Updated LUKS procedures, and added UKI
This commit is contained in:
parent
695953ed51
commit
dbc8922d77
1 changed files with 74 additions and 26 deletions
|
@ -35,9 +35,10 @@ function show_help() {
|
||||||
echo "-c, --compression Enable BtrFS compression."
|
echo "-c, --compression Enable BtrFS compression."
|
||||||
echo "-s, --swap Enable Swap/Hibernation support."
|
echo "-s, --swap Enable Swap/Hibernation support."
|
||||||
echo "-d, --debug Enable DEBUG mode for testing."
|
echo "-d, --debug Enable DEBUG mode for testing."
|
||||||
echo "-m, --mount Mount an existing install."
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "--stage <stage> Installation using stagefile <stage>, for stage3 or stage4"
|
echo "--stage <stage> Installation using stagefile <stage>, for stage3 or stage4"
|
||||||
|
echo "--mount Mount partitions/subvolumes only. Useful for development or recovery"
|
||||||
|
echo "--umount Unmount partitions/subvolumes only"
|
||||||
echo "--clean Cleanup disk for clean slate"
|
echo "--clean Cleanup disk for clean slate"
|
||||||
exit 0
|
exit 0
|
||||||
}
|
}
|
||||||
|
@ -64,21 +65,38 @@ function prepare_disk() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "$ENCRYPTION" ]]; then
|
if [[ "$ENCRYPTION" ]]; then
|
||||||
|
if [[ "$UKI" ]]; then
|
||||||
|
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||||
|
mklabel gpt \
|
||||||
|
mkpart primary 1MiB 2048MiB \
|
||||||
|
mkpart primary 2048MiB 3072MiB \
|
||||||
|
mkpart primary 3072MiB -2048s \
|
||||||
|
set 1 esp
|
||||||
|
else
|
||||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||||
mklabel gpt \
|
mklabel gpt \
|
||||||
mkpart primary 1MiB 100MiB \
|
mkpart primary 1MiB 100MiB \
|
||||||
mkpart primary 100MiB 2048MiB \
|
mkpart primary 100MiB 2048MiB \
|
||||||
mkpart primary 2148MiB -2048s \
|
mkpart primary 2148MiB -2048s \
|
||||||
set 1 esp
|
set 1 esp
|
||||||
|
fi
|
||||||
#mkfs.vfat -F 32 -n "EFI" "$RootPart"
|
#mkfs.vfat -F 32 -n "EFI" "$RootPart"
|
||||||
#mkfs.ext4 -L "Boot" -m 0 "$EFIPart"
|
#mkfs.ext4 -L "Boot" -m 0 "$EFIPart"
|
||||||
#mkfs.btrfs -L "System" "$RootPart"
|
#mkfs.btrfs -L "System" "$RootPart"
|
||||||
|
else
|
||||||
|
if [[ "$UKI" ]]; then
|
||||||
|
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||||
|
mklabel gpt \
|
||||||
|
mkpart primary 1MiB 2048MiB \
|
||||||
|
mkpart primary 2048MiB -2048s \
|
||||||
|
set 1 esp
|
||||||
else
|
else
|
||||||
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
${cmd} parted --script --align=optimal -- "$RootDisk" \
|
||||||
mklabel gpt \
|
mklabel gpt \
|
||||||
mkpart primary 1MiB 100MiB \
|
mkpart primary 1MiB 100MiB \
|
||||||
mkpart primary 100MiB -2048s \
|
mkpart primary 100MiB -2048s \
|
||||||
set 1 esp
|
set 1 esp
|
||||||
|
fi
|
||||||
#mkfs.vfat -F 32 -n "EFI" "$RootPart"
|
#mkfs.vfat -F 32 -n "EFI" "$RootPart"
|
||||||
#mkfs.btrfs -L "System" "$RootPart"
|
#mkfs.btrfs -L "System" "$RootPart"
|
||||||
fi
|
fi
|
||||||
|
@ -219,7 +237,8 @@ function prepare_target() {
|
||||||
|
|
||||||
function stage_step() {
|
function stage_step() {
|
||||||
local s4file SwapUUID SwapOffset
|
local s4file SwapUUID SwapOffset
|
||||||
local cmd
|
local luksUUID rootUUID rootmount
|
||||||
|
local cmd rd ramdisk
|
||||||
|
|
||||||
if [[ "$DEBUG" ]]; then
|
if [[ "$DEBUG" ]]; then
|
||||||
cmd="echo"
|
cmd="echo"
|
||||||
|
@ -250,10 +269,27 @@ function stage_step() {
|
||||||
|
|
||||||
if [[ "$ENCRYPTION" ]]; then
|
if [[ "$ENCRYPTION" ]]; then
|
||||||
eval "$(blkid -p --output export "$RootPart" | grep UUID)"
|
eval "$(blkid -p --output export "$RootPart" | grep UUID)"
|
||||||
|
luksUUID="$UUID"
|
||||||
|
