fix
This commit is contained in:
parent
d4c9cbb8d3
commit
96817b958e
81
debian.sh
81
debian.sh
@ -32,8 +32,8 @@ HARD_DISK=$2
|
|||||||
EFI="/dev/$(lsblk | grep $HARD_DISK | head -2 | tail -1 | cut -c 7-20 | cut -d ' ' -f1)"
|
EFI="/dev/$(lsblk | grep $HARD_DISK | head -2 | tail -1 | cut -c 7-20 | cut -d ' ' -f1)"
|
||||||
BTRFS="/dev/$(lsblk | grep $HARD_DISK | head -4 | tail -1 | cut -c 7-20 | cut -d ' ' -f1)"
|
BTRFS="/dev/$(lsblk | grep $HARD_DISK | head -4 | tail -1 | cut -c 7-20 | cut -d ' ' -f1)"
|
||||||
BOOT="/dev/$(lsblk | grep $HARD_DISK | head -3 | tail -1 | cut -c 7-20 | cut -d ' ' -f1)"
|
BOOT="/dev/$(lsblk | grep $HARD_DISK | head -3 | tail -1 | cut -c 7-20 | cut -d ' ' -f1)"
|
||||||
ROOT_NAME='install2'
|
ROOT_NAME='debian'
|
||||||
ROOT_MAPPER_NAME='install'
|
ROOT_MAPPER_NAME='root'
|
||||||
BACKUP_DISK='/dev/disk/by-uuid/43076025-fa41-4b02-9c69-d0193a1a0371'
|
BACKUP_DISK='/dev/disk/by-uuid/43076025-fa41-4b02-9c69-d0193a1a0371'
|
||||||
######################################
|
######################################
|
||||||
USER="verita84"
|
USER="verita84"
|
||||||
@ -58,7 +58,7 @@ SHARED_DESKTOP_APPS=" firefox-esr yt-dlp keepassxc rssguard telegram-desktop gno
|
|||||||
VIRTUALIZATION=" virt-manager qemu-system libvirt-daemon-system ovmf cockpit-machines"
|
VIRTUALIZATION=" virt-manager qemu-system libvirt-daemon-system ovmf cockpit-machines"
|
||||||
PACKAGES=$BASE_PACKAGES$PACKAGES$SHARED_DESKTOP_APPS
|
PACKAGES=$BASE_PACKAGES$PACKAGES$SHARED_DESKTOP_APPS
|
||||||
#PACKAGES=$BASE_PACKAGES
|
#PACKAGES=$BASE_PACKAGES
|
||||||
SERVICES+=( powertop preload );
|
SERVICES+=(powertop preload)
|
||||||
|
|
||||||
auto_login() {
|
auto_login() {
|
||||||
sed -i "/#WaylandEnable=false/a AutomaticLoginEnable=True" $TARGET/etc/gdm3/daemon.conf
|
sed -i "/#WaylandEnable=false/a AutomaticLoginEnable=True" $TARGET/etc/gdm3/daemon.conf
|
||||||
@ -66,20 +66,26 @@ auto_login(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
create-os-snapshots() {
|
create-os-snapshots() {
|
||||||
echo;echo "[Creating new snapshots.....]";echo
|
echo
|
||||||
|
echo "[Creating new snapshots.....]"
|
||||||
|
echo
|
||||||
mkdir -p $TARGET/\@install/var/lib/backup
|
mkdir -p $TARGET/\@install/var/lib/backup
|
||||||
time tar cvpzf $TARGET/\@install/var/lib/backup/$1.tgz --exclude=/volumes/* --exclude=/mnt/* --exclude=/var/tmp/* --exclude=/tmp/* --exclude=/raid/* --exclude=/root/* --exclude=/var/cache/apt/archives/* --exclude=/proc/* --exclude=/.snapshots/* --exclude=$TARGET/* --exclude=/var/lib/libvirt/* --exclude=/dev/* --exclude=/sys/* --exclude=/home/* --exclude=/var/lib/postgresql --exclude=/var/lib/containers /
|
time tar cvpzf $TARGET/\@install/var/lib/backup/$1.tgz --exclude=/volumes/* --exclude=/mnt/* --exclude=/var/tmp/* --exclude=/tmp/* --exclude=/raid/* --exclude=/root/* --exclude=/var/cache/apt/archives/* --exclude=/proc/* --exclude=/.snapshots/* --exclude=$TARGET/* --exclude=/var/lib/libvirt/* --exclude=/dev/* --exclude=/sys/* --exclude=/home/* --exclude=/var/lib/postgresql --exclude=/var/lib/containers /
|
||||||
}
|
}
|
||||||
|
|
||||||
homeBackup() {
|
homeBackup() {
|
||||||
echo;echo "[Copying USER data....]";echo
|
echo
|
||||||
|
echo "[Copying USER data....]"
