diff options
Diffstat (limited to 'share/hydractl/provision')
| -rwxr-xr-x | share/hydractl/provision | 77 |
1 files changed, 63 insertions, 14 deletions
diff --git a/share/hydractl/provision b/share/hydractl/provision index e0fa248..b205742 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -145,6 +145,16 @@ function hydra_provision_config { hydra_user_config version bullseye "Distro version" hydra_user_config vg $hostname "Install vg" hydra_user_config grub y "Setup GRUB? (y/n)" + hydra_user_config boot_mode uefi "Boot mode? (UEFI/BIOS)" + + # Sanitize boot_mode param + boot_mode="`echo $boot_mode | tr '[:upper:]' '[:lower:]'`" + + if [ "$boot_mode" == "uefi" ]; then + hydra_user_config secure_boot y "Use SecureBoot? (y/n)" + hydra_user_config uefi_update_nvram y "Set NVRAM boot variables for GRUB? (y/n)" + fi + hydra_user_config initramfs initramfs-tools "Initramfs manager? (initramfs-tools/dracut)" hydra_user_config mirror https://deb.debian.org/debian/ "Debian mirror" hydra_user_config ssh y "Install openssh-server? (y/n)" @@ -248,30 +258,43 @@ else start="$((($optimal_size + $alignment_offset) / $block_size))" optimal_sector_size="$(($optimal_size / $block_size))" - # Sector size for a 1MB partition + # Sector size for a 1MB partition, BIOS mode bios_grub_size="$(($mebibyte/$block_size))" bios_grub_end="$(($start + $bios_grub_size - 1))" + # Sector size for a 300MB partition, UEFI mode + # See https://wiki.archlinux.org/title/Parted#UEFI/GPT_examples + uefi_grub_size="$(($mebibyte/$block_size*300))" + uefi_grub_end="$(($start + $uefi_grub_size - 1))" + # Regular disk partitioning. hydra_sudo_run parted -s -- $device mklabel gpt #hydra_sudo_run parted -s -- $device unit MB mkpart non-fs 2 3 - # See https://unix.stackexchange.com/questions/190317/gnu-parted-resizepart-in-script#202872 - # https://bugs.launchpad.net/ubuntu/+source/parted/+bug/1270203 - # https://techtitbits.com/2018/12/using-parteds-resizepart-non-interactively-on-a-busy-partition/ - # https://serverfault.com/questions/870594/resize-partition-to-maximum-using-parted-in-non-interactive-mode - hydra_sudo_run parted -s -- $device mkpart non-fs ${start}s ${bios_grub_end}s - #hydra_sudo_run parted -s ---pretend-input-tty -- $device mkpart non-fs ${start}s ${bios_grub_end}s Yes - #hydra_sudo_run parted $device mkpart non-fs ${start}s ${bios_grub_end}s Yes Ignore quit - #hydra_sudo_run parted -s ---pretend-input-tty $device <<EOF + if [ "$boot_mode" == "bios" ]; then + # See https://unix.stackexchange.com/questions/190317/gnu-parted-resizepart-in-script#202872 + # https://bugs.launchpad.net/ubuntu/+source/parted/+bug/1270203 + # https://techtitbits.com/2018/12/using-parteds-resizepart-non-interactively-on-a-busy-partition/ + # https://serverfault.com/questions/870594/resize-partition-to-maximum-using-parted-in-non-interactive-mode + #hydra_sudo_run parted -s ---pretend-input-tty -- $device mkpart non-fs ${start}s ${bios_grub_end}s Yes + #hydra_sudo_run parted $device mkpart non-fs ${start}s ${bios_grub_end}s Yes Ignore quit + #hydra_sudo_run parted -s ---pretend-input-tty $device <<EOF #mkpart non-fs ${start}s ${bios_grub_end}s #Yes #Ignore #quit #EOF + hydra_sudo_run parted -s -- $device mkpart non-fs ${start}s ${bios_grub_end}s + + # Se GRUB flag + hydra_sudo_run parted -s -- $device set 1 bios_grub on + else + esp_device="${device}${partition_separator}1" - # Se GRUB flag - hydra_sudo_run parted -s -- $device set 1 bios_grub on + hydra_sudo_run parted -s -- $device mkpart "EFI System Partition" fat32 ${start}s ${uefi_grub_end}s + hydra_sudo_run parted -s -- $device set 1 esp on + hydra_sudo_run mkfs.vfat $esp_device + fi # Check alignment hydra_sudo_run parted -s -- $device align-check optimal 1 @@ -611,7 +634,30 @@ fi # Grub. if [ "$grub" == "y" ]; then echo "Setting up GRUB..." - $APT_INSTALL grub-pc -y + + if [ "$boot_mode" == "bios" ]; then + $APT_INSTALL grub-pc -y + else + if [ "$arch" == "amd64" ]; then + grub_arch="x86_64" + else + grub_arch="$arch" + fi + + if [ "$secure_boot" == "y" ]; then + grub_arch="${grub_arch}-signed" + fi + + if [ "$uefi_update_nvram" == "n" ]; then + grub_uefi_nvram="--no-nvram" + fi + + $APT_INSTALL grub-efi-${arch} -y + + # Make UEFI partition available + hydra_sudo_run mkdir $WORK/boot/efi + hydra_sudo_run mount $esp_device $WORK/boot/efi + fi hydra_sudo_run sed -i -e 's/^GRUB_CMDLINE_LINUX_DEFAULT="quiet"$/GRUB_CMDLINE_LINUX_DEFAULT="quiet apparmor=1 security=apparmor"/' \ $WORK/etc/default/grub @@ -623,13 +669,16 @@ if [ "$grub" == "y" ]; then echo 'GRUB_ENABLE_CRYPTODISK=y' | $SUDO tee -a $WORK/etc/default/grub > /dev/null echo 'GRUB_PRELOAD_MODULES="lvm cryptodisk mdraid1x"' | $SUDO tee -a $WORK/etc/default/grub > /dev/null hydra_sudo_run chroot $WORK/ update-grub - hydra_sudo_run chroot $WORK/ grub-install --recheck --force $device # Fix menu entry hydra_sudo_run sed -i -e "s|root=/dev/mapper/provision-root|root=/dev/mapper/root|g" $WORK/boot/grub/grub.cfg hydra_sudo_run sed -i -e "s|root=/dev/mapper/$hostname-unlocked|root=/dev/mapper/root|g" $WORK/boot/grub/grub.cfg - else + fi + + if [ "$boot_mode" == "bios" ]; then hydra_sudo_run chroot $WORK/ grub-install --recheck --force $device + else + hydra_sudo_run chroot $WORK/ grub-install --target=${grub_arch} --efi-directory=/boot/efi $grub_uefi_nvram fi fi |