rootmount="/dev/mapper/luksvol"
|
||||||
|
eval "$(blkid -p --output export "$rootmount" | grep UUID)"
|
||||||
|
rootUUID="$UUID"
|
||||||
|
|
||||||
|
${cmd} mkdir /mnt/gentoo/etc/dracut.d
|
||||||
|
|
||||||
if [[ "$DEBUG" ]]; then
|
if [[ "$DEBUG" ]]; then
|
||||||
echo "echo \"luksvol UUID=$UUID none luks\" >> /mnt/gentoo/etc/crypttab"
|
echo "echo \"luksvol UUID=\"$luksUUID\" none luks\" >> /mnt/gentoo/etc/crypttab"
|
||||||
|
if [[ ! -d "/mnt/gentoo/etc/dracut.conf.d" ]]; then
|
||||||
|
echo "mkdir /mnt/gentoo/etc/dracut.conf.d &>/dev/null"
|
||||||
|
echo "echo \"add_dracutmodules+=\\\" crypt dm rootfs-block \\\" > /mnt/gentoo/etc/dracut.conf.d/luks.conf"
|
||||||
|
echo "echo \"kernel_cmdline+=\\\" root=UUID=$rootUUID rd.luks.uuid=$luksUUID \\\" >> /mnt/gentoo/etc/dracut.conf.d/luks.conf"
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
echo "luksvol UUID=$UUID none luks" >> /mnt/gentoo/etc/crypttab
|
echo "luksvol UUID=$luksUUID none luks" >> /mnt/gentoo/etc/crypttab
|
||||||
|
if [[ ! -d "/mnt/gentoo/etc/dracut.conf.d" ]]; then
|
||||||
|
mkdir /mnt/gentoo/etc/dracut.d &>/dev/null
|
||||||
|
echo "add_dracutmodules+=\" crypt dm rootfs-block \"" > /mnt/gentoo/etc/dracut.conf.d/luks.conf
|
||||||
|
echo "kernel_cmdline+=\" root=UUID=$rootUUID rd.luks.uuid=$luksUUID " >> /mnt/gentoo/etc/dracut.conf.d/luks.conf
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -268,10 +304,18 @@ function stage_step() {
|
||||||
${cmd} sed -i "s/^#GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT=\"resume=${SwapUUID} resume_offset=${SwapOffset}\"/g" /mnt/gentoo/etc/default/grub
|
${cmd} sed -i "s/^#GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT=\"resume=${SwapUUID} resume_offset=${SwapOffset}\"/g" /mnt/gentoo/etc/default/grub
|
||||||
fi
|
fi
|
||||||
|
|
||||||
arch-chroot /mnt/gentoo emerge --sync
|
if [[ -f "/mnt/gentoo/etc/machine-id" ]]; then
|
||||||
arch-chroot /mnt/gentoo grub-install --efi-directory=/efi
|
${cmd} rm -f /mnt/gentoo/etc/machine-id
|
||||||
|
fi
|
||||||
|
${cmd} arch-chroot /mnt/gentoo systemd-machine-id-setup
|
||||||
|
${cmd} arch-chroot /mnt/gentoo emerge --sync
|
||||||
|
${cmd} arch-chroot /mnt/gentoo grub-install --efi-directory=/efi
|
||||||
#arch-chroot /mnt/gentoo dracut --host-only
|
#arch-chroot /mnt/gentoo dracut --host-only
|
||||||
arch-chroot /mnt/gentoo grub-mkconfig -o /boot/grub/grub.cfg
|
while read -r rd; do
|
||||||
|
rd="$(basename "$rd")"
|
||||||
|
${cmd} arch-chroot --force "/boot/initramfs-${rd}.img" --kver "$rd"
|
||||||
|
done < <(find /mnt/gentoo/lib/modules -mindepth 1 -maxdepth 1 -type d)
|
||||||
|
${cmd} arch-chroot /mnt/gentoo grub-mkconfig -o /boot/grub/grub.cfg
|
||||||
}
|
}
|
||||||
|
|
||||||
function show_options() {
|
function show_options() {
|
||||||
|
@ -436,23 +480,27 @@ declare INSTALL_MODE="normal"
|
||||||
|
|
||||||
while [[ $# -gt 0 ]]; do
|
while [[ $# -gt 0 ]]; do
|
||||||
case $1 in
|
case $1 in
|
||||||
-h|--help)
|
-c|--compression)
|
||||||
show_help
|
COMPRESSION=true
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
-d|--debug)
|
||||||
|
DEBUG=true
|
||||||
|
shift
|
||||||
;;
|
;;
|
||||||
-e|--encryption)
|
-e|--encryption)
|
||||||
ENCRYPTION=true
|
ENCRYPTION=true
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
-c|--compression)
|
-h|--help)
|
||||||
COMPRESSION=true
|
show_help
|
||||||
shift
|
|
||||||
;;
|
;;
|
||||||
-s|--swap)
|
-s|--swap)
|
||||||
SWAP=true
|
SWAP=true
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
-d|--debug)
|
-u|--uki)
|
||||||
DEBUG=true
|
UKI=true
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--mount)
|
--mount)
|
||||||
|
|
Loading…
Reference in a new issue