#!/bin/bash
#
# System installer.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License along with this program. If not, see
# .
# Load.
source $APP_BASE/lib/hydra/functions || exit 1
hydra_config_load
# Setup.
hydra_user_input device /dev/sdb "Destination device"
hydra_user_input root_size 20G "Size of root partition"
hydra_user_input swap y "Use swap? (y/n)"
hydra_user_input encrypt y "Encrypt volumes? (y/n)"
hydra_user_input garbage y "Pre-fill volumes with garbage? (y/n)"
hydra_user_input hostname $HOSTNAME "Hostname"
hydra_user_input domain example.com "Domain"
hydra_user_input arch amd64 "System arch"
hydra_user_input version squeeze "Distro version"
hydra_user_input vg vg "Temporary install vg"
hydra_user_input grub n "Setup GRUB? (y/n)"
hydra_user_input mirror http://cdn.debian.net/debian/ "Debian mirror"
# Check for requirements.
for req in debootstrap cryptsetup grub-pc lvm2 parted; do
hydra_install_package $req
done
# Warning.
cat <<-EOF
WARNING: about to partition $device!
Press ENTER to continue, Ctrl-C to abort."
EOF
read answer
# Disk partitioning.
if [ "$swap" == "y" ]; then
hydra_safe_run parted -s -- $device mklabel msdos
hydra_safe_run parted -s -- $device unit MB mkpart primary linux-swap 2 2000
hydra_safe_run parted -s -- $device unit MB mkpart primary ext2 2000 2200
hydra_safe_run parted -s -- $device unit MB mkpart primary ext2 2200 -1
hydra_safe_run parted -s -- $device set 2 boot on
hydra_safe_run parted -s -- $device set 3 lvm on
# Change devices to absolute path names.
swap_device="$device"1
boot_device="$device"2
syst_device="$device"3
else
hydra_safe_run parted -s -- $device mklabel msdos
hydra_safe_run parted -s -- $device unit MB mkpart primary ext2 2 200
hydra_safe_run parted -s -- $device unit MB mkpart primary ext2 200 -1
hydra_safe_run parted -s -- $device set 1 boot on
hydra_safe_run parted -s -- $device set 2 lvm on
# Change devices to absolute path names.
boot_device="$device"1
syst_device="$device"2
fi
# Create volumes.
echo "Creating the needed disk volumes..."
if ! pvdisplay $syst_device &> /dev/null; then
echo "Creating physical volume..."
hydra_safe_run pvcreate $syst_device
fi
if ! vgdisplay $vg &> /dev/null; then
echo "Creating volume group..."
hydra_safe_run vgcreate $vg $syst_device
fi
if ! lvdisplay $vg/root &> /dev/null; then
echo "Creating logical volume..."
hydra_safe_run lvcreate -L$root_size -n root $vg
fi
hydra_safe_run vgchange -a y $vg
# Garbage.
if [ "$garbage" == "y" ]; then
echo "Filling volumes with garbage..."
dd if=/dev/urandom of=/dev/$vg/root
if [ "$swap" == "y" ]; then
dd if=/dev/urandom of=$swap_device
fi
fi
# Setup mountpoint and make sure it's not mounted due to a failed install.
mkdir -p /tmp/debootstrap
umount /tmp/debootstrap/proc &> /dev/null
umount /tmp/debootstrap/dev &> /dev/null
# Create root device.
if [ "$encrypt" == "y" ]; then
echo "Creating encrypted root device..."
hydra_safe_run cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/$vg/root
hydra_safe_run cryptsetup luksOpen /dev/$vg/root debootstrap
hydra_safe_run mkfs.ext4 /dev/mapper/debootstrap
install_device="/dev/mapper/debootstrap"
else
echo "Creating root device..."
mkfs.ext4 /dev/vg/root
install_device="/dev/vg/root"
fi
# Initial system install.
echo "Installing base system..."
hydra_safe_run mount $install_device /tmp/debootstrap/
hydra_safe_run debootstrap --arch=$arch $version /tmp/debootstrap/ $mirror
# Initial configuration.
echo "Applying initial configuration..."
mount none -t proc /tmp/debootstrap/proc/
mount -o bind /dev/ /tmp/debootstrap/dev
echo LANG=C > /tmp/debootstrap/etc/default/locale
# Resolver configuration.
echo "domain $domain" > /tmp/debootstrap/etc/resolv.conf
echo "search $hostname.$domain" >> /tmp/debootstrap/etc/resolv.conf
grep nameserver /etc/resolv.conf >> /tmp/debootstrap/etc/resolv.conf
# Hostname configuration.
echo $hostname.$domain > /tmp/debootstrap/etc/hostname
echo "127.0.0.1 $hostname $hostname.$domain" >> /tmp/debootstrap/etc/hosts
echo "127.0.0.1 localhost" >> /tmp/debootstrap/etc/hosts
# Invert hostname contents to avoid http://projects.puppetlabs.com/issues/2533
tac /tmp/debootstrap/etc/hosts > /tmp/debootstrap/etc/hosts.new
mv /tmp/debootstrap/etc/hosts.new /tmp/debootstrap/etc/hosts
# Initial upgrade.
echo "Applying initial upgrades..."
chroot /tmp/debootstrap/ apt-get update
chroot /tmp/debootstrap/ apt-get upgrade -y
chroot /tmp/debootstrap/ apt-get install locales cryptsetup lvm2 initramfs-tools -y
# Crypttab.
echo "Configuring crypttab..."
echo "" > /tmp/debootstrap/etc/crypttab
if [ "$encrypt" == "y" ]; then
cat > /tmp/debootstrap/etc/crypttab <<-EOF
#