getch 0.0.8 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CHANGELOG.md +44 -0
- data/README.md +57 -8
- data/bin/setup.sh +4 -2
- data/lib/getch.rb +43 -15
- data/lib/getch/command.rb +26 -5
- data/lib/getch/config.rb +58 -0
- data/lib/getch/filesystem.rb +6 -0
- data/lib/getch/filesystem/clean.rb +51 -0
- data/lib/getch/filesystem/device.rb +61 -0
- data/lib/getch/filesystem/ext4.rb +1 -0
- data/lib/getch/filesystem/ext4/config.rb +8 -9
- data/lib/getch/filesystem/ext4/device.rb +2 -7
- data/lib/getch/filesystem/ext4/encrypt/config.rb +69 -47
- data/lib/getch/filesystem/ext4/encrypt/deps.rb +21 -15
- data/lib/getch/filesystem/ext4/encrypt/device.rb +5 -9
- data/lib/getch/filesystem/ext4/encrypt/format.rb +10 -6
- data/lib/getch/filesystem/ext4/encrypt/mount.rb +6 -43
- data/lib/getch/filesystem/ext4/encrypt/partition.rb +57 -55
- data/lib/getch/filesystem/ext4/format.rb +3 -5
- data/lib/getch/filesystem/ext4/mount.rb +7 -46
- data/lib/getch/filesystem/ext4/partition.rb +16 -39
- data/lib/getch/filesystem/lvm.rb +1 -0
- data/lib/getch/filesystem/lvm/config.rb +12 -15
- data/lib/getch/filesystem/lvm/deps.rb +5 -20
- data/lib/getch/filesystem/lvm/device.rb +33 -9
- data/lib/getch/filesystem/lvm/encrypt.rb +15 -0
- data/lib/getch/filesystem/lvm/encrypt/config.rb +71 -0
- data/lib/getch/filesystem/lvm/encrypt/deps.rb +46 -0
- data/lib/getch/filesystem/lvm/encrypt/device.rb +46 -0
- data/lib/getch/filesystem/lvm/encrypt/format.rb +32 -0
- data/lib/getch/filesystem/lvm/encrypt/mount.rb +25 -0
- data/lib/getch/filesystem/lvm/encrypt/partition.rb +80 -0
- data/lib/getch/filesystem/lvm/format.rb +11 -7
- data/lib/getch/filesystem/lvm/mount.rb +7 -46
- data/lib/getch/filesystem/lvm/partition.rb +19 -31
- data/lib/getch/filesystem/mount.rb +56 -0
- data/lib/getch/filesystem/partition.rb +77 -0
- data/lib/getch/filesystem/zfs.rb +14 -0
- data/lib/getch/filesystem/zfs/config.rb +57 -0
- data/lib/getch/filesystem/zfs/deps.rb +95 -0
- data/lib/getch/filesystem/zfs/device.rb +58 -0
- data/lib/getch/filesystem/zfs/encrypt.rb +15 -0
- data/lib/getch/filesystem/zfs/encrypt/config.rb +67 -0
- data/lib/getch/filesystem/zfs/encrypt/deps.rb +97 -0
- data/lib/getch/filesystem/zfs/encrypt/device.rb +60 -0
- data/lib/getch/filesystem/zfs/encrypt/format.rb +105 -0
- data/lib/getch/filesystem/zfs/encrypt/mount.rb +51 -0
- data/lib/getch/filesystem/zfs/encrypt/partition.rb +65 -0
- data/lib/getch/filesystem/zfs/format.rb +114 -0
- data/lib/getch/filesystem/zfs/mount.rb +48 -0
- data/lib/getch/filesystem/zfs/partition.rb +64 -0
- data/lib/getch/gentoo.rb +8 -4
- data/lib/getch/gentoo/boot.rb +32 -17
- data/lib/getch/gentoo/chroot.rb +12 -26
- data/lib/getch/gentoo/config.rb +37 -12
- data/lib/getch/gentoo/sources.rb +26 -29
- data/lib/getch/gentoo/use.rb +43 -0
- data/lib/getch/gentoo/use_flag.rb +64 -0
- data/lib/getch/helpers.rb +35 -13
- data/lib/getch/options.rb +23 -8
- data/lib/getch/version.rb +1 -1
- metadata +46 -18
- metadata.gz.sig +0 -0
@@ -0,0 +1,61 @@
|
|
1
|
+
module Getch
|
2
|
+
module FileSystem
|
3
|
+
class Device
|
4
|
+
def initialize
|
5
|
+
@efi = Helpers::efi?
