Preservation/kaiten-yaki
1
0
Fork 0
mirror of https://github.com/suikan4github/kaiten-yaki.git synced 2025-12-20 02:21:17 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Going to one-script solution

Browse source
This commit is contained in:
Suikan 2021-06-30 16:26:16 +09:00
parent eb6d3f2fee
commit f1d8ce77ed
10 changed files with 326 additions and 268 deletions
Download patch file Download diff file Expand all files Collapse all files

113
archive/INSTALL-ubuntu.md Normal file
View file

@ -0,0 +1,113 @@
# Ubuntu 20.04LTS installation into the LVM on the LUKS volume
Installation requires 3 scripts.
- 1-pre-install.sh
- 2-para-install.sh
- 3-post-install.sh
Each script have to be executed as sourced style. For example :
```shell
source 1-pre-install.sh
```
If you execute these script as independent command style, it will show an error message and terminate immediately.
The first step has parameter configuration, erasing disk, format partition, and encryption. This is most critical stage of the entire installation. You have to finish this stage before invoking Ubiquity installer.
The timing of the 2nd step is little bit difficult. You have to execute this script after the Ubiquity installer starts to copy the file, and before the Ubiquity installer finishes.
The third stage is easy. There is nothing user can do. Everything is automatic.
# Preparation
# Installation
Follow the steps below.
## Configuration parameters
This is very critical part of the installation. The configuration parameters are located in the top of the 1-pre-install.sh. Edit these parameter before installation. Following is a set of the default parameters for the configuration of :
- Install to **/dev/sda** (DEV).
- Erase entire disk (ERASEALL).
- In case of EFI firmware, 100MB is allocated to the EFI partition (EFISIZE).
- Create a logical volume group named "vg1" in the encrypted volume (VGNAME)
- Create a swap logical volume named "swap" in the "vg1". The size is 8GB (LVSWAPNAME,LVSWAPSIZE)
- Create a logical volume named **"ubuntu"** for / in the "vg1". The size of the **50%** of the entire free space (LVROOTNAME, LVROOTSIZE).
```bash
# Storage device to install the linux.
export DEV="/dev/sda"
# Whether you want to erase all contents of the storage device or not.
# 1 : Yes, I want to erase all.
# 0 : No, I don't. I want to add to the existing LUKS volume.
export ERASEALL=1
# Logical Volume name for your Linux installation. Keep it unique from other distribution.
export LVROOTNAME="ubuntu"
# Logical volume size of the Linux installation.
# 30% mean, new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. Script will create 30GB logical volume.
export LVROOTSIZE="50%FREE"
# Set the size of EFI partition and swap partition. The unit is Byte. you can use M,G... notation.
export EFISIZE="100M"
export LVSWAPSIZE="8G"
# Usually, these names can be left untouched.
# If you change, keep them consistent through all instllation in your system.
export CRYPTPARTNAME="luks_volume"
export VGNAME="vg1"
export LVSWAPNAME="swap"
```
There are several restrictions :
