verita84/arch
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Your Name 2023-05-07 21:21:17 -06:00
parent 6fd18aa9ba
commit e910b886d5
1 changed files with 176 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

302
debian.sh
View File

@ -6,19 +6,14 @@
#
# INSTRUCTIONS
#
# For new disk installs, initialize the disk to setup Encryption and partitions:
# ./debian.sh initialize nvme0n1 (DO NOT SPECIFY /dev/ !)
# For new disk installs, initialize the disk to setup Encryption and partitions from the main menu.
#
# Before running the install, ensure that you have Internet access. If you modify the
# WIRELESS_PASSWORD and SSID in this file, you can connect to the Internet with:
# ./debian.sh wifi
# Before running the install, ensure that you have Internet access.
#
# Plesae be sure to change USER,USER_PASSWORD,DISK_PASSWORD, and ROOT_PASSWORD strings in this file
# Please be sure to change USER,USER_PASSWORD,DISK_PASSWORD, and ROOT_PASSWORD strings in this file
#
# To install/reinstall the OS:
# ./debian.sh install nvme0n1
# To install a new OS to a disk, run debian.sh and choose option 1 from the main menu
#
# reboot
########################
#Configure this section
########################
@ -29,39 +24,39 @@ mkdir $TARGET
######################################
echo
HARD_DISK=$2
EFI="/dev/$(lsblk | grep $HARD_DISK | head -2 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)"
BTRFS="/dev/$(lsblk | grep $HARD_DISK | head -4 | tail -1 | sed 's/└─//' | cut -d ' ' -f1)"
BOOT="/dev/$(lsblk | grep $HARD_DISK | head -3 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)"
ROOT_NAME='debian'
ROOT_MAPPER_NAME='root'
BACKUP_DISK='/dev/disk/by-uuid/da0af184-781f-49f8-bd3f-f3b869a08fcf'
BACKUP_DISK_MAPPER='usb'
BACKUP_DISK_ROOT_NAME='usb'
BACKUP_DISK_IMAGES="$TARGET/@$BACKUP_DISK_ROOT_NAME/var/backups"
######################################
USER="verita84"
USER="user"
USER_PASSWORD="123456"
ROOT_PASSWORD="123456"
WIRELESS_PASSWORD='123456'
SSID='123456'
SSID='wifiname'
WIRELESS_INTERFACE='wlan0'
DISK_PASSWORD='123456'
COMPRESSION='compress=zlib:5'
DEBIAN_RELEASE='bookworm'
AUTO_DECRYPT='True'
FLATPAKS+=( org.kde.kapman net.sourceforge.ExtremeTuxRacer com.github.bjaraujo.Bombermaaan org.supertuxproject.SuperTux net.supertuxkart.SuperTuxKart net.sourceforge.chromium-bsu io.jor.mightymike com.eduke32.EDuke32 com.zandronum.Zandronum net.openra.OpenRA)
FLATPAKS+=(org.kde.kapman net.sourceforge.ExtremeTuxRacer com.github.bjaraujo.Bombermaaan org.supertuxproject.SuperTux net.supertuxkart.SuperTuxKart net.sourceforge.chromium-bsu io.jor.mightymike com.eduke32.EDuke32 com.zandronum.Zandronum net.openra.OpenRA)
#Packages
PACKAGES=" resolvconf wireguard wireguard-tools podman-toolbox nmap libsecret-tools libglu1-mesa preload flatpak powertop acpi cockpit cockpit-podman packagekit cockpit-packagekit cockpit-storaged "
BASE_PACKAGES=" inotify-tools debootstrap aardvark-dns podman-compose btop shfmt cups apt-transport-https samba samba-common nfs-common nfs-kernel-server linux-cpupower locales zram-tools acpid podman ghostscript cifs-utils ntp vim-airline rsync screen base udev git network-manager efibootmgr linux-headers-amd64 cryptsetup network-manager-openvpn ntp screen docbook-xsl alsa-utils sysstat fuse3 build-essential unzip bash-completion parted dosfstools wget curl "