|
6
|
+
@root_part = 1
|
7
|
+
@user = DEFAULT_OPTIONS[:username]
|
8
|
+
|
9
|
+
@disk = DEFAULT_OPTIONS[:disk]
|
10
|
+
@boot_disk = DEFAULT_OPTIONS[:boot_disk]
|
11
|
+
@cache_disk = DEFAULT_OPTIONS[:cache_disk]
|
12
|
+
@home_disk = DEFAULT_OPTIONS[:home_disk]
|
13
|
+
|
14
|
+
search_boot
|
15
|
+
search_swap
|
16
|
+
search_root
|
17
|
+
search_home
|
18
|
+
end
|
19
|
+
|
20
|
+
private
|
21
|
+
def search_boot
|
22
|
+
if @efi
|
23
|
+
if @boot_disk
|
24
|
+
@dev_esp = "/dev/#{@boot_disk}#{@root_part}"
|
25
|
+
else
|
26
|
+
@dev_esp = "/dev/#{@disk}#{@root_part}"
|
27
|
+
@root_part += 1
|
28
|
+
end
|
29
|
+
else
|
30
|
+
if @boot_disk
|
31
|
+
@dev_gpt = "/dev/#{@boot_disk}#{@root_part}"
|
32
|
+
@dev_grub = "/dev/#{@boot_disk}"
|
33
|
+
else
|
34
|
+
@dev_gpt = "/dev/#{@disk}#{@root_part}"
|
35
|
+
@dev_grub = "/dev/#{@disk}"
|
36
|
+
@root_part += 1
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def search_swap
|
42
|
+
if @cache_disk
|
43
|
+
@dev_swap = "/dev/#{@cache_disk}1"
|
44
|
+
else
|
45
|
+
@dev_swap = "/dev/#{@disk}#{@root_part}"
|
46
|
+
@root_part += 1
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def search_root
|
51
|
+
@dev_root = "/dev/#{@disk}#{@root_part}"
|
52
|
+
end
|
53
|
+
|
54
|
+
def search_home
|
55
|
+
if @home_disk
|
56
|
+
@dev_home = "/dev/#{@home_disk}1"
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
@@ -17,7 +17,7 @@ module Getch
|
|
17
17
|
|
18
18
|
def systemd_boot
|
19
19
|
return if ! Helpers::efi?
|
20
|
-
esp = '/
|
20
|
+
esp = '/efi'
|
21
21
|
dir = "#{@root_dir}/#{esp}/loader/entries/"
|
22
22
|
datas_gentoo = [
|
23
23
|
'title Gentoo Linux',
|
@@ -30,28 +30,27 @@ module Getch
|
|
30
30
|
def grub
|
31
31
|
return if Helpers::efi?