- For the first distribution installation, you must set ERASEALL to 1, to erase entire screen and create a LUKS partition. YaFDE script create a maximum LUKS partition as possible.
- The LVROOMNAME must be unique among all installation in a computer. Otherwise, the installer terminate at a middle.
- The LVSWAPNAME must be unique among all installation in a computer. Otherwise, the installer create an unnecessary logical volume. This is waste of storage resource.
- The EFISIZE and the LVSWAPSIZE are refereed during the first distribution installation.
- The LVROOTSIZE is the size of a logical volume to create. This is a relative value to the existing free space in the volume group. If you want to install 3 distributions in a computer, you may want to set 33%FREE, 50%FREE, and 100%FREE for the first, second, and third distribution installation, respectively.
## Preparation of shell window
First of all, promote the shell to root. Almost of the procedure requires root privilege. Not that the scripts requires Bash.
```bash
# Promote to the root user
sudo -i
```
## The first script
After you set the configuration parameters correctly, execute the following command from the shell. Again, you have to be promoted as root user, and you have to use Bash.
```bash
source 1-pre-install.sh
```
After the several interactive confirmation, script will as you input the passphrase. This passphrase will be applied to the encryption of the LUKS volume. Make sure you use identical passphrase between all distribution installation in a computer. Otherwise, install process terminates with error.
## Run the Ubiquity installer
After the first script finishes, open the Ubiquity installer, configure and run it. Ensure you map the followings correctly.
Host Volume | Target Directory | Comment
-----------------------|------------------|---------------------------------------------------------------
/dev/sda1 | /boot/efi | BIOS system doesn't need this mapping
/dev/mapper/vg1-ubuntu | / | Host volume name is up to your configuration parameter.
/dev/mapper/swap | swap | Only the first distribution installation requires this mapping.
C A U T I O N : After the Ubiquity installer starts the file copy, execute 2nd step script quickly before the installer finishes.
![Partitioning](../image/ubuntu_partitioning.png)
## The second script
Run the following script on the shell window, during the Ubiquity runs. Otherwise, Ubiquity fails at the end of installation. If you run this script too early, it terminates with error message. This is safe. Run it again later ( but before Ubiquity finish).
C A U T I O N : Do not reboot at the end of Ubiquity installation. Click "continue".
```bash
source 2-para-install.sh
```
![Installing](../image/ubuntu_installing.png)
## Click continue
As explained above, do not reboot. Click "Continue Testing". If you reboot at here, system will ask you the passphrase twice.
![Installing](../image/ubuntu_done.png)
## The third script
After Ubiquity finish the installation, run the 3rd script. This is fully automatic. There is nothing you have to do.
```bash
source post-install.sh
```
You can reboot after the script finishes.

