bootstrap/archstrap.sh

209 lines
5.1 KiB
Bash
Raw Normal View History

#! /bin/bash
#
# archstrap
# Build an Arch system in /mnt
# Copyright (C) 2020 Vintage Salt <rehashedsalt@cock.li>
#
# Distributed under terms of the MIT license.
#
set -e
# Read-only set-once variables
declare -r _name="$(basename -- "$0")"
# Options
declare -i _optchroot
declare -i _opthelp
declare -i _optverbose
declare _optdest="/mnt"
# Working variables
declare -a _args
declare _return
# Helper functions
log() {
# Print a line to the terminal if _optverbose is greater than $2
# $2 defaults to 0
# loglevel 0: Daily-use messages
# loglevel 1: Detailed but not quite debugging
# loglevel 2: Definitely debugging
[ -z "$1" ] && return 1
if (( _optverbose >= ${2:-0} )); then
printf "%s\\n" "$1"
fi
}
warn() {
# Print a yellow line to the terminal, respecting _optverbose
[ -z "$1" ] && return 1
if (( _optverbose >= ${2:-0} )); then
if [ -t 1 ]; then
printf "\\e[33m%s\\e[0m\\n" "$1"
else
printf "WARN: %s\\n" "$1"
fi
fi
}
error() {
# Print a red line to the terminal, exit if $2 is specified
[ -z "$1" ] && return 1
if [ -t 2 ]; then
printf "\\e[31m%s\\e[0m\\n" "$1" 1>&2
else
printf "ERROR: %s\\n" "$1" 1>&2
fi
[ -z "$2" ] && return
exit "${2:-1}"
}
has() {
# Parse out all arguments and try to find them in path
# If an argument cannot be found, set _return and fail
for prog in "$@"; do
if ! command -v "$prog" > /dev/null 2>&1; then
_return="$prog"
return 1
fi
done
return 0
}
# Helper functions
cleanup() {
[ -z "$1" ] && warn "No argument passed to cleanup"
rm -rf "$1" || warn "failed to remove $1: $?"
}
# Core program functions
printhelp() {
cat << EOF
Usage: $_name [OPTION]...
-c [FILE] Load the given file in place of the usual config file
-h Print this help text
-v Print more status messages. Stacks
Copyright (c) 2020 rehashedsalt@cock.li
Licensed under the MIT license
EOF
}
arch-build() {
# Download and unpack our minimal Arch image. Or pacstrap it or whatever
log "Bootstrapping an Arch installation"
script="https://raw.githubusercontent.com/tokland/arch-bootstrap/master/arch-bootstrap.sh"
bootstrap="$(mktemp)"
for file in "$bootstrap"; do
touch "$file"
chmod 0700 "$file"
trap EXIT cleanup "$file"
done
"$bootstrap" "$_optdest"
}
arch-chroot() {
# Jump to our new Arch chroot
log "Pivoting to chroot"
cp "$0" "$_optdest/archstrap.sh"
if ! grep -qs "$_optdest/proc " /proc/mounts; then
log "Mounting proc"
mount --types proc /proc "$_optdest/proc"
fi
for dir in sys dev; do
log "Mounting $dir"
if ! grep -qs "$_optdest/$dir " /proc/mounts; then
mount --rbind /$dir "$_optdest/$dir"
mount --make-rslave /$dir "$_optdest/$dir"
fi
done
chroot "$_optdest" /archstrap.sh -c
}
arch-chroot-configure() {
# Configure the Arch system from within the chroot
# Required packages
pacman -S linux linux-firmware grub
# Secondary packages
pacman -S sudo
cat <<-EOF >> "/etc/sudoers"
%wheel ALL=(ALL) ALL
ansible ALL=(ALL) NOPASSWD:ALL
EOF
# Configure my user
if ! id salt > /dev/null 2>&1; then
useradd salt -m -G wheel -s /bin/bash -u 1000 -U
passwd salt
fi
for group in wheel; do
usermod -G "$group" -a salt || warn "Failed to add salt to group: $group"
done
# Configure Ansible user
if ! id ansible > /dev/null 2>&1; then
useradd ansible -m -s /bin/bash -u 1001 -U
fi
sudo -u ansible -i mkdir .ssh
sudo -u ansible -i chmod 0700 .ssh
sudo -u ansible -i echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible" > ~ansible/.ssh/authorized_keys
sudo -u ansible -i chmod 0600 .ssh/authorized_keys
cat <<-EOF
Initial system configuration is comiplete. Just a few tasks remain:
* Mount the ESP under /boot/efi
* Verify fstab
* Install GRUB
Dumping to a shell now. Have fun!
EOF
exec bash
}
# Main
main() {
# Parse out arguments
while [ -n "$1" ]; do
# Parse out flags
while getopts ":chv" opt; do
case $opt in
c)
_optchroot=1
;;
h)
_opthelp=1
;;
v)
_optverbose+=1
;;
:)
error "Option requires argument: -$OPTARG" 2
;;
*)
error "Invalid option: -$OPTARG" 2
;;
esac
done
# Store arguments
shift $((OPTIND - 1))
if [ -n "$1" ]; then
_args+=("$1")
shift
fi
unset OPTIND
done
# Early hook for help
[ -n "$_opthelp" ] && printhelp && exit 0
# Validate critical options
# TODO: That
# Validate core program dependencies
log "Validating dependencies" 2
if ! has basename curl zstd; then
error "Failed to find program: $_return" 1
fi
# Do the do
if [ -n "$_optchroot" ]; then
# We're doing in-chroot configuration
arch-chroot-configure
else
arch-build
arch-chroot
fi
exit 0
}
main "$@"