getch 0.1.9 → 0.3.0

data/lib/getch/void.rb

@@ -1,65 +1,15 @@
 # frozen_string_literal: true
 
-require_relative 'void/stage'
-require_relative 'void/config'
-require_relative 'void/chroot'
-#require_relative 'void/sources'
-require_relative 'void/boot'
-
 module Getch
   module Void
-    class Main
-      def initialize
-        @state = Getch::States.new
-      end
-
-      def root_fs
-        return if STATES[:gentoo_base]
-
-        xbps = Getch::Void::RootFS.new
-        xbps.search_archive
-        xbps.download
-        xbps.checksum
-        @state.stage3
-      end
-
-      def config
-        return if STATES[:gentoo_config]
-
-        config = Getch::Void::Config.new
-        config.host
-        config.network
-        config.system
-        config.locale
-        @state.config
-      end
-
-      def chroot
-        return if STATES[:gentoo_kernel]
-
-        chroot = Getch::Void::Chroot.new
-        chroot.update
-        chroot.fs
-        chroot.extras
-        chroot.install_pkgs
-      end
-
-      def kernel
-        return if STATES[:gentoo_kernel]
-
-        Getch::Void::Sources.new
-        @state.kernel
-      end
-
-      def boot
-        boot = Getch::Void::Boot.new
-        boot.new_user
-        boot.fstab
-        boot.dracut
-        boot.grub
-        boot.initramfs
-        boot.finish
-      end
-    end
   end
 end
+
+require_relative 'void/tarball'
+require_relative 'void/pre_config'
+require_relative 'void/update'
+require_relative 'void/post_config'
+require_relative 'void/terraform'
+require_relative 'void/services'
+require_relative 'void/bootloader'
+require_relative 'void/finalize'

data/lib/getch.rb

@@ -5,7 +5,10 @@ require_relative 'getch/options'
 require_relative 'getch/states'
 require_relative 'getch/gentoo'
 require_relative 'getch/void'
+require_relative 'getch/device'
 require_relative 'getch/filesystem'
+require_relative 'getch/tree'
+require_relative 'getch/assembly'
 require_relative 'getch/command'
 require_relative 'getch/log'
 require_relative 'getch/config'
@@ -15,72 +18,65 @@ require_relative 'getch/version'
 module Getch
 
   OPTIONS = {
-    :language => 'en_US',
-    :zoneinfo => 'US/Eastern',
-    :keymap => 'us',
-    :disk => false,
-    :fs => 'ext4',
-    :username => false,
-    :os => 'gentoo',
-    :boot_disk => false,
-    :cache_disk => false,
-    :home_disk => false,
-    :encrypt => false,
-    :verbose => false
+    boot_disk: false,
+    disk: false,
+    cache_disk: false,
+    encrypt: false,
+    fs: 'ext4',
+    home_disk: false,
+    keymap: 'us',
+    language: 'en_US',
+    luks_name: 'luks',
+    lvm: false,
+    mountpoint: '/mnt/getch',
+    musl: false,
+    os: 'gentoo',
+    timezone: 'UTC',
+    username: false,
+    verbose: false,
+    vg_name: 'vg4',
+    zfs_name: 'pool'
   }
 
   STATES = {
-    :partition => false,
-    :format => false,
-    :mount => false,
-    :gentoo_base => false,
-    :gentoo_config => false,
-    :gentoo_update => false,
-    :gentoo_bootloader => false,
-    :gentoo_kernel => false
+    partition: false,
+    format: false,
+    mount: false,
+    tarball: false,
+    pre_config: false,
+    update: false,
+    post_config: false,
+    terraform: false,
+    bootloader: false,
+    services: false,
+    finalize: false,
   }
 
-  MOUNTPOINT = '/mnt/gentoo'
-
-  DEFAULT_FS = {
-    true => {
-      ext4: FileSystem::Ext4::Encrypt,
-      lvm: FileSystem::Lvm::Encrypt,
-      zfs: FileSystem::Zfs::Encrypt
-    },
-    false => {
-      ext4: FileSystem::Ext4,
-      lvm: FileSystem::Lvm,
-      zfs: FileSystem::Zfs,
-    }
-  }.freeze
-
-  def self.select_fs
-    encrypt = OPTIONS[:encrypt]
-    fs_sym = OPTIONS[:fs].to_sym
-    DEFAULT_FS[encrypt][fs_sym]
-  end
+  MOUNTPOINT = '/mnt/getch'
+  DEVS = {}
 
   class Main
     def initialize(argv)
       argv[:cli]
-      @class_fs = Getch::select_fs
       @log = Log.new
-      Getch::States.new # Update States
+      @assembly = Assembly.new
     end
 