SHARED_DESKTOP_APPS=" nheko firefox-esr kwin-addons power-profiles-daemon kde-standard konsole dolphin kde-spectacle print-manager digikam yt-dlp keepassxc telegram-desktop krita nextcloud-desktop handbrake calligra "
PACKAGES=" resolvconf wireguard wireguard-tools nmap libsecret-tools libglu1-mesa preload flatpak powertop acpi cockpit cockpit-podman packagekit cockpit-packagekit cockpit-storaged "
BASE_PACKAGES=" inotify-tools debootstrap cups apt-transport-https samba samba-common nfs-common nfs-kernel-server linux-cpupower locales zram-tools acpid podman ghostscript cifs-utils ntp vim-airline rsync screen base udev git network-manager efibootmgr linux-headers-amd64 cryptsetup network-manager-openvpn ntp screen docbook-xsl alsa-utils sysstat fuse3 build-essential unzip bash-completion parted dosfstools wget curl "
SHARED_DESKTOP_APPS=" nheko firefox-esr kwin-addons kde-standard konsole dolphin kde-spectacle print-manager digikam keepassxc telegram-desktop krita nextcloud-desktop handbrake calligra "
#REMOVED=" cockpit-pcp "
#TROUBLESOME_PACKAGES - packages here that may not be available for your Debian release
TROUBLESOME_PACKAGES=" aardvark-dns shfmt podman-compose btop podman-toolbox yt-dlp power-profiles-daemon "
VIRTUALIZATION=" virt-manager qemu-system libvirt-daemon-system ovmf cockpit-machines"
PACKAGES=$BASE_PACKAGES$PACKAGES$SHARED_DESKTOP_APPS
#PACKAGES=$BASE_PACKAGES
SERVICES+=(powertop preload)
TAR_EXCLUDES="--exclude=/.snapshots --exclude=/snapshots --exclude=/var/backups --exclude=/volumes/* --exclude=/mnt/* --exclude=/var/tmp/* --exclude=/tmp/* --exclude=/raid/* --exclude=/root/* --exclude=/var/cache/apt/archives/* --exclude=/proc/* --exclude=/.snapshots/* --exclude=/var/lib/libvirt/* --exclude=/dev/* --exclude=/sys/* --exclude=/home/* --exclude=/var/lib/flatpak --exclude=/var/lib/postgresql --exclude=/var/lib/containers"
partitionDetection() {
#This is used for the installer to do script-based actions
EFI="/dev/$(lsblk | grep $HARD_DISK | head -2 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)"
BTRFS="/dev/$(lsblk | grep $HARD_DISK | head -4 | tail -1 | sed 's/└─//' | cut -d ' ' -f1)"
BOOT="/dev/$(lsblk | grep $HARD_DISK | head -3 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)"
}
partitionDetection
auto_login() {
mkdir -p $TARGET/etc/sddm.conf.d
echo "[Autologin]" >$TARGET/etc/sddm.conf.d/autologin
@ -72,22 +67,14 @@ auto_login() {
create-os-snapshots() {
echo
if [ -z "${2}" ]; then
mkdir $BACKUP_DISK_IMAGES
echo "[Creating new OS snapshot to $BACKUP_DISK_IMAGES/$1.tgz]"
mkdir $2
echo "[Creating new OS snapshot to $2/$3.tgz]"
echo
echo
TAR_EXCLUDES="$TAR_EXCLUDES --exclude=$TARGET/*"
time tar cpzf $BACKUP_DISK_IMAGES/$1.tgz $TAR_EXCLUDES /
chown $USER:$USER $BACKUP_DISK_IMAGES/$1.tgz
else
echo "[Creating new OS snapshot to $2/$1.tgz]"
NEW_TAR_EXCLUDES="$TAR_EXCLUDES --exclude=$TARGET/*"
echo
echo
time tar cpzf $2/$1.tgz $TAR_EXCLUDES /
chown $USER:$USER $2/$1.tgz
fi
time tar cpzf $2/$3.tgz $NEW_TAR_EXCLUDES /
chown $USER:$USER $2/$3.tgz
}
homeBackup() {
@ -100,23 +87,23 @@ homeBackup() {
os-backup() {
umount $TARGET
printf "$DISK_PASSWORD" | cryptsetup open $BACKUP_DISK $BACKUP_DISK_MAPPER
printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $ROOT_MAPPER_NAME
if [[ -e "/dev/mapper/$BACKUP_DISK_MAPPER" ]]; then
if [[ -e "/dev/mapper/$ROOT_MAPPER_NAME" ]]; then
echo
echo "[Mounting.....]"
