update
This commit is contained in:
parent
d6042bc2e1
commit
44a88c9584
GPG key ID:
901B2ADDF27C2263
6 changed files with 228 additions and 167 deletions
|
|
@ -1,12 +1,21 @@
|
|||
# Drive Selection for Install
|
||||
[drive]
|
||||
boot = "/dev/null"
|
||||
root = "/dev/null"
|
||||
|
||||
[general]
|
||||
# Use LUKS encryption on root drive
|
||||
encryption = true
|
||||
# Preset
|
||||
mode = "Desktop"
|
||||
# System Locale
|
||||
locale = "de_DE.UTF-8"
|
||||
# Additional packages
|
||||
pkg = [
|
||||
"nano",
|
||||
"micro"
|
||||
]
|
||||
# Enable virtualization
|
||||
virtualization = true
|
||||
# Enable docker
|
||||
docker = true
|
||||
|
|
|
|||
|
|
@ -23,10 +23,14 @@ pub struct GeneralConfig {
|
|||
pub encryption: bool,
|
||||
/// Presets
|
||||
pub mode: InstallMode,
|
||||
// System locale
|
||||
/// System locale
|
||||
pub locale: String,
|
||||
// Packages to install
|
||||
/// Packages to install
|
||||
pub pkg: Vec<String>,
|
||||
/// Enable libvirt
|
||||
pub virtualization: bool,
|
||||
/// Enable docker
|
||||
pub docker: bool,
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
|
|
|
|||
40
src/create_iso.rs
Normal file
40
src/create_iso.rs
Normal file
|
|
@ -0,0 +1,40 @@
|
|||
use crate::{install::str_vec, is_root, run_command};
|
||||
|
||||
// TODO : Make GUI in install medium optional with arg `--with-gui`
|
||||
pub fn create_iso() {
|
||||
if !is_root() {
|
||||
eprintln!("Error: You need root to create an ISO");
|
||||
std::process::exit(1);
|
||||
}
|
||||
|
||||
if !std::fs::exists("./iso").unwrap() {
|
||||
let cmd = str_vec(vec!["git", "clone", "https://git.hydrar.de/navos/iso"]);
|
||||
run_command(&cmd, None, false);
|
||||
}
|
||||
|
||||
std::fs::create_dir_all("./work").unwrap();
|
||||
|
||||
let mount_cmd = str_vec(vec![
|
||||
"mount", "-t", "tmpfs", "-o", "size=10G", "tmpfs", "./work",
|
||||
]);
|
||||
|
||||
run_command(&mount_cmd, None, false);
|
||||
|
||||
let mkarchiso_cmd = vec![
|
||||
"mkarchiso".to_string(),
|
||||
"-v".to_string(),
|
||||
"-w".to_string(),
|
||||
"./work".to_string(),
|
||||
"-o".to_string(),
|
||||
"./".to_string(),
|
||||
"./iso".to_string(),
|
||||
];
|
||||
|
||||
run_command(&mkarchiso_cmd, None, true);
|
||||
|
||||
let umount_cmd = str_vec(vec!["umount", "-r", "./work"]);
|
||||
|
||||
run_command(&umount_cmd, None, false);
|
||||
|
||||
std::fs::remove_dir_all("./work").unwrap();
|
||||
}
|
||||
164
src/install.rs
Normal file
164
src/install.rs
Normal file
|
|
@ -0,0 +1,164 @@
|
|||
// TODO : Setup users
|
||||
// TODO : Setup ssh (config + authorized_keys)
|
||||
// TODO : Setup virtualization
|
||||
// TODO : Setup docker
|
||||
|
||||
// DRIVE SELECTION
|
||||
|
||||
use crate::{
|
||||
config::{DriveConfig, GeneralConfig, InstallConfig},
|
||||
pkg, run_command,
|
||||
};
|
||||
|
||||
pub fn str_vec(v: Vec<&str>) -> Vec<String> {
|
||||
v.into_iter().map(|x| x.to_string()).collect()
|
||||
}
|
||||
|
||||
pub fn format_drives(conf: &DriveConfig) {
|
||||