     def resume
-      raise 'No disk, use at least getch with -d DISK' unless OPTIONS[:disk]
+      STATES[:partition] && return
+
+      @log.fatal 'No disk, use at least getch with -d DISK' unless OPTIONS[:disk]
 
       puts "\nBuild " + OPTIONS[:os].capitalize + " Linux with the following args:\n"
       puts
       puts "\tLang: #{OPTIONS[:language]}"
-      puts "\tZoneinfo: #{OPTIONS[:zoneinfo]}"
+      puts "\tTimezone: #{OPTIONS[:timezone]}"
       puts "\tKeymap: #{OPTIONS[:keymap]}"
       puts "\tDisk: #{OPTIONS[:disk]}"
       puts "\tFilesystem: #{OPTIONS[:fs]}"
       puts "\tUsername: #{OPTIONS[:username]}"
       puts "\tEncrypt: #{OPTIONS[:encrypt]}"
+      puts "\tMusl: #{OPTIONS[:musl]}"
       puts
       puts "\tseparate-boot disk: #{OPTIONS[:boot_disk]}"
       puts "\tseparate-cache disk: #{OPTIONS[:cache_disk]}"
@@ -89,67 +85,39 @@ module Getch
       print 'Continue? (y,N) '
       case gets.chomp
       when /^y|^Y/
-        return
       else
         exit
       end
     end
 
-    def partition
-      return if STATES[:partition]
-
-      puts
-      print "Partition and format disk #{OPTIONS[:disk]}, this will erase all data, continue? (y,N) "
-      case gets.chomp
-      when /^y|^Y/
-        @log.info('Partition start')
-        @class_fs::Partition.new
-      else
-        exit
-      end
+    def prepare_disk
+      @assembly.clean
+      @assembly.partition
+      @assembly.format
+      @assembly.mount
     end
 
-    def format
-      return if STATES[:format]
-
-      @class_fs::Format.new
+    def install_system
+      @assembly.tarball
+      @assembly.pre_config
+      @assembly.update
+      @assembly.post_config
     end
 
-    def mount
-      return if STATES[:mount]
-
-      @class_fs::Mount.new.run
+    def terraform
+      @assembly.terraform
+      @assembly.services
     end
 
-    def install
-      if OPTIONS[:os] == 'gentoo'
-        install_gentoo
-      elsif OPTIONS[:os] == 'void'
-        install_void
-      else
-        puts "Options #{OPTIONS[:os]} not supported...."
-        exit 1
-      end
+    def bootloader
+      @assembly.luks_keys
+      @assembly.bootloader
     end
 
-    def install_gentoo
-      gentoo = Getch::Gentoo::Main.new
-      gentoo.stage3
-      gentoo.config
-      gentoo.chroot
-      gentoo.bootloader
-      gentoo.kernel
-      gentoo.boot
+    def finalize
+      @assembly.finalize
     end
 
-    def install_void
-      void = Getch::Void::Main.new
-      void.root_fs
-      void.config
-      void.chroot
-      void.boot
-    end
-    
     def configure
       config = Getch::Config::Main.new
       config.ethernet

data/lib/luks.rb

@@ -0,0 +1,239 @@
+# frozen_string_literal: true
+
+require 'nito'
+require 'getch/log'
+require 'getch/command'
+
+module Luks
+  class Main
+    include Luks
+    include NiTo
+
+    Permission = Class.new(StandardError)
+
+    def initialize(disk, options)
+      @disk = disk
+      @format = options[:fs]
+      @mountpoint = options[:mountpoint]
+      @luks_type = nil
+      @key_dir = nil
+      @key_name = nil
+      @mount = nil
+      @bootloader = false
+      @log = Getch::Log.new
+      @bs = get_bs
+    end
+
+    def encrypt
+      args = @luks_type == 'luks2' ? "#{@command_args} --sector-size #{@bs}" : @command_args
+      @log.info "Encrypting #{@luks_name} > #{@disk}...\n"
+      cmd_crypt 'cryptsetup', 'luksFormat', args, "/dev/#{@disk}"
+    end
+
+    def encrypt_with_key
+      make_key
+      args = @luks_type == 'luks2' ?
+        "#{@command_args} -q --sector-size #{@bs} -d #{@full_key_path}" :
+        "#{@command_args} -q -d #{@full_key_path}"
+      @log.info "Encrypting #{@luks_name} with #{@full_key_path}...\n"
+      cmd_crypt 'cryptsetup', 'luksFormat', args, "/dev/#{@disk}"
+    end
+
+    def open
+      return if File.exist? "/dev/mapper/#{@luks_name}"
+
+      @log.info "Opening #{@luks_name} > #{@disk}...\n"
+      cmd_crypt 'cryptsetup', 'open', @command_args, "/dev/#{@disk}", @luks_name
+      unless File.exist? "/dev/mapper/#{@luks_name}"
+        raise "No dev /dev/mapper/#{@luks_name}, open it first..."
+      end
+    end
+
+    def open_with_key(file = nil)
+      return if File.exist? "/dev/mapper/#{@luks_name}"
+
+      @full_key_path = "#{@mountpoint}#{@key_path}"
+      key = file ? file : @full_key_path
+      @log.info "Opening #{@luks_name} disk #{@disk} with #{key}...\n"
+      cmd_crypt 'cryptsetup', 'open', @command_args, '-d', key, "/dev/#{@disk}", @luks_name
+    end
+
+    def format
+      case @format
+      when 'ext4'
+        format_ext4
+      when 'xfs'
+        format_xfs
+      when 'fat'
+        format_fat
+      else
+        @log.fatal "#{@format} not yet supported."
+      end
+    end
+
+    def external_key
+      make_key
+      @log.info "Adding key for #{@luks_name}...\n"
+      cmd_crypt 'cryptsetup', 'luksAddKey', "/dev/#{@disk}", @full_key_path
+    end
+
+    def write_config
+      config
+      perm
+    end
+
+    def mount
+      mountpoint = @luks_name =~ /^root/ ? @mountpoint : "#{@mountpoint}#{@mount}"
+      NiTo.mount "/dev/mapper/#{@luks_name}", mountpoint
+    end
+
+    def close
+      return unless File.exist? "/dev/mapper/#{@luks_name}"
+
+      @log.info "Closing #{@luks_name}...\n"
+      cmd_crypt 'cryptsetup', 'close', @luks_name
+    end
+
+    def gen_datas
+    end
+
+    protected
+
+    def make_key
+      @key_path = "#{@key_dir}/#{@key_name}"
+      @full_key_path = "#{@mountpoint}#{@key_path}"
+      @log.info "Generating key...\n"
+      mkdir "#{@mountpoint}#{@key_dir}"
+      sh 'dd', 'bs=512', 'count=8', 'iflag=fullblock', 'if=/dev/urandom', "of=#{@full_key_path}"
+    end
+
+    # https://wiki.archlinux.org/title/Advanced_Format#File_systems
+    def format_ext4
+      @log.info "Formating disk with #{@format}...\n"
+      sh 'mkfs.ext4', '-F', '-b', @bs, "/dev/mapper/#{@luks_name}"
+    end
+
+    # https://wiki.archlinux.org/title/Advanced_Format#File_systems
+    def format_xfs
+      @log.info "Formating disk with #{@format}...\n"
+      sh 'mkfs.xfs', '-f', '-s', "size=#{@bs}", "/dev/mapper/#{@luks_name}"
+    end
+
+    def config
+      @key_path = "#{@key_dir}/#{@key_name}"
+      uuid = Getch::Helpers.uuid @disk
+      @log.info "Writing configs for #{@luks_name}...\n"
+
+      @log.info " * Writing #{@mountpoint}/etc/crypttab..."
+      line = "#{@luks_name} UUID=#{uuid} #{@key_path} luks"
+      echo_a "#{@mountpoint}/etc/crypttab", line
+      @log.result_ok
+
+      config_openrc
+      config_grub
+    end
+
+    # https://wiki.gentoo.org/wiki/Dm-crypt#Configuring_dm-crypt
+    def config_openrc
+      Getch::Helpers.openrc? || return
+
+      conf = "#{@mountpoint}/etc/conf.d/dmcrypt"
+      uuid = Getch::Helpers.uuid @disk
+      echo_a conf, "target=#{@luks_name}"
+      echo_a conf, "source=UUID=\"#{uuid}\""
+      echo_a conf, "key=#{@key_path}"
+    end
+
+    def config_grub
+      return unless @bootloader
+
+      if Getch::Helpers.grub?
+        @log.info ' * Writing to /etc/default/grub...'
+        line = 'GRUB_ENABLE_CRYPTODISK=y'
+        echo_a "#{@mountpoint}/etc/default/grub", line
+        @log.result_ok
+      end
+    end
+
+    def perm
+      @key_path = "#{@key_dir}/#{@key_name}"
+      @full_key_path = "#{@mountpoint}#{@key_path}"
+      @log.info "Enforcing permission on #{@full_key_path}..."
+      File.chmod 0400, "#{@mountpoint}#{@key_dir}"
+      File.chmod 0000, @full_key_path
+      File.chown 0, 0, @full_key_path
+      @log.result_ok
+    end
+
+    private
+
+    def get_bs
+      @disk || @log.fatal("No disk for #{@luks_name}.")
+
+      sh 'blockdev', '--getpbsz', "/dev/#{@disk}"
+    end
+
+    def cmd_crypt_raw(*args)
+      system args.join(' ')
+      return if $?.exitstatus == 0
+
+      @log.dbg args.join(' ')
+      @log.dbg $?
+      @log.fatal 'die'
+    end
+
+    def cmd_crypt(*args)
+      cmd_crypt_raw args
+    rescue => e
+      @log.fatal e
+    end
+
+    def sh(*args)
+      Getch::Command.new(args)
+    end
+  end
+
+  # Boot can decrypt the root (/)
+  class Boot < Main
+    def initialize(disk, options)
+      super
+      @luks_type = 'luks1'
+      @key_dir = '/boot'
+      @key_name = 'boot.key'
+      @bootloader = true
+      @mount = '/boot'
+      @luks = options[:luks_name]
+      @luks_name = "boot-#{@luks}"
+      @command_args = "--type #{@luks_type}"
+    end
+  end
+
+  # Root can decrypt the /home or other devs
+  class Root < Main
+    def initialize(disk, options)
+      super
+      @luks_type = 'luks2'
+      @key_dir = '/boot'
+      @key_name = 'root.key'
+      @luks = options[:luks_name]
+      @luks_name = "root-#{@luks}"
+      @mount = '/'
+      @command_args = "--type #{@luks_type}"
+      @bootloader = false
+    end
+  end
+
+  class Home < Main
+    def initialize(disk, options)
+      super
+      @luks_type = 'luks2'
+      @key_dir = '/root/keys'
+      @key_name = 'home.key'
+      @mount = '/home'
+      @command_args = "--type #{@luks_type}"
+      @luks = options[:luks_name]
+      @luks_name = "home-#{@luks}"
+      @bootloader = false
+    end
+  end
+end

data/lib/lvm2.rb

@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+
+require 'getch/command'
+
+module Lvm2
+  class Root
+    def initialize(devs, options)
+      @cache = options[:cache_disk] ||= nil
+      @root = devs[:root] ||= nil
+      @home = options[:home_disk] ||= nil
+      @vg = options[:vg_name] ||= 'vg1'
+    end
+
+    def x
+      load_datas
+      pv_create
+      vg_create
+      lv_setup
+      enable_lvs
+    end
+
+    protected
+
+    def load_datas
+      @path_root = "/dev/#{@root}"
+      @path_cache = "/dev/#{@cache}"
+      @path_home = "/dev/#{@home}"
+    end
+
+    def pv_create
+      devs = [ @path_root ]
+      @cache && devs << @path_cache
+      @home && devs << @path_home
+      devs.each { |d| d && add_pv(d) }
+    end
+
+    def vg_create
+      devs = [ @path_root ]
+      @cache && devs << @path_cache
+      @home && devs << @path_home
+      add_vg devs
+    end
+
+    def lv_setup
+      @cache ? add_swap(@path_cache) : add_swap
+      add_lv_root
+      @home ? add_home(@path_home) : add_home
+    end
+
+    def enable_lvs
+      lvchange_y 'home'
+      lvchange_y 'swap'
+      lvchange_y 'root'
+    end
+
+    private
+
+    def add_pv(dev)
+      File.exist? dev || @log.fatal("add_pv - no #{dev} exist.")
+
+      Getch::Command.new('pvcreate', '-f', dev)
+    end
+
+    def add_vg(*devs)
+      Getch::Command.new('vgcreate', '-f', @vg, devs.join(' '))
+    end
+
+    def add_swap(dev = nil)
+      mem = Getch::Helpers.get_memory
+      lvcreate('-L', mem, '-n', 'swap', @vg, dev)
+    end
+
+    # if home is available, we use the whole space.
+    def add_lv_root
+      @home ?
+        @root.match?(/[0-9]/) ? add_root : add_root(nil, @path_root) :
+        @root.match?(/[0-9]/) ? add_root('16G') : add_root('16G', @path_root)
+    end
+
+    def add_root(size = nil, dev = nil)
+      arg_size = size ? "-L #{size}" : '-l 100%FREE'
+      lvcreate(arg_size, '-n', 'root', @vg, dev)
+    end
+
+    def add_home(dev = nil)
+      lvcreate('-l', '100%FREE', '-n', 'home', @vg, dev)
+    end
+
+    def lvcreate(*args)
+      Getch::Command.new('lvcreate', '-y', '-Wy', '-Zy', args)
+    end
+
+    def lvchange_y(name)
+      return if File.exist? "/dev/#{@vg}/#{name}"
+
+      Getch::Command.new('lvchange', '-ay', "/dev/#{@vg}/#{name}")
+    end
+  end
+
+  class Hybrid < Root
+    def initialize(devs, options)
+      super
+      @luks = options[:luks_name]
+    end
+
+    def load_datas
+      @path_root = "/dev/mapper/root-#{@luks}"
+      @path_cache = "/dev/mapper/cache-#{@luks}"
+      @path_home = "/dev/mapper/home-#{@luks}"
+    end
+  end
+end