getch 0.1.5 → 0.1.6

data/lib/getch/command.rb

@@ -59,7 +59,7 @@ module Getch
       block.each do |f|
         begin
           data = f.read_nonblock(@block_size)
-          puts data if DEFAULT_OPTIONS[:verbose]
+          puts data if OPTIONS[:verbose]
         rescue EOFError
           puts ""
         rescue => e

data/lib/getch/config.rb

@@ -1,58 +1,42 @@
+require_relative 'config/gentoo'
+require_relative 'config/void'
+
+CONFIG_LOAD = {
+  gentoo: Getch::Config::Gentoo,
+  void: Getch::Config::Void
+}.freeze
+
 module Getch
-  class Config
-    def initialize
-      @systemd_net_dir = "#{MOUNTPOINT}/etc/systemd"
-    end
+  module Config
+    class Main
+      def initialize
+        os = OPTIONS[:os].to_sym
+        @load = CONFIG_LOAD[os].new
+      end
 
-    def network
-      ethernet
-      wifi
-      resolved
-      Getch::Chroot.new('systemctl enable systemd-networkd').run!
-      Getch::Chroot.new('systemctl enable systemd-resolved').run!
-    end
+      def ethernet
+        @load.ethernet
+      end
 
-    private
+      def dns
+        @load.dns
+      end
 
-    def ethernet
-      conf = "#{@systemd_net_dir}/network/20-ethernet.network"
-      datas = [
-        "[Match]",
-        "Name=en*",
-        "Name=eth*",
-        "[Network]",
-        "DHCP=yes",
-        "IPv6PrivacyExtensions=yes",
-        "[DHCP]",
-        "RouteMetric=512"
-      ]
-      File.write(conf, datas.join("\n"), mode: 'w')
-    end
+      def wifi
+        @load.wifi
+      end
 
-    def wifi
-      conf = "#{@systemd_net_dir}/network/20-wireless.network"
-      datas = [
-        "[Match]",
-        "Name=wlp*",
-        "Name=wlan*",
-        "[Network]",
-        "DHCP=yes",
-        "IPv6PrivacyExtensions=yes",
-        "[DHCP]",
-        "RouteMetric=1024",
-      ]
-      File.write(conf, datas.join("\n"), mode: 'w')
-    end
+      def sysctl
+        pwd = File.expand_path(File.dirname(__FILE__))
+        dest = "#{Getch::MOUNTPOINT}/etc/sysctl.d/"
 
-    def resolved
-      conf = "#{@systemd_net_dir}/resolved.conf.d/dns_over_tls.conf"
-      datas = [
-        "[Resolve]",
-        "DNS=9.9.9.9#dns.quad9.net",
-        "DNSOverTLS=yes",
-      ]
-      Helpers::create_dir("#{@systemd_net_dir}/resolved.conf.d")
-      File.write(conf, datas.join("\n"), mode: 'w')
+        Helpers::mkdir dest
+        Helpers::cp("#{pwd}/../../assets/network-stack.conf", dest)
+      end
+      
+      def shell
+        @load.shell
+      end
     end
   end
 end

