getch 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (72) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/README.md +64 -24
  5. data/assets/network-stack.conf +63 -0
  6. data/bin/getch +12 -4
  7. data/lib/getch.rb +113 -78
  8. data/lib/getch/command.rb +1 -1
  9. data/lib/getch/config.rb +33 -49
  10. data/lib/getch/config/gentoo.rb +59 -0
  11. data/lib/getch/config/void.rb +49 -0
  12. data/lib/getch/filesystem/.mount.rb.swp +0 -0
  13. data/lib/getch/filesystem/device.rb +5 -5
  14. data/lib/getch/filesystem/ext4.rb +1 -0
  15. data/lib/getch/filesystem/ext4/encrypt.rb +1 -0
  16. data/lib/getch/filesystem/ext4/encrypt/config.rb +2 -2
  17. data/lib/getch/filesystem/ext4/encrypt/format.rb +0 -1
  18. data/lib/getch/filesystem/ext4/encrypt/mount.rb +0 -1
  19. data/lib/getch/filesystem/ext4/encrypt/partition.rb +10 -16
  20. data/lib/getch/filesystem/ext4/encrypt/void.rb +100 -0
  21. data/lib/getch/filesystem/ext4/format.rb +1 -1
  22. data/lib/getch/filesystem/ext4/void.rb +43 -0
  23. data/lib/getch/filesystem/lvm.rb +1 -0
  24. data/lib/getch/filesystem/lvm/encrypt.rb +1 -0
  25. data/lib/getch/filesystem/lvm/encrypt/config.rb +2 -2
  26. data/lib/getch/filesystem/lvm/encrypt/format.rb +1 -2
  27. data/lib/getch/filesystem/lvm/encrypt/mount.rb +1 -2
  28. data/lib/getch/filesystem/lvm/encrypt/partition.rb +10 -7
  29. data/lib/getch/filesystem/lvm/encrypt/void.rb +100 -0
  30. data/lib/getch/filesystem/lvm/format.rb +1 -1
  31. data/lib/getch/filesystem/lvm/void.rb +45 -0
  32. data/lib/getch/filesystem/partition.rb +4 -4
  33. data/lib/getch/filesystem/zfs.rb +1 -0
  34. data/lib/getch/filesystem/zfs/config.rb +3 -3
  35. data/lib/getch/filesystem/zfs/deps.rb +11 -4
  36. data/lib/getch/filesystem/zfs/device.rb +6 -0
  37. data/lib/getch/filesystem/zfs/encrypt.rb +1 -0
  38. data/lib/getch/filesystem/zfs/encrypt/.mount.rb.swp +0 -0
  39. data/lib/getch/filesystem/zfs/encrypt/config.rb +5 -5
  40. data/lib/getch/filesystem/zfs/encrypt/deps.rb +11 -4
  41. data/lib/getch/filesystem/zfs/encrypt/device.rb +6 -0
  42. data/lib/getch/filesystem/zfs/encrypt/format.rb +9 -10
  43. data/lib/getch/filesystem/zfs/encrypt/mount.rb +5 -9
  44. data/lib/getch/filesystem/zfs/encrypt/partition.rb +3 -1
  45. data/lib/getch/filesystem/zfs/encrypt/void.rb +96 -0
  46. data/lib/getch/filesystem/zfs/format.rb +9 -9
  47. data/lib/getch/filesystem/zfs/mount.rb +5 -8
  48. data/lib/getch/filesystem/zfs/partition.rb +2 -1
  49. data/lib/getch/filesystem/zfs/void.rb +81 -0
  50. data/lib/getch/gentoo.rb +12 -15
  51. data/lib/getch/gentoo/boot.rb +7 -4
  52. data/lib/getch/gentoo/config.rb +8 -8
  53. data/lib/getch/gentoo/sources.rb +6 -3
  54. data/lib/getch/gentoo/stage.rb +0 -1
  55. data/lib/getch/gentoo/use_flag.rb +6 -7
  56. data/lib/getch/guard.rb +3 -1
  57. data/lib/getch/helpers.rb +107 -1
  58. data/lib/getch/log.rb +3 -2
  59. data/lib/getch/options.rb +41 -34
  60. data/lib/getch/version.rb +1 -1
  61. data/lib/getch/void.rb +59 -0
  62. data/lib/getch/void/boot.rb +80 -0
  63. data/lib/getch/void/chroot.rb +55 -0
  64. data/lib/getch/void/config.rb +87 -0
  65. data/lib/getch/void/stage.rb +70 -0
  66. metadata +22 -9
  67. metadata.gz.sig +0 -0
  68. data/.gitignore +0 -2
  69. data/CHANGELOG.md +0 -99
  70. data/Rakefile +0 -21
  71. data/bin/setup.sh +0 -90
  72. data/getch.gemspec +0 -25
data/lib/getch/command.rb CHANGED
@@ -59,7 +59,7 @@ module Getch
59
59
  block.each do |f|
60
60
  begin
61
61
  data = f.read_nonblock(@block_size)
62
- puts data if DEFAULT_OPTIONS[:verbose]
62
+ puts data if OPTIONS[:verbose]
63
63
  rescue EOFError
64
64
  puts ""
65
65
  rescue => e
data/lib/getch/config.rb CHANGED
@@ -1,58 +1,42 @@
1
+ require_relative 'config/gentoo'
2
+ require_relative 'config/void'
3
+
4
+ CONFIG_LOAD = {
5
+ gentoo: Getch::Config::Gentoo,
6
+ void: Getch::Config::Void
7
+ }.freeze
8
+
1
9
  module Getch
2
- class Config
3
- def initialize
4
- @systemd_net_dir = "#{MOUNTPOINT}/etc/systemd"
5
- end
10
+ module Config
11
+ class Main
12
+ def initialize
13
+ os = OPTIONS[:os].to_sym
14
+ @load = CONFIG_LOAD[os].new
15
+ end
6
16
 