echo
mount /dev/mapper/$BACKUP_DISK_MAPPER $TARGET
mount /dev/mapper/$ROOT_MAPPER_NAME $TARGET
if [[ -e "$TARGET/@$BACKUP_DISK_ROOT_NAME/usr/bin/bash" ]]; then
if [ "$2" = "home" ]; then
if [[ -e "$TARGET/@$ROOT_NAME/usr/bin/bash" ]]; then
if [ "$1" = "home" ]; then
homeBackup
fi
create-os-snapshots "$1"
create-os-snapshots "$1" "$2" "$3"
else
echo
echo "Aborting Install, $TARGET/@$BACKUP_DISK_ROOT_NAME/usr/bin/bash not found!"
echo "Aborting Install, $TARGET/@$ROOT_MAPPER_NAME/usr/bin/bash not found!"
echo
echo
exit 1
@ -124,7 +111,7 @@ os-backup() {
else
echo
echo "Aborting Install, /dev/mapper/$BACKUP_DISK_MAPPER not found!"
echo "Aborting Install, /dev/mapper/$ROOT_MAPPER_NAME not found!"
echo
echo
exit 1
@ -132,27 +119,20 @@ os-backup() {
ls $TARGET/
umount $TARGET
cryptsetup close $BACKUP_DISK_MAPPER
cryptsetup close $ROOT_MAPPER_NAME
}
os-restore() {
ROOT_CHECK=$(mount | grep ' / ')
if [[ "$ROOT_CHECK" == *"$BACKUP_DISK_ROOT_NAME"* ]]; then
BACKUP_DISK_IMAGES="/var/backups"
fi
if [ "${4}" ]; then
BACKUP_DISK_IMAGES="${4}"
fi
partitions
rm -rf $TARGET/usr $TARGET/sbin $TARGET/lib32 $TARGET/libx32 $TARGET/lib $TARGET/vmlinuz* $TARGET/initrd* $TARGET/bin $TARGET/var $TARGET/root $TARGET/opt $TARGET/etc $TARGET/run
echo "[Restoring OS tarfile from $BACKUP_DISK_IMAGES/$2.tgz]"
clear
echo "[Restoring OS tarfile from $4/$2.tgz]"
echo
tar xfp $BACKUP_DISK_IMAGES/$2.tgz -C $TARGET/
tar xfp $4/$2.tgz -C $TARGET/
if [ "$3" = "home" ]; then
echo "[Restoring /home]"
echo
rsync -a --delete /home/ $TARGET/home/
fi
@ -160,7 +140,7 @@ os-restore() {
cp -f debian.sh $TARGET/
systemMounts
chmod +x $TARGET/debian.sh
chroot $TARGET /debian.sh bootloader $1
chroot $TARGET /debian.sh bootloader $1 $2 $5
chroot $TARGET /debian.sh btrfs-tweaks
chroot $TARGET /debian.sh accounts
chown -R $USER:$USER $TARGET/home/$USER
@ -186,7 +166,7 @@ decryptBoot() {
echo "Clearing Old Keys"
echo
for i in 1 2 3 4 5 6; do
printf "$DISK_PASSWORD" | cryptsetup luksKillSlot ${BTRFS} $i
printf "$DISK_PASSWORD" | cryptsetup luksKillSlot $1 $i
done
dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4
chown root:root /etc/$KEYFILE
@ -194,7 +174,7 @@ decryptBoot() {
echo
echo "Adding new key......"
