getch 0.0.8 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/CHANGELOG.md +44 -0
  5. data/README.md +57 -8
  6. data/bin/setup.sh +4 -2
  7. data/lib/getch.rb +43 -15
  8. data/lib/getch/command.rb +26 -5
  9. data/lib/getch/config.rb +58 -0
  10. data/lib/getch/filesystem.rb +6 -0
  11. data/lib/getch/filesystem/clean.rb +51 -0
  12. data/lib/getch/filesystem/device.rb +61 -0
  13. data/lib/getch/filesystem/ext4.rb +1 -0
  14. data/lib/getch/filesystem/ext4/config.rb +8 -9
  15. data/lib/getch/filesystem/ext4/device.rb +2 -7
  16. data/lib/getch/filesystem/ext4/encrypt/config.rb +69 -47
  17. data/lib/getch/filesystem/ext4/encrypt/deps.rb +21 -15
  18. data/lib/getch/filesystem/ext4/encrypt/device.rb +5 -9
  19. data/lib/getch/filesystem/ext4/encrypt/format.rb +10 -6
  20. data/lib/getch/filesystem/ext4/encrypt/mount.rb +6 -43
  21. data/lib/getch/filesystem/ext4/encrypt/partition.rb +57 -55
  22. data/lib/getch/filesystem/ext4/format.rb +3 -5
  23. data/lib/getch/filesystem/ext4/mount.rb +7 -46
  24. data/lib/getch/filesystem/ext4/partition.rb +16 -39
  25. data/lib/getch/filesystem/lvm.rb +1 -0
  26. data/lib/getch/filesystem/lvm/config.rb +12 -15
  27. data/lib/getch/filesystem/lvm/deps.rb +5 -20
  28. data/lib/getch/filesystem/lvm/device.rb +33 -9
  29. data/lib/getch/filesystem/lvm/encrypt.rb +15 -0
  30. data/lib/getch/filesystem/lvm/encrypt/config.rb +71 -0
  31. data/lib/getch/filesystem/lvm/encrypt/deps.rb +46 -0
  32. data/lib/getch/filesystem/lvm/encrypt/device.rb +46 -0
  33. data/lib/getch/filesystem/lvm/encrypt/format.rb +32 -0
  34. data/lib/getch/filesystem/lvm/encrypt/mount.rb +25 -0
  35. data/lib/getch/filesystem/lvm/encrypt/partition.rb +80 -0
  36. data/lib/getch/filesystem/lvm/format.rb +11 -7
  37. data/lib/getch/filesystem/lvm/mount.rb +7 -46
  38. data/lib/getch/filesystem/lvm/partition.rb +19 -31
  39. data/lib/getch/filesystem/mount.rb +56 -0
  40. data/lib/getch/filesystem/partition.rb +77 -0
  41. data/lib/getch/filesystem/zfs.rb +14 -0
  42. data/lib/getch/filesystem/zfs/config.rb +57 -0
  43. data/lib/getch/filesystem/zfs/deps.rb +95 -0
  44. data/lib/getch/filesystem/zfs/device.rb +58 -0
  45. data/lib/getch/filesystem/zfs/encrypt.rb +15 -0
  46. data/lib/getch/filesystem/zfs/encrypt/config.rb +67 -0
  47. data/lib/getch/filesystem/zfs/encrypt/deps.rb +97 -0
  48. data/lib/getch/filesystem/zfs/encrypt/device.rb +60 -0
  49. data/lib/getch/filesystem/zfs/encrypt/format.rb +105 -0
  50. data/lib/getch/filesystem/zfs/encrypt/mount.rb +51 -0
  51. data/lib/getch/filesystem/zfs/encrypt/partition.rb +65 -0
  52. data/lib/getch/filesystem/zfs/format.rb +114 -0
  53. data/lib/getch/filesystem/zfs/mount.rb +48 -0
  54. data/lib/getch/filesystem/zfs/partition.rb +64 -0
  55. data/lib/getch/gentoo.rb +8 -4
  56. data/lib/getch/gentoo/boot.rb +32 -17
  57. data/lib/getch/gentoo/chroot.rb +12 -26
  58. data/lib/getch/gentoo/config.rb +37 -12
  59. data/lib/getch/gentoo/sources.rb +26 -29
  60. data/lib/getch/gentoo/use.rb +43 -0
  61. data/lib/getch/gentoo/use_flag.rb +64 -0
  62. data/lib/getch/helpers.rb +35 -13
  63. data/lib/getch/options.rb +23 -8
  64. data/lib/getch/version.rb +1 -1
  65. metadata +46 -18
  66. metadata.gz.sig +0 -0
@@ -0,0 +1,61 @@
1
+ module Getch
2
+ module FileSystem
3
+ class Device
4
+ def initialize
5
+ @efi = Helpers::efi?
6
+ @root_part = 1
7
+ @user = DEFAULT_OPTIONS[:username]
8
+
9
+ @disk = DEFAULT_OPTIONS[:disk]
10
+ @boot_disk = DEFAULT_OPTIONS[:boot_disk]
11
+ @cache_disk = DEFAULT_OPTIONS[:cache_disk]
12
+ @home_disk = DEFAULT_OPTIONS[:home_disk]
13
+
14
+ search_boot
15
+ search_swap
16
+ search_root
17
+ search_home
18
+ end
19
+
20
+ private
21
+ def search_boot
22
+ if @efi
23
+ if @boot_disk
24
+ @dev_esp = "/dev/#{@boot_disk}#{@root_part}"
25
+ else
26
+ @dev_esp = "/dev/#{@disk}#{@root_part}"
27
+ @root_part += 1
28
+ end
29
+ else
30
+ if @boot_disk
31
+ @dev_gpt = "/dev/#{@boot_disk}#{@root_part}"
32
+ @dev_grub = "/dev/#{@boot_disk}"
33
+ else
34
+ @dev_gpt = "/dev/#{@disk}#{@root_part}"
35
+ @dev_grub = "/dev/#{@disk}"
36
+ @root_part += 1
37
+ end
38
+ end
39
+ end
40
+
41
+ def search_swap
42
+ if @cache_disk
43
+ @dev_swap = "/dev/#{@cache_disk}1"
44
+ else
45
+ @dev_swap = "/dev/#{@disk}#{@root_part}"
46
+ @root_part += 1
47
+ end
48
+ end
49
+
50
+ def search_root
51
+ @dev_root = "/dev/#{@disk}#{@root_part}"
52
+ end
53
+
54
+ def search_home
55
+ if @home_disk
56
+ @dev_home = "/dev/#{@home_disk}1"
57
+ end
58
+ end
59
+ end
60
+ end
61
+ end
@@ -11,3 +11,4 @@ require_relative 'ext4/format'
11
11
  require_relative 'ext4/mount'
12
12
  require_relative 'ext4/config'
13
13
  require_relative 'ext4/deps'
14
+ require_relative 'ext4/encrypt'
@@ -17,7 +17,7 @@ module Getch
17
17
 