7
- def network
8
- ethernet
9
- wifi
10
- resolved
11
- Getch::Chroot.new('systemctl enable systemd-networkd').run!
12
- Getch::Chroot.new('systemctl enable systemd-resolved').run!
13
- end
17
+ def ethernet
18
+ @load.ethernet
19
+ end
14
20
 
15
- private
21
+ def dns
22
+ @load.dns
23
+ end
16
24
 
17
- def ethernet
18
- conf = "#{@systemd_net_dir}/network/20-ethernet.network"
19
- datas = [
20
- "[Match]",
21
- "Name=en*",
22
- "Name=eth*",
23
- "[Network]",
24
- "DHCP=yes",
25
- "IPv6PrivacyExtensions=yes",
26
- "[DHCP]",
27
- "RouteMetric=512"
28
- ]
29
- File.write(conf, datas.join("\n"), mode: 'w')
30
- end
25
+ def wifi
26
+ @load.wifi
27
+ end
31
28
 
32
- def wifi
33
- conf = "#{@systemd_net_dir}/network/20-wireless.network"
34
- datas = [
35
- "[Match]",
36
- "Name=wlp*",
37
- "Name=wlan*",
38
- "[Network]",
39
- "DHCP=yes",
40
- "IPv6PrivacyExtensions=yes",
41
- "[DHCP]",
42
- "RouteMetric=1024",
43
- ]
44
- File.write(conf, datas.join("\n"), mode: 'w')
45
- end
29
+ def sysctl
30
+ pwd = File.expand_path(File.dirname(__FILE__))
31
+ dest = "#{Getch::MOUNTPOINT}/etc/sysctl.d/"
46
32
 
