From e910b886d5cb4473eab025d7c8e39aa86a5acc92 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 7 May 2023 21:21:17 -0600 Subject: [PATCH] fix --- debian.sh | 302 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 176 insertions(+), 126 deletions(-) diff --git a/debian.sh b/debian.sh index bcad240..536c401 100755 --- a/debian.sh +++ b/debian.sh @@ -6,19 +6,14 @@ # # INSTRUCTIONS # -# For new disk installs, initialize the disk to setup Encryption and partitions: -# ./debian.sh initialize nvme0n1 (DO NOT SPECIFY /dev/ !) +# For new disk installs, initialize the disk to setup Encryption and partitions from the main menu. # -# Before running the install, ensure that you have Internet access. If you modify the -# WIRELESS_PASSWORD and SSID in this file, you can connect to the Internet with: -# ./debian.sh wifi +# Before running the install, ensure that you have Internet access. # -# Plesae be sure to change USER,USER_PASSWORD,DISK_PASSWORD, and ROOT_PASSWORD strings in this file +# Please be sure to change USER,USER_PASSWORD,DISK_PASSWORD, and ROOT_PASSWORD strings in this file # -# To install/reinstall the OS: -# ./debian.sh install nvme0n1 +# To install a new OS to a disk, run debian.sh and choose option 1 from the main menu # -# reboot ######################## #Configure this section ######################## @@ -29,39 +24,39 @@ mkdir $TARGET ###################################### echo HARD_DISK=$2 -EFI="/dev/$(lsblk | grep $HARD_DISK | head -2 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)" -BTRFS="/dev/$(lsblk | grep $HARD_DISK | head -4 | tail -1 | sed 's/└─//' | cut -d ' ' -f1)" -BOOT="/dev/$(lsblk | grep $HARD_DISK | head -3 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)" -ROOT_NAME='debian' -ROOT_MAPPER_NAME='root' -BACKUP_DISK='/dev/disk/by-uuid/da0af184-781f-49f8-bd3f-f3b869a08fcf' -BACKUP_DISK_MAPPER='usb' -BACKUP_DISK_ROOT_NAME='usb' -BACKUP_DISK_IMAGES="$TARGET/@$BACKUP_DISK_ROOT_NAME/var/backups" ###################################### -USER="verita84" +USER="user" USER_PASSWORD="123456" ROOT_PASSWORD="123456" WIRELESS_PASSWORD='123456' -SSID='123456' +SSID='wifiname' WIRELESS_INTERFACE='wlan0' DISK_PASSWORD='123456' COMPRESSION='compress=zlib:5' DEBIAN_RELEASE='bookworm' AUTO_DECRYPT='True' -FLATPAKS+=( org.kde.kapman net.sourceforge.ExtremeTuxRacer com.github.bjaraujo.Bombermaaan org.supertuxproject.SuperTux net.supertuxkart.SuperTuxKart net.sourceforge.chromium-bsu io.jor.mightymike com.eduke32.EDuke32 com.zandronum.Zandronum net.openra.OpenRA) +FLATPAKS+=(org.kde.kapman net.sourceforge.ExtremeTuxRacer com.github.bjaraujo.Bombermaaan org.supertuxproject.SuperTux net.supertuxkart.SuperTuxKart net.sourceforge.chromium-bsu io.jor.mightymike com.eduke32.EDuke32 com.zandronum.Zandronum net.openra.OpenRA) #Packages -PACKAGES=" resolvconf wireguard wireguard-tools podman-toolbox nmap libsecret-tools libglu1-mesa preload flatpak powertop acpi cockpit cockpit-podman packagekit cockpit-packagekit cockpit-storaged " -BASE_PACKAGES=" inotify-tools debootstrap aardvark-dns podman-compose btop shfmt cups apt-transport-https