18
18
  def systemd_boot
19
19
  return if ! Helpers::efi?
20
- esp = '/boot/efi'
20
+ esp = '/efi'
21
21
  dir = "#{@root_dir}/#{esp}/loader/entries/"
22
22
  datas_gentoo = [
23
23
  'title Gentoo Linux',
@@ -30,28 +30,27 @@ module Getch
30
30
  def grub
31
31
  return if Helpers::efi?
32
32
  file = "#{@root_dir}/etc/default/grub"
33
- cmdline = "GRUB_CMDLINE_LINUX=\"resume=#{@dev_swap} init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force\"\n"
33
+ cmdline = "GRUB_CMDLINE_LINUX=\"resume=PARTUUID=#{@partuuid_swap} root=PARTUUID=#{@partuuid_root} init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force\"\n"
34
34
  File.write(file, cmdline, mode: 'a')
35
35
  end
36
36
 
37
37
  private
38
38
 
39
39
  def gen_uuid
40
- @partuuid_root = `lsblk -o "PARTUUID" #{@dev_root} | tail -1`.chomp() if @dev_root
41
- @uuid_swap = `lsblk -o "UUID" #{@dev_swap} | tail -1`.chomp() if @dev_swap
40
+ @partuuid_root = Helpers::partuuid(@dev_root)
41
+ @partuuid_swap = Helpers::partuuid(@dev_swap)
42
42
  @uuid_root = `lsblk -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
43
- @uuid_boot = `lsblk -o "UUID" #{@dev_boot} | tail -1`.chomp() if @dev_boot
44
- @uuid_boot_efi = `lsblk -o "UUID" #{@dev_boot_efi} | tail -1`.chomp() if @dev_boot_efi
43
+ @uuid_esp = `lsblk -o "UUID" #{@dev_esp} | tail -1`.chomp() if @dev_esp
45
44
  @uuid_home = `lsblk -o "UUID" #{@dev_home} | tail -1`.chomp() if @dev_home
46
45
  end
47
46
 
48
47
  def data_fstab
49
- boot_efi = @dev_boot_efi ? "UUID=#{@uuid_boot_efi} /boot/efi vfat noauto,noatime 1 2" : ''
50
- swap = @dev_swap ? "UUID=#{@uuid_swap} none swap discard 0 0" : ''
48
+ esp = @dev_esp ? "UUID=#{@uuid_esp} /efi vfat noauto,noatime 1 2" : ''
49
+ swap = @dev_swap ? "PARTUUID=#{@partuuid_swap} none swap discard 0 0" : ''
51
50
  root = @dev_root ? "UUID=#{@uuid_root} / ext4 defaults 0 1" : ''
52
51
  home = @dev_home ? "UUID=#{@uuid_home} /home/#{@user} ext4 defaults 0 2" : ''
53
52
 
54
- [ boot_efi, swap, root, home ]
53
+ [ esp, swap, root, home ]
55
54
  end
56
55
  end
57
56
  end
@@ -1,14 +1,9 @@
1
1
  module Getch
2
2
  module FileSystem
3
3
  module Ext4
4
- class Device
4
+ class Device < Getch::FileSystem::Device
5
5
  def initialize
6
- @disk = DEFAULT_OPTIONS[:disk]
7
- @user = DEFAULT_OPTIONS[:username]
8
- @dev_boot_efi = Helpers::efi? ? "/dev/#{@disk}1" : nil
9
- @dev_root = "/dev/#{@disk}2"
10
- @dev_swap = "/dev/#{@disk}3"
11
- @dev_home = @user ? "/dev/#{@disk}4" : nil
6
+ super
12
7
  end
13
8
  end
14
9
  end
@@ -1,60 +1,82 @@
1
+ require 'fileutils'
2
+
1
3
  module Getch
2
4
  module FileSystem
3
5
  module Ext4
4
- class Config < Getch::FileSystem::Ext4::Encrypt::Device
5
- def initialize
6
- super
7
- gen_uuid
8
- @root_dir = MOUNTPOINT
9
- @init = '/usr/lib/systemd/systemd'
10
- end
6
+ module Encrypt
7
+ class Config < Getch::FileSystem::Ext4::Encrypt::Device
8
+ def initialize
9
+ super
10
+ gen_uuid
11
+ @root_dir = MOUNTPOINT
12
+ @init = '/usr/lib/systemd/systemd'
13
+ move_secret_keys
14
+ crypttab
15
+ end
11
16
 
12
- def fstab
13
- file = "#{@root_dir}/etc/fstab"
14
- datas = data_fstab
15
- File.write(file, datas.join("\n"))
16
- end
17
+ def fstab
18
+ file = "#{@root_dir}/etc/fstab"
19
+ datas = data_fstab
20
+ File.write(file, datas.join("\n"))
21
+ end
17
22
 
18
- def systemd_boot
19
- return if ! Helpers::efi?
20
- esp = '/boot/efi'
21
- dir = "#{@root_dir}/#{esp}/loader/entries/"
22
- datas_gentoo = [
23
- 'title Gentoo Linux',
24
- 'linux /vmlinuz',
25
- "options crypt_root=UUID=#{uuid_dev_root} root=/dev/mapper/#{@vg}-root init=#{@init} dolvm rw"
26
- ]
27
- File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
28
- end
23
+ def systemd_boot
24
+ return if ! Helpers::efi?
25
+ esp = '/efi'
26
+ dir = "#{@root_dir}/#{esp}/loader/entries/"
27
+ datas_gentoo = [
28
+ 'title Gentoo Linux',
29
+ 'linux /vmlinuz',
30
+ 'initrd /initramfs',
31
+ "options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} keymap=#{DEFAULT_OPTIONS[:keymap]} rw"
32
+ ]
33
+ File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
34
+ end
29
35
 
