#! /usr/bin/env bash FILE="$(realpath "${BASH_SOURCE[0]}")" DIRECTORY="$(dirname "${FILE}")" ROOT="$(dirname "${DIRECTORY}")" [ -d "${ROOT}" ] || exit 1 PROJECT="$(basename "${DIRECTORY}")" function get_path_mount { stat --format '%m' "${1}" } function get_mount_uuid { findmnt --noheadings --output 'UUID' "${1}" } function get_path_uuid { local tmp="$(get_path_mount "${1}")" get_mount_uuid "${tmp}" } ESP="$(get_path_uuid "${ROOT}")" if [ "${1}" ] ; then DATA="$(get_path_uuid "${1}")" else DATA="${ESP}" fi PGP_PUB='312ACDF9BB03C81ADE95B9C09C7613450C80C24F' function sign { if [ -d "${1}" ] ; then local file local files readarray -t files <<< "$(find "${1}" -type f | sort)" echo echo "${1}" for file in "${files[@]}" ; do sign "${file}" "${1}" done fi if [ -f "${1}" ] ; then if [ "${2}" ] ; then echo "$(realpath --relative-to "${2}" "${1}")" else echo "${1}" fi gpg \ --quiet \ --default-key "${PGP_PUB}!" \ --detach-sign \ "${1}" fi } NAME="$(basename "${FILE}")" PREVIOUS="${PWD}" cd "${DIRECTORY}" # imports ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ source "${NAME%.*}.mod" # variables ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ MEMDISK_ROOT='boot' MEMDISK_DIRECTORY="${MEMDISK_ROOT}/grub" MEMDISK_FILE="${MEMDISK_DIRECTORY}/grub.cfg" MEMDISK_PUB="${MEMDISK_DIRECTORY}/grub.pgp" MEMDISK_ARCHIVE="${MEMDISK_ROOT}.tar" UEFI_ROOT="${ROOT}/efi" UEFI_DIRECTORY="${UEFI_ROOT}/boot" UEFI_FILE="${UEFI_DIRECTORY}/bootx64.efi" UEFI_GRUB="${UEFI_DIRECTORY}/grubx64.efi" SIGNED_GRUB='/usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed' SIGNED_SHIM='/usr/lib/shim/shimx64.efi.signed' BIOS_DIRECTORY="${ROOT}/bios" BIOS_FILE="${BIOS_DIRECTORY}/core.img" BIOS_SETUP="${BIOS_DIRECTORY}/setup.sh" COMPRESSION='xz' BOOT_ROOT="${ROOT}/boot" GRUB_ROOT="${BOOT_ROOT}/grub" GRUB_CFG="${GRUB_ROOT}/grub.cfg" GRUBENV="${GRUB_ROOT}/grubenv" GRUB_ENV="${ROOT}/grub.env" GRUB_HEAD='# GRUB Environment Block' GRUB_PUB="${GRUB_ROOT}/grub.pgp" GRUB_SHIGNED="${DIRECTORY}/grubx64.efi.signed.sh" # wipe ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ rm --force --recursive \ "${MEMDISK_ROOT}" "${UEFI_ROOT}" "${BIOS_DIRECTORY}" # memdisk ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ mkdir --parents "${MEMDISK_DIRECTORY}" echo -n "\ # header " > "${MEMDISK_FILE}" cat "${GRUB_SHIGNED}" >> "${MEMDISK_FILE}" echo -n "\ # footer " >> "${MEMDISK_FILE}" gpg --export "${PGP_PUB}" > "${MEMDISK_PUB}" # gpg --detach-sign "${MEMDISK_PUB}" tar --create --auto-compress \ --file "${MEMDISK_ARCHIVE}" "${MEMDISK_ROOT}" # uefi ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ mkdir --parents "${UEFI_DIRECTORY}" grub-mkimage \ --compress "${COMPRESSION}" \ --memdisk "${MEMDISK_ARCHIVE}" \ --format 'x86_64-efi' \ --output "${UEFI_FILE}" \ --pubkey "${MEMDISK_PUB}" \ "${MODULES[@]}" # gpg --detach-sign "${UEFI_FILE}" if [ -f "${SIGNED_SHIM}" ] ; then mv "${UEFI_FILE}" "${UEFI_GRUB}" cp "${SIGNED_SHIM}" "${UEFI_FILE}" fi if [ -f "${SIGNED_GRUB}" ] ; then cp "${SIGNED_GRUB}" "${UEFI_GRUB}" fi # bios ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ mkdir "${BIOS_DIRECTORY}" cp '/usr/lib/grub/i386-pc/boot.img' "${BIOS_DIRECTORY}" grub-mkimage \ --compress "${COMPRESSION}" \ --memdisk "${MEMDISK_ARCHIVE}" \ --format 'i386-pc' \ --output "${BIOS_FILE}" \ --pubkey "${MEMDISK_PUB}" \ "${MODULES[@]}" "${MODULES_BIOS[@]}" echo -n '#! /usr/bin/env bash FILE="$(realpath "${BASH_SOURCE[0]}")" DIRECTORY="$(dirname "${FILE}")" /usr/lib/grub/i386-pc/grub-bios-setup \ --directory "${DIRECTORY}" \ "${1}" ' >> "${BIOS_SETUP}" # grub ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ rm --force --recursive "${GRUB_ROOT}" mkdir --parents "${GRUB_ROOT}" # grub / cfg ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ cp "${DIRECTORY}/grub.cfg.sh" "${GRUB_CFG}" # grub / env ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ function write_env { local file="${1}" local kv="${2}" local text="${GRUB_HEAD} ${kv}" while [ ${#text} -lt 1024 ] ; do text="${text}#" done echo -n "${text}" > "${file}" } write_env "${GRUBENV}" "\ live_name=${PROJECT} data_uuid=${DATA} " write_env "${GRUB_ENV}" "\ grub_sleep=999 " # grub / fonts ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ mkdir --parents "${GRUB_ROOT}/fonts" for font in $(find '/usr/share/grub' -type 'f' -name '*.pf2') ; do cp "${font}" "${GRUB_ROOT}/fonts" done # grub / themes ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ if cd '/usr/share/grub/themes' ; then mkdir --parents "${GRUB_ROOT}/themes" for theme in * ; do if [ -f "${theme}/theme.txt" ] ; then cp --recursive "${theme}" "${GRUB_ROOT}/themes" fi done fi cd "${DIRECTORY}" # grub / locales ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ mkdir --parents "${GRUB_ROOT}/locale" cd '/usr/share/locale' for locale in * ; do file="${locale}/LC_MESSAGES/grub.mo" if [ -f "${file}" ] ; then cp "${file}" "${GRUB_ROOT}/locale/${locale}.mo" fi done cd "${DIRECTORY}" # grub / pubkey ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ gpg --export "${PGP_PUB}" > "${GRUB_PUB}" # grub / modules ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ for target in 'x86_64-efi' 'i386-pc' ; do mkdir --parents "${GRUB_ROOT}/${target}" cd "/usr/lib/grub/${target}" for module in *.lst *.mod ; do cp "${module}" "${GRUB_ROOT}/${target}" done done cd "${DIRECTORY}" # sign ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ sign "${BIOS_DIRECTORY}" sign "${UEFI_DIRECTORY}" sign "${ROOT}/${PROJECT}/live" sign "${GRUB_ROOT}" # display ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ echo du --human-readable --summarize \ "${BIOS_DIRECTORY}" \ "${UEFI_ROOT}" \ "${BOOT_ROOT}" \ "${ROOT}" echo echo "ESP: ${ESP}" echo "DATA: ${DATA}" # clean ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ rm --force --recursive \ "${MEMDISK_ARCHIVE}" \ "${MEMDISK_ROOT}" # back ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ cd "${PREVIOUS}"