|
||||||
|
echo
|
||||||
rsync --progress -avz --delete /home/ --exclude=.cache/ --exclude=.local/share/containers $TARGET/\@home/
|
rsync --progress -avz --delete /home/ --exclude=.cache/ --exclude=.local/share/containers $TARGET/\@home/
|
||||||
}
|
}
|
||||||
|
|
||||||
os-backup() {
|
os-backup() {
|
||||||
umount $TARGET
|
umount $TARGET
|
||||||
|
|
||||||
echo;echo "[Mounting.....]";echo
|
echo
|
||||||
|
echo "[Mounting.....]"
|
||||||
|
echo
|
||||||
printf "$DISK_PASSWORD" | cryptsetup open $BACKUP_DISK install
|
printf "$DISK_PASSWORD" | cryptsetup open $BACKUP_DISK install
|
||||||
mount /dev/mapper/install $TARGET
|
mount /dev/mapper/install $TARGET
|
||||||
|
|
||||||
@ -120,16 +126,21 @@ systemMounts(){
|
|||||||
|
|
||||||
decryptBoot() {
|
decryptBoot() {
|
||||||
KEYFILE='keyfile.key'
|
KEYFILE='keyfile.key'
|
||||||
echo;echo "Setting LUKS to use Keyfile for password entry";echo
|
echo
|
||||||
echo;echo "Clearing Old Keys";echo
|
echo "Setting LUKS to use Keyfile for password entry"
|
||||||
for i in 1 2 3 4 5 6
|
echo
|
||||||
do
|
echo
|
||||||
|
echo "Clearing Old Keys"
|
||||||
|
echo
|
||||||
|
for i in 1 2 3 4 5 6; do
|
||||||
printf "$DISK_PASSWORD" | cryptsetup luksKillSlot ${BTRFS} $i
|
printf "$DISK_PASSWORD" | cryptsetup luksKillSlot ${BTRFS} $i
|
||||||
done
|
done
|
||||||
dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4
|
dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4
|
||||||
chown root:root /etc/$KEYFILE
|
chown root:root /etc/$KEYFILE
|
||||||
chmod 0400 /etc/$KEYFILE
|
chmod 0400 /etc/$KEYFILE
|
||||||
echo;echo "Adding new key......";echo
|
echo
|
||||||
|
echo "Adding new key......"
|
||||||
|
echo
|
||||||
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} /etc/$KEYFILE
|
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} /etc/$KEYFILE
|
||||||
sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab
|
sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab
|
||||||
echo "KEYFILE_PATTERN=\"/etc/*.key\"" >/etc/cryptsetup-initramfs/conf-hook
|
echo "KEYFILE_PATTERN=\"/etc/*.key\"" >/etc/cryptsetup-initramfs/conf-hook
|
||||||
@ -138,18 +149,21 @@ decryptBoot(){
|
|||||||
install-vscode() {
|
install-vscode() {
|
||||||
wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | gpg --dearmor | dd of=/usr/share/keyrings/vscodium-archive-keyring.gpg
|
wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | gpg --dearmor | dd of=/usr/share/keyrings/vscodium-archive-keyring.gpg
|
||||||
echo 'deb [ signed-by=/usr/share/keyrings/vscodium-archive-keyring.gpg ] https://download.vscodium.com/debs vscodium main' | tee /etc/apt/sources.list.d/vscodium.list
|
echo 'deb [ signed-by=/usr/share/keyrings/vscodium-archive-keyring.gpg ] https://download.vscodium.com/debs vscodium main' | tee /etc/apt/sources.list.d/vscodium.list
|
||||||
apt update;apt install -y codium
|
apt update
|
||||||
|
apt install -y codium
|
||||||
}
|
}
|
||||||
|
|
||||||
install-doom() {
|
install-doom() {
|
||||||
wget -O - http://debian.drdteam.org/drdteam.gpg | apt-key add -
|
wget -O - http://debian.drdteam.org/drdteam.gpg | apt-key add -
|
||||||
add-apt-repository 'deb http://debian.drdteam.org/ stable multiverse'
|
add-apt-repository 'deb http://debian.drdteam.org/ stable multiverse'
|
||||||
apt update;apt install -y zandronum doomseeker-zandronum
|
apt update
|
||||||
|
apt install -y zandronum doomseeker-zandronum
|
||||||
}
|
}
|
||||||
install-element() {
|
install-element() {
|
