Creating home and var partitions at provision

diff --git a/share/hydractl/provision b/share/hydractl/provision
index 98e526f769235a1889f6583cb698d7e3a07ec2d5..0d11a735536744e1521231c104dffc3a45df882e 100755 (executable)
--- a/share/hydractl/provision
+++ b/share/hydractl/provision
@@ -20,10 +20,54 @@
 source $APP_BASE/lib/hydra/functions || exit 1
 hydra_config_load
 
+# Create a logical volume
+function hydra_lvcreate {
+  local volume="$1"
+  local size="$2"
+
+  if [ -z "$volume" ] || [ "$size" == "0" ]; then
+    return
+  fi
+
+  if ! lvdisplay $vg/$volume &> /dev/null; then
+    echo "Creating logical volume $volume..."
+    hydra_safe_run lvcreate -L$size -n $volume $vg
+  fi
+}
+
+# Create a physical volume
+function hydra_create_volume {
+  local volume="$1"
+
+  if [ -z "$volume" ] || [ ! -b "/dev/$vg/$volume" ]; then
+    return
+  fi
+
+  if [ "$encrypt" == "y" ]; then
+    echo "Creating encrypted $volume device..."
+    hydra_safe_run cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/$vg/$volume
+    hydra_safe_run cryptsetup luksOpen /dev/$vg/$volume $volume
+    hydra_safe_run mkfs.ext4 /dev/mapper/debootstrap
+
+    if [ "$volume" == "root" ]; then
+      install_device="/dev/mapper/$volume"
+    fi
+  else
+    echo "Creating $volume device..."
+    mkfs.ext4 /dev/vg/$volume
+
+    if [ "$volume" == "root" ]; then
+      install_device="/dev/vg/$volume"
+    fi
+  fi
+}
+
 # Setup.
 hydra_user_input device /dev/sdb "Destination device"
 hydra_user_input root_size 20G "Size of root partition"
 hydra_user_input swap y "Use swap? (y/n)"
+hydra_user_input home_size 0 "Size of home partition (0 to not create it)"
+hydra_user_input var_size 0 "Size of var partition (0 to not create it)"
 hydra_user_input encrypt y "Encrypt volumes? (y/n)"
 hydra_user_input garbage y "Pre-fill volumes with garbage? (y/n)"
 hydra_user_input hostname $HOSTNAME "Hostname"
@@ -84,17 +128,26 @@ if ! vgdisplay $vg &> /dev/null; then
   hydra_safe_run vgcreate $vg $syst_device
 fi
 
-if ! lvdisplay $vg/root &> /dev/null; then
-  echo "Creating logical volume..."
-  hydra_safe_run lvcreate -L$root_size -n root $vg
-fi
+hydra_lvcreate root $root_size
+hydra_lvcreate home $home_size
+hydra_lvcreate var  $var_size
 
 hydra_safe_run vgchange -a y $vg
 
 # Garbage.
 if [ "$garbage" == "y" ]; then
   echo "Filling volumes with garbage..."
+
   dd if=/dev/urandom of=/dev/$vg/root
+
+  if [ -b "/dev/$vg/home" ]; then
+    dd if=/dev/urandom of=/dev/$vg/home
+  fi
+
+  if [ -b "/dev/$vg/var" ]; then
+    dd if=/dev/urandom of=/dev/$vg/var
+  fi
+
   if [ "$swap" == "y" ]; then
     dd if=/dev/urandom of=$swap_device
   fi
@@ -105,18 +158,10 @@ mkdir -p /tmp/debootstrap
 umount /tmp/debootstrap/proc &> /dev/null
 umount /tmp/debootstrap/dev  &> /dev/null
 
