#!/bin/bash set -e apt-get -y install mdadm cryptsetup # returns /dev/md0 as root device # returns /dev/md1 as boot device "./hardware/${1}/parted.sh" "$2" # encrypt and unlock root device echo -n 'Enter luks password: ' read -s md0pwd echo -n $md0pwd | cryptsetup -q luksFormat /dev/md0 echo -n $md0pwd | cryptsetup open --type luks /dev/md0 md0-unlocked unset md0pwd # format chroot=/mnt/md0-unlocked # root device mkfs.ext4 /dev/mapper/md0-unlocked mkdir /mnt/md0-unlocked mount /dev/mapper/md0-unlocked /mnt/md0-unlocked # boot device mkfs.ext4 /dev/md1 mkdir "$chroot/boot" mount /dev/md1 "$chroot/boot" # debootstrap debootstrap --variant=minbase --arch=amd64 stretch "$chroot" https://deb.debian.org/debian/ mount -t proc none "$chroot/proc" mount -t sysfs none "$chroot/sys" mount -o bind /dev "$chroot/dev" # copy fstab, crypttab, ... cd config cp -a * "$chroot" cd .. # copy parted.sh, grub.sh, ... cd "hardware/${1}" cp -a * "$chroot" cd ../.. # copy a couple of other files cp -a docker.key \ post-debootstrap-installer.sh \ authorized_keys \ "$chroot" # set hostname echo "$2" > "$chroot/etc/hostname" chroot "$chroot" /post-debootstrap-installer.sh rm -r "$chroot/docker.key" \ "$chroot/post-debootstrap-installer.sh" \ "$chroot/authorized_keys"