Compare commits
10 commits
903faba54e
...
377acbd817
| Author | SHA1 | Date | |
|---|---|---|---|
377acbd817
|
|||
|
c3240b8b15
|
|||
|
2f686e3512
|
|||
|
a56aa8124f
|
|||
|
dda61e2594
|
|||
|
4d64db0b70
|
|||
|
a0d487f473
|
|||
|
dc66287ed1
|
|||
|
ecff8f16bc
|
|||
|
de22cafbd0
|
10 changed files with 75 additions and 251 deletions
82
cs
82
cs
|
|
@ -1,82 +0,0 @@
|
|||
#! /usr/bin/env bash
|
||||
FILE="$(realpath "${BASH_SOURCE[0]}")"
|
||||
NAME="$(basename "${FILE}")"
|
||||
|
||||
ACTION_OPEN='open'
|
||||
ACTION_CLOSE='close'
|
||||
|
||||
CONTAINERS_DIRECTORY="/data/home/user/crypt"
|
||||
|
||||
CONTAINERS_MAP_DIRECTORY='/dev/mapper'
|
||||
CONTAINERS_MOUNT_DIRECTORY='/media'
|
||||
|
||||
function main {
|
||||
local action="${1}"
|
||||
local pass_phrase
|
||||
local container
|
||||
local container_name
|
||||
local container_file
|
||||
local container_map_file
|
||||
local container_mount_directory
|
||||
|
||||
case "${action}" in
|
||||
"${ACTION_OPEN}"|"${ACTION_CLOSE}")
|
||||
shift
|
||||
if [ "${1}" ]; then
|
||||
if [ "${action}" == "${ACTION_OPEN}" ]; then
|
||||
echo -n 'PassPhrase: '
|
||||
read -r -s pass_phrase
|
||||
echo
|
||||
fi
|
||||
for container in "${@}"; do
|
||||
echo
|
||||
case "${container}" in
|
||||
'p') container_name='private' ;;
|
||||
's') container_name='sensitive' ;;
|
||||
'w') container_name='work' ;;
|
||||
*) container_name="${container}" ;;
|
||||
esac
|
||||
container_file="${CONTAINERS_DIRECTORY}/${container_name}"
|
||||
if [ -f "${container_file}" ]; then
|
||||
container_map_file="${CONTAINERS_MAP_DIRECTORY}/${container_name}"
|
||||
container_mount_directory="${CONTAINERS_MOUNT_DIRECTORY}/${container_name}"
|
||||
case "${action}" in
|
||||
"${ACTION_OPEN}")
|
||||
echo "${container_file} → ${container_map_file}"
|
||||
echo "${pass_phrase}" \
|
||||
| cryptsetup luksOpen "${container_file}" "${container_name}"
|
||||
if [ ${?} -eq 0 ]; then
|
||||
mkdir --parents "${container_mount_directory}"
|
||||
echo "${container_map_file} → ${container_mount_directory}"
|
||||
mount "${container_map_file}" "${container_mount_directory}"
|
||||
fi
|
||||
;;
|
||||
"${ACTION_CLOSE}")
|
||||
echo "${container_map_file} ← ${container_mount_directory}"
|
||||
if umount "${container_map_file}"; then
|
||||
rmdir --ignore-fail-on-non-empty "${container_mount_directory}"
|
||||
echo "${container_file} ← ${container_map_file}"
|
||||
cryptsetup luksClose "${container_name}"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
else
|
||||
echo 'This path does not point to a file!'
|
||||
fi
|
||||
done
|
||||
else
|
||||
echo 'No container name provided!'