// EFI (BOOT)
|
||||
run_command(
|
||||
&str_vec(vec!["mkfs.vfat", "-F", "32", conf.boot.as_str()]),
|
||||
None,
|
||||
false,
|
||||
);
|
||||
|
||||
// ROOT
|
||||
run_command(
|
||||
&str_vec(vec!["cryptsetup", "luksFormat", conf.root.as_str()]),
|
||||
None,
|
||||
true,
|
||||
);
|
||||
}
|
||||
|
||||
// MOUNT
|
||||
|
||||
pub fn mount_drives(conf: &DriveConfig) {
|
||||
run_command(
|
||||
&str_vec(vec!["cryptsetup", "open", conf.root.as_str(), "root"]),
|
||||
None,
|
||||
true,
|
||||
);
|
||||
|
||||
run_command(
|
||||
&str_vec(vec!["mount", "/dev/mapper/root", "/mnt"]),
|
||||
None,
|
||||
false,
|
||||
);
|
||||
|
||||
// TODO : Secure mount options
|
||||
run_command(
|
||||
&str_vec(vec!["mount", "--mkdir", conf.boot.as_str(), "/mnt/boot"]),
|
||||
None,
|
||||
false,
|
||||
);
|
||||
}
|
||||
|
||||
// PACSTRAP
|
||||
|
||||
pub fn pacstrap(conf: &GeneralConfig) {
|
||||
// TODO : Modes install + pkgs
|
||||
|
||||
let mut cmd: Vec<String> = vec!["pacstrap".into(), "-K".into(), "/mnt".into(), "base".into()];
|
||||
|
||||
cmd.extend(conf.pkg.clone());
|
||||
|
||||
run_command(&cmd, None, true);
|
||||
}
|
||||
|
||||
// GENFSTAB
|
||||
|
||||
pub fn genfstab() {
|
||||
let (stdout, _) = run_command(&str_vec(vec!["genfstab", "-U", "/mnt"]), None, false);
|
||||
std::fs::write("/mnt/etc/fstab", stdout).unwrap();
|
||||
}
|
||||
|
||||
pub fn first_boot_values(conf: &GeneralConfig) {
|
||||
// CHROOT
|
||||
|
||||
// SYSTEMD-FIRSTBOOT
|
||||
|
||||
// LOCALE
|
||||
// TODO : Logic for uncommenting a value
|
||||
std::fs::write("/etc/locale.gen", &conf.locale).unwrap();
|
||||
run_command(&str_vec(vec!["locale-gen"]), None, false);
|
||||
}
|
||||
|
||||
pub fn setup_zram() {
|
||||
// arch-chroot /mnt pacman -S zram-generator
|
||||
std::fs::write(
|
||||
"/mnt/etc/systemd/zram-generator.conf",
|
||||
include_str!("root/zram-generator.conf"),
|
||||
)
|
||||
.unwrap();
|
||||
// arch-chroot /mnt systemctl enable --now systemd-zram-setup@zram0.service
|
||||
}
|
||||
|
||||
// MKINITCPIO + UKI
|
||||
|
||||
pub fn setup_mkinitcpio() {
|
||||
std::fs::write(
|
||||
"/mnt/etc/mkinitcpio.d/linux.preset",
|
||||
include_str!("root/mkinitcpio/linux.preset"),
|
||||
)
|
||||
.unwrap();
|
||||
run_command(&str_vec(vec!["mkinitcpio", "--allpresets"]), None, true);
|
||||
}
|
||||
|
||||
// SECURE BOOT
|
||||
|
||||
pub fn setup_secure_boot() {
|
||||
// TODO : Assert sb setup mode
|
||||
|
||||
run_command(&vec!["sbctl".into(), "create-keys".into()], None, false);
|
||||
|
||||
// TODO : Sign + Enroll
|
||||
}
|
||||
|
||||
// MODS
|
||||
|
||||
/// Post Installer
|
||||
|
||||
// TPM Unlock
|
||||
|
||||
pub fn install_pkgs(pkg: &[&str]) {
|
||||
// TODO : implement
|
||||
}
|
||||
|
||||
pub fn install(conf: InstallConfig) {
|
||||
// Drive Setup
|
||||
format_drives(&conf.drive);
|
||||
mount_drives(&conf.drive);
|
||||
|
||||
// Base Install
|
||||
pacstrap(&conf.general);
|
||||
genfstab();
|
||||
|
||||
// System Setup
|
||||
first_boot_values(&conf.general);
|
||||
// TODO : install bootloader
|
||||
|
||||
match conf.general.mode {
|
||||
crate::config::InstallMode::Base => {}
|
||||
crate::config::InstallMode::Desktop => {
|
||||
install_pkgs(&pkg::DESKTOP_PKG);
|
||||
}
|
||||
crate::config::InstallMode::Server => {
|
||||
install_pkgs(&pkg::SERVER_PKG);
|
||||
}
|
||||
crate::config::InstallMode::Kiosk => {
|
||||
// TODO
|
||||
}
|
||||
}
|
||||
|
||||
if conf.general.virtualization {
|
||||
// TODO : Enable virtualization
|
||||
}
|
||||
|
||||
if conf.general.docker {
|
||||
// TODO : Enable docker
|
||||
}
|
||||
|
||||
setup_zram();
|
||||
setup_secure_boot();
|
||||
setup_mkinitcpio();
|
||||
}
|
||||
171
src/main.rs
171
src/main.rs
|
|
@ -1,140 +1,20 @@
|
|||
use std::io::Write;
|
||||
|
||||
use config::{DriveConfig, GeneralConfig, InstallConfig};
|
||||
use config::InstallConfig;
|
||||
use nix::unistd::{Uid, getuid};
|
||||
|
||||
mod args;
|
||||
mod config;
|
||||
mod create_iso;
|
||||
mod install;
|
||||
mod pkg;
|
||||
use create_iso::create_iso;
|
||||
use install::install;
|
||||
|
||||
fn is_root() -> bool {
|
||||
getuid() == Uid::from_raw(0)
|
||||
}
|
||||
|
||||
// TODO : Setup users
|
||||
// TODO : Setup ssh (config + authorized_keys)
|
||||
|
||||
// DRIVE SELECTION
|
||||
|
||||
pub fn str_vec(v: Vec<&str>) -> Vec<String> {
|
||||
v.into_iter().map(|x| x.to_string()).collect()
|
||||
}
|
||||
|
||||
pub fn format_drives(conf: &DriveConfig) {
|
||||
// EFI (BOOT)
|
||||
run_command(
|
||||
&str_vec(vec!["mkfs.vfat", "-F", "32", conf.boot.as_str()]),
|
||||
None,
|
||||
false,
|
||||
);
|
||||
|
||||
// ROOT
|
||||
run_command(
|
||||
&str_vec(vec!["cryptsetup", "luksFormat", conf.root.as_str()]),
|
||||
None,
|
||||
true,
|
||||
);
|
||||
}
|
||||
|
||||
// MOUNT
|
||||
|
||||
pub fn mount_drives(conf: &DriveConfig) {
|
||||
run_command(
|
||||
&str_vec(vec!["cryptsetup", "open", conf.root.as_str(), "root"]),
|
||||
None,
|
||||
true,
|
||||
);
|
||||
|
||||
run_command(
|
||||
&str_vec(vec!["mount", "/dev/mapper/root", "/mnt"]),
|
||||
None,
|
||||
false,
|
||||
);
|
||||
|
||||
// TODO : Secure mount options
|
||||
run_command(
|
||||
&str_vec(vec!["mount", "--mkdir", conf.boot.as_str(), "/mnt/boot"]),
|
||||
None,
|
||||
false,
|
||||
);
|
||||
}
|
||||
|
||||
// PACSTRAP
|
||||
|
||||
pub fn pacstrap(conf: &GeneralConfig) {
|
||||
// TODO : Modes install + pkgs
|
||||
|
||||
let mut cmd: Vec<String> = vec!["pacstrap".into(), "-K".into(), "/mnt".into(), "base".into()];
|
||||
|
||||
cmd.extend(conf.pkg.clone());
|
||||
|
||||
run_command(&cmd, None, true);
|
||||
}
|
||||
|
||||
// GENFSTAB
|
||||
|
||||
pub fn genfstab() {
|
||||
let (stdout, _) = run_command(&str_vec(vec!["genfstab", "-U", "/mnt"]), None, false);
|
||||
std::fs::write("/mnt/etc/fstab", stdout).unwrap();
|
||||
}
|
||||
|
||||
pub fn first_boot_values(conf: &GeneralConfig) {
|
||||
// CHROOT
|
||||
|
||||
// SYSTEMD-FIRSTBOOT
|
||||
|
||||
// LOCALE
|
||||
