blob: 5418341d386281fbf2097d9bd0a4352b4548d4b1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
#!/bin/sh
# Simple partitioning shell script.
# Copyright © 2013 Guilhem Moulin <guilhem@fripost.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
set -ue
. /lib/fripost-partman/base.sh
device=/dev/sda
# Umount existing mountpoints
for mp in $(sed -nr "s#^$device\S*\s+(\S+).*#\1#p" /proc/mounts); do
umount "$mp"
done
# Wipe the disk
fripost_wipe $device
db_get fripost/encrypt
encrypt=$RET
# Create a disk label
/sbin/parted -s $device mklabel gpt
log "Created disklabel GPT for device $device"
# Create a EFI partition if needed; otherwise, create a partition needed
# to put GRUB on GPT disklabels.
if [ -d /proc/efi -o -d /sys/firmware/efi ]; then
anna-install dosfstools-udeb
part_efi=$( fripost_mkpart $device efi 256M +boot )
fripost_mkfs vfat $part_efi -F 32
else
fripost_mkpart $device bios_grub 8M +bios_grub
fi
db_set grub-installer/bootdev $device
db_fset grub-installer/bootdev seen true
# Create boot and system partitions
part_boot=$( fripost_mkpart $device boot 64M )
part_system=$( fripost_mkpart $device system 100% )
/sbin/parted -s $device align-check opt ${part_system#$device} \
|| fatal "$part_system is not aligned"
if [ $encrypt = true ]; then
# Encrypt the system partition. We choose the key length and digest
# depending on the architecture we're on; we use AES128 and SHA-256
# on 32-bits platforms, and AES256 and SHA-512 on 64-bits platforms.
arch=$(uname -m)
if [ "$arch" = x86_64 ]; then
keysize=256
hash=sha512
elif [ "$arch" = i386 -o "$arch" = i686 ]; then
keysize=128
hash=sha256
fi
# Note: XTS requires the key size to be doubled.
fripost_encrypt $part_system system_crypt \
--cipher aes-xts-plain64 --key-size $(( $keysize * 2 )) --hash $hash \
--iter-time 5000 --use-random
part_system=/dev/mapper/system_crypt
fi
# Ensure LVM2 is installed in the target chroot; create logical volumes
# for /, swap and /home.
apt-install lvm2 || true
vg=$(hostname)
pvcreate -ff -y $part_system
vgcreate $vg $part_system
lvcreate -L 5G -n root $vg
lvcreate -L 1G -n swap $vg
lvcreate -l 100%FREE -n home $vg
vgchange -ay $vg
# Format the partitions
fripost_mkfs ext2 $part_boot -E resize=512M -m1 -b 4096
fripost_mkfs ext4 /dev/$vg/root -b 4096
fripost_mkfs ext4 /dev/$vg/home -b 4096
mkswap /dev/$vg/swap
# Stuff the fstab and mount the devices in the target
fripost_fstab $part_boot /boot ext2 noatime
[ -d /proc/efi -o -d /sys/firmware/efi ] && \
fripost_fstab $part_efi /boot/efi vfat defaults
fripost_fstab /dev/$vg/root / ext4 noatime,errors=remount-ro
fripost_fstab /dev/$vg/swap none swap sw
fripost_fstab /dev/$vg/home /home ext4 noatime
fripost_mount_partitions
|
