getch 0.1.2 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/README.md +66 -32
- data/assets/network-stack.conf +63 -0
- data/assets/system.conf +38 -0
- data/bin/getch +12 -4
- data/lib/cmdline.rb +128 -0
- data/lib/getch/command.rb +32 -22
- data/lib/getch/config/gentoo.rb +58 -0
- data/lib/getch/config/void.rb +47 -0
- data/lib/getch/config.rb +45 -0
- data/lib/getch/filesystem/clean.rb +22 -15
- data/lib/getch/filesystem/device.rb +8 -6
- data/lib/getch/filesystem/ext4/config.rb +8 -4
- data/lib/getch/filesystem/ext4/deps.rb +3 -1
- data/lib/getch/filesystem/ext4/device.rb +2 -3
- data/lib/getch/filesystem/ext4/encrypt/config.rb +15 -11
- data/lib/getch/filesystem/ext4/encrypt/deps.rb +5 -10
- data/lib/getch/filesystem/ext4/encrypt/device.rb +5 -3
- data/lib/getch/filesystem/ext4/encrypt/format.rb +4 -2
- data/lib/getch/filesystem/ext4/encrypt/mount.rb +3 -3
- data/lib/getch/filesystem/ext4/encrypt/partition.rb +29 -35
- data/lib/getch/filesystem/ext4/encrypt/void.rb +101 -0
- data/lib/getch/filesystem/ext4/encrypt.rb +3 -0
- data/lib/getch/filesystem/ext4/format.rb +4 -1
- data/lib/getch/filesystem/ext4/mount.rb +3 -0
- data/lib/getch/filesystem/ext4/partition.rb +11 -8
- data/lib/getch/filesystem/ext4/void.rb +44 -0
- data/lib/getch/filesystem/ext4.rb +3 -0
- data/lib/getch/filesystem/lvm/config.rb +10 -29
- data/lib/getch/filesystem/lvm/deps.rb +7 -11
- data/lib/getch/filesystem/lvm/device.rb +5 -3
- data/lib/getch/filesystem/lvm/encrypt/config.rb +17 -17
- data/lib/getch/filesystem/lvm/encrypt/deps.rb +8 -12
- data/lib/getch/filesystem/lvm/encrypt/device.rb +7 -5
- data/lib/getch/filesystem/lvm/encrypt/format.rb +5 -2
- data/lib/getch/filesystem/lvm/encrypt/mount.rb +4 -2
- data/lib/getch/filesystem/lvm/encrypt/partition.rb +17 -13
- data/lib/getch/filesystem/lvm/encrypt/void.rb +101 -0
- data/lib/getch/filesystem/lvm/encrypt.rb +3 -0
- data/lib/getch/filesystem/lvm/format.rb +4 -1
- data/lib/getch/filesystem/lvm/mount.rb +3 -0
- data/lib/getch/filesystem/lvm/partition.rb +10 -7
- data/lib/getch/filesystem/lvm/void.rb +46 -0
- data/lib/getch/filesystem/lvm.rb +3 -0
- data/lib/getch/filesystem/mount.rb +19 -12
- data/lib/getch/filesystem/partition.rb +19 -11
- data/lib/getch/filesystem/zfs/config.rb +10 -24
- data/lib/getch/filesystem/zfs/deps.rb +28 -58
- data/lib/getch/filesystem/zfs/device.rb +9 -1
- data/lib/getch/filesystem/zfs/encrypt/config.rb +12 -28
- data/lib/getch/filesystem/zfs/encrypt/deps.rb +29 -60
- data/lib/getch/filesystem/zfs/encrypt/device.rb +9 -1
- data/lib/getch/filesystem/zfs/encrypt/format.rb +24 -22
- data/lib/getch/filesystem/zfs/encrypt/mount.rb +15 -14
- data/lib/getch/filesystem/zfs/encrypt/partition.rb +24 -18
- data/lib/getch/filesystem/zfs/encrypt/void.rb +97 -0
- data/lib/getch/filesystem/zfs/encrypt.rb +3 -0
- data/lib/getch/filesystem/zfs/format.rb +21 -18
- data/lib/getch/filesystem/zfs/mount.rb +12 -13
- data/lib/getch/filesystem/zfs/partition.rb +20 -15
- data/lib/getch/filesystem/zfs/void.rb +81 -0
- data/lib/getch/filesystem/zfs.rb +3 -0
- data/lib/getch/filesystem.rb +2 -0
- data/lib/getch/gentoo/boot.rb +29 -67
- data/lib/getch/gentoo/bootloader.rb +68 -0
- data/lib/getch/gentoo/chroot.rb +26 -29
- data/lib/getch/gentoo/config.rb +69 -31
- data/lib/getch/gentoo/sources.rb +73 -38
- data/lib/getch/gentoo/stage.rb +12 -13
- data/lib/getch/gentoo/use.rb +39 -0