data/lib/getch/config/gentoo.rb

@@ -0,0 +1,59 @@
+module Getch
+  module Config
+    class Gentoo
+      def initialize
+        @systemd_net_dir = "#{MOUNTPOINT}/etc/systemd"
+      end
+
+      def ethernet
+        conf = "#{@systemd_net_dir}/network/20-ethernet.network"
+        datas = [
+          "[Match]",
+          "Name=en*",
+          "Name=eth*",
+          "[Network]",
+          "DHCP=yes",
+          "IPv6PrivacyExtensions=yes",
+          "[DHCP]",
+          "RouteMetric=512",
+          "",
+        ]
+        File.write(conf, datas.join("\n"), mode: 'w')
+      end
+
+      def wifi
+        conf = "#{@systemd_net_dir}/network/20-wireless.network"
+        datas = [
+          "[Match]",
+          "Name=wlp*",
+          "Name=wlan*",
+          "[Network]",
+          "DHCP=yes",
+          "IPv6PrivacyExtensions=yes",
+          "[DHCP]",
+          "RouteMetric=1024",
+          "",
+        ]
+        File.write(conf, datas.join("\n"), mode: 'w')
+      end
+
+      def dns
+        conf = "#{@systemd_net_dir}/resolved.conf.d/dns_over_tls.conf"
+        datas = [
+          "[Resolve]",
+          "DNS=9.9.9.9#dns.quad9.net",
+          "DNSOverTLS=yes",
+          "",
+        ]
+        Helpers::create_dir("#{@systemd_net_dir}/resolved.conf.d")
+        File.write(conf, datas.join("\n"), mode: 'w')
+
+        Getch::Chroot.new('systemctl enable systemd-networkd').run!
+        Getch::Chroot.new('systemctl enable systemd-resolved').run!
+      end
+
+      def shell
+      end
+    end
+  end
+end

data/lib/getch/config/void.rb

@@ -0,0 +1,49 @@
+require_relative '../helpers'
+
+module Getch
+  module Config
+    class Void
+      include Helpers::Void
+
+      def initialize
+        @service_dir = "/etc/runit/runsvdir/default/"
+      end
+
+      # Enable dhcpcd service
+      def ethernet
+        command "ln -fs /etc/sv/dhcpcd #{@service_dir}"
+      end
+
+      # with Quad9
+      # https://www.dnsknowledge.com/tutorials/how-to-setup-quad9-dns-on-a-linux/
+      def dns
+        conf = "#{MOUNTPOINT}/etc/resolv.conf"
+        content = [
+          "nameserver 9.9.9.9",
+          "nameserver 2620:fe::fe",
+          "options rotate",
+          "",
+        ]
+        File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
+      end
+
+      # https://docs.voidlinux.org/config/network/iwd.html
+      def wifi
+        conf = "#{MOUNTPOINT}/etc/iwd/main.conf"
+        content = [
+          "[General]",
+          "UseDefaultInterface=true",
+          "",
+        ]
+        File.write(conf, content.join("\n"), mode: 'a', chmod: 0644)
+        # Enabling dbus and iwd
+        command "ln -fs /etc/sv/dbus #{@service_dir}"
+        command "ln -fs /etc/sv/iwd #{@service_dir}"
+      end
+
+      def shell
+        command "chsh -s /bin/bash"
+      end
+    end
+  end
+end

data/lib/getch/filesystem/device.rb

@@ -4,12 +4,12 @@ module Getch
       def initialize
         @efi = Helpers::efi?
         @root_part = 1
-        @user = DEFAULT_OPTIONS[:username]
+        @user = Getch::OPTIONS[:username]
 
-        @disk = DEFAULT_OPTIONS[:disk]
-        @boot_disk = DEFAULT_OPTIONS[:boot_disk]
-        @cache_disk = DEFAULT_OPTIONS[:cache_disk]
-        @home_disk = DEFAULT_OPTIONS[:home_disk]
+        @disk = Getch::OPTIONS[:disk]
+        @boot_disk = Getch::OPTIONS[:boot_disk]
+        @cache_disk = Getch::OPTIONS[:cache_disk]
+        @home_disk = Getch::OPTIONS[:home_disk]
 
         search_boot
         search_swap

data/lib/getch/filesystem/ext4.rb

@@ -11,4 +11,5 @@ require_relative 'ext4/format'
 require_relative 'ext4/mount'
 require_relative 'ext4/config'
 require_relative 'ext4/deps'
+require_relative 'ext4/void'
 require_relative 'ext4/encrypt'

data/lib/getch/filesystem/ext4/encrypt.rb

@@ -13,3 +13,4 @@ require_relative 'encrypt/format'
 require_relative 'encrypt/mount'
 require_relative 'encrypt/config'
 require_relative 'encrypt/deps'
+require_relative 'encrypt/void'

