From f6ba767625da0be466ce7e10eb91da46731564bf Mon Sep 17 00:00:00 2001 From: teldra Date: Thu, 15 Apr 2021 10:43:20 +0200 Subject: [PATCH] add files --- main.sh | 2 + modules/40-basesystem/install | 531 ++++------------------------------ run_in_chroot.sh | 2 + 3 files changed, 55 insertions(+), 480 deletions(-) diff --git a/main.sh b/main.sh index d232a00..fae2d58 100755 --- a/main.sh +++ b/main.sh @@ -9,6 +9,7 @@ install_mods="${modules}/install" chroot_mods="${modules}/chroot" vars="${wrksrc}/vars" dest="${wrksrc}/dest" +files="${wrksrc}/files" rm -rf "${vars}" mkdir -p "${wrksrc}" "${vars}" "${dest}" declare -A cfg=() @@ -35,6 +36,7 @@ cp -rf /etc/resolv.conf "${dest}"/etc cp -rf "${vars}" "${dest}"/tmp/installer/tmp #rm -rf "${vars}" cp -rf "${modules}" "${dest}"/tmp/installer +cp -rf "${files}" "${dest}"/tmp/installer cp -rf "${functions}" "${dest}"/tmp/installer cp -rf ./run_in_chroot.sh "${dest}"/tmp/installer diff --git a/modules/40-basesystem/install b/modules/40-basesystem/install index 061a5cf..a17b0d0 100644 --- a/modules/40-basesystem/install +++ b/modules/40-basesystem/install @@ -4,6 +4,57 @@ diskid="${cfg[diskid]//-/_}" chown root:root / chmod 755 / +DESTDIR= + +vmkdir() { + mkdir -p /"$1" +} + +vinstall() { + src=$1; tgt=$3; rights=$2 + cp -fr "${src}" /"${tgt}" + chmod -R "${rights}" /"${tgt}" +} + +vbin() { + cp -rf "$1" /usr/bin/ + chmod 0755 /usr/bin/"$(basename $1)" +} + +vbin "${FILESDIR}/bin/joinvpn" +vbin "${FILESDIR}/bin/void-update" +vbin "${FILESDIR}/bin/void-backup" +vbin "${FILESDIR}/bin/void-snapshot" +vbin "${FILESDIR}/bin/void-createbackupcontainer" + +vmkdir etc/sudoers.d +vinstall "${FILESDIR}/sudoers/10-common" 700 etc/sudoers.d +vinstall "${FILESDIR}/sudoers/20-backup" 700 etc/sudoers.d + +vmkdir etc/bash/bashrc.d +vinstall "${FILESDIR}/bash/xbps-aliase.sh" 755 etc/bash/bashrc.d + +vmkdir usr/lib/udev/rules.d +vinstall "${FILESDIR}/udev/99-mount-media.rules" 744 usr/lib/udev/rules.d +vinstall "${FILESDIR}/udev/99-ioschedulers.rules" 744 usr/lib/udev/rules.d + +vmkdir etc/btrbk +vinstall "${FILESDIR}/btrbk/btrbk.conf.system" 744 etc/btrbk + +vmkdir etc/xbps.d +vinstall "${FILESDIR}/xbps/50-no-extract.conf" 744 etc/xbps.d +vinstall "${FILESDIR}/xbps/20-repo-rotce.de-pakete.conf" 744 etc/xbps.d + +vmkdir etc/default/grub-btrfs +vinstall "${FILESDIR}/grub-btrfs/void.conf" 755 etc/default/grub-btrfs + +vmkdir etc/NetworkManager/conf.d +vinstall "${FILESDIR}/nm/unmanaged-wg.conf" 744 etc/NetworkManager/conf.d + +vinstall "${FILESDIR}/xorg/10-keyboard.conf" 744 usr/share/X11/xorg.conf.d + +vmkdir etc/fonts/conf.d +ln -s /usr/share/fontconfig/conf.avail/70-no-bitmaps.conf "${DESTDIR}/etc/fonts/conf.d/70-no-bitmaps.conf" mkdir -p /etc/xbps.d/ { echo "#ignorepkg=linux-firmware-amd"; @@ -34,34 +85,6 @@ if [[ "${cfg[fde_key_store]}" == "once" ]]; then echo "UUID=${cfg[bootuuid]} /var/lib/backup/quelle/bootfs btrfs defaults 0 0"; } >> /etc/fstab fi -mkdir -p /etc/sudoers.d -{ echo 'Defaults timestamp_timeout=15'; -echo 'Defaults !tty_tickets'; -echo 'Defaults umask = 022'; -echo 'Defaults passprompt="[sudo] Password: "'; -echo '%wheel ALL=(ALL) ALL'; -echo 'Defaults editor = /usr/bin/nvim'; -echo 