- data/lib/getch/gentoo/use_flag.rb +89 -0
- data/lib/getch/gentoo.rb +39 -21
- data/lib/getch/guard.rb +71 -0
- data/lib/getch/helpers.rb +180 -48
- data/lib/getch/log.rb +10 -7
- data/lib/getch/options.rb +50 -41
- data/lib/getch/states.rb +10 -3
- data/lib/getch/version.rb +1 -1
- data/lib/getch/void/boot.rb +84 -0
- data/lib/getch/void/chroot.rb +56 -0
- data/lib/getch/void/config.rb +90 -0
- data/lib/getch/void/stage.rb +69 -0
- data/lib/getch/void.rb +65 -0
- data/lib/getch.rb +125 -74
- data.tar.gz.sig +0 -0
- metadata +28 -10
- metadata.gz.sig +0 -0
- data/.gitignore +0 -2
- data/CHANGELOG.md +0 -80
- data/Rakefile +0 -21
- data/bin/setup.sh +0 -90
- data/getch.gemspec +0 -25
|
@@ -1,10 +1,12 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Ext4
|
|
4
6
|
class Partition < Getch::FileSystem::Ext4::Device
|
|
5
7
|
def initialize
|
|
6
8
|
super
|
|
7
|
-
@state = Getch::States.new
|
|
9
|
+
@state = Getch::States.new
|
|
8
10
|
@clean = Getch::FileSystem::Clean
|
|
9
11
|
@partition = Getch::FileSystem::Partition.new
|
|
10
12
|
run_partition
|
|
@@ -12,9 +14,10 @@ module Getch
|
|
|
12
14
|
|
|
13
15
|
def run_partition
|
|
14
16
|
return if STATES[:partition ]
|
|
15
|
-
|
|
16
|
-
@clean.hdd(@disk
|
|
17
|
-
|
|
17
|
+
|
|
18
|
+
@clean.hdd(@disk)
|
|
19
|
+
@clean.external_disk(@disk, @boot_disk, @cache_disk, @home_disk)
|
|
20
|
+
if Helpers.efi?
|
|
18
21
|
partition_efi
|
|
19
22
|
else
|
|
20
23
|
partition_bios
|
|
@@ -32,8 +35,8 @@ module Getch
|
|
|
32
35
|
# /home - Home
|
|
33
36
|
@partition.efi(@dev_esp)
|
|
34
37
|
@partition.swap(@dev_swap)
|
|
35
|
-
@partition.root(@dev_root,
|
|
36
|
-
@partition.home(@dev_home,
|
|
38
|
+
@partition.root(@dev_root, '8304')
|
|
39
|
+
@partition.home(@dev_home, '8302') if @dev_home
|
|
37
40
|
end
|
|
38
41
|
|
|
39
42
|
def partition_bios
|
|
@@ -43,8 +46,8 @@ module Getch
|
|
|
43
46
|
# /home - Home
|
|
44
47
|
@partition.gpt(@dev_gpt)
|
|
45
48
|
@partition.swap(@dev_swap)
|
|
46
|
-
@partition.root(@dev_root,
|
|
47
|
-
@partition.home(@dev_home,
|
|
49
|
+
@partition.root(@dev_root, '8304')
|
|
50
|
+
@partition.home(@dev_home, '8302') if @dev_home
|
|
48
51
|
end
|
|
49
52
|
end
|
|
50
53
|
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Getch
|
|
4
|
+
module FileSystem
|
|
5
|
+
module Ext4
|
|
6
|
+
class Void < Device
|
|
7
|
+
include Helpers::Void
|
|
8
|
+
|
|
9
|
+
attr_reader :boot_disk
|
|
10
|
+
|
|
11
|
+
def fstab
|
|
12
|
+
conf = "#{MOUNTPOINT}/etc/fstab"
|
|
13
|
+
File.write(conf, "\n", mode: 'w', chmod: 0644)
|
|
14
|
+
line_fstab(@dev_esp, '/efi vfat noauto,rw,relatime 0 0') if @dev_esp
|
|
15
|
+
line_fstab(@dev_swap, 'swap swap rw,noatime,discard 0 0') if @dev_swap
|
|
16
|
+
line_fstab(@dev_root, '/ ext4 rw,relatime 0 1')
|
|
17
|
+
add_line(conf, 'tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0')
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def config_dracut
|
|
21
|
+
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/ext4.conf"
|
|
22
|
+
# dracut: value+= should be surrounding by white space
|
|
23
|
+
content = [
|
|
24
|
+
"hostonly=\"yes\"",
|
|
25
|
+
"omit_dracutmodules+=\" btrfs lvm \"",
|
|
26
|
+
""
|
|
27
|
+
]
|
|
28
|
+
File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def kernel_cmdline_dracut
|
|
32
|
+
