Automated installation script that will install VoidLInux on LVM + LUKS - See https://wiki.voidlinux.eu/Install_LVM_LUKS for manual details

install.sh 5.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188
  1. #!/bin/bash
  2. set -e
  3. # Explicitely declare our LV array
  4. declare -A LV
  5. # Load config or defaults
  6. if [ -e ./config ]; then
  7. . ./config
  8. else
  9. PKG_LIST="base-system lvm2 cryptsetup grub"
  10. HOSTNAME="dom1.internal"
  11. KEYMAP="fr_CH"
  12. TIMEZONE="Europe/Zurich"
  13. LANG="en_US.UTF-8"
  14. DEVNAME="sda"
  15. VGNAME="vgpool"
  16. CRYPTSETUP_OPTS=""
  17. SWAP=0
  18. SWAPSIZE="16G"
  19. LV[root]="10G"
  20. LV[var]="5G"
  21. LV[home]="512M"
  22. fi
  23. # Detect if we're in UEFI or legacy mode
  24. [ -d /sys/firmware/efi ] && UEFI=1
  25. if [ $UEFI ]; then
  26. PKG_LIST="$PKG_LIST grub-x86_64-efi efibootmgr"
  27. fi
  28. # Detect if we're on an Intel system
  29. CPU_VENDOR=$(grep vendor_id /proc/cpuinfo | awk '{print $3}')
  30. if [ $CPU_VENDOR = "GenuineIntel" ]; then
  31. PKG_LIST="$PKG_LIST intel-ucode"
  32. fi
  33. # Install requirements
  34. xbps-install -y -S -f cryptsetup parted lvm2
  35. # Wipe /dev/${DEVNAME}
  36. dd if=/dev/zero of=/dev/${DEVNAME} bs=1M count=100
  37. if [ $UEFI ]; then
  38. parted /dev/${DEVNAME} mklabel gpt
  39. parted -a optimal /dev/${DEVNAME} mkpart primary 2048s 100M
  40. parted -a optimal /dev/${DEVNAME} mkpart primary 100M 612M
  41. parted -a optimal /dev/${DEVNAME} mkpart primary 612M 100%
  42. else
  43. parted /dev/${DEVNAME} mklabel msdos
  44. parted -a optimal /dev/${DEVNAME} mkpart primary 2048s 512M
  45. parted -a optimal /dev/${DEVNAME} mkpart primary 512M 100%
  46. fi
  47. parted /dev/${DEVNAME} set 1 boot on
  48. # Encrypt partitions
  49. if [ $UEFI ]; then
  50. BOOTPART="2"
  51. DEVPART="3"
  52. else
  53. BOOTPART="1"
  54. DEVPART="2"
  55. fi
  56. echo "[!] Encrypt boot partition"
  57. cryptsetup ${CRYPTSETUP_OPTS} luksFormat -c aes-xts-plain64 -s 512 /dev/${DEVNAME}${BOOTPART}
  58. echo "[!] Open boot partition"
  59. cryptsetup luksOpen /dev/${DEVNAME}${BOOTPART} crypt-boot
  60. echo "[!] Encrypt root partition"
  61. cryptsetup ${CRYPTSETUP_OPTS} luksFormat -c aes-xts-plain64 -s 512 /dev/${DEVNAME}${DEVPART}
  62. echo "[!] Open root partition"
  63. cryptsetup luksOpen /dev/${DEVNAME}${DEVPART} crypt-pool
  64. # Now create VG
  65. pvcreate /dev/mapper/crypt-pool
  66. vgcreate ${VGNAME} /dev/mapper/crypt-pool
  67. for FS in ${!LV[@]}; do
  68. lvcreate -L ${LV[$FS]} -n ${FS/\//_} ${VGNAME}
  69. done
  70. if [ $SWAP -eq 1 ]; then
  71. lvcreate -L ${SWAPSIZE} -n swap ${VGNAME}
  72. fi
  73. # Format filesystems
  74. if [ $UEFI ]; then
  75. mkfs.vfat /dev/${DEVNAME}1
  76. fi
  77. mkfs.ext4 -L boot /dev/mapper/crypt-boot
  78. for FS in ${!LV[@]}; do
  79. mkfs.ext4 -L ${FS/\//_} /dev/mapper/${VGNAME}-${FS/\//_}
  80. done
  81. if [ $SWAP -eq 1 ]; then
  82. mkswap -L swap /dev/mapper/${VGNAME}-swap
  83. fi
  84. # Mount them
  85. mount /dev/mapper/${VGNAME}-root /mnt
  86. for dir in dev proc sys boot; do
  87. mkdir /mnt/${dir}
  88. done
  89. ## Remove root and sort keys
  90. unset LV[root]
  91. for FS in $(for key in "${!LV[@]}"; do printf '%s\n' "$key"; done| sort); do
  92. mkdir -p /mnt/${FS}
  93. mount /dev/mapper/${VGNAME}-${FS/\//_} /mnt/${FS}
  94. done
  95. if [ $UEFI ]; then
  96. mount /dev/mapper/crypt-boot /mnt/boot
  97. mkdir /mnt/boot/efi
  98. mount /dev/${DEVNAME}1 /mnt/boot/efi
  99. else
  100. mount /dev/mapper/crypt-boot /mnt/boot
  101. fi
  102. for fs in dev proc sys; do
  103. mount -o bind /${fs} /mnt/${fs}
  104. done
  105. # Now install void
  106. mkdir -p /mnt/var/db/xbps/keys/
  107. cp -a /var/db/xbps/keys/* /mnt/var/db/xbps/keys/
  108. xbps-install -y -S -R http://repo.voidlinux.eu/current -r /mnt $PKG_LIST
  109. # Do a bit of customization
  110. echo "[!] Setting root password"
  111. passwd -R /mnt root
  112. echo $HOSTNAME > /mnt/etc/hostname
  113. echo "TIMEZONE=${TIMEZONE}" >> /mnt/etc/rc.conf
  114. echo "KEYMAP=${KEYMAP}" >> /mnt/etc/rc.conf
  115. echo "TTYS=2" >> /mnt/etc/rc.conf
  116. echo "LANG=$LANG" > /mnt/etc/locale.conf
  117. echo "$LANG $(echo ${LANG} | cut -f 2 -d .)" >> /mnt/etc/default/libc-locales
  118. chroot /mnt xbps-reconfigure -f glibc-locales
  119. # Add fstab entries
  120. echo "LABEL=root / ext4 rw,relatime,data=ordered,discard 0 0" > /mnt/etc/fstab
  121. echo "LABEL=boot /boot ext4 rw,relatime,data=ordered,discard 0 0" >> /mnt/etc/fstab
  122. for FS in $(for key in "${!LV[@]}"; do printf '%s\n' "$key"; done| sort); do
  123. echo "LABEL=${FS/\//_} /${FS} ext4 rw,relatime,data=ordered,discard 0 0" >> /mnt/etc/fstab
  124. done
  125. echo "tmpfs /tmp tmpfs size=1G,noexec,nodev,nosuid 0 0" >> /mnt/etc/fstab
  126. if [ $UEFI ]; then
  127. echo "/dev/${DEVNAME}1 /boot/efi vfat defaults 0 0" >> /mnt/etc/fstab
  128. fi
  129. if [ $SWAP -eq 1 ]; then
  130. echo "LABEL=swap none swap defaults 0 0" >> /mnt/etc/fstab
  131. fi
  132. # Install grub
  133. cat << EOF >> /mnt/etc/default/grub
  134. GRUB_TERMINAL_INPUT="console"
  135. GRUB_TERMINAL_OUTPUT="console"
  136. GRUB_ENABLE_CRYPTODISK=y
  137. EOF
  138. sed -i 's/GRUB_BACKGROUND.*/#&/' /mnt/etc/default/grub
  139. chroot /mnt grub-install /dev/${DEVNAME}
  140. # Now tune the cryptsetup
  141. KERNEL_VER=$(xbps-query -r /mnt -s linux4 | cut -f 2 -d ' ' | cut -f 1 -d -)
  142. LUKS_BOOT_UUID="$(lsblk -o NAME,UUID | grep ${DEVNAME}${BOOTPART} | awk '{print $2}')"
  143. LUKS_DATA_UUID="$(lsblk -o NAME,UUID | grep ${DEVNAME}${DEVPART} | awk '{print $2}')"
  144. echo "GRUB_CMDLINE_LINUX=\"rd.vconsole.keymap=${KEYMAP} rd.lvm=1 rd.luks=1 rd.luks.allow-discards rd.luks.uuid=${LUKS_BOOT_UUID} rd.luks.uuid=${LUKS_DATA_UUID}\"" >> /mnt/etc/default/grub
  145. chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg
  146. chroot /mnt xbps-reconfigure -f ${KERNEL_VER}
  147. # Now add customization to installation
  148. echo "[!] Running custom scripts"
  149. if [ -d ./custom ]; then
  150. cp -r ./custom /mnt/tmp
  151. # If we detect any .sh let's run them in the chroot
  152. for SHFILE in /mnt/tmp/custom/*.sh; do
  153. chroot /mnt sh /tmp/custom/$(basename $SHFILE)
  154. done
  155. # Then cleanup chroot
  156. rm -rf /mnt/tmp/custom
  157. fi