well start with 127 for simplicity.
- crypt=md127
-else
- crypt=${d##/dev/}a3
-fi
-
-
-
-# 1.5 x based on https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/sect-disk-partitioning-setup-x86.html#sect-custom-partitioning-x86
-swap_end=$(( $(grep ^MemTotal: /proc/meminfo| awk '{print $2}') * 3/(${#letters[@]} * 2 ) / 1000 + boot_end ))MiB
-
-shopt -s nullglob
-if $repartition; then
- mkdir -p /tmp/fai
- for dev in ${devs[@]}; do
- for x in /dev/md*; do [[ -d $x ]] || mdadm --stop $x; done
- for x in $dev[0-9]; do wipefs -a $x; done
- parted -s $dev mklabel gpt
- # gpt ubuntu cloud image uses ~4. fai uses 1 MiB. ehh, i'll do 4.
- # also, using MB instead of MiB causes complains about alignment.
- parted -s $dev mkpart primary "ext3" 4MB ${boot_end}MiB
- parted -s $dev set 1 boot on
- parted -s $dev mkpart primary "linux-swap" ${boot_end}MiB $swap_end
- parted -s -- $dev mkpart primary "" $swap_end -0
- parted -s $dev set 3 raid on
- parted -s $dev mkpart primary "" 1MiB 4MiB
- parted -s $dev set 4 bios_grub on
- # the mkfs failed randomly on a vm, so I threw a sleep in here.
- sleep .1
- mkfs.ext4 -F ${dev}1
- done
- if md; then
- yes | mdadm --create /dev/$crypt --level=raid0 --force --run \
- --raid-devices=${#devs[@]} ${devs[@]/%/3} || [[ $? == 141 ]]
- fi
-
- yes YES | cryptsetup luksFormat /dev/$crypt $luks_dir/host-$HOSTNAME \
- -c aes-cbc-essiv:sha256 -s 256 || [[ $? == 141 ]]
- yes $(cat $luks_dir/traci) | \
- cryptsetup luksAddKey --key-file \
- $luks_dir/host-$HOSTNAME /dev/$crypt || [[ $? == 141 ]]
- # this would remove the keyfile. we will do that manually later.
- # yes 'test' | cryptsetup luksRemoveKey /dev/... \
- # /key/file || [[ $? == 141 ]]
- cryptsetup luksOpen /dev/$crypt crypt_dev_$crypt --key-file \
- $luks_dir/host-$HOSTNAME
- parted ${devs[0]} set 1 boot on
- mkfs.btrfs -f /dev/mapper/crypt_dev_$crypt
- mount /dev/mapper/crypt_dev_$crypt /mnt
- cd /mnt
- btrfs subvolume create a
- btrfs subvolume create root
- btrfs subvolume set-default $(btrfs subvolume list . | grep 'root$' | awk '{print $2}') .
- cd /
- umount /mnt
-else
- for dev in ${devs[@]}; do
- mkfs.ext4 -F ${dev}1
- done
- yes $(cat $luks_dir/traci) | \
- cryptsetup luksOpen /dev/$crypt crypt_dev_$crypt || [[ $? == 141 ]]
- sleep 1
- mount -o subvolid=0 /dev/mapper/crypt_dev_$crypt /mnt
- # systemd creates subvolumes we want to delete.
- s=($(btrfs subvolume list --sort=-path /mnt |
- sed -rn 's#^.*path\s*(root/\S+)\s*$#\1#p'))
- for subvol in ${s[@]}; do btrfs subvolume delete /mnt/$subvol; done
- btrfs subvolume set-default 0 /mnt
- btrfs subvolume delete /mnt/root
- btrfs subvolume create /mnt/root
- btrfs subvolume set-default $(btrfs subvolume list /mnt | grep 'root$' | awk '{print $2}') /mnt
- umount /mnt
-fi
-
-cat > /tmp/fai/crypttab <<EOF
-crypt_dev_$crypt /dev/$crypt none keyscript=/root/keyscript,discard,luks
-EOF
-
-for dev in ${devs[@]}; do
- cat >> /tmp/fai/crypttab <<EOF
-swap ${dev}2 /dev/urandom swap,cipher=aes-xts-plain64,size=256,hash=ripemd160
-EOF
-done
-
-# this is duplicated in arch-init
-cat > /tmp/fai/fstab <<EOF
-/dev/mapper/crypt_dev_$crypt / btrfs noatime,subvol=/root 0 0
-/dev/mapper/crypt_dev_$crypt /a btrfs noatime,subvol=/a 0 0
-${devs[0]}1 /boot ext4 noatime 0 2
-EOF
-
-
-cat >/tmp/fai/disk_var.sh <<EOF
-ROOT_PARTITION=\${ROOT_PARTITION:-/dev/mapper/crypt_dev_$crypt}
-BOOT_PARTITION=\${BOOT_PARTITION:-${devs[0]}1}
-BOOT_DEVICE=\${BOOT_DEVICE:-"${devs[0]}"}
-SWAPLIST=\${SWAPLIST:-"${devs[@]/%/2}"}
-EOF
iankelling.org / git / automated-distro-installer / blobdiff