add files/

files/bash/xbps-aliase.sh

@@ -0,0 +1,10 @@
+[ "$(id -u)" -eq 0 ] && return
+alias xu="sudo void-update"
+alias xr="sudo xbps-remove -R"
+alias xs="xbps-query -Rs"
+alias backup="sudo void-backup"
+echo "xu = sudo void-update       zum updaten"
+echo "xi = sudo xbps-install -S   zum installieren"
+echo "xr = sudo xbps-remove -R    zum deinstallieren"
+echo "xs = xbps-query -Rs         zum suchen"
+echo "backup = sudo void-backup   um ein backup zu machen"

files/bin/joinvpn

@@ -0,0 +1,41 @@
+#!/bin/bash
+basewgfolder="/etc/wireguard"
+
+if [ $UID -ne 0 ]; then
+	echo "Keine Rootrechte"
+	exit 1
+fi
+umask 0077
+mkdir -p "${basewgfolder}/wg0"
+cd "${basewgfolder}/wg0"
+
+
+if [[ -f "${basewgfolder}/wg0/privkey" ]]; then
+	read -p "Address: " ADDRESS
+	read -p "PublicKey: " PUBKEY_SERVER
+	read -p "Endpoint: " ENDPOINT
+	read -p "Port: " PORT
+	{ echo "[Interface]";
+	echo "Address = ${ADDRESS}";
+	echo "PostUp = wg set %i private-key /etc/wireguard/wg0/wg0.key <(cat /etc/wireguard/wg0/privkey)";
+	echo "[Peer]";
+	echo "PublicKey = ${PUBKEY_SERVER}";
+	echo "Endpoint = ${ENDPOINT}:${PORT}";
+	echo "AllowedIPs = fd23::23:0:0/96";
+	echo "PresharedKey = $(cat psk)";
+	echo "PersistentKeepalive = 25"; } > "${basewgfolder}/wg0.conf"
+else
+	test -f privkey || wg genkey > privkey
+	test -f pubkey || wg pubkey < privkey > pubkey
+	test -f psk || wg genpsk > psk
+	echo "Frage O nach den den folgenden Daten und wenn du sie hast, starte das hier nochmal"
+	echo "Address"
+	echo "PublicKey"
+	echo "Endpoint"
+	echo "Port"
+	echo ""
+	echo "Schicke ihm verschlüsselt (Jabber oder Email) folgende Daten:"
+	echo "PublicKey = $(cat pubkey)"
+	echo "PresharedKey = $(cat psk)"
+	echo "Hostname = ${HOSTNAME}"
+fi