30
- def grub
31
- return if Helpers::efi?
32
- file = "#{@root_dir}/etc/default/grub"
33
- cmdline = [
34
- "GRUB_CMDLINE_LINUX=\"resume=UUID=#{@uuid_swap} crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/#{@vg}-root init=#{@init} dolvm rw\"",
35
- "GRUB_ENABLE_CRYPTODISK=y"
36
- ]
37
- File.write("#{file}", cmdline.join("\n"), mode: 'a')
38
- end
36
+ def crypttab
37
+ home = @home_disk ? "crypthome UUID=#{@uuid_home} /root/secretkeys/crypto_keyfile.bin luks" : ''
38
+ datas = [
39
+ "cryptswap PARTUUID=#{@partuuid_swap} /dev/urandom swap,cipher=aes-xts-plain64:sha256,size=512",
40
+ home
41
+ ]
42
+ File.write("#{@root_dir}/etc/crypttab", datas.join("\n"))
43
+ end
39
44
 
40
- private
45
+ def grub
46
+ return if Helpers::efi?
47
+ file = "#{@root_dir}/etc/default/grub"
48
+ cmdline = [
49
+ "GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{DEFAULT_OPTIONS[:keymap]}\"",
50
+ "GRUB_ENABLE_CRYPTODISK=y"
51
+ ]
52
+ File.write(file, cmdline.join("\n"), mode: 'a')
53
+ end
41
54
 
42
- def gen_uuid
43
- @uuid_swap = `lsblk -o "UUID" #{@lv_swap} | tail -1`.chomp() if @lv_swap
44
- @uuid_root = `lsblk -o "UUID" #{@lv_root} | tail -1`.chomp() if @lv_root
45
- @uuid_dev_root = `lsblk -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
46
- @uuid_boot = `lsblk -o "UUID" #{@dev_boot} | tail -1`.chomp() if @dev_boot
47
- @uuid_boot_efi = `lsblk -o "UUID" #{@dev_boot_efi} | tail -1`.chomp() if @dev_boot_efi
48
- @uuid_home = `lsblk -o "UUID" #{@lv_home} | tail -1`.chomp() if @lv_home
49
- end
55
+ private
56
+
57
+ def gen_uuid
58
+ @partuuid_swap = Helpers::partuuid(@dev_swap)
59
+ @uuid_dev_root = `lsblk -d -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
60
+ @uuid_esp = Helpers::uuid(@dev_esp) if @dev_esp
61
+ @uuid_root = `lsblk -d -o "UUID" #{@luks_root} | tail -1`.chomp() if @dev_root
62
+ @uuid_home = `lsblk -d -o "UUID" #{@dev_home} | tail -1`.chomp() if @luks_home
63
+ end
64
+
65
+ def data_fstab
66
+ boot_efi = @dev_esp ? "UUID=#{@uuid_esp} /efi vfat noauto,noatime 1 2" : ''
67
+ swap = @dev_swap ? "#{@luks_swap} none swap discard 0 0 " : ''
68
+ root = @dev_root ? "UUID=#{@uuid_root} / ext4 defaults 0 1" : ''
69
+ home = @dev_home ? "#{@luks_home} /home/#{@user} ext4 defaults 0 2" : ''
50
70
 
51
- def data_fstab
52
- boot_efi = @lv_boot_efi ? "UUID=#{@uuid_boot_efi} /boot/efi vfat noauto,noatime 1 2" : ''
53
- swap = @lv_swap ? "UUID=#{@uuid_swap} none swap discard 0 0" : ''
54
- root = @lv_root ? "UUID=#{@uuid_root} / ext4 defaults 0 1" : ''
55
- home = @lv_home ? "UUID=#{@uuid_home} /home/#{@user} ext4 defaults 0 2" : ''
71
+ [ boot_efi, swap, root, home ]
72
+ end
56
73
 
57
- [ boot_efi, swap, root, home ]
74
+ def move_secret_keys
75
+ return if ! @luks_home
76
+ puts "Moving secret keys"
77
+ keys_path = "#{@root_dir}/root/secretkeys"
78
+ FileUtils.mv("/root/secretkeys", keys_path) if ! Dir.exist?(keys_path)
79
+ end
58
80
  end
59
81
  end
60
82
  end
@@ -3,32 +3,38 @@ module Getch
3
3
  module Ext4
4
4
  module Encrypt
5
5
  class Deps
6
- def initialize
7
- if Helpers::efi?
8
- install_efi
9
- else
10
- install_bios
11
- end
6
+ def make
12
7
  install_deps
8
+ genkernel
9
+ Getch::Make.new("genkernel --kernel-config=/usr/src/linux/.config all").run!
13
10
  end
14
11
 
