updates for t11 and fsf

[automated-distro-installer] / fai / config / hooks / partition.DEFAULT

diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index e953cf19a238381fb3b9c107396e5fe961043667..7990a19918faf90e56760428b54fce9e032f1120 100755 (executable)
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -122,6 +122,11 @@ if [[ $1 ]]; then
   esac
 fi
 
+if [[ ! $SPECIAL_DISK ]] && ! $mkroot2 && ! $mkroot2tab && ! $mktab \
+     && ! ifclass IANK && ! ifclass FSF; then
+  echo $0: error: need class IANK or FSF or SPECIAL_DISK for running in fai
+fi
+
 
 if [[ $SPECIAL_DISK ]]; then
   export CLASS_REPARTITION=true
@@ -289,11 +294,17 @@ $first_boot_dev  /boot  btrfs        nofail,$fstabstd,noatime,subvol=$boot_vol
 $first_efi  /boot/efi  vfat          nofail,$fstabstd  0 0
 $first_boot_dev  /mnt/boot  btrfs    nofail,$fstabstd,noatime,subvolid=0  0 0
 EOF
+    if ! fsf; then
+      cat >> /tmp/fai/fstab <<EOF
+/dev/mapper/crypt-${vgs[0]}-o  /mnt/o  btrfs       nofail,$fstabstd,noatime,subvolid=0$mopts  0 0
+EOF
+    fi
     rm -f /tmp/fai/crypttab
     for vg in ${vgs[@]}; do
       if ! fsf; then
         cat >>/tmp/fai/crypttab <<EOF
 crypt-$vg-root /dev/$vg/root  none  keyscript=/root/keyscript,discard,luks,initramfs
+crypt-$vg-o    /dev/$vg/o     none  keyscript=/root/keyscript,discard,luks,initramfs
 crypt-$vg-swap /dev/$vg/swap  /dev/urandom  swap,cipher=aes-xts-plain64,size=256,hash=ripemd160
 EOF
       fi
@@ -326,9 +337,9 @@ EOF
       # but it is safely ignorable and gets us the ability to just type our password
       # in once at boot. A downside is that they are probably needed to be plugged in to boot.
       cat >>/tmp/fai/crypttab <<EOF
-crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V${even_bigsuf} /dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V${even_bigsuf}  none  keyscript=decrypt_keyctl,discard,luks,initramfs
-crypt_dev_ata-TOSHIBA_MD04ACA500_84R2K773FS9A-part1 /dev/disk/by-id/ata-TOSHIBA_MD04ACA500_84R2K773FS9A-part1  none  keyscript=decrypt_keyctl,discard,luks,initramfs
-crypt_dev_ata-ST6000DM001-1XY17Z_Z4D29EBL-part1 /dev/disk/by-id/ata-ST6000DM001-1XY17Z_Z4D29EBL-part1  none  keyscript=decrypt_keyctl,discard,luks,initramfs
+crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V${even_bigsuf} /dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V${even_bigsuf}  /mnt/root/q/root/luks/iank  discard,luks
+crypt_dev_ata-TOSHIBA_MD04ACA500_84R2K773FS9A-part1 /dev/disk/by-id/ata-TOSHIBA_MD04ACA500_84R2K773FS9A-part1  /mnt/root/q/root/luks/iank  discard,luks
+crypt_dev_ata-ST6000DM001-1XY17Z_Z4D29EBL-part1 /dev/disk/by-id/ata-ST6000DM001-1XY17Z_Z4D29EBL-part1  /mnt/root/q/root/luks/iank  discard,luks
 EOF
       cat >> /tmp/fai/fstab <<EOF
 # r7 = root partition7. it isnt actually #7 anymore, not a great name, but whatever
@@ -358,7 +369,7 @@ doroot2() {
   root2_devs=()
   for vg in ${vgs[@]}; do
     root2_devs+=(/dev/mapper/crypt-$vg-root2)
-      if $mkroot2; then
+    if $mkroot2; then
       luks-setup /dev/$vg/root2 crypt-$vg-root2
     fi
     cat >>/mnt/root/root2-crypttab <<EOF
@@ -382,6 +393,8 @@ EOF
 
