Seeding some initial scripts
This commit is contained in:
dev
commit
e82614a279
|
|
@ -0,0 +1,23 @@
|
|||
HTTPROOT = "/srv/http/aninix.net"
|
||||
HTTPUSER = http
|
||||
|
||||
echoroot:
|
||||
@echo ${HTTPROOT}
|
||||
@echo ${HTTPUSER}
|
||||
|
||||
install: script webpresent
|
||||
|
||||
webpresent: shadowarch
|
||||
/root/bin/shadowarch-tar-gen
|
||||
cp ./shadowarch ${HTTPROOT}
|
||||
chown ${HTTPUSER} ${HTTPROOT}/shadowarch
|
||||
|
||||
script: shadowarch-tar-gen
|
||||
cp shadowarch-tar-gen /root/bin
|
||||
chmod 0700 /root/bin/shadowarch-tar-gen
|
||||
chown root:root /root/bin/shadowarch-tar-gen
|
||||
|
||||
configure:
|
||||
vim Makefile
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,154 @@
|
|||
#!/bin/bash
|
||||
|
||||
function header () {
|
||||
tput setaf 1
|
||||
tput bold
|
||||
echo $@
|
||||
tput sgr0
|
||||
return
|
||||
}
|
||||
function help() {
|
||||
echo Usage: ${0} '[-s] [-e]'
|
||||
echo '\-s Create a layout for an AniNIX::Spartacus'
|
||||
echo '\-e Encrypt the root partition'
|
||||
exit 1;
|
||||
}
|
||||
|
||||
spartacus=0;
|
||||
encrypt=0;
|
||||
disk="/dev/sda"
|
||||
bootpart=1;
|
||||
rootpart=2;
|
||||
datapart=99;
|
||||
while getopts "sed:" OPTION
|
||||
do
|
||||
case $OPTION in
|
||||
s) spartacus=1 ;;
|
||||
e) encrypt=1 ;;
|
||||
d) disk=${OPTARG} ;;
|
||||
*) help
|
||||
esac
|
||||
done
|
||||
|
||||
header Confirm options:
|
||||
echo Spartacus set to: $spartacus
|
||||
echo Encryption set to: $encrypt
|
||||
echo Disk to use: $disk
|
||||
printf "Is this OK? Type YES to continue: "
|
||||
read answer
|
||||
if [ "$answer" != "YES" ]; then
|
||||
echo User did not confirm.
|
||||
exit 1;
|
||||
fi
|
||||
|
||||
## REMOVE this section to not format the first disk. You will have to layout your own space. ##
|
||||
|
||||
header Allocating space
|
||||
shred -n 1 -v --random-source=/dev/zero "$disk"
|
||||
if [ $spartacus -eq 1 ]; then
|
||||
# Insert an ExFAT data partition ahead of the rest.
|
||||
export datapart=1;
|
||||
export bootpart=$((bootpart+1))
|
||||
export rootpart=$(($rootpart+1))
|
||||
# Break the disk up into 4ths -- 2/4 go to data, 1/4 go to boot, and 1/4 to root
|
||||
export disksize=$(($(fdisk -l $disk | head -n 1 | cut -f 5 -d ' ') / 1048576)) # Return disk size in MB
|
||||
if [ "$disksize" == "" ]; then echo "Can't identify disk size"; exit 1; fi
|
||||
if [ "$disksize" -lt 7788 ]; then echo "This drive is too small to be a Spartacus."; exit 1; fi # Must be 8GB or more to have 2GB root.
|
||||
export bootsize=$(($disksize / 4))
|
||||
export datasize=$(($disksize / 2))
|
||||
printf 'mklabel msdos\nmkpart primary ext4 1MiB %s\nmkpart primary ext4 %s %s\nmkpart primary ext4 %s 100%%FREE\nprint\nquit\n' $datasize"MiB" $datasize"MiB" $(($datasize+$bootsize))"MiB" $(($datasize+$bootsize))"MiB" | parted "$disk"
|
||||
#create data partition
|
||||
pacman -Sy exfat-utils --noconfirm
|
||||
mkfs.exfat "$disk""$datapart"
|
||||
exfatlabel "$disk""$datapart" "AS-XPLATFRM"
|
||||
else
|
||||
# One 200MB boot and the rest is root
|
||||
printf 'mklabel msdos\nmkpart primary ext4 1MiB 201MiB\nmkpart primary ext4 513MiB 100%%FREE\nprint\nquit\n' | parted "$disk"
|
||||
fi
|
||||
header Making ext4 boot partition on "$disk""$bootpart"
|
||||
mkfs.ext4 "$disk""$bootpart"
|
||||
tune2fs -L "BOOT" "$disk""$bootpart"
|
||||
|
||||
header Making root and mountpoints
|
||||
if [ $encrypt -eq 1 ]; then
|
||||
header Making encrypted root on "$disk""$rootpart"
|
||||
modprobe dm-crypt
|
||||
modprobe serpent_generic
|
||||
header Formatting root -- make sure to enter YES followed by a strong passphrase.
