209 lines
5.1 KiB
Bash
209 lines
5.1 KiB
Bash
|
#! /bin/bash
|
||
|
#
|
||
|
# archstrap
|
||
|
# Build an Arch system in /mnt
|
||
|
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
|
||
|
#
|
||
|
# Distributed under terms of the MIT license.
|
||
|
#
|
||
|
set -e
|
||
|
|
||
|
# Read-only set-once variables
|
||
|
declare -r _name="$(basename -- "$0")"
|
||
|
# Options
|
||
|
declare -i _optchroot
|
||
|
declare -i _opthelp
|
||
|
declare -i _optverbose
|
||
|
declare _optdest="/mnt"
|
||
|
# Working variables
|
||
|
declare -a _args
|
||
|
declare _return
|
||
|
|
||
|
# Helper functions
|
||
|
log() {
|
||
|
# Print a line to the terminal if _optverbose is greater than $2
|
||
|
# $2 defaults to 0
|
||
|
# loglevel 0: Daily-use messages
|
||
|
# loglevel 1: Detailed but not quite debugging
|
||
|
# loglevel 2: Definitely debugging
|
||
|
[ -z "$1" ] && return 1
|
||
|
if (( _optverbose >= ${2:-0} )); then
|
||
|
printf "%s\\n" "$1"
|
||
|
fi
|
||
|
}
|
||
|
warn() {
|
||
|
# Print a yellow line to the terminal, respecting _optverbose
|
||
|
[ -z "$1" ] && return 1
|
||
|
if (( _optverbose >= ${2:-0} )); then
|
||
|
if [ -t 1 ]; then
|
||
|
printf "\\e[33m%s\\e[0m\\n" "$1"
|
||
|
else
|
||
|
printf "WARN: %s\\n" "$1"
|
||
|
fi
|
||
|
fi
|
||
|
}
|
||
|
error() {
|
||
|
# Print a red line to the terminal, exit if $2 is specified
|
||
|
[ -z "$1" ] && return 1
|
||
|
if [ -t 2 ]; then
|
||
|
printf "\\e[31m%s\\e[0m\\n" "$1" 1>&2
|
||
|
else
|
||
|
printf "ERROR: %s\\n" "$1" 1>&2
|
||
|
fi
|
||
|
[ -z "$2" ] && return
|
||
|
exit "${2:-1}"
|
||
|
}
|
||
|
has() {
|
||
|
# Parse out all arguments and try to find them in path
|
||
|
# If an argument cannot be found, set _return and fail
|
||
|
for prog in "$@"; do
|
||
|
if ! command -v "$prog" > /dev/null 2>&1; then
|
||
|
_return="$prog"
|
||
|
return 1
|
||
|
fi
|
||
|
done
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
# Helper functions
|
||
|
cleanup() {
|
||
|
[ -z "$1" ] && warn "No argument passed to cleanup"
|
||
|
rm -rf "$1" || warn "failed to remove $1: $?"
|
||
|
}
|
||
|
|
||
|
# Core program functions
|
||
|
printhelp() {
|
||
|
cat << EOF
|
||
|
Usage: $_name [OPTION]...