15
12
  private
16
- def install_efi
17
- end
18
13
 
19
- def install_bios
20
- exec("euse -p sys-boot/grub -E device-mapper")
14
+ def genkernel
15
+ grub = Helpers::efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
16
+ datas = [
17
+ '',
18
+ grub,
19
+ 'INSTALL="yes"',
20
+ 'MENUCONFIG="no"',
21
+ 'CLEAN="yes"',
22
+ 'KEYMAP="yes"',
23
+ 'SAVE_CONFIG="yes"',
24
+ 'MOUNTBOOT="yes"',
25
+ 'MRPROPER="no"',
26
+ 'LUKS="yes"',
27
+ ]
28
+ file = "#{MOUNTPOINT}/etc/genkernel.conf"
29
+ File.write(file, datas.join("\n"), mode: 'a')
21
30
  end
22
31
 
23
32
  def install_deps
24
- exec("euse -p sys-apps/systemd -E cryptsetup")
25
- Getch::Emerge.new('genkernel cryptsetup lvm2').pkg!
26
- exec("genkernel --install --luks --keymap #{DEFAULT_OPTIONS[:keyboard]} --lvm --kernel-config=/usr/src/linux/.config initramfs")
27
- exec("systemctl enable lvm2-monitor")
33
+ Getch::Emerge.new('genkernel').pkg!
28
34
  end
29
35
 
30
36
  def exec(cmd)
31
- Helpers::run_chroot(cmd, MOUNTPOINT)
37
+ Getch::Chroot.new(cmd).run!
32
38
  end
33
39
  end
34
40
  end
@@ -2,16 +2,12 @@ module Getch
2
2
  module FileSystem
3
3
  module Ext4
4
4
  module Encrypt
5
- class Device
5
+ class Device < Getch::FileSystem::Device
6
6
  def initialize
7
- @disk = DEFAULT_OPTIONS[:disk]
8
- @user = DEFAULT_OPTIONS[:username]
9
- @dev_boot_efi = Helpers::efi? ? "/dev/#{@disk}1" : nil
10
- @dev_root = "/dev/#{@disk}2"
11
- @vg = 'vg0'
12
- @lv_root = "/dev/mapper/#{@vg}-root"
13
- @lv_swap = "/dev/mapper/#{@vg}-swap"
14
- @lv_home = @user ? "/dev/mapper/#{@vg}-home" : nil
7
+ super
8
+ @luks_root = "/dev/mapper/cryptroot"
9
+ @luks_home = @home_disk ? "/dev/mapper/crypthome" : nil
10
+ @luks_swap = "/dev/mapper/cryptswap"
15
11
  end
16
12
  end
17
13
  end
@@ -5,20 +5,24 @@ module Getch
5
5
  class Format < Getch::FileSystem::Ext4::Encrypt::Device
6
6
  def initialize
7
7
  super
8
- @fs = 'ext4'
9
8
  @state = Getch::States.new()
10
9
  format
11
10
  end
12
11
 
13
12
  def format
14
13
  return if STATES[:format]
15
- puts "Format #{@disk} with #{@fs}"
16
- system("mkfs.fat -F32 #{@dev_boot_efi}") if Helpers::efi?
17
- system("mkswap #{@lv_swap}")
18
- system("mkfs.#{@fs} #{@lv_root}")
19
- system("mkfs.#{@fs} #{@lv_home}") if @lv_home
14
+ exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
15
+ exec("mkfs.ext4 -F #{@luks_root}")
16
+ exec("mkswap -f #{@dev_swap}")
17
+ exec("mkfs.ext4 -F #{@luks_home}") if @dev_home
20
18
  @state.format
21
19
  end
20
+
21
+ private
22
+
23
+ def exec(cmd)
24
+ Getch::Command.new(cmd).run!
25
+ end
22
26
  end
23
27
  end
24
28
  end
@@ -7,54 +7,17 @@ module Getch
7
7
  class Mount < Getch::FileSystem::Ext4::Encrypt::Device
8
8
  def initialize
9
9
  super
10
- @root_dir = MOUNTPOINT
11
- @boot_dir = "#{@root_dir}/boot"
12
- @boot_efi_dir = "#{@root_dir}/boot/efi"
13
- @home_dir = @user ? "#{@root_dir}/home/#{@user}" : nil
10
+ @mount = Getch::FileSystem::Mount.new
14
11
  @state = Getch::States.new()
15
12
  end
16
13
 
