Updated LUKS procedures, and added UKI
This commit is contained in:
parent
695953ed51
commit
dbc8922d77
SSH key fingerprint:
SHA256:1TKB8Z257L8EHK8GWNxKgMhD8a+FAR+f+j3nnlcuNVM
1 changed files with 74 additions and 26 deletions
|
|
@ -35,9 +35,10 @@ function show_help() {
|
|||
echo "-c, --compression Enable BtrFS compression."
|
||||
echo "-s, --swap Enable Swap/Hibernation support."
|
||||
echo "-d, --debug Enable DEBUG mode for testing."
|
||||
echo "-m, --mount Mount an existing install."
|
||||
echo ""
|
||||
echo "--stage <stage> Installation using stagefile <stage>, for stage3 or stage4"
|
||||
echo "--mount Mount partitions/subvolumes only. Useful for development or recovery"
|
||||
echo "--umount Unmount partitions/subvolumes only"
|
||||
echo "--clean Cleanup disk for clean slate"
|
||||
exit 0
|
||||
}
|
||||
|
|
@ -64,21 +65,38 @@ function prepare_disk() {
|
|||
fi
|
||||
|
||||
if [[ "$ENCRYPTION" ]]; then
|
||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||
mklabel gpt \
|
||||
mkpart primary 1MiB 100MiB \
|
||||
mkpart primary 100MiB 2048MiB \
|
||||
mkpart primary 2148MiB -2048s \
|
||||
set 1 esp
|
||||
if [[ "$UKI" ]]; then
|
||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||
mklabel gpt \
|
||||
mkpart primary 1MiB 2048MiB \
|
||||
mkpart primary 2048MiB 3072MiB \
|
||||
mkpart primary 3072MiB -2048s \
|
||||
set 1 esp
|
||||
else
|
||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||
mklabel gpt \
|
||||
mkpart primary 1MiB 100MiB \
|
||||
mkpart primary 100MiB 2048MiB \
|
||||
mkpart primary 2148MiB -2048s \
|
||||
set 1 esp
|
||||
fi
|
||||
#mkfs.vfat -F 32 -n "EFI" "$RootPart"
|
||||
#mkfs.ext4 -L "Boot" -m 0 "$EFIPart"
|
||||
#mkfs.btrfs -L "System" "$RootPart"
|
||||
else
|
||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||
mklabel gpt \
|
||||
mkpart primary 1MiB 100MiB \
|
||||
mkpart primary 100MiB -2048s \
|
||||
set 1 esp
|
||||
if [[ "$UKI" ]]; then
|
||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||
mklabel gpt \
|
||||
mkpart primary 1MiB 2048MiB \
|
||||
mkpart primary 2048MiB -2048s \
|
||||
set 1 esp
|
||||
else
|
||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||
mklabel gpt \
|
||||
mkpart primary 1MiB 100MiB \
|
||||
mkpart primary 100MiB -2048s \
|
||||
set 1 esp
|
||||
fi
|
||||
#mkfs.vfat -F 32 -n "EFI" "$RootPart"
|
||||
#mkfs.btrfs -L "System" "$RootPart"
|
||||
fi
|
||||
|
|
@ -219,7 +237,8 @@ function prepare_target() {
|
|||
|
||||
function stage_step() {
|
||||
local s4file SwapUUID SwapOffset
|
||||
local cmd
|
||||
local luksUUID rootUUID rootmount
|
||||
local cmd rd ramdisk
|
||||
|
||||
if [[ "$DEBUG" ]]; then
|
||||
cmd="echo"
|
||||
|
|
@ -250,10 +269,27 @@ function stage_step() {
|
|||
|
||||
if [[ "$ENCRYPTION" ]]; then
|
||||
eval "$(blkid -p --output export "$RootPart" | grep UUID)"
|
||||
luksUUID="$UUID"
|
||||
rootmount="/dev/mapper/luksvol"
|
||||
eval "$(blkid -p --output export "$rootmount" | grep UUID)"
|
||||
rootUUID="$UUID"
|
||||
|
||||
${cmd} mkdir /mnt/gentoo/etc/dracut.d
|
||||
|
||||
if [[ "$DEBUG" ]]; then
|
||||
echo "echo \"luksvol UUID=$UUID none luks\" >> /mnt/gentoo/etc/crypttab"
|
||||
echo "echo \"luksvol UUID=\"$luksUUID\" none luks\" >> /mnt/gentoo/etc/crypttab"
|
||||
if [[ ! -d "/mnt/gentoo/etc/dracut.conf.d" ]]; then
|
||||
echo "mkdir /mnt/gentoo/etc/dracut.conf.d &>/dev/null"
|
||||
echo "echo \"add_dracutmodules+=\\\" crypt dm rootfs-block \\\" > /mnt/gentoo/etc/dracut.conf.d/luks.conf"
|
||||
echo "echo \"kernel_cmdline+=\\\" root=UUID=$rootUUID rd.luks.uuid=$luksUUID \\\" >> /mnt/gentoo/etc/dracut.conf.d/luks.conf"
|
||||
fi
|
||||
else
|
||||
echo "luksvol UUID=$UUID none luks" >> /mnt/gentoo/etc/crypttab
|
||||
echo "luksvol UUID=$luksUUID none luks" >> /mnt/gentoo/etc/crypttab
|
||||
if [[ ! -d "/mnt/gentoo/etc/dracut.conf.d" ]]; then
|
||||
mkdir /mnt/gentoo/etc/dracut.d &>/dev/null
|
||||
echo "add_dracutmodules+=\" crypt dm rootfs-block \"" > /mnt/gentoo/etc/dracut.conf.d/luks.conf
|
||||
echo "kernel_cmdline+=\" root=UUID=$rootUUID rd.luks.uuid=$luksUUID " >> /mnt/gentoo/etc/dracut.conf.d/luks.conf
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
@ -268,10 +304,18 @@ function stage_step() {
|
|||
${cmd} sed -i "s/^#GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT=\"resume=${SwapUUID} resume_offset=${SwapOffset}\"/g" /mnt/gentoo/etc/default/grub
|
||||
fi
|
||||
|
||||
arch-chroot /mnt/gentoo emerge --sync
|
||||
arch-chroot /mnt/gentoo grub-install --efi-directory=/efi
|
||||
if [[ -f "/mnt/gentoo/etc/machine-id" ]]; then
|
||||
${cmd} rm -f /mnt/gentoo/etc/machine-id
|
||||
fi
|
||||
${cmd} arch-chroot /mnt/gentoo systemd-machine-id-setup
|
||||
${cmd} arch-chroot /mnt/gentoo emerge --sync
|
||||
${cmd} arch-chroot /mnt/gentoo grub-install --efi-directory=/efi
|
||||
#arch-chroot /mnt/gentoo dracut --host-only
|
||||
arch-chroot /mnt/gentoo grub-mkconfig -o /boot/grub/grub.cfg
|
||||
while read -r rd; do
|
||||
rd="$(basename "$rd")"
|
||||
${cmd} arch-chroot --force "/boot/initramfs-${rd}.img" --kver "$rd"
|
||||
done < <(find /mnt/gentoo/lib/modules -mindepth 1 -maxdepth 1 -type d)
|
||||
${cmd} arch-chroot /mnt/gentoo grub-mkconfig -o /boot/grub/grub.cfg
|
||||
}
|
||||
|
||||
function show_options() {
|
||||
|
|
@ -436,23 +480,27 @@ declare INSTALL_MODE="normal"
|
|||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case $1 in
|
||||
-h|--help)
|
||||
show_help
|
||||
-c|--compression)
|
||||
COMPRESSION=true
|
||||
shift
|
||||
;;
|
||||
-d|--debug)
|
||||
DEBUG=true
|
||||
shift
|
||||
;;
|
||||
-e|--encryption)
|
||||
ENCRYPTION=true
|
||||
shift
|
||||
;;
|
||||
-c|--compression)
|
||||
COMPRESSION=true
|
||||
shift
|
||||
;;
|
||||
-h|--help)
|
||||
show_help
|
||||
;;
|
||||
-s|--swap)
|
||||
SWAP=true
|
||||
shift
|
||||
;;
|
||||
-d|--debug)
|
||||
DEBUG=true
|
||||
-u|--uki)
|
||||
UKI=true
|
||||
shift
|
||||
;;
|
||||
--mount)
|
||||
|
|
|
|||
Loading…
Reference in a new issue