|
||
|
|
||
|
-c [FILE] Load the given file in place of the usual config file
|
||
|
-h Print this help text
|
||
|
-v Print more status messages. Stacks
|
||
|
|
||
|
Copyright (c) 2020 rehashedsalt@cock.li
|
||
|
Licensed under the MIT license
|
||
|
EOF
|
||
|
}
|
||
|
arch-build() {
|
||
|
# Download and unpack our minimal Arch image. Or pacstrap it or whatever
|
||
|
log "Bootstrapping an Arch installation"
|
||
|
script="https://raw.githubusercontent.com/tokland/arch-bootstrap/master/arch-bootstrap.sh"
|
||
|
bootstrap="$(mktemp)"
|
||
|
for file in "$bootstrap"; do
|
||
|
touch "$file"
|
||
|
chmod 0700 "$file"
|
||
|
trap EXIT cleanup "$file"
|
||
|
done
|
||
|
"$bootstrap" "$_optdest"
|
||
|
}
|
||
|
arch-chroot() {
|
||
|
# Jump to our new Arch chroot
|
||
|
log "Pivoting to chroot"
|
||
|
cp "$0" "$_optdest/archstrap.sh"
|
||
|
if ! grep -qs "$_optdest/proc " /proc/mounts; then
|
||
|
log "Mounting proc"
|
||
|
mount --types proc /proc "$_optdest/proc"
|
||
|
fi
|
||
|
for dir in sys dev; do
|
||
|
log "Mounting $dir"
|
||
|
if ! grep -qs "$_optdest/$dir " /proc/mounts; then
|
||
|
mount --rbind /$dir "$_optdest/$dir"
|
||
|
mount --make-rslave /$dir "$_optdest/$dir"
|
||
|
fi
|
||
|
done
|
||
|
chroot "$_optdest" /archstrap.sh -c
|
||
|
}
|
||
|
arch-chroot-configure() {
|
||
|
# Configure the Arch system from within the chroot
|
||
|
# Required packages
|
||
|
pacman -S linux linux-firmware grub
|
||
|
# Secondary packages
|
||
|
pacman -S sudo
|
||
|
cat <<-EOF >> "/etc/sudoers"
|
||
|
%wheel ALL=(ALL) ALL
|
||
|
ansible ALL=(ALL) NOPASSWD:ALL
|
||
|
EOF
|
||
|
# Configure my user
|
||
|
if ! id salt > /dev/null 2>&1; then
|
||
|
useradd salt -m -G wheel -s /bin/bash -u 1000 -U
|
||
|
passwd salt
|
||
|
fi
|
||
|
for group in wheel; do
|
||
|
usermod -G "$group" -a salt || warn "Failed to add salt to group: $group"
|
||
|
done
|
||
|
# Configure Ansible user
|
||
|
if ! id ansible > /dev/null 2>&1; then
|
||
|
useradd ansible -m -s /bin/bash -u 1001 -U
|
||
|
fi
|
||
|
sudo -u ansible -i mkdir .ssh
|
||
|
sudo -u ansible -i chmod 0700 .ssh
|
||
|
sudo -u ansible -i echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible" > ~ansible/.ssh/authorized_keys
|
||
|
sudo -u ansible -i chmod 0600 .ssh/authorized_keys
|
||
|
|
||
|
cat <<-EOF
|
||
|
Initial system configuration is comiplete. Just a few tasks remain:
|
||
|
* Mount the ESP under /boot/efi
|
||
|
* Verify fstab
|
||
|
* Install GRUB
|
||
|
|
||
|
Dumping to a shell now. Have fun!
|
||
|
EOF
|
||
|
exec bash
|
||
|
}
|
||
|
|
||
|
# Main
|
||
|
main() {
|
||
|
# Parse out arguments
|
||
|
while [ -n "$1" ]; do
|
||
|
# Parse out flags
|
||
|
while getopts ":chv" opt; do
|
||
|
case $opt in
|
||
|
c)
|
||
|
_optchroot=1
|
||
|
;;
|
||
|
h)
|
||
|
_opthelp=1
|
||
|
;;
|
||
|
v)
|
||
|
_optverbose+=1
|
||
|
;;
|
||
|
:)
|
||
|
error "Option requires argument: -$OPTARG" 2
|
||
|
;;
|
||
|
*)
|
||
|
error "Invalid option: -$OPTARG" 2
|
||
|
;;
|
||
|
esac
|
||
|
done
|
||
|
# Store arguments
|
||
|
shift $((OPTIND - 1))
|
||
|
if [ -n "$1" ]; then
|
||
|
_args+=("$1")
|
||
|
shift
|
||
|
fi
|
||
|
unset OPTIND
|
||
|
done
|
||
|
# Early hook for help
|
||
|
[ -n "$_opthelp" ] && printhelp && exit 0
|
||
|
# Validate critical options
|
||
|
# TODO: That
|
||
|
# Validate core program dependencies
|
||
|
log "Validating dependencies" 2
|
||
|
if ! has basename curl zstd; then
|
||
|
error "Failed to find program: $_return" 1
|
||
|
fi
|
||
|
|
||
|
# Do the do
|
||
|
if [ -n "$_optchroot" ]; then
|
||
|
# We're doing in-chroot configuration
|
||
|
arch-chroot-configure
|
||
|
else
|
||
|
arch-build
|
||
|
arch-chroot
|
||
|
fi
|
||
|
exit 0
|
||
|
}
|
||
|
|
||
|
main "$@"
|
||
|
|