files/bin/void-backup

@@ -0,0 +1,147 @@
+#!/bin/bash
+export LANG="en_US.UTF-8"
+backupcfg="/etc/backup.cfg"
+ziel="/var/lib/backup/ziel"
+cfg="/etc/btrbk/btrbk.conf.system"
+
+if [ "${UID}" -ne "0" ]; then
+	echo "Keine Rootrechte."
+	exit 1
+fi
+
+if [[ -f "${backupcfg}" ]]; then
+	source "${backupcfg}"
+else
+	echo "${backupcfg} fehlt."
+	echo "Entweder:"
+	echo "UUID=\"uuid\" > ${backupcfg}"
+	echo "oder:"
+	echo "\`void-createbackupcontainer\` um eine neue Backupplatte einzurichten."
+fi
+
+if [[ -f /etc/btrbk/btrbk.conf ]]; then
+	cfg="/etc/btrbk/btrbk.conf"
+fi
+
+if [ -z "${UUID}" ]; then
+	echo "Keine Backupplatte angegeben."
+	exit 1
+fi
+
+fhelp() {
+	echo "Nutze es so:"
+	echo "sudo backup"
+	echo "sudo backup poweroff (um den Rechner nach dem Backup herunterzufahren.)"
+	#echo "sudo backup update (um den Rechner nach dem Backup up zu daten.)"
+	#echo "update und poweroff sind mixbar"
+	echo "sudo backup passwd (um das Passwort für die Backupfestplatte zu ändern.)"
+}
+
+if [ ! -e "/dev/disk/by-uuid/${UUID}" ]; then
+	echo "Bitte Backupfestplatte anschliessen."
+	exit 1
+fi
+
+for argval in "$@"
+do
+  case "${argval}" in
+    power|poweroff|p)
+        poweroff=y
+	;;
+    help|-h|--help|h)
+        fhelp
+        exit
+	;;
+	update)
+		update=y
+	;;
+	passwd)
+		passwd=y 
+        ;;
+  esac
+done
+
+if [ -e /tmp/backup ]; then
+	echo "Es läuft schon ein Backupvorgang oder wurde nicht richtig beendet."
+	echo "Bei letzterem: 'sudo rm -rf /tmp/backup'"
+	exit 1
+fi
+touch /tmp/backup
+
+if [[ "${passwd}" == "y" ]]; then
+	cryptsetup luksChangeKey "/dev/disk/by-uuid/${UUID}"
+	rm -rf /tmp/backup
+	exit 0
+fi
+
+function finish {
+	sync
+	if [ "${poweroff}" = "y" ]; then
+	        shutdown -h now
+	fi
+	sleep 4
+	umount "${ziel}"
+	echo " "
+	echo " "
+	if [[ "${MOUNTEDBY}" == "script" ]]; then
+        cryptsetup close "luks-${UUID}"
+		echo "Festplatte kann nun sicher entfernt werden."
+	elif [[ "${MOUNTEDBY}" == "gnome" ]]; then
+		echo "Festplatte bitte mit der grafischen Oberflaeche auswerfen (wie ein USB-Stick)"
+		echo ""
+		echo "oder:"
+		echo "sudo umount /dev/mapper/luks-${UUID}"
+		echo "sudo cryptsetup close luks-${UUID}"
+		echo ""
+	fi
+	rm -rf /tmp/backup
+	echo "FERTIG"
+
+}
+trap finish EXIT
+
+if [ ! $(mountpoint -q -x "/dev/mapper/luks-${UUID}") ]; then
+	if ! cryptsetup open UUID="${UUID}" "luks-${UUID}"; then
+		echo "Konnte /dev/disk/by-uuid/${UUID} nicht öffnen."
+		exit
+	fi
+	MOUNTEDBY="script"
+else
+	MOUNTEDBY="gnome"
+fi
+
+if ! mount "/dev/mapper/luks-${UUID}" "${ziel}"; then
+	echo "Konnte /dev/mapper/luks-${UUID} in ${ziel} nicht mounten."
+	exit
+fi
+
+if mountpoint -q /var/lib/backup/quelle/bootfs; then
+	mkdir -p "/var/lib/backup/ziel/void/bootfs"
+	backupbootfs="backupbootfs"
+fi
+
+mkdir -p "/var/lib/backup/ziel/void/{rootfs,homefs}"
+for t in backuprootfs "${backupbootfs}"; do
+	if [[ "${t}" ]]; then
+		if ! btrbk --config="${cfg}" --progress --quiet run "${t}"; then
+			btrbk --config="${cfg}" --progress --quiet clean
+			echo "Wegen Fehler nicht herunterfahren."
+			poweroff=n
+		fi
+	fi
+done
+
+
+#if [[ "${update}" = "y" ]]; then
+#	if command -v voidupdate >/dev/null; then
+#		if ! voidupdate; then
+#			echo "UPDATE FAILED, nicht runterfahren"
+#			poweroff=n
+#		fi
+#	else
+#		if ! apt-get -y -q  upgrade; then
+#			echo "UPDATE FAILED, nicht runterfahren"
+#			poweroff=n
+#		fi
+#	fi
+#fi

