--- /dev/null
+#!/bin/bash -x
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?"' ERR
+
+# # fai's setup-storage won't do btrfs on luks,
+# # so we do it ourself :)
+skiptask partition
+
+repartition=true
+
+letters=(a)
+
+if ifclass VM; then
+ d=/dev/vd
+ letters=(a b)
+else
+ d=/dev/sd
+fi
+
+
+boot_end=504
+
+! ifclass tp || letters=(a b)
+
+devs=()
+
+# 1.5 x based on https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/sect-disk-partitioning-setup-x86.html#sect-custom-partitioning-x86
+swap_end=$(( $(grep ^MemTotal: /proc/meminfo| awk '{print $2}') * 3/(${#letters[@]} * 2 ) / 1000 + boot_end ))MiB
+
+if $repartition; then
+ mkdir -p /tmp/fai
+ for letter in ${letters[@]}; do
+ dev=$d$letter
+ devs+=($dev)
+ [[ -e $dev[0-9] ]] && for x in $dev[0-9]; do wipefs -a $x; done
+ parted -s $dev mklabel gpt
+ # gpt ubuntu cloud image uses ~4. fai uses 1 MiB. ehh, i'll do 4.
+ parted -s $dev mkpart primary "ext3" 4MB ${boot_end}MiB
+ parted -s $dev set 1 boot on
+ parted -s $dev mkpart primary "linux-swap" ${boot_end}MiB $swap_end
+ parted -s -- $dev mkpart primary "" $swap_end -0
+ parted -s $dev set 3 raid on
+ parted -s $dev mkpart primary "" 1MiB 4MiB
+ parted -s $dev set 4 bios_grub on
+ # the mkfs failed randomly on a vm, so I threw a sleep in here.
+ sleep .1
+ mkfs.ext4 -F ${dev}1
+ done
+ if ((${#devs[@]} > 1)); then
+ crypt=md0
+ yes | mdadm --create /dev/$crypt --level=raid0 --force --run \
+ --raid-devices=${#devs[@]} ${devs[@]/%/3} || [[ $? == 141 ]]
+ else
+ crypt=${dev##/dev/}3
+ fi
+ head -c 2048 /dev/urandom | od > /tmp/fai/crypt_dev_$crypt
+ yes YES | cryptsetup luksFormat /dev/$crypt /tmp/fai/crypt_dev_$crypt \
+ -c aes-cbc-essiv:sha256 -s 256 || [[ $? == 141 ]]
+ yes $(cat /var/lib/fai/config/distro-install-common/luks/traci) | \
+ cryptsetup luksAddKey --key-file \
+ /tmp/fai/crypt_dev_$crypt /dev/$crypt || [[ $? == 141 ]]
+ # this would remove the keyfile. we will do that manually later.
+ # yes 'test' | cryptsetup luksRemoveKey /dev/... \
+ # /key/file || [[ $? == 141 ]]
+ cryptsetup luksOpen /dev/$crypt crypt_dev_$crypt --key-file \
+ /tmp/fai/crypt_dev_$crypt
+ parted ${devs[0]} set 1 boot on
+ mkfs.btrfs -f /dev/mapper/crypt_dev_$crypt
+ mount /dev/mapper/crypt_dev_$crypt /mnt
+ cd /mnt
+ btrfs subvolume create a
+ btrfs subvolume create root
+ btrfs subvolume set-default $(btrfs subvolume list . | grep 'root$' | awk '{print $2}') .
+ cd /
+ umount /mnt
+else
+ /var/lib/fai/config/distro-install-common/reset-btrfs-root
+fi
+
+cat > /tmp/fai/crypttab <<EOF
+crypt_dev_$crypt /dev/$crypt none keyscript=/root/keyscript,discard,luks
+EOF
+
+for dev in ${devs[@]}; do
+ cat >> /tmp/fai/crypttab <<EOF
+swap ${dev}2 /dev/urandom swap,cipher=aes-xts-plain64,size=256,hash=ripemd160
+EOF
+done
+
+# this is duplicated in arch-init
+cat > /tmp/fai/fstab <<EOF
+/dev/mapper/crypt_dev_$crypt / btrfs noatime,subvol=/root 0 0
+/dev/mapper/crypt_dev_$crypt /a btrfs noatime,subvol=/a 0 0
+${devs[0]}1 /boot ext4 noatime 0 2
+EOF
+
+
+cat >/tmp/fai/disk_var.sh <<EOF
+ROOT_PARTITION=\${ROOT_PARTITION:-/dev/mapper/crypt_dev_$crypt}
+BOOT_PARTITION=\${BOOT_PARTITION:-${devs[0]}1}
+BOOT_DEVICE=\${BOOT_DEVICE:-"${devs[0]}"}
+SWAPLIST=\${SWAPLIST:-"${devs[@]/%/2}"}
+EOF
iankelling.org / git / automated-distro-installer / commitdiff