echo
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} /etc/$KEYFILE
printf "$DISK_PASSWORD" | cryptsetup luksAddKey $1 /etc/$KEYFILE
sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab
echo "KEYFILE_PATTERN=\"/etc/*.key\"" >/etc/cryptsetup-initramfs/conf-hook
}
@ -241,7 +221,9 @@ install-tor() {
}
additional-software() {
echo;echo "Installing Additional Software.......";echo
echo
echo "Installing Additional Software......."
echo
#install-tor
#install-vivaldi
#install-brave
@ -264,6 +246,7 @@ configure-repository() {
chroot $TARGET /usr/bin/apt update
chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt install -y $PACKAGES"
chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt dist-upgrade -y -t $DEBIAN_RELEASE-backports"
chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt install -y -t $DEBIAN_RELEASE-backports $TROUBLESOME_PACKAGES"
chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt auto-remove -y"
fi
@ -277,11 +260,10 @@ make-image() {
configure-repository
locale
custom_service_files
services
cp -f debian.sh $TARGET/usr/bin/
cp -f debian.tar $TARGET/etc/default/
echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh
echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh
echo "bash /usr/bin/debian.sh bootloader $1 $ROOT_NAME $ROOT_MAPPER_NAME" >>$TARGET/setup.sh
echo 'bash /usr/bin/debian.sh grub-snapshots' >>$TARGET/setup.sh
echo 'bash /usr/bin/debian.sh desktop' >>$TARGET/setup.sh
echo 'bash /usr/bin/debian.sh additional-software' >>$TARGET/setup.sh
@ -315,14 +297,13 @@ install() {
locale
auto_login
custom_service_files
services
setup_script "$1"
echo -e "ALGO=zstd\nPERCENT=60" | tee -a $TARGET/etc/default/zramswap
unmount
}
desktop() {
SERVICES+=(pmcd pmie pmlogger pmproxy exim4 cockpit.socket apparmor nfs-server smbd rpbind rpcbind.socket avahi-daemon bluetooth minidlna)
SERVICES+=(pmcd pmie pmlogger pmproxy exim4 cockpit.socket apparmor nfs-server smbd rpbind rpcbind.socket avahi-daemon bluetooth)
for i in "${SERVICES[@]}"; do
systemctl disable --now $i
done
@ -386,7 +367,7 @@ secure-boot() {
echo "Disabling Automatic Password Decryption for Hard Disk....."
echo
AUTO_DECRYPT='False'
bootloader "$1"
bootloader "$1" "$ROOT_NAME" "$ROOT_MAPPER_NAME"
fi
}
@ -396,13 +377,15 @@ bootloader() {
echo "Error: No Disk specified!"
