getch 0.1.6 → 0.1.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/README.md +17 -26
- data/assets/system.conf +38 -0
- data/lib/cmdline.rb +128 -0
- data/lib/getch/command.rb +31 -21
- data/lib/getch/config/gentoo.rb +22 -23
- data/lib/getch/config/void.rb +8 -10
- data/lib/getch/config.rb +5 -2
- data/lib/getch/filesystem/clean.rb +15 -15
- data/lib/getch/filesystem/device.rb +3 -1
- data/lib/getch/filesystem/ext4/config.rb +8 -4
- data/lib/getch/filesystem/ext4/deps.rb +3 -1
- data/lib/getch/filesystem/ext4/device.rb +2 -3
- data/lib/getch/filesystem/ext4/encrypt/config.rb +12 -7
- data/lib/getch/filesystem/ext4/encrypt/deps.rb +4 -2
- data/lib/getch/filesystem/ext4/encrypt/device.rb +5 -3
- data/lib/getch/filesystem/ext4/encrypt/format.rb +4 -1
- data/lib/getch/filesystem/ext4/encrypt/mount.rb +3 -2
- data/lib/getch/filesystem/ext4/encrypt/partition.rb +21 -21
- data/lib/getch/filesystem/ext4/encrypt/void.rb +22 -21
- data/lib/getch/filesystem/ext4/encrypt.rb +2 -0
- data/lib/getch/filesystem/ext4/format.rb +3 -0
- data/lib/getch/filesystem/ext4/mount.rb +3 -0
- data/lib/getch/filesystem/ext4/partition.rb +9 -6
- data/lib/getch/filesystem/ext4/void.rb +8 -7
- data/lib/getch/filesystem/ext4.rb +2 -0
- data/lib/getch/filesystem/lvm/config.rb +7 -22
- data/lib/getch/filesystem/lvm/deps.rb +6 -4
- data/lib/getch/filesystem/lvm/device.rb +2 -0
- data/lib/getch/filesystem/lvm/encrypt/config.rb +12 -9
- data/lib/getch/filesystem/lvm/encrypt/deps.rb +6 -3
- data/lib/getch/filesystem/lvm/encrypt/device.rb +4 -2
- data/lib/getch/filesystem/lvm/encrypt/format.rb +4 -0
- data/lib/getch/filesystem/lvm/encrypt/mount.rb +3 -0
- data/lib/getch/filesystem/lvm/encrypt/partition.rb +7 -7
- data/lib/getch/filesystem/lvm/encrypt/void.rb +20 -19
- data/lib/getch/filesystem/lvm/encrypt.rb +2 -0
- data/lib/getch/filesystem/lvm/format.rb +3 -0
- data/lib/getch/filesystem/lvm/mount.rb +3 -0
- data/lib/getch/filesystem/lvm/partition.rb +8 -5
- data/lib/getch/filesystem/lvm/void.rb +7 -6
- data/lib/getch/filesystem/lvm.rb +2 -0
- data/lib/getch/filesystem/mount.rb +19 -12
- data/lib/getch/filesystem/partition.rb +16 -8
- data/lib/getch/filesystem/zfs/config.rb +9 -23
- data/lib/getch/filesystem/zfs/deps.rb +22 -57
- data/lib/getch/filesystem/zfs/device.rb +3 -1
- data/lib/getch/filesystem/zfs/encrypt/config.rb +10 -26
- data/lib/getch/filesystem/zfs/encrypt/deps.rb +25 -60
- data/lib/getch/filesystem/zfs/encrypt/device.rb +3 -1
- data/lib/getch/filesystem/zfs/encrypt/format.rb +12 -8
- data/lib/getch/filesystem/zfs/encrypt/mount.rb +13 -8
- data/lib/getch/filesystem/zfs/encrypt/partition.rb +18 -15
- data/lib/getch/filesystem/zfs/encrypt/void.rb +23 -22
- data/lib/getch/filesystem/zfs/encrypt.rb +2 -0
- data/lib/getch/filesystem/zfs/format.rb +9 -5
- data/lib/getch/filesystem/zfs/mount.rb +9 -7
- data/lib/getch/filesystem/zfs/partition.rb +15 -12
- data/lib/getch/filesystem/zfs/void.rb +20 -20