47
- def resolved
48
- conf = "#{@systemd_net_dir}/resolved.conf.d/dns_over_tls.conf"
49
- datas = [
50
- "[Resolve]",
51
- "DNS=9.9.9.9#dns.quad9.net",
52
- "DNSOverTLS=yes",
53
- ]
54
- Helpers::create_dir("#{@systemd_net_dir}/resolved.conf.d")
55
- File.write(conf, datas.join("\n"), mode: 'w')
33
+ Helpers::mkdir dest
34
+ Helpers::cp("#{pwd}/../../assets/network-stack.conf", dest)
35
+ end
36
+
37
+ def shell
38
+ @load.shell
39
+ end
56
40
  end
57
41
  end
58
42
  end
@@ -0,0 +1,59 @@
1
+ module Getch
2
+ module Config
3
+ class Gentoo
4
+ def initialize
5
+ @systemd_net_dir = "#{MOUNTPOINT}/etc/systemd"
6
+ end
7
+
8
+ def ethernet
9
+ conf = "#{@systemd_net_dir}/network/20-ethernet.network"
10
+ datas = [
11
+ "[Match]",
12
+ "Name=en*",
13
+ "Name=eth*",
14
+ "[Network]",
15
+ "DHCP=yes",
16
+ "IPv6PrivacyExtensions=yes",
17
+ "[DHCP]",
18
+ "RouteMetric=512",
19
+ "",
20
+ ]
21
+ File.write(conf, datas.join("\n"), mode: 'w')
22
+ end
23
+
24
+ def wifi
25
+ conf = "#{@systemd_net_dir}/network/20-wireless.network"
26
+ datas = [
27
+ "[Match]",
28
+ "Name=wlp*",
29
+ "Name=wlan*",
30
+ "[Network]",
31
+ "DHCP=yes",
32
+ "IPv6PrivacyExtensions=yes",
33
+ "[DHCP]",
34
+ "RouteMetric=1024",
35
+ "",
36
+ ]
37
+ File.write(conf, datas.join("\n"), mode: 'w')
38
+ end
39
+
40
+ def dns
41
+ conf = "#{@systemd_net_dir}/resolved.conf.d/dns_over_tls.conf"
42
+ datas = [
43
+ "[Resolve]",
44
+ "DNS=9.9.9.9#dns.quad9.net",
45
+ "DNSOverTLS=yes",
46
+ "",
47
+ ]
48
+ Helpers::create_dir("#{@systemd_net_dir}/resolved.conf.d")
49
+ File.write(conf, datas.join("\n"), mode: 'w')
50
+
51
+ Getch::Chroot.new('systemctl enable systemd-networkd').run!
52
+ Getch::Chroot.new('systemctl enable systemd-resolved').run!
53
+ end
54
+
55
+ def shell
56
+ end
57
+ end
58
+ end
59
+ end
@@ -0,0 +1,49 @@
1
+ require_relative '../helpers'
2
+
3
+ module Getch
4
+ module Config
5
+ class Void
6
+ include Helpers::Void
7
+
8
+ def initialize
9
+ @service_dir = "/etc/runit/runsvdir/default/"
10
+ end
11
+
12
+ # Enable dhcpcd service
13
+ def ethernet
14
+ command "ln -fs /etc/sv/dhcpcd #{@service_dir}"
15
+ end
16
+
17
+ # with Quad9
18
+ # https://www.dnsknowledge.com/tutorials/how-to-setup-quad9-dns-on-a-linux/
19
+ def dns
20
+ conf = "#{MOUNTPOINT}/etc/resolv.conf"
21
+ content = [
22
+ "nameserver 9.9.9.9",
23
+ "nameserver 2620:fe::fe",
24
+ "options rotate",
25
+ "",
26
+ ]
27
+ File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
28
+ end
29
+
30
+ # https://docs.voidlinux.org/config/network/iwd.html
31
+ def wifi
32
+ conf = "#{MOUNTPOINT}/etc/iwd/main.conf"
33
+ content = [
34
+ "[General]",
35
+ "UseDefaultInterface=true",
36
+ "",
37
+ ]
38
+ File.write(conf, content.join("\n"), mode: 'a', chmod: 0644)
39
+ # Enabling dbus and iwd
40
+ command "ln -fs /etc/sv/dbus #{@service_dir}"
41
+ command "ln -fs /etc/sv/iwd #{@service_dir}"
42
+ end
43
+
44
+ def shell
45
+ command "chsh -s /bin/bash"
46
+ end
47
+ end
48
+ end
49
+ end
Binary file
@@ -4,12 +4,12 @@ module Getch
4
4
  def initialize
5
5
  @efi = Helpers::efi?
6
6
  @root_part = 1
7
- @user = DEFAULT_OPTIONS[:username]
7
+ @user = Getch::OPTIONS[:username]
8
8
 
9
- @disk = DEFAULT_OPTIONS[:disk]
10
- @boot_disk = DEFAULT_OPTIONS[:boot_disk]
11
- @cache_disk = DEFAULT_OPTIONS[:cache_disk]
12
- @home_disk = DEFAULT_OPTIONS[:home_disk]
9
+ @disk = Getch::OPTIONS[:disk]
10
+ @boot_disk = Getch::OPTIONS[:boot_disk]
11
+ @cache_disk = Getch::OPTIONS[:cache_disk]
12
+ @home_disk = Getch::OPTIONS[:home_disk]
13
13
 