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo 'Usage:'
|
||||
echo "${NAME} [${ACTION_OPEN}|${ACTION_CLOSE}] [p] [s] [w]"
|
||||
echo
|
||||
echo 'p = private'
|
||||
echo 's = sensitive'
|
||||
echo 'w = work'
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
main "${@}"
|
||||
82
cs.old
82
cs.old
|
|
@ -1,82 +0,0 @@
|
|||
#! /usr/bin/env bash
|
||||
FILE="$(realpath "${BASH_SOURCE[0]}")"
|
||||
NAME="$(basename "${FILE}")"
|
||||
|
||||
ACTION_OPEN='open'
|
||||
ACTION_CLOSE='close'
|
||||
|
||||
CONTAINERS_DIRECTORY="/data/home/user/crypt"
|
||||
|
||||
CONTAINERS_MAP_DIRECTORY='/dev/mapper'
|
||||
CONTAINERS_MOUNT_DIRECTORY='/media'
|
||||
|
||||
function main {
|
||||
local action="${1}"
|
||||
local pass_phrase
|
||||
local container
|
||||
local container_name
|
||||
local container_file
|
||||
local container_map_file
|
||||
local container_mount_directory
|
||||
|
||||
case "${action}" in
|
||||
"${ACTION_OPEN}"|"${ACTION_CLOSE}")
|
||||
shift
|
||||
if [ "${1}" ]; then
|
||||
if [ "${action}" == "${ACTION_OPEN}" ]; then
|
||||
echo -n 'PassPhrase: '
|
||||
read -r -s pass_phrase
|
||||
echo
|
||||
fi
|
||||
for container in "${@}"; do
|
||||
echo
|
||||
case "${container}" in
|
||||
'p') container_name='private' ;;
|
||||
's') container_name='sensitive' ;;
|
||||
'w') container_name='work' ;;
|
||||
*) container_name="${container}" ;;
|
||||
esac
|
||||
container_file="${CONTAINERS_DIRECTORY}/${container_name}"
|
||||
if [ -f "${container_file}" ]; then
|
||||
container_map_file="${CONTAINERS_MAP_DIRECTORY}/${container_name}"
|
||||
container_mount_directory="${CONTAINERS_MOUNT_DIRECTORY}/${container_name}"
|
||||
case "${action}" in
|
||||
"${ACTION_OPEN}")
|
||||
echo "${container_file} → ${container_map_file}"
|
||||
echo "${pass_phrase}" \
|
||||
| cryptsetup luksOpen "${container_file}" "${container_name}"
|
||||
if [ ${?} -eq 0 ]; then
|
||||
mkdir --parents "${container_mount_directory}"
|
||||
echo "${container_map_file} → ${container_mount_directory}"
|
||||
mount "${container_map_file}" "${container_mount_directory}"
|
||||
fi
|
||||
;;
|
||||
"${ACTION_CLOSE}")
|
||||
echo "${container_map_file} ← ${container_mount_directory}"
|
||||
if umount "${container_map_file}"; then
|
||||
rmdir --ignore-fail-on-non-empty "${container_mount_directory}"
|
||||
echo "${container_file} ← ${container_map_file}"
|
||||
cryptsetup luksClose "${container_name}"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
else
|
||||
echo 'This path does not point to a file!'
|
||||
fi
|
||||
done
|
||||
else
|
||||
echo 'No container name provided!'
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo 'Usage:'
|
||||
echo "${NAME} [${ACTION_OPEN}|${ACTION_CLOSE}] [p] [s] [w]"
|
||||
echo
|
||||
echo 'p = private'
|
||||
echo 's = sensitive'
|
||||
echo 'w = work'
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
main "${@}"
|
||||
12
readme.md
12
readme.md
|
|
@ -1,12 +0,0 @@
|
|||
# SH
|
||||
|
||||
## Tasks
|
||||
|
||||
