commit 8575854324756b0ee278a1f2df10e2da40ac38a0 Author: teldra Date: Thu Dec 9 23:11:49 2021 +0100 A new start diff --git a/config b/config new file mode 100644 index 0000000..0542009 --- /dev/null +++ b/config @@ -0,0 +1,17 @@ +lastminute() { + echo lastminute + #addpkg vlc + #servicesenable sshd + #servicesdisable sshd + #ignorepkg openssh + #removepkg mpv +} + +os_config() { + echo os config + addpkg tmux starship vivid browserpass nfs-utils chezmoi pipewire alsa-pipewire libjack-pipewire libspa-v4l2 pass xclip + addpkg zsh zsh-autosuggestions zsh-completions zsh-history-substring-search zsh-syntax-highlighting google-fonts-ttf + addpkg tigervnc keychain youtube-dl buku i3status-rust aria2 zenity + servicesenable sshd + removepkg i3status +} diff --git a/files/bash/editor.sh b/files/bash/editor.sh new file mode 100644 index 0000000..ebf10a7 --- /dev/null +++ b/files/bash/editor.sh @@ -0,0 +1,13 @@ +if command -v nano > /dev/null; then + e=nano +elif command -v nvim > /dev/null; then + e=nvim +elif command -v vim > /dev/null; then + e=vim +fi + +export EDITOR="${e}" +export VISUAL="${e}" +export SUDO_EDITOR="${e}" +unset e + diff --git a/files/bash/xbps-aliase.sh b/files/bash/xbps-aliase.sh new file mode 100644 index 0000000..e48fac0 --- /dev/null +++ b/files/bash/xbps-aliase.sh @@ -0,0 +1,15 @@ +[ "$(id -u)" -eq 0 ] && return +alias xu="sudo void-update" +alias xr="sudo xbps-remove -R" +alias xs="xbps-query -Rs" +alias backup="sudo void-backup" +alias snapshot="sudo void-snapshot" + +echo "xu = sudo void-update updaten" +echo "xi = sudo xbps-install -S installieren" +echo "xr = sudo xbps-remove -R deinstallieren" +echo "xs = xbps-query -Rs suchen" +echo "" +echo "backup backup machen" +echo "snapshot snapshots einstellen" +echo "" diff --git a/files/bin/joinvpn b/files/bin/joinvpn new file mode 100644 index 0000000..756b058 --- /dev/null +++ b/files/bin/joinvpn @@ -0,0 +1,41 @@ +#!/bin/bash +basewgfolder="/etc/wireguard" + +if [ $UID -ne 0 ]; then + echo "Keine Rootrechte" + exit 1 +fi +umask 0077 +mkdir -p "${basewgfolder}/wg0" +cd "${basewgfolder}/wg0" + + +if [[ -f "${basewgfolder}/wg0/privkey" ]]; then + read -p "Address: " ADDRESS + read -p "PublicKey: " PUBKEY_SERVER + read -p "Endpoint: " ENDPOINT + read -p "Port: " PORT + { echo "[Interface]"; + echo "Address = ${ADDRESS}"; + echo "PostUp = wg set %i private-key /etc/wireguard/wg0/wg0.key <(cat /etc/wireguard/wg0/privkey)"; + echo "[Peer]"; + echo "PublicKey = ${PUBKEY_SERVER}"; + echo "Endpoint = ${ENDPOINT}:${PORT}"; + echo "AllowedIPs = fd23::23:0:0/96"; + echo "PresharedKey = $(cat psk)"; + echo "PersistentKeepalive = 25"; } > "${basewgfolder}/wg0.conf" +else + test -f privkey || wg genkey > privkey + test -f pubkey || wg pubkey < privkey > pubkey + test -f psk || wg genpsk > psk + echo "Frage O nach den den folgenden Daten und wenn du sie hast, starte das hier nochmal" + echo "Address" + echo "PublicKey" + echo "Endpoint" + echo "Port" + echo "" + echo "Schicke ihm verschlüsselt (Jabber oder Email) folgende Daten:" + echo "PublicKey = $(cat pubkey)" + echo "PresharedKey = $(cat psk)" + echo "Hostname = ${HOSTNAME}" +fi diff --git a/files/bin/pinentry-chooser b/files/bin/pinentry-chooser new file mode 100755 index 0000000..1e90e90 --- /dev/null +++ b/files/bin/pinentry-chooser @@ -0,0 +1,22 @@ +#!/bin/sh + +case $PINENTRY_USER_DATA in +tty) + exec pinentry-curses "$@" + ;; +*) + if ! test -x ~/.config/pinentry; then + for i in pinentry-kwallet pinentry-qt pinentry-gnome3 pinentry-gtk-2 pinentry-emacs pinentry-dmenu pinentry-curses pinentry-tty; do + if command -v "${i}" > /dev/null; then + echo "#!/bin/sh" > ~/.config/pinentry + echo "${i} \${@}" >> ~/.config/pinentry + chmod +x ~/.config/pinentry + break + fi + done + fi + + exec ~/.config/pinentry "$@" + ;; +esac + diff --git a/files/bin/void-backup b/files/bin/void-backup new file mode 100644 index 0000000..fdcb835 --- /dev/null +++ b/files/bin/void-backup @@ -0,0 +1,132 @@ +#!/bin/bash +export LANG="en_US.UTF-8" +backupcfg="/etc/backup.cfg" +ziel="/var/lib/backup/ziel" +cfg="/etc/btrbk/btrbk.conf.void" + +fhelp() { + echo "Nutze es so:" + echo "sudo backup" + echo "sudo backup poweroff (um den Rechner nach dem Backup herunterzufahren.)" + #echo "sudo backup update (um den Rechner nach dem Backup up zu daten.)" + #echo "update und poweroff sind mixbar" + echo "sudo backup passwd (um das Passwort für die Backupfestplatte zu ändern.)" +} + +if [ "${UID}" -ne "0" ]; then + echo "Keine Rootrechte." + exit 1 +fi + +for argval in "$@" +do + case "${argval}" in + power|poweroff|p) + poweroff=y + ;; + help|-h|--help|h) + fhelp + exit + ;; + update) update=y ;; + passwd) passwd=y ;; + clean) do=clean ;; + run) do=run ;; + esac +done + +test -z "${do}" && do=run + +if [[ ! -f /etc/btrbk/btrbk.conf ]]; then + if [[ -f "${backupcfg}" ]]; then + source "${backupcfg}" + else + echo "${backupcfg} fehlt." + echo "Diese Datei wird normalerweise durch \`void-createbackupcontainer\`" + echo "angelegt. Bitte Sprich mit deinem Systemadministrator." + fi + + if [ -z "${UUID}" ]; then + echo "Keine Backupplatte angegeben." + exit 1 + fi + + if [ ! -e "/dev/disk/by-uuid/${UUID}" ]; then + echo "Bitte Backupfestplatte anschliessen." + exit 1 + fi + + if [ -e /tmp/backup ]; then + echo "Es läuft schon ein Backupvorgang oder wurde nicht richtig beendet." + echo "Bei letzterem: 'sudo rm -rf /tmp/backup'" + exit 1 + fi + touch /tmp/backup + + if [[ "${passwd}" == "y" ]]; then + cryptsetup luksChangeKey "/dev/disk/by-uuid/${UUID}" + rm -rf /tmp/backup + exit 0 + fi + + function finish { + sync + if [ "${poweroff}" = "y" ]; then + shutdown -h now + fi + sleep 4 + umount "${ziel}" + echo " " + echo " " + if [[ "${MOUNTEDBY}" == "script" ]]; then + cryptsetup close "luks-${UUID}" + echo "Festplatte kann nun sicher entfernt werden." + elif [[ "${MOUNTEDBY}" == "de" ]]; then + echo "Festplatte bitte mit der grafischen Oberflaeche auswerfen (wie ein USB-Stick)" + echo "" + echo "oder:" + echo "sudo umount /dev/mapper/luks-${UUID}" + echo "sudo cryptsetup close luks-${UUID}" + echo "" + fi + rm -rf /tmp/backup + echo "FERTIG" + + } + trap finish EXIT + + if mountpoint -q -x "/dev/mapper/luks-${UUID}" > /dev/null; then + MOUNTEDBY="de" + else + if ! cryptsetup open UUID="${UUID}" "luks-${UUID}"; then + echo "Konnte /dev/disk/by-uuid/${UUID} nicht öffnen." + exit + fi + MOUNTEDBY="script" + fi + + if ! mount "/dev/mapper/luks-${UUID}" "${ziel}"; then + echo "Konnte /dev/mapper/luks-${UUID} in ${ziel} nicht mounten." + exit + fi +else + cfg="/etc/btrbk/btrbk.conf" +fi + +if mountpoint -q /var/lib/backup/quelle/bootfs; then + mkdir -p /var/lib/backup/quelle/bootfs/system/backup "/var/lib/backup/ziel/void/bootfs" + boot="backupboot" +fi + +mkdir -p /var/lib/backup/quelle/rootfs/system/backup "/var/lib/backup/ziel/void/rootfs" "/var/lib/backup/ziel/void/homefs" +for t in backup "${boot}"; do + if [[ "${t}" ]]; then + btrbk --config="${cfg}" --progress --quiet clean "${t}" + if ! btrbk --config="${cfg}" --progress --quiet "${do}" "${t}"; then + btrbk --config="${cfg}" --progress --quiet clean + echo "Wegen Fehler nicht herunterfahren." + poweroff=n + exit + fi + fi +done diff --git a/files/bin/void-createbackupcontainer b/files/bin/void-createbackupcontainer new file mode 100644 index 0000000..1497ab9 --- /dev/null +++ b/files/bin/void-createbackupcontainer @@ -0,0 +1,95 @@ +#!