14
14
  search_boot
15
15
  search_swap
@@ -11,4 +11,5 @@ require_relative 'ext4/format'
11
11
  require_relative 'ext4/mount'
12
12
  require_relative 'ext4/config'
13
13
  require_relative 'ext4/deps'
14
+ require_relative 'ext4/void'
14
15
  require_relative 'ext4/encrypt'
@@ -13,3 +13,4 @@ require_relative 'encrypt/format'
13
13
  require_relative 'encrypt/mount'
14
14
  require_relative 'encrypt/config'
15
15
  require_relative 'encrypt/deps'
16
+ require_relative 'encrypt/void'
@@ -28,7 +28,7 @@ module Getch
28
28
  'title Gentoo Linux',
29
29
  'linux /vmlinuz',
30
30
  'initrd /initramfs',
31
- "options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} keymap=#{DEFAULT_OPTIONS[:keymap]} rw"
31
+ "options crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} keymap=#{Getch::OPTIONS[:keymap]} rw"
32
32
  ]
33
33
  File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
34
34
  end
@@ -46,7 +46,7 @@ module Getch
46
46
  return if Helpers::efi?
47
47
  file = "#{@root_dir}/etc/default/grub"
48
48
  cmdline = [
49
- "GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{DEFAULT_OPTIONS[:keymap]}\"",
49
+ "GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{Getch::OPTIONS[:keymap]}\"",
50
50
  "GRUB_ENABLE_CRYPTODISK=y"
51
51
  ]
52
52
  File.write(file, cmdline.join("\n"), mode: 'a')
@@ -13,7 +13,6 @@ module Getch
13
13
  return if STATES[:format]
14
14
  exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
15
15
  exec("mkfs.ext4 -F #{@luks_root}")
16
- exec("mkswap -f #{@dev_swap}")
17
16
  exec("mkfs.ext4 -F #{@luks_home}") if @dev_home
18
17
  @state.format
19
18
  end
@@ -13,7 +13,6 @@ module Getch
13
13
 
14
14
  def run
15
15
  return if STATES[:mount]
16
- @mount.swap(@dev_swap)
17
16
  @mount.root(@luks_root)
18
17
  @mount.boot(@dev_boot)
19
18
  @mount.esp(@dev_esp)
@@ -1,8 +1,12 @@
1
+ require_relative '../../../helpers'
2
+
1
3
  module Getch
2
4
  module FileSystem
3
5
  module Ext4
4
6
  module Encrypt
5
- class Partition < Getch::FileSystem::Ext4::Encrypt::Device
7
+ class Partition < Device
8
+ include Helpers::Cryptsetup
9
+
6
10
  def initialize
7
11
  super
8
12
  @state = Getch::States.new
@@ -18,11 +22,10 @@ module Getch
18
22
  @clean.external_disk(@disk, @boot_disk, @cache_disk, @home_disk)
19
23
  if Helpers::efi?
20
24
  partition_efi
21
- encrypt_efi
22
25
  else
23
26
  partition_bios
24
- encrypt_bios
25
27
  end
28
+ encrypting
26
29
  @state.partition
27
30
  end
28
31
 
@@ -40,19 +43,10 @@ module Getch
40
43
  @partition.home(@dev_home, "8309") if @dev_home
41
44
  end
42
45
 
43
- def encrypt_efi
44
- @log.info("Format root")
45
- Helpers::sys("cryptsetup luksFormat #{@dev_root}")
46
- @log.debug("Opening root")
47
- Helpers::sys("cryptsetup open --type luks #{@dev_root} cryptroot")
48
- encrypt_home
49
- end
50
-
51
- def encrypt_bios
52
- @log.info("Format root for bios")
53
- Helpers::sys("cryptsetup luksFormat --type luks1 #{@dev_root}")
54
- @log.debug("Opening root")
55
- Helpers::sys("cryptsetup open --type luks1 #{@dev_root} cryptroot")
46
+ def encrypting
47
+ @log.info("Cryptsetup")
48
+ encrypt(@dev_root)
49
+ open_crypt(@dev_root, "cryptroot")
56
50
  encrypt_home
57
51
  end
58
52
 