'Defaults env_keep += "EDITOR"'; -echo 'Defaults env_keep += "SSH_CONNECTION"'; } > /etc/sudoers.d/10-common - -mkdir -p /etc/udev/rules.d/ -echo 'ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{UDISKS_FILESYSTEM_SHARED}="1"' > /etc/udev/rules.d/mount-media.rules -echo 'ACTION=="add|change", KERNEL=="sd[a-z]|mmcblk[0-9]*", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="mq-deadline"' > /etc/udev/rules.d/60-ioschedulers.rules - -mkdir -p /etc/bash/bashrc.d/ -cat <<'EOF' > /etc/bash/bashrc.d/xbps-aliase.sh -[ "$(id -u)" -eq 0 ] && return -alias xu="sudo void-update" -alias xr="sudo xbps-remove -R" -alias xs="xbps-query -Rs" -alias backup="sudo void-backup" -echo "xu = sudo void-update zum updaten" -echo "xi = sudo xbps-install -S zum installieren" -echo "xr = sudo xbps-remove -R zum deinstallieren" -echo "xs = xbps-query -Rs zum suchen" -echo "backup = sudo void-backup um ein backup zu machen" -EOF - echo "${cfg[hostname]}" > /etc/hostname ln -sf "/usr/share/zoneinfo/${cfg[timezone]}" /etc/localtime sed -i "s/#HOSTNAME=\"void-live\"/HOSTNAME=${cfg[hostname]}/g" /etc/rc.conf @@ -87,456 +110,4 @@ if [[ ! ${cfg[fde_key_store]} == "none" ]]; then echo "fi" >> /etc/runit/core-services/99-changepwuser.sh fi -{ echo "transaction_syslog daemon"; -echo "lockfile /tmp/btrbk.lock"; -echo "incremental yes"; -echo "btrfs_commit_delete after"; -echo "timestamp_format long"; -echo "noauto yes"; -echo "backend btrfs-progs-sudo"; -echo ""; -echo "volume /var/lib/backup/quelle/rootfs"; -echo " group snapshotrootfs"; -echo " snapshot_dir snapshot"; -echo " snapshot_preserve_min 4h"; -echo " snapshot_preserve no "; -echo " subvolume rootfs"; -echo " subvolume homefs"; -echo ""; -echo "volume /var/lib/backup/quelle/rootfs"; -echo " group backuprootfs"; -echo " snapshot_dir backup"; -echo " snapshot_preserve_min 4h"; -echo " snapshot_preserve no"; -echo " target_preserve_min latest"; -echo " target_preserve no"; -echo " subvolume rootfs"; -echo " target send-receive /var/lib/backup/ziel/void/rootfs"; -echo " subvolume homefs"; -echo " target send-receive /var/lib/backup/ziel/void/homefs"; -echo ""; } > /etc/btrbk/btrbk.conf -if [[ ! ${cfg[fde_key_store]} == "once" ]]; then - { echo "volume /var/lib/backup/quelle/bootfs"; - echo " group snapshotboot"; - echo " snapshot_dir snapshot"; - echo " snapshot_preserve_min 4h"; - echo " snapshot_preserve no"; - echo " subvolume bootfs"; - echo ""; - echo "volume /var/lib/backup/quelle/bootfs"; - echo " group backupboot"; - echo " snapshot_dir backup"; - echo " snapshot_preserve_min 4h"; - echo " snapshot_preserve no"; - echo " target_preserve_min latest"; - echo " target_preserve 20d 10w 2m"; - echo " subvolume bootfs"; - echo " target send-receive /var/lib/backup/ziel/void/bootfs"; - echo ""; } >> /etc/btrbk/btrbk.conf -fi - -cat <<'EOF' > /usr/bin/joinvpn -#!