aboutsummaryrefslogtreecommitdiffstats
path: root/partition.sh
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2013-10-10 04:54:44 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 04:27:32 +0200
commit5e1c937aaf6d267806a78004b060445226aeb2c3 (patch)
treeee21319fc1f0085047e4583faefc1fb83382db05 /partition.sh
parentb912aafc1428bb248ca43cc0dedce5e942092790 (diff)
Documentation
Diffstat (limited to 'partition.sh')
-rwxr-xr-xpartition.sh19
1 files changed, 16 insertions, 3 deletions
diff --git a/partition.sh b/partition.sh
index 1a33e02..5e836bb 100755
--- a/partition.sh
+++ b/partition.sh
@@ -1,26 +1,38 @@
#!/bin/sh
+#
+# Simple partitioning shell script.
+#
+# Copyright 2013 Guilhem Moulin <guilhem@fripost.org>
+#
+# Licensed under the GNU GPL version 3 or higher.
set -ue
. /lib/fripost-partman/base.sh
+# Wipe the disk
device=/dev/sda
fripost_wipe $device
+
+# Create a disk label
/sbin/parted -s $device mklabel gpt
log "Created disklabel GPT for device $device"
+# Create a UEFI partition if needed
[ -d /proc/efi -o -d /sys/firmware/efi ] && \
part_uefi=$( fripost_mkpart $device uefi 256M +boot )
+# Create boot and system partitions
part_boot=$( fripost_mkpart $device boot 64M )
part_system=$( fripost_mkpart $device system 100% ) #+lvm
/sbin/parted -s $device align-check opt ${part_system#$device} \
|| fatal "$part_system is not aligned"
-# Choose the key length and digest depending on the architecture
-# we're on; we use AES128 and SHA-256 on 32-bits platforms, and
-# AES256 and SHA-512 on 64-bits platforms.
+
+# Encrypt the system partition. We choose the key length and digest
+# depending on the architecture we're on; we use AES128 and SHA-256 on
+# 32-bits platforms, and AES256 and SHA-512 on 64-bits platforms.
arch=$(uname -m)
if [ x"$arch" = x"x86_64" ]; then
keysize=256
@@ -35,6 +47,7 @@ fripost_encrypt $part_system system_crypt \
--iter-time 5000 --use-random
+# Create logical volumes for /, swap and /home using LVM2
vg=$(hostname)
pvcreate -ff -y /dev/mapper/system_crypt
vgcreate $vg /dev/mapper/system_crypt