17
14
  def run
18
15
  return if STATES[:mount]
19
- mount_swap
20
- mount_root
21
- mount_boot
22
- mount_home
23
- mount_boot_efi
24
- @state.mount
25
- end
26
-
27
- private
28
-
29
- def mount_swap
30
- return if ! @lv_swap
31
- system("swapon #{@lv_swap}")
32
- end
33
-
34
- def mount_root
35
- return if ! @lv_root
36
- Dir.mkdir(@root_dir, 0700) if ! Dir.exist?(@root_dir)
37
- system("mount #{@lv_root} #{@root_dir}")
38
- end
39
-
40
- def mount_boot_efi
41
- return if ! @dev_boot_efi
42
- FileUtils.mkdir_p @boot_efi_dir, mode: 0700 if ! Dir.exist?(@boot_efi_dir)
43
- system("mount #{@dev_boot_efi} #{@boot_efi_dir}")
44
- end
45
-
46
- def mount_boot
47
- return if ! @dev_boot
48
- FileUtils.mkdir_p @boot_dir, mode: 0700 if ! Dir.exist?(@boot_dir)
49
- system("mount #{@dev_boot} #{@boot_dir}")
50
- end
51
-
52
- def mount_home
53
- return if ! @lv_home
54
- if @user != nil then
55
- FileUtils.mkdir_p @home_dir, mode: 0700 if ! Dir.exist?(@home_dir)
56
- system("mount #{@lv_home} #{@home_dir}")
57
- end
16
+ @mount.swap(@dev_swap)
17
+ @mount.root(@luks_root)
18
+ @mount.boot(@dev_boot)
19
+ @mount.esp(@dev_esp)
20
+ @mount.home(@luks_home)
58
21
  @state.mount
59
22
  end
60
23
  end
@@ -5,85 +5,87 @@ module Getch
5
5
  class Partition < Getch::FileSystem::Ext4::Encrypt::Device
6
6
  def initialize
7
7
  super
8
- @state = Getch::States.new()
8
+ @state = Getch::States.new
9
+ @partition = Getch::FileSystem::Partition.new
10
+ @clean = Getch::FileSystem::Clean
11
+ @log = Log.new
9
12
  run_partition
10
13
  end
11
14
 
12
15
  def run_partition
13
16
  return if STATES[:partition ]
14
- clear_struct
15
- cleaning
16
- boot
17
- others
18
- luks
19
- lvm
17
+ @clean.struct(@disk, @cache_disk, @home_disk)
18
+ @clean.hdd(@disk, @cache_disk, @home_disk)
19
+ if Helpers::efi?
20
+ partition_efi
21
+ encrypt_efi
22
+ else
23
+ partition_bios
24
+ encrypt_bios
25
+ end
20
26
  @state.partition
21
27
  end
22
28
 
23
29
  private
24
30
 
25
- def clear_struct
26
- exec("sgdisk -Z /dev/#{@disk}")
27
- exec("wipefs -a /dev/#{@disk}")
28
- end
29
-
30
- def cleaning
31
- puts
32
- print "Cleaning data on #{@disk}, can be long, avoid this on Flash Memory (SSD,USB,...) ? (n,y) "
33
- case gets.chomp
34
- when /^y|^Y/
35
- bloc=`blockdev --getbsz /dev/#{@disk}`.chomp
36
- exec("dd if=/dev/urandom of=/dev/#{@disk} bs=#{bloc} status=progress")
37
- else
38
- return
39
- end
31
+ # Follow https://wiki.archlinux.org/index.php/Partitioning
32
+ def partition_efi
33
+ # /efi - EFI system partition - 260MB
34
+ # swap - Linux Swap - size of the ram
35
+ # / - Root
36
+ # /home - Home
37
+ @partition.efi(@dev_esp)
38
+ @partition.swap(@dev_swap)
39
+ @partition.root(@dev_root, "8309")
40
+ @partition.home(@dev_home, "8309") if @dev_home
40
41
  end
41
42
 
