add EFI support

README.md

@@ -12,8 +12,10 @@ wireguard settings
 firefox profiles home/.mozzilla/firefox
 thunderbird profile home/.thunderbird
 jetbrains settings home/.config/JetBrains
-
+signal settings .config/Signal
+telegram settings -local/share/TelegramDesktop
 pidgin setting home/.purple
+gnucash + files
 
 home/Projects
 home/Mount
@@ -21,5 +23,7 @@ home/Tools
 
 ;ldnsutils wireguard resolvconf freecad
 
+fonts-powerline kicad-packages3d
+
 systemctl enable tinc
 systemctl enable tinc@nodes.j3d1.de

entry.sh

@@ -31,7 +31,7 @@ function first_stage(){
 
 	export DEVICE
 
-	apt install -y debootstrap cryptsetup btrfs-progs lvm2 rsync
+	apt install -y debootstrap cryptsetup btrfs-progs lvm2 rsync gdisk
 
 	if [ -d /dev/cryptvg ]; then
 		mount | grep target | awk '{print $3}'| sort -r | while read LINE; do
@@ -51,31 +51,64 @@ function first_stage(){
 
 	(
 	echo o
+	echo Y
 	echo n
-	echo p
 	echo 1
 	echo
-	echo +2G
+	echo +512M
+	echo ef02
 	echo n
-	echo p
 	echo 2
 	echo
+	echo +512M
+	echo ef00
+	echo n
+	echo p
+	echo 3
 	echo
+	echo 
+	echo 8309
 	echo w
-	) | fdisk ${DEVICE}
+	echo Y
+	) | gdisk ${DEVICE}
 	
+	if [ -e ${DEVICE}1 ]; then
+	    PART1=${DEVICE}1
+	elif [ -e ${DEVICE}p1 ]; then
+	    PART1=${DEVICE}p1
+	fi
 	
-	wipefs -a ${DEVICE}1
+	if [ -e ${DEVICE}2 ]; then
-	wipefs -a ${DEVICE}2
+	    PART2=${DEVICE}2
+	elif [ -e ${DEVICE}p2 ]; then
+	    PART2=${DEVICE}p2
+	fi
 	
-	echo mkfs.ext4 ${DEVICE}1
+	if [ -e ${DEVICE}3 ]; then
-	yes | mkfs.ext4 ${DEVICE}1
+	    ROOTPART=${DEVICE}3
+	elif [ -e ${DEVICE}p3 ]; then
+	    ROOTPART=${DEVICE}p3
+	fi
+	
+	wipefs -a ${PART1}
+	wipefs -a ${ROOTPART}
+	
+	echo mkfs.ext4 ${PART1}
+	yes | mkfs.ext4 ${PART1}
+
+	if [ -d /sys/firmware/efi ]; then
+		echo UEFI
+		echo mkfs.vfat -F32 ${PART2}
+		mkfs.vfat -F32 ${PART2}
+	else
+		echo BIOS
+	fi
 
 	(
 	echo $LUKS_PASSWORD
 	echo $LUKS_PASSWORD	
-	)| cryptsetup luksFormat ${DEVICE}2
+	)| cryptsetup luksFormat ${ROOTPART}
-	echo $LUKS_PASSWORD | cryptsetup luksOpen ${DEVICE}2 cryptlvm
+	echo $LUKS_PASSWORD | cryptsetup luksOpen ${ROOTPART} cryptlvm
 	unset LUKS_PASSWORD
 	pvcreate /dev/mapper/cryptlvm
 	vgcreate cryptvg /dev/mapper/cryptlvm
@@ -106,14 +139,21 @@ function first_stage(){
 	echo debootstrap sid $TARGET
 	debootstrap sid $TARGET
 
-	mount ${DEVICE}1 $TARGET/boot
+	mount ${PART1} $TARGET/boot
-	echo mount ${DEVICE}1 $TARGET/boot
+	echo mount ${PART1} $TARGET/boot
+	
+	if [ -d /sys/firmware/efi ]; then
+		echo UEFI
+		mkdir -p $TARGET/boot/efi
+		mount ${PART2} $TARGET/boot/efi
+		echo mount ${PART2} $TARGET/boot/efi
+	fi
 
 	echo mount -osubvol=@home /dev/cryptvg/root $TARGET/home
 	mount -osubvol=@home /dev/cryptvg/root $TARGET/home
 
 	genfstab -U $TARGET | tee $TARGET/etc/fstab
-	UUID=$(lsblk -lpo NAME,UUID | grep ${DEVICE}2 | awk '{print $2}')
+	UUID=$(lsblk -lpo NAME,UUID | grep ${ROOTPART} | awk '{print $2}')
 	echo cryptlvm UUID=${UUID} none luks,initramfs > $TARGET/etc/crypttab
 }
 