* [ ] git switch signing commits & tags
|
||||
* [ ] shellcheck & shfmt
|
||||
* [ ] python tools
|
||||
* [ ] log
|
||||
* [ ] hetzner
|
||||
* [ ] apt
|
||||
* [ ] apt-file search | grep
|
||||
* [ ] ffmpeg
|
||||
|
|
@ -3,7 +3,7 @@ a__overlay_bind_mount() {
|
|||
local directory
|
||||
for directory in "dev" "dev/pts" "proc" "sys"; do
|
||||
if ! mount --bind "/${directory}" "overlay/mount/${directory}"; then
|
||||
sh_log_error "Unable to bind mount directory: ${directory}"
|
||||
rwx_log_error "Unable to bind mount directory: ${directory}"
|
||||
return 1
|
||||
fi
|
||||
done
|
||||
|
|
@ -14,7 +14,7 @@ a__overlay_bind_unmount() {
|
|||
local directory
|
||||
for directory in "sys" "proc" "dev/pts" "dev"; do
|
||||
if ! umount --lazy "overlay/mount/${directory}"; then
|
||||
sh_log_error "Unable to bind unmount directory: ${directory}"
|
||||
rwx_log_error "Unable to bind unmount directory: ${directory}"
|
||||
return 1
|
||||
fi
|
||||
done
|
||||
|
|
@ -47,36 +47,36 @@ orm() { a__overlay_root_mount "${@}"; }
|
|||
a__overlay_root_mount() {
|
||||
local root="${1}"
|
||||
if [ -z "${root}" ]; then
|
||||
sh_log_error "No root target directory"
|
||||
rwx_log_error "No root target directory"
|
||||
return 1
|
||||
fi
|
||||
root="$(realpath "${root}")"
|
||||
if ! mkdir "overlay"; then
|
||||
sh_log_error "Unable to make overlay directory"
|
||||
rwx_log_error "Unable to make overlay directory"
|
||||
return 2
|
||||
fi
|
||||
(
|
||||
if ! cd "overlay"; then
|
||||
sh_log_error "Unable to move into overlay directory"
|
||||
rwx_log_error "Unable to move into overlay directory"
|
||||
return 3
|
||||
fi
|
||||
local directory
|
||||
for directory in "lower" "upper" "work" "mount"; do
|
||||
if ! mkdir --parents "${directory}"; then
|
||||
sh_log_error "Unable to make directory: ${directory}"
|
||||
rwx_log_error "Unable to make directory: ${directory}"
|
||||
return 4
|
||||
fi
|
||||
done
|
||||
local file="${root}/filesystem.squashfs"
|
||||
if ! mount "${file}" "lower"; then
|
||||
sh_log_error "Unable to lower mount: ${file}"
|
||||
rwx_log_error "Unable to lower mount: ${file}"
|
||||
return 5
|
||||
fi
|
||||
if ! mount \
|
||||
-o "lowerdir=lower,upperdir=upper,workdir=work" \
|
||||
-t "overlay" \
|
||||
"overlay" "mount"; then
|
||||
sh_log_error "Unable to overlay mount"
|
||||
rwx_log_error "Unable to overlay mount"
|
||||
return 6
|
||||
fi
|
||||
)
|
||||
|
|
@ -106,35 +106,35 @@ oru() { a__overlay_root_unmount "${@}"; }
|
|||
a__overlay_root_unmount() {
|
||||
(
|
||||
if ! cd "overlay"; then
|
||||
sh_log_error "Unable to move into overlay directory"
|
||||
rwx_log_error "Unable to move into overlay directory"
|
||||
return 1
|
||||
fi
|
||||
if ! umount "mount"; then
|
||||
sh_log_error "Unable to unmount mount directory"
|
||||
rwx_log_error "Unable to unmount mount directory"
|
||||
return 2
|
||||
fi
|
||||
if ! rmdir "mount"; then
|
||||
sh_log_error "Unable to remove mount directory"
|
||||
rwx_log_error "Unable to remove mount directory"