- data/lib/getch/filesystem/zfs.rb +2 -0
- data/lib/getch/filesystem.rb +2 -0
- data/lib/getch/gentoo/boot.rb +21 -72
- data/lib/getch/gentoo/bootloader.rb +68 -0
- data/lib/getch/gentoo/chroot.rb +26 -33
- data/lib/getch/gentoo/config.rb +30 -26
- data/lib/getch/gentoo/sources.rb +55 -66
- data/lib/getch/gentoo/stage.rb +12 -12
- data/lib/getch/gentoo/use.rb +3 -7
- data/lib/getch/gentoo/use_flag.rb +77 -51
- data/lib/getch/gentoo.rb +22 -8
- data/lib/getch/guard.rb +50 -43
- data/lib/getch/helpers.rb +155 -143
- data/lib/getch/log.rb +7 -5
- data/lib/getch/options.rb +16 -14
- data/lib/getch/states.rb +10 -3
- data/lib/getch/version.rb +1 -1
- data/lib/getch/void/boot.rb +18 -14
- data/lib/getch/void/chroot.rb +20 -19
- data/lib/getch/void/config.rb +20 -17
- data/lib/getch/void/stage.rb +13 -14
- data/lib/getch/void.rb +7 -1
- data/lib/getch.rb +13 -5
- data.tar.gz.sig +0 -0
- metadata +6 -5
- metadata.gz.sig +0 -0
- data/lib/getch/filesystem/.mount.rb.swp +0 -0
- data/lib/getch/filesystem/zfs/encrypt/.mount.rb.swp +0 -0
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'fileutils'
|
2
4
|
|
3
5
|
module Getch
|
@@ -21,7 +23,8 @@ module Getch
|
|
21
23
|
end
|
22
24
|
|
23
25
|
def systemd_boot
|
24
|
-
return
|
26
|
+
return unless Helpers.efi?
|
27
|
+
|
25
28
|
esp = '/efi'
|
26
29
|
dir = "#{@root_dir}/#{esp}/loader/entries/"
|
27
30
|
datas_gentoo = [
|
@@ -43,7 +46,8 @@ module Getch
|
|
43
46
|
end
|
44
47
|
|
45
48
|
def grub
|
46
|
-
return if Helpers
|
49
|
+
return if Helpers.efi?
|
50
|
+
|
47
51
|
file = "#{@root_dir}/etc/default/grub"
|
48
52
|
cmdline = [
|
49
53
|
"GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root init=#{@init} rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{Getch::OPTIONS[:keymap]}\"",
|
@@ -55,9 +59,9 @@ module Getch
|
|
55
59
|
private
|
56
60
|
|
57
61
|
def gen_uuid
|
58
|
-
@partuuid_swap = Helpers
|
62
|
+
@partuuid_swap = Helpers.partuuid(@dev_swap)
|
59
63
|
@uuid_dev_root = `lsblk -d -o "UUID" #{@dev_root} | tail -1`.chomp() if @dev_root
|
60
|
-
@uuid_esp = Helpers
|
64
|
+
@uuid_esp = Helpers.uuid(@dev_esp) if @dev_esp
|
61
65
|
@uuid_root = `lsblk -d -o "UUID" #{@luks_root} | tail -1`.chomp() if @dev_root
|
62
66
|
@uuid_home = `lsblk -d -o "UUID" #{@dev_home} | tail -1`.chomp() if @luks_home
|
63
67
|
end
|
@@ -72,10 +76,11 @@ module Getch
|
|
72
76
|
end
|
73
77
|
|
74
78
|
def move_secret_keys
|
75
|
-
return
|
76
|
-
|
79
|
+
return unless @luks_home
|
80
|
+
|
81
|
+
puts 'Moving secret keys'
|
77
82
|
keys_path = "#{@root_dir}/root/secretkeys"
|
78
|
-
FileUtils.mv(
|
83
|
+
FileUtils.mv('/root/secretkeys', keys_path) unless Dir.exist? keys_path
|
79
84
|
end
|
80
85
|
end
|
81
86
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Ext4
|
@@ -6,13 +8,13 @@ module Getch
|
|
6
8
|
def make
|
7
9
|
install_deps
|
8
10
|
genkernel
|
9
|
-
Getch::Make.new(
|
11
|
+
Getch::Make.new('genkernel --kernel-config=/usr/src/linux/.config all').run!