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/cmdline.conf"
|
|
33
|
+
c="kernel_cmdline=\"root=#{@dev_root} rootfstype=ext4 rootflags=rw,relatime\""
|
|
34
|
+
File.write(conf, "#{c}\n", mode: 'w', chmod: 0644)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def finish
|
|
38
|
+
puts '+ Enter in your system: chroot /mnt /bin/bash'
|
|
39
|
+
puts '+ Reboot with: shutdown -r now'
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Ext4
|
|
@@ -11,4 +13,5 @@ require_relative 'ext4/format'
|
|
|
11
13
|
require_relative 'ext4/mount'
|
|
12
14
|
require_relative 'ext4/config'
|
|
13
15
|
require_relative 'ext4/deps'
|
|
16
|
+
require_relative 'ext4/void'
|
|
14
17
|
require_relative 'ext4/encrypt'
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
@@ -5,55 +7,34 @@ module Getch
|
|
|
5
7
|
def initialize
|
|
6
8
|
super
|
|
7
9
|
gen_uuid
|
|
8
|
-
@root_dir = MOUNTPOINT
|
|
9
10
|
@init = '/usr/lib/systemd/systemd'
|
|
10
11
|
end
|
|
11
12
|
|
|
12
13
|
def fstab
|
|
13
|
-
file = "#{
|
|
14
|
+
file = "#{MOUNTPOINT}/etc/fstab"
|
|
14
15
|
datas = data_fstab
|
|
15
16
|
File.write(file, datas.join("\n"))
|
|
16
17
|
end
|
|
17
18
|
|
|
18
|
-
def
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
datas_gentoo = [
|
|
23
|
-
'title Gentoo Linux',
|
|
24
|
-
'linux /vmlinuz',
|
|
25
|
-
'initrd /initramfs',
|
|
26
|
-
"options resume=UUID=#{@uuid_swap} root=UUID=#{@uuid_root} init=#{@init} dolvm rw"
|
|
27
|
-
]
|
|
28
|
-
File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
def grub
|
|
32
|
-
return if @efi
|
|
33
|
-
file = "#{@root_dir}/etc/default/grub"
|
|
34
|
-
cmdline = [
|
|
35
|
-
"GRUB_CMDLINE_LINUX=\"resume=UUID=#{@uuid_swap} root=UUID=#{@uuid_root} init=#{@init} dolvm rw\""
|
|
36
|
-
]
|
|
37
|
-
File.write("#{file}", cmdline.join("\n"), mode: 'a')
|
|
19
|
+
def cmdline
|
|
20
|
+
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/cmdline.conf"
|
|
21
|
+
line = "resume=#{@lv_swap} rd.lvm.vg=#{@vg} init=#{@init}"
|
|
22
|
+
File.write conf, "kernel_cmdline=\"#{line}\"\n"
|
|
38
23
|
end
|
|
39
24
|
|
|
40
25
|
private
|
|
41
26
|
|
|
42
27
|
def gen_uuid
|
|
43
|
-
@uuid_swap = `lsblk -o "UUID" #{@lv_swap} | tail -1`.chomp() if @lv_swap
|
|
44
|
-
@uuid_root = `lsblk -o "UUID" #{@lv_root} | tail -1`.chomp() if @lv_root
|
|
45
|
-
@uuid_dev_root = `lsblk -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
|
|
46
28
|
@uuid_boot = `lsblk -o "UUID" #{@dev_boot} | tail -1`.chomp() if @dev_boot
|
|
47
29
|
@uuid_esp = `lsblk -o "UUID" #{@dev_esp} | tail -1`.chomp() if @dev_esp
|
|
48
|
-
@uuid_home = `lsblk -o "UUID" #{@lv_home} | tail -1`.chomp() if @lv_home
|
|
49
30
|
end
|
|
50
31
|
|
|
51
32
|
def data_fstab
|
|
52
33
|
efi = @dev_esp ? "UUID=#{@uuid_esp} /efi vfat noauto,noatime 1 2" : ''
|
|
53
34
|
boot = @dev_boot ? "UUID=#{@uuid_boot} /boot ext4 noauto,noatime 1 2" : ''
|
|
54
|
-
swap =
|
|
55
|
-
root =
|
|
56
|
-
home = @lv_home ? "
|
|
35
|
+
swap = "#{@lv_swap} none swap discard 0 0"
|
|
36
|
+
root = "#{@lv_root} / ext4 defaults 0 1"
|
|
37
|
+
home = @lv_home ? "#{@lv_home} /home/#{@user} ext4 defaults 0 2" : ''
|
|
57
38
|
|
|
58
39
|
[ efi, boot, swap, root, home ]
|
|
59
40
|
end
|
|
@@ -1,17 +1,19 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
4
6
|
class Deps
|
|
5
7
|
def make
|
|
6
|
-
install_bios unless Helpers
|
|
8
|
+
install_bios unless Helpers.efi?
