#!/bin/bash set -euo pipefail baseDir="$(realpath "$(dirname "${0}")")" source \ /etc/os-release source \ "${baseDir}/system.conf" if [[ ! "${disk}" == **/dev/disk/by-id/** ]]; then if [[ "${disk}" == **/dev/nvme** ]]; then part3='p3' else part3='3' fi else part3='-part3' fi # if [[ ! "${*}" = *--no-part* ]]; then if [[ "${encryption}" == 'yes' ]]; then zpoolPassword='A' zpoolPasswordVerify='B' printf \ '\033[?47h\033[2J\033[H' while [[ ! "${zpoolPassword}" == "${zpoolPasswordVerify}" ]] || [[ -z "${zpoolPassword}" ]] || [[ "${#zpoolPassword}" -lt '8' ]]; do printf \ "\nEnter a password to encrypt your root pool (minimum 8 characters):\n" read \ -r \ -s \ zpoolPassword printf \ "\nVerify the password to encrypt your root pool:\n" read \ -r \ -s \ zpoolPasswordVerify if [[ ! "${zpoolPassword}" == "${zpoolPasswordVerify}" ]]; then printf \ "ERROR:\tPasswords do not match!\n" elif [[ -z "${zpoolPassword}" ]]; then printf \ "ERROR:\tPassword is empty!\n" elif [[ "${#zpoolPassword}" -lt '8' ]]; then printf \ "ERROR:\tPassword is too short!\n" fi done printf \ '\033[?47l' mkdir \ -p \ /etc/zfs/keys/ printf \ "${zpoolPassword}\n" | tee /etc/zfs/keys/${hostname,,}.key &> /dev/null chmod \ 000 \ /etc/zfs/keys/${hostname,,}.key zpool create \ -o ashift=12 \ -o autotrim=on \ -o compatibility=openzfs-2.1-linux \ -O encryption=on \ -O keylocation=file:///etc/zfs/keys/${hostname,,}.key \ -O keyformat=passphrase \ -O acltype=posixacl \ -O xattr=sa \ -O dnodesize=auto \ -O compression=zstd-3 \ -O normalization=formD \ -O relatime=on \ -O canmount=off \ -O mountpoint=/ \ -R /mnt \ ${hostname,,} \ ${disk}${part3} else zpool create \ -o ashift=12 \ -o autotrim=on \ -o compatibility=openzfs-2.1-linux \ -O encryption=off \ -O acltype=posixacl \ -O xattr=sa \ -O dnodesize=auto \ -O compression=zstd-3 \ -O normalization=formD \ -O relatime=on \ -O canmount=off \ -O mountpoint=/ \ -R /mnt \ ${hostname,,} \ ${disk}${part3} fi zfs create \ -o canmount=off \ -o mountpoint=none \ ${hostname,,}/ROOT # else # zpool import \ # -N \ # -R \ # /mnt \ # ${hostname,,} # # zfs load-key \ # -r \ # -L prompt \ # ${hostname,,} # fi zfs create \ -o canmount=noauto \ -o mountpoint=/ \ ${hostname,,}/ROOT/${ID} zfs mount \ ${hostname,,}/ROOT/${ID} # if [[ ! "${*}" = *--no-part* ]]; then zfs create \ ${hostname,,}/home zfs create \ -o mountpoint=/root \ ${hostname,,}/home/root chmod \ 700 \ /mnt/root zfs create \ -o canmount=off \ -o mountpoint=/var \ ${hostname,,}/var zfs create \ -o canmount=off \ ${hostname,,}/var/lib zfs create \ ${hostname,,}/var/log zfs create \ ${hostname,,}/var/spool zfs create \ -o com.sun:auto-snapshot=false \ ${hostname,,}/var/cache zfs create \ -o com.sun:auto-snapshot=false \ ${hostname,,}/var/lib/nfs zfs create \ -o com.sun:auto-snapshot=false \ ${hostname,,}/var/tmp chmod \ 1777 \ /mnt/var/tmp zfs create \ -o mountpoint=/srv \ ${hostname,,}/srv zfs create \ -o canmount=off \ -o mountpoint=/usr \ ${hostname,,}/usr zfs create \ ${hostname,,}/usr/local zfs create \ ${hostname,,}/var/games zfs create \ ${hostname,,}/var/lib/AccountsService zfs create \ ${hostname,,}/var/lib/NetworkManager zfs create \ ${hostname,,}/var/www zfs create \ -o com.sun:auto-snapshot=false \ -o mountpoint=/tmp \ ${hostname,,}/tmp if [[ "${encryption}" == 'yes' ]]; then zfs create \ -o com.sun:auto-snapshot=false \ -o mountpoint=/etc/zfs/keys \ ${hostname,,}/keystore fi zpool set \ bootfs=${hostname,,}/ROOT/${ID} \ ${hostname,,} # else # zfs mount \ # ${hostname,,}/home # # zfs mount \ # ${hostname,,}/home/root # # zfs mount \ # ${hostname,,}/var/log # # zfs mount \ # ${hostname,,}/var/spool # # zfs mount \ # ${hostname,,}/var/cache # # zfs mount \ # ${hostname,,}/var/lib/nfs # # zfs mount \ # ${hostname,,}/var/tmp # # zfs mount \ # ${hostname,,}/srv # # zfs mount \ # ${hostname,,}/usr/local # # zfs mount \ # ${hostname,,}/var/games # # zfs mount \ # ${hostname,,}/var/lib/AccountsService # # zfs mount \ # ${hostname,,}/var/lib/NetworkManager # # zfs mount \ # ${hostname,,}/var/www # # zfs mount \ # ${hostname,,}/keystore # fi if [[ "${ID}" == 'fedora' ]]; then "${baseDir}/fedora.sh" -1 fi # if [[ ! "${*}" = *--no-part* ]]; then zfs create \ ${hostname,,}/var/mail chmod \ 1777 \ /mnt/tmp # else # zfs mount \ # ${hostname,,}/var/mail # fi if [[ "${1}" == '--key' ]]; then cp \ /etc/zfs/keys/${hostname,,}.key \ /mnt/etc/zfs/keys/ elif [[ "${1}" == '--unmount' ]]; then mount | grep -v zfs | tac | awk '/\/mnt/ {print $3}' | xargs -I {} umount -Rlf {} if [[ "${ID}" == 'fedora' ]]; then umount \ -nR \ /mnt fi zpool \ export \ -a elif [[ "${1}" == '--host-id' ]]; then zgenhostid \ -f \ 0x00bab10c fi