echo
else
ROOT_MAPPER_NAME="$3"
ROOT_NAME="$2"
rm -rf /boot/grub/themes
mkdir -p /boot/grub/themes
tar xf /etc/default/debian.tar -C /boot/grub/themes/
plymouth-set-default-theme -R spacefun
echo "$ROOT_MAPPER_NAME UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2) none luks" >/etc/crypttab
if [ "$AUTO_DECRYPT" == "True" ]; then
decryptBoot
decryptBoot "${BTRFS}"
fi
/sbin/update-initramfs -c -k all
echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"" >/etc/default/grub
@ -420,7 +403,7 @@ function setup_script() {
cp -f debian.sh $TARGET/usr/bin/
echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh
#sed -i 's/most/dep/i' $TARGET/etc/initramfs-tools/initramfs.conf
echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh
echo "bash /usr/bin/debian.sh bootloader $1 $ROOT_NAME $ROOT_MAPPER_NAME" >>$TARGET/setup.sh
echo 'bash /usr/bin/debian.sh grub-snapshots' >>$TARGET/setup.sh
echo 'bash /usr/bin/debian.sh accounts' >>$TARGET/setup.sh
echo 'bash /usr/bin/debian.sh desktop' >>$TARGET/setup.sh
@ -469,7 +452,7 @@ unmount() {
umount $TARGET/sys
umount $TARGET/boot
umount $TARGET/home
umount -R $TARGET/*
umount -lR $TARGET/*
umount -R $TARGET
umount -R $TARGET
cryptsetup close $ROOT_MAPPER_NAME
@ -562,34 +545,6 @@ custom_service_files() {
}
services() {
for i in "${SERVICES[@]}"; do
echo "systemctl enable $i" >>$TARGET/setup.sh
done
}
server-config() {
cp -f etc/smb.conf /etc/samba/
cp -f etc/99-sysctl.conf /etc/sysctl.d/
cp -f systemd/*.service /etc/systemd/system/
cp -f etc/exports /etc/
crontab >crontab
SERVICES+=(vip containers pmie pmielogger nfs-server.service exim4 cockpit.socket smbd)
for i in "${SERVICES[@]}"; do
systemctl enable $i
done
systemctl mask apparmor
systemctl disable --now exim4
systemctl mask exim4
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
systemctl isolate multi-user.target
apt autoremove -y
}
initialize-disk() {
parted /dev/$HARD_DISK mklabel gpt
parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB
@ -608,18 +563,19 @@ wifi() {
}
show-help() {
clear
echo
echo "debian.sh arguments:"
echo "[debian.sh arguments]"
echo
echo "./debian.sh install [disk]"
echo "./debian.sh backup [device name] [home]"
echo "./debian.sh restore [disk] [backup name] [home] [tar dir]"
echo "./debian.sh make-image [tar dir]"
echo "./debian.sh secure-boot [disk]"
echo "./debian.sh install"
echo "./debian.sh backup"
echo "./debian.sh restore"
echo "./debian.sh make-image"
echo "./debian.sh secure-boot"
echo "./debian.sh chroot [disk]"
echo "./debian.sh wifi"
echo "./debian.sh bootloader [disk]"
echo "./debian.sh initialize [disk]"
echo "./debian.sh bootloader [disk] [ROOT_NAME] [ROOT_MAPPER_NAME]"
echo "./debian.sh initialize"
echo "./debian.sh tar [device name] [location]"
echo "./debian.sh snapshot"
echo "./debian.sh reomve-snapshot"
@ -627,12 +583,117 @@ show-help() {
echo
}
if [ "$1" = "install" ]; then
install "$2"
elif [ "$1" = "desktop" ]; then
desktop
menu() {
clear
echo
echo "[Welcome to Verita84's Debian Installer System]"
echo
echo "[1] Install"
echo "[2] Backup"
echo "[3] Restore"
echo "[4] Create a deployable System Image"
echo "[5] Enable/Disable Disk Password at Boot"
echo "[6] Initialize Disk"
echo
read -p 'Your Choice: ' choice
if [[ $choice = 1 ]]; then
clear
echo "[Install] OS]"
echo
echo
set-devices
install "$HARD_DISK"