data/lib/getch/filesystem/ext4/encrypt/config.rb

@@ -28,7 +28,7 @@ module Getch
               'title Gentoo Linux',
               'linux /vmlinuz',
               'initrd /initramfs',
-              "options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} keymap=#{DEFAULT_OPTIONS[:keymap]} rw"
+              "options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} keymap=#{Getch::OPTIONS[:keymap]} rw"
             ]
             File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
           end
@@ -46,7 +46,7 @@ module Getch
             return if Helpers::efi?
             file = "#{@root_dir}/etc/default/grub"
             cmdline = [
-              "GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{DEFAULT_OPTIONS[:keymap]}\"",
+              "GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{Getch::OPTIONS[:keymap]}\"",
               "GRUB_ENABLE_CRYPTODISK=y"
             ]
             File.write(file, cmdline.join("\n"), mode: 'a')

data/lib/getch/filesystem/ext4/encrypt/format.rb

@@ -13,7 +13,6 @@ module Getch
             return if STATES[:format]
             exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
             exec("mkfs.ext4 -F #{@luks_root}")
-            exec("mkswap -f #{@dev_swap}")
             exec("mkfs.ext4 -F #{@luks_home}") if @dev_home
             @state.format
           end

data/lib/getch/filesystem/ext4/encrypt/mount.rb

@@ -13,7 +13,6 @@ module Getch
 
           def run
             return if STATES[:mount]
-            @mount.swap(@dev_swap)
             @mount.root(@luks_root)
             @mount.boot(@dev_boot)
             @mount.esp(@dev_esp)

data/lib/getch/filesystem/ext4/encrypt/partition.rb

@@ -1,8 +1,12 @@
+require_relative '../../../helpers'
+
 module Getch
   module FileSystem
     module Ext4
       module Encrypt
-        class Partition < Getch::FileSystem::Ext4::Encrypt::Device
+        class Partition < Device
+          include Helpers::Cryptsetup
+
           def initialize
             super
             @state = Getch::States.new
@@ -18,11 +22,10 @@ module Getch
             @clean.external_disk(@disk, @boot_disk, @cache_disk, @home_disk)
             if Helpers::efi?
               partition_efi
-              encrypt_efi
             else
               partition_bios
-              encrypt_bios
             end
+            encrypting
             @state.partition
           end
 
@@ -40,19 +43,10 @@ module Getch
             @partition.home(@dev_home, "8309") if @dev_home
           end
 
-          def encrypt_efi
-            @log.info("Format root")
-            Helpers::sys("cryptsetup luksFormat #{@dev_root}")
-            @log.debug("Opening root")
-            Helpers::sys("cryptsetup open --type luks #{@dev_root} cryptroot")
-            encrypt_home
-          end
-
-          def encrypt_bios
-            @log.info("Format root for bios")
-            Helpers::sys("cryptsetup luksFormat --type luks1 #{@dev_root}")
-            @log.debug("Opening root")
-            Helpers::sys("cryptsetup open --type luks1 #{@dev_root} cryptroot")
+          def encrypting
+            @log.info("Cryptsetup")
+            encrypt(@dev_root)
+            open_crypt(@dev_root, "cryptroot")
             encrypt_home
           end
 