|
||||
cryptsetup luksFormat -c serpent-xts-plain64 -h sha512 --key-size 512 "$disk""$rootpart"
|
||||
header Unlocking root
|
||||
cryptsetup luksOpen "$disk""$rootpart" cryptroot
|
||||
mkfs.xfs /dev/mapper/cryptroot
|
||||
xfs_admin -L ROOT /dev/mapper/cryptroot
|
||||
mount /dev/mapper/cryptroot /mnt
|
||||
else
|
||||
header Making root on "$disk""$rootpart"
|
||||
mkfs.xfs "$disk""$rootpart"
|
||||
xfs_admin -L ROOT "$disk""$rootpart"
|
||||
mount "$disk""$rootpart" /mnt
|
||||
fi
|
||||
|
||||
mkdir /mnt/boot
|
||||
mount "$disk""$bootpart" /mnt/boot
|
||||
|
||||
## END REMOVE ##
|
||||
|
||||
# Install ArchLinux with basic clients for the AniNIX Services.
|
||||
# * git for AniNIX::Bazaar
|
||||
# * lynx for WebServer and Wiki
|
||||
# * openssh for SSH/SFTP
|
||||
# * irssi for IRC
|
||||
# * make for source packages
|
||||
# * tor for anonymity
|
||||
# Uncomment the remaining packages for a desktop environment.
|
||||
header Installing ArchLinux to root
|
||||
yes "" | pacstrap -i /mnt base base-devel grub efibootmgr openssh git make lynx irssi vim wget tor torsocks # xorg-server xfce4 seamonkey
|
||||
|
||||
header Create FSTAB
|
||||
genfstab -U /mnt >> /mnt/etc/fstab
|
||||
|
||||
header Set time
|
||||
sed -i 's/#en_US.UTF-8/en_US.UTF-8/' /mnt/etc/locale.gen
|
||||
arch-chroot /mnt locale-gen
|
||||
ln -s /usr/share/zoneinfo/America/Chicago /mnt/etc/localtime
|
||||
arch-chroot /mnt hwclock --systohc --utc
|
||||
|
||||
header Setup bootloader
|
||||
if [ $encrypt -eq 1 ]; then
|
||||
export hookstring="$(grep 'HOOKS=' /mnt/etc/mkinitcpio.conf | grep -v '#')"
|
||||
sed -i 's#'"$hookstring"'#HOOKS="base udev autodetect modconf block encrypt filesystems keyboard fsck"#' /mnt/etc/mkinitcpio.conf
|
||||
export rootuuid="$(blkid "$disk""$rootpart" | cut -f 2 -d '"')"
|
||||
sed -i 's#GRUB_CMDLINE_LINUX=""#GRUB_CMDLINE_LINUX="cryptdevice=UUID='$rootuuid':cryptroot root=/dev/mapper/cryptroot"' /etc/default/grub
|
||||
fi
|
||||
arch-chroot /mnt mkinitcpio -p linux
|
||||
arch-chroot /mnt grub-install --target=i386-pc "$disk"
|
||||
arch-chroot /mnt grub-mkconfig -o /boot/grub/grub-cfg
|
||||
|
||||
header Set networking
|
||||
arch-chroot /mnt systemctl enable netctl
|
||||
export interface=$(ip link list | grep "state" | cut -f 2 -d ":" | cut -f 2 -d " " | grep -v lo)
|
||||
cp /mnt/etc/netctl/examples/ethernet-dhcp /mnt/etc/netctl/$interface
|
||||
sed -i 's/eth0/'$interface'/' /mnt/etc/netctl/$interface
|
||||
echo 'DNSSearch="aninix.net"' >> /mnt/etc/netctl/$interface
|
||||
arch-chroot /mnt systemctl enable netctl
|
||||
arch-chroot /mnt netctl enable $interface
|
||||
|
||||
# Set prompt and vimrc for ShadowArch
|
||||
header Setting ShadowArch customizations.
|
||||
echo 'PS1="\[\033[00;31m\][ AniNIX::\h(\[\033[01;32m\]ShadowArch\[\033[00;31m\]) \[\033[00;36m\]\u \[\033[01;37m\]\d \T \[\033[00;35m\]\w\[\033[00;31m\] ] \n|\[\033[m\]> "' >> /mnt/etc/bash.bashrc
|
||||
sed -i '/PS1=/d' /mnt/etc/skel/.bashrc
|
||||
cd /mnt/etc/
|
||||
wget https://aninix.net/shadowarch.tar
|
||||
rm -Rf /etc/skel /etc/vimrc
|
||||
tar xvf shadowarch.tar
|
||||
rm shadowarch.tar
|
||||
|
||||
# Set password
|
||||
header Set new root passphrase
|
||||
arch-chroot /mnt passwd
|
||||
|
||||
header Installed ShadowArch! Press enter to reboot.
|
||||
read
|
||||
|
||||
# Reboot
|
||||
shutdown -r now
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
#!/bin/bash
|
||||
tar cvf /srv/http/aninix.net/shadowarch.tar /etc/vimrc /etc/skel
|
||||
Loading…
Reference in New Issue