233
archive/ubuntu/1-pre-install.sh Normal file
View file

@ -0,0 +1,233 @@
#!/bin/bash
# Storage device to install the linux.
export DEV="/dev/sda"
# Whether you want to erase all contents of the storage device or not.
# 1 : Yes, I want to erase all.
# 0 : No, I don't. I want to add to the existing LUKS volume.
export ERASEALL=1
# Logical Volume name for your Linux installation. Keep it unique from other distribution.
export LVROOTNAME="ubuntu"
# Logical volume size of the Linux installation.
# 30% mean, new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. Script will create 30GB logical volume.
export LVROOTSIZE="50%FREE"
# Set the size of EFI partition and swap partition. The unit is Byte. you can use M,G... notation.
export EFISIZE="100M"
export LVSWAPSIZE="8G"
# Usually, these names can be left untouched.
# If you change, keep them consistent through all instllation in your system.
export CRYPTPARTNAME="luks_volume"
export VGNAME="vg1"
export LVSWAPNAME="swap"
# ********************** DO NOT edit following lines ******************************
# Detect firmware type. 1 : EFI, 0 : BIOS
if [ -d /sys/firmware/efi ]; then
export ISEFI=1 # Yes, EFI
else
export ISEFI=0 # No, BIOS
fi # is EFI firmaare?
# Set partition number based on the firmware type
if [ ${ISEFI} -eq 1 ] ; then
# EFI firmware
export EFIPARTITION=1
export CRYPTPARTITION=2
else
# BIOS firmware
export CRYPTPARTITION=1
fi # EFI firmware
# Varidate whether script is executed as sourced or not
(return 0 2>/dev/null) && sourced=1 || sourced=0
if [ $sourced -eq 0 ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Must execute as source *****
Execute as following :
source 1-pre-install.sh
Installation terminated.
HEREDOC
exit # use "exit" instead of "return", if not "sourced" execusion
fi # "sourced" validation
# ----- Confirmations -----
# Distribution check
uname -a | grep ubuntu -i > /dev/null
if [ $? -eq 1 ] ; then # "Ubuntu" is not found in the OS name.
echo "*********************************************************************************"
uname -a
cat <<HEREDOC
*********************************************************************************
This system seems to be not Void Linux, while this script is dediated to the Void Linux.
Are you sure you want to run this script for installation? [Y/N]
HEREDOC
read YESNO
if [ ${YESNO} != "Y" -a ${YESNO} != "y" ] ; then
cat <<HEREDOC 1>&2
Installation terminated.
HEREDOC
return
fi # if YES
fi # "Ubuntu" is not found in the OS name.
# For surre ask the config.sh is edited
echo "Did you edit config.sys? Are you ready to install? [Y/N]"
read YESNO
if [ ${YESNO} != "Y" -a ${YESNO} != "y" ] ; then
cat <<HEREDOC 1>&2
Installation terminated.
HEREDOC
return
fi # if YES
# For sure ask ready to erase.
if [ ${ERASEALL} -eq 1 ] ; then
echo "Are you sure you want to erase entire ${DEV}? [Y/N]"
read YESNO
if [ ${YESNO} != "Y" -a ${YESNO} != "y" ] ; then
cat <<HEREDOC 1>&2
Check config.sh. The variable ERASEALL is ${ERASEALL}.
Installation terminated.
HEREDOC
return
fi # if YES
fi # if erase all
# ----- Set Passphrase -----
# Input passphrase
echo "Type passphrase for the disk encryption."
read -sr PASSPHRASE
export PASSPHRASE
echo "Type passphrase again, to confirm."
read -sr PASSPHRASE_C
# Validate whether both are indentical or not
if [ ${PASSPHRASE} != ${PASSPHRASE_C} ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Passphrase doesn't match *****
Installation terminated.
HEREDOC
return
fi # passphrase validation
# ----- Erase entire disk, create partitions, format them and encrypt the LUKS partition -----
if [ ${ERASEALL} -eq 1 ] ; then
# Assign specified space and rest of disk to the EFI and LUKS partition, respectively.
if [ ${ISEFI} -eq 1 ] ; then