|
||||
return 3
|
||||
fi
|
||||
local directory
|
||||
for directory in "upper" "work"; do
|
||||
if ! rm --force --recursive "${directory}"; then
|
||||
sh_log_error "Unable to remove directory: ${directory}"
|
||||
rwx_log_error "Unable to remove directory: ${directory}"
|
||||
return 4
|
||||
fi
|
||||
done
|
||||
if ! umount "lower"; then
|
||||
sh_log_error "Unable to unmount lower directory"
|
||||
rwx_log_error "Unable to unmount lower directory"
|
||||
return 5
|
||||
fi
|
||||
if ! rmdir "lower"; then
|
||||
sh_log_error "Unable to remove lower directory"
|
||||
rwx_log_error "Unable to remove lower directory"
|
||||
return 6
|
||||
fi
|
||||
)
|
||||
if ! rmdir "overlay"; then
|
||||
sh_log_error "Unable to remove overlay directory"
|
||||
rwx_log_error "Unable to remove overlay directory"
|
||||
return 7
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,11 +14,11 @@ rwx_gnome_workspaces_primary() {
|
|||
local var="${group}/${name}"
|
||||
# get
|
||||
bool="$(gsettings get "${group}" "${name}")"
|
||||
sh_log_debug "${var}: ${bool}"
|
||||
rwx_log_debug "${var}: ${bool}"
|
||||
# not
|
||||
bool="$(sh_not "${bool}")"
|
||||
sh_log_debug "bool: ${bool}"
|
||||
bool="$(rwx_not "${bool}")"
|
||||
rwx_log_debug "bool: ${bool}"
|
||||
# set
|
||||
gsettings set "${group}" "${name}" "${bool}"
|
||||
sh_log_info "${var}: ${bool}"
|
||||
rwx_log_info "${var}: ${bool}"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,13 +2,13 @@ rwx_shellcheck_check() {
|
|||
local root="${1}"
|
||||
local file module modules path
|
||||
file="$(mktemp)"
|
||||
modules="$(sh_find_sh "${root}")"
|
||||
_sh_ifs_new
|
||||
modules="$(rwx_find_sh "${root}")"
|
||||
rwx_ifs_set
|
||||
for module in ${modules}; do
|
||||
path="${root}/${module}"
|
||||
echo ". \"${path}\"" >>"${file}"
|
||||
done
|
||||
_sh_ifs_pop
|
||||
rwx_ifs_unset
|
||||
shellcheck \
|
||||
--check-sourced \
|
||||
--enable "all" \
|
||||
|
|
|
|||
24
sh/main.sh
24
sh/main.sh
|
|
@ -2,19 +2,19 @@
|
|||
# │ constants │
|
||||
# ╰───────────╯
|
||||
|
||||
SH_MAIN_NAME="main.sh"
|
||||
SH_NAME="sh"
|
||||
RWX_MAIN_FILE_NAME="main.sh"
|
||||
RWX_NAME="sh"
|
||||
|
||||
SH_ROOT="/etc/${SH_NAME}"
|
||||
RWX_ROOT_SYSTEM="/etc/${RWX_NAME}"
|
||||
|
||||
SH_MAIN="${SH_ROOT}/${SH_MAIN_NAME}"
|
||||
RWX_MAIN="${RWX_ROOT_SYSTEM}/${RWX_MAIN_FILE_NAME}"
|
||||
|
||||
# ╭───────────╮
|
||||
# │ variables │
|
||||
# ╰───────────╯
|
||||
|
||||
SH_SHELL="$(cat "/proc/${$}/comm")"
|
||||
SH_USER="${HOME}/${SH_NAME}"
|
||||
RWX_SHELL="$(cat "/proc/${$}/comm")"
|
||||
RWX_ROOT_USER="${HOME}/${RWX_NAME}"
|
||||
|
||||
# ╭──────────╮
|
||||
# │ internal │
|
||||
|
|
@ -102,7 +102,7 @@ rwx_main_source() {
|
|||
[ -d "${path}" ] ||
|
||||
return 1
|
||||
local cmd count module modules
|
||||
modules="$(rwx_find_sh "${path}" "${SH_MAIN_NAME}")"
|
||||
modules="$(rwx_find_sh "${path}" "${RWX_MAIN_FILE_NAME}")"
|
||||
rwx_ifs_set
|
||||
count=0
|
||||
_rwx_main_log "" \
|
||||
|
|
@ -130,20 +130,20 @@ rwx_main_source() {
