README.md in getch-0.1.9 vs README.md in getch-0.3.0

- old
+ new

@@ -4,11 +4,11 @@ <br/> [![Gem Version](https://badge.fury.io/rb/getch.svg)](https://badge.fury.io/rb/getch) ![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/szorfein/getch/Rubocop/develop) [![Ruby Style Guide](https://img.shields.io/badge/code_style-rubocop-brightgreen.svg)](https://github.com/rubocop/rubocop) -![GitHub](https://img.shields.io/github/license/szorfein/ardecy) +![GitHub](https://img.shields.io/github/license/szorfein/getch) </div> A CLI tool to install Gentoo or Void Linux with default: + DNS over HTTPS (with [Quad9](https://www.quad9.net/)). @@ -20,29 +20,32 @@ Hardened System: + sysctl.conf with TCP/IP stack hardening and more [Arch](https://wiki.archlinux.org/title/Sysctl) + Kernel parameters enforced (dmesg restricted, kexec disabled, etc) + Kernel source (Gentoo) patched with [bask](https://github.com/szorfein/bask). ++ Musl optionnal ## Description -Actually, Getch support only the `x86_64` architecture and only with the following archives: -+ **Gentoo**: `stage3-amd64-systemd` [Gentoo](https://www.gentoo.org/downloads/). -+ **Void**: `rootfs glibc` [Void](https://voidlinux.org/download/). +Actually, Getch support only the `x86_64` architecture with the following archives: ++ **Gentoo**: `stage3-amd64-systemd` or `stage3-amd64-musl` [Gentoo](https://www.gentoo.org/downloads/). ++ **Void**: `rootfs tarball glibc` or `rootfs tarball musl` [Void](https://voidlinux.org/download/). Filesystem supported (with or without encryption) + Ext4 + Lvm + ZFS Boot Manager: -+ **Gentoo**: `BIOS` will use `Grub2` and `systemd-boot` for `UEFI`. -+ **Void**: use only Grub2, encryption for the root fs use luks1. ++ **Gentoo**: `BIOS` and `musl` will use `Grub2` and `systemd-boot` for `UEFI`. ++ **Void**: use only Grub2. The ISO images i was able to test and that works: + [Archlinux](https://www.archlinux.org/download/) + [Archaeidae](https://github.com/szorfein/archaeidae): Custom Archiso that includes ZFS support. +You can also use your current `linux` host, just pay attention to the disk that will be used. + ## Dependencies Getch is build without external libs, so it only require `ruby >= 2.5`. ## Install Getch is cryptographically signed, so add my public key (if you haven’t already) as a trusted certificate. @@ -69,62 +72,65 @@ # getch --zoneinfo "Europe/Paris" --language fr_FR --keymap fr Install Gentoo on LVM and use a different root disk `/dev/sdc` - # getch --format lvm --disk sdc + # getch --format ext4 --lvm --disk sdc Encrypt your disk with LVM with a french keymap - # getch --format lvm --encrypt --keymap fr + # getch --format ext4 --lvm --encrypt --keymap fr Encrypt with ext4 and create a new user `ninja`: # getch --format ext4 --encrypt --username ninja With ZFS, if used with `--encrypt`, it use the native ZFS encryption: # getch --format zfs -With `Void Linux`: +With `Void Linux` and `Musl` enable: - # getch --os void --encrypt -k fr + # getch --os void --encrypt -k fr --musl ## Troubleshooting #### Old VG for LVM If a old volume group exist, `getch` may fail to partition your disk. You have to clean up your device before proceed with `vgremove` and `pvremove`. An short example how doing this with a volume group named `vg0`: # vgdisplay | grep vg0 # vgremove -f vg0 # pvremove -f /dev/sdb -#### Encryption enable on BIOS with ext4 -To decrypt your disk on BIOS system, you have to enter your password twice. One time for Grub and another time for Genkernel. [post](https://wiki.archlinux.org/index.php/GRUB#Encrypted_/boot). -Also with GRUB, only a `us` keymap is working. +#### Encryption with GRUB +To decrypt your disk on GRUB, only the `us` keymap is working for now. -#### ZFS for Void Linux - Enable the boot pool -You have some extras step to do after booting to enable the boot pool, you need this pool when you update your system. It's used mainly by Grub and Dracut. -By default, your /boot is empty because your boot pool is not imported... +#### ZFS with Grub +By default, if you use ZFS with `musl` or `voidlinux` the `/boot` partition is not mounted automatically, so before an update, mout the partition. - # zpool import -f -d /dev/disk/by-id -N bpool-150ed - # zfs mount bpool-150ed/BOOT/void + # zpool status + # zfs mount bpool/BOOT/void # ls /boot -You should see something in the boot (initramfs, vmlinuz).. Recreate the initramfs. +#### ZFS with and without encryption +First time on ZFS after 5min - # xbps-reconfigure -fa +```txt +dracut Warning: /dev/disk/by-uuid/<DISK> does not exist +``` -Make the `bpool` available at the boot: +Dracut try to mount inexistent device. Just wait for enter in the shell and remove the disk uuid from `/lib/dracut/hooks/initqueue/finished/` - # zfs set canmount=on bpool-150ed/BOOT/void - -And reboot, the `/boot` partition should be mounted automatically after that. - -#### ZFS Encrypted with Void -Well, another weird issue, the first time you boot on your encrypted pool, nothing append. Dracut try to mount inexistent device. Just wait for enter in the shell: - # ls /lib/dracut/hooks/initqueue/finished/* # rm /lib/dracut/hooks/initqueue/finished/dev* # exit -Dracut should finally start `mount-zfs.sh` and ask for your password. After you first login, follow instructions above for recompile the initramfs and mount the boot pool and your good. +Dracut should finally start `mount-zfs.sh` and ask for a password if encrypted. After you first login, mount the `/boot` partition and recompile the initramfs and your good. + ++ For Gentoo: `emerge --config sys-kernel/gentoo-kernel-bin` ++ For Voidlinux: `xbps-reconfigure -fa` + +If it doesn't work, try to start script manually (always in the shell): + + # . /lib/dracut/hooks/mount/98-mount-zsh.sh + # . /lib/dracut/hooks/mount/99-mount-root.sh + # exit