#!/bin/sh # Simple partitioning shell script. # Copyright © 2013,2014 Guilhem Moulin # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # On most installations it should be enough to change what is marked as # 'FIXME'. set -ue . /lib/fripost-partman/base.sh # Configuration for a single disk device=/dev/sda raidLevel= # Configuration for a RAID array #device='/dev/sda /dev/sdb' # FIXME #raidLevel=raid1 # raid level FIXME #raidNumActiveDevices=2 # number of active devices in the array FIXME n=0 for d in $device; do n=$(( $n + 1 )) wait_for_device $d # Umount existing mountpoints for mp in $(sed -nr "s#^$d\S*\s+(\S+).*#\1#p" /proc/mounts); do umount "$mp" done # Wipe the disk fripost_wipe $d # Create a disk label /sbin/parted -s $d mklabel gpt log "Created disklabel GPT for device $d" # Don't make an array of these partitions, but keep the alignment # regardless (at the expense of loosing some megabytes) # Create a EFI partition if needed; otherwise, create a partition needed # to put GRUB on GPT disklabels. if [ -d /proc/efi -o -d /sys/firmware/efi ]; then size=256M name=efi if [ $n -eq 1 ]; then anna-install dosfstools-udeb part_efi=$( fripost_mkpart $d $name $size +boot ) fripost_mkfs vfat $part_efi -F 32 else fripost_mkpart $d $name $size fi else size=8M name=bios_grub if [ $n -eq 1 ]; then fripost_mkpart $d $name $size +bios_grub else fripost_mkpart $d $name $size fi fi done db_get fripost/encrypt encrypt=$RET # Install GRUB on the first device in case of an array db_set grub-installer/bootdev "${device%% *}" db_fset grub-installer/bootdev seen true part_boot= part_system= # Create boot and system partitions for d in $device; do pb=$( fripost_mkpart $d boot 64M ) ps=$( fripost_mkpart $d system 100% ) part_boot="${part_boot:+$part_boot }$pb" part_system="${part_system:+$part_system }$ps" /sbin/parted -s $d align-check opt ${ps#$d} \ || fatal "$ps is not aligned" done # Create an array on top of that if [ ${raidLevel:-} ]; then [ -d /dev/md ] || mkdir /dev/md devices="$part_boot" part_boot=/dev/md/boot fripost_mdadm_create "$part_boot" -f -R -l $raidLevel \ ${raidNumActiveDevices:+-n $raidNumActiveDevices} $devices devices="$part_system" part_system=/dev/md/system fripost_mdadm_create "$part_system" -f -R -l $raidLevel \ ${raidNumActiveDevices:+-n $raidNumActiveDevices} $devices # They were only meant to preserve alignment accross physical # devices. log "Remove dummy partitions" for d in ${device#* }; do # efi and bios_grub are only installed on the first disk fripost_rmpart $d efi || true fripost_rmpart $d bios_grub || true done # Note that we're assembling the array *before* encryption rather # than the otherway around. dm_crypt being now multi-threaded, the # order shouldn't impact performances (and that order is # significantly simpler to configure). fi if [ $encrypt = true ]; then # Encrypt the system partition. We choose the key length and digest # depending on the architecture we're on; we use AES128 and SHA-256 # on 32-bits platforms, and AES256 and SHA-512 on 64-bits platforms. arch=$(uname -m) if [ "$arch" = x86_64 ]; then keysize=256 hash=sha512 elif [ "$arch" = i386 -o "$arch" = i686 ]; then keysize=128 hash=sha256 fi # Note: XTS requires the key size to be doubled. fripost_encrypt $part_system system_crypt \ --cipher aes-xts-plain64 --key-size $(( $keysize * 2 )) --hash $hash \ --iter-time 5000 --use-random part_system=/dev/mapper/system_crypt fi # Ensure LVM2 is installed in the target chroot; create logical volumes # for /, swap and /home. apt-install lvm2 || true vg=$(hostname) pvcreate -ff -y $part_system vgcreate $vg $part_system lvcreate -L 5G -n root $vg # FIXME lvcreate -L 1G -n swap $vg # FIXME lvcreate -l 100%FREE -n home $vg # FIXME vgchange -ay $vg # Format the partitions fripost_mkfs ext2 $part_boot -E resize=512M -m1 -b 4096 fripost_mkfs ext4 /dev/$vg/root -b 4096 fripost_mkfs ext4 /dev/$vg/home -b 4096 mkswap /dev/$vg/swap # Stuff the fstab and mount the devices in the target fripost_fstab $part_boot /boot ext2 noatime [ -d /proc/efi -o -d /sys/firmware/efi ] && \ fripost_fstab $part_efi /boot/efi vfat defaults fripost_fstab /dev/$vg/root / ext4 noatime,errors=remount-ro fripost_fstab /dev/$vg/swap none swap sw fripost_fstab /dev/$vg/home /home ext4 noatime fripost_mount_partitions