 
 ##### begin variable setup
+
+
 partition=false
 if ifclass REPARTITION; then
   partition=true # force a full wipe
@@ -452,24 +465,27 @@ fi
 
 pvn=1
 
+bootn=2
+
 # rootn=1
 # root2n=2
 # swapn=3
 # bootn=4
 # boot2n=5
 
-efin=2
+efin=3
 # ext partition so grub can write persistent variables,
 # so it can do a one time boot. grub can't write to
 # btrfs or any cow fs because it's more
 # more complicated to do and they don't want to.
-grub_extn=3
+grub_extn=4
 # bios boot partition,
 # https://wiki.archlinux.org/index.php/GRUB
-bios_grubn=4
+bios_grubn=5
 # for an even raid (raid 1), when one disk is bigger, this partition goes on the big disk
-even_bign=5
-lastn=$even_bign
+even_bign=6
+# even_bign only exists in some cases
+lastn=$bios_grubn
 # check if the partitions exist have the right filesystems
 #blkid="$(blkid -s TYPE)"
 for dev in ${short_devs[@]}; do
@@ -490,13 +506,18 @@ done
 
 if $partition && ifclass PARTITION_PROMPT; then
   echo "Press any key except ctrl-c to continue and partition these drives:"
-  echo "  ${short_devs[*]}"
+  if [[ $SPECIAL_DISK ]]; then
+    echo $SPECIAL_DISK
+  else
+    echo "  ${short_devs[*]}"
+  fi
   read -r
 fi
 
 devs=()
 vgs=()
 root_devs=()
+o_devs=()
 swap_devs=()
 shopt -s extglob
 partsuffix=-part
@@ -511,28 +532,33 @@ for short_dev in ${short_devs[@]}; do
 
   dname=${dev##*/}
   vg=vg$dname
+  vg=${vg//:/}
   vgs+=("$vg")
   devs+=("$dev")
   if fsf; then
     root_devs+=(/dev/$vg/root)
     swap_devs+=(/dev/$vg/swap)
   else
+    o_devs+=(/dev/mapper/crypt-$vg-o)
     root_devs+=(/dev/mapper/crypt-$vg-root)
     swap_devs+=(/dev/mapper/crypt-$vg-swap)
   fi
 done
 first_root_dev=${root_devs[0]}
-if [[ ! ${devs[0]} ]]; then
+if [[ ! $SPECIAL_DISK && ! ${devs[0]} ]]; then
   echo "$0: error: failed to detect devs" >&2
   exit 1
 fi
 
 
-
 pvsuf=$partsuffix$pvn
+bootsuf=$partsuffix$bootn
 efisuf=$partsuffix$efin
 grub_extsuf=$partsuffix$grub_extn
-bios_grubsuf=$partsuffix$bios_grubn
+# We dont do anything with this partition here, so this
+# is be unused, but left as a comment for completing the pattern
+# of all the suffixes.
+#bios_grubsuf=$partsuffix$bios_grubn
 even_bigsuf=$partsuffix$even_bign
 