# Zap existing partition table and create new GPT
echo "...Initialize ${DEV} with GPT."
sgdisk --zap-all "${DEV}"
# Create EFI partition and format it
echo "...Create an EFI partition on ${DEV}."
sgdisk --new=${EFIPARTITION}:0:+${EFISIZE} --change-name=${EFIPARTITION}:"EFI System" --typecode=${EFIPARTITION}:ef00 "${DEV}"
echo "...Format the EFI parttion."
mkfs.vfat -F 32 -n EFI-SP "${DEV}${EFIPARTITION}"
# Create Linux partition
echo "...Create a Linux partition on ${DEV}."
sgdisk --new=${CRYPTPARTITION}:0:0 --change-name=${CRYPTPARTITION}:"Linux LUKS" --typecode=${CRYPTPARTITION}:8309 "${DEV}"
# Then print them
sgdisk --print "${DEV}"
else
# Zap existing partition table
echo "...Erase partition table of ${DEV}."
dd if=/dev/zero of=${DEV} bs=512 count=1
# Create MBR and allocate max storage for Linux partition
echo "...Create a Linux partition on ${DEV} with MBR."
sfdisk ${DEV} <<HEREDOC
2M,,L
HEREDOC
fi # if EFI firmware
# Encrypt the partition to install Linux
echo "...Initialize ${DEV}${CRYPTPARTITION} as crypt partition"
printf %s "${PASSPHRASE}" | cryptsetup luksFormat --type=luks1 --key-file - --batch-mode "${DEV}${CRYPTPARTITION}"
fi # if erase all
# ----- Open the LUKS partition -----
# Open the crypt partition.
echo "...Open a crypt partition ${DEV}${CRYPTPARTITION} as \"${CRYPTPARTNAME}\""
printf %s "${PASSPHRASE}" | cryptsetup open -d - "${DEV}${CRYPTPARTITION}" ${CRYPTPARTNAME}
# Check whether successful open. If mapped, it is successful.
if [ ! -e /dev/mapper/${CRYPTPARTNAME} ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Cannot open LUKS volume "${CRYPTPARTNAME}" on ${DEV}${CRYPTPARTITION}. *****
Check passphrase and config.txt
Installation terminated.
HEREDOC
return
fi # if crypt volume is unable to open
# ----- Configure the LVM in LUKS volume -----
# Check volume group ${VGNAME} exist or not
vgdisplay -s ${VGNAME} &> /dev/null
if [ $? -eq 0 ] ; then # is return value 0? ( exist ?)
echo "...Volume group ${VGNAME} already exist. Skipped to create. No problem."
else
echo "...Initialize a physical volume on \"${CRYPTPARTNAME}\""
pvcreate /dev/mapper/${CRYPTPARTNAME}
echo "...And then create Volume group \"${VGNAME}\"."
vgcreate ${VGNAME} /dev/mapper/${CRYPTPARTNAME}
fi # if /dev/volume-groupt not exist
# Create a SWAP Logical Volume on VG, if it doesn't exist
if [ -e /dev/mapper/${VGNAME}-${LVSWAPNAME} ] ; then
echo "...Swap volume already exist. Skipped to create. No problem."
else
echo "...Create logical volume \"${LVSWAPNAME}\" on \"${VGNAME}\"."
lvcreate -L ${LVSWAPSIZE} -n ${LVSWAPNAME} ${VGNAME}
fi # if /dev/mapper/swap volume already exit.
# Create a ROOT Logical Volume on VG.
if [ -e /dev/mapper/${VGNAME}-${LVROOTNAME} ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Logical volume "${VGNAME}-${LVROOTNAME}" already exists. *****
Check LVROOTNAME environment variable in config.txt.
Installation terminated.
HEREDOC
return
else
echo "...Create logical volume \"${LVROOTNAME}\" on \"${VGNAME}\"."
lvcreate -l ${LVROOTSIZE} -n ${LVROOTNAME} ${VGNAME}
fi # if the root volun already exist
# Finishing message
if [ ${ISEFI} -eq 1 ] ; then
cat <<HEREDOC
****************** Pre-install process finished ******************
...Next, open the Ubiquity installer, map the /, swap, EFI partition and start installation.
...And then, execute "source 2-para-install.sh" during the Ubiquity copies files.
HEREDOC
else
cat <<HEREDOC
****************** Pre-install process finished ******************
...Next, open the Ubiquity installer, map the /, swap volume and start installation.
...And then, execute "source 2-para-install.sh" during the Ubiquity copies files.
HEREDOC
fi # Is EFI?