/bin/bash +backupcfg="/etc/backup.cfg" + +if [ $UID -ne 0 ]; then + echo "Keine Rootrechte." + exit 1 +fi + +#test -f "${backupcfg}" && echo "${backupcfg} existiert" && exit 1 + +# find all disks +declare -A disk_tmp=() +declare -A disk=() +index=0 +for i in $(find /dev/disk/by-id/ -type l -printf "%P\n" | grep usb | grep -v part | tac ); do + name="$(readlink -f /dev/disk/by-id/"${i}")" + if [[ "${name}" =~ *"^[0-9]+$"* ]]; then + continue + fi + if [[ "${name}" == *"dm"* ]]; then + continue + fi + if [[ "${name}" == *"/dev/sr"* ]]; then + continue + fi + if blkid "${name}"|grep -q UUID; then + size="$(fdisk -l "${name}" | head -n1 | awk '{print $3}')" + else + continue + fi + size=$(awk "BEGIN { printf(\"%.0f\n\", ${size}); }") + uuid=$(blkid -o value -s UUID ${name}) + index=$(( index + 1 )) + disk_tmp+=( [${index}.id]="${i}" [${index}.name]="${name}" [${index}.uuid]="${uuid}" [${index}.size]="${size}" ) +done +disk_tmp+=( [count]="${index}" ) + +if [[ "${disk_tmp[count]}" -eq 0 ]]; then + echo "No Disk attached." + exit 1 +fi +# show devices +echo "Devices:" +for i in $(seq 1 "${disk_tmp[count]}"); do + echo "${disk_tmp[${i}.id]}" + echo " - uuid: ${disk_tmp[${i}.uuid]}" + echo " - name: ${disk_tmp[${i}.name]}" + echo " - size: ${disk_tmp[${i}.size]}" +done + +# choose device +found= +while read -p "Which Device? [${disk_tmp[1.uuid]}]: " output; do + test -z "${output}" && output="${disk_tmp[1.uuid]}" + for i in $(seq 1 "${disk_tmp[count]}"); do + if [[ "${disk_tmp[${i}.id]}" == "${output}" ]] || [[ "${disk_tmp[${i}.name]}" == "${output}" ]] || [[ "${disk_tmp[${i}.uuid]}" == "${output}" ]]; then + found=1 + id="${disk_tmp[${i}.id]}" + break + fi + done + [[ "${found}" ]] && break + echo "${output} not found" +done + +echo "g +n +1 + + +w +q" | fdisk "/dev/disk/by-id/${id}" + +UUID=$(blkid -o value -s UUID "/dev/disk/by-id/${id}-part1") + +if ! cryptsetup luksFormat UUID="${UUID}"; then + echo "Konnte /dev/disk/by-uuid/${UUID} nicht verschluesseln." + exit 1 +else + if ! cryptsetup open UUID="${UUID}" "luks-${UUID}"; then + echo "Konnte /dev/disk/by-uuid/${UUID} nicht verschluesseln." + exit 1 + fi +fi + +if ! mkfs.btrfs -f "/dev/mapper/luks-${UUID}"; then + echo "Konnte /dev/mapper/luks-${UUID} nicht formatieren" + exit 1 +fi + +cryptsetup close "luks-${UUID}" + +echo "UUID=\"${UUID}\"" > "${backupcfg}" + +echo "Erstellen des Containers fertig." diff --git a/files/bin/void-snapshot b/files/bin/void-snapshot new file mode 100644 index 0000000..579137c --- /dev/null +++ b/files/bin/void-snapshot @@ -0,0 +1,85 @@ +#!/bin/bash +if [ "${UID}" -ne "0" ]; then + echo "Keine Rootrechte." + exit 1 +fi + +infos() { + echo "Snapshots sind Kopien der Dateien die keinen zusätzlichen Platz" + echo "benötigen." + echo "" + echo "Es wird bei jedem Update vom Betriebsystem ein Snapshot angelegt." + echo "Es wird jede volle Stunde vom Betriebsystem ein Snapshot angelegt." + echo "So ist das Betriebssystem auch bei Problemen bootbar." + echo "" + echo "Optional kann auch jede Stunde ein Snapshot der persönlichen Daten" + echo "angelegt werden. Dann verliert man bei versehentlichem löschen" + echo "maximal die Arbeit einer Stunde." + echo "Dafür folgendes im Terminal ausführen:" + echo 'echo REGULAR_SNAPSHOT_HOME=1 | sudo tee -a /etc/void-snapshot.cfg' + echo "" + echo "Nur für Experten:" + echo 'echo NO_UPDATE_GRUB=1 | sudo tee -a /etc/void-snapshot.cfg' +} + +cron="" +update="" +case $1 in + update) + update=1 + word="update" + ;; + cron) + cron=1 + word="regular" + ;; + *) + infos + exit + ;; +esac + +if [ "$#" -eq "0" ]; then + infos + exit +fi + +cfg="/etc/btrbk/btrbk.conf.void" +test -f "/etc/btrbk/btrbk.conf" && cfg="/etc/btrbk/btrbk.conf" + +if mountpoint -q /var/lib/backup/quelle/bootfs; then + mkdir -p "/var/lib/backup/quelle/bootfs/system/snapshots/${word}" + if ! btrbk --config="${cfg}" --quiet run "${word}boot"; then + btrbk --config="${cfg}" --quiet clean "${word}boot" + echo "fail: btrbk --config=${cfg} --quiet run ${word}boot" + exit + fi +fi + +mkdir -p "/var/lib/backup/quelle/rootfs/system/snapshots/${word}" +if ! btrbk --config="${cfg}" --quiet run "${word}root"; then + btrbk --config="${cfg}" --quiet clean "${word}root" + echo "fail: btrbk --config=${cfg} --quiet run ${word}root" + exit +fi + +test -f /etc/void-snapshot.cfg && . /etc/void-snapshot.cfg + +if [[ -z "${NO_UPDATE_GRUB}" ]]; then + if ! update-grub 2> /dev/null; then + echo update-grub failed + exit + fi +fi + +if [ "${cron}" ]; then + if [ "${REGULAR_SNAPSHOT_HOME}" ]; then + mkdir -p "/var/lib/backup/quelle/rootfs/system/snapshots/${word}" + if ! btrbk --config="${cfg}" --quiet run "${word}home"; then + btrbk --config="${cfg}" --quiet clean "${word}home" + echo "fail: btrbk --config=${cfg} --quiet clean ${word}home" + exit + fi + fi +fi + diff --git a/files/bin/void-update b/files/bin/void-update new file mode 100755 index 0000000..9a3198c --- /dev/null +++ b/files/bin/void-update @@ -0,0 +1,74 @@ +#!/bin/bash + +if [ $UID -ne 0 ]; then + echo "Keine Rootrechte." + exit 1 +fi + +RESTART="" + +set -Eeuo pipefail + +RESTART= +echo "Synchronisiere Repositorys." +xbps-install -S > /dev/null + +#mapfile -t updatedpkgs < <(xbps-install -un|awk '{print $1}') +updatedpkgs="$(xbps-install -un|awk '{print $1}')" + +if [[ -z "${updatedpkgs}" ]]; then + echo "Keine Updates" + exit +else + echo "${updatedpkgs}" + echo "Es sind Updates da!" + while read -p "Installieren? [Y/n] " answer; do + test -z "${answer}" && answer="y" + case "${answer}" in + n*|N*|*o|*O) + exit + ;; + y*|Y*|j*|J*) + break + ;; + esac + done + if grep -q -Pe '^(?!.*linux-).*^linux' <<< "${updatedpkgs}"; then + RESTART=1 + fi +fi + +echo "Lege Snapshot an." +void-snapshot update + +echo "Entferne nicht benutzte Pakete." +xbps-remove -oy > /dev/null + +echo "Räume den Cache auf." +xbps-remove -Oy > /dev/null + +echo "Installiere Updates." +if ! xbps-install -uy; then + echo "Update failed." + exit +fi + +if [[ "$RESTART" ]]; then + echo "Lösche alte Kernel." + vkpurge list | head -n -1 | xargs -r vkpurge rm +else + echo "Überprüfe ob neustart notwenidig ist." + if [[ "$(xcheckrestart)" ]]; then + RESTART=1 + fi +fi + +if [[ "${RESTART}" ]]; then + echo ""; echo "Bitte den Computer neu starten!" +else + echo ""; echo "Kein neustart notwendig!" +fi + +echo "" +echo "Update fertig." + diff --git a/files/btrbk/btrbk.conf.void b/files/btrbk/btrbk.conf.void new file mode 100644 index 0000000..0192dbd --- /dev/null +++ b/files/btrbk/btrbk.conf.void @@ -0,0 +1,78 @@ +transaction_syslog daemon +lockfile /tmp/btrbk.lock +incremental yes +btrfs_commit_delete after +timestamp_format long +noauto yes +backend btrfs-progs-sudo + +# Update snapshots +volume /var/lib/backup/quelle/bootfs + group updateboot updatestats allstats snapshotstats + snapshot_dir system/snapshots/update + snapshot_preserve_min latest + snapshot_preserve no + subvolume bootfs + +volume /var/lib/backup/quelle/rootfs + group updateroot updatestats allstats snapshotstats + snapshot_dir system/snapshots/update + snapshot_preserve_min latest + snapshot_preserve no + subvolume rootfs + + +# Regular snapshots +volume /var/lib/backup/quelle/bootfs + group regularboot regularstats allstats snapshotstats + snapshot_dir system/snapshots/regular + snapshot_preserve_min 4h + snapshot_preserve no + subvolume bootfs + +volume /var/lib/backup/quelle/rootfs + group regularroot regularstats allstats snapshotstats + snapshot_dir system/snapshots/regular + snapshot_preserve_min 4h + snapshot_preserve no + subvolume rootfs + +volume /var/lib/backup/quelle/rootfs + group regularhome regularstats allstats snapshotstats + snapshot_dir system/snapshots/regular + snapshot_preserve_min 4h + snapshot_preserve no + subvolume homefs + + +# Backup +volume /var/lib/backup/quelle/bootfs + group backupboot backupstats allstats + snapshot_dir system/backup + snapshot_preserve_min latest + snapshot_preserve no + target_preserve_min latest + target_preserve no + subvolume bootfs + target send-receive /var/lib/backup/ziel/void/bootfs + +volume /var/lib/backup/quelle/rootfs + group backup backupstats allstats + snapshot_dir system/backup + snapshot_preserve_min latest + snapshot_preserve no + target_preserve_min latest + target_preserve no + subvolume rootfs + target send-receive /var/lib/backup/ziel/void/rootfs + +volume /var/lib/backup/quelle/rootfs + group backup backupstats allstats + snapshot_dir system/backup + snapshot_preserve_min latest + snapshot_preserve no + target_preserve_min latest + target_preserve no + subvolume homefs + target send-receive /var/lib/backup/ziel/void/homefs + diff --git a/files/gnupg/gpg-agent.conf b/files/gnupg/gpg-agent.conf new file mode 100755 index 0000000..db044b3 --- /dev/null +++ b/files/gnupg/gpg-agent.conf @@ -0,0 +1,7 @@ +pinentry-program /usr/bin/pinentry-chooser +enable-ssh-support + +default-cache-ttl 28800 +max-cache-ttl 86400 +ignore-cache-for-signing + diff --git a/files/grub-btrfs/void.conf b/files/grub-btrfs/void.conf new file mode 100644 index 0000000..c57fe7a --- /dev/null +++ b/files/grub-btrfs/void.conf @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +# Ignore specific path during run "grub-mkconfig". +# Only exact paths are ignored. +# e.g : if `specific path` = @, only `@` snapshot will be ignored. +# Default: ("@") +GRUB_BTRFS_IGNORE_SPECIFIC_PATH=("@" "rootfs" "bootfs" "homefs") + +# Ignore prefix path during run "grub-mkconfig". +# Any path starting with the specified string will be ignored. +# e.g : if `prefix path` = @, all snapshots beginning with "@/..." will be ignored. +# Default: ("var/lib/docker" "@var/lib/docker" "@/var/lib/docker") +GRUB_BTRFS_IGNORE_PREFIX_PATH=("var/lib/docker" "@var/lib/docker" "@/var/lib/docker" "system/backup") + +GRUB_BTRFS_SUBMENUNAME="Void Linux Snapshots" +GRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION="true" +GRUB_BTRFS_DISPLAY_PATH_SNAPSHOT="false" +GRUB_BTRFS_TITLE_FORMAT="d" +GRUB_BTRFS_LIMIT="20" diff --git a/files/nm/30-wg0 b/files/nm/30-wg0 new file mode 100755 index 0000000..591b223 --- /dev/null +++ b/files/nm/30-wg0 @@ -0,0 +1,21 @@ +#!