/bin/bash -basewgfolder="/etc/wireguard" - -if [ $UID -ne 0 ]; then - echo "Keine Rootrechte" - exit 1 -fi -umask 0077 -mkdir -p "${basewgfolder}/wg0" -cd "${basewgfolder}/wg0" - - -if [[ -f "${basewgfolder}/wg0/privkey" ]]; then - read -p "Address: " ADDRESS - read -p "PublicKey: " PUBKEY_SERVER - read -p "Endpoint: " ENDPOINT - read -p "Port: " PORT - { echo "[Interface]"; - echo "Address = ${ADDRESS}"; - echo "PostUp = wg set %i private-key /etc/wireguard/wg0/wg0.key <(cat /etc/wireguard/wg0/privkey)"; - echo "[Peer]"; - echo "PublicKey = ${PUBKEY_SERVER}"; - echo "Endpoint = ${ENDPOINT}:${PORT}"; - echo "AllowedIPs = fd23::23:0:0/96"; - echo "PresharedKey = $(cat psk)"; - echo "PersistentKeepalive = 25"; } > "${basewgfolder}/wg0.conf" -else - test -f privkey || wg genkey > privkey - test -f pubkey || wg pubkey < privkey > pubkey - test -f psk || wg genpsk > psk - echo "Frage O nach den den folgenden Daten und wenn du sie hast, starte das hier nochmal" - echo "Address" - echo "PublicKey" - echo "Endpoint" - echo "Port" - echo "" - echo "Schicke ihm verschlüsselt (Jabber oder Email) folgende Daten:" - echo "PublicKey = $(cat pubkey)" - echo "PresharedKey = $(cat psk)" - echo "Hostname = ${HOSTNAME}" -fi - -EOF - -cat <<'EOF' > /usr/bin/void-backup -#!/bin/bash -export LANG="en_US.UTF-8" -backupcfg="/etc/backup.cfg" -ziel="/var/lib/backup/ziel" -cfg="/etc/btrbk/btrbk.conf.system" - -if [ $UID -ne 0 ]; then - echo "Keine Rootrechte." - exit 1 -fi - -if [[ ! -f "${backupcfg}" ]] && [[ ! -f /etc/btrbk/btrbk.conf ]]; then - echo "Eine USB-Festplatte einrichten?" - while read -p "[Y/n] " answer; do - test -z "${answer}" && answer="y" - case "${answer}" in - n*|N*) - echo "Entweder eine Konfigurationsdatei anlegen. (${backupcfg})" - echo "(Diese Datei wird normalerweise durch \`void-createbackupcontainer\` erstellt)" - echo "UUID=\"uuid\"" - echo "Oder eine Backupfestplatte einrichten. \`void-createbackupcontainer\`" - exit 0 - ;; - y*|Y*|j*|J*) - echo "Schliesse nun eine leere oder zu leerende USB-Festplatte an und starte dieses Programm nochmal, wenn es beendet ist" - exec /usr/bin/void-createbackupcontainer - ;; - esac - done -elif [[ -f "${backupcfg}" ]] && [[ ! -f /etc/btrbk/btrbk.conf ]]; then - source "${backupcfg}" -elif [[ -f /etc/btrbk/btrbk.conf ]]; then - cfg="/etc/btrbk/btrbk.conf" -fi - -if [ -z "${UUID}" ]; then - echo "Keine Backupplatte angegeben." - exit 1 -fi - -fhelp() { - echo "Nutze es so:" - echo "sudo backup" - echo "sudo backup poweroff (um den Rechner nach dem Backup herunterzufahren.)" - #echo "sudo backup update (um den Rechner nach dem Backup up zu daten.)" - #echo "update und poweroff sind mixbar" - echo "sudo backup passwd (um das Passwort für die Backupfestplatte zu ändern.)" -} - -if [ ! -e "/dev/disk/by-uuid/${UUID}" ]; then - echo "Bitte Backupfestplatte anschliessen." - exit 1 -fi - -for argval in "$@" -do - case "${argval}" in - power|poweroff|p) - poweroff=y - ;; - help|-h|--help|h) - fhelp - exit - ;; - update) - update=y - ;; - passwd) - passwd=y - ;; - esac -done - -if [ -e /tmp/backup ]; then - echo "Es läuft schon ein Backupvorgang oder wurde nicht richtig beendet." - echo "Bei letzterem: 'sudo rm -rf /tmp/backup'" - exit 1 -fi -touch /tmp/backup - -if [[ "${passwd}" == "y" ]]; then - cryptsetup luksChangeKey "/dev/disk/by-uuid/${UUID}" - rm -rf /tmp/backup - exit 0 -fi - -function finish { - sync - if [ "${poweroff}" = "y" ]; then - shutdown -h now - fi - sleep 4 - umount "${ziel}" - echo " " - echo " " - if [[ "${MOUNTEDBY}" == "script" ]]; then - cryptsetup close "luks-${UUID}" - echo "Festplatte kann nun sicher entfernt werden." - elif [[ "${MOUNTEDBY}" == "gnome" ]]; then - echo "Festplatte bitte mit der grafischen Oberflaeche auswerfen (wie ein USB-Stick)" - echo "" - echo "oder:" - echo "sudo umount /dev/mapper/luks-${UUID}" - echo "sudo cryptsetup close luks-${UUID}" - echo "" - fi - rm -rf /tmp/backup - echo "FERTIG" - -} -trap finish EXIT - -if [ ! $(mountpoint -q -x "/dev/mapper/luks-${UUID}") ]; then - if ! cryptsetup open UUID="${UUID}" "luks-${UUID}"; then - echo "Konnte /dev/disk/by-uuid/${UUID} nicht öffnen." - exit - fi - MOUNTEDBY="script" -else - MOUNTEDBY="gnome" -fi - -if ! mount "/dev/mapper/luks-${UUID}" "${ziel}"; then - echo "Konnte /dev/mapper/luks-${UUID} in ${ziel} nicht mounten." - exit -fi - -if mountpoint -q /var/lib/backup/quelle/boot; then - mkdir -p "/var/lib/backup/ziel/void/boot" - if ! btrbk --config="${cfg}" --progress --quiet run backupboot; then - btrbk --config="${cfg}" --progress --quiet clean - echo "Wegen Fehler nicht herunterfahren." - poweroff=n - fi -fi - -mkdir -p "/var/lib/backup/ziel/void/{rootfs,home}" -if ! btrbk --config="${cfg}" --progress --quiet run backuprootfs; then - btrbk --config="${cfg}" --progress --quiet clean - echo "Wegen Fehler nicht herunterfahren." - poweroff=n -fi - - -#if [[ "${update}" = "y" ]]; then -# if command -v voidupdate >/dev/null; then -# if ! voidupdate; then -# echo "UPDATE FAILED, nicht runterfahren" -# poweroff=n -# fi -# else -# if ! apt-get -y -q upgrade; then -# echo "UPDATE FAILED, nicht runterfahren" -# poweroff=n -# fi -# fi -#fi - -EOF - -cat <<'EOF' > /usr/bin/void-createbackupcontainer -#!/bin/bash -backupcfg="/etc/backup.cfg" - -if [ $UID -ne 0 ]; then - echo "Keine Rootrechte." - exit 1 -fi - -#test -f "${backupcfg}" && echo "${backupcfg} existiert" && exit 1 - -# find all disks -declare -A disk_tmp=() -declare -A disk=() -index=0 -for i in $(find /dev/disk/by-id/ -type l -printf "%P\n" | grep usb | grep -v part | tac ); do - name="$(readlink -f /dev/disk/by-id/"${i}")" - if [[ "${name}" =~ *"^[0-9]+$"* ]]; then - continue - fi - if [[ "${name}" == *"dm"* ]]; then - continue - fi - if [[ "${name}" == *"/dev/sr"* ]]; then - continue - fi - if blkid "${name}"|grep -q UUID; then - size="$(fdisk -l "${name}" | head -n1 | awk '{print $3}')" - else - continue - fi - size=$(awk "BEGIN { printf(\"%.0f\n\", ${size}); }") - uuid=$(blkid -o value -s UUID ${name}) - index=$(( index + 1 )) - disk_tmp+=( [${index}.id]="${i}" [${index}.name]="${name}" [${index}.uuid]="${uuid}" [${index}.size]="${size}" ) -done -disk_tmp+=( [count]="${index}" ) - -if [[ "${disk_tmp[count]}" -eq 0 ]]; then - echo "No Disk attached." - exit 1 -fi -# show devices -echo "Devices:" -for i in $(seq 1 "${disk_tmp[count]}"); do - echo "${disk_tmp[${i}.id]}" - echo " - uuid: ${disk_tmp[${i}.uuid]}" - echo " - name: ${disk_tmp[${i}.name]}" - echo " - size: ${disk_tmp[${i}.size]}" -done - -# choose device -found= -while read -p "Which Device? [${disk_tmp[1.uuid]}]: " output; do - test -z "${output}" && output="${disk_tmp[1.uuid]}" - for i in $(seq 1 "${disk_tmp[count]}"); do - if [[ "${disk_tmp[${i}.id]}" == "${output}" ]] || [[ "${disk_tmp[${i}.name]}" == "${output}" ]] || [[ "${disk_tmp[${i}.uuid]}" == "${output}" ]]; then - found=1 - id="${disk_tmp[${i}.id]}" - break - fi - done - [[ "${found}" ]] && break - echo "${output} not found" -done - -echo "g -n -1 - - -w -q" | fdisk "/dev/disk/by-id/${id}" - -UUID=$(blkid -o value -s UUID "/dev/disk/by-id/${id}-part1") - -if ! cryptsetup luksFormat UUID="${UUID}"; then - echo "Konnte /dev/disk/by-uuid/${UUID} nicht verschluesseln." - exit 1 -else - if ! cryptsetup open UUID="${UUID}" "luks-${UUID}"; then - echo "Konnte /dev/disk/by-uuid/${UUID} nicht verschluesseln." - exit 1 - fi -fi - -if ! mkfs.btrfs -f "/dev/mapper/luks-${UUID}"; then - echo "Konnte /dev/mapper/luks-${UUID} nicht formatieren" - exit 1 -fi - -if ! mount "/dev/mapper/luks-${UUID}" "/var/lib/backup/ziel"; then - echo "Konnte /dev/mapper/luks-${UUID} nicht nach /var/lib/backup/ziel mounten" - exit 1 -fi - -if mountpoint -q /boot; then - mkdir -p "/var/lib/backup/ziel/${HOSTNAME}/boot" -fi -mkdir -p "/var/lib/backup/ziel/${HOSTNAME}/{rootfs,home}" - -umount "/var/lib/backup/ziel" -cryptsetup close "luks-${UUID}" - -echo "UUID=\"${UUID}\"" > "${backupcfg}" - -echo "Erstellen des Containers fertig." - -EOF - -cat <<'EOF' > /usr/bin/void-snapshot -#!/bin/sh -if [ -f /etc/btrbk/btrbk.conf ]; then - cfg="/etc/btrbk/btrbk.conf" -else - cfg="/etc/btrbk/btrbk.conf.system" -fi - -if mountpoint -q /var/lib/backup/quelle/boot; then - btrbk --config="${cfg}" --quiet run snapshotboot -fi - -btrbk --config="${cfg}" --quiet run snapshotrootfs - -if ! update-grub 2> /dev/null; then - echo update-grub failed -fi - -EOF - -cat <<'EOF' > /usr/bin/void-update -#!/bin/bash - -if [ $UID -ne 0 ]; then - echo "Keine Rootrechte." - exit 1 -fi - -RESTART= -echo "Synchronisiere Repositorys" -xbps-install -S > /dev/null - -mapfile -t updatedpkgs < <(xbps-install -un|awk '{print $1}') -if [[ "${#updatedpkgs[@]}" -eq 0 ]]; then - echo "Keine Updates" - exit -else - echo "Es sind Updates da!" - while read -p "Installieren? [Y/n] " answer; do - test -z "${answer}" && answer="y" - case "${answer}" in - n*|N*|*o|*O) - exit - ;; - y*|Y*|j*|J*) - break - ;; - esac - done -fi - -echo "Lege Snapshot an" -void-snapshot - -echo "Entferne nicht benutzte Pakete" -xbps-remove -oy > /dev/null - -echo "Räume den Cache auf" -xbps-remove -Oy > /dev/null - -echo "Installiere Updates" -if ! xbps-install -uy; then - echo "Update failed." - exit -fi - -if [[ "$(xcheckrestart)" ]]; then - RESTART=1 -fi - -for i in "${updatedpkgs[@]}"; do - if grep -q "^linux" <<< "${i}"; then - vkpurge list | head -n -1 | xargs -r vkpurge rm - RESTART=1 - fi -done - -if [[ "${RESTART}" ]]; then - echo ""; echo "Bitte den Computer neu starten." -fi - -echo "" -echo "Update fertig." - -EOF - - - module end diff --git a/run_in_chroot.sh b/run_in_chroot.sh index baa89b6..59a2d2e 100755 --- a/run_in_chroot.sh +++ b/run_in_chroot.sh @@ -6,6 +6,8 @@ modules="${dir}/modules" config_mods="${modules}/config" install_mods="${modules}/install" chroot_mods="${modules}/chroot" +FILESDIR="${dir}"/files + vars="${wrksrc}/vars" declare -A cfg=() declare -A users=()