|
32
32
|
file = "#{@root_dir}/etc/default/grub"
|
33
|
-
cmdline = "GRUB_CMDLINE_LINUX=\"resume=#{@
|
33
|
+
cmdline = "GRUB_CMDLINE_LINUX=\"resume=PARTUUID=#{@partuuid_swap} root=PARTUUID=#{@partuuid_root} init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force\"\n"
|
34
34
|
File.write(file, cmdline, mode: 'a')
|
35
35
|
end
|
36
36
|
|
37
37
|
private
|
38
38
|
|
39
39
|
def gen_uuid
|
40
|
-
@partuuid_root =
|
41
|
-
@
|
40
|
+
@partuuid_root = Helpers::partuuid(@dev_root)
|
41
|
+
@partuuid_swap = Helpers::partuuid(@dev_swap)
|
42
42
|
@uuid_root = `lsblk -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
|
43
|
-
@
|
44
|
-
@uuid_boot_efi = `lsblk -o "UUID" #{@dev_boot_efi} | tail -1`.chomp() if @dev_boot_efi
|
43
|
+
@uuid_esp = `lsblk -o "UUID" #{@dev_esp} | tail -1`.chomp() if @dev_esp
|
45
44
|
@uuid_home = `lsblk -o "UUID" #{@dev_home} | tail -1`.chomp() if @dev_home
|
46
45
|
end
|
47
46
|
|
48
47
|
def data_fstab
|
49
|
-
|
50
|
-
swap = @dev_swap ? "
|
48
|
+
esp = @dev_esp ? "UUID=#{@uuid_esp} /efi vfat noauto,noatime 1 2" : ''
|
49
|
+
swap = @dev_swap ? "PARTUUID=#{@partuuid_swap} none swap discard 0 0" : ''
|
51
50
|
root = @dev_root ? "UUID=#{@uuid_root} / ext4 defaults 0 1" : ''
|
52
51
|
home = @dev_home ? "UUID=#{@uuid_home} /home/#{@user} ext4 defaults 0 2" : ''
|
53
52
|
|
54
|
-
[
|
53
|
+
[ esp, swap, root, home ]
|
55
54
|
end
|
56
55
|
end
|
57
56
|
end
|
@@ -1,14 +1,9 @@
|
|
1
1
|
module Getch
|
2
2
|
module FileSystem
|
3
3
|
module Ext4
|
4
|
-
class Device
|
4
|
+
class Device < Getch::FileSystem::Device
|
5
5
|
def initialize
|
6
|
-
|
7
|
-
@user = DEFAULT_OPTIONS[:username]
|
8
|
-
@dev_boot_efi = Helpers::efi? ? "/dev/#{@disk}1" : nil
|
9
|
-
@dev_root = "/dev/#{@disk}2"
|
10
|
-
@dev_swap = "/dev/#{@disk}3"
|
11
|
-
@dev_home = @user ? "/dev/#{@disk}4" : nil
|
6
|
+
super
|
12
7
|
end
|
13
8
|
end
|
14
9
|
end
|
@@ -1,60 +1,82 @@
|
|
1
|
+
require 'fileutils'
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Ext4
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
6
|
+
module Encrypt
|
7
|
+
class Config < Getch::FileSystem::Ext4::Encrypt::Device
|
8
|
+
def initialize
|
9
|
+
super
|
10
|
+
gen_uuid
|
11
|
+
@root_dir = MOUNTPOINT
|
12
|
+
@init = '/usr/lib/systemd/systemd'
|
13
|
+
move_secret_keys
|
14
|
+
crypttab
|
15
|
+
end
|
11
16
|
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
+
def fstab
|
18
|
+
file = "#{@root_dir}/etc/fstab"
|
19
|
+
datas = data_fstab
|
20
|
+
File.write(file, datas.join("\n"))
|
21
|
+
end
|
17
22
|
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
23
|
+
def systemd_boot
|
24
|
+
return if ! Helpers::efi?
|
25
|
+
esp = '/efi'
|
26
|
+
dir = "#{@root_dir}/#{esp}/loader/entries/"
|
27
|
+
datas_gentoo = [
|
28
|
+
'title Gentoo Linux',
|
29
|
+
'linux /vmlinuz',
|
30
|
+
'initrd /initramfs',
|
31
|
+
"options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} keymap=#{DEFAULT_OPTIONS[:keymap]} rw"
|
32
|
+
]
|
33
|
+
File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
|
34
|
+
end
|
29
35
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
end
|
36
|
+
def crypttab
|
37
|
+
home = @home_disk ? "crypthome UUID=#{@uuid_home} /root/secretkeys/crypto_keyfile.bin luks" : ''
|
38
|
+
datas = [
|
39
|
+
"cryptswap PARTUUID=#{@partuuid_swap} /dev/urandom swap,cipher=aes-xts-plain64:sha256,size=512",
|
40
|
+
home
|
41
|
+
]
|
42
|
+
File.write("#{@root_dir}/etc/crypttab", datas.join("\n"))
|
43
|
+
end
|
39
44
|
|
40
|
-
|
45
|
+
def grub
|
46
|
+
return if Helpers::efi?