/bin/sh +INTERFACE=$1 +ACTION=$2 + +if [ -f /etc/wireguard/wg0.conf ]; then + case "$INTERFACE" in + tun*|wg*) + exit 0 + ;; + *) + case "$ACTION" in + up) + wg-quick up wg0 + ;; + down) + wg-quick down wg0 + ;; + esac + ;; + esac +fi diff --git a/files/nm/dns-servers.conf b/files/nm/dns-servers.conf new file mode 100644 index 0000000..d18800c --- /dev/null +++ b/files/nm/dns-servers.conf @@ -0,0 +1,2 @@ +[global-dns-domain-*] +servers=::1,159.69.114.157 diff --git a/files/nm/unmanaged-tun.conf b/files/nm/unmanaged-tun.conf new file mode 100644 index 0000000..90d244e --- /dev/null +++ b/files/nm/unmanaged-tun.conf @@ -0,0 +1,3 @@ +[keyfile] +unmanaged-devices=interface-name:wg* + diff --git a/files/nm/unmanaged-wg.conf b/files/nm/unmanaged-wg.conf new file mode 100644 index 0000000..90d244e --- /dev/null +++ b/files/nm/unmanaged-wg.conf @@ -0,0 +1,3 @@ +[keyfile] +unmanaged-devices=interface-name:wg* + diff --git a/files/profile/append-path.sh b/files/profile/append-path.sh new file mode 100644 index 0000000..7504b27 --- /dev/null +++ b/files/profile/append-path.sh @@ -0,0 +1,16 @@ +appendpath () { + case ":$PATH:" in + *:"$1":*) + ;; + *) + PATH="${PATH:+$PATH:}$1" + esac +} + +if [ $(id -u) -eq 0 ]; then + appendpath "/root/.local/bin" +else + appendpath "/home/$(id -un)/.local/bin" +fi +export PATH + diff --git a/files/sudoers/10-common b/files/sudoers/10-common new file mode 100644 index 0000000..48bcf9c --- /dev/null +++ b/files/sudoers/10-common @@ -0,0 +1,9 @@ +Defaults timestamp_timeout=15 +Defaults !tty_tickets +Defaults umask = 022 +Defaults passprompt="[sudo] Password: " +Defaults env_keep += "EDITOR" +Defaults env_keep += "SSH_CONNECTION" +Defaults env_keep += "TMUX" + +%wheel ALL=(ALL) ALL diff --git a/files/udev/99-ioschedulers.rules b/files/udev/99-ioschedulers.rules new file mode 100644 index 0000000..88e5a46 --- /dev/null +++ b/files/udev/99-ioschedulers.rules @@ -0,0 +1 @@ +ACTION=="add|change", KERNEL=="sd[a-z]|mmcblk[0-9]*", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="mq-deadline" diff --git a/files/udev/99-mount-media.rules b/files/udev/99-mount-media.rules new file mode 100644 index 0000000..4694716 --- /dev/null +++ b/files/udev/99-mount-media.rules @@ -0,0 +1 @@ +ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{UDISKS_FILESYSTEM_SHARED}="1" diff --git a/files/wireguard/wg0.conf b/files/wireguard/wg0.conf new file mode 100644 index 0000000..6fc3ce3 --- /dev/null +++ b/files/wireguard/wg0.conf @@ -0,0 +1,13 @@ +[Interface] +Address = fd23::23:5:200/64, 10.23.5.200/16 +PrivateKey = gPxQ+J61DCyOfJj0wXVfAL1zeFnlhenDiIXTyeZ9NUc= +DNS = fd23::23:5:2, 10.23.5.2 + +[Peer] +PublicKey = ZJwTV2l+N+vFwL0KFQb5xpAPqwVcf0YvEMFzTaIoAU8= +Endpoint = 10.1.1.2:51820 +PresharedKey = 4KUpGmysJLNsX5sdFPpVsyW5ONloXj7WTNpNtqTSZ9U= + +####AllowedIPs = ::0/0, 0.0.0.0/0 leitet den ganzen traffic ueber den server +AllowedIPs = fd23::/64, 10.23.0.0/16 +PersistentKeepalive = 25 diff --git a/files/xbps/20-repo-rotce.de-pakete.conf b/files/xbps/20-repo-rotce.de-pakete.conf new file mode 100644 index 0000000..c870200 --- /dev/null +++ b/files/xbps/20-repo-rotce.de-pakete.conf @@ -0,0 +1,2 @@ +repository=https://rotce.de/pakete + diff --git a/files/xbps/50-no-extract.conf b/files/xbps/50-no-extract.conf new file mode 100644 index 0000000..f162ddc --- /dev/null +++ b/files/xbps/50-no-extract.conf @@ -0,0 +1 @@ +noextract=/usr/bin/xq diff --git a/files/xorg/10-keyboard.conf b/files/xorg/10-keyboard.conf new file mode 100644 index 0000000..4f1177d --- /dev/null +++ b/files/xorg/10-keyboard.conf @@ -0,0 +1,8 @@ +Section "InputClass" + Identifier "keyboard" + MatchIsKeyboard "yes" + Option "XkbLayout" "de" + Option "XkbVariant" "nodeadkeys" + #Option "XkbOptions" "grp:alt_shift_toggle" +EndSection + diff --git a/files/xorg/dbus-launch.sh b/files/xorg/dbus-launch.sh new file mode 100644 index 0000000..4fb06f0 --- /dev/null +++ b/files/xorg/dbus-launch.sh @@ -0,0 +1,6 @@ +if [ "$DESKTOP_SESSION" = "i3" ]; then + if which dbus-launch >/dev/null && test -z "$DBUS_SESSION_BUS_ADDRESS"; then + eval "$(dbus-launch --sh-syntax --exit-with-x11)" + fi +fi + diff --git a/functions/functions b/functions/functions new file mode 100644 index 0000000..1b671c9 --- /dev/null +++ b/functions/functions @@ -0,0 +1,217 @@ +wronginput() { + printf "Wrong input: %s\n" "${1}" + printf "this is valid: %s\n" "${2}" +} + +input() { + output="" + echo "${1}" + read -r -p "[${2}]: " output + test -z "${output}" && output="${2}" + return 0 +} + +#multiplechoice "networksystem" "dhcpcd" "networkmanager" "iwd" "none" + +multiplechoice() { + output="" + local done="" + local input=("${@}") + for i in $(seq 1 "$(( ${#input[@]} - 1 ))"); do + if [[ "${i}" == "1" ]]; then + choices="${input[$i]}" + use="${input[$i]}" + else + choices="${choices}|${input[$i]}" + use+=" ${input[$i]}" + fi + done + while input "[${choices}]: " "${input[1]}"; do + for i in $(seq 1 "$(( ${#input[@]} - 1 ))"); do + if [[ "${output}" == "${input[$i]}" ]] || [[ "${output}" == "${input[$i]:0:2}" ]]; then + setconf add "${1}" "${input[$i]}" + done=1 + fi + done + if [[ -z "${done}" ]]; then + echo wronginput "${output}" + echo use these: "${use}" + else + break + fi + + done +} + +#yesno question y +yesno() { + local input="" + local retval="" + local default="" + local q="" + case "${2}" in + Y|y) q="${1} [Y|n]:"; default=y;; + N|n) q="${1} [y|N]:"; default=n;; + esac + while read -r -p "${q} " input; do + test -z "${input}" && input="${default}" + case "${input}" in + y*|Y*|*es*|*ES*|*Es*|*eS*|1) + retval=1 + break + ;; + n*|N*|0) + retval="" + break + ;; + *) wronginput "${input}" "${choices[*]}" + ;; + esac + done + if [[ -z "${retval}" ]]; then + return 1 + else + return 0 + fi +} + +input_pw() { + output="" + local pw1=1 + local pw2=2 + until [[ "${pw1}" == "${pw2}" ]]; do + read -r -s -p "${1}: " pw1 && echo + read -r -s -p "${1} verify: " pw2 && echo + test -z "${pw1}" && pw1=oem + test -z "${pw2}" && pw2=oem + done + echo password set to "\"oem\"" + output="${pw1}" +} + +#setconf add lang de_DE +#setconf rm lang + +setconf() { + case "${1}" in + add) + cfg+=( ["${2}"]="${3}" ) + #if grep -q -w "${2}" "${vars}/cfg"; then + # sed -i "/${2}/d" "${vars}/cfg" + #fi + echo "cfg+=( [${2}]=\"${3}\" )" >> "${vars}/cfg" ;; + esac +} + +addpkg() { + local input=( ${@} ) + for i in $(seq 0 "$(( ${#input[@]} - 1 ))"); do + pkg+=( "${input[$i]}" ) + echo "pkg+=( \"${input[$i]}\" )" >> "${vars}/pkg" + done +} + +servicesenable() { + local input=( ${@} ) + for i in $(seq 0 "$(( ${#input[@]} - 1 ))"); do + services_enable+=( "${input[$i]}" ) + echo "services_enable+=( \"${input[$i]}\" )" >> "${vars}/services_enable" + done +} + +servicesdisable() { + local input=( ${@} ) + for i in $(seq 0 "$(( ${#input[@]} - 1 ))"); do + services_disable+=( "${input[$i]}" ) + echo "services_disable+=( \"${input[$i]}\" )" >> "${vars}/services_disable" + done +} + +ignorepkg() { + local input=( ${@} ) + for i in $(seq 0 "$(( ${#input[@]} - 1 ))"); do + ignorepkg+=( "${input[$i]}" ) + echo "ignorepkg+=( \"${input[$i]}\" )" >> "${vars}/ignorepkg" + done +} + +removepkg() { + local input=( ${@} ) + for i in $(seq 0 "$(( ${#input[@]} - 1 ))"); do + removepkg+=( "${input[$i]}" ) + echo "removepkg+=( \"${input[$i]}\" )" >> "${vars}/removepkg" + done +} + +check() { + if [[ $1 == "alnum" ]]; then + if [[ "${2}" =~ ^[[:alnum:]]+$ ]] || [[ "${2}" =~ ^[0-9A-Za-z._]+$ ]]; then + return 0 + else + echo "only alphanumerics and ._" + return 1 + fi + elif [[ $1 == "num" ]]; then + if [[ "${2}" =~ ^[0-9]+$ ]]; then + return 0 + else + echo "only numbers ${2}" + return 1 + fi + fi +} + +#useradd valuename index value +useradder() { + users+=( ["${1}${2}"]="${3}" ) + #echo "users+=( [${1}${2}]=${3} )" + echo "users+=( [${1}${2}]=\"${3}\" )" >> "${vars}/users" +} + +module() { + case $1 in + start) + modulename="${2}" + desc="${3}" + #echo "${3}.." + ;; + end) + modulename="" + ;; + esac +} + +umounter() { + umount -R "${1}" + vgchange -an + for i in $(find /dev/mapper -name "voidluks*" -printf "%P\n"); do + cryptsetup close "${i}" + done +} + +inst() { + xbps-install -Sy -R "${remote}" -r "${dest}" "${@}" || exit +} + +remove() { + xbps-remove -Ry -r "${dest}" "${ignorepkg[@]}" "${@}" || exit +} + + +#if findinarray "${i}" "${array[@]}"; then echo found; fi +findinarray() { + local input=() + local index=1 + for i in "${@}"; do + if [[ ! "${index}" == "1" ]]; then + input+=( "${i}" ) + fi + index=$(( index + 1 )) + done + for i in "${input[@]}"; do + if [[ "${i}" == "${1}" ]]; then + return 0 + fi + done + return 1 +} diff --git a/main.sh b/main.sh new file mode 100755 index 0000000..bac876e --- /dev/null +++ b/main.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +dir="$(pwd)" +wrksrc="${dir}/tmp" +step="${dir}/step" +functions="${dir}/functions" +vars="${wrksrc}/vars" +dest="/mnt" +files="${dir}/files" +rm -rf "${vars}" +mkdir -p "${wrksrc}" "${vars}" "${dest}" +declare -A cfg=() +declare -A users=() +#set -x +remote="https://alpha.de.repo.voidlinux.org/current" +#remote="https://void.cijber.net/current/" + +source "${functions}"/functions +source "${dir}"/config + +umounter "${dest}" + +export run="config" +for i in $(find "${step}1" -mindepth 1 -maxdepth 1 -type f | sort -n ); do + test -f "${i}" && source "${i}" +done + +export run="postconfig" +for i in $(find "${step}2" -mindepth 1 -maxdepth 1 -type f | sort -n ); do + test -f "${i}" && source "${i}" +done + +mkdir -p "${dest}"/tmp/installer/tmp "${dest}"/etc +cp -rf /etc/resolv.conf "${dest}"/etc +cp -rf "${vars}" "${dest}"/tmp/installer/tmp +cp -rf "${step}3" "${dest}"/tmp/installer +cp -rf "${step}4" "${dest}"/tmp/installer +cp -rf "${files}" "${dest}"/tmp/installer +cp -rf "${functions}" "${dest}"/tmp/installer +cp -rf ./run_in_chroot.sh "${dest}"/tmp/installer + +for i in $(seq 1 "${users[amount]}"); do + pw+=( "${users[pw$i]}" ) +done + +chroot "${dest}" "/tmp/installer/run_in_chroot.sh" "${cfg[diskpw]}" "${pw[@]}" + +umounter "${dest}" diff --git a/profiles/basesystem b/profiles/basesystem new file mode 100644 index 0000000..75bc0f5 --- /dev/null +++ b/profiles/basesystem @@ -0,0 +1,9 @@ +networkmanager="dhcpcd" + +pkgs="void-repo-multilib void-repo-multilib-nonfree void-repo-nonfree lvm2 cronie socklog-void ntp xtools wireguard-tools gnupg progress pwgen net-tools ncdu nmap mtr bind-utils iotop hdparm smartmontools htop git neovim btrbk croc grub-btrfs nano mbuffer cryptsetup psmisc pinentry-tty" + +serviceenable="acpid cronie socklog-unix nanoklogd uuidd agetty-tty1 agetty-tty2 agetty-tty3 agetty-tty4" + +servicedisable="agetty-tty6 agetty-tty5" + +ignorepkgs="nvi gnupg" diff --git a/profiles/desktop b/profiles/desktop new file mode 100644 index 0000000..476b179 --- /dev/null +++ b/profiles/desktop @@ -0,0 +1,14 @@ +browser="firefox-i18n-de" +networkmanager="NetworkManager" +messenger="gajim-omemo python3-Pillow python3-Pygments" +office="libreoffice-i18n-de" +media="mpv" + +spelling="aspell-de gspell" +alsa="alsa-utils alsa-plugins-pulseaudio pulseaudio" +xorg="xorg-minimal xorg-fonts mesa-dri vulkan-loader xorg-apps noto-fonts-emoji" + +ignorepkgs="font-adobe-75dpi font-adobe-100dpi" +servicedisable="acpid" +serviceenable="dbus alsa" + diff --git a/profiles/desktops/gnome b/profiles/desktops/gnome new file mode 100644 index 0000000..bbc61a3 --- /dev/null +++ b/profiles/desktops/gnome @@ -0,0 +1,18 @@ +email=thunderbird-i18n-de +terminal=gnome-terminal +imageviewer=eog +pdf=evince +filemanager=nautilus +archiver=file-roller +screenshot=gnome-screenshot +calc=gnome-calculator +pinentry=pinentry-gnome +keyring=gnome-keyring +gpg=seahorse +policykit=polkit-gnome +sshaskpass=gnome-ssh-askpass +dm=gdm +de=gnome + +misc="" + diff --git a/profiles/desktops/i3wm b/profiles/desktops/i3wm new file mode 100644 index 0000000..ebd948b --- /dev/null +++ b/profiles/desktops/i3wm @@ -0,0 +1,18 @@ +email=claws-mail +terminal=xfce4-terminal +imageviewer=viewnior +pdf=mupdf +filemanager=pcmanfm +archiver=xarchiver +screenshot=maim +calc=galculator-gtk3 +pinentry=pinentry-dmenu +keyring=gnome-keyring +gpg=gnome-keyring +sshaskpass=gnome-ssh-askpass +policykit=polkit-gnome +dm=lightdm +de=i3-gaps + +misc="lightdm-gtk3-greeter i3lock-color i3status dmenu elogind dunst gvfs gvfs-afc gvfs-afp gvfs-cdda gvfs-gphoto2 gvfs-mtp gvfs-smb xss-lock paprefs pavucontrol network-manager-applet pamixer" + diff --git a/profiles/desktops/kde5 b/profiles/desktops/kde5 new file mode 100644 index 0000000..a0d3987 --- /dev/null +++ b/profiles/desktops/kde5 @@ -0,0 +1,17 @@ +email=kmail +terminal=konsole +imageviewer=gwenview +pdf=okular +filemanager=dolphin +archiver=ark +screenshot=spectacle +calc=kcalc +pinentry=pinentry-qt +keyring=kwalletmanager +gpg=kleopatra +policykit=polkit-kde-agent +sshaskpass=ksshaskpass +dm=sddm +de=kde5 + +misc="kdegraphics-thumbnailers ffmpegthumbs print-manager plasma-browser-integration" diff --git a/profiles/printing b/profiles/printing new file mode 100644 index 0000000..e012dd9 --- /dev/null +++ b/profiles/printing @@ -0,0 +1,3 @@ +printing="cups cups-filters gutenprint foomatic-db" +serviceenable="cupsd" + diff --git a/run_in_chroot.sh b/run_in_chroot.sh new file mode 100755 index 0000000..b0c1a4e --- /dev/null +++ b/run_in_chroot.sh @@ -0,0 +1,37 @@ +#!/bin/bash +dir="/tmp/installer" +step="${dir}/step" +wrksrc="${dir}"/tmp +functions="${dir}/functions" +FILESDIR="${dir}/files" + +vars="${wrksrc}/vars" +declare -A cfg=() +declare -A users=() +#set -x + +source "${functions}"/functions + +for i in $(find "${vars}" -type f); do + source "${i}" +done + +input=( "${@}" ) +max="${#input[@]}" +for i in $(seq 0 "$(( max - 1 ))"); do + if [[ "${i}" == "0" ]]; then + cfg+=( [diskpw]="${input[$i]}" ) + else + users+=( [pw$i]="${input[$i]}" ) + fi +done + +export run="install" +for i in $(find "${step}3" -mindepth 1 -maxdepth 1 -type f | sort -n ); do + test -f "${i}" && source "${i}" +done + +export run="post" +for i in $(find "${step}4" -mindepth 1 -maxdepth 1 -type f | sort -n); do + test -f "${i}" && source "${i}" +done diff --git a/step1/10-disk b/step1/10-disk new file mode 100644 index 0000000..080051c --- /dev/null +++ b/step1/10-disk @@ -0,0 +1,160 @@ +module start "disk" "Partition disk" + + +# find all disks +declare -A disk_tmp=() +declare -A disk=() +index=0 +for i in $(find /dev/disk/by-id/ -type l -printf "%P\n"|grep -v "part" |tac); do + name="$(readlink -f /dev/disk/by-id/"${i}")" + if [[ "${name}" =~ *"^[0-9]+$"* ]]; then + continue + fi + if [[ "${name}" == *"dm"* ]]; then + continue + fi + if [[ "${name}" == *"/dev/sr"* ]]; then + continue + fi + if [[ ! "${i}" == "usb"* ]] && [[ ! "${i}" == "ata"* ]] && [[ ! "${i}" == "nvm"* ]]; then + continue + fi + index=$(( index + 1 )) + size="$(fdisk -l "${name}" | head -n1 | awk '{print $3}')" + size=$(awk "BEGIN { printf(\"%.0f\n\", ${size}); }") + size="$(( size - 1 ))" + disk_tmp+=( [${index}.id]="${i}" [${index}.name]="${name}" [${index}.size]="${size}" ) +done +disk_tmp+=( [count]="${index}" ) + +# show devices +echo "Devices:" +for i in $(seq 1 "${disk_tmp[count]}"); do + echo "${disk_tmp[${i}.id]}" "${disk_tmp[${i}.name]}" "${disk_tmp[${i}.size]}" +done + +# if set device on commandline, use this as default +if [[ -z "${extern_device}" ]]; then + device="${disk_tmp[1.id]}" +else + device="${extern_device}" +fi + +# choose device +found="" +while input "Which Device?" "${device}"; do + test -z "${output}" && output="${default}" + for i in $(seq 1 "${disk_tmp[count]}"); do + if [[ "${disk_tmp[${i}.id]}" == "${output}" ]] || [[ "${disk_tmp[${i}.name]}" == "${output}" ]]; then + found=1 + disk+=( [id]="${disk_tmp[${i}.id]}" ) + disk+=( [name]="${disk_tmp[${i}.name]}" ) + disk+=( [size]="${disk_tmp[${i}.size]}" ) + break + fi + done + [[ "${found}" == "1" ]] && break + echo "${output} not found" +done + +# if there are partitions, show them and warn +# user choose between exit und wipe +partitions="" +index="" +for i in "$(lsblk -n -l "${disk[name]}" | tail -n +2 | grep part)"; do + echo "${i}" + index=$(( index + 1 )) +done + +if [[ "${#partitions[@]}" -gt 0 ]]; then + echo "there are partitions" + while input "wipe or quit?" "wipe"; do + case "${output}" in + w*|*p*|*W*|*P*) + setconf add wipe "1" + break + ;; + q*|*u*|*t*|*Q*|*U*|*T*) + echo mount / under /mnt + echo mount /boot under /mnt/boot + echo mount /home under /mnt/home + echo create swap + echo start again with -m + exit + ;; + *) echo "please enter wipe or quit" + ;; + esac + done +fi + +echo "######" +echo "With Full Disk Encryption the whole disk will be encrypted," +echo "including /boot. Unlike Ubuntu." +echo "If you choose FDE, you have to enter the password for the" +echo "disc twice, unless you save the key on an usbstick or" +echo "include it into initramfs." +echo "If its included, remember: grub only knows us keylayout: no umlauts" +echo "If you choose to enter once, kernel (/boot) is unencrypted on disk." +echo "You can turn off encryption." +echo "######" + +multiplechoice "fde_key_store" "initramfs" "usb" "once" "twice" "notencrypted" + +if [[ "${cfg[fde_key_store]}" == "notencrypted" ]]; then + setconf add "fde_key_store" "none" +fi + +if [[ ! "${cfg[fde_key_store]}" == "none" ]]; then + addpkg "cryptsetup" + #input_pw "Disk Password" + output="oem" + #setconf "add" "diskpw" "${output}" + cfg+=( [diskpw]="${output}" ) +fi + +hibernate=0 +if check yesno "Do you want to hibernate?" "y"; then + hibernate=1 +fi + +ramsize="$(($(getconf _PHYS_PAGES) * $(getconf PAGE_SIZE) / (1024 * 1024)))" +ramsize="$(awk "BEGIN { printf(\"%.0f\n\", ${ramsize}/1024); }")" + +if [[ "${ramsize}" -gt "0" ]] && [[ "${ramsize}" -le "2" ]]; then + test -z "${hibernate}" && swapsize="$(( ramsize * 2 ))" + test -z "${hibernate}" || swapsize="$(( ramsize * 3 ))" +elif [[ "${ramsize}" -gt "2" ]] && [[ "${ramsize}" -le "8" ]]; then + test -z "${hibernate}" && swapsize="${ramsize}" + test -z "${hibernate}" || swapsize="$(( ramsize * 2 ))" +elif [[ "${ramsize}" -gt "8" ]] && [[ "${ramsize}" -lt "15" ]]; then + test -z "${hibernate}" && swapsize="${ramsize}" + test -z "${hibernate}" || swapsize="$(awk "BEGIN { printf(\"%.0f\n\", ${ramsize}*1.5); }")" +elif [[ "${ramsize}" -ge "15" ]]; then + test -z "${hibernate}" && swapsize="4" + test -z "${hibernate}" || echo "hibernate not recommended, turning off" && hibernate="0" && swapsize="4" +fi + +setconf "add" "hibernate" "${hibernate}" + +echo Configure rootfssize +while input "Size in G? [$(( disk[size] - swapsize - bootsize ))|rest]" "rest"; do + test -z "${output}" && output="${default}" + case "${output}" in + rest) rootfssize="${output}" && break ;; + esac + if [[ "${output}" =~ ^[0-9]+$ ]] && [[ "${output}" -le "$(( disk[size] - cfg[swapsize] - cfg[bootsize] ))" ]]; then + rootfssize="${output}" + break + fi +done + +setconf "add" "fde_key_store" "${cfg[fde_key_store]}" +setconf "add" "diskid" "${disk[id]}" +setconf "add" "swapsize" "${swapsize}" +setconf "add" "rootfssize" "${rootfssize}" +setconf "add" "wipe" "${cfg[wipe]}" +setconf "add" "diskname" "${disk[name]}" +setconf "add" "bootsize" "4" +#setconf "add" "target_part" "2" + diff --git a/step1/20-users b/step1/20-users new file mode 100644 index 0000000..52905ba --- /dev/null +++ b/step1/20-users @@ -0,0 +1,84 @@ +module "start" "users" "Configuring User" + +repeat="" +index="0" +amount_of_usernames="0" +counter="0" +while echo $((index++)) > /dev/null; do + if [[ "${repeat}" == "1" ]] || [[ "${standalone}" == "1" ]]; then + while input "how many users?" "1"; do + if check num "${output}"; then + amount_of_usernames="${output}" + break + fi + done + elif [[ "${#additional_user[@]}" -gt 0 ]]; then + amount_of_usernames="${#additional_user[@]}" + else + amount_of_usernames=1 + fi + for i in $(seq 1 "${amount_of_usernames}"); do + if [[ ! -z "${additional_user[$i]}" ]]; then + echo "additional_user: ${additional_user[$i]}" + output="${additional_user[$i]}" + additional_user+=( [$i]="" ) + else + while input "Username:" "voiduser"; do + #if grep -q -w "${output}" /etc/passwd; then + # useradder "name" "${counter}" "${output}" + # echo user exists in the system + # continue + #fi + found="" + for n in ${usernames[@]}; do + if [[ "${n}" == "${output}" ]]; then + echo user was configured before + found=1 + fi + done + test -z "${found}" || continue + if check alnum "${output}"; then + counter=$(( counter + 1 )) + useradder "name" "${counter}" "${output}" + usernames+=( "${output}" ) + break + fi + done + fi + + input "full name (optional)" "${output}" + useradder "desc" "${i}" "-c ${output}" + + if [[ "${repeat}" == "1" ]] || [[ "${standalone}" == "1" ]]; then + if yesno "sudo?" n; then + useradder "sudo" "${counter}" "1" + else + useradder "sudo" "${counter}" "1" + fi + elif [[ ! "${repeat}" == "1" ]]; then + useradder "sudo" "${counter}" "1" + fi + + useradder "shell" "${counter}" "/usr/bin/bash" + done + + #input_pw "User ${users[name${counter}]} password" + output="oem" + #useradder "pw" "${counter}" "${output}" + users+=( [pw${counter}]="${output}" ) + echo "${users[pw1]}" + + if [[ "${standalone}" == "1" ]]; then + if ! yesno "More users?" "n"; then + break + fi + #set -x + repeat=1 + additional_user=() + else + break + fi +done +useradder "am" "ount" "${counter}" + +module end diff --git a/step1/40-bootloader b/step1/40-bootloader new file mode 100644 index 0000000..24d5797 --- /dev/null +++ b/step1/40-bootloader @@ -0,0 +1,7 @@ +if test -d /sys/firmware/efi; then + addpkg "grub-x86_64-efi" +else + addpkg "grub" +fi + + diff --git a/step1/50-system b/step1/50-system new file mode 100644 index 0000000..342f346 --- /dev/null +++ b/step1/50-system @@ -0,0 +1,51 @@ +while input "hostname?" "void"; do + if check alnum "${output}"; then + setconf add hostname "${output}" + break + fi +done + +setconf add "lang" "de_DE" +setconf add "lang_console" "de-latin1-nodeadkeys" +setconf add "timezone" "Europe/Berlin" + +setconf "add" "gfx_system" "xorg" +for i in $(find "${dir}/profiles/desktops" -type f); do + des+=( "$(basename $i)" ) +done + +multiplechoice "de" "none" "${des[@]}" + +if [[ ! "${cfg[de]}" == "none" ]]; then + multiplechoice "gfx_hardware" "amd" "nvidia" "intel" "none" + if [[ "${cfg[gfx_hardware]}" == "amd" ]]; then + addpkg mesa-vulkan-radeon xf86-video-amdgpu mesa-vaapi mesa-vdpau + elif [[ "${cfg[gfx_hardware]}" == "intel" ]]; then + addpkg mesa-vulkan-intel xf86-video-intel intel-video-accel + fi +fi + +if yesno "Printing enabled?" "y"; then + source "${dir}/profiles/printing" + addpkg "${printing}" + servicesenable "${enable_service}" +fi + +source "${dir}/profiles/basesystem" +servicesenable "${serviceenable}" +servicesdisable "${servicedisable}" +addpkg "${pkgs}" +ignorepkg "${ignorepkgs}" + +if [[ ! "${cfg[de]}" == "none" ]]; then + source "${dir}/profiles/desktop" + servicesenable "${serviceenable}" + servicesdisable "${servicedisable}" + ignorepkg "${ignorepkgs}" + + source "${dir}/profiles/desktops/${cfg[de]}" + servicesenable "${dm}" + addpkg "${spelling}" "${alsa}" "${xorg}" "${browser}" "${mail}" "${messenger}" "${terminal}" "${imageviewer}" "${pdf}" "${filemanager}" "${archiver}" "${screenshot}" "${calc}" "${pinentry}" "${keyring}" "${gpg}" "${policykit}" "${sshaskpass}" "${office}" "${dm}" "${de}" "${networkmanager}" +fi + +servicesenable "{$networkmanager}" diff --git a/step1/80-lastminute b/step1/80-lastminute new file mode 100644 index 0000000..1ebaec7 --- /dev/null +++ b/step1/80-lastminute @@ -0,0 +1,10 @@ +source "${dir}"/config +declare -f lastminute +if yesno "Lastminute Changes" y; then + lastminute +fi +declare -f os_config +if yesno "O's config?" y; then + os_config +fi + diff --git a/step2/10-disk b/step2/10-disk new file mode 100644 index 0000000..ac6333d --- /dev/null +++ b/step2/10-disk @@ -0,0 +1,169 @@ +if ! yesno "nun gehts los, sicher?" y; then + exit +fi + +module start "disk" "Partition disk" +sleep=4 + +diskid="${cfg[diskid]//-/_}" +dodiskid="/dev/disk/by-id/${cfg[diskid]}" + +index=1 + +echo "Formatting disk" +if test -d /sys/firmware/efi; then + echo "UEFI Partition" + (echo "g"; + echo "n"; + echo "1"; + echo ""; + echo "+1G"; + echo "t"; + echo "1"; + sleep $sleep; + echo "w") | fdisk "${dodiskid}" > /dev/null + sleep $sleep + efipart="${dodiskid}-part${index}" + index=$(( index + 1 )) +else + echo "BIOS Partition" + (echo "o"; + sleep $sleep; + echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null +fi +sleep $sleep +sync + + +echo "create bootpartition" +target_boot="${dodiskid}-part${index}" +index=$(( index + 1 )) +if test -d /sys/firmware/efi; then +(echo "n"; +echo ""; +echo ""; +echo "+4G"; +sleep $sleep; +echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null +else +(echo "n"; +echo "p"; +echo "1"; +echo ""; +echo "+4G"; +echo "a"; +sleep $sleep; +echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null +fi +sleep $sleep + +if [[ "${cfg[rootfssize]}" == "rest" ]]; then + target_partition_tmp="${dodiskid}-part${index}" + echo "create rootfs" + if test -d /sys/firmware/efi; then + (echo "n"; + echo ""; + echo ""; + echo ""; + sleep $sleep; + echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null + else + (echo "n"; + echo "p"; + echo "2"; + echo ""; + echo ""; + sleep $sleep; + echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null + fi +elif [[ ! "${cfg[rootfssize]}" == "rest" ]]; then + target_partition_tmp="${dodiskid}-part${index}" + echo "create rootfs with a specific size" + if test -d /sys/firmware/efi; then + (echo "n"; + echo ""; + echo ""; + echo "+${rootfssize}G"; + sleep $sleep; + echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null + else + (echo "n"; + echo "p"; + echo "2"; + echo ""; + echo "+${rootfssize}G"; + sleep $sleep; + echo "w") | fdisk -w always -W always "${dodiskid}" > /dev/null + fi +fi +sleep $sleep + +target_partition="${target_partition_tmp}" +if [[ ! "${cfg[fde_key_store]}" == "none" ]]; then + echo -n "${cfg[diskpw]}" | cryptsetup luksFormat --type luks1 "${target_partition}" -d - + sleep $sleep + sync + echo -n "${cfg[diskpw]}" | cryptsetup luksOpen "${target_partition}" "voidluks-${diskid}" -d - + sleep $sleep + sync + #echo -n "oem" | cryptsetup luksFormat --type luks1 "${target_partition}" -d - + #echo -n "oem" | cryptsetup luksOpen "${target_partition}" "voidluks-${diskid}" -d - + target_partition="/dev/mapper/voidluks-${diskid}" +fi + +mkswap "${target_partition}" || exit 1 +sleep $sleep +sync +vgcreate -q -f "voidvg.${diskid}" "${target_partition}" || exit 1 +sleep $sleep +sync +lvcreate -q -y --name swap -L "${cfg[swapsize]}"G "voidvg.${diskid}" || exit 1 +sleep $sleep +sync +lvcreate -q -y --name root -l 100%FREE "voidvg.${diskid}" || exit 1 +sleep $sleep +sync +mkfs.btrfs -q -f "/dev/mapper/voidvg.${diskid}-root" || exit 1 + +mkswap "/dev/mapper/voidvg.${diskid}-swap" || exit 1 + +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}" || exit 1 +btrfs subvol create "${dest}/rootfs" +btrfs subvol create "${dest}/homefs" +mkdir -p "${dest}/system/snapshots/update" "${dest}/system/snapshots/regular" "${dest}/system/backup" +umount "${dest}" + +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}" -o subvol=rootfs +for i in boot home dev proc sys tmp etc var/lib/backup/quelle/rootfs var/lib/backup/ziel var/db; do mkdir -p "${dest}/${i}"; done + +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}"/home -o subvol=homefs +mkdir -p "${dest}/var/lib/backup/quelle/bootfs" + +mkfs.btrfs -q -f "${target_boot}" +mount "${target_boot}" "${dest}/boot" +btrfs subvol create "${dest}/boot/bootfs" +mkdir -p "${dest}/boot/system/snapshots/update" "${dest}/boot/system/snapshots/regular" "${dest}/boot/system/backup" +umount "${dest}/boot" + +if [[ "${cfg[fde_key_store]}" == "once" ]]; then + mount "${target_boot}" "${dest}/boot" -o subvol=bootfs +fi + +if test -d /sys/firmware/efi; then + mkdir -p "${dest}/boot/efi" + mkfs.vfat "${efipart}" + sleep $sleep + mount "${efipart}" "${dest}/boot/efi" +fi + +for dir in dev proc sys run; do mkdir -p "${dest}"/$dir ; mount --rbind /$dir "${dest}"/$dir ; mount --make-rslave "${dest}"/$dir ; done + +setconf add partuuid "$(blkid -o value -s UUID ${target_partition_tmp})" +setconf add efiuuid "$(blkid -o value -s UUID ${efipart})" +[[ "${cfg[fde_key_store]}" == "once" ]] && setconf "add" "bootuuid" "$(blkid -o value -s UUID ${target_boot})" +setconf add swapuuid "$(blkid -o value -s UUID /dev/mapper/voidvg.${diskid}-swap)" + + +mount -t tmpfs -o size=512m tmpfs "${dest}"/tmp + +module end diff --git a/step2/20-installation b/step2/20-installation new file mode 100644 index 0000000..c9023ed --- /dev/null +++ b/step2/20-installation @@ -0,0 +1,27 @@ +module start "preinstallation" "Preinstallation" + +if [[ "${#ignorepkg[@]}" -gt 0 ]]; then + mkdir -p "${dest}"/etc/xbps.d/ + touch "${dest}"/etc/xbps.d/10-ignore-pkg.conf + for ig in "${ignorepkg[@]}"; do + if ! grep -q "${ig}" "${dest}"/etc/xbps.d/10-ignore-pkg.conf; then + echo "ignorepkg=${ig}" >> "${dest}"/etc/xbps.d/10-ignore-pkg.conf + fi + done +fi + +for i in ${pkg[@]}; do + for j in ${removepkg[@]}; do + if [[ "${i}" == "${j}" ]]; then + continue 2 + fi + done + toinstall+=( "$i" ) +done + +mkdir -p "${dest}"/var/db/xbps +cp -rf /var/db/xbps/keys/ "${dest}"/var/db/xbps + +inst base-system "${toinstall[@]}" + +module end diff --git a/step2/disk/bios b/step2/disk/bios new file mode 100644 index 0000000..8a73f24 --- /dev/null +++ b/step2/disk/bios @@ -0,0 +1,131 @@ +if ! yesno "nun gehts los, sicher?" y; then + exit +fi + + + +diskid="${cfg[diskid]//-/_}" +index=1 + +echo "Formatting disk" +if test -d /sys/firmware/efi; then + module start "disk" "Partition disk . UEFI" + echo "g + n + 1 + + +1G + t + 1 + w + q" | fdisk "${cfg[diskname]}" > /dev/null + efipart="${cfg[diskname]}${index}" + index=$(( index + 1 )) +else + module start "disk" "Partition disk . BIOS" + echo "o + w + q" | fdisk -w always "${cfg[diskname]}" > /dev/null +fi +sleep 2 + + +echo "create bootpartition" +target_boot="${cfg[diskname]}${index}" +index=$(( index + 1 )) +echo "n +p +1 + ++${cfg[bootsize]}G +a +w +q" | fdisk "${cfg[diskname]}" > /dev/null +sleep 2 + +if [[ "${cfg[rootfssize]}" == "rest" ]]; then + target_partition_tmp="${cfg[diskname]}${index}" + index=$(( index + 1 )) + echo "create rootfs" + echo "n + p + 2 + + + w + q" | fdisk "${cfg[diskname]}" > /dev/null +elif [[ ! "${cfg[rootfssize]}" == "rest" ]]; then + target_partition_tmp="${cfg[diskname]}${index}" + echo "create rootfs with a specific size" + echo "n + p + 2 + + +${rootfssize}G + w + q" | fdisk "${cfg[diskname]}" > /dev/null +fi +sleep 2 + +target_partition="${target_partition_tmp}" +if [[ ! "${cfg[fde_key_store]}" == "none" ]]; then + echo -n "${cfg[diskpw]}" | cryptsetup luksFormat --type luks1 "${target_partition}" -d - + sleep 2 + echo -n "${cfg[diskpw]}" | cryptsetup luksOpen "${target_partition}" "voidluks-${diskid}" -d - + sleep 2 + #echo -n "oem" | cryptsetup luksFormat --type luks1 "${target_partition}" -d - + #echo -n "oem" | cryptsetup luksOpen "${target_partition}" "voidluks-${diskid}" -d - + target_partition="/dev/mapper/voidluks-${diskid}" +fi + +mkswap "${target_partition}" +sleep 2 +vgcreate -q -f "voidvg.${diskid}" "${target_partition}" || exit 1 +sleep 2 +lvcreate -q -y --name swap -L "${cfg[swapsize]}"G "voidvg.${diskid}" +sleep 2 +lvcreate -q -y --name root -l 100%FREE "voidvg.${diskid}" +sleep 2 +mkfs.btrfs -q -f "/dev/mapper/voidvg.${diskid}-root" + +mkswap "/dev/mapper/voidvg.