blob: 2887e1d659b0d7581d1bac685d9cc47eb447acd1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
#!/bin/bash
depend_module yaourt
depend_procedure core base
var_RUNTIME_PACKAGES="svn"
phase_preparation=(\
configure \
intro \
sysprep \
msg_manual \
runtime_network \
runtime_svn \
msg_automatic \
select_source \
runtime_packages \
runtime_yaourt)
phase_finish=(configure_home msg_report)
worker_intro ()
{
notify "Dieter::automatic procedure running..."
}
worker_configure ()
{
var_UI_TYPE=${arg_ui_type:-cli}
}
worker_msg_manual ()
{
# All things that need to be done manually first
notify "A few manual things need to happen first..."
}
worker_msg_automatic ()
{
notify "**** From now on. everything will be automatic. Enjoy the show!" # not true: you need pass for dm_crypt
}
worker_runtime_network ()
{
if ask_yesno "Do you want to (re)-configure your networking?"
then
interactive_runtime_network
else
infofy "Ok. skipping network config"
fi
}
worker_runtime_svn ()
{
SVN_USERNAME=dieter
ask_password svn #TODO: if user entered incorrect password, the install process will just fail..
SVN="svn --username $SVN_USERNAME --password $SVN_PASSWORD"
SVN_BASE=https://192.168.1.2/svn/repos
ask_string "Which host are you installing?" desktop-a7nx8
TARGET_HOST=$ANSWER_STRING #TODO: allow passing cmdline argument (and check with svn info). handle -z $ANSWER_STRING
_accept_ssl_cert
}
worker_prepare_disks ()
{
modprobe dm-crypt || die_error "Cannot modprobe dm-crypt"
modprobe -q aes-x86-64 || modprobe aes-i586 || die_error "Cannot modprobe aes-x86-64 or aes-i586"
# Cleanup whatever state the disk is in (that includes previous, failed runs of this script)
umount /dev/mapper/cryptpool-* 2>/dev/null
vgremove -f cryptpool 2>/dev/null
pvremove /dev/mapper/sda2_crypt 2>/dev/null
cryptsetup luksClose sda2_crypt 2>/dev/null
dd if=/dev/urandom of=/dev/sda bs=512 count=1
#TODO: integrate this stuff into the functions in the libs (process_partitions and filesystems, rollback and bailout if needed) + do error checking and handling
#NOTE: i don't think i should quote to prevent globbing, but it does seem to help i think (hard to check as resource is busy and you can't reload kernel partition tables)
sfdisk /dev/sda 2>&1 | grep -v 'not have an msdos signature' << EOF
,10,L,'*'
,,L
EOF
[ $? -gt 0 ] && die_error "Could not sfdisk /dev/sda. Return code is $?"
#TODO: when sfdisk is done, i still have an invalid partition table?
cryptsetup --batch-mode -c aes-xts-plain -y -s 512 luksFormat /dev/sda2 || die_error "Cannot cryptsetup luksFormat /dev/sda2"
cryptsetup luksOpen /dev/sda2 sda2_crypt || die_error "Cannot cryptsetup luksOpen /dev/sda2"
pvcreate /dev/mapper/sda2_crypt || die_error "Cannot pvcreate the PV on the encrypted blockdevice"
vgcreate cryptpool /dev/mapper/sda2_crypt || die_error "Cannot create the VG an the PV on the encrypted blockdevice"
lvcreate -L 2G -n swap cryptpool && \
lvcreate -L 500M -n tmp cryptpool && \
lvcreate -L 10G -n home cryptpool && \
lvcreate -L 10G -n root cryptpool && \
lvcreate -L 3G -n var cryptpool || die_error "Could not create at least one of the LV's"
for i in home root tmp var
do
mkdir -p $var_TARGET_DIR/$i
mke2fs -j /dev/cryptpool/$i && mount /dev/cryptpool/$i $var_TARGET_DIR/$i || die_error "Could not format or mount $var_TARGET_DIR/$i"
done
# TODO: swapon the thing and don't forget to swapoff it in the cleanup part above
# TODO: fstab? auto-add to fstab with libs? auto mkdir's on target_dir?
true
}
worker_package_list ()
{
$SVN export $SVN_BASE/ddm-configs/$TARGET_HOST/trunk/package-list $var_PKG_FILE || die_error "Could not export package list!"
# cat -> there are newlines in it -> var=`echo $var` -> not anymore :)
TARGET_PACKAGES=`cat $var_PKG_FILE` && TARGET_PACKAGES=`echo $TARGET_PACKAGES` || die_error "Could not cat package list. THIS SHOULD NEVER HAPPEN."
true
}
worker_install_packages ()
{
target_prepare_pacman core extra community #TODO: it would be better if this was a separate worker, i think
[ -z "$TARGET_PACKAGES" ] && die_error "No packages listed to be installed!"
installpkg
}
worker_configure_home ()
{
#checkout from svn
true
}
worker_set_clock ()
{
#timezone="Europe/Brussels"
#Not doing anything. hwclock is set already and configs are coming from svn anyway..
true
}
worker_install_bootloader ()
{
install-grub /dev/sda
}
worker_runtime_yaourt ()
{
_yaourt_replace_pacman
}
|