arch/install.sh at master · BS4D/arch · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/bin/sh
set -ex

# save repository path to a variable
repo_path="$(dirname "$(realpath "$0")")"

# load the config file
. "$repo_path/config.sh"

# restore the config file back to a template
(cd "$repo_path" && su "$(stat --format '%U' .)" --command 'git restore config.sh')

# wipe the disk
wipefs --all "$DISK"

# create partitions:
# - EFI, 550MB
# - LVM, rest of the disk
fdisk "$DISK" <<EOF
g
n
1

+550M
t
1
n
2


t
2
44
w
EOF

# for nvme append 'p' before the partition number
echo "$DISK" | grep --null nvme && DISK="${DISK}p"

# format the EFI partition
mkfs.vfat "${DISK}1"

# load the dm-crypt module
modprobe dm-crypt

# encrypt the LVM partition with LUKS
cryptsetup luksFormat "${DISK}2" <<EOF
$DISK_ENCRYPTION_PASSWORD
YES
EOF

# open it
cryptsetup luksOpen "${DISK}2" lvm <<EOF
$DISK_ENCRYPTION_PASSWORD
EOF

# set up LVM with 100% of PV as root
pvcreate /dev/mapper/lvm
vgcreate arch /dev/mapper/lvm
lvcreate --extents 100%FREE arch --name root

# format the root filesystem
mkfs.ext4 /dev/arch/root

# mount it
mount /dev/arch/root /mnt

# wipe lost+found
rm --recursive --force /mnt/lost+found

# mount the EFI partition
mount --mkdir "${DISK}1" /mnt/boot

# install basic packages on the target system
pacstrap -K /mnt base linux linux-firmware lvm2 networkmanager dhcpcd doas grub efibootmgr intel-ucode man-db man-pages texinfo ansible

# generate the fstab
genfstab -U /mnt >>/mnt/etc/fstab

# copy the ansible repository to target system
cp --recursive "$ANSIBLE_REPOSITORY_PATH" /mnt/root/ansible

# run the provisioning script
arch-chroot /mnt /bin/bash <"$repo_path/setup.sh"