${diskid}-swap" + +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}" +btrfs subvol create "${dest}/rootfs" +btrfs subvol create "${dest}/homefs" +mkdir -p "${dest}/system/snapshots/update" "${dest}/system/snapshots/regular" "${dest}/system/backup" +umount "${dest}" + +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}" -o subvol=rootfs +for i in boot home dev proc sys tmp etc var/lib/backup/quelle/rootfs var/lib/backup/ziel var/db; do mkdir -p "${dest}/${i}"; done + +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}"/home -o subvol=homefs +mkdir -p "${dest}/var/lib/backup/quelle/bootfs" + +mkfs.btrfs -q -f "${target_boot}" +mount "${target_boot}" "${dest}/boot" +btrfs subvol create "${dest}/boot/bootfs" +mkdir -p "${dest}/boot/system/snapshots/update" "${dest}/boot/system/snapshots/regular" "${dest}/boot/system/backup" +umount "${dest}/boot" + +if [[ "${cfg[fde_key_store]}" == "once" ]]; then + mount "${target_boot}" "${dest}/boot" -o subvol=bootfs +fi + +if test -d /sys/firmware/efi; then + mkdir -p "${dest}/boot/efi" + mkfs.vfat -F32 "${efipart}" + mount "${efipart}" "${dest}/boot/efi" +fi + +for dir in dev proc sys run; do mkdir -p "${dest}"/$dir ; mount --rbind /$dir "${dest}"/$dir ; mount --make-rslave "${dest}"/$dir ; done + +setconf add rootuuid "$(blkid -o value -s UUID ${target_partition})" +setconf add partuuid "$(blkid -o value -s UUID ${cfg[diskname]}${cfg[target_part]})" +[[ "${cfg[fde_key_store]}" == "once" ]] && setconf "add" "bootuuid" "$(blkid -o value -s UUID ${target_boot})" +setconf add swapuuid "$(blkid -o value -s UUID /dev/mapper/voidvg.${diskid}-swap)" + + +mount -t tmpfs -o size=512m tmpfs "${dest}"/tmp + +module end diff --git a/step2/disk/uefi b/step2/disk/uefi new file mode 100644 index 0000000..d6055ca --- /dev/null +++ b/step2/disk/uefi @@ -0,0 +1,111 @@ +if ! yesno "nun gehts los, sicher?" y; then + exit +fi + +module start "disk" "Partition disk . UEFI" + +diskid="${cfg[diskid]//-/_}" +index=1 + +echo "Formatting disk" +echo "g +n +1 + ++1G +t +1 +w +q" | fdisk "${cfg[diskname]}" > /dev/null +efipart="${cfg[diskname]}${index}" +index=$(( index + 1 )) +sleep 2 + +echo "create bootpartition" +target_boot="${cfg[diskname]}${index}" +index=$(( index + 1 )) +echo "n +2 + ++${cfg[bootsize]}G +w +q" | fdisk "${cfg[diskname]}" > /dev/null +sleep 2 + +if [[ "${cfg[rootfssize]}" == "rest" ]]; then + target_partition_tmp="${cfg[diskname]}${index}" + echo "create rootfs" + echo "n + 3 + + + w + q" | fdisk "${cfg[diskname]}" > /dev/null +elif [[ ! "${cfg[rootfssize]}" == "rest" ]]; then + target_partition_tmp="${cfg[diskname]}${index}" + echo "create rootfs with a specific size" + echo "n + p + 3 + + +${rootfssize}G + w + q" | fdisk "${cfg[diskname]}" > /dev/null +fi +sleep 2 + +target_partition="${target_partition_tmp}" +if [[ ! "${cfg[fde_key_store]}" == "none" ]]; then + echo -n "${cfg[diskpw]}" | cryptsetup luksFormat --type luks1 "${target_partition}" -d - + sleep 2 + echo -n "${cfg[diskpw]}" | cryptsetup luksOpen "${target_partition}" "voidluks-${diskid}" -d - + sleep 2 + #echo -n "oem" | cryptsetup luksFormat --type luks1 "${target_partition}" -d - + #echo -n "oem" | cryptsetup luksOpen "${target_partition}" "voidluks-${diskid}" -d - + target_partition="/dev/mapper/voidluks-${diskid}" +fi + +mkswap "${target_partition}" +sleep 2 +vgcreate -q -f "voidvg.${diskid}" "${target_partition}" || exit 1 +sleep 2 +lvcreate -q -y --name swap -L "${cfg[swapsize]}"G "voidvg.${diskid}" +sleep 2 +lvcreate -q -y --name root -l 100%FREE "voidvg.${diskid}" +sleep 2 +mkfs.btrfs -q -f "/dev/mapper/voidvg.${diskid}-root" +mkswap "/dev/mapper/voidvg.${diskid}-swap" +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}" +btrfs subvol create "${dest}/rootfs" +btrfs subvol create "${dest}/homefs" +mkdir -p "${dest}/system/snapshots/update" "${dest}/system/snapshots/regular" "${dest}/system/backup" + +umount "${dest}" +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}" -o subvol=rootfs +for i in boot home dev proc sys tmp etc var/lib/backup/quelle/rootfs var/lib/backup/ziel var/db; do mkdir -p "${dest}/${i}"; done +mount "/dev/mapper/voidvg.${diskid}-root" "${dest}"/home -o subvol=homefs +mkdir -p "${dest}/var/lib/backup/quelle/bootfs" +mkfs.btrfs -q -f "${target_boot}" +mount "${target_boot}" "${dest}/boot" +btrfs subvol create "${dest}/boot/bootfs" +mkdir -p "${dest}/boot/system/snapshots/update" "${dest}/boot/system/snapshots/regular" "${dest}/boot/system/backup" +umount "${dest}/boot" +if [[ "${cfg[fde_key_store]}" == "once" ]]; then + mount "${target_boot}" "${dest}/boot" -o subvol=bootfs + +fi +mkdir -p "${dest}/boot/efi" +mkfs.vfat -F32 "${efipart}" +mount "${efipart}" "${dest}/boot/efi" + +for dir in dev proc sys run; do mkdir -p "${dest}"/$dir ; mount --rbind /$dir "${dest}"/$dir ; mount --make-rslave "${dest}"/$dir ; done + +setconf add rootuuid "$(blkid -o value -s UUID ${target_partition})" +setconf add partuuid "$(blkid -o value -s UUID ${cfg[diskname]}${cfg[target_part]})" +[[ "${cfg[fde_key_store]}" == "once" ]] && setconf "add" "bootuuid" "$(blkid -o value -s UUID ${target_boot})" +setconf add swapuuid "$(blkid -o value -s UUID /dev/mapper/voidvg.${diskid}-swap)" + + +mount -t tmpfs -o size=512m tmpfs "${dest}"/tmp + +module end diff --git a/step3/20-basesystem b/step3/20-basesystem new file mode 100644 index 0000000..746f5d5 --- /dev/null +++ b/step3/20-basesystem @@ -0,0 +1,138 @@ +module start "basesystem" "Install Basesystem" + +diskid="${cfg[diskid]//-/_}" + +chown root:root / +chmod 755 / +DESTDIR= + +vmkdir() { + mkdir -p /"$1" + chmod 755 /"$1" +} + +vinstall() { + src="$1"; tgt="$3"; rights="$2" + if [ "$4" ]; then + cp "${src}" "/${tgt}/${4}" + chmod="/${tgt}/${4}" + else + cp "${src}" "/${tgt}" + chmod="/${tgt}" + + fi + chmod -R "${rights}" "${chmod}" +} + +vbin() { + cp -rf "$1" /usr/bin/ + chmod 0755 /usr/bin/"$(basename $1)" +} + +vbin "${FILESDIR}/bin/joinvpn" +vbin "${FILESDIR}/bin/void-update" +vbin "${FILESDIR}/bin/void-backup" +vbin "${FILESDIR}/bin/void-snapshot" +vbin "${FILESDIR}/bin/void-createbackupcontainer" +vbin "${FILESDIR}/bin/pinentry-chooser" + +vmkdir etc/sudoers.d +vinstall "${FILESDIR}/sudoers/10-common" 700 etc/sudoers.d + +vmkdir etc/bash/bashrc.d +vinstall "${FILESDIR}/bash/xbps-aliase.sh" 755 etc/bash/bashrc.d +vinstall "${FILESDIR}/bash/editor.sh" 755 etc/bash/bashrc.d + +vmkdir usr/lib/udev/rules.d +vinstall "${FILESDIR}/udev/99-mount-media.rules" 744 usr/lib/udev/rules.d +vinstall "${FILESDIR}/udev/99-ioschedulers.rules" 744 usr/lib/udev/rules.d + +vmkdir etc/btrbk +vinstall "${FILESDIR}/btrbk/btrbk.conf.void" 744 etc/btrbk + +vmkdir etc/xbps.d +vinstall "${FILESDIR}/xbps/50-no-extract.conf" 755 etc/xbps.d +vinstall "${FILESDIR}/xbps/20-repo-rotce.de-pakete.conf" 755 etc/xbps.d + +vmkdir etc/default/grub-btrfs +vinstall "${FILESDIR}/grub-btrfs/void.conf" 755 etc/default/grub-btrfs + +vmkdir etc/NetworkManager/conf.d +vmkdir etc/NetworkManager/dispatcher.d +vinstall "${FILESDIR}/nm/unmanaged-wg.conf" 644 etc/NetworkManager/conf.d +vinstall "${FILESDIR}/nm/unmanaged-tun.conf" 644 etc/NetworkManager/conf.d +vinstall "${FILESDIR}/nm/30-wg0" 744 etc/NetworkManager/dispatcher.d + +vmkdir etc/profile.d +vinstall "${FILESDIR}/profile/append-path.sh" 644 etc/profile.d zz-append-path.sh + +vmkdir usr/share/X11/xorg.conf.d +vinstall "${FILESDIR}/xorg/10-keyboard.conf" 644 usr/share/X11/xorg.conf.d + +vmkdir etc/skel +vinstall "${FILESDIR}/gnupg/gpg-agent.conf" 700 etc/skel + +vmkdir etc/fonts/conf.d +ln -s /usr/share/fontconfig/conf.avail/70-no-bitmaps.conf "${DESTDIR}/etc/fonts/conf.d/70-no-bitmaps.conf" + +{ echo "#ignorepkg=linux-firmware-amd"; +echo "#ignorepkg=linux-firmware-intel"; +echo "#ignorepkg=linux-firmware-nvidia"; +echo "#ignorepkg=linux-firmware-broadcom"; +echo "#ignorepkg=wifi-firmware"; } > /etc/xbps.d/10-ignore-firmware.conf +chmod 755 /etc/xbps.d/10-ignore-firmware.conf + +{ echo "en_DK.UTF-8 UTF-8"; +echo "de_DE.UTF-8 UTF-8"; +echo "en_US.UTF-8 UTF-8"; } > /etc/default/libc-locales + +echo "LANG=${cfg[lang]}.UTF-8" > /etc/locale.conf +echo "KEYMAP=${cfg[lang_console]}" > /etc/vconsole.conf + +cp -a /etc/profile.d/locale.sh /etc/profile.d/zz-locale-user.sh +sed -i 's/locale.conf/locale-user.conf/' /etc/profile.d/zz-locale-user.sh +sed -i '/^if/i [ "$(id -u)" -eq 0 ] && return' /etc/profile.d/zz-locale-user.sh + +{ echo "/dev/mapper/voidvg.${diskid}-root / btrfs defaults,subvol=rootfs 0 0"; +echo "/dev/mapper/voidvg.${diskid}-root /home btrfs defaults,subvol=homefs 0 0"; +echo "/dev/mapper/voidvg.${diskid}-swap swap swap defaults 0 0"; +echo "/dev/mapper/voidvg.${diskid}-root /var/lib/backup/quelle/rootfs btrfs defaults 0 0"; +echo "tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0"; } > /etc/fstab +if [[ "${cfg[fde_key_store]}" == "once" ]]; then + { echo "UUID=${cfg[bootuuid]} /boot btrfs defaults,subvol=bootfs 0 0"; + echo "UUID=${cfg[bootuuid]} /var/lib/backup/quelle/bootfs btrfs defaults 0 0"; } >> /etc/fstab +fi +if test -d /sys/firmware/efi; then + echo "UUID=${cfg[efiuuid]} /boot/efi vfat defaults 0 0" >> /etc/fstab +fi + +echo "${cfg[hostname]}" > /etc/hostname +ln -sf "/usr/share/zoneinfo/${cfg[timezone]}" /etc/localtime +sed -i "s/#HOSTNAME=\"void-live\"/HOSTNAME=${cfg[hostname]}/g" /etc/rc.conf +sed -i "s/Europe\/Madrid/${cfg[timezone]//\//\\/}/" /etc/rc.conf +sed -i "/HARDWARECLOCK/s/^#//g" /etc/rc.conf +sed -i "/FONT=/s/^#//g" /etc/rc.conf + +echo '0 * * * * /usr/bin/void-snapshot cron #void.system' > /var/spool/cron/root + +if [[ ! ${cfg[fde_key_store]} == "none" ]]; then + echo "echo \"Install pw is 'oem'\"" > /etc/runit/core-services/99-changepwdisk.sh + echo "read -p \"Change PW for disk? y/n \" answer" >> /etc/runit/core-services/99-changepwdisk.sh + echo "if [ \"\${answer}\" = \"y\" ]; then" >> /etc/runit/core-services/99-changepwdisk.sh + echo " while ! cryptsetup luksChangeKey /dev/disk/by-uuid/${cfg[partuuid]}; do" >> /etc/runit/core-services/99-changepwdisk.sh + echo " echo \"Again, please\"" >> /etc/runit/core-services/99-changepwdisk.sh + echo " done" >> /etc/runit/core-services/99-changepwdisk.sh + echo " rm -rf /etc/runit/core-services/99-changepwdisk.sh" >> /etc/runit/core-services/99-changepwdisk.sh + echo "fi" >> /etc/runit/core-services/99-changepwdisk.sh +fi + +echo "echo \"Install pw is 'oem'\"" > /etc/runit/core-services/99-changepwuser.sh +echo "read -p \"Change PW for ${users[name1]}? y/n \" answer" >> /etc/runit/core-services/99-changepwuser.sh +echo "if [ \"\${answer}\" = \"y\" ]; then" >> /etc/runit/core-services/99-changepwuser.sh +echo " while ! passwd ${users[name1]}; do" >> /etc/runit/core-services/99-changepwuser.sh +echo " echo \"Again, please\"" >> /etc/runit/core-services/99-changepwuser.sh +echo " done" >> /etc/runit/core-services/99-changepwuser.sh +echo " rm -rf /etc/runit/core-services/99-changepwuser.sh" >> /etc/runit/core-services/99-changepwuser.sh +echo "fi" >> /etc/runit/core-services/99-changepwuser.sh + +module end diff --git a/step3/30-bootloader b/step3/30-bootloader new file mode 100644 index 0000000..1a6e54e --- /dev/null +++ b/step3/30-bootloader @@ -0,0 +1,46 @@ +module start "bootloader" "Install Bootloader" + +diskid="${cfg[diskid]//-/_}" + +if [[ ! "${cfg[fde_key_store]}" == "none" ]]; then + sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"rd.luks.uuid=${cfg[partuuid]} /" /etc/default/grub + + if [[ ! "${cfg[fde_key_store]}" == "once" ]]; then + if ! grep -q "GRUB_ENABLE_CRYPTODISK" /etc/default/grub; then + echo "GRUB_ENABLE_CRYPTODISK=y" >> /etc/default/grub + fi + fi + + if [[ "${cfg[fde_key_store]}" == "initramfs" ]]; then + dd bs=1 count=64 if=/dev/urandom of=/boot/volume.key + echo -n "${cfg[diskpw]}" | cryptsetup luksAddKey "${target_partition_tmp}" /boot/volume.key -d - + chmod 000 /boot/volume.key + chmod -R g-rwx,o-rwx /boot + echo 'install_items+=" /boot/volume.key /etc/crypttab "' > /etc/dracut.conf.d/crypt-ssh.conf + echo "voidluks-${diskid} UUID=${cfg[partuuid]} /boot/volume.key luks" > /etc/crypttab + fi +fi + + +if ! grep -q rd.lvm.vg /etc/default/grub; then + sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"rd.lvm.vg=voidvg.${diskid} /" /etc/default/grub +fi + +if ! grep -q rd.console.keymap /etc/default/grub; then + sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\" rd.vconsole.keymap=${cfg[lang_console]} /" /etc/default/grub +fi + +if [[ "${cfg[hibernate]}" == "1" ]]; then + sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"resume=UUID=${cfg[swapuuid]} /" /etc/default/grub +fi + +#if [[ "${cfg[fde_key_store]}" == "twice" ]] || [[ "${cfg[fde_key_store]}" == "once" ]]; then +# echo "voidluks-${diskid} UUID=${cfg[partuuid]} none luks" > /etc/crypttab +#fi + +if ! grep -q "dark-gray/black" /etc/default/grub; then + echo "GRUB_COLOR_NORMAL=\"dark-gray/black\"" >> /etc/default/grub + echo "GRUB_COLOR_HIGHLIGHT=\"light-red/black\"" >> /etc/default/grub +fi + +module end diff --git a/step3/40-de b/step3/40-de new file mode 100644 index 0000000..25501dd --- /dev/null +++ b/step3/40-de @@ -0,0 +1,27 @@ +module start "de" "Desktopenvironment install" + +if [[ "${cfg[de]}" == "i3wm" ]]; then + mkdir -p /etc/X11/xinit/xinitrc.d/ + echo 'if which dbus-launch >/dev/null && test -z "$DBUS_SESSION_BUS_ADDRESS"; then' > /etc/X11/xinit/xinitrc.d/dbus-launch.sh + echo ' eval "$(dbus-launch --sh-syntax --exit-with-x11)"' >> /etc/X11/xinit/xinitrc.d/dbus-launch.sh + echo 'fi' >> /etc/X11/xinit/xinitrc.d/dbus-launch.sh + chmod +x /etc/X11/xinit/xinitrc.d/dbus-launch.sh +fi + + + +if [[ ! "${cfg[de]}" == "none" ]]; then + [[ ! -h /etc/fonts/conf.d/70-no-bitmaps.conf ]] && ln -s /usr/share/fontconfig/conf.avail/70-no-bitmaps.conf "${dest}"/etc/fonts/conf.d/ + + mkdir -p /etc/X11/xorg.conf.d + { echo "Section \"InputClass\""; + echo " Identifier \"keyboard\""; + echo " MatchIsKeyboard \"yes\""; + echo " Option \"XkbLayout\" \"de\""; + echo " Option \"XkbVariant\" \"nodeadkeys\""; + echo " #Option \"XkbOptions\" \"grp:alt_shift_toggle\""; + echo "EndSection"; } > /etc/X11/xorg.conf.d/10-keyboard.conf + +fi + +module end diff --git a/step3/80-lastminute b/step3/80-lastminute new file mode 100644 index 0000000..661657d --- /dev/null +++ b/step3/80-lastminute @@ -0,0 +1 @@ +declare -f lastminute diff --git a/step3/90-services b/step3/90-services new file mode 100644 index 0000000..df19e2a --- /dev/null +++ b/step3/90-services @@ -0,0 +1,25 @@ +module start "services" "Enable and Disable services" + +for i in "${services_enable[@]}"; do + [[ "${i}" == "dbus" ]] && dbus=1 +done + + + +if [[ "${#services_enable[@]}" -gt 0 ]]; then + test -z "${dbus}" || test -L /etc/runit/runsvdir/default/"${i}" || ln -s /etc/sv/"${i}" "${dest}"/etc/runit/runsvdir/default/ + for i in "${services_enable[@]}"; do + #touch /etc/sv/"${i}"/down + test -h /etc/runit/runsvdir/default/"${i}" || ln -s /etc/sv/"${i}" "${dest}"/etc/runit/runsvdir/default/ + done +fi + + +if [[ "${#services_disable[@]}" -gt 0 ]]; then + for i in "${services_disable[@]}"; do + test -h /etc/runit/runsvdir/default/"${i}" && rm -rf "${dest}"/etc/runit/runsvdir/default/"${i}" + done +fi + + +module end \ No newline at end of file diff --git a/step4/10-installation b/step4/10-installation new file mode 100644 index 0000000..09400ea --- /dev/null +++ b/step4/10-installation @@ -0,0 +1,11 @@ +module start "installation" "Reconfigure Installation" "dontcheck" + +ver="$(xbps-query -S linux|grep pkgver|awk '{print $2}')" +ver="${ver//-}" +ver="${ver%_*}" + +xbps-reconfigure -f "${ver}" +xbps-reconfigure -f glibc-locales +#xbps-reconfigure -af + +module end diff --git a/step4/20-users b/step4/20-users new file mode 100644 index 0000000..597195a --- /dev/null +++ b/step4/20-users @@ -0,0 +1,24 @@ +module "start" "users" "Configuring Users" + +for i in $(seq 1 "${users[amount]}"); do + if ! cut -d: -f1 /etc/passwd | grep -q -w "${users[name$i]}"; then + useradd -G audio,video,floppy,cdrom,optical,input,users "${users[desc$i]}" -m -s "${users[shell$i]}" -U "${users[name$i]}" + if [[ "${users[sudo$i]}" == "1" ]]; then + usermod -a -G socklog,wheel "${users[name$i]}" + passwd -dl root + if grep -q lpadmin /etc/group; then + usermod -a -G lpadmin "${users[name$i]}" + fi + fi + + echo password for "${users[name$i]}" + echo -e "${users[pw$i]}\n${users[pw$i]}" | passwd "${users[name$i]}" + #echo -e "oem\noem" | passwd "${users[name$i]}" + else + echo bereits in /etc/passwd vorhanden: "${users[name$i]}" + echo ueberspinge.. + #fortfahren? + fi +done + +module end diff --git a/step4/30-basesystem b/step4/30-basesystem new file mode 100644 index 0000000..3e9cfca --- /dev/null +++ b/step4/30-basesystem @@ -0,0 +1 @@ +chsh -s /usr/bin/bash root diff --git a/step4/40-bootloader b/step4/40-bootloader new file mode 100644 index 0000000..0b8a305 --- /dev/null +++ b/step4/40-bootloader @@ -0,0 +1,11 @@ +module start "bootloader" "Post Bootloader" + +if test -d /sys/firmware/efi; then + grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id="Void" +else + grub-install "${cfg[diskname]}" +fi + +grub-mkconfig -o /boot/grub/grub.cfg + +module end