275 lines
4.6 KiB
Bash
Executable File
275 lines
4.6 KiB
Bash
Executable File
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
BASEDIR="$(dirname "${0}" | sed "s|^\.|${PWD}|")"
|
|
|
|
source \
|
|
/etc/os-release
|
|
source \
|
|
"${BASEDIR}/system.conf"
|
|
|
|
|
|
if [[ ! "${DISK}" == **/dev/disk/by-id/** ]]; then
|
|
if [[ "${DISK}" == **/dev/nvme** ]]; then
|
|
PART3='p3'
|
|
else
|
|
PART3='3'
|
|
fi
|
|
else
|
|
PART3='-part3'
|
|
fi
|
|
|
|
|
|
# if [[ ! "${*}" = *--no-part* ]]; then
|
|
if [[ "${ENCRYPTION}" == 'yes' ]]; then
|
|
ZPOOL_PASSWORD='A'
|
|
ZPOOL_PASSWORD_VERIFY='B'
|
|
|
|
printf \
|
|
'\033[?47h\033[2J\033[H'
|
|
|
|
while [[ ! "${ZPOOL_PASSWORD}" == "${ZPOOL_PASSWORD_VERIFY}" ]] || [[ -z "${ZPOOL_PASSWORD}" ]] || [[ "${#ZPOOL_PASSWORD}" -lt '8' ]]; do
|
|
printf \
|
|
"\nEnter a password to encrypt your root pool (minimum 8 characters):\n"
|
|
read \
|
|
-r \
|
|
-s \
|
|
ZPOOL_PASSWORD
|
|
|
|
printf \
|
|
"\nVerify the password to encrypt your root pool:\n"
|
|
read \
|
|
-r \
|
|
-s \
|
|
ZPOOL_PASSWORD_VERIFY
|
|
|
|
if [[ ! "${ZPOOL_PASSWORD}" == "${ZPOOL_PASSWORD_VERIFY}" ]]; then
|
|
printf \
|
|
"ERROR:\tPasswords do not match!\n"
|
|
elif [[ -z "${ZPOOL_PASSWORD}" ]]; then
|
|
printf \
|
|
"ERROR:\tPassword is empty!\n"
|
|
elif [[ "${#ZPOOL_PASSWORD}" -lt '8' ]]; then
|
|
printf \
|
|
"ERROR:\tPassword is too short!\n"
|
|
fi
|
|
done
|
|
|
|
printf \
|
|
'\033[?47l'
|
|
|
|
mkdir \
|
|
-p \
|
|
/etc/zfs/keys/
|
|
|
|
printf \
|
|
"${ZPOOL_PASSWORD}\n" | tee /etc/zfs/keys/${HOSTNAME,,}.key &> /dev/null
|
|
|
|
chmod \
|
|
000 \
|
|
/etc/zfs/keys/${HOSTNAME,,}.key
|
|
|
|
zpool create \
|
|
-o ashift=12 \
|
|
-o autotrim=on \
|
|
-o compatibility=openzfs-2.1-linux \
|
|
-O encryption=on \
|
|
-O keylocation=file:///etc/zfs/keys/${HOSTNAME,,}.key \
|
|
-O keyformat=passphrase \
|
|
-O acltype=posixacl \
|
|
-O xattr=sa \
|
|
-O dnodesize=auto \
|
|
-O compression=zstd-3 \
|
|
-O normalization=formD \
|
|
-O relatime=on \
|
|
-O canmount=off \
|
|
-O mountpoint=/ \
|
|
-R /mnt \
|
|
${HOSTNAME,,} \
|
|
${DISK}${PART3}
|
|
else
|
|
zpool create \
|
|
-o ashift=12 \
|
|
-o autotrim=on \
|
|
-o compatibility=openzfs-2.1-linux \
|
|
-O encryption=off \
|
|
-O acltype=posixacl \
|
|
-O xattr=sa \
|
|
-O dnodesize=auto \
|
|
-O compression=zstd-3 \
|
|
-O normalization=formD \
|
|
-O relatime=on \
|
|
-O canmount=off \
|
|
-O mountpoint=/ \
|
|
-R /mnt \
|
|
${HOSTNAME,,} \
|
|
${DISK}${PART3}
|
|
fi
|
|
|
|
zfs create \
|
|
-o canmount=off \
|
|
-o mountpoint=none \
|
|
${HOSTNAME,,}/ROOT
|
|
# else
|
|
# zpool import \
|
|
# -N \
|
|
# -R \
|
|
# /mnt \
|
|
# ${HOSTNAME,,}
|
|
#
|
|
# zfs load-key \
|
|
# -r \
|
|
# -L prompt \
|
|
# ${HOSTNAME,,}
|
|
# fi
|
|
|
|
zfs create \
|
|
-o canmount=noauto \
|
|
-o mountpoint=/ \
|
|
${HOSTNAME,,}/ROOT/${ID}
|
|
|
|