files/bin/void-createbackupcontainer

@@ -0,0 +1,106 @@
+#!/bin/bash
+backupcfg="/etc/backup.cfg"
+
+if [ $UID -ne 0 ]; then
+	echo "Keine Rootrechte."
+	exit 1
+fi
+
+#test -f "${backupcfg}" && echo "${backupcfg} existiert" && exit 1
+
+# find all disks
+declare -A disk_tmp=()
+declare -A disk=()
+index=0
+for i in $(find /dev/disk/by-id/ -type l -printf "%P\n" | grep usb | grep -v part | tac ); do
+	name="$(readlink -f /dev/disk/by-id/"${i}")"
+	if [[ "${name}" =~ *"^[0-9]+$"* ]]; then
+		continue
+	fi
+	if [[ "${name}" == *"dm"* ]]; then
+		continue
+	fi
+	if [[ "${name}" == *"/dev/sr"* ]]; then
+		continue
+	fi
+	if blkid "${name}"|grep -q UUID; then
+		size="$(fdisk -l "${name}" | head -n1 | awk '{print $3}')"
+	else
+		continue
+	fi
+	size=$(awk "BEGIN { printf(\"%.0f\n\", ${size}); }")
+	uuid=$(blkid -o value -s UUID ${name})
+	index=$(( index + 1 ))
+	disk_tmp+=( [${index}.id]="${i}" [${index}.name]="${name}" [${index}.uuid]="${uuid}" [${index}.size]="${size}" )
+done
+disk_tmp+=( [count]="${index}" )
+
+if [[ "${disk_tmp[count]}" -eq 0 ]]; then
+	echo "No Disk attached."
+	exit 1
+fi
+# show devices
+echo "Devices:"
+for i in $(seq 1 "${disk_tmp[count]}"); do
+	echo "${disk_tmp[${i}.id]}"
+	echo " - uuid: ${disk_tmp[${i}.uuid]}"
+	echo " - name: ${disk_tmp[${i}.name]}"
+	echo " - size: ${disk_tmp[${i}.size]}"
+done
+
+# choose device
+found=
+while read -p "Which Device? [${disk_tmp[1.uuid]}]: " output; do
+	test -z "${output}" && output="${disk_tmp[1.uuid]}"
+	for i in $(seq 1 "${disk_tmp[count]}"); do
+		if [[ "${disk_tmp[${i}.id]}" == "${output}" ]] || [[ "${disk_tmp[${i}.name]}" == "${output}" ]] || [[ "${disk_tmp[${i}.uuid]}" == "${output}" ]]; then
+			found=1
+			id="${disk_tmp[${i}.id]}"
+			break
+		fi
+	done
+	[[ "${found}" ]] && break
+	echo "${output} not found"
+done
+
+echo "g
+n
+1
+
+
+w
+q" | fdisk "/dev/disk/by-id/${id}"
+
+UUID=$(blkid -o value -s UUID "/dev/disk/by-id/${id}-part1")
+
+if ! cryptsetup luksFormat UUID="${UUID}"; then
+	echo "Konnte /dev/disk/by-uuid/${UUID} nicht verschluesseln."
+	exit 1
+else
+	if ! cryptsetup open UUID="${UUID}" "luks-${UUID}"; then
+		echo "Konnte /dev/disk/by-uuid/${UUID} nicht verschluesseln."
+		exit 1
+	fi
+fi
+
+if ! mkfs.btrfs -f "/dev/mapper/luks-${UUID}"; then
+	echo "Konnte /dev/mapper/luks-${UUID} nicht formatieren"
+	exit 1
+fi
+
+if ! mount "/dev/mapper/luks-${UUID}" "/var/lib/backup/ziel"; then
+	echo "Konnte /dev/mapper/luks-${UUID} nicht nach /var/lib/backup/ziel mounten"
+	exit 1
+fi
+
+if mountpoint -q /boot; then
+	mkdir -p "/var/lib/backup/ziel/${HOSTNAME}/boot"
+fi
+mkdir -p "/var/lib/backup/ziel/${HOSTNAME}/{rootfs,home}"
+
+umount "/var/lib/backup/ziel"
+cryptsetup close "luks-${UUID}"
+
+echo "UUID=\"${UUID}\"" > "${backupcfg}"
+
+echo "Erstellen des Containers fertig."

files/bin/void-snapshot

@@ -0,0 +1,22 @@
+#!/bin/bash
+if [ "${UID}" -ne "0" ]; then
+	echo "Keine Rootrechte."
+	exit 1
+fi
+
+if [ -f /etc/btrbk/btrbk.conf ]; then
+	cfg="/etc/btrbk/btrbk.conf"
+else
+	cfg="/etc/btrbk/btrbk.conf.system"
+fi
+
+if mountpoint -q /var/lib/backup/quelle/bootfs; then
+		snapshotbootfs="snapshotbootfs"
+fi
+for s in snapshotrootfs "${snapshotbootfs}"; do
+	test "${s}" && btrbk --config="${cfg}" --quiet run "${s}"
+done
+
+if ! sudo update-grub 2> /dev/null; then
+	echo update-grub failed
+fi

files/bin/void-update

@@ -0,0 +1,63 @@
+#!/bin/bash
+
+if [ $UID -ne 0 ]; then
+	echo "Keine Rootrechte."
+	exit 1
+fi
+
+RESTART=
+echo "Synchronisiere Repositorys"
+xbps-install -S > /dev/null
+
+mapfile -t updatedpkgs < <(xbps-install -un|awk '{print $1}')
+if [[ "${#updatedpkgs[@]}" -eq 0 ]]; then
+	echo "Keine Updates"
+	exit
+else
+	echo "Es sind Updates da!"
+	while read -p "Installieren? [Y/n] " answer; do
+		test -z "${answer}" && answer="y"
+		case "${answer}" in
+			n*|N*|*o|*O)
+				exit
+			;;
+			y*|Y*|j*|J*)
+				break
+			;;
+		esac
+	done
+fi
+
+echo "Lege Snapshot an"
+void-snapshot
+
+echo "Entferne nicht benutzte Pakete"
+xbps-remove -oy > /dev/null
+
+echo "Räume den Cache auf"
+xbps-remove -Oy > /dev/null
+
+echo "Installiere Updates"
+if ! xbps-install -uy; then
+	echo "Update failed."
+	exit
+fi
+
+if [[ "$(xcheckrestart)" ]]; then
+	RESTART=1
+fi
+
+for i in "${updatedpkgs[@]}"; do
+	if grep -q "^linux" <<< "${i}"; then
+		vkpurge list | head -n -1 | xargs -r vkpurge rm
+		RESTART=1
+	fi
+done
+
+if [[ "${RESTART}" ]]; then
+	echo ""; echo "Bitte den Computer neu starten."
+fi
+
+echo ""
+echo "Update fertig."
+