|
10
12
|
end
|
11
13
|
|
12
14
|
private
|
13
15
|
|
14
16
|
def genkernel
|
15
|
-
grub = Helpers
|
17
|
+
grub = Helpers.efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
|
16
18
|
datas = [
|
17
19
|
'',
|
18
20
|
grub,
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Ext4
|
@@ -5,9 +7,9 @@ module Getch
|
|
5
7
|
class Device < Getch::FileSystem::Device
|
6
8
|
def initialize
|
7
9
|
super
|
8
|
-
@luks_root =
|
9
|
-
@luks_home = @home_disk ?
|
10
|
-
@luks_swap =
|
10
|
+
@luks_root = '/dev/mapper/cryptroot'
|
11
|
+
@luks_home = @home_disk ? '/dev/mapper/crypthome' : nil
|
12
|
+
@luks_swap = '/dev/mapper/cryptswap'
|
11
13
|
end
|
12
14
|
end
|
13
15
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Ext4
|
@@ -5,12 +7,13 @@ module Getch
|
|
5
7
|
class Format < Getch::FileSystem::Ext4::Encrypt::Device
|
6
8
|
def initialize
|
7
9
|
super
|
8
|
-
@state = Getch::States.new
|
10
|
+
@state = Getch::States.new
|
9
11
|
format
|
10
12
|
end
|
11
13
|
|
12
14
|
def format
|
13
15
|
return if STATES[:format]
|
16
|
+
|
14
17
|
exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
|
15
18
|
exec("mkfs.ext4 -F #{@luks_root}")
|
16
19
|
exec("mkfs.ext4 -F #{@luks_home}") if @dev_home
|
@@ -1,4 +1,4 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Getch
|
4
4
|
module FileSystem
|
@@ -8,11 +8,12 @@ module Getch
|
|
8
8
|
def initialize
|
9
9
|
super
|
10
10
|
@mount = Getch::FileSystem::Mount.new
|
11
|
-
@state = Getch::States.new
|
11
|
+
@state = Getch::States.new
|
12
12
|
end
|
13
13
|
|
14
14
|
def run
|
15
15
|
return if STATES[:mount]
|
16
|
+
|
16
17
|
@mount.root(@luks_root)
|
17
18
|
@mount.boot(@dev_boot)
|
18
19
|
@mount.esp(@dev_esp)
|
@@ -1,5 +1,3 @@
|
|
1
|
-
require_relative '../../../helpers'
|
2
|
-
|
3
1
|
module Getch
|
4
2
|
module FileSystem
|
5
3
|
module Ext4
|
@@ -18,9 +16,10 @@ module Getch
|
|
18
16
|
|
19
17
|
def run_partition
|
20
18
|
return if STATES[:partition ]
|
19
|
+
|
21
20
|
@clean.hdd(@disk)
|
22
21
|
@clean.external_disk(@disk, @boot_disk, @cache_disk, @home_disk)
|
23
|
-
if Helpers
|
22
|
+
if Helpers.efi?
