hardware-setup/setup.sh

#!/bin/bash
set -e


apt-get -y install mdadm cryptsetup debootstrap

# returns /dev/md0 as root device
# returns "$boot" as boot device
"./hardware/${1}/parted.sh" "$2"
root="hardware/${1}/root"
boot="hardware/${1}/boot"
esp="hardware/${1}/esp"

# encrypt and unlock root device
echo -n 'Enter luks password: '
read -s root_pwd
echo #to indicate progress after password prompt
echo -n $root_pwd | cryptsetup -q luksFormat "$root"
echo -n $root_pwd | cryptsetup open --type luks "$root" root-unlocked
unset root_pwd


# format

chroot=/mnt/root-unlocked

# root device
mkfs.ext4 /dev/mapper/root-unlocked
mkdir /mnt/root-unlocked
mount /dev/mapper/root-unlocked /mnt/root-unlocked

# boot device
mkfs.ext4 "$boot"
mkdir "$chroot/boot"
mount "$boot" "$chroot/boot"

# esp device
mkfs.fat "$esp"
mkdir "$chroot/boot/efi"
mount "$esp" "$chroot/boot/efi"

# additional data disks
mkfs.ext4 /dev/nvme1n1p1
mkdir --parents "$chroot/longhorn/01"
mkfs.ext4 /dev/nvme2n1p1
mkdir --parents "$chroot/longhorn/02"


# debootstrap

debootstrap --variant=minbase --arch=amd64 bookworm "$chroot" https://deb.debian.org/debian/

mount -t proc none "$chroot/proc"
mount -t sysfs none "$chroot/sys"
mount --bind /dev "$chroot/dev"
mount --bind /run "$chroot/run"


# set hostname
echo "$2" > "$chroot/etc/hostname"
hostname "$2"


# create hardware-setup copy for post-debootstrap
mkdir "$chroot/hardware-setup"
cp -a * "$chroot/hardware-setup"

chroot "$chroot" /hardware-setup/post-debootstrap-installer.sh "$1"

rm -r "$chroot/hardware-setup"

echo "Don't forget to set a password with passwd ;-)"
echo
ls authorized_keys
echo
chroot "$chroot"