@@ -130,12 +170,21 @@ function second_stage(){
 	hostname $NEW_HOSTNAME
 	sed -i 's/main/main contrib non-free/g' /etc/apt/sources.list
 	apt update
-	apt install -y linux-image-amd64 grub2 cryptsetup cryptsetup-initramfs cryptsetup-suspend btrfs-progs lvm2 firmware-iwlwifi locales tzdata keyboard-configuration console-common zsh intel-microcode ldnsutils wireguard resolvconf
+	apt install -y linux-image-amd64 cryptsetup cryptsetup-initramfs cryptsetup-suspend btrfs-progs lvm2 firmware-iwlwifi locales tzdata keyboard-configuration console-common zsh intel-microcode ldnsutils wireguard resolvconf
+	if [ -d /sys/firmware/efi ]; then
+		echo UEFI
+		apt install -y grub-efi
+		grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=debian --recheck --no-nvram --removable
+		update-grub
+	else
+		echo BIOS
+		apt install -y grub-pc
 		grub-install ${DEVICE}
 		update-grub
+	fi
 	update-initramfs -k all -u
 	mkdir /snap
-	btrfs subvolume snapshot / /snap/$(date +%Y-%m-%d_basesystem)
+	btrfs subvolume snapshot / /snap/$(date +%Y-%m-%d_00_basesystem)
 	apt install -y task-mate-desktop mate-desktop-environment-extra dbus-x11
 	(
 	echo $USER_PASSWORD
@@ -148,21 +197,28 @@ function second_stage(){
 	) | adduser jedi
 	unset USER_PASSWORD
 
-	btrfs subvolume snapshot / /snap/$(date +%Y-%m-%d_user_gui)
+	chsh --shell /usr/bin/zsh jedi
-	apt install -y git wget materia-gtk-theme htop nmap arandr timeshift gparted jq
+
+	btrfs subvolume snapshot / /snap/$(date +%Y-%m-%d_01_user_gui)
+	apt install -y git wget materia-gtk-theme htop nmap arandr timeshift gparted jq fonts-powerline
 	apt install -y virt-manager telegram-desktop chromium firefox thunderbird geany vlc pidgin meld remmina gmpc
-	apt install -y gimp inkscape blender freecad kicad || true
+	apt install -y gimp inkscape blender freecad kicad kicad-packages3d || true
-	btrfs subvolume snapshot / /snap/$(date +%Y-%m-%d_big_tools)
+	btrfs subvolume snapshot / /snap/$(date +%Y-%m-%d_02_big_tools)
+	
+	# switch to woking in homedir
+
 
 	rsync -a /root/unbox_data/secrets/SSH/ ~jedi/.ssh/
 	chown -R jedi:jedi ~jedi/
-	chsh --shell /usr/bin/zsh jedi
 	
 	echo second_stage done
 	
 	export -f user_install
 	su jedi -c "bash -c user_install"
 
+
+	mkdir -p ~jedi/.snap/
+	btrfs subvolume snapshot ~jedi/ ~jedi/.snap/$(date +%Y-%m-%d_fresh_install)
 }
 
 function user_install(){
@@ -201,6 +257,17 @@ function user_install(){
 	rm -r "$TOOLBOX_TEMP_DIR"
 	unset TOOLBOX_TEMP_DIR
 	
+	
+	# Signal
+	# 1. Install our official public software signing key
+	#wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
+	#cat signal-desktop-keyring.gpg | sudo tee -a /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
+	# 2. Add our repository to your list of repositories
+	#echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' |\
+	#sudo tee -a /etc/apt/sources.list.d/signal-xenial.list
+	# 3. Update your package database and install signal
+	#sudo apt update && sudo apt install signal-desktop
+	
 	echo
 }