|
|||
# run initial steps
|
||||
rwx_main() {
|
||||
# system root
|
||||
if ! rwx_main_source "${SH_ROOT}"; then
|
||||
_rwx_main_log "Not a directory: ${SH_ROOT}"
|
||||
if ! rwx_main_source "${RWX_ROOT_SYSTEM}"; then
|
||||
_rwx_main_log "Not a directory: ${RWX_ROOT_SYSTEM}"
|
||||
return 1
|
||||
fi
|
||||
# user root
|
||||
rwx_main_source "${SH_USER}"
|
||||
rwx_main_source "${RWX_ROOT_USER}"
|
||||
# run interactive extras
|
||||
if rwx_shell_interactive; then
|
||||
# check format
|
||||
rwx_log
|
||||
rwx_shfmt_check "${SH_ROOT}"
|
||||
rwx_shfmt_check "${RWX_ROOT_SYSTEM}"
|
||||
# check syntax
|
||||
rwx_log
|
||||
rwx_shellcheck_check "${SH_ROOT}"
|
||||
rwx_shellcheck_check "${RWX_ROOT_SYSTEM}"
|
||||
# help
|
||||
rwx_log
|
||||
rwx_help
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
rwx_rescue_configure() {
|
||||
local hostname="${1}"
|
||||
# apt / conf
|
||||
sh_apt_conf_write
|
||||
rwx_apt_conf_write
|
||||
# apt / sources
|
||||
sh_apt_sources_write
|
||||
rwx_apt_sources_write
|
||||
# bash / rc
|
||||
main_link_bashrc
|
||||
mv "${HOME}/.bashrc" "${HOME}/.bashrc.old"
|
||||
|
|
@ -17,26 +17,26 @@ fr_FR.UTF-8 UTF-8
|
|||
# generate locales
|
||||
locale-gen
|
||||
# update catalog
|
||||
sh_apt_update
|
||||
rwx_apt_update
|
||||
# disable frontend
|
||||
sh_debian_frontend_disable
|
||||
rwx_debian_frontend_disable
|
||||
# install backports
|
||||
sh_apt_install_backports "tmux"
|
||||
rwx_apt_install_backports "tmux"
|
||||
# install packages
|
||||
sh_apt_install_release "apt-file" "mosh" "screen" "byobu"
|
||||
rwx_apt_install_release "apt-file" "mosh" "screen" "byobu"
|
||||
# update catalog
|
||||
sh_apt_update
|
||||
rwx_apt_update
|
||||
}
|
||||
|
||||
rwx_rescue_install() {
|
||||
# update catalog
|
||||
sh_apt_update
|
||||
rwx_apt_update
|
||||
# disable frontend
|
||||
sh_debian_frontend_disable
|
||||
rwx_debian_frontend_disable
|
||||
# upgrade packages
|
||||
sh_apt_upgrade
|
||||
rwx_apt_upgrade
|
||||
# install packages
|
||||
sh_apt_install_release \
|
||||
rwx_apt_install_release \
|
||||
"man-db" \
|
||||
"dmidecode" "efibootmgr" "lshw" "pciutils" "usbutils" \
|
||||
"parted" "mdadm" "cryptsetup-bin" "lvm2" \
|
||||
|
|
@ -45,7 +45,7 @@ rwx_rescue_install() {
|
|||
"exa" "lf" "ncdu" "nnn" "ranger" "tree" \
|
||||
"file" "htop" "iotop" "ipcalc" "libdigest-sha3-perl" "lsof"
|
||||
# install backports
|
||||
sh_apt_install_backports \
|
||||
rwx_apt_install_backports \
|
||||
"grub-pc-bin" \
|
||||
\
|
||||
"grub-efi-amd64-bin"
|
||||
|
|
@ -84,7 +84,7 @@ rwx_rescue_upload() {
|
|||
}
|
||||
|
||||
rwx_rescue_wipe_1_zero() {
|
||||
sh_fs_wipe "/dev/mapper/crypt" "512M"
|
||||
rwx_fs_wipe "/dev/mapper/crypt" "512M"
|
||||
}
|
||||
|
||||
rwx_rescue_wipe_3_close() {
|
||||
|
|
|
|||
|
|
@ -7,9 +7,9 @@ rwx_rescue_wipe_0_init_hetzner_8_8() {
|
|||
local number
|
||||
local passphrase
|
||||
# read passphrase
|
||||
passphrase="$(sh_read_passphrase)"
|
||||
passphrase="$(rwx_read_passphrase)"
|
||||
