61 lines
1.7 KiB
Bash
Executable File
61 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# This script is called by dtrfs_api to install an OS.
|
|
|
|
[[ -z "$INSTALL_URL" ]] || {
|
|
echo "Did not find INSTALL_URL env variable".
|
|
exit 1
|
|
}
|
|
|
|
[[ -z "$INSTALL_URL" ]] || {
|
|
echo "Did not find INSTALL_SHA env variable".
|
|
exit 2
|
|
}
|
|
|
|
[[ -f "$ROOT_KEYFILE" ]] || {
|
|
echo "Did not find keyfile at the following location: $ROOT_KEYFILE"
|
|
exit 3
|
|
}
|
|
|
|
# mount root if it exists
|
|
blkid | grep vda1 | grep LUKS && {
|
|
echo "/dev/vda1 already has a LUKS partition"
|
|
exit 4
|
|
}
|
|
|
|
echo === Creating partition /dev/vda1
|
|
(
|
|
echo n
|
|
echo p
|
|
echo
|
|
echo
|
|
echo
|
|
echo w
|
|
) | fdisk /dev/vda
|
|
echo "=== Formatting /dev/vda1 using cryptsetup luksFormat and opening as root"
|
|
cryptsetup luksFormat --batch-mode -d $root_keyfile /dev/vda1
|
|
[[ -f "$SNP_KEY_FILE" ]] && {
|
|
echo "Adding LUKS slot via SNP KDF key found at $SNP_KEY_FILE"
|
|
cryptsetup luksAddKey \
|
|
--key-file $ROOT_KEYFILE \
|
|
--new-keyfile $SNP_KEY_FILE /dev/vda1
|
|
}
|
|
cryptsetup open -d $ROOT_KEYFILE /dev/vda1 root
|
|
echo "=== Formatting /dev/mapper/root as ext4 and mounting at /mnt"
|
|
mkfs.ext4 /dev/mapper/root
|
|
mount /dev/mapper/root /mnt
|
|
echo "=== Downloading OS template from $INSTALL_URL and verifying hash"
|
|
wget -O /mnt/template.fsa "$INSTALL_URL" || {
|
|
echo "Failed to download $INSTALL_URL"
|
|
exit 5
|
|
}
|
|
sha256sum /mnt/template.fsa | grep $(cat ${INSTALL_SHA}) || exit 1
|
|
echo "=== Installing OS template"
|
|
fsarchiver restdir /mnt/template.fsa /
|
|
rm /mnt/template.fsa
|
|
# TODO: decide for UX if maybe we should allow user to inject fstab
|
|
echo "" > /mnt/etc/fstab
|
|
hostname=$(cat /proc/cmdline | grep -oE 'detee_name=[0-9a-z\_\.\-]+' | cut -d '=' -f2)
|
|
echo "=== Setting up guest hostname as $hostname"
|
|
[[ -n "$hostname" ]] && echo $hostname > /mnt/etc/hostname
|