42
- def boot
43
- if Helpers::efi?
44
- exec("sgdisk -n1:1M:+260M -t1:EF00 /dev/#{@disk}}")
45
- else
46
- exec("sgdisk -n1:1MiB:+1MiB -t1:EF02 /dev/#{@disk}")
47
- end
43
+ def encrypt_efi
44
+ @log.info("Format root")
45
+ Helpers::sys("cryptsetup luksFormat #{@dev_root}")
46
+ @log.debug("Opening root")
47
+ Helpers::sys("cryptsetup open --type luks #{@dev_root} cryptroot")
48
+ encrypt_home
48
49
  end
49
50
 
50
- def others
51
- exec("sgdisk -n2:0:+0 -t2:8309 /dev/#{@disk}")
51
+ def encrypt_bios
52
+ @log.info("Format root for bios")
53
+ Helpers::sys("cryptsetup luksFormat --type luks1 #{@dev_root}")
54
+ @log.debug("Opening root")
55
+ Helpers::sys("cryptsetup open --type luks1 #{@dev_root} cryptroot")
56
+ encrypt_home
52
57
  end
53
58
 
54
- def luks
55
- if Helpers::efi?
56
- exec("cryptsetup --use-random luksFormat /dev/#{@disk}2")
57
- exec("cryptsetup open --type luks /dev/#{@disk}2 crypt-lvm")
58
- else
59
- # GRUB do not support LUKS2
60
- exec("cryptsetup --use-random luksFormat --type luks1 /dev/#{@disk}2")
61
- exec("cryptsetup open --type luks1 /dev/#{@disk}2 crypt-lvm")
59
+ def encrypt_home
60
+ if @dev_home then
61
+ create_secret_keys
62
+ @log.info("Format home with #{@key_path}")
63
+ Helpers::sys("cryptsetup luksFormat #{@dev_home} #{@key_path}")
64
+ @log.debug("Open home with key #{@key_path}")
65
+ exec("cryptsetup open --type luks -d #{@key_path} #{@dev_home} crypthome")
62
66
  end
63
67
  end
64
68
 
65
- def lvm
66
- mem=`awk '/MemTotal/ {print $2}' /proc/meminfo`.chomp + 'K'
67
- exec("pvcreate /dev/mapper/crypt-lvm")
68
- exec("vgcreate #{@vg} /dev/mapper/crypt-lvm")
69
- exec("lvcreate -L 15G -n root #{@vg}")
70
- exec("lvcreate -L #{mem} -n swap #{@vg}")
71
- exec("lvcreate -l 100%FREE -n home #{@vg}") if @user
72
- exec("vgchange --available y")
69
+ def create_secret_keys
70
+ return if ! @dev_home
71
+ @log.info("Creating secret keys")
72
+ keys_dir = "/root/secretkeys"
73
+ key_name = "crypto_keyfile.bin"
74
+ @key_path = "#{keys_dir}/#{key_name}"
75
+ FileUtils.mkdir keys_dir, mode: 0700 if ! Dir.exist?(keys_dir)
76
+ exec("dd bs=512 count=4 if=/dev/urandom of=#{@key_path}")
73
77
  end
74
78
 
75
- # Follow https://wiki.archlinux.org/index.php/Partitioning
76
- # Partition_efi
77
- # /boot/efi - EFI system partition - 260MB
78
- # / - Root
79
- # swap - Linux Swap - size of the ram
80
- # /home - Home
81
-
82
- # Partition_bios
79
+ def partition_bios
83
80
  # None - Bios Boot Partition - 1MiB
84
- # / - Root
85
81
  # swap - Linux Swap - size of the ram
82
+ # / - Root
86
83
  # /home - Home
84
+ @partition.gpt(@dev_gpt)
85
+ @partition.swap(@dev_swap)
86
+ @partition.root(@dev_root, "8309")
87
+ @partition.home(@dev_home, "8309") if @dev_home
88
+ end
87
89
 
88
90
  def exec(cmd)
89
91
  Getch::Command.new(cmd).run!