samba samba-common nfs-common nfs-kernel-server linux-cpupower locales zram-tools acpid podman ghostscript cifs-utils ntp vim-airline rsync screen base udev git network-manager efibootmgr linux-headers-amd64 cryptsetup network-manager-openvpn ntp screen docbook-xsl alsa-utils sysstat fuse3 build-essential unzip bash-completion parted dosfstools wget curl " -SHARED_DESKTOP_APPS=" nheko firefox-esr kwin-addons power-profiles-daemon kde-standard konsole dolphin kde-spectacle print-manager digikam yt-dlp keepassxc telegram-desktop krita nextcloud-desktop handbrake calligra " +PACKAGES=" resolvconf wireguard wireguard-tools nmap libsecret-tools libglu1-mesa preload flatpak powertop acpi cockpit cockpit-podman packagekit cockpit-packagekit cockpit-storaged " +BASE_PACKAGES=" inotify-tools debootstrap cups apt-transport-https samba samba-common nfs-common nfs-kernel-server linux-cpupower locales zram-tools acpid podman ghostscript cifs-utils ntp vim-airline rsync screen base udev git network-manager efibootmgr linux-headers-amd64 cryptsetup network-manager-openvpn ntp screen docbook-xsl alsa-utils sysstat fuse3 build-essential unzip bash-completion parted dosfstools wget curl " +SHARED_DESKTOP_APPS=" nheko firefox-esr kwin-addons kde-standard konsole dolphin kde-spectacle print-manager digikam keepassxc telegram-desktop krita nextcloud-desktop handbrake calligra " #REMOVED=" cockpit-pcp " +#TROUBLESOME_PACKAGES - packages here that may not be available for your Debian release +TROUBLESOME_PACKAGES=" aardvark-dns shfmt podman-compose btop podman-toolbox yt-dlp power-profiles-daemon " VIRTUALIZATION=" virt-manager qemu-system libvirt-daemon-system ovmf cockpit-machines" PACKAGES=$BASE_PACKAGES$PACKAGES$SHARED_DESKTOP_APPS #PACKAGES=$BASE_PACKAGES -SERVICES+=(powertop preload) TAR_EXCLUDES="--exclude=/.snapshots --exclude=/snapshots --exclude=/var/backups --exclude=/volumes/* --exclude=/mnt/* --exclude=/var/tmp/* --exclude=/tmp/* --exclude=/raid/* --exclude=/root/* --exclude=/var/cache/apt/archives/* --exclude=/proc/* --exclude=/.snapshots/* --exclude=/var/lib/libvirt/* --exclude=/dev/* --exclude=/sys/* --exclude=/home/* --exclude=/var/lib/flatpak --exclude=/var/lib/postgresql --exclude=/var/lib/containers" +partitionDetection() { + #This is used for the installer to do script-based actions + EFI="/dev/$(lsblk | grep $HARD_DISK | head -2 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)" + BTRFS="/dev/$(lsblk | grep $HARD_DISK | head -4 | tail -1 | sed 's/└─//' | cut -d ' ' -f1)" + BOOT="/dev/$(lsblk | grep $HARD_DISK | head -3 | tail -1 | sed 's/├─//' | cut -d ' ' -f1)" +} +partitionDetection + auto_login() { mkdir -p $TARGET/etc/sddm.conf.d echo "[Autologin]" >$TARGET/etc/sddm.conf.d/autologin @@ -72,22 +67,14 @@ auto_login() { create-os-snapshots() { echo - - if [ -z "${2}" ]; then - mkdir $BACKUP_DISK_IMAGES - echo "[Creating new OS snapshot to $BACKUP_DISK_IMAGES/$1.tgz]" + mkdir $2 + echo "[Creating new OS snapshot to $2/$3.tgz]" echo echo - TAR_EXCLUDES="$TAR_EXCLUDES --exclude=$TARGET/*" - time tar cpzf $BACKUP_DISK_IMAGES/$1.tgz $TAR_EXCLUDES / - chown $USER:$USER $BACKUP_DISK_IMAGES/$1.tgz - else - echo "[Creating new OS snapshot to $2/$1.tgz]" + NEW_TAR_EXCLUDES="$TAR_EXCLUDES --exclude=$TARGET/*" echo - echo - time tar cpzf $2/$1.tgz $TAR_EXCLUDES / - chown $USER:$USER $2/$1.tgz - fi + time tar cpzf $2/$3.tgz $NEW_TAR_EXCLUDES / + chown $USER:$USER $2/$3.tgz } homeBackup() { @@ -100,23 +87,23 @@ homeBackup() { os-backup() { umount $TARGET - printf "$DISK_PASSWORD" | cryptsetup open $BACKUP_DISK $BACKUP_DISK_MAPPER + printf "$DISK_PASSWORD" | cryptsetup open ${BTRFS} $ROOT_MAPPER_NAME - if [[ -e "/dev/mapper/$BACKUP_DISK_MAPPER" ]]; then + if [[ -e "/dev/mapper/$ROOT_MAPPER_NAME" ]]; then echo echo "[Mounting.....]" echo - mount /dev/mapper/$BACKUP_DISK_MAPPER $TARGET + mount /dev/mapper/$ROOT_MAPPER_NAME $TARGET - if [[ -e "$TARGET/@$BACKUP_DISK_ROOT_NAME/usr/bin/bash" ]]; then - if [ "$2" = "home" ]; then + if [[ -e "$TARGET/@$ROOT_NAME/usr/bin/bash" ]]; then + if [ "$1" = "home" ]; then homeBackup fi - create-os-snapshots "$1" + create-os-snapshots "$1" "$2" "$3" else echo - echo "Aborting Install, $TARGET/@$BACKUP_DISK_ROOT_NAME/usr/bin/bash not found!" + echo "Aborting Install, $TARGET/@$ROOT_MAPPER_NAME/usr/bin/bash not found!" echo echo exit 1 @@ -124,7 +111,7 @@ os-backup() { else echo - echo "Aborting Install, /dev/mapper/$BACKUP_DISK_MAPPER not found!" + echo "Aborting Install, /dev/mapper/$ROOT_MAPPER_NAME not found!" echo echo exit 1 @@ -132,27 +119,20 @@ os-backup() { ls $TARGET/ umount $TARGET - cryptsetup close $BACKUP_DISK_MAPPER + cryptsetup close $ROOT_MAPPER_NAME } os-restore() { - - ROOT_CHECK=$(mount | grep ' / ') - if [[ "$ROOT_CHECK" == *"$BACKUP_DISK_ROOT_NAME"* ]]; then - BACKUP_DISK_IMAGES="/var/backups" - fi - - if [ "${4}" ]; then - BACKUP_DISK_IMAGES="${4}" - fi - partitions rm -rf $TARGET/usr $TARGET/sbin $TARGET/lib32 $TARGET/libx32 $TARGET/lib $TARGET/vmlinuz* $TARGET/initrd* $TARGET/bin $TARGET/var $TARGET/root $TARGET/opt $TARGET/etc $TARGET/run - echo "[Restoring OS tarfile from $BACKUP_DISK_IMAGES/$2.tgz]" + clear + echo "[Restoring OS tarfile from $4/$2.tgz]" echo - tar xfp $BACKUP_DISK_IMAGES/$2.tgz -C $TARGET/ + tar xfp $4/$2.tgz -C $TARGET/ if [ "$3" = "home" ]; then + echo "[Restoring /home]" + echo rsync -a --delete /home/ $TARGET/home/ fi @@ -160,7 +140,7 @@ os-restore() { cp -f debian.sh $TARGET/ systemMounts chmod +x $TARGET/debian.sh - chroot $TARGET /debian.sh bootloader $1 + chroot $TARGET /debian.sh bootloader $1 $2 $5 chroot $TARGET /debian.sh btrfs-tweaks chroot $TARGET /debian.sh accounts chown -R $USER:$USER $TARGET/home/$USER @@ -186,7 +166,7 @@ decryptBoot() { echo "Clearing Old Keys" echo for i in 1 2 3 4 5 6; do - printf "$DISK_PASSWORD" | cryptsetup luksKillSlot ${BTRFS} $i + printf "$DISK_PASSWORD" | cryptsetup luksKillSlot $1 $i done dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4 chown root:root /etc/$KEYFILE @@ -194,7 +174,7 @@ decryptBoot() { echo echo "Adding new key......" echo - printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} /etc/$KEYFILE + printf "$DISK_PASSWORD" | cryptsetup luksAddKey $1 /etc/$KEYFILE sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab echo "KEYFILE_PATTERN=\"/etc/*.key\"" >/etc/cryptsetup-initramfs/conf-hook } @@ -241,7 +221,9 @@ install-tor() { } additional-software() { - echo;echo "Installing Additional Software.......";echo + echo + echo "Installing Additional Software......." + echo #install-tor #install-vivaldi #install-brave @@ -264,6 +246,7 @@ configure-repository() { chroot $TARGET /usr/bin/apt update chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt install -y $PACKAGES" chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt dist-upgrade -y -t $DEBIAN_RELEASE-backports" + chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt install -y -t $DEBIAN_RELEASE-backports $TROUBLESOME_PACKAGES" chroot $TARGET /usr/bin/bash -c "export DEBIAN_FRONTEND=noninteractive;/usr/bin/apt auto-remove -y" fi @@ -277,11 +260,10 @@ make-image() { configure-repository locale custom_service_files - services cp -f debian.sh $TARGET/usr/bin/ cp -f debian.tar $TARGET/etc/default/ echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh - echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh + echo "bash /usr/bin/debian.sh bootloader $1 $ROOT_NAME $ROOT_MAPPER_NAME" >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh grub-snapshots' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh desktop' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh additional-software' >>$TARGET/setup.sh @@ -315,14 +297,13 @@ install() { locale auto_login custom_service_files - services setup_script "$1" echo -e "ALGO=zstd\nPERCENT=60" | tee -a $TARGET/etc/default/zramswap unmount } desktop() { - SERVICES+=(pmcd pmie pmlogger pmproxy exim4 cockpit.socket apparmor nfs-server smbd rpbind rpcbind.socket avahi-daemon bluetooth minidlna) + SERVICES+=(pmcd pmie pmlogger pmproxy exim4 cockpit.socket apparmor nfs-server smbd rpbind rpcbind.socket avahi-daemon bluetooth) for i in "${SERVICES[@]}"; do systemctl disable --now $i done @@ -386,7 +367,7 @@ secure-boot() { echo "Disabling Automatic Password Decryption for Hard Disk....." echo AUTO_DECRYPT='False' - bootloader "$1" + bootloader "$1" "$ROOT_NAME" "$ROOT_MAPPER_NAME" fi } @@ -396,13 +377,15 @@ bootloader() { echo "Error: No Disk specified!" echo else + ROOT_MAPPER_NAME="$3" + ROOT_NAME="$2" rm -rf /boot/grub/themes mkdir -p /boot/grub/themes tar xf /etc/default/debian.tar -C /boot/grub/themes/ plymouth-set-default-theme -R spacefun echo "$ROOT_MAPPER_NAME UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2) none luks" >/etc/crypttab if [ "$AUTO_DECRYPT" == "True" ]; then - decryptBoot + decryptBoot "${BTRFS}" fi /sbin/update-initramfs -c -k all echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"" >/etc/default/grub @@ -420,7 +403,7 @@ function setup_script() { cp -f debian.sh $TARGET/usr/bin/ echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh #sed -i 's/most/dep/i' $TARGET/etc/initramfs-tools/initramfs.conf - echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh + echo "bash /usr/bin/debian.sh bootloader $1 $ROOT_NAME $ROOT_MAPPER_NAME" >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh grub-snapshots' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh accounts' >>$TARGET/setup.sh echo 'bash /usr/bin/debian.sh desktop' >>$TARGET/setup.sh @@ -469,7 +452,7 @@ unmount() { umount $TARGET/sys umount $TARGET/boot umount $TARGET/home - umount -R $TARGET/* + umount -lR $TARGET/* umount -R $TARGET umount -R $TARGET cryptsetup close $ROOT_MAPPER_NAME @@ -562,34 +545,6 @@ custom_service_files() { } -services() { - for i in "${SERVICES[@]}"; do - echo "systemctl enable $i" >>$TARGET/setup.sh - done - -} - -server-config() { - cp -f etc/smb.conf /etc/samba/ - cp -f etc/99-sysctl.conf /etc/sysctl.d/ - cp -f systemd/*.service /etc/systemd/system/ - cp -f etc/exports /etc/ - crontab >crontab - - SERVICES+=(vip containers pmie pmielogger nfs-server.service exim4 cockpit.socket smbd) - for i in "${SERVICES[@]}"; do - systemctl enable $i - done - - systemctl mask apparmor - systemctl disable --now exim4 - systemctl mask exim4 - rm -f /etc/systemd/system/default.target - ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target - systemctl isolate multi-user.target - apt autoremove -y -} - initialize-disk() { parted /dev/$HARD_DISK mklabel gpt parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB @@ -608,18 +563,19 @@ wifi() { } show-help() { + clear echo - echo "debian.sh arguments:" + echo "[debian.sh arguments]" echo - echo "./debian.sh install [disk]" - echo "./debian.sh backup [device name] [home]" - echo "./debian.sh restore [disk] [backup name] [home] [tar dir]" - echo "./debian.sh make-image [tar dir]" - echo "./debian.sh secure-boot [disk]" + echo "./debian.sh install" + echo "./debian.sh backup" + echo "./debian.sh restore" + echo "./debian.sh make-image" + echo "./debian.sh secure-boot" echo "./debian.sh chroot [disk]" echo "./debian.sh wifi" - echo "./debian.sh bootloader [disk]" - echo "./debian.sh initialize [disk]" + echo "./debian.sh bootloader [disk] [ROOT_NAME] [ROOT_MAPPER_NAME]" + echo "./debian.sh initialize" echo "./debian.sh tar [device name] [location]" echo "./debian.sh snapshot" echo "./debian.sh reomve-snapshot" @@ -627,12 +583,117 @@ show-help() { echo } -if [ "$1" = "install" ]; then - install "$2" -elif [ "$1" = "desktop" ]; then - desktop +menu() { + clear + echo + echo "[Welcome to Verita84's Debian Installer System]" + echo + echo "[1] Install" + echo "[2] Backup" + echo "[3] Restore" + echo "[4] Create a deployable System Image" + echo "[5] Enable/Disable Disk Password at Boot" + echo "[6] Initialize Disk" + echo + read -p 'Your Choice: ' choice + if [[ $choice = 1 ]]; then + clear + echo "[Install] OS]" + echo + echo + set-devices + install "$HARD_DISK" + elif [[ $choice = 2 ]]; then + clear + echo "[Backup OS]" + echo + set-devices + read -p 'Backup Home Directory? : ' -e -i 'y' home_backup + read -p 'OS Backup Directory Location : ' -e -i "/install/\@$ROOT_NAME/var/backups" backup_directory + if [[ $home_backup = *n* ]]; then + os-backup "none" "$backup_directory" "$ROOT_NAME" + else + os-backup "home" "$backup_directory" "$ROOT_NAME" + fi + elif [[ $choice = 3 ]]; then + clear + echo "[Restore from Backup]" + echo + echo + set-devices + read -p 'Restore Directory Image Source: ' -e -i "/var/backups" restore_directory + read -p 'Restore Home Directory? : ' -e -i 'n' home_restore + read -p 'Backup file name to restore: ' -e -i 'debian' backup_name + + if [[ $home_restore = *n* ]]; then + os-restore "$HARD_DISK" "$backup_name" "none" "$restore_directory" "$ROOT_MAPPER_NAME" + else + os-restore "$HARD_DISK" "$backup_name" "home" "$restore_directory" "$ROOT_MAPPER_NAME" + fi + elif [[ $choice = 4 ]]; then + clear + echo + echo "[Create Debian Image]" + echo + read -p 'Location to Store Image: ' -e -i "/home/$USER" image_directory + read -p 'Image File Name: ' -e -i "debian" ROOT_NAME + ROOT_MAPPER_NAME="/dev/foo" + make-image "$image_directory" + elif [[ $choice = 5 ]]; then + clear + echo "[Password Protection at Boot]" + echo + echo + set-devices + read -p 'Unlock Disk without password at boot time? ' -e -i "y" root_name + if [[ $pass_change = *n* ]]; then + bootloader "$HARD_DISK" "$ROOT_NAME" "$ROOT_MAPPER_NAME" + else + secure-boot "$HARD_DISK" + fi + elif [[ $choice = 6 ]]; then + clear + echo "[Initialize Disk]" + echo + echo + set-devices + initialize-disk + else + menu + fi + +} + +set-devices() { + i=0 + while [ $i != "n" ]; do + clear + echo + echo "Disks and Partitions:" + echo + cat /proc/partitions + echo + echo "Erase the line and press enter to skip to the next detected disk" + echo + i=$(expr $i + 1) + read -p 'Disk Device to Use: ' -e -i $(lsblk | grep -i disk | grep -Evi 'swap' | cut -d ' ' -f1 | head -$i | tail -1) device + if [[ ! -z $device ]]; then + i="n" + fi + done + + read -p 'BTRFS Root Volume name: ' -e -i "debian" root_name + read -p 'LUKS Device Mapper Name: ' -e -i "root" device_mapper_name + HARD_DISK=$device + partitionDetection + ROOT_NAME=$root_name + ROOT_MAPPER_NAME=$device_mapper_name +} + +if [ "$1" = "desktop" ]; then + desktop elif [ "$1" = "tar" ]; then - create-os-snapshots "$2" "$3" + create-os-snapshots "null" "$3" "$2" elif [ "$1" = "kernel-packages" ]; then kernel-packages elif [ "$1" = "upgrade-system" ]; then @@ -641,8 +702,6 @@ elif [ "$1" = "additional-software" ]; then additional-software elif [ "$1" = "chroot" ]; then enter_chroot -elif [ "$1" = "initialize" ]; then - initialize-disk elif [ "$1" = "wifi" ]; then wifi elif [ "$1" = "accounts" ]; then @@ -650,27 +709,18 @@ elif [ "$1" = "accounts" ]; then elif [ "$1" = "flatpaks" ]; then flatpaks elif [ "$1" = "bootloader" ]; then - bootloader "$2" -elif [ "$1" = "make-image" ]; then - make-image "$2" + bootloader "$2" "$3" "$4" elif [ "$1" = "snapshot" ]; then snapshots -elif [ "$1" = "secure-boot" ]; then - secure-boot "$2" -elif [ "$1" = "backup" ]; then - os-backup "$2" "$3" -elif [ "$1" = "server-config" ]; then - server-config elif [ "$1" = "grub-snapshots" ]; then grub-snapshots elif [ "$1" = "btrfs-tweaks" ]; then btrfs-tweaks -elif [ "$1" = "restore" ]; then - os-restore "$2" "$3" "$4" "$5" + elif [ "$1" = "remove-snapshot" ]; then remove-snapshots elif [ "$1" = "help" ]; then show-help else - show-help + menu fi