|
24
23
|
partition_efi
|
25
24
|
else
|
26
25
|
partition_bios
|
@@ -39,34 +38,35 @@ module Getch
|
|
39
38
|
# /home - Home
|
40
39
|
@partition.efi(@dev_esp)
|
41
40
|
@partition.swap(@dev_swap)
|
42
|
-
@partition.root(@dev_root,
|
43
|
-
@partition.home(@dev_home,
|
41
|
+
@partition.root(@dev_root, '8309')
|
42
|
+
@partition.home(@dev_home, '8309') if @dev_home
|
44
43
|
end
|
45
44
|
|
46
45
|
def encrypting
|
47
|
-
@log.info(
|
46
|
+
@log.info('Cryptsetup')
|
48
47
|
encrypt(@dev_root)
|
49
|
-
open_crypt(@dev_root,
|
48
|
+
open_crypt(@dev_root, 'cryptroot')
|
50
49
|
encrypt_home
|
51
50
|
end
|
52
51
|
|
53
52
|
def encrypt_home
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
53
|
+
return unless @dev_home
|
54
|
+
|
55
|
+
create_secret_keys
|
56
|
+
@log.info("Format home with #{@key_path}")
|
57
|
+
Helpers.sys("cryptsetup luksFormat #{@dev_home} #{@key_path}")
|
58
|
+
@log.debug("Open home with key #{@key_path}")
|
59
|
+
exec("cryptsetup open --type luks -d #{@key_path} #{@dev_home} crypthome")
|
61
60
|
end
|
62
61
|
|
63
62
|
def create_secret_keys
|
64
|
-
return
|
65
|
-
|
66
|
-
|
67
|
-
|
63
|
+
return unless @dev_home
|
64
|
+
|
65
|
+
@log.info('Creating secret keys')
|
66
|
+
keys_dir = '/root/secretkeys'
|
67
|
+
key_name = 'crypto_keyfile.bin'
|
68
68
|
@key_path = "#{keys_dir}/#{key_name}"
|
69
|
-
FileUtils.mkdir keys_dir, mode: 0700
|
69
|
+
FileUtils.mkdir keys_dir, mode: 0700 unless Dir.exist? keys_dir
|
70
70
|
exec("dd bs=512 count=4 if=/dev/urandom of=#{@key_path}")
|
71
71
|
end
|
72
72
|
|
@@ -77,8 +77,8 @@ module Getch
|
|
77
77
|
# /home - Home
|
78
78
|
@partition.gpt(@dev_gpt)
|
79
79
|
@partition.swap(@dev_swap)
|
80
|
-
@partition.root(@dev_root,
|
81
|
-
@partition.home(@dev_home,
|
80
|
+
@partition.root(@dev_root, '8309')
|
81
|
+
@partition.home(@dev_home, '8309') if @dev_home
|
82
82
|
end
|
83
83
|
|
84
84
|
def exec(cmd)
|
@@ -1,4 +1,4 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Getch
|
4
4
|
module FileSystem
|
@@ -6,12 +6,13 @@ module Getch
|
|
6
6
|
module Encrypt
|
7
7
|
class Void < Device
|
8
8
|
include Helpers::Void
|
9
|
+
|
9
10
|
attr_reader :boot_disk
|
10
11
|
|
11
12
|
# Create key to avoid enter password twice
|
12
13
|
def create_key
|
13
|
-
add_key(
|
14
|
-
add_key(
|
14
|
+
add_key('volume.key', @dev_root)
|
15
|
+
add_key('home.key', @dev_home) if @home_disk
|
15
16
|
end
|
16
17
|
|
17
18
|
# Key need to be added in dracut.conf.d and crypttab
|
@@ -26,25 +27,25 @@ module Getch
|
|
26
27
|
def fstab
|
27
28
|
conf = "#{MOUNTPOINT}/etc/fstab"
|
28
29
|
File.write(conf, "\n", mode: 'w', chmod: 0644)
|
29
|
-
line_fstab(@dev_esp,
|
30
|
-
line_fstab(@dev_boot,
|
30
|
+
line_fstab(@dev_esp, '/efi vfat noauto,rw,relatime 0 0') if @dev_esp
|
31
|
+
line_fstab(@dev_boot, '/boot ext4 noauto,rw,relatime 0 0') if @dev_boot
|
31
32
|
add_line(conf, "#{@luks_swap} none swap sw 0 0") if @dev_swap
|
32
33
|
add_line(conf, "#{@luks_home} /home ext4 rw,discard 0 0") if @home_disk
|
33
34
|
add_line(conf, "#{@luks_root} / ext4 rw,relatime 0 1")
|
34
|
-
add_line(conf,
|
35
|
+
add_line(conf, 'tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0')
|
35
36
|
end
|
36
37
|
|
37
38
|
def crypttab
|
38
39
|
conf = "#{MOUNTPOINT}/etc/crypttab"
|
39
40
|