# warn
|
||||
sh_warn_wipe "${@}"
|
||||
rwx_warn_wipe "${@}"
|
||||
#
|
||||
number=0
|
||||
for device in "${@}"; do
|
||||
|
|
@ -34,7 +34,7 @@ rwx_rescue_wipe_0_init_hetzner_8_8() {
|
|||
echo
|
||||
echo "#${number}: ${device}4"
|
||||
# wipe bios
|
||||
sh_fs_wipe "${device}4"
|
||||
rwx_fs_wipe "${device}4"
|
||||
done
|
||||
#
|
||||
number=0
|
||||
|
|
@ -43,8 +43,8 @@ rwx_rescue_wipe_0_init_hetzner_8_8() {
|
|||
echo
|
||||
echo "#${number}: ${device}3"
|
||||
# format esp
|
||||
sh_fs_wipe "${device}3" "1M"
|
||||
sh_fs_make_fat "${device}3" "esp-${number}" "0000000${number}"
|
||||
rwx_fs_wipe "${device}3" "1M"
|
||||
rwx_fs_make_fat "${device}3" "esp-${number}" "0000000${number}"
|
||||
# mount esp
|
||||
mkdir --parents "/media/esp/${number}"
|
||||
mount "${device}3" "/media/esp/${number}"
|
||||
|
|
@ -56,17 +56,17 @@ rwx_rescue_wipe_0_init_hetzner_8_8() {
|
|||
echo
|
||||
echo "#${number}: ${device}2"
|
||||
# wipe boot
|
||||
sh_fs_wipe "${device}2" "1G" 1
|
||||
rwx_fs_wipe "${device}2" "1G" 1
|
||||
done
|
||||
#
|
||||
members=""
|
||||
for device in "${@}"; do
|
||||
members="${members} ${device}2"
|
||||
done
|
||||
sh_fs_raid_create \
|
||||
rwx_fs_raid_create \
|
||||
"boot" "00000000:00000000:00000000:00000002" ${members}
|
||||
#
|
||||
sh_fs_make_btrfs "/dev/md/boot" "boot" \
|
||||
rwx_fs_make_btrfs "/dev/md/boot" "boot" \
|
||||
"00000000-0000-0000-0000-00000000000b"
|
||||
# mount boot
|
||||
mkdir --parents "/media/boot"
|
||||
|
|
@ -80,17 +80,17 @@ rwx_rescue_wipe_0_init_hetzner_8_8() {
|
|||
echo
|
||||
echo "#${number}: ${device}1"
|
||||
# wipe crypt head
|
||||
sh_fs_wipe "${device}1" "1G" 1
|
||||
rwx_fs_wipe "${device}1" "1G" 1
|
||||
done
|
||||
#
|
||||
members=""
|
||||
for device in "${@}"; do
|
||||
members="${members} ${device}1"
|
||||
done
|
||||
sh_fs_raid_create \
|
||||
rwx_fs_raid_create \
|
||||
"crypt" "00000000:00000000:00000000:00000001" ${members}
|
||||
# encrypt
|
||||
sh_fs_luks_format "${passphrase}" "/dev/md/crypt"
|
||||
rwx_fs_luks_format "${passphrase}" "/dev/md/crypt"
|
||||
# open
|
||||
echo "${passphrase}" |
|
||||
cryptsetup luksOpen "/dev/md/crypt" "crypt"
|
||||
|
|
@ -103,16 +103,16 @@ rwx_rescue_wipe_2_make_hetzner_8_8() {
|
|||
# close
|
||||
cryptsetup luksClose "crypt"
|
||||
# read passphrase
|
||||
passphrase="$(sh_read_passphrase)"
|
||||
passphrase="$(rwx_read_passphrase)"
|
||||
# encrypt
|
||||
sh_fs_luks_format "${passphrase}" "/dev/md/crypt"
|
||||
rwx_fs_luks_format "${passphrase}" "/dev/md/crypt"
|
||||
# open
|
||||
echo "${passphrase}" |
|
||||
cryptsetup luksOpen "/dev/md/crypt" "crypt"
|
||||
# passphrase
|
||||
unset passphrase
|
||||
# format crypt
|
||||
sh_fs_make_btrfs "/dev/mapper/crypt" "crypt" \
|
||||
rwx_fs_make_btrfs "/dev/mapper/crypt" "crypt" \
|
||||
"00000000-0000-0000-0000-00000000000c"
|
||||
# mount crypt
|
||||
mkdir --parents "/media/crypt"
|
||||
|
|
@ -120,6 +120,6 @@ rwx_rescue_wipe_2_make_hetzner_8_8() {
|
|||
--options "autodefrag,compress-force=zstd" \