files/btrbk/btrbk.conf.system

@@ -0,0 +1,45 @@
+transaction_syslog              daemon
+lockfile                        /tmp/btrbk.lock
+incremental                     yes
+btrfs_commit_delete             after
+timestamp_format                long
+noauto                          yes
+backend                         btrfs-progs-sudo
+
+volume /var/lib/backup/quelle/bootfs
+        group                   snapshotbootfs
+        snapshot_dir            snapshot
+        snapshot_preserve_min   4h
+        snapshot_preserve       no
+        subvolume               bootfs
+
+volume /var/lib/backup/quelle/rootfs
+        group                   snapshotrootfs
+        snapshot_dir            snapshot
+        snapshot_preserve_min   4h
+        snapshot_preserve       no 
+        subvolume               rootfs
+        subvolume               homefs
+
+volume /var/lib/backup/quelle/bootfs
+        group                   backupbootfs
+        snapshot_dir            backup
+        snapshot_preserve_min   4h
+        snapshot_preserve       no
+        target_preserve_min     latest
+        target_preserve         20d 10w 2m
+        subvolume               bootfs
+                target send-receive    /var/lib/backup/ziel/void/bootfs
+
+volume /var/lib/backup/quelle/rootfs
+        group                   backuprootfs
+        snapshot_dir            backup
+        snapshot_preserve_min   4h
+        snapshot_preserve       no
+        target_preserve_min     latest
+        target_preserve         no
+        subvolume               rootfs
+                target send-receive     /var/lib/backup/ziel/void/rootfs
+        subvolume               homefs
+                target send-receive     /var/lib/backup/ziel/void/homefs
+

files/grub-btrfs/void.conf

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+# Ignore specific path during run "grub-mkconfig".
+# Only exact paths are ignored.
+# e.g : if `specific path` = @, only `@` snapshot will be ignored.
+# Default: ("@")
+GRUB_BTRFS_IGNORE_SPECIFIC_PATH=("@" "rootfs" "bootfs" "homefs")
+
+# Ignore prefix path during run "grub-mkconfig".
+# Any path starting with the specified string will be ignored.
+# e.g : if `prefix path` = @, all snapshots beginning with "@/..." will be ignored.
+# Default: ("var/lib/docker" "@var/lib/docker" "@/var/lib/docker")
+GRUB_BTRFS_IGNORE_PREFIX_PATH=("var/lib/docker" "@var/lib/docker" "@/var/lib/docker" "backup")
+
+GRUB_BTRFS_SUBMENUNAME="Void Linux snapshots"
+GRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION="true"
+GRUB_BTRFS_DISPLAY_PATH_SNAPSHOT="false"
+GRUB_BTRFS_TITLE_FORMAT="d"
+GRUB_BTRFS_LIMIT="5"

files/nm/unmanaged-wg.conf

@@ -0,0 +1,3 @@
+[keyfile]
+unmanaged-devices=interface-name:wg*
+

files/sudoers/10-common

@@ -0,0 +1,9 @@
+Defaults timestamp_timeout=15
+Defaults !tty_tickets
+Defaults umask = 022
+Defaults passprompt="[sudo] Password: "
+Defaults editor = /usr/bin/nvim
+Defaults env_keep += "EDITOR"
+Defaults env_keep += "SSH_CONNECTION"
+
+%wheel   ALL=(ALL) ALL

files/sudoers/20-backup

@@ -0,0 +1,5 @@
+User_Alias BACKUPGROUP = %_backshot
+Cmnd_Alias BACKUP = /usr/bin/btrbk, /usr/bin/btrfs, /usr/bin/readlink, /usr/bin/update-grub, /usr/bin/mount
+
+BACKUPGROUP ALL = NOPASSWD: BACKUP
+

files/udev/99-ioschedulers.rules

@@ -0,0 +1 @@
+ACTION=="add|change", KERNEL=="sd[a-z]|mmcblk[0-9]*", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="mq-deadline"

files/udev/99-mount-media.rules

@@ -0,0 +1 @@
+ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{UDISKS_FILESYSTEM_SHARED}="1"

files/xbps/20-repo-rotce.de-pakete.conf

@@ -0,0 +1,2 @@
+repository=https://rotce.de/pakete
+

files/xbps/50-no-extract.conf

@@ -0,0 +1 @@
+noextract=/usr/bin/xq

files/xorg/10-keyboard.conf

@@ -0,0 +1,7 @@
+Section "InputClass"
+  Identifier "keyboard"
+  MatchIsKeyboard "yes"
+  Option "XkbLayout" "de"
+  Option "XkbVariant" "nodeadkeys"
+  #Option "XkbOptions" "grp:alt_shift_toggle"
+EndSection