// TODO : Logic for uncommenting a value
|
||||
std::fs::write("/etc/locale.gen", &conf.locale).unwrap();
|
||||
run_command(&str_vec(vec!["locale-gen"]), None, false);
|
||||
}
|
||||
|
||||
pub fn setup_zram() {
|
||||
// arch-chroot /mnt pacman -S zram-generator
|
||||
std::fs::write(
|
||||
"/mnt/etc/systemd/zram-generator.conf",
|
||||
include_str!("root/zram-generator.conf"),
|
||||
)
|
||||
.unwrap();
|
||||
// arch-chroot /mnt systemctl enable --now systemd-zram-setup@zram0.service
|
||||
}
|
||||
|
||||
// MKINITCPIO + UKI
|
||||
|
||||
pub fn setup_mkinitcpio() {
|
||||
std::fs::write(
|
||||
"/mnt/etc/mkinitcpio.d/linux.preset",
|
||||
include_str!("root/mkinitcpio/linux.preset"),
|
||||
)
|
||||
.unwrap();
|
||||
run_command(&str_vec(vec!["mkinitcpio", "--allpresets"]), None, true);
|
||||
}
|
||||
|
||||
// SECURE BOOT
|
||||
|
||||
pub fn setup_secure_boot() {
|
||||
// TODO : Assert sb setup mode
|
||||
|
||||
run_command(&vec!["sbctl".into(), "create-keys".into()], None, false);
|
||||
|
||||
// TODO : Sign + Enroll
|
||||
}
|
||||
|
||||
// MODS
|
||||
|
||||
/// Post Installer
|
||||
|
||||
// TPM Unlock
|
||||
|
||||
fn install(conf: InstallConfig) {
|
||||
format_drives(&conf.drive);
|
||||
mount_drives(&conf.drive);
|
||||
pacstrap(&conf.general);
|
||||
first_boot_values(&conf.general);
|
||||
// install bootloader
|
||||
setup_secure_boot();
|
||||
setup_mkinitcpio();
|
||||
}
|
||||
|
||||
fn run_command(cmd: &[String], input: Option<&str>, inherit: bool) -> (String, String) {
|
||||
println!("--> {}", cmd.join(" "));
|
||||
|
||||
|
|
@ -256,42 +136,3 @@ fn main() {
|
|||
_ => {}
|
||||
}
|
||||
}
|
||||
|
||||
pub fn create_iso() {
|
||||
// TODO : Check if root
|
||||
if !is_root() {
|
||||
eprintln!("Error: You need root to create an ISO");
|
||||
std::process::exit(1);
|
||||
}
|
||||
|
||||
if !std::fs::exists("./iso").unwrap() {
|
||||
let cmd = str_vec(vec!["git", "clone", "https://git.hydrar.de/navos/iso"]);
|
||||
run_command(&cmd, None, false);
|
||||
}
|
||||
|
||||
std::fs::create_dir_all("./work").unwrap();
|
||||
|
||||
let mount_cmd = str_vec(vec![
|
||||
"mount", "-t", "tmpfs", "-o", "size=10G", "tmpfs", "./work",
|
||||
]);
|
||||
|
||||
run_command(&mount_cmd, None, false);
|
||||
|
||||
let mkarchiso_cmd = vec![
|
||||
"mkarchiso".to_string(),
|
||||
"-v".to_string(),
|
||||
"-w".to_string(),
|
||||
"./work".to_string(),
|
||||
"-o".to_string(),
|
||||
"./".to_string(),
|
||||
"./iso".to_string(),
|
||||
];
|
||||
|
||||
run_command(&mkarchiso_cmd, None, true);
|
||||
|
||||
let umount_cmd = str_vec(vec!["umount", "-r", "./work"]);
|
||||
|
||||
run_command(&umount_cmd, None, false);
|
||||
|
||||
std::fs::remove_dir_all("./work").unwrap();
|
||||
}
|
||||
|
|
|
|||
3
src/pkg.rs
Normal file
3
src/pkg.rs
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
pub const DESKTOP_PKG: [&str; 2] = ["plasma", "sddm"];
|
||||
|
||||
pub const SERVER_PKG: [&str; 1] = ["tmux"];
|
||||
Loading…
Add table
Reference in a new issue