|
||||
"/dev/mapper/crypt" "/media/crypt"
|
||||
# make swap file
|
||||
sh_fs_make_btrfs_swap "/media/crypt/swap" "64g" \
|
||||
rwx_fs_make_btrfs_swap "/media/crypt/swap" "64g" \
|
||||
"00000000-0000-0000-0000-000000000005"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,9 +2,9 @@ rwx_rescue_wipe_0_init_ovh_vle2() {
|
|||
local device="/dev/sdb"
|
||||
local passphrase
|
||||
# read passphrase
|
||||
passphrase="$(sh_read_passphrase)"
|
||||
passphrase="$(rwx_read_passphrase)"
|
||||
# warn
|
||||
sh_warn_wipe "${device}"
|
||||
rwx_warn_wipe "${device}"
|
||||
#
|
||||
parted --script "${device}" \
|
||||
mktable gpt \
|
||||
|
|
@ -16,27 +16,27 @@ rwx_rescue_wipe_0_init_ovh_vle2() {
|
|||
mkpart bios 1 2 \
|
||||
set 4 bios_grub on
|
||||
# bios / wipe
|
||||
sh_fs_wipe "${device}4"
|
||||
rwx_fs_wipe "${device}4"
|
||||
# esp / wipe
|
||||
sh_fs_wipe "${device}3" "1M"
|
||||
rwx_fs_wipe "${device}3" "1M"
|
||||
# esp / format
|
||||
sh_fs_make_fat "${device}3" "esp" "00000001"
|
||||
rwx_fs_make_fat "${device}3" "esp" "00000001"
|
||||
# esp / mount
|
||||
mkdir --parents "/media/esp"
|
||||
mount "${device}3" "/media/esp"
|
||||
# boot / wipe
|
||||
sh_fs_wipe "${device}2" "1G" 1
|
||||
rwx_fs_wipe "${device}2" "1G" 1
|
||||
# boot / format
|
||||
sh_fs_make_btrfs "${device}2" "boot" \
|
||||
rwx_fs_make_btrfs "${device}2" "boot" \
|
||||
"00000000-0000-0000-0000-00000000000b"
|
||||
# boot / mount
|
||||
mkdir --parents "/media/boot"
|
||||
mount --options "autodefrag,compress-force=zstd" \
|
||||
"${device}2" "/media/boot"
|
||||
# crypt / wipe
|
||||
sh_fs_wipe "${device}1" "1G" 1
|
||||
rwx_fs_wipe "${device}1" "1G" 1
|
||||
# crypt / encrypt
|
||||
sh_fs_luks_format "${passphrase}" "${device}1"
|
||||
rwx_fs_luks_format "${passphrase}" "${device}1"
|
||||
# crypt / open
|
||||
echo "${passphrase}" |
|
||||
cryptsetup luksOpen "${device}1" "crypt"
|
||||
|
|
@ -50,22 +50,22 @@ rwx_rescue_wipe_2_make_ovh_vle2() {
|
|||
# crypt / close
|
||||
cryptsetup luksClose "crypt"
|
||||
# read passphrase
|
||||
passphrase="$(sh_read_passphrase)"
|
||||
passphrase="$(rwx_read_passphrase)"
|
||||
# crypt / encrypt
|
||||
sh_fs_luks_format "${passphrase}" "${device}1"
|
||||
rwx_fs_luks_format "${passphrase}" "${device}1"
|
||||
# crypt / open
|
||||
echo "${passphrase}" |
|
||||
cryptsetup luksOpen "${device}1" "crypt"
|
||||
# passphrase
|
||||
unset passphrase
|
||||
# crypt / format
|
||||
sh_fs_make_btrfs "/dev/mapper/crypt" "crypt" \
|
||||
rwx_fs_make_btrfs "/dev/mapper/crypt" "crypt" \
|
||||
"00000000-0000-0000-0000-00000000000c"
|
||||
# crypt / mount
|
||||
mkdir --parents "/media/crypt"
|
||||
mount --options "autodefrag,compress-force=zstd" \
|
||||
"/dev/mapper/crypt" "/media/crypt"
|
||||
# crypt / swap
|
||||
sh_fs_make_btrfs_swap "/media/crypt/swap" "4g" \
|
||||
rwx_fs_make_btrfs_swap "/media/crypt/swap" "4g" \
|
||||
"00000000-0000-0000-0000-000000000005"
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue