getch 0.1.9 → 0.3.3

data/lib/getch/gentoo/sources.rb

@@ -1,86 +1,93 @@
 # frozen_string_literal: true
 
 require 'cmdline'
+require 'nito'
 
 module Getch
   module Gentoo
     class Sources
+      include NiTo
+
       def initialize
+        @log = Log.new
         @lsmod = `lsmod`.chomp
-        @class_fs = Getch::select_fs
-        @filesystem = @class_fs::Deps.new
+        x
+      end
+
+      protected
+
+      def x
+        bask
+        gen_cmdline
+        grub_mkconfig
+        use_flags
+        make
       end
 
       def bask
-        puts ' ==> Hardening kernel...'
+        @log.info "Kernel hardening...\n"
         #Getch::Bask.new('10_kspp.config').cp
         Getch::Bask.new('11-kspp-gcc.config').cp
         Getch::Bask.new('12-kspp-x86_64.config').cp
         #Getch::Bask.new('20-clipos.config').cp
-        #Getch::Bask.new('30-grsecurity.config').cp
+        Getch::Bask.new('30-grsecurity.config').cp
         #Getch::Bask.new('40-kconfig-hardened.config').cp
         Getch::Bask.new('50-blacklist.config').cp
         Getch::Bask.new('51-blacklist-madaidans.config').cp
       end
 
-      def configs
-        gen_cmdline
-        grub_mkconfig unless Helpers.efi?
-      end
-
       def gen_cmdline
         cmdline = CmdLine::Kernel.new(workdir: "#{MOUNTPOINT}/etc/kernel")
         cmdline.main
       end
 
       def grub_mkconfig
-        file = "#{MOUNTPOINT}/etc/kernel/install.d/90-mkconfig.install"
+        return if Helpers.systemd? and Helpers.efi?
+
+        file = "#{OPTIONS[:mountpoint]}/etc/kernel/postinst.d/90-mkconfig.install"
         content = <<~SHELL
 #!/usr/bin/env sh
 set -o errexit
+
+if ! hash grub-mkconfig ; then
+ exit 0
+fi
 grub-mkconfig -o /boot/grub/grub.cfg
-exit 0
 SHELL
+        mkdir "#{OPTIONS[:mountpoint]}/etc/kernel/postinst.d"
         File.write file, content
         File.chmod 0755, file
       end
 
+      def use_flags
+        use = Getch::Gentoo::Use.new('sys-kernel/gentoo-kernel')
+        use.add('hardened')
+      end
+
+      # https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Kernel#Alternative:_Using_distribution_kernels
       def make
-        if Getch::OPTIONS[:fs] == 'lvm' ||
-            Getch::OPTIONS[:fs] == 'zfs' ||
-            Getch::OPTIONS[:encrypt]
-          @filesystem.make
-        else
-          make_kernel
-        end
+        Helpers.systemd? ?
+          Install.new('sys-kernel/installkernel-systemd-boot') :
+          Install.new('sys-kernel/installkernel-gentoo')
+
+        #Install.new 'sys-kernel/gentoo-kernel'
+        Install.new 'sys-kernel/gentoo-kernel-bin'
       end
 
       def load_modules
-        install_wifi
+        wifi
         flash_mod
       end
 
       private
 
-      def make_kernel
-        puts 'Compiling kernel sources'
-        Getch::Emerge.new('sys-kernel/gentoo-kernel').pkg!
-        is_kernel = Dir.glob("#{MOUNTPOINT}/boot/vmlinuz-*")
-        raise 'No kernel installed, compiling source fail...' if is_kernel == []
-      end
-
       def ismatch?(arg)
         @lsmod.match?(/#{arg}/)
       end
 
-      def install_wifi
+      def wifi
         return unless ismatch?('cfg80211')
 
-        wifi_drivers
-        Getch::Emerge.new('net-wireless/iwd').pkg!
-      end
-
-      def wifi_drivers
         conf = "#{MOUNTPOINT}/etc/modules-load.d/wifi.conf"
         File.delete(conf) if File.exist? conf
 
@@ -101,7 +108,6 @@ SHELL
       end
 
       def module_load(name, file)
-        return unless name
         return unless ismatch?(name)
 
         File.write(file, "#{name}\n", mode: 'a')

data/lib/getch/gentoo/tarball.rb

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+
+require 'open-uri'
+require 'open3'
+
+module Getch
+  module Gentoo
+    class Tarball
+      def initialize
+        @log = Log.new
+        @mirror = 'https://mirror.rackspace.com/gentoo'
+        @release = release
+        @stage_file = OPTIONS[:musl] ?
+          "stage3-amd64-musl-#{@release}.tar.xz" :
+          "stage3-amd64-systemd-#{@release}.tar.xz"
+      end
+
+      def x
+        get_stage3
+        control_files
+        checksum
+        install
+      end
+
+      protected
+
+      def stage3
+        OPTIONS[:musl] ?
+          @mirror + '/releases/amd64/autobuilds/latest-stage3-amd64-musl.txt' :
+          @mirror + '/releases/amd64/autobuilds/latest-stage3-amd64-systemd.txt'
+      end
+
+      def release
+        URI.open(stage3) do |file|
+          file.read.match(/^[[:alnum:]]+/)
+        end
+      rescue Net::OpenTimeout => e
+        @log.fatal "Problem with DNS? #{e}"
+      end
+
+      def file
+        "#{@release}/#{@stage_file}"
+      end
+
+      def get_stage3
+        Dir.chdir OPTIONS[:mountpoint]
+        return if File.exist? @stage_file
+
+        @log.info "wget #{@stage_file}, please wait...\n"
+        Helpers.get_file_online(@mirror + '/releases/amd64/autobuilds/' + file, @stage_file)
+      end
+
+      def control_files
+        @log.info "Download other files..."
+        ['DIGESTS', 'asc', 'CONTENTS.gz'].each do |f|
+          Helpers.get_file_online("#{@mirror}/releases/amd64/autobuilds/#{file}.#{f}", "#{@stage_file}.#{f}")
+        end
+        @log.result_ok
+      end
+
+      def checksum
+        @log.info 'Checking SHA512 checksum...'
+        command = "awk '/SHA512 HASH/{getline;print}' #{@stage_file}.DIGESTS | sha512sum --check"
+        _, stderr, status = Open3.capture3(command)
+        if status.success? then
+          @log.result_ok
+        else
+          cleaning
+          @log.fatal "Problem with the checksum, stderr\n#{stderr}"
+        end
+      end
+
+      def install
+        decompress
+        cleaning
+      end
+
+      private
+
+      # https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Stage
+      def decompress
+        cmd = "tar xpf #{@stage_file} --xattrs-include=\'*.*\' --numeric-owner"
+        Getch::Command.new(cmd)
+      end
+
+      def cleaning
+        Dir.glob('stage3-amd64-*').each { |f| File.delete(f) }
+      end
+    end
+  end
+end

data/lib/getch/gentoo/terraform.rb

@@ -0,0 +1,34 @@
+module Getch
+  module Gentoo
+    class Terraform
+      def initialize
+        x
+      end
+
+      protected
+
+      def x
+        Gentoo::Sources.new
+        install_pkgs
+        emerge_deep
+      end
+
+      def install_pkgs
+        @pkgs = 'app-portage/gentoolkit'
+        @pkgs << ' app-admin/sudo'
+        @pkgs << ' app-editors/vim'
+        @pkgs << ' net-firewall/iptables'
+        @pkgs << ' net-wireless/iwd'
+        @pkgs << ' net-misc/dhcpcd' unless Helpers.systemd?
+        @pkgs << ' sys-kernel/linux-firmware'
+        @pkgs << ' sys-firmware/intel-microcode'
+        @pkgs << ' sys-fs/dosfstools' if Helpers.efi?
+        Install.new(@pkgs)
+      end
+
+      def emerge_deep
+        ChrootOutput.new('emerge --deep --newuse @world')
+      end
+    end
+  end
+end

data/lib/getch/gentoo/update.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+require 'nito'
+
+module Getch
+  module Gentoo
+    class Update
+      include NiTo
+
+      def initialize
+        @log = Log.new
+        x
+      end
+
+      protected
+
+      def x
+        sync
+        add_musl_repo if OPTIONS[:musl]
+        update
+      end
+
+      private
+
+      def sync
+        gentoo_conf = "#{OPTIONS[:mountpoint]}/etc/portage/repos.conf/gentoo.conf"
+        @log.info "Synchronize index, please waiting...\n"
+        ChrootOutput.new('emaint sync --auto')
+        sed gentoo_conf, /^sync-type/, 'sync-type = rsync'
+      end
+
+      def add_musl_repo
+        Install.new('dev-vcs/git')
+
+        file = "#{OPTIONS[:mountpoint]}/etc/portage/repos.conf/musl.conf"
+        content = <<~CONF
+        [musl]
+        location = /var/db/repos/musl
+        sync-type = git
+        sync-uri = https://github.com/gentoo/musl.git
+        auto-sync = Yes
+        CONF
+        File.write file, "#{content}\n"
+
+        ChrootOutput.new('emaint sync -r musl')
+      end
+
+      def update
+        cmd = 'emerge --update --deep --newuse @world'
+        ChrootOutput.new(cmd)
+      end
+    end
+  end
+end

data/lib/getch/gentoo/use.rb

@@ -1,13 +1,17 @@
 # frozen_string_literal: true
 
+require 'nito'
+
 module Getch
   module Gentoo
     class Use
+      include NiTo
+
       def initialize(pkg = nil)
-        @use_dir = "#{MOUNTPOINT}/etc/portage/package.use"
+        @use_dir = "#{OPTIONS[:mountpoint]}/etc/portage/package.use"
         @pkg = pkg
         @file = @pkg ? @pkg.match(/[\w]+$/) : nil
-        @make = "#{MOUNTPOINT}/etc/portage/make.conf"
+        @make = "#{OPTIONS[:mountpoint]}/etc/portage/make.conf"
       end
 
       def add(*flags)
@@ -24,15 +28,14 @@ module Getch
 
       def write
         content = "#{@pkg} #{@flags}\n"
-        File.write("#{@use_dir}/#{@file}", content, mode: 'w')
+        echo "#{@use_dir}/#{@file}", content
       end
 
       def write_global
         list = []
-        @flags.each { |f| list << f unless Helpers.grep?(@make, /#{f}/) }
+        @flags.each { |f| list << f unless grep?(@make, f) }
         use = list.join(' ')
-        line = "USE=\"${USE} #{use}\"\n"
-        File.write(@make, line, mode: 'a')
+        echo_a @make, "USE=\"${USE} #{use}\""
       end
     end
   end

data/lib/getch/gentoo/use_flag.rb

@@ -4,13 +4,15 @@ module Getch
   module Gentoo
     class UseFlag
       def initialize
-        @efi = Helpers.efi?
+        x
       end
 
-      def apply
+      protected
+
+      def x
+        dist_kernel
         systemd
         pam
-        kernel
         kmod
         grub
         zfs
@@ -20,41 +22,40 @@ module Getch
 
       private
 
+      # https://wiki.gentoo.org/wiki/Project:Distribution_Kernel#Trying_it_out
+      def dist_kernel
+        use = Getch::Gentoo::Use.new
+        use.add_global('dist-kernel')
+      end
+
       def systemd
+        return unless Helpers.systemd?
+
         flags = []
         use = Getch::Gentoo::Use.new('sys-apps/systemd')
         flags << 'dns-over-tls'
-        flags << 'gnuefi' if @efi
+        flags << 'gnuefi' if Helpers.efi?
         use.add(flags)
       end
 
       def pam
         flags = []
         use = Getch::Gentoo::Use.new('sys-auth/pambase')
-        flags << '-passwdqc'
-        flags << 'pwquality'
         flags << 'sha512'
         use.add(flags)
       end
 
-      def kernel
-        use = Getch::Gentoo::Use.new('sys-kernel/gentoo-kernel')
-        use.add('hardened')
-      end
-
       def kmod
         use = Getch::Gentoo::Use.new('sys-apps/kmod')
         use.add('zstd', 'lzma')
       end
 
       def grub
-        return if @efi
-
         flags = []
         use = Getch::Gentoo::Use.new('sys-boot/grub')
-        flags << '-grub_platforms_efi-64'
-        flags << 'libzfs' if Getch::OPTIONS[:fs] == 'zfs'
-        flags << 'device-mapper' if Getch::OPTIONS[:fs] == 'lvm'
+        flags << '-grub_platforms_efi-64' unless Helpers.efi?
+        flags << 'libzfs' if OPTIONS[:fs] == 'zfs'
+        flags << 'device-mapper' if OPTIONS[:fs] == 'lvm' or OPTIONS[:encrypt]
         use.add(flags)
       end
 
@@ -65,10 +66,6 @@ module Getch
         use.add('rootfs')
         use = Getch::Gentoo::Use.new('sys-fs/zfs')
         use.add('rootfs')
-
-        # https://wiki.gentoo.org/wiki/Project:Distribution_Kernel
-        use = Getch::Gentoo::Use.new
-        use.add_global('dist-kernel')
       end
 
       def lvm

data/lib/getch/gentoo.rb

@@ -1,85 +1,19 @@
 # frozen_string_literal: true
 
-require_relative 'gentoo/stage'
-require_relative 'gentoo/config'
-require_relative 'gentoo/chroot'
-require_relative 'gentoo/bootloader'
 require_relative 'gentoo/sources'
-require_relative 'gentoo/boot'
 require_relative 'gentoo/use'
 require_relative 'gentoo/use_flag'
 
 module Getch
   module Gentoo
-    class Main
-      def initialize
-        @state = Getch::States.new
-      end
-
-      def stage3
-        return if STATES[:gentoo_base]
-
-        stage = Getch::Gentoo::Stage.new
-        stage.get_stage3
-        stage.control_files
-        stage.checksum
-        @state.stage3
-      end
-
-      def config
-        return if STATES[:gentoo_config]
-
-        config = Getch::Gentoo::Config.new
-        config.portage
-        config.portage_fs
-        config.portage_bashrc
-        config.repo
-        config.network
-        config.systemd
-        config.hostname
-        @state.config
-      end
-
-      def chroot
-        return if STATES[:gentoo_update]
-
-        chroot = Getch::Gentoo::Chroot.new
-        chroot.update
-        chroot.cpuflags
-        chroot.systemd
-
-        flags = Getch::Gentoo::UseFlag.new
-        flags.apply
-
-        chroot.world
-        chroot.kernel_license
-        chroot.install_pkgs
-        @state.update
-      end
-
-      def bootloader
-        return if STATES[:gentoo_bootloader]
-
-        bootloader = Getch::Gentoo::Bootloader.new
-        bootloader.start
-        @state.bootloader
-      end
-
-      def kernel
-        return if STATES[:gentoo_kernel]
-
-        source = Getch::Gentoo::Sources.new
-        source.bask
-        source.configs
-        source.make
-        source.load_modules
-        @state.kernel
-      end
-
-      def boot
-        boot = Getch::Gentoo::Boot.new
-        boot.start
-      end
-    end
   end
 end
+
+require_relative 'gentoo/tarball'
+require_relative 'gentoo/pre_config'
+require_relative 'gentoo/update'
+require_relative 'gentoo/post_config'
+require_relative 'gentoo/terraform'
+require_relative 'gentoo/services'
+require_relative 'gentoo/bootloader'
+require_relative 'gentoo/finalize'

data/lib/getch/guard.rb

@@ -16,7 +16,7 @@ module Getch
   module Guard
     def self.disk(name)
       raise InvalidDisk, 'No disk.' unless name
-      raise InvalidDisk, "Bad device name #{name}." unless name.match(/^sd[a-z]{1}$/)
+      raise InvalidDisk, "Bad device name #{name}." unless name.match(/^?d[a-z]{1}$/)
       raise InvalidDisk, "Disk /dev/#{name} no found." unless File.exist? "/dev/#{name}"
 
       name
@@ -27,8 +27,8 @@ module Getch
 
     def self.format(name)
       raise InvalidFormat, 'No format specified.' unless name
-      raise InvalidFormat, "Format #{name} not yet available." if name.match(/btrfs/)
-      raise InvalidFormat, "Format #{name} not supported." unless name.match(/zfs|lvm|ext4/)
+      raise InvalidFormat, "Format #{name} not yet available." if name.match(/btrfs|xfs/)
+      raise InvalidFormat, "Format #{name} not supported." unless name.match(/zfs|ext4/)
 
       name
     rescue InvalidFormat => e