|
47
|
+
file = "#{@root_dir}/etc/default/grub"
|
48
|
+
cmdline = [
|
49
|
+
"GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{DEFAULT_OPTIONS[:keymap]}\"",
|
50
|
+
"GRUB_ENABLE_CRYPTODISK=y"
|
51
|
+
]
|
52
|
+
File.write(file, cmdline.join("\n"), mode: 'a')
|
53
|
+
end
|
41
54
|
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
55
|
+
private
|
56
|
+
|
57
|
+
def gen_uuid
|
58
|
+
@partuuid_swap = Helpers::partuuid(@dev_swap)
|
59
|
+
@uuid_dev_root = `lsblk -d -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
|
60
|
+
@uuid_esp = Helpers::uuid(@dev_esp) if @dev_esp
|
61
|
+
@uuid_root = `lsblk -d -o "UUID" #{@luks_root} | tail -1`.chomp() if @dev_root
|
62
|
+
@uuid_home = `lsblk -d -o "UUID" #{@dev_home} | tail -1`.chomp() if @luks_home
|
63
|
+
end
|
64
|
+
|
65
|
+
def data_fstab
|
66
|
+
boot_efi = @dev_esp ? "UUID=#{@uuid_esp} /efi vfat noauto,noatime 1 2" : ''
|
67
|
+
swap = @dev_swap ? "#{@luks_swap} none swap discard 0 0 " : ''
|
68
|
+
root = @dev_root ? "UUID=#{@uuid_root} / ext4 defaults 0 1" : ''
|
69
|
+
home = @dev_home ? "#{@luks_home} /home/#{@user} ext4 defaults 0 2" : ''
|
50
70
|
|
51
|
-
|
52
|
-
|
53
|
-
swap = @lv_swap ? "UUID=#{@uuid_swap} none swap discard 0 0" : ''
|
54
|
-
root = @lv_root ? "UUID=#{@uuid_root} / ext4 defaults 0 1" : ''
|
55
|
-
home = @lv_home ? "UUID=#{@uuid_home} /home/#{@user} ext4 defaults 0 2" : ''
|
71
|
+
[ boot_efi, swap, root, home ]
|
72
|
+
end
|
56
73
|
|
57
|
-
|
74
|
+
def move_secret_keys
|
75
|
+
return if ! @luks_home
|
76
|
+
puts "Moving secret keys"
|
77
|
+
keys_path = "#{@root_dir}/root/secretkeys"
|
78
|
+
FileUtils.mv("/root/secretkeys", keys_path) if ! Dir.exist?(keys_path)
|
79
|
+
end
|
58
80
|
end
|
59
81
|
end
|
60
82
|
end
|
@@ -3,32 +3,38 @@ module Getch
|
|
3
3
|
module Ext4
|
4
4
|
module Encrypt
|
5
5
|
class Deps
|
6
|
-
def
|
7
|
-
if Helpers::efi?
|
8
|
-
install_efi
|
9
|
-
else
|
10
|
-
install_bios
|
11
|
-
end
|
6
|
+
def make
|
12
7
|
install_deps
|
8
|
+
genkernel
|
9
|
+
Getch::Make.new("genkernel --kernel-config=/usr/src/linux/.config all").run!