 
@@ -542,6 +568,7 @@ boot_devs=()
 boot2_devs=()
 for dev in ${devs[@]}; do
   vg=vg${dev##*/}
+  vg=${vg//:/}
   # I ran into a machine (frodo) where the bios doesn't know about some disks,
   # so 1st stage of grub also doesn't know about them.
   # Also, grub does not support mounting degraded btrfs as far as
@@ -568,7 +595,7 @@ for dev in ${devs[@]}; do
   if $bad_disk; then
     continue
   fi
-  boot_devs+=(/dev/$vg/boot)
+  boot_devs+=($dev$bootsuf)
   boot2_devs+=(/dev/$vg/boot2)
   boot_space=$(( boot_space + $(parted -m $dev unit MiB print | \
                                   sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
@@ -607,7 +634,7 @@ case $raid_level in
   1c3) boot_space=$(( boot_space / 3 )) ;;
 esac
 if fsf; then
-  boot_mib=4000
+  boot_mib=6000
 elif (( boot_space > 900000 )); then
   # this is larger than needed for several /boot subvols,
   # becuase I keep a minimal debian install on it for
@@ -713,16 +740,37 @@ fi
 if $partition; then
   ### begin wipefs
   if [[ ! $SPECIAL_DISK ]]; then
-    for lv in $(lvs --noheadings -o lv_path); do
-      wipefs -a $lv
+
+    # we do lvm removals just for the disks we are using
+    pv_wipes=()
+    vg_wipes=()
+    pv_devs=$(pvs --noheadings -o pvname)
+    for pv_dev in $pv_devs; do
+      pv_disk=${pv_dev%%[0-9]*}
+      for short_dev in ${short_devs[@]}; do
+        if [[ $pv_disk == "$short_dev" ]]; then
+          pv_wipes+=($pv_dev)
+          vgs=$(pvs --noheadings -o vgname $pv_dev)
+          for vg in $vgs; do
+            vg_wipes+=($vg)
+            lvs=$(vgs --noheadings -o lv_path $vg)
+            for lv in $lvs; do
+              wipefs -a $lv
+            done
+          done
+        fi
+      done
     done
-    for vg in $(vgs --noheadings -o vgname); do
+
+    for vg in ${vg_wipes[@]}; do
       vgchange -an $vg
       vgremove -ff $vg
     done
-    for pv in $(pvs --noheadings -o pvname); do
+
+    for pv in ${pv_wipes[@]}; do
       pvremove -ff $pv
     done
+
     for dev in ${devs[@]}; do
       # if we repartition to the same as an old partition,
       # we don't want any old fses hanging around.
@@ -757,11 +805,12 @@ if $partition; then
     fi
   fi
 
+  if [[ $SPECIAL_DISK ]]; then
+    devs=($(devbyid $SPECIAL_DISK))
+  fi
   for dev in ${devs[@]}; do
     vg=vg${dev##*/}
-    if [[ $SPECIAL_DISK ]]; then
-      dev=$(devbyid $SPECIAL_DISK)
-    fi
+    vg=${vg//:/}
 
     # parted will round up the disk size. Do -1 so we can have
     # fully 1MiB unit partitions for easy resizing of the last partition.
@@ -778,27 +827,47 @@ if $partition; then
     # MiB because parted complains about alignment otherwise.
     pcmd="parted -a optimal -s -- $dev"
     # main lvm partition
-    $pcmd mkpart primary ext3 524MiB ${disk_mib}MiB
+
+    pv_end=$(( disk_mib - boot_part_mib ))
+    $pcmd mkpart primary ext3 524MiB ${pv_end}MiB
     $pcmd name $pvn pv
 
-    pvcreate -y $dev$pvsuf
-    vgcreate -y $vg $dev$pvsuf
+    #   + 794 pvcreate -y /dev/disk/by-id/ata-ST4000DM000-1F2168_Z3028BKA-part1
+    # WARNING: Device /dev/sde1 not initialized in udev database even after waiting 10000000 microseconds.
+    # No device found for /dev/disk/by-id/ata-ST4000DM000-1F2168_Z3028BKA-part1.
+    # sleep 10 was not enough.
+    secs=0
+    while [[ ! -e $dev$pvsuf ]] && (( secs < 40 )); do
+      sleep 1
+      secs=$((secs +1))
+    done
+    sleep 3
+    pvcreate -y -ff $dev$pvsuf
+    vgcreate -y -ff $vg $dev$pvsuf
 
     if fsf; then
       root_mib=40000
     else
+      # This would maximize it, but we are going for a separate filesystem in /o,
+      # so use fixed sizes to allow both to grow
       # 600 = uefi 512 + grubext 8 + bios grub 3 + some extra cuz this is lvm
-      root_mib=$(( disk_mib - root2_part_mib - swap_mib - boot_part_mib - boot2_part_mib - 600 ))
+      #root_mib=$(( disk_mib - root2_part_mib - swap_mib - boot_part_mib - boot2_part_mib - 600 ))
+      root_mib=$(( 1000 * 1000 )) # * 1000 to make it in gb.
+      o_mib=$(( 120 * 1000 ))
     fi
 