||||||
wget -O /usr/share/keyrings/element-io-archive-keyring.gpg https://packages.element.io/debian/element-io-archive-keyring.gpg
|
wget -O /usr/share/keyrings/element-io-archive-keyring.gpg https://packages.element.io/debian/element-io-archive-keyring.gpg
|
||||||
echo "deb [signed-by=/usr/share/keyrings/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" | tee /etc/apt/sources.list.d/element-io.list
|
echo "deb [signed-by=/usr/share/keyrings/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" | tee /etc/apt/sources.list.d/element-io.list
|
||||||
apt update;apt install -y element-desktop
|
apt update
|
||||||
|
apt install -y element-desktop
|
||||||
}
|
}
|
||||||
|
|
||||||
additional-software() {
|
additional-software() {
|
||||||
@ -184,7 +198,8 @@ install() {
|
|||||||
sed -i '/^SigLevel/s/^\(.*\)$/#\1\n/' /etc/pacman.conf
|
sed -i '/^SigLevel/s/^\(.*\)$/#\1\n/' /etc/pacman.conf
|
||||||
sed -i '/#SigLevel/a SigLevel = Never' /etc/pacman.conf
|
sed -i '/#SigLevel/a SigLevel = Never' /etc/pacman.conf
|
||||||
pacman -Sy archlinux-keyring debootstrap --noconfirm
|
pacman -Sy archlinux-keyring debootstrap --noconfirm
|
||||||
apt update;apt install debootstrap -y
|
apt update
|
||||||
|
apt install debootstrap -y
|
||||||
rm -rf /debootstrap
|
rm -rf /debootstrap
|
||||||
debootstrap --arch amd64 $DEBIAN_RELEASE $TARGET https://deb.debian.org/debian
|
debootstrap --arch amd64 $DEBIAN_RELEASE $TARGET https://deb.debian.org/debian
|
||||||
systemMounts
|
systemMounts
|
||||||
@ -203,9 +218,8 @@ install() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
desktop() {
|
desktop() {
|
||||||
SERVICES+=( exim4 cockpit.socket redis-server apparmor nfs-server smbd rpbind rpcbind.socket avahi-daemon bluetooth minidlna openvpn);
|
SERVICES+=(exim4 cockpit.socket redis-server apparmor nfs-server smbd rpbind rpcbind.socket avahi-daemon bluetooth minidlna openvpn)
|
||||||
for i in "${SERVICES[@]}"
|
for i in "${SERVICES[@]}"; do
|
||||||
do
|
|
||||||
systemctl disable --now $i
|
systemctl disable --now $i
|
||||||
done
|
done
|
||||||
|
|
||||||
@ -251,7 +265,7 @@ grub-snapshots(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
kernel-packages() {
|
kernel-packages() {
|
||||||
/usr/bin/apt install --reinstall -y linux-image-`ls /lib/modules/` grub-efi efibootmgr plymouth plymouth-themes btrfs-progs cryptsetup-initramfs linux-image-amd64 linux-headers-amd64 firmware-iwlwifi firmware-linux firmware-linux-nonfree
|
/usr/bin/apt install --reinstall -y linux-image-$(ls /lib/modules/) grub-efi efibootmgr plymouth plymouth-themes btrfs-progs cryptsetup-initramfs linux-image-amd64 linux-headers-amd64 firmware-iwlwifi firmware-linux firmware-linux-nonfree
|
||||||
}
|
}
|
||||||
|
|
||||||
bootloader() {
|
bootloader() {
|
||||||
@ -282,7 +296,6 @@ bootloader() {
|
|||||||
echo 'bash /usr/bin/debian.sh additional-software' >>$TARGET/setup.sh
|
echo 'bash /usr/bin/debian.sh additional-software' >>$TARGET/setup.sh
|
||||||
echo 'bash /usr/bin/debian.sh btrfs-tweaks' >>$TARGET/setup.sh
|
echo 'bash /usr/bin/debian.sh btrfs-tweaks' >>$TARGET/setup.sh
|
||||||
|
|
||||||
|
|
||||||
chmod +x $TARGET/usr/bin/debian.sh
|
chmod +x $TARGET/usr/bin/debian.sh
|
||||||
chmod +x $TARGET/setup.sh
|
chmod +x $TARGET/setup.sh
|
||||||
chroot $TARGET /setup.sh
|
chroot $TARGET /setup.sh
|
||||||
@ -340,21 +353,26 @@ locale() {
|
|||||||
partitions() {
|
partitions() {
|
||||||
echo
|
echo
|
||||||
echo "Setting Up Partitions....."