|
13
10
|
end
|
14
11
|
|
15
12
|
private
|
16
|
-
def install_efi
|
17
|
-
end
|
18
13
|
|
19
|
-
def
|
20
|
-
|
14
|
+
def genkernel
|
15
|
+
grub = Helpers::efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
|
16
|
+
datas = [
|
17
|
+
'',
|
18
|
+
grub,
|
19
|
+
'INSTALL="yes"',
|
20
|
+
'MENUCONFIG="no"',
|
21
|
+
'CLEAN="yes"',
|
22
|
+
'KEYMAP="yes"',
|
23
|
+
'SAVE_CONFIG="yes"',
|
24
|
+
'MOUNTBOOT="yes"',
|
25
|
+
'MRPROPER="no"',
|
26
|
+
'LUKS="yes"',
|
27
|
+
]
|
28
|
+
file = "#{MOUNTPOINT}/etc/genkernel.conf"
|
29
|
+
File.write(file, datas.join("\n"), mode: 'a')
|
21
30
|
end
|
22
31
|
|
23
32
|
def install_deps
|
24
|
-
|
25
|
-
Getch::Emerge.new('genkernel cryptsetup lvm2').pkg!
|
26
|
-
exec("genkernel --install --luks --keymap #{DEFAULT_OPTIONS[:keyboard]} --lvm --kernel-config=/usr/src/linux/.config initramfs")
|
27
|
-
exec("systemctl enable lvm2-monitor")
|
33
|
+
Getch::Emerge.new('genkernel').pkg!
|
28
34
|
end
|
29
35
|
|
30
36
|
def exec(cmd)
|
31
|
-
|
37
|
+
Getch::Chroot.new(cmd).run!
|
32
38
|
end
|
33
39
|
end
|
34
40
|
end
|
@@ -2,16 +2,12 @@ module Getch
|
|
2
2
|
module FileSystem
|
3
3
|
module Ext4
|
4
4
|
module Encrypt
|
5
|
-
class Device
|
5
|
+
class Device < Getch::FileSystem::Device
|
6
6
|
def initialize
|
7
|
-
|
8
|
-
@
|
9
|
-
@
|
10
|
-
@
|
11
|
-
@vg = 'vg0'
|
12
|
-
@lv_root = "/dev/mapper/#{@vg}-root"
|
13
|
-
@lv_swap = "/dev/mapper/#{@vg}-swap"
|
14
|
-
@lv_home = @user ? "/dev/mapper/#{@vg}-home" : nil
|
7
|
+
super
|
8
|
+
@luks_root = "/dev/mapper/cryptroot"
|
9
|
+
@luks_home = @home_disk ? "/dev/mapper/crypthome" : nil
|
10
|
+
@luks_swap = "/dev/mapper/cryptswap"
|
15
11
|
end
|
16
12
|
end
|
17
13
|
end
|
@@ -5,20 +5,24 @@ module Getch
|
|
5
5
|
class Format < Getch::FileSystem::Ext4::Encrypt::Device
|
6
6
|
def initialize
|
7
7
|
super
|
8
|
-
@fs = 'ext4'
|
9
8
|
@state = Getch::States.new()
|
10
9
|
format
|
11
10
|
end
|
12
11
|
|
13
12
|
def format
|
14
13
|
return if STATES[:format]
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
system("mkfs.#{@fs} #{@lv_home}") if @lv_home
|
14
|
+
exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
|
15
|
+
exec("mkfs.ext4 -F #{@luks_root}")
|
16
|
+
exec("mkswap -f #{@dev_swap}")
|
17
|
+
exec("mkfs.ext4 -F #{@luks_home}") if @dev_home
|
20
18
|
@state.format
|
21
19
|
end
|
20
|
+
|
21
|
+
private
|
22
|
+
|
23
|
+
def exec(cmd)
|
24
|
+
Getch::Command.new(cmd).run!