38
archive/ubuntu/2-para-install.sh Normal file
View file

@ -0,0 +1,38 @@
#!/bin/bash
# Varidate whether script is executed as sourced or not
(return 0 2>/dev/null) && sourced=1 || sourced=0
if [ $sourced -eq 0 ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Must execute as source *****
Execute as following :
source 2-para-install.sh
Installation terminated.
HEREDOC
exit # use "exit" instead of "return", if not "sourced" execusion
fi # "sourced" validation
# Check whether grub configuration file is ready to write
if [ ! -e /target/etc/default/grub ] ; then
cat <<HEREDOC 1>&2
***** ERROR : The /target/etc/default/grub is not ready. *****
Perhaps, too early to execute this script.
Installation terminated.
HEREDOC
return
fi # if grub file exists
# Make target GRUB aware to the crypt partition
echo "...Add GRUB_ENABLE_CRYPTODISK entry to /target/etc/default/grub "
echo "GRUB_ENABLE_CRYPTODISK=y" >> /target/etc/default/grub
# Finishing message
cat <<HEREDOC
****************** Para-install process finished ******************
...Click "Continue Testing" when Ubiquity finishes.
...And then, execute "source 3-post-install.sh"
HEREDOC

66
archive/ubuntu/3-post-install.sh Normal file
View file

@ -0,0 +1,66 @@
#!/bin/bash
# Varidate whether script is executed as sourced or not
(return 0 2>/dev/null) && sourced=1 || sourced=0
if [ $sourced -eq 0 ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Must execute as source *****
Execute as following :
source 3-post-install.sh
Installation terminated.
HEREDOC
exit # use "exit" instead of "return", if not "sourced" execusion
fi # "sourced" validation
## Mount the target file system
# /target is created by the Ubiquity installer
echo "...Mount /dev/mapper/${VGNAME}-${LVROOTNAME} on /target."
mount /dev/mapper/${VGNAME}-${LVROOTNAME} /target
# And mount other directories
echo "...Mount all other dirs."
for n in proc sys dev etc/resolv.conf; do mount --rbind "/$n" "/target/$n"; done
# Change root and create the keyfile and ramfs image for Linux kernel.
echo "...Chroot to /target."
cat <<HEREDOC | chroot /target /bin/bash
# Mount the rest of partitions by target /etc/fstab
mount -a
# Set up the kernel hook of encryption
echo "...Install cryptsetup-initramfs package."
apt -qq install -y cryptsetup-initramfs
echo "...Register key file to the ramfs"
echo "KEYFILE_PATTERN=/etc/luks/*.keyfile" >> /etc/cryptsetup-initramfs/conf-hook
echo "UMASK=0077" >> /etc/initramfs-tools/initramfs.conf
# Prepare a key file to embed in to the ramfs.
echo "...Prepair key file."
mkdir /etc/luks
dd if=/dev/urandom of=/etc/luks/boot_os.keyfile bs=4096 count=1 status=none
chmod u=rx,go-rwx /etc/luks
chmod u=r,go-rwx /etc/luks/boot_os.keyfile
# Add a key to the key file. Use the passphrase in the environment variable.
echo "...Add a key to the key file."
printf %s "${PASSPHRASE}" | cryptsetup luksAddKey -d - "${DEV}${CRYPTPARTITION}" /etc/luks/boot_os.keyfile
# Add the LUKS volume information to /etc/crypttab to decrypt by kernel.
echo "...Add LUKS volume info to /etc/crypttab."
echo "${CRYPTPARTNAME} UUID=$(blkid -s UUID -o value ${DEV}${CRYPTPARTITION}) /etc/luks/boot_os.keyfile luks,discard" >> /etc/crypttab
# Finally, update the ramfs initial image with the key file.
echo "...Upadte initramfs."
update-initramfs -uk all
# Leave chroot
exit
HEREDOC
# Finishing message
cat <<HEREDOC
****************** Post-install process finished ******************
...Ready to reboot.
HEREDOC

