This repository has been archived by the owner on Apr 26, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
zfs.sh
139 lines (108 loc) · 3.85 KB
/
zfs.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
#!/bin/sh
set -eu
# This function unmounts all filesystems, preparatory for rebooting.
function umount_all() {
umount /mnt/boot
zfs umount -a
zpool export zroot
}
function clean() {
umount_all || true
zpool destroy zroot || true
}
function checkdeps() {
# Ensure we have the zfs module
modprobe zfs
}
# This should format and mount the root partition(s)
function format_root() {
# Create a pool made up of the drive
zpool create -f zroot -m none $1
# Create the root (/), with default attributes (|| true because it will fail to
# mount)
# TODO: Figure out a better way to recover from the mount failure. Catching any
# error is not a good idea.
zfs create \
-o atime=off \
-o compression=on \
-o mountpoint=/ \
-o encryption=on \
-o keyformat=passphrase \
zroot/ROOT || true
# Create datasets for all the other partitions we want to isolate, setting
# their mountpoint (|| true because it will fail to mount)
# TODO: Figure out a better way to recover from the mount failure. Catching any
# error is not a good idea.
for path in /home /var /var/log /var/log/journal /etc /data /data /docker; do
zfs create -o mountpoint=$path zroot/ROOT$path || true
done
# Unmount everything for now
zfs unmount -a
# Set up posix ACL for the journal
zfs set acltype=posixacl zroot/ROOT/var/log/journal
zfs set xattr=sa zroot/ROOT/var/log/journal
zpool set bootfs=zroot/ROOT zroot
zpool export zroot
# Import the pool by id, to ensure we get consistent mounting
zpool import -l -d /dev/disk/by-id -R /mnt zroot
# Set the cachefile for the pool, and then copy it over to the chroot fs
zpool set cachefile=/etc/zfs/zpool.cache zroot
mkdir -p /mnt/etc/zfs
cp /etc/zfs/zpool.cache /mnt/etc/zfs/zpool.cache
}
function make_fstab() {
# Generate an fstab and put it in the chroot environment. We only want the boot
# partition in it; the rest gets handled by ZFS
genfstab -t PARTUUID /mnt | grep -A 1 $1 > /mnt/etc/fstab
}
# Set up the hooks correctly for allowing us to unlock the encrypted partitions.
# Doing this here _should_ mean that when we install the zfs- modules below, the
# kernels' ramdisks etc. should pick it up.
function hooks() {
echo base udev keyboard keymap autodetect modconf block encrypt zfs filesystems
}
# Add packages before installing the bootloader and restarting.
function add_packages() {
# Install zfs modules
cat <<EOF >>/mnt/etc/pacman.conf
[archzfs]
Server = https://archzfs.com/\$repo/x86_64
EOF
arch-chroot /mnt pacman-key --recv-keys F75D9D76 --keyserver keyserver.ubuntu.com
arch-chroot /mnt pacman-key --lsign-key F75D9D76
arch-chroot /mnt pacman -Sy --needed --noconfirm zfs-linux zfs-linux-lts
}
# Set default boot options, which are pretty straightforward. This will attempt
# to mount the root fs from the zroot pool, and will prompt for encryption
# passwords as though you'd invoked 'zpool import -l zroot'.
function additional_boot_options() {
echo zfs=zroot rw
}
function first_boot_script() {
cat <<EOF
#!/bin/bash
set -euo pipefail
echo "
!! WE WILL NOW PERFORM FIRST-BOOT CONFIGURATION OF THE ZFS SYSTEM !!
DO NOT SKIP THIS OR YOUR SYSTEM WILL FAIL TO BOOT AGAIN
If you don't have an internet connection, sort that out and then
run './first-boot.sh'. Afterwards, remove the final line from
.bashrc so this doesn't run again.
"
# Check for internet
ping -c 1 github.com > /dev/null
sudo zpool set cachefile=/etc/zfs/zpool.cache zroot
sudo systemctl enable zfs.target
sudo systemctl enable zfs-import-cache
sudo systemctl enable zfs-mount
sudo systemctl enable zfs-import.target
sudo zgenhostid \$(hostid)
sudo mkinitcpio -p linux
sudo mkinitcpio -p linux-lts
echo "
First run configuration has been completed. It's suggested that you restart
before proceeding to do anything else. You can find the script that was used to
install the system in \$(pwd).
"
EOF
}