|
25
|
+
end
|
22
26
|
end
|
23
27
|
end
|
24
28
|
end
|
@@ -7,54 +7,17 @@ module Getch
|
|
7
7
|
class Mount < Getch::FileSystem::Ext4::Encrypt::Device
|
8
8
|
def initialize
|
9
9
|
super
|
10
|
-
@
|
11
|
-
@boot_dir = "#{@root_dir}/boot"
|
12
|
-
@boot_efi_dir = "#{@root_dir}/boot/efi"
|
13
|
-
@home_dir = @user ? "#{@root_dir}/home/#{@user}" : nil
|
10
|
+
@mount = Getch::FileSystem::Mount.new
|
14
11
|
@state = Getch::States.new()
|
15
12
|
end
|
16
13
|
|
17
14
|
def run
|
18
15
|
return if STATES[:mount]
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
@state.mount
|
25
|
-
end
|
26
|
-
|
27
|
-
private
|
28
|
-
|
29
|
-
def mount_swap
|
30
|
-
return if ! @lv_swap
|
31
|
-
system("swapon #{@lv_swap}")
|
32
|
-
end
|
33
|
-
|
34
|
-
def mount_root
|
35
|
-
return if ! @lv_root
|
36
|
-
Dir.mkdir(@root_dir, 0700) if ! Dir.exist?(@root_dir)
|
37
|
-
system("mount #{@lv_root} #{@root_dir}")
|
38
|
-
end
|
39
|
-
|
40
|
-
def mount_boot_efi
|
41
|
-
return if ! @dev_boot_efi
|
42
|
-
FileUtils.mkdir_p @boot_efi_dir, mode: 0700 if ! Dir.exist?(@boot_efi_dir)
|
43
|
-
system("mount #{@dev_boot_efi} #{@boot_efi_dir}")
|
44
|
-
end
|
45
|
-
|
46
|
-
def mount_boot
|
47
|
-
return if ! @dev_boot
|
48
|
-
FileUtils.mkdir_p @boot_dir, mode: 0700 if ! Dir.exist?(@boot_dir)
|
49
|
-
system("mount #{@dev_boot} #{@boot_dir}")
|
50
|
-
end
|
51
|
-
|
52
|
-
def mount_home
|
53
|
-
return if ! @lv_home
|
54
|
-
if @user != nil then
|
55
|
-
FileUtils.mkdir_p @home_dir, mode: 0700 if ! Dir.exist?(@home_dir)
|
56
|
-
system("mount #{@lv_home} #{@home_dir}")
|
57
|
-
end
|
16
|
+
@mount.swap(@dev_swap)
|
17
|
+
@mount.root(@luks_root)
|
18
|
+
@mount.boot(@dev_boot)
|
19
|
+
@mount.esp(@dev_esp)
|
20
|
+
@mount.home(@luks_home)
|
58
21
|
@state.mount
|
59
22
|
end
|
60
23
|
end
|
@@ -5,85 +5,87 @@ module Getch
|
|
5
5
|
class Partition < Getch::FileSystem::Ext4::Encrypt::Device
|
6
6
|
def initialize
|
7
7
|
super
|
8
|
-
@state = Getch::States.new
|
8
|
+
@state = Getch::States.new
|
9
|
+
@partition = Getch::FileSystem::Partition.new
|
10
|
+
@clean = Getch::FileSystem::Clean
|
11
|
+
@log = Log.new
|
9
12
|
run_partition
|
10
13
|
end
|
11
14
|
|
12
15
|
def run_partition
|
13
16
|
return if STATES[:partition ]
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
17
|
+
@clean.struct(@disk, @cache_disk, @home_disk)
|
18
|
+
@clean.hdd(@disk, @cache_disk, @home_disk)
|
19
|
+
if Helpers::efi?
