Skip to content

Instantly share code, notes, and snippets.

@hoto
Last active August 1, 2017 20:27
Show Gist options
  • Save hoto/4c48aefbc3e1d7600f43200ff0eed530 to your computer and use it in GitHub Desktop.
Save hoto/4c48aefbc3e1d7600f43200ff0eed530 to your computer and use it in GitHub Desktop.
# cgdisk is graphical
sudo cgdisk /dev/sda
sgdisk -o /dev/sda
sgdisk -n 1::+256MiB -u 1:fbf5660e-0474-4361-8b8f-22d8049e6920 -t 1:EF00 /dev/sda
sgdisk -n 2::+1024MiB -u 2:05ee6a32-f7ca-4379-9ac9-80cf6c63933b -t 2:8300 /dev/sda
sgdisk -n 3::+20480MiB -u 3:c522f8fe-01ee-433d-8642-e0c897e817aa -t 3:8304 /dev/sda
sgdisk -n 4::-9MiB -u 4:a086c08d-49f8-48ba-918d-e38d912d734b -t 3:BF01 /dev/sda
sgdisk -n 9::+8MiB -u 9:c3935f60-0315-427c-ac5b-db1808a72112 -t 3:BF07 /dev/sda
dd if=/dev/urandom of=/dev/sda3 bs=1MiB count=10
PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom|head -c 12)
dd bs=512 count=4 if=/dev/urandom of=/tmp/c522f8fe-01ee-433d-8642-e0c897e817aa.key
echo -ne "$PASSWD" | cryptsetup -q luksFormat /dev/sda3 -
echo -ne "$PASSWD" | cryptsetup -q luksAddKey /dev/sda3 /tmp/c522f8fe-01ee-433d-8642-e0c897e817aa.key -
cryptsetup -v isLuks /dev/sda3 && echo cryptsetup luksFormat: Success
luksuuid=`cryptsetup luksUUID /dev/sda3`
echo "luks UUID: $luksuuid"
diskuuid=`blkid -s UUID -o value /dev/sda3`
echo "disk UUID: $diskuuid"
# generate the proper part line with the luks uuid
echo "partition / --fstype=xfs --onpart=UUID=$luksuuid --noformat --encrypted --passphrase='$PASSWD'" > /tmp/part-include
#echo "part / --fstype=xfs --onpart=UUID=$luksuuid --noformat" > /tmp/part-include
echo "user --groups=wheel --name=marcin.skarbek --plaintext --password='$PASSWD' --gecos='Marcin Skarbek'" > /tmp/user-include
echo "Opening device luks-$luksuuid"
echo -ne "$PASSWD" | cryptsetup -q luksOpen /dev/sda3 luks-$luksuuid -
echo "Info about device luks-$luksuuid"
dmsetup info luks-$luksuuid
echo "Create xfs filesystem on luks-$luksuuid"
mkfs.xfs -q /dev/mapper/luks-$luksuuid
## create entry in /etc/crypttab:
#echo 'echo "" >> /etc/crypttab' > /tmp/luks-include
#echo 'echo "# kickstart: add luks device" >> /etc/crypttab' >> /tmp/luks-include
#echo "echo "luks-$luksuuid UUID=$diskuuid none allow-discards luks" >> /etc/crypttab" >> /tmp/luks-include
#echo 'chmod 744 /etc/crypttab' >> /tmp/luks-include
#echo 'chown root:root /etc/crypttab' >> /tmp/luks-include
#
## create entry in /etc/fstab
#echo 'echo "" >> /etc/fstab' >> /tmp/luks-include
#echo 'echo "# kickstart: add luks device" >> /etc/fstab' >> /tmp/luks-include
#echo "echo "/dev/mapper/luks-$luksuuid / xfs defaults 0 0" >> /etc/fstab" >> /tmp/luks-include
echo $PASSWD
read -rsp $'Press any key to continue...\n' -n 1 key
# System authorization information
auth --enableshadow --passalgo=sha512
url --url http://mirror.bytemark.co.uk/fedora/linux/releases/25/Workstation/x86_64/os/
# Use graphical install
graphical
#text
#cmdline
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=pl2 --xlayouts='pl','us'
# System language
lang en_US.UTF-8
# Network information
network --hostname=rpmq43
# Root password
#rootpw --iscrypted $6$Cxfcfn6vFy1z7L1i$ZtosT9zd7jKFQPKRibHWVsXdvPsWkE3Ma7u9cnnFQNUcEQIkZ0xMx2jqRm41yoFdsIl63uxKROtHZMk38h5PS0
# System services
services --enabled="chronyd sshd"
# System timezone
timezone Europe/Warsaw --isUtc
%include /tmp/user-include
# X Window System configuration information
xconfig --startxonboot
# System bootloader configuration
bootloader --location=mbr --boot-drive=sda
# Partition clearing information
#clearpart --none --initlabel
# Disk partitioning information
%include /tmp/part-include
partition /boot --fstype="xfs" --onpart=/dev/disk/by-partuuid/05ee6a32-f7ca-4379-9ac9-80cf6c63933b
partition /boot/efi --fstype="efi" --onpart=/dev/disk/by-partuuid/fbf5660e-0474-4361-8b8f-22d8049e6920 --fsoptions="umask=0077,shortname=winnt"
%packages
@^workstation-product-environment
chrony
%end
%addon com_redhat_kdump --disable --reserve-mb='128'
%end
%anaconda
pwpolicy root --minlen=0 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy user --minlen=12 --minquality=50 --strict --nochanges
pwpolicy luks --minlen=12 --minquality=50 --strict --nochanges
%end
######################################
dnf update -y rpm\*
dnf update -y dnf\*
dnf update -y dracut\*
dnf update -y kernel\*
dnf update -y
dnf install -y autocorr-pl hunspell-pl hyphen-pl mythes-pl
dnf install -y kernel-devel dkms
dnf install -y http://download.zfsonlinux.org/fedora/zfs-release$(rpm -E %dist).noarch.rpm
#rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-zfsonlinux
dnf install -y zfs
dnf install -y adobe-source-code-pro-fonts adobe-source-sans-pro-fonts.noarch adobe-source-serif-pro-fonts.noarch tilix ncdu tmux htop
#vim /etc/gdm/custom.conf - disable wayland
rpm --import https://dl.google.com/linux/linux_signing_key.pub # google chrome
dnf install -y https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm
rpm --import https://packages.microsoft.com/keys/microsoft.asc # vs code
echo -e "[code]\nname=Visual Studio Code\nbaseurl=https://packages.microsoft.com/yumrepos/vscode\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/vscode.repo
dnf install -y code
zpool create -m none -o ashift=12 -O relatime=on -O compression=lz4 -O xattr=sa f22aaa92-4170-4d43-a1ec-86448c64bef8 /dev/mapper/luks-7165415a-5db0-4fe8-ae78-91a57830ac55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment