Project

getch

0.0
The project is in a healthy, maintained state
A CLI tool to install Gentoo or VoidLinux.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies
 Project Readme

Getch


Gem Version GitHub Workflow Status (branch) Ruby Style Guide GitHub

A CLI tool to install Gentoo or Void Linux with default:

  • DNS over HTTPS (with Quad9).
  • Vim | Nano installed.
  • Iptables installed (not configured).
  • Sudo installed (not configured).
  • iwd installed if wifi is detected.
  • No GUI installed.

Hardened System:

  • sysctl.conf with TCP/IP stack hardening and more Arch
  • Kernel parameters enforced (dmesg restricted, kexec disabled, etc)
  • Kernel source (Gentoo) patched with bask.
  • Musl optionnal

Description

Actually, Getch support only the x86_64 architecture with the following archives:

  • Gentoo: stage3-amd64-systemd or stage3-amd64-musl Gentoo.
  • Void: rootfs tarball glibc or rootfs tarball musl Void.

Filesystem supported (with or without encryption)

  • Ext4
  • Lvm
  • ZFS

Boot Manager:

  • Gentoo: BIOS, crypted disk and musl will use Grub2 and systemd-boot for UEFI.
  • Void: use only Grub2.

The ISO images i was able to test and that works:

You can also use your current linux host, just pay attention to the disk that will be used.

Dependencies

Getch is build without external libs, so it only require ruby >= 2.5.

On a live image of Void, you need to install xbps-install -S ruby xz gptfdisk.

Install

Getch is cryptographically signed, so add my public key (if you haven’t already) as a trusted certificate.
With gem installed:

$ gem cert --add <(curl -Ls https://raw.githubusercontent.com/szorfein/getch/master/certs/szorfein.pem)
$ gem install getch -P HighSecurity

If you want to try from the source:

# git clone https://github.com/szorfein/getch
# cd getch
# ruby -I lib bin/getch -h

Usage

Just ensure than the script is run with a root account.

# getch -h

After an install by Getch, take a look on the wiki.

Examples

For a french user:

# getch --zoneinfo "Europe/Paris" --language fr_FR --keymap fr

Install Gentoo on LVM and use a different root disk /dev/sdc

# getch --format ext4 --lvm --disk sdc

Encrypt your disk with LVM with a french keymap

# getch --format ext4 --lvm --encrypt --keymap fr

Encrypt with ext4 and create a new user ninja:

# getch --format ext4 --encrypt --username ninja

With ZFS, if used with --encrypt, it use the native ZFS encryption:

# getch --format zfs

With Void Linux and Musl enable:

# getch --os void --encrypt -k fr --musl

Troubleshooting

Old VG for LVM

If a old volume group exist, getch may fail to partition your disk. You have to clean up your device before proceed with vgremove and pvremove. An short example how doing this with a volume group named vg0:

# vgdisplay | grep vg0
# vgremove -f vg0
# pvremove -f /dev/sdb

Encryption with GRUB

To decrypt your disk on GRUB, only the us keymap is working for now.

ZFS with Grub

By default, if you use ZFS with musl or voidlinux the /boot partition is not mounted automatically, so before an update, mout the partition.

# zpool status
# zfs mount bpool/BOOT/void
# ls /boot

ZFS with and without encryption

First time on ZFS after 5min

dracut Warning: /dev/disk/by-uuid/<DISK> does not exist

Dracut try to mount inexistent device. Just wait for enter in the shell and remove the disk uuid from /lib/dracut/hooks/initqueue/finished/

# ls /lib/dracut/hooks/initqueue/finished/*
# rm /lib/dracut/hooks/initqueue/finished/dev*
# exit

Dracut should finally start mount-zfs.sh and ask for a password if encrypted. After you first login, mount the /boot partition and recompile the initramfs and your good.

  • For Gentoo: emerge --config sys-kernel/gentoo-kernel-bin
  • For Voidlinux: xbps-reconfigure -fa

If it doesn't work, try to start script manually (always in the shell):

# . /lib/dracut/hooks/mount/98-mount-zsh.sh
# . /lib/dracut/hooks/mount/99-mount-root.sh
# exit