242
archive/voidlinux/1-pre-install.sh Normal file
View file

@ -0,0 +1,242 @@
#!/bin/bash
# Storage device to install the linux.
export DEV="/dev/sda"
# Whether you want to erase all contents of the storage device or not.
# 1 : Yes, I want to erase all.
# 0 : No, I don't. I want to add to the existing LUKS volume.
export ERASEALL=1
# Logical Volume name for your Linux installation. Keep it unique from other distribution.
export LVROOTNAME="void"
# Logical volume size of the Linux installation.
# 30% mean, new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. Script will create 30GB logical volume.
export LVROOTSIZE="50%FREE"
# Set the size of EFI partition and swap partition. The unit is Byte. you can use M,G... notation.
export EFISIZE="100M"
export LVSWAPSIZE="8G"
# Usually, these names can be left untouched.
# If you change, keep them consistent through all instllation in your system.
export CRYPTPARTNAME="luks_volume"
export VGNAME="vg1"
export LVSWAPNAME="swap"
# ********************** DO NOT edit following lines ******************************
# Detect firmware type. 1 : EFI, 0 : BIOS
if [ -d /sys/firmware/efi ]; then
export ISEFI=1 # Yes, EFI
else
export ISEFI=0 # No, BIOS
fi # is EFI firmaare?
# Set partition number based on the firmware type
if [ ${ISEFI} -eq 1 ] ; then
# EFI firmware
export EFIPARTITION=1
export CRYPTPARTITION=2
else
# BIOS firmware
export CRYPTPARTITION=1
fi # EFI firmware
# Varidate whether script is executed as sourced or not
(return 0 2>/dev/null) && sourced=1 || sourced=0
if [ $sourced -eq 0 ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Must execute as source *****
Execute as following :
source 1-pre-install.sh
Installation terminated.
HEREDOC
exit # use "exit" instead of "return", if not "sourced" execusion
fi # "sourced" validation
# ----- Confirmations -----
# Distribution check
uname -a | grep void -i > /dev/null
if [ $? -eq 1 ] ; then # "Void" is not found in the OS name.
echo "*********************************************************************************"
uname -a
cat <<HEREDOC
*********************************************************************************
This system seems to be not Void Linux, while this script is dediated to the Void Linux.
Are you sure you want to run this script for installation? [Y/N]
HEREDOC
read YESNO
if [ ${YESNO} != "Y" -a ${YESNO} != "y" ] ; then
cat <<HEREDOC 1>&2
Installation terminated.
HEREDOC
return
fi # if YES
fi # "Void" is not found in the OS name.
# For surre ask the config.sh is edited
echo "Did you edit config.sys? Are you ready to install? [Y/N]"
read YESNO
if [ ${YESNO} != "Y" -a ${YESNO} != "y" ] ; then
cat <<HEREDOC 1>&2
Installation terminated.
HEREDOC
return
fi # if YES
# For sure ask ready to erase.
if [ ${ERASEALL} -eq 1 ] ; then
echo "Are you sure you want to erase entire ${DEV}? [Y/N]"
read YESNO
if [ ${YESNO} != "Y" -a ${YESNO} != "y" ] ; then
cat <<HEREDOC 1>&2
Check config.sh. The variable ERASEALL is ${ERASEALL}.
Installation terminated.
HEREDOC
return
fi # if YES
fi # if erase all
# Install essential packages.
xbps-install -y gptfdisk
# ----- Set Passphrase -----
# Input passphrase
echo "Type passphrase for the disk encryption."
read -sr PASSPHRASE
export PASSPHRASE
echo "Type passphrase again, to confirm."
read -sr PASSPHRASE_C
# Validate whether both are indentical or not
if [ ${PASSPHRASE} != ${PASSPHRASE_C} ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Passphrase doesn't match *****
Installation terminated.
HEREDOC
return
fi # passphrase validation
# ----- Erase entire disk, create partitions, format them and encrypt the LUKS partition -----
if [ ${ERASEALL} -eq 1 ] ; then
# Assign specified space and rest of disk to the EFI and LUKS partition, respectively.
if [ ${ISEFI} -eq 1 ] ; then
# Zap existing partition table and create new GPT
echo "...Initialize ${DEV} with GPT."
sgdisk --zap-all "${DEV}"
# Create EFI partition and format it
echo "...Create an EFI partition on ${DEV}."
sgdisk --new=${EFIPARTITION}:0:+${EFISIZE} --change-name=${EFIPARTITION}:"EFI System" --typecode=${EFIPARTITION}:ef00 "${DEV}"
echo "...Format the EFI parttion."
mkfs.vfat -F 32 -n EFI-SP "${DEV}${EFIPARTITION}"
# Create Linux partition
echo "...Create a Linux partition on ${DEV}."
sgdisk --new=${CRYPTPARTITION}:0:0 --change-name=${CRYPTPARTITION}:"Linux LUKS" --typecode=${CRYPTPARTITION}:8309 "${DEV}"
# Then print them
sgdisk --print "${DEV}"
else
# Zap existing partition table
echo "...Erase partition table of ${DEV}."
dd if=/dev/zero of=${DEV} bs=512 count=1
# Create MBR and allocate max storage for Linux partition
echo "...Create a Linux partition on ${DEV} with MBR."
sfdisk ${DEV} <<HEREDOC
2M,,L
HEREDOC
fi # if EFI firmware
# Encrypt the partition to install Linux
echo "...Initialize ${DEV}${CRYPTPARTITION} as crypt partition"
printf %s "${PASSPHRASE}" | cryptsetup luksFormat --type=luks1 --key-file - --batch-mode "${DEV}${CRYPTPARTITION}"
fi # if erase all
# ----- Open the LUKS partition -----
# Open the crypt partition.
echo "...Open a crypt partition ${DEV}${CRYPTPARTITION} as \"${CRYPTPARTNAME}\""
printf %s "${PASSPHRASE}" | cryptsetup open -d - "${DEV}${CRYPTPARTITION}" ${CRYPTPARTNAME}
# Check whether successful open. If mapped, it is successful.
if [ ! -e /dev/mapper/${CRYPTPARTNAME} ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Cannot open LUKS volume "${CRYPTPARTNAME}" on ${DEV}${CRYPTPARTITION}. *****
Check passphrase and config.txt
Installation terminated.
HEREDOC
return
fi # if crypt volume is unable to open
# ----- Configure the LVM in LUKS volume -----
# Check volume group ${VGNAME} exist or not
vgdisplay -s ${VGNAME} &> /dev/null
if [ $? -eq 0 ] ; then # is return value 0? ( exist ?)
echo "...Volume group ${VGNAME} already exist. Skipped to create. No problem."
else
echo "...Initialize a physical volume on \"${CRYPTPARTNAME}\""
pvcreate /dev/mapper/${CRYPTPARTNAME}
echo "...And then create Volume group \"${VGNAME}\"."
vgcreate ${VGNAME} /dev/mapper/${CRYPTPARTNAME}
fi # if /dev/volume-groupt not exist
# Create a SWAP Logical Volume on VG, if it doesn't exist
if [ -e /dev/mapper/${VGNAME}-${LVSWAPNAME} ] ; then
echo "...Swap volume already exist. Skipped to create. No problem."
else
echo "...Create logical volume \"${LVSWAPNAME}\" on \"${VGNAME}\"."
lvcreate -L ${LVSWAPSIZE} -n ${LVSWAPNAME} ${VGNAME}
fi # if /dev/mapper/swap volume already exit.
# Create a ROOT Logical Volume on VG.
if [ -e /dev/mapper/${VGNAME}-${LVROOTNAME} ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Logical volume "${VGNAME}-${LVROOTNAME}" already exists. *****
Check LVROOTNAME environment variable in config.txt.
Installation terminated.
HEREDOC
return
else
echo "...Create logical volume \"${LVROOTNAME}\" on \"${VGNAME}\"."
lvcreate -l ${LVROOTSIZE} -n ${LVROOTNAME} ${VGNAME}
fi # if the root volun already exist
# ADD "rd.auto=1 cryptdevice=/dev/sda2:${LUKS_NAME} root=/dev/mapper/${VGNAME}-${ROOTNAME}" to GRUB.
# This is magical part. I have not understood why this is required.
# Refer https://wiki.voidlinux.org/Install_LVM_LUKS#Installation_using_void-installer
echo "...Modify /etc/default/grub."
sed -i "s#loglevel=4#loglevel=4 rd.auto=1 cryptdevice=/dev/sda2:${LUKS_NAME} root=/dev/mapper/${VGNAME}-${LVROOTNAME}#" /etc/default/grub
# Finishing message
if [ ${ISEFI} -eq 1 ] ; then
cat <<HEREDOC
****************** Pre-install process finished ******************
...Next, open the void-installer, map the /, swap, EFI partition and start installation.
...And then, execute "source 2-para-install.sh" during the void-installer copies files.
HEREDOC
else
cat <<HEREDOC
****************** Pre-install process finished ******************
...Next, open the void-installer installer, map the /, swap volume and start installation.
...And then, execute "source 2-para-install.sh" during the void-installer copies files.
HEREDOC
fi # Is EFI?