-# Create root device.
-if [ "$encrypt" == "y" ]; then
-  echo "Creating encrypted root device..."
-  hydra_safe_run cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/$vg/root
-  hydra_safe_run cryptsetup luksOpen /dev/$vg/root root
-  hydra_safe_run mkfs.ext4 /dev/mapper/debootstrap
-  install_device="/dev/mapper/root"
-else
-  echo "Creating root device..."
-  mkfs.ext4 /dev/vg/root
-  install_device="/dev/vg/root"
-fi
+# Create devices
+hydra_create_volume root
+hydra_create_volume home
+hydra_create_volume var
 
 # Initial system install.
 echo "Installing base system..."
@@ -152,18 +197,28 @@ chroot /tmp/debootstrap/ apt-get install locales cryptsetup lvm2 initramfs-tools
 
 # Crypttab.
 echo "Configuring crypttab..."
-echo "" > /tmp/debootstrap/etc/crypttab
+echo "# <target name> <source device>   <key file>  <options>" > /tmp/debootstrap/etc/crypttab
 
 if [ "$encrypt" == "y" ]; then
   cat > /tmp/debootstrap/etc/crypttab <<-EOF
-# <target name> <source device>   <key file>  <options>
 root            /dev/mapper/vg-root     none            luks,cipher=aes-cbc-essiv:sha256
 EOF
 fi
 
+if [ "$home_size" != "0" ] && [ "$encrypt" == "y" ]; then
+  cat >> /tmp/debootstrap/etc/crypttab <<-EOF
+home            /dev/mapper/vg-home      none            luks,cipher=aes-cbc-essiv:sha256
+EOF
+fi
+
+if [ "$var_size" != "0" ] && [ "$encrypt" == "y" ]; then
+  cat >> /tmp/debootstrap/etc/crypttab <<-EOF
+var             /dev/mapper/vg-var       none            luks,cipher=aes-cbc-essiv:sha256
+EOF
+fi
+
 if [ "$swap" == "y" ]; then
   cat >> /tmp/debootstrap/etc/crypttab <<-EOF
-# <target name> <source device>   <key file>  <options>
 cswap           $swap_device               /dev/random     swap,cipher=aes-cbc-essiv:sha256
 EOF
 fi
@@ -171,16 +226,44 @@ fi
 # Fstab.
 echo "Configuring fstab..."
 echo "" > /tmp/debootstrap/etc/fstab
+if [ "$swap" == "y" ]; then
+  cat >> /tmp/debootstrap/etc/fstab <<-EOF
+/dev/mapper/cswap     none           swap  sw                                 0 0
+EOF
+fi
+
 if [ "$encrypt" == "y" ]; then
   cat > /tmp/debootstrap/etc/fstab <<-EOF
 /dev/mapper/root  /    ext4 defaults,errors=remount-ro 0 1
 EOF
+else
+  cat > /tmp/debootstrap/etc/fstab <<-EOF
+/dev/vg/root  /    ext4 defaults,errors=remount-ro 0 1
+EOF
 fi
 
-if [ "$swap" == "y" ]; then
+if [ "$home_size" != "0" ]; then
+  if [ "$encrypt" == "y" ]; then
+  cat >> /tmp/debootstrap/etc/fstab <<-EOF
+/dev/mapper/home      /home          ext4  defaults,errors=remount-ro         0 2
+EOF
+  else
   cat >> /tmp/debootstrap/etc/fstab <<-EOF
-/dev/mapper/cswap none swap sw 0 0
+/dev/vg/home      /home          ext4  defaults,errors=remount-ro         0 2
 EOF
+  fi
+fi
+
+if [ "$var_size" != "0" ]; then
+  if [ "$encrypt" == "y" ]; then
+  cat >> /tmp/debootstrap/etc/fstab <<-EOF
+/dev/mapper/var      /var          ext4  defaults,errors=remount-ro         0 2
+EOF
+  else
+  cat >> /tmp/debootstrap/etc/fstab <<-EOF
+/dev/vg/var      /var          ext4  defaults,errors=remount-ro         0 2
+EOF
+  fi
 fi
 
 # Grub.