zfs mount \
|
|
${HOSTNAME,,}/ROOT/${ID}
|
|
|
|
# if [[ ! "${*}" = *--no-part* ]]; then
|
|
zfs create \
|
|
${HOSTNAME,,}/home
|
|
|
|
zfs create \
|
|
-o mountpoint=/root \
|
|
${HOSTNAME,,}/home/root
|
|
|
|
chmod \
|
|
700 \
|
|
/mnt/root
|
|
|
|
zfs create \
|
|
-o canmount=off \
|
|
-o mountpoint=/var \
|
|
${HOSTNAME,,}/var
|
|
|
|
zfs create \
|
|
-o canmount=off \
|
|
${HOSTNAME,,}/var/lib
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/var/log
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/var/spool
|
|
|
|
zfs create \
|
|
-o com.sun:auto-snapshot=false \
|
|
${HOSTNAME,,}/var/cache
|
|
|
|
zfs create \
|
|
-o com.sun:auto-snapshot=false \
|
|
${HOSTNAME,,}/var/lib/nfs
|
|
|
|
zfs create \
|
|
-o com.sun:auto-snapshot=false \
|
|
${HOSTNAME,,}/var/tmp
|
|
|
|
chmod \
|
|
1777 \
|
|
/mnt/var/tmp
|
|
|
|
zfs create \
|
|
-o mountpoint=/srv \
|
|
${HOSTNAME,,}/srv
|
|
|
|
zfs create \
|
|
-o canmount=off \
|
|
-o mountpoint=/usr \
|
|
${HOSTNAME,,}/usr
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/usr/local
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/var/games
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/var/lib/AccountsService
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/var/lib/NetworkManager
|
|
|
|
zfs create \
|
|
${HOSTNAME,,}/var/www
|
|
|
|
zfs create \
|
|
-o com.sun:auto-snapshot=false \
|
|
-o mountpoint=/tmp \
|
|
${HOSTNAME,,}/tmp
|
|
|
|
if [[ "${ENCRYPTION}" == 'yes' ]]; then
|
|
zfs create \
|
|
-o com.sun:auto-snapshot=false \
|
|
-o mountpoint=/etc/zfs/keys \
|
|
${HOSTNAME,,}/keystore
|
|
fi
|
|
|
|
zpool set \
|
|
bootfs=${HOSTNAME,,}/ROOT/${ID} \
|
|
${HOSTNAME,,}
|
|
# else
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/home
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/home/root
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/log
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/spool
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/cache
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/lib/nfs
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/tmp
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/srv
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/usr/local
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/games
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/lib/AccountsService
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/lib/NetworkManager
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/www
|
|
#
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/keystore
|
|
# fi
|
|
|
|
if [[ "${ID}" == 'fedora' ]]; then
|
|
"${BASEDIR}/base-fedora.sh" -1
|
|
fi
|
|
|
|
# if [[ ! "${*}" = *--no-part* ]]; then
|
|
zfs create \
|
|
${HOSTNAME,,}/var/mail
|
|
|
|
chmod \
|
|
1777 \
|
|
/mnt/tmp
|
|
# else
|
|
# zfs mount \
|
|
# ${HOSTNAME,,}/var/mail
|
|
# fi
|