File.write(conf, "\n", mode: 'w', chmod: 0644)
|
40
|
-
line_crypttab(
|
41
|
-
line_crypttab(
|
42
|
-
line_crypttab(
|
41
|
+
line_crypttab('cryptswap', @dev_swap, '/dev/urandom', 'swap,discard,cipher=aes-xts-plain64:sha256,size=512') if @dev_swap
|
42
|
+
line_crypttab('cryptroot', @dev_root, '/boot/volume.key', 'luks')
|
43
|
+
line_crypttab('crypthome', @dev_home, '/boot/home.key', 'luks') if @home_disk
|
43
44
|
end
|
44
45
|
|
45
46
|
def config_grub
|
46
47
|
conf = "#{MOUNTPOINT}/etc/default/grub"
|
47
|
-
content =
|
48
|
+
content = 'GRUB_ENABLE_CRYPTODISK=y'
|
48
49
|
unless search(conf, content)
|
49
50
|
File.write(conf, "#{content}\n", mode: 'a')
|
50
51
|
end
|
@@ -53,10 +54,9 @@ module Getch
|
|
53
54
|
def config_dracut
|
54
55
|
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/ext4.conf"
|
55
56
|
content = [
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
""
|
57
|
+
'hostonly="yes"',
|
58
|
+
'omit_dracutmodules+=" btrfs lvm "',
|
59
|
+
'install_items+=" /boot/volume.key /etc/crypttab "',
|
60
60
|
]
|
61
61
|
File.write(conf, content.join("\n"), mode: 'w', chmod: 0644)
|
62
62
|
#add_line(conf, "install_items+=\" /boot/home.key \"") if @home_disk
|
@@ -71,26 +71,27 @@ module Getch
|
|
71
71
|
end
|
72
72
|
|
73
73
|
def finish
|
74
|
-
puts
|
75
|
-
puts
|
74
|
+
puts '+ Enter in your system: chroot /mnt /bin/bash'
|
75
|
+
puts '+ Reboot with: shutdown -r now'
|
76
76
|
end
|
77
77
|
|
78
78
|
private
|
79
79
|
|
80
80
|
def b_uuid(dev)
|
81
|
-
device = dev.delete_prefix(
|
82
|
-
Dir.glob(
|
81
|
+
device = dev.delete_prefix('/dev/')
|
82
|
+
Dir.glob('/dev/disk/by-uuid/*').each do |f|
|
83
83
|
link = File.readlink(f)
|
84
|
-
return f.delete_prefix(
|
85
|
-
|
84
|
+
return f.delete_prefix('/dev/disk/by-uuid/') if link.match(/#{device}$/)
|
85
|
+
end
|
86
86
|
end
|
87
87
|
|
88
88
|
# line_crypttab("cryptswap", "sda2", "/dev/urandom", "luks")
|
89
89
|
def line_crypttab(mapname, dev, point, rest)
|
90
90
|
conf = "#{MOUNTPOINT}/etc/crypttab"
|
91
91
|
device = s_uuid(dev)
|
92
|
-
raise "No partuuid for #{dev} #{device}"
|
92
|
+
raise "No partuuid for #{dev} #{device}" unless device
|
93
93
|
raise "Bad partuuid for #{dev} #{device}" if device.kind_of? Array
|
94
|
+
|
94
95
|
add_line(conf, "#{mapname} PARTUUID=#{device} #{point} #{rest}")
|
95
96
|
end
|
96
97
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Ext4
|
@@ -10,6 +12,7 @@ module Getch
|
|
10
12
|
|
11
13
|
def format
|
12
14
|
return if STATES[:format]
|
15
|
+
|
13
16
|
exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
|
14
17
|
exec("mkswap -f #{@dev_swap}")
|
15
18
|
exec("mkfs.ext4 -F #{@dev_root}")
|
@@ -1,10 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Ext4
|
4
6
|
class Partition < Getch::FileSystem::Ext4::Device
|
5
7
|
def initialize
|
6
8
|
super
|
7
|
-
@state = Getch::States.new
|
9
|
+
@state = Getch::States.new
|
8
10
|
@clean = Getch::FileSystem::Clean
|
9
11
|
@partition = Getch::FileSystem::Partition.new
|
10
12
|
run_partition
|
@@ -12,9 +14,10 @@ module Getch
|
|
12
14
|
|
13
15
|
def run_partition
|
14
16
|
return if STATES[:partition ]
|
17
|
+
|
15
18
|
@clean.hdd(@disk)
|
16
19
|
@clean.external_disk(@disk, @boot_disk, @cache_disk, @home_disk)
|
17
|
-
if Helpers
|
20
|
+
if Helpers.efi?