elif [[ $choice = 2 ]]; then
clear
echo "[Backup OS]"
echo
set-devices
read -p 'Backup Home Directory? : ' -e -i 'y' home_backup
read -p 'OS Backup Directory Location : ' -e -i "/install/\@$ROOT_NAME/var/backups" backup_directory
if [[ $home_backup = *n* ]]; then
os-backup "none" "$backup_directory" "$ROOT_NAME"
else
os-backup "home" "$backup_directory" "$ROOT_NAME"
fi
elif [[ $choice = 3 ]]; then
clear
echo "[Restore from Backup]"
echo
echo
set-devices
read -p 'Restore Directory Image Source: ' -e -i "/var/backups" restore_directory
read -p 'Restore Home Directory? : ' -e -i 'n' home_restore
read -p 'Backup file name to restore: ' -e -i 'debian' backup_name
if [[ $home_restore = *n* ]]; then
os-restore "$HARD_DISK" "$backup_name" "none" "$restore_directory" "$ROOT_MAPPER_NAME"
else
os-restore "$HARD_DISK" "$backup_name" "home" "$restore_directory" "$ROOT_MAPPER_NAME"
fi
elif [[ $choice = 4 ]]; then
clear
echo
echo "[Create Debian Image]"
echo
read -p 'Location to Store Image: ' -e -i "/home/$USER" image_directory
read -p 'Image File Name: ' -e -i "debian" ROOT_NAME
ROOT_MAPPER_NAME="/dev/foo"
make-image "$image_directory"
elif [[ $choice = 5 ]]; then
clear
echo "[Password Protection at Boot]"
echo
echo
set-devices
read -p 'Unlock Disk without password at boot time? ' -e -i "y" root_name
if [[ $pass_change = *n* ]]; then
bootloader "$HARD_DISK" "$ROOT_NAME" "$ROOT_MAPPER_NAME"
else
secure-boot "$HARD_DISK"
fi
elif [[ $choice = 6 ]]; then
clear
echo "[Initialize Disk]"
echo
echo
set-devices
initialize-disk
else
menu
fi
}
set-devices() {
i=0
while [ $i != "n" ]; do
clear
echo
echo "Disks and Partitions:"
echo
cat /proc/partitions
echo
echo "Erase the line and press enter to skip to the next detected disk"
echo
i=$(expr $i + 1)
read -p 'Disk Device to Use: ' -e -i $(lsblk | grep -i disk | grep -Evi 'swap' | cut -d ' ' -f1 | head -$i | tail -1) device
if [[ ! -z $device ]]; then
i="n"
fi
done
read -p 'BTRFS Root Volume name: ' -e -i "debian" root_name
read -p 'LUKS Device Mapper Name: ' -e -i "root" device_mapper_name
HARD_DISK=$device
partitionDetection
ROOT_NAME=$root_name
ROOT_MAPPER_NAME=$device_mapper_name
}
if [ "$1" = "desktop" ]; then
desktop
elif [ "$1" = "tar" ]; then
create-os-snapshots "$2" "$3"
create-os-snapshots "null" "$3" "$2"
elif [ "$1" = "kernel-packages" ]; then
kernel-packages
elif [ "$1" = "upgrade-system" ]; then
@ -641,8 +702,6 @@ elif [ "$1" = "additional-software" ]; then
additional-software
elif [ "$1" = "chroot" ]; then
enter_chroot
elif [ "$1" = "initialize" ]; then
initialize-disk
elif [ "$1" = "wifi" ]; then
wifi
elif [ "$1" = "accounts" ]; then
@ -650,27 +709,18 @@ elif [ "$1" = "accounts" ]; then
elif [ "$1" = "flatpaks" ]; then
flatpaks
elif [ "$1" = "bootloader" ]; then
bootloader "$2"
elif [ "$1" = "make-image" ]; then
make-image "$2"
bootloader "$2" "$3" "$4"
elif [ "$1" = "snapshot" ]; then
snapshots
elif [ "$1" = "secure-boot" ]; then
secure-boot "$2"
elif [ "$1" = "backup" ]; then
os-backup "$2" "$3"
elif [ "$1" = "server-config" ]; then
server-config
elif [ "$1" = "grub-snapshots" ]; then
grub-snapshots
elif [ "$1" = "btrfs-tweaks" ]; then
btrfs-tweaks
elif [ "$1" = "restore" ]; then
os-restore "$2" "$3" "$4" "$5"
elif [ "$1" = "remove-snapshot" ]; then
remove-snapshots
elif [ "$1" = "help" ]; then
show-help
else
show-help
menu
fi