-    # -L unit default mebibyte
-    lvcreate -y -L $root_mib $vg -n root
-    lvcreate -y -L $swap_mib $vg -n swap
-    # unencrypted swap needs mkswap
-    if fsf; then
-      mkswap /dev/$vg/swap
+    if [[ ! $SPECIAL_DISK ]]; then
+      # -L unit default mebibyte
+      lvcreate -y -L $root_mib $vg -n root
+      if ! fsf; then
+        lvcreate -y -L $o_mib $vg -n o
+      fi
+      lvcreate -y -L $swap_mib $vg -n swap
+      # unencrypted swap needs mkswap
+      if fsf; then
+        mkswap /dev/$vg/swap
+      fi
     fi
-    lvcreate -y -L $boot_part_mib $vg -n boot
 
     if zilap; then
       # todo: now that we are using lvm, this doesnt need to be done until mkroot2
@@ -806,6 +875,10 @@ if $partition; then
       lvcreate -y -L $boot2_part_mib $vg -n boot2
     fi
 
+    $pcmd mkpart primary "" ${pv_end}MiB ${disk_mib}MiB
+    $pcmd name $bootn boot
+    $pcmd set $bootn boot on
+
     # uefi partition, for normal bios systems, its just in case.
     $pcmd mkpart primary "fat32" 12MiB 524MiB
     $pcmd name $efin efi
@@ -844,7 +917,7 @@ if $partition; then
     # but then couldn't be found upon reboot. In that case we didn't
     # wait at all. So I've added a 3 second minimum wait.
     secs=0
-    while [[ ! -e $dev$bios_grubsuf ]] && (( secs < 10 )); do
+    while [[ ! -e $dev$efisuf ]] && (( secs < 40 )); do
       sleep 1
       secs=$((secs +1))
     done
@@ -853,8 +926,8 @@ if $partition; then
     mkfs.fat -F32 $dev$efisuf
 
     if ! fsf && $even_big_part  && [[ $dev == "$even_big_dev" ]]; then
-      luks-setup $even_big_dev ${even_big_dev##*/}
-      mkfs.btrfs -f /dev/mapper/${even_big_dev##*/}
+      luks-setup $even_big_dev$even_bigsuf ${even_big_dev##*/}$even_bigsuf
+      mkfs.btrfs -f /dev/mapper/${even_big_dev##*/}$even_bigsuf
     fi
 
     # Holds just a single file, rarely written, so
@@ -871,6 +944,7 @@ if $partition; then
     # sensitive data.
     if ! fsf; then
       luks-setup /dev/$vg/root crypt-$vg-root
+      luks-setup /dev/$vg/o crypt-$vg-o
     fi
 
     if [[ $SPECIAL_DISK ]]; then
@@ -881,9 +955,12 @@ if $partition; then
   sleep 1
 
   bpart ${root_devs[@]}
+  if ! fsf; then
+    bpart ${o_devs[@]}
+  fi
   bpart ${boot_devs[@]}
 
-else ## above: if $partition ##
+else ## end if $partition ##
 
   if ! fsf; then
     for vg in ${vgs[@]}; do
@@ -893,7 +970,9 @@ else ## above: if $partition ##
       if $rerootfs; then
         luks-setup /dev/$vg/root crypt-$vg-root
       else
-        cryptsetup luksOpen /dev/$vg/root $vg-root \
+        cryptsetup luksOpen /dev/$vg/root crypt-$vg-root \
+                   --key-file $luks_file
+        cryptsetup luksOpen /dev/$vg/o crypt-$vg-o \
                    --key-file $luks_file
       fi
     done
@@ -945,7 +1024,8 @@ btrfs subvolume set-default 0 /mnt # already default, just ensuring it.
 
 # for libreboot systems. grub2 only reads from subvolid=0
 mkdir -p /mnt/grub2
-# todo: this probably needs updating for our lvm transition
+# todo: this would need some rework if we moved boot into
+# lvm.
 cp $FAI/distro-install-common/libreboot_grub.cfg /mnt/grub2
 
 if $wipe && [[ -e /mnt/$boot_vol ]]; then