38
archive/voidlinux/2-para-install.sh Normal file
View file

@ -0,0 +1,38 @@
#!/bin/bash
# Varidate whether script is executed as sourced or not
(return 0 2>/dev/null) && sourced=1 || sourced=0
if [ $sourced -eq 0 ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Must execute as source *****
Execute as following :
source 2-para-install.sh
Installation terminated.
HEREDOC
exit # use "exit" instead of "return", if not "sourced" execusion
fi # "sourced" validation
# Check whether grub configuration file is ready to write
if [ ! -e /mnt/target/etc/default/grub ] ; then
cat <<HEREDOC 1>&2
***** ERROR : The /mnt/target/etc/default/grub is not ready. *****
Perhaps, too early to execute this script.
Installation terminated.
HEREDOC
return
fi # if grub file exists
# Make target GRUB aware to the crypt partition
echo "...Add GRUB_ENABLE_CRYPTODISK entry to /mnt/target/etc/default/grub "
echo "GRUB_ENABLE_CRYPTODISK=y" >> /mnt/target/etc/default/grub
# Finishing message
cat <<HEREDOC
****************** Para-install process finished ******************
...Select "NO" to boot, when void-installer finishes.
...And then, execute "source 3-post-install.sh"
HEREDOC

73
archive/voidlinux/3-post-install.sh Normal file
View file

@ -0,0 +1,73 @@
#!/bin/bash
# Varidate whether script is executed as sourced or not
(return 0 2>/dev/null) && sourced=1 || sourced=0
if [ $sourced -eq 0 ] ; then
cat <<HEREDOC 1>&2
***** ERROR : Must execute as source *****
Execute as following :
source 3-post-install.sh
Installation terminated.
HEREDOC
exit # use "exit" instead of "return", if not "sourced" execusion
fi # "sourced" validation
## Mount the target file system
# /target is created by the Ubiquity installer
echo "...Mount /dev/mapper/${VGNAME}-${LVROOTNAME} on /mnt/target."
mount /dev/mapper/${VGNAME}-${LVROOTNAME} /mnt/target
# And mount other directories
echo "...Mount all other dirs."
for n in proc sys dev etc/resolv.conf; do mount --rbind "/$n" "/mnt/target/$n"; done
# Change root and create the keyfile and ramfs image for Linux kernel.
echo "...Chroot to /target."
cat <<HEREDOC | chroot /mnt/target /bin/bash
# Mount the rest of partitions by target /etc/fstab
mount -a
# Set up the kernel hook of encryption
echo "...Install cryptsetup-initramfs package."
xbps-install -y lvm2 cryptsetup
# Prepare a key file to embed in to the ramfs.
echo "...Prepair key file."
mkdir /etc/luks
dd if=/dev/urandom of=/etc/luks/boot_os.keyfile bs=4096 count=1 status=none
chmod u=rx,go-rwx /etc/luks
chmod u=r,go-rwx /etc/luks/boot_os.keyfile
# Add a key to the key file. Use the passphrase in the environment variable.
echo "...Add a key to the key file."
printf %s "${PASSPHRASE}" | cryptsetup luksAddKey -d - "${DEV}${CRYPTPARTITION}" /etc/luks/boot_os.keyfile
# Add the LUKS volume information to /etc/crypttab to decrypt by kernel.
echo "...Add LUKS volume info to /etc/crypttab."
echo "${CRYPTPARTNAME} UUID=$(blkid -s UUID -o value ${DEV}${CRYPTPARTITION}) /etc/luks/boot_os.keyfile luks,discard" >> /etc/crypttab
echo "...Register key file to the ramfs"
echo 'install_items+=" /etc/luks/boot_os.keyfile /etc/crypttab " ' > /etc/dracut.conf.d/10-crypt.conf
# Finally, update the ramfs initial image with the key file.
echo "...Upadte initramfs."
xbps-reconfigure -fa
echo "...grub-mkconfig."
grub-mkconfig -o /boot/grub/grub.cfg
echo "...update-grub."
update-grub
# Leave chroot
HEREDOC
# Unmount all
echo "...Unmount all."
umount -R /mnt/target
# Finishing message
cat <<HEREDOC
****************** Post-install process finished ******************
...Ready to reboot.
HEREDOC