|
echo "Setting Up Partitions....."
|
||||||
printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} root
|
printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $ROOT_MAPPER
|
||||||
|
|
||||||
unmount
|
unmount
|
||||||
|
|
||||||
|
if [[ -f "/dev/mapper/$ROOT_MAPPER" ]]; then
|
||||||
echo
|
echo
|
||||||
echo "Formatting $EFI"
|
echo "Formatting $EFI"
|
||||||
echo
|
echo
|
||||||
echo y | mkfs.vfat $EFI
|
echo y | mkfs.vfat $EFI
|
||||||
echo "Formatting $BOOT"
|
echo "Formatting $BOOT"
|
||||||
echo y | mkfs.ext4 $BOOT
|
echo y | mkfs.ext4 $BOOT
|
||||||
|
|
||||||
mounts
|
mounts
|
||||||
|
|
||||||
#Configure /etc/fstab
|
|
||||||
fstab
|
fstab
|
||||||
|
else
|
||||||
|
echo
|
||||||
|
echo "Aborting Install, mapper device not found!"
|
||||||
|
echo
|
||||||
|
echo
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
fstab() {
|
fstab() {
|
||||||
@ -392,15 +410,13 @@ accounts() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
btrfs-tweaks() {
|
btrfs-tweaks() {
|
||||||
DISABLE_COW=("/var/lib/docker" "/var/lib/containers" "/volumes" "/var/lib/mysql" "/var/lib/libvirt");
|
DISABLE_COW=("/var/lib/docker" "/var/lib/containers" "/volumes" "/var/lib/mysql" "/var/lib/libvirt")
|
||||||
|
|
||||||
for i in "${DISABLE_COW[@]}"
|
for i in "${DISABLE_COW[@]}"; do
|
||||||
do
|
|
||||||
chattr -R +C $i
|
chattr -R +C $i
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
custom_service_files() {
|
custom_service_files() {
|
||||||
echo "systemctl set-default graphical.target" >>$TARGET/setup.sh
|
echo "systemctl set-default graphical.target" >>$TARGET/setup.sh
|
||||||
|
|
||||||
@ -415,8 +431,7 @@ custom_service_files() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
services() {
|
services() {
|
||||||
for i in "${SERVICES[@]}"
|
for i in "${SERVICES[@]}"; do
|
||||||
do
|
|
||||||
echo "systemctl enable $i" >>$TARGET/setup.sh
|
echo "systemctl enable $i" >>$TARGET/setup.sh
|
||||||
done
|
done
|
||||||
|
|
||||||
@ -430,9 +445,8 @@ server-config(){
|
|||||||
cp -f exports /etc/
|
cp -f exports /etc/
|
||||||
crontab >crontab
|
crontab >crontab
|
||||||
|
|
||||||
SERVICES+=( minidlna vip containers pmie pmielogger nfs-server.service exim4 cockpit.socket redis-server smbd);
|
SERVICES+=(minidlna vip containers pmie pmielogger nfs-server.service exim4 cockpit.socket redis-server smbd)
|
||||||
for i in "${SERVICES[@]}"
|
for i in "${SERVICES[@]}"; do
|
||||||
do
|
|
||||||
systemctl enable $i
|
systemctl enable $i
|
||||||
done
|
done
|
||||||
|
|
||||||
@ -446,7 +460,6 @@ server-config(){
|
|||||||
apt autoremove -y
|
apt autoremove -y
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
initialize-disk() {
|
initialize-disk() {
|
||||||
parted /dev/$HARD_DISK mklabel gpt
|
parted /dev/$HARD_DISK mklabel gpt
|
||||||
parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB
|
parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB
|
||||||
|
Loading…
Reference in New Issue
Block a user