|
20
|
+
partition_efi
|
21
|
+
encrypt_efi
|
22
|
+
else
|
23
|
+
partition_bios
|
24
|
+
encrypt_bios
|
25
|
+
end
|
20
26
|
@state.partition
|
21
27
|
end
|
22
28
|
|
23
29
|
private
|
24
30
|
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
bloc=`blockdev --getbsz /dev/#{@disk}`.chomp
|
36
|
-
exec("dd if=/dev/urandom of=/dev/#{@disk} bs=#{bloc} status=progress")
|
37
|
-
else
|
38
|
-
return
|
39
|
-
end
|
31
|
+
# Follow https://wiki.archlinux.org/index.php/Partitioning
|
32
|
+
def partition_efi
|
33
|
+
# /efi - EFI system partition - 260MB
|
34
|
+
# swap - Linux Swap - size of the ram
|
35
|
+
# / - Root
|
36
|
+
# /home - Home
|
37
|
+
@partition.efi(@dev_esp)
|
38
|
+
@partition.swap(@dev_swap)
|
39
|
+
@partition.root(@dev_root, "8309")
|
40
|
+
@partition.home(@dev_home, "8309") if @dev_home
|
40
41
|
end
|
41
42
|
|
42
|
-
def
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
43
|
+
def encrypt_efi
|
44
|
+
@log.info("Format root")
|
45
|
+
Helpers::sys("cryptsetup luksFormat #{@dev_root}")
|
46
|
+
@log.debug("Opening root")
|
47
|
+
Helpers::sys("cryptsetup open --type luks #{@dev_root} cryptroot")
|
48
|
+
encrypt_home
|
48
49
|
end
|
49
50
|
|
50
|
-
def
|
51
|
-
|
51
|
+
def encrypt_bios
|
52
|
+
@log.info("Format root for bios")
|
53
|
+
Helpers::sys("cryptsetup luksFormat --type luks1 #{@dev_root}")
|
54
|
+
@log.debug("Opening root")
|
55
|
+
Helpers::sys("cryptsetup open --type luks1 #{@dev_root} cryptroot")
|
56
|
+
encrypt_home
|
52
57
|
end
|
53
58
|
|
54
|
-
def
|
55
|
-
if
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
exec("cryptsetup
|
61
|
-
exec("cryptsetup open --type luks1 /dev/#{@disk}2 crypt-lvm")
|
59
|
+
def encrypt_home
|
60
|
+
if @dev_home then
|
61
|
+
create_secret_keys
|
62
|
+
@log.info("Format home with #{@key_path}")
|
63
|
+
Helpers::sys("cryptsetup luksFormat #{@dev_home} #{@key_path}")
|
64
|
+
@log.debug("Open home with key #{@key_path}")
|
65
|
+
exec("cryptsetup open --type luks -d #{@key_path} #{@dev_home} crypthome")
|
62
66
|
end
|
63
67
|
end
|
64
68
|
|
65
|
-
def
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
exec("
|
69
|
+
def create_secret_keys
|
70
|
+
return if ! @dev_home
|
71
|
+
@log.info("Creating secret keys")
|
72
|
+
keys_dir = "/root/secretkeys"
|
73
|
+
key_name = "crypto_keyfile.bin"
|
74
|
+
@key_path = "#{keys_dir}/#{key_name}"
|
75
|
+
FileUtils.mkdir keys_dir, mode: 0700 if ! Dir.exist?(keys_dir)
|
76
|
+
exec("dd bs=512 count=4 if=/dev/urandom of=#{@key_path}")
|
73
77
|
end
|
74
78
|
|
75
|
-
|
76
|
-
# Partition_efi
|
77
|
-
# /boot/efi - EFI system partition - 260MB
|
78
|
-
# / - Root
|
79
|
-
# swap - Linux Swap - size of the ram
|
80
|
-
# /home - Home
|
81
|
-
|
82
|
-
# Partition_bios
|
79
|
+
def partition_bios
|
83
80
|
# None - Bios Boot Partition - 1MiB
|
84
|
-
# / - Root
|
85
81
|
# swap - Linux Swap - size of the ram
|
82
|
+
# / - Root
|
86
83
|
# /home - Home
|
84
|
+
@partition.gpt(@dev_gpt)
|
85
|
+
@partition.swap(@dev_swap)
|
86
|
+
@partition.root(@dev_root, "8309")
|
87
|
+
@partition.home(@dev_home, "8309") if @dev_home
|
88
|
+
end
|
87
89
|
|
88
90
|
def exec(cmd)
|
89
91
|
Getch::Command.new(cmd).run!
|