data/lib/getch/filesystem/ext4/encrypt/void.rb

@@ -0,0 +1,100 @@
+require_relative '../../../helpers'
+
+module Getch
+  module FileSystem
+    module Ext4
+      module Encrypt
+        class Void < Device
+          include Helpers::Void
+          attr_reader :boot_disk
+
+          # Create key to avoid enter password twice
+          def create_key
+            add_key("volume.key", @dev_root)
+            add_key("home.key", @dev_home) if @home_disk
+          end
+
+          # Key need to be added in dracut.conf.d and crypttab
+          def add_key(name, dev)
+            command "dd bs=1 count=64 if=/dev/urandom of=/boot/#{name}"
+            puts " => Creating a key for #{dev}, password required:"
+            chroot "cryptsetup luksAddKey #{dev} /boot/#{name}"
+            command "chmod 000 /boot/#{name}"
+            #command "chmod -R g-rwx,o-rwx /boot"
+          end
+
+          def fstab
+            conf = "#{MOUNTPOINT}/etc/fstab"
+            File.write(conf, "\n", mode: 'w', chmod: 0644)
+            line_fstab(@dev_esp, "/efi vfat noauto,rw,relatime 0 0") if @dev_esp
+            line_fstab(@dev_boot, "/boot ext4 noauto,rw,relatime 0 0") if @dev_boot
+            add_line(conf, "#{@luks_swap} none swap sw 0 0") if @dev_swap
+            add_line(conf, "#{@luks_home} /home ext4 rw,discard 0 0") if @home_disk
+            add_line(conf, "#{@luks_root} / ext4 rw,relatime 0 1")
+            add_line(conf, "tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0")
+          end
+
+          def crypttab
+            conf = "#{MOUNTPOINT}/etc/crypttab"
+            File.write(conf, "\n", mode: 'w', chmod: 0644)
+            line_crypttab("cryptswap", @dev_swap, "/dev/urandom", "swap,discard,cipher=aes-xts-plain64:sha256,size=512") if @dev_swap
+            line_crypttab("cryptroot", @dev_root, "/boot/volume.key", "luks")
+            line_crypttab("crypthome", @dev_home, "/boot/home.key", "luks") if @home_disk
+          end
+
+          def config_grub
+            conf = "#{MOUNTPOINT}/etc/default/grub"
+            content = "GRUB_ENABLE_CRYPTODISK=y"
+            unless search(conf, content)
+              File.write(conf, "#{content}\n", mode: 'a')
+            end
+          end
+
+          def config_dracut
+            conf = "#{MOUNTPOINT}/etc/dracut.conf.d/ext4.conf"
+            content = [
+              "hostonly=\"yes\"",
+              "omit_dracutmodules+=\" btrfs lvm \"",
+              "install_items+=\" /boot/volume.key /etc/crypttab \"",
+              ""
+            ]
+            File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
+            #add_line(conf, "install_items+=\" /boot/home.key \"") if @home_disk
+          end
+
+          def kernel_cmdline_dracut
+            conf = "#{MOUNTPOINT}/etc/dracut.conf.d/cmdline.conf"
+            root_uuid = b_uuid(@dev_root)
+            args = "rd.luks.uuid=#{root_uuid} rootfstype=ext4 rootflags=rw,relatime"
+            line = "kernel_cmdline=\"#{args}\""
+            File.write(conf, "#{line}\n", mode: 'w', chmod: 0644)
+          end
+
+          def finish
+            puts "+ Enter in your system: chroot /mnt /bin/bash"
+            puts "+ Reboot with: shutdown -r now"
+          end
+
+          private
+
+          def b_uuid(dev)
+            device = dev.delete_prefix("/dev/")
+            Dir.glob("/dev/disk/by-uuid/*").each { |f|
+              link = File.readlink(f)
+              return f.delete_prefix("/dev/disk/by-uuid/") if link.match(/#{device}$/)
+            }
+          end
+
+          # line_crypttab("cryptswap", "sda2", "/dev/urandom", "luks")
+          def line_crypttab(mapname, dev, point, rest)
+            conf = "#{MOUNTPOINT}/etc/crypttab"
+            device = s_uuid(dev)
+            raise "No partuuid for #{dev} #{device}" if !device
+            raise "Bad partuuid for #{dev} #{device}" if device.kind_of? Array
+            add_line(conf, "#{mapname} PARTUUID=#{device} #{point} #{rest}")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/getch/filesystem/ext4/format.rb

@@ -4,7 +4,7 @@ module Getch
       class Format < Getch::FileSystem::Ext4::Device
         def initialize
           super
-          @state = Getch::States.new()
+          @state = Getch::States.new
           format
         end