|
|
7
9
|
install_deps
|
|
8
10
|
options_make
|
|
9
|
-
Getch::Make.new(
|
|
11
|
+
Getch::Make.new('genkernel --kernel-config=/usr/src/linux/.config all').run!
|
|
10
12
|
end
|
|
11
13
|
|
|
12
14
|
private
|
|
13
15
|
def options_make
|
|
14
|
-
grub = Helpers
|
|
16
|
+
grub = Helpers.efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
|
|
15
17
|
datas = [
|
|
16
18
|
'',
|
|
17
19
|
grub,
|
|
@@ -27,16 +29,10 @@ module Getch
|
|
|
27
29
|
File.write(file, datas.join("\n"), mode: 'a')
|
|
28
30
|
end
|
|
29
31
|
|
|
30
|
-
def install_bios
|
|
31
|
-
exec("euse -p sys-boot/grub -E device-mapper")
|
|
32
|
-
end
|
|
33
|
-
|
|
34
32
|
def install_deps
|
|
35
|
-
make_conf = "#{MOUNTPOINT}/etc/portage/make.conf"
|
|
36
|
-
exec("euse -E lvm") if ! Helpers::grep?(make_conf, /lvm/)
|
|
37
|
-
Getch::Emerge.new('genkernel lvm2').pkg!
|
|
38
33
|
Getch::Bask.new('-a lvm').run!
|
|
39
|
-
|
|
34
|
+
Getch::Emerge.new('sys-fs/lvm2 genkernel').pkg!
|
|
35
|
+
exec('systemctl enable lvm2-monitor')
|
|
40
36
|
end
|
|
41
37
|
|
|
42
38
|
def exec(cmd)
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
@@ -5,9 +7,9 @@ module Getch
|
|
|
5
7
|
def initialize
|
|
6
8
|
super
|
|
7
9
|
@vg = 'vg0'
|
|
8
|
-
@lv_root = "/dev
|
|
9
|
-
@lv_swap = "/dev
|
|
10
|
-
@lv_home = @home_disk ? "/dev
|
|
10
|
+
@lv_root = "/dev/#{@vg}/root"
|
|
11
|
+
@lv_swap = "/dev/#{@vg}/swap"
|
|
12
|
+
@lv_home = @home_disk ? "/dev/#{@vg}/home" : nil
|
|
11
13
|
end
|
|
12
14
|
|
|
13
15
|
private
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
@@ -6,26 +8,26 @@ module Getch
|
|
|
6
8
|
def initialize
|
|
7
9
|
super
|
|
8
10
|
gen_uuid
|
|
9
|
-
@root_dir = MOUNTPOINT
|
|
10
11
|
@init = '/usr/lib/systemd/systemd'
|
|
11
12
|
crypttab
|
|
12
13
|
end
|
|
13
14
|
|
|
14
15
|
def fstab
|
|
15
|
-
file = "#{
|
|
16
|
+
file = "#{MOUNTPOINT}/etc/fstab"
|
|
16
17
|
datas = data_fstab
|
|
17
|
-
File.write
|
|
18
|
+
File.write file, datas.join("\n")
|
|
18
19
|
end
|
|
19
20
|
|
|
20
21
|
def systemd_boot
|
|
21
|
-
return
|
|
22
|
+
return unless Helpers.efi?
|
|
23
|
+
|
|
22
24
|
esp = '/efi'
|
|
23
|
-
dir = "#{
|
|
25
|
+
dir = "#{MOUNTPOINT}/#{esp}/loader/entries/"
|
|
24
26
|
datas_gentoo = [
|
|
25
27
|
'title Gentoo Linux',
|
|
26
28
|
'linux /vmlinuz',
|
|
27
29
|
'initrd /initramfs',
|
|
28
|
-
"options crypt_root=UUID=#{@uuid_dev_root} root=#{@lv_root} init=#{@init} keymap=#{
|
|
30
|
+
"options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root real_root=#{@lv_root} init=#{@init} keymap=#{Getch::OPTIONS[:keymap]} dolvm rw"
|
|
29
31
|
]
|
|
30
32
|
File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
|
|
31
33
|
end
|
|
@@ -34,36 +36,34 @@ module Getch
|
|
|
34
36
|
datas = [
|
|
35
37
|
"cryptswap #{@lv_swap} /dev/urandom swap,cipher=aes-xts-plain64:sha256,size=512"
|
|
36
38
|
]
|
|
37
|
-
File.write("#{
|
|
39
|
+
File.write("#{MOUNTPOINT}/etc/crypttab", datas.join("\n"))
|
|
38
40
|
end
|
|
39
41
|
|
|
40
42
|
def grub
|
|
41
|
-
return if Helpers
|
|
42
|
-
|
|
43
|
+
return if Helpers.efi?
|
|
44
|
+
|
|
45
|
+
file = "#{MOUNTPOINT}/etc/default/grub"
|
|
43
46
|
cmdline = [
|
|
44
|
-
"GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=#{@lv_root} init=#{@init} dolvm rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{
|
|
47
|
+
"GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root real_root=#{@lv_root} init=#{@init} dolvm rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{Getch::OPTIONS[:keymap]}\"",
|
|
45
48
|
"GRUB_ENABLE_CRYPTODISK=y"
|
|
46
49
|
]
|
|
47
|
-
File.write(
|
|
50
|
+
File.write(file, cmdline.join("\n"), mode: 'a')
|
|
48
51
|
end
|
|
49
52
|
|
|
50
53
|
private
|
|
51
54
|
|
|
52
55
|
def gen_uuid
|
|
53
|
-
@uuid_swap = `lsblk -o "UUID" #{@lv_swap} | tail -1`.chomp() if @lv_swap
|
|
54
|
-
@uuid_root = `lsblk -d -o "UUID" #{@lv_root} | tail -1`.chomp() if @lv_root
|
|
55
56
|
@uuid_dev_root = `lsblk -d -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
|
|
56
57
|
@uuid_boot = `lsblk -o "UUID" #{@dev_boot} | tail -1`.chomp() if @dev_boot
|
|
57
58
|
@uuid_esp = `lsblk -o "UUID" #{@dev_esp} | tail -1`.chomp() if @dev_esp
|
|
58
|
-
@uuid_home = `lsblk -o "UUID" #{@lv_home} | tail -1`.chomp() if @lv_home
|
|
59
59
|
end
|
|
60
60
|
|
|
61
61
|
def data_fstab
|
|
62
62
|
boot_efi = @dev_esp ? "UUID=#{@uuid_esp} /efi vfat noauto,noatime 1 2" : ''
|
|
63
63
|
boot = @dev_boot ? "UUID=#{@uuid_boot} /boot ext4 noauto,noatime 1 2" : ''
|
|
64
|
-
swap =
|
|
65
|
-
root =
|
|
66
|
-
home = @lv_home ? "
|
|
64
|
+
swap = "/dev/mapper/cryptswap none swap discard 0 0"
|
|
65
|
+
root = "#{@lv_root} / ext4 defaults 0 1"
|
|
66
|
+
home = @lv_home ? "#{@lv_home} /home/#{@user} ext4 defaults 0 2" : ''
|
|
67
67
|
|
|
68
68
|
[ boot_efi, boot, swap, root, home ]
|
|
69
69
|
end
|
|
@@ -1,18 +1,20 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
4
6
|
module Encrypt
|
|
5
7
|
class Deps
|
|
6
8
|
def make
|
|
7
|
-
install_bios unless Helpers::efi?
|
|
8
9
|
install_deps
|
|
9
10
|
options_make
|
|
10
|
-
Getch::Make.new(
|
|
11
|
+
Getch::Make.new('genkernel --kernel-config=/usr/src/linux/.config all').run!
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
private
|
|
15
|
+
|
|
14
16
|
def options_make
|
|
15
|
-
grub = Helpers
|
|
17
|
+
grub = Helpers.efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
|
|
16
18
|
datas = [
|
|
17
19
|
'',
|
|
18
20
|
grub,
|
|
@@ -30,17 +32,11 @@ module Getch
|
|
|
30
32
|
File.write(file, datas.join("\n"), mode: 'a')
|
|
31
33
|
end
|
|
32
34
|
|
|
33
|
-
def install_bios
|
|
34
|
-
exec("euse -p sys-boot/grub -E device-mapper")
|
|
35
|
-
end
|
|
36
|
-
|
|
37
35
|
def install_deps
|
|
38
|
-
|
|
39
|
-
exec("euse -E lvm") if ! Helpers::grep?(make_conf, /lvm/)
|
|
40
|
-
exec("euse -E cryptsetup") if ! Helpers::grep?(make_conf, /cryptsetup/)
|
|
41
|
-
Getch::Emerge.new('genkernel systemd sys-fs/cryptsetup lvm2').pkg!
|
|
36
|
+
# lvm2, cryptsetup alrealy installed
|
|
42
37
|
Getch::Bask.new('-a lvm').run!
|
|
43
|
-
|
|
38
|
+
Getch::Emerge.new('genkernel').pkg!
|
|
39
|
+
exec('systemctl enable lvm2-monitor')
|
|
44
40
|
end
|
|
45
41
|
|
|
46
42
|
def exec(cmd)
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
@@ -6,11 +8,11 @@ module Getch
|
|
|
6
8
|
def initialize
|
|
7
9
|
super
|
|
8
10
|
@vg = 'vg0'
|
|
9
|
-
@lv_root = "/dev
|
|
10
|
-
@lv_swap = "/dev
|
|
11
|
-
@lv_home = @home_disk ? "/dev
|
|
12
|
-
@luks_root =
|
|
13
|
-
@luks_home = @home_disk ?
|
|
11
|
+
@lv_root = "/dev/#{@vg}/root"
|
|
12
|
+
@lv_swap = "/dev/#{@vg}/swap"
|
|
13
|
+
@lv_home = @home_disk ? "/dev/#{@vg}/home" : nil
|
|
14
|
+
@luks_root = '/dev/mapper/cryptroot'
|
|
15
|
+
@luks_home = @home_disk ? '/dev/mapper/crypthome' : nil
|
|
14
16
|
end
|
|
15
17
|
|
|
16
18
|
private
|
|
@@ -1,8 +1,10 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
4
6
|
module Encrypt
|
|
5
|
-
class Format <
|
|
7
|
+
class Format < Device
|
|
6
8
|
def initialize
|
|
7
9
|
super
|
|
8
10
|
@fs = 'ext4'
|
|
@@ -12,16 +14,17 @@ module Getch
|
|
|
12
14
|
|
|
13
15
|
def format
|
|
14
16
|
return if STATES[:format]
|
|
17
|
+
|
|
15
18
|
puts "Format #{@disk}"
|
|
16
19
|
exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
|
|
17
20
|
exec("mkfs.#{@fs} -F #{@dev_boot}") if @dev_boot
|
|
18
|
-
exec("mkswap -f #{@lv_swap}")
|
|
19
21
|
exec("mkfs.#{@fs} -F #{@lv_root}")
|
|
20
22
|
exec("mkfs.#{@fs} -F #{@lv_home}") if @lv_home
|
|
21
23
|
@state.format
|
|
22
24
|
end
|
|
23
25
|
|
|
24
26
|
private
|
|
27
|
+
|
|
25
28
|
def exec(cmd)
|
|
26
29
|
Getch::Command.new(cmd).run!
|
|
27
30
|
end
|
|
@@ -1,8 +1,10 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
4
6
|
module Encrypt
|
|
5
|
-
class Mount <
|
|
7
|
+
class Mount < Device
|
|
6
8
|
def initialize
|
|
7
9
|
super
|
|
8
10
|
@mount = Getch::FileSystem::Mount.new
|
|
@@ -11,7 +13,7 @@ module Getch
|
|
|
11
13
|
|
|
12
14
|
def run
|
|
13
15
|
return if STATES[:mount]
|
|
14
|
-
|
|
16
|
+
|
|
15
17
|
@mount.root(@lv_root)
|
|
16
18
|
@mount.boot(@dev_boot)
|
|
17
19
|
@mount.esp(@dev_esp)
|
|
@@ -1,8 +1,12 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
4
6
|
module Encrypt
|
|
5
|
-
class Partition <
|
|
7
|
+
class Partition < Device
|
|
8
|
+
include Helpers::Cryptsetup
|
|
9
|
+
|
|
6
10
|
def initialize
|
|
7
11
|
super
|
|
8
12
|
@state = Getch::States.new()
|
|
@@ -15,10 +19,11 @@ module Getch
|
|
|
15
19
|
def run_partition
|
|
16
20
|
return if STATES[:partition ]
|
|
17
21
|
@clean.old_vg(@dev_root, @vg)
|
|
18
|
-
@clean.
|
|
19
|
-
@clean.
|
|
22
|
+
@clean.hdd(@disk)
|
|
23
|
+
@clean.external_disk(@disk, @boot_disk, @cache_disk, @home_disk)
|
|
24
|
+
|
|
20
25
|
partition
|
|
21
|
-
|
|
26
|
+
encrypting
|
|
22
27
|
lvm
|
|
23
28
|
@state.partition
|
|
24
29
|
end
|
|
@@ -26,21 +31,20 @@ module Getch
|
|
|
26
31
|
private
|
|
27
32
|
|
|
28
33
|
def partition
|
|
29
|
-
if Helpers
|
|
34
|
+
if Helpers.efi?
|
|
30
35
|
@partition.efi(@dev_esp)
|
|
31
|
-
@partition.root(@dev_root,
|
|
36
|
+
@partition.root(@dev_root, '8e00')
|
|
32
37
|
else
|
|
33
38
|
@partition.gpt(@dev_gpt)
|
|
34
39
|
@partition.boot(@dev_boot)
|
|
35
|
-
@partition.root(@dev_root,
|
|
40
|
+
@partition.root(@dev_root, '8e00')
|
|
36
41
|
end
|
|
37
42
|
end
|
|
38
43
|
|
|
39
|
-
def
|
|
40
|
-
@log.info(
|
|
41
|
-
|
|
42
|
-
@
|
|
43
|
-
Helpers::sys("cryptsetup open --type luks #{@dev_root} cryptroot")
|
|
44
|
+
def encrypting
|
|
45
|
+
@log.info('Cryptsetup')
|
|
46
|
+
encrypt(@dev_root)
|
|
47
|
+
open_crypt(@dev_root, 'cryptroot')
|
|
44
48
|
end
|
|
45
49
|
|
|
46
50
|
def lvm
|
|
@@ -57,7 +61,7 @@ module Getch
|
|
|
57
61
|
exec("lvcreate -y -Wy -Zy -l 100%FREE -n root #{@vg}")
|
|
58
62
|
end
|
|
59
63
|
|
|
60
|
-
exec(
|
|
64
|
+
exec('vgchange --available y')
|
|
61
65
|
end
|
|
62
66
|
|
|
63
67
|
# Follow https://wiki.archlinux.org/index.php/Partitioning
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Getch
|
|
4
|
+
module FileSystem
|
|
5
|
+
module Lvm
|
|
6
|
+
module Encrypt
|
|
7
|
+
class Void < Device
|
|
8
|
+
include Helpers::Void
|
|
9
|
+
|
|
10
|
+
attr_reader :boot_disk
|
|
11
|
+
|
|
12
|
+
# Create key to avoid enter password twice
|
|
13
|
+
def create_key
|
|
14
|
+
add_key('volume.key', @dev_root)
|
|
15
|
+
add_key('home.key', @dev_home) if @home_disk
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
# Key need to be added in dracut.conf.d and crypttab
|
|
19
|
+
def add_key(name, dev)
|
|
20
|
+
command "dd bs=1 count=64 if=/dev/urandom of=/boot/#{name}"
|
|
21
|
+
puts " => Creating a key for #{dev}, password required:"
|
|
22
|
+
chroot "cryptsetup luksAddKey #{dev} /boot/#{name}"
|
|
23
|
+
command "chmod 000 /boot/#{name}"
|
|
24
|
+
#command "chmod -R g-rwx,o-rwx /boot"
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def fstab
|
|
28
|
+
conf = "#{MOUNTPOINT}/etc/fstab"
|
|
29
|
+
File.write(conf, "\n", mode: 'w', chmod: 0644)
|
|
30
|
+
line_fstab(@dev_esp, '/efi vfat noauto,rw,relatime 0 0') if @dev_esp
|
|
31
|
+
line_fstab(@dev_boot, '/boot ext4 noauto,rw,relatime 0 0') if @dev_boot
|
|
32
|
+
add_line(conf, '/dev/mapper/cryptswap none swap sw 0 0')
|
|
33
|
+
add_line(conf, "#{@lv_home} /home ext4 rw,discard 0 0") if @home_disk
|
|
34
|
+
add_line(conf, "#{@lv_root} / ext4 rw,relatime 0 1")
|
|
35
|
+
add_line(conf, 'tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0')
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def crypttab
|
|
39
|
+
conf = "#{MOUNTPOINT}/etc/crypttab"
|
|
40
|
+
File.write(conf, "\n", mode: 'w', chmod: 0644)
|
|
41
|
+
add_line(conf, "cryptswap #{@lv_swap} /dev/urandom swap,discard,cipher=aes-xts-plain64:sha256,size=512")
|
|
42
|
+
line_crypttab(@vg, @dev_root, '/boot/volume.key', 'luks')
|
|
43
|
+
line_crypttab("crypthome", @dev_home, "/boot/home.key", "luks") if @home_disk
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def config_grub
|
|
47
|
+
conf = "#{MOUNTPOINT}/etc/default/grub"
|
|
48
|
+
content = 'GRUB_ENABLE_CRYPTODISK=y'
|
|
49
|
+
unless search(conf, content)
|
|
50
|
+
File.write(conf, "#{content}\n", mode: 'a')
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def config_dracut
|
|
55
|
+
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/lvm.conf"
|
|
56
|
+
content = [
|
|
57
|
+
'hostonly="yes"',
|
|
58
|
+
'omit_dracutmodules+=" btrfs "',
|
|
59
|
+
'install_items+=" /boot/volume.key /etc/crypttab "',
|
|
60
|
+
''
|
|
61
|
+
]
|
|
62
|
+
File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
|
|
63
|
+
#add_line(conf, "install_items+=\" /boot/home.key \"") if @home_disk
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def kernel_cmdline_dracut
|
|
67
|
+
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/cmdline.conf"
|
|
68
|
+
root_uuid = b_uuid(@dev_root)
|
|
69
|
+
args = "rd.lvm.vg=#{@vg} rd.luks.uuid=#{root_uuid} rootflags=rw,relatime"
|
|
70
|
+
line = "kernel_cmdline=\"#{args}\""
|
|
71
|
+
File.write(conf, "#{line}\n", mode: 'w', chmod: 0644)
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def finish
|
|
75
|
+
puts '+ Enter in your system: chroot /mnt /bin/bash'
|
|
76
|
+
puts '+ Reboot with: shutdown -r now'
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
private
|
|
80
|
+
|
|
81
|
+
def b_uuid(dev)
|
|
82
|
+
device = dev.delete_prefix('/dev/')
|
|
83
|
+
Dir.glob('/dev/disk/by-uuid/*').each { |f|
|
|
84
|
+
link = File.readlink(f)
|
|
85
|
+
return f.delete_prefix('/dev/disk/by-uuid/') if link.match(/#{device}$/)
|
|
86
|
+
}
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
# line_crypttab("cryptswap", "sda2", "/dev/urandom", "luks")
|
|
90
|
+
def line_crypttab(mapname, dev, point, rest)
|
|
91
|
+
conf = "#{MOUNTPOINT}/etc/crypttab"
|
|
92
|
+
device = s_uuid(dev)
|
|
93
|
+
raise "No partuuid for #{dev} #{device}" unless device
|
|
94
|
+
raise "Bad partuuid for #{dev} #{device}" if device.kind_of? Array
|
|
95
|
+
add_line(conf, "#{mapname} PARTUUID=#{device} #{point} #{rest}")
|
|
96
|
+
end
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
@@ -13,3 +15,4 @@ require_relative 'encrypt/format'
|
|
|
13
15
|
require_relative 'encrypt/mount'
|
|
14
16
|
require_relative 'encrypt/config'
|
|
15
17
|
require_relative 'encrypt/deps'
|
|
18
|
+
require_relative 'encrypt/void'
|
|
@@ -1,15 +1,18 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
module Getch
|
|
2
4
|
module FileSystem
|
|
3
5
|
module Lvm
|
|
4
6
|
class Format < Getch::FileSystem::Lvm::Device
|
|
5
7
|
def initialize
|
|
6
8
|
super
|
|
7
|
-
@state = Getch::States.new
|
|
9
|
+
@state = Getch::States.new
|
|
8
10
|
format
|
|
9
11
|
end
|
|
10
12
|
|
|
11
13
|
def format
|
|
12
14
|
return if STATES[:format]
|
|
15
|
+
|
|
13
16
|
exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
|
|
14
17
|
exec("mkfs.ext4 -F #{@dev_boot}") if @dev_boot
|
|
15
18
|
exec("mkswap -f #{@lv_swap}")
|