@@ -0,0 +1,100 @@
1
+ require_relative '../../../helpers'
2
+
3
+ module Getch
4
+ module FileSystem
5
+ module Ext4
6
+ module Encrypt
7
+ class Void < Device
8
+ include Helpers::Void
9
+ attr_reader :boot_disk
10
+
11
+ # Create key to avoid enter password twice
12
+ def create_key
13
+ add_key("volume.key", @dev_root)
14
+ add_key("home.key", @dev_home) if @home_disk
15
+ end
16
+
17
+ # Key need to be added in dracut.conf.d and crypttab
18
+ def add_key(name, dev)
19
+ command "dd bs=1 count=64 if=/dev/urandom of=/boot/#{name}"
20
+ puts " => Creating a key for #{dev}, password required:"
21
+ chroot "cryptsetup luksAddKey #{dev} /boot/#{name}"
22
+ command "chmod 000 /boot/#{name}"
23
+ #command "chmod -R g-rwx,o-rwx /boot"
24
+ end
25
+
26
+ def fstab
27
+ conf = "#{MOUNTPOINT}/etc/fstab"
28
+ File.write(conf, "\n", mode: 'w', chmod: 0644)
29
+ line_fstab(@dev_esp, "/efi vfat noauto,rw,relatime 0 0") if @dev_esp
30
+ line_fstab(@dev_boot, "/boot ext4 noauto,rw,relatime 0 0") if @dev_boot
31
+ add_line(conf, "#{@luks_swap} none swap sw 0 0") if @dev_swap
32
+ add_line(conf, "#{@luks_home} /home ext4 rw,discard 0 0") if @home_disk
33
+ add_line(conf, "#{@luks_root} / ext4 rw,relatime 0 1")
34
+ add_line(conf, "tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0")
35
+ end
36
+
37
+ def crypttab
38
+ conf = "#{MOUNTPOINT}/etc/crypttab"
39
+ File.write(conf, "\n", mode: 'w', chmod: 0644)
40
+ line_crypttab("cryptswap", @dev_swap, "/dev/urandom", "swap,discard,cipher=aes-xts-plain64:sha256,size=512") if @dev_swap
41
+ line_crypttab("cryptroot", @dev_root, "/boot/volume.key", "luks")
42
+ line_crypttab("crypthome", @dev_home, "/boot/home.key", "luks") if @home_disk
43
+ end
44
+
45
+ def config_grub
46
+ conf = "#{MOUNTPOINT}/etc/default/grub"
47
+ content = "GRUB_ENABLE_CRYPTODISK=y"
48
+ unless search(conf, content)
49
+ File.write(conf, "#{content}\n", mode: 'a')
50
+ end
51
+ end
52
+
53
+ def config_dracut
54
+ conf = "#{MOUNTPOINT}/etc/dracut.conf.d/ext4.conf"
55
+ content = [
56
+ "hostonly=\"yes\"",
57
+ "omit_dracutmodules+=\" btrfs lvm \"",
58
+ "install_items+=\" /boot/volume.key /etc/crypttab \"",
59
+ ""
60
+ ]
61
+ File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
62
+ #add_line(conf, "install_items+=\" /boot/home.key \"") if @home_disk
63
+ end
64
+
65
+ def kernel_cmdline_dracut
66
+ conf = "#{MOUNTPOINT}/etc/dracut.conf.d/cmdline.conf"
67
+ root_uuid = b_uuid(@dev_root)
68
+ args = "rd.luks.uuid=#{root_uuid} rootfstype=ext4 rootflags=rw,relatime"
69
+ line = "kernel_cmdline=\"#{args}\""
70
+ File.write(conf, "#{line}\n", mode: 'w', chmod: 0644)
71
+ end
72
+
73
+ def finish
74
+ puts "+ Enter in your system: chroot /mnt /bin/bash"
75
+ puts "+ Reboot with: shutdown -r now"
76
+ end
77
+
78
+ private
79
+
80
+ def b_uuid(dev)
81
+ device = dev.delete_prefix("/dev/")
82
+ Dir.glob("/dev/disk/by-uuid/*").each { |f|
83
+ link = File.readlink(f)
84
+ return f.delete_prefix("/dev/disk/by-uuid/") if link.match(/#{device}$/)
85
+ }
86
+ end
87
+
88
+ # line_crypttab("cryptswap", "sda2", "/dev/urandom", "luks")
89
+ def line_crypttab(mapname, dev, point, rest)
90
+ conf = "#{MOUNTPOINT}/etc/crypttab"
91
+ device = s_uuid(dev)
92
+ raise "No partuuid for #{dev} #{device}" if !device
93
+ raise "Bad partuuid for #{dev} #{device}" if device.kind_of? Array
94
+ add_line(conf, "#{mapname} PARTUUID=#{device} #{point} #{rest}")
95
+ end
96
+ end
97
+ end
98
+ end
99
+ end
100
+ end
@@ -4,7 +4,7 @@ module Getch
4
4
  class Format < Getch::FileSystem::Ext4::Device
5
5
  def initialize
6
6
  super
7
- @state = Getch::States.new()
7
+ @state = Getch::States.new
8
8
  format
9
9
  end
10
10