2023-10-07 19:42:29 +00:00
|
|
|
#!/run/current-system/profile/bin/bash
|
2023-10-07 19:38:22 +00:00
|
|
|
|
|
|
|
source ./guix-log
|
|
|
|
source ./guix-env
|
|
|
|
|
|
|
|
CRYPT_PARTITION=""
|
|
|
|
EFI_PARTITION=""
|
|
|
|
PASSWORD=""
|
|
|
|
PASSWORD_CONFIRM=""
|
|
|
|
|
|
|
|
EVENT "Setting up disk encryption with luks"
|
|
|
|
|
2023-10-07 19:51:00 +00:00
|
|
|
if [[ $DISK == "/dev/sd"* ]]; then
|
2023-10-07 19:38:22 +00:00
|
|
|
CRYPT_PARTITION="$DISK""2"
|
|
|
|
EFI_PARTITION="$DISK""1"
|
2023-10-07 19:51:00 +00:00
|
|
|
elif [[ $DISK == "/dev/nvme"* ]]; then
|
2023-10-07 19:38:22 +00:00
|
|
|
CRYPT_PARTITION="$DISK""p2"
|
|
|
|
EFI_PARTITION="$DISK""p1"
|
|
|
|
else
|
|
|
|
ERROR "Unsupported drive type, must be sata or nvme!"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
get_password() {
|
|
|
|
read -s -p "LUKS password: " PASSWORD
|
2023-10-07 19:54:03 +00:00
|
|
|
printf "\n"
|
2023-10-07 19:38:22 +00:00
|
|
|
read -s -p "Confirm password: " PASSWORD_CONFIRM
|
2023-10-07 19:54:03 +00:00
|
|
|
printf "\n"
|
2023-10-07 19:51:00 +00:00
|
|
|
if [ "$PASSWORD" == "$PASSWORD_CONFIRM" ]; then
|
2023-10-07 20:03:27 +00:00
|
|
|
return
|
2023-10-07 19:38:22 +00:00
|
|
|
else
|
|
|
|
ERROR "Passwords do not match"
|
|
|
|
get_password
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2023-10-07 20:03:27 +00:00
|
|
|
get_password
|
2023-10-07 19:38:22 +00:00
|
|
|
|
|
|
|
EVENT "Setting up luks"
|
|
|
|
|
|
|
|
cryptsetup luksFormat --type luks1 "$CRYPT_PARTITION" <<EOF
|
|
|
|
$PASSWORD
|
2023-10-07 19:51:00 +00:00
|
|
|
$PASSWORD_CONFIRM
|
2023-10-07 19:38:22 +00:00
|
|
|
EOF
|
|
|
|
|
|
|
|
EVENT "Opening cryptroot"
|
|
|
|
|
|
|
|
cryptsetup open "$CRYPT_PARTITION" cryptroot <<EOF
|
|
|
|
$PASSWORD
|
|
|
|
EOF
|
|
|
|
|
2023-10-07 20:10:00 +00:00
|
|
|
EVENT "Setting up cryptroot btrfs"
|
|
|
|
|
|
|
|
mkfs.btrfs "/dev/mapper/cryptroot"
|
|
|
|
|
2023-10-07 19:38:22 +00:00
|
|
|
EVENT "Mounting cryptroot"
|
|
|
|
|
2023-11-03 16:33:32 +00:00
|
|
|
mkdir -p /mnt
|
2023-10-07 19:38:22 +00:00
|
|
|
mount /dev/mapper/cryptroot /mnt
|
|
|
|
|
|
|
|
EVENT "Setting up EFI vfat"
|
|
|
|
|
|
|
|
mkfs.vfat "-F32" "$EFI_PARTITION"
|
|
|
|
|
2023-10-10 00:25:57 +00:00
|
|
|
EVENT "Mounting EFI"
|
|
|
|
|
2023-11-03 16:33:32 +00:00
|
|
|
mkddir -p /mnt/boot/efi
|
2023-10-10 00:25:57 +00:00
|
|
|
mount $EFI_PARTITION /mnt/boot/efi
|
|
|
|
|
2023-10-07 19:38:22 +00:00
|
|
|
EVENT "Successfully setup efi vfat and luks"
|
|
|
|
|
2023-10-07 19:51:00 +00:00
|
|
|
echo "CRYPT_PARTITION=\"$CRYPT_PARTITION\"" >> ./guix-env
|
|
|
|
echo "EFI_PARTITION=\"$EFI_PARTITION\"" >> ./guix-env
|