|
18
21
|
partition_efi
|
19
22
|
else
|
20
23
|
partition_bios
|
@@ -32,8 +35,8 @@ module Getch
|
|
32
35
|
# /home - Home
|
33
36
|
@partition.efi(@dev_esp)
|
34
37
|
@partition.swap(@dev_swap)
|
35
|
-
@partition.root(@dev_root,
|
36
|
-
@partition.home(@dev_home,
|
38
|
+
@partition.root(@dev_root, '8304')
|
39
|
+
@partition.home(@dev_home, '8302') if @dev_home
|
37
40
|
end
|
38
41
|
|
39
42
|
def partition_bios
|
@@ -43,8 +46,8 @@ module Getch
|
|
43
46
|
# /home - Home
|
44
47
|
@partition.gpt(@dev_gpt)
|
45
48
|
@partition.swap(@dev_swap)
|
46
|
-
@partition.root(@dev_root,
|
47
|
-
@partition.home(@dev_home,
|
49
|
+
@partition.root(@dev_root, '8304')
|
50
|
+
@partition.home(@dev_home, '8302') if @dev_home
|
48
51
|
end
|
49
52
|
end
|
50
53
|
end
|
@@ -1,19 +1,20 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Getch
|
4
4
|
module FileSystem
|
5
5
|
module Ext4
|
6
6
|
class Void < Device
|
7
7
|
include Helpers::Void
|
8
|
+
|
8
9
|
attr_reader :boot_disk
|
9
10
|
|
10
11
|
def fstab
|
11
12
|
conf = "#{MOUNTPOINT}/etc/fstab"
|
12
13
|
File.write(conf, "\n", mode: 'w', chmod: 0644)
|
13
|
-
line_fstab(@dev_esp,
|
14
|
-
line_fstab(@dev_swap,
|
15
|
-
line_fstab(@dev_root,
|
16
|
-
add_line(conf,
|
14
|
+
line_fstab(@dev_esp, '/efi vfat noauto,rw,relatime 0 0') if @dev_esp
|
15
|
+
line_fstab(@dev_swap, 'swap swap rw,noatime,discard 0 0') if @dev_swap
|
16
|
+
line_fstab(@dev_root, '/ ext4 rw,relatime 0 1')
|
17
|
+
add_line(conf, 'tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0')
|
17
18
|
end
|
18
19
|
|
19
20
|
def config_dracut
|
@@ -34,8 +35,8 @@ module Getch
|
|
34
35
|
end
|
35
36
|
|
36
37
|
def finish
|
37
|
-
puts
|
38
|
-
puts
|
38
|
+
puts '+ Enter in your system: chroot /mnt /bin/bash'
|
39
|
+
puts '+ Reboot with: shutdown -r now'
|
39
40
|
end
|
40
41
|
end
|
41
42
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Lvm
|
@@ -5,36 +7,19 @@ module Getch
|
|
5
7
|
def initialize
|
6
8
|
super
|
7
9
|
gen_uuid
|
8
|
-
@root_dir = MOUNTPOINT
|
9
10
|
@init = '/usr/lib/systemd/systemd'
|
10
11
|
end
|
11
12
|
|
12
13
|
def fstab
|
13
|
-
file = "#{
|
14
|
+
file = "#{MOUNTPOINT}/etc/fstab"
|
14
15
|
datas = data_fstab
|
15
16
|
File.write(file, datas.join("\n"))
|
16
17
|
end
|
17
18
|
|
18
|
-
def
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
datas_gentoo = [
|
23
|
-
'title Gentoo Linux',
|
24
|
-
'linux /vmlinuz',
|
25
|
-
'initrd /initramfs',
|
26
|
-
"options resume=#{@lv_swap} root=#{@lv_root} init=#{@init} dolvm rw"
|
27
|
-
]
|
28
|
-
File.write("#{dir}/gentoo.conf", datas_gentoo.join("\n"))
|
29
|
-
end
|
30
|
-
|
31
|
-
def grub
|
32
|
-
return if @efi
|
33
|
-
file = "#{@root_dir}/etc/default/grub"
|
34
|
-
cmdline = [
|
35
|
-
"GRUB_CMDLINE_LINUX=\"resume=#{@lv_swap} root=#{@lv_root} init=#{@init} dolvm rw\""
|
36
|
-
]
|
37
|
-
File.write("#{file}", cmdline.join("\n"), mode: 'a')
|
19
|
+
def cmdline
|
20
|
+
conf = "#{MOUNTPOINT}/etc/dracut.conf.d/cmdline.conf"
|
21
|
+
line = "resume=#{@lv_swap} rd.lvm.vg=#{@vg} init=#{@init}"
|
22
|
+
File.write conf, "kernel_cmdline=\"#{line}\"\n"
|
38
23
|
end
|
39
24
|
|
40
25
|
private
|
@@ -1,17 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Lvm
|
4
6
|
class Deps
|
5
7
|
def make
|
6
|
-
install_bios unless Helpers
|
8
|
+
install_bios unless Helpers.efi?
|
7
9
|
install_deps
|
8
10
|
options_make
|
9
|
-
Getch::Make.new(
|
11
|
+
Getch::Make.new('genkernel --kernel-config=/usr/src/linux/.config all').run!
|
10
12
|
end
|
11
13
|
|
12
14
|
private
|
13
15
|
def options_make
|
14
|
-
grub = Helpers
|
16
|
+
grub = Helpers.efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
|
15
17
|
datas = [
|
16
18
|
'',
|
17
19
|
grub,
|
@@ -30,7 +32,7 @@ module Getch
|
|
30
32
|
def install_deps
|
31
33
|
Getch::Bask.new('-a lvm').run!
|
32
34
|
Getch::Emerge.new('sys-fs/lvm2 genkernel').pkg!
|
33
|
-
exec(
|
35
|
+
exec('systemctl enable lvm2-monitor')
|
34
36
|
end
|
35
37
|
|
36
38
|
def exec(cmd)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Lvm
|
@@ -6,21 +8,21 @@ module Getch
|
|
6
8
|
def initialize
|
7
9
|
super
|
8
10
|
gen_uuid
|
9
|
-
@root_dir = MOUNTPOINT
|
10
11
|
@init = '/usr/lib/systemd/systemd'
|
11
12
|
crypttab
|
12
13
|
end
|
13
14
|
|
14
15
|
def fstab
|
15
|
-
file = "#{
|
16
|
+
file = "#{MOUNTPOINT}/etc/fstab"
|
16
17
|
datas = data_fstab
|
17
|
-
File.write
|
18
|
+
File.write file, datas.join("\n")
|
18
19
|
end
|
19
20
|
|
20
21
|
def systemd_boot
|
21
|
-
return
|
22
|
+
return unless Helpers.efi?
|
23
|
+
|
22
24
|
esp = '/efi'
|
23
|
-
dir = "#{
|
25
|
+
dir = "#{MOUNTPOINT}/#{esp}/loader/entries/"
|
24
26
|
datas_gentoo = [
|
25
27
|
'title Gentoo Linux',
|
26
28
|
'linux /vmlinuz',
|
@@ -34,17 +36,18 @@ module Getch
|
|
34
36
|
datas = [
|
35
37
|
"cryptswap #{@lv_swap} /dev/urandom swap,cipher=aes-xts-plain64:sha256,size=512"
|
36
38
|
]
|
37
|
-
File.write("#{
|
39
|
+
File.write("#{MOUNTPOINT}/etc/crypttab", datas.join("\n"))
|
38
40
|
end
|
39
41
|
|
40
42
|
def grub
|
41
|
-
return if Helpers
|
42
|
-
|
43
|
+
return if Helpers.efi?
|
44
|
+
|
45
|
+
file = "#{MOUNTPOINT}/etc/default/grub"
|
43
46
|
cmdline = [
|
44
47
|
"GRUB_CMDLINE_LINUX=\"crypt_root=UUID=#{@uuid_dev_root} root=/dev/mapper/root real_root=#{@lv_root} init=#{@init} dolvm rw slub_debug=P page_poison=1 slab_nomerge pti=on vsyscall=none spectre_v2=on spec_store_bypass_disable=seccomp iommu=force keymap=#{Getch::OPTIONS[:keymap]}\"",
|
45
48
|
"GRUB_ENABLE_CRYPTODISK=y"
|
46
49
|
]
|
47
|
-
File.write(
|
50
|
+
File.write(file, cmdline.join("\n"), mode: 'a')
|
48
51
|
end
|
49
52
|
|
50
53
|
private
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Lvm
|
@@ -6,12 +8,13 @@ module Getch
|
|
6
8
|
def make
|
7
9
|
install_deps
|
8
10
|
options_make
|
9
|
-
Getch::Make.new(
|
11
|
+
Getch::Make.new('genkernel --kernel-config=/usr/src/linux/.config all').run!
|
10
12
|
end
|
11
13
|
|
12
14
|
private
|
15
|
+
|
13
16
|
def options_make
|
14
|
-
grub = Helpers
|
17
|
+
grub = Helpers.efi? ? 'BOOTLOADER="no"' : 'BOOTLOADER="grub2"'
|
15
18
|
datas = [
|
16
19
|
'',
|
17
20
|
grub,
|
@@ -33,7 +36,7 @@ module Getch
|
|
33
36
|
# lvm2, cryptsetup alrealy installed
|
34
37
|
Getch::Bask.new('-a lvm').run!
|
35
38
|
Getch::Emerge.new('genkernel').pkg!
|
36
|
-
exec(
|
39
|
+
exec('systemctl enable lvm2-monitor')
|
37
40
|
end
|
38
41
|
|
39
42
|
def exec(cmd)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Lvm
|
@@ -9,8 +11,8 @@ module Getch
|
|
9
11
|
@lv_root = "/dev/#{@vg}/root"
|
10
12
|
@lv_swap = "/dev/#{@vg}/swap"
|
11
13
|
@lv_home = @home_disk ? "/dev/#{@vg}/home" : nil
|
12
|
-
@luks_root =
|
13
|
-
@luks_home = @home_disk ?
|
14
|
+
@luks_root = '/dev/mapper/cryptroot'
|
15
|
+
@luks_home = @home_disk ? '/dev/mapper/crypthome' : nil
|
14
16
|
end
|
15
17
|
|
16
18
|
private
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Getch
|
2
4
|
module FileSystem
|
3
5
|
module Lvm
|
@@ -12,6 +14,7 @@ module Getch
|
|
12
14
|
|
13
15
|
def format
|
14
16
|
return if STATES[:format]
|
17
|
+
|
15
18
|
puts "Format #{@disk}"
|
16
19
|
exec("mkfs.fat -F32 #{@dev_esp}") if @dev_esp
|
17
20
|
exec("mkfs.#{@fs} -F #{@dev_boot}") if @dev_boot
|
@@ -21,6 +24,7 @@ module Getch
|
|
21
24
|
end
|
22
25
|
|
23
26
|
private
|
27
|
+
|
24
28
|
def exec(cmd)
|
25
29
|
Getch::Command.new(cmd).run!
|
26
30
|
end
|