├── dynamic_data └── .gitkeep ├── .gitignore ├── source ├── pacman-init.service.expected_diff ├── start_sshd.sh ├── pacman-init.service ├── create_efibootmgr_entry.sh ├── start_archinstall.sh └── replace_zfsbootmenu.sh ├── compose.yml ├── .github ├── dependabot.yml └── workflows │ ├── linter.yml │ ├── no_lts_dkms.yml │ ├── no_lts_no_dkms_iso.yml │ ├── lts_dkms_iso.yml │ ├── lts_no_dkms_iso.yml │ ├── experimental_dkms.yml │ ├── experimental_no_dkms.yml │ └── scorecard.yml ├── SECURITY.md ├── .env.dist ├── dump_iso.sh ├── run_iso.sh ├── upload_iso.sh ├── README.md ├── CHANGELOG.md ├── bin └── installation.sh └── LICENSE /dynamic_data/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .env 2 | build.sh.log 3 | dynamic_data/* 4 | last_build_date*.txt 5 | software/ 6 | -------------------------------------------------------------------------------- /source/pacman-init.service.expected_diff: -------------------------------------------------------------------------------- 1 | 12a13,14 2 | > ExecStart=/usr/bin/pacman-key -r "DDF7DB817396A49B2A2723F7403BD972F75D9D76" 3 | > ExecStart=/usr/bin/pacman-key --lsign-key "DDF7DB817396A49B2A2723F7403BD972F75D9D76" 4 | -------------------------------------------------------------------------------- /compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | 3 | archlinux-container: 4 | cap_add: 5 | - DAC_OVERRIDE 6 | - SYS_ADMIN 7 | - SYS_CHROOT 8 | - SYS_MODULE 9 | devices: 10 | - /dev/loop-control:/dev/loop-control 11 | image: archlinux:latest 12 | # Replace privileged it with cap_add or devices section 13 | #privileged: true # Needed to build since mkarchiso is doing a chroot 14 | volumes: 15 | - .:/app 16 | -------------------------------------------------------------------------------- /source/start_sshd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ##### 3 | # Set's root password and starts sshd 4 | #### 5 | # @since: 2023-12-16 6 | # @author: stev leibelt 7 | #### 8 | 9 | function _main () 10 | { 11 | echo ":: Setting root password" 12 | passwd 13 | echo ":: Adapting sshd and starting it" 14 | echo "PermitRootLogin yes" >> /etc/ssh/sshd_config 15 | systemctl enable --now sshd 16 | 17 | echo ":: Use root@ from a remote machine to log in" 18 | ip a | grep inet 19 | } 20 | 21 | _main "${@}" 22 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # To get started with Dependabot version updates, you'll need to specify which 2 | # package ecosystems to update and where the package manifests are located. 3 | # Please see the documentation for all configuration options: 4 | # https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file 5 | 6 | version: 2 7 | updates: 8 | - package-ecosystem: "" # See documentation for possible values 9 | directory: "/" # Location of package manifests 10 | schedule: 11 | interval: "weekly" 12 | -------------------------------------------------------------------------------- /source/pacman-init.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Initializes Pacman keyring 3 | Requires=etc-pacman.d-gnupg.mount 4 | After=etc-pacman.d-gnupg.mount time-sync.target 5 | BindsTo=etc-pacman.d-gnupg.mount 6 | Before=archlinux-keyring-wkd-sync.service 7 | 8 | [Service] 9 | Type=oneshot 10 | RemainAfterExit=yes 11 | ExecStart=/usr/bin/pacman-key --init 12 | ExecStart=/usr/bin/pacman-key --populate 13 | ExecStart=/usr/bin/pacman-key -r "DDF7DB817396A49B2A2723F7403BD972F75D9D76" 14 | ExecStart=/usr/bin/pacman-key --lsign-key "DDF7DB817396A49B2A2723F7403BD972F75D9D76" 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | # Security Policy 3 | 4 | Security is very important but keep in mind that this is: 5 | 6 | * A hobby project 7 | * More or less just a bash script to ease up building an iso 8 | 9 | ## Versions 10 | 11 | The latest version is supported. 12 | 13 | ## Reporting a Vulnerability 14 | 15 | Please report (suspected) security vulnerabilities by creating a [issue](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/issues)-ticket. 16 | We will try to take care as fast as possible. 17 | 18 | --- 19 | Thanks for your help! 20 | -------------------------------------------------------------------------------- /source/create_efibootmgr_entry.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #### 3 | # Set a efibootmgr entry if needed 4 | #### 5 | # @since: 2024-11-17 6 | # @author: stev leibelt 7 | #### 8 | 9 | if ! efibootmgr | grep ZFSBootMenu 10 | then 11 | echo ":: Adding ZFSBootMenu via efibootmgr" 12 | echo ":: Select the root device (disk you installed on):" 13 | 14 | select ENTRY in $(ls /dev/disk/by-id/ | grep -v part); 15 | do 16 | DISK="/dev/disk/by-id/${ENTRY}" 17 | echo " Using disk: ${DISK}" 18 | break 19 | done 20 | 21 | efibootmgr --disk "${DISK}" \ 22 | --part 1 \ 23 | --create \ 24 | --label "ZFSBootMenu" \ 25 | --loader "\EFI\ZBM\vmlinuz.EFI" \ 26 | --verbose 27 | else 28 | echo ":: efibootmgr has already a ZFSBootMenu" 29 | fi 30 | -------------------------------------------------------------------------------- /.env.dist: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #### 3 | # Configuration file 4 | # 5 | # VALUE_NAME= # , [...] 6 | # 0,1: Handled as boolean values. 0 means off, 1 means on 7 | #### 8 | ASK_TO_DUMP_ISO=0 #0|1 9 | ASK_TO_RUN_ISO=0 #0|1 10 | ASK_TO_UPLOAD_ISO=0 #0|1 11 | BE_VERBOSE=0 #0|1 12 | IS_DRY_RUN=0 #0|1 13 | IS_FORCED=0 #0|1 14 | ISO_BOOT_TYPE="uefi" #bios|uefi 15 | KERNEL="linux" #linux|linux-lts 16 | PACKAGES_TO_ADD=git,ksh,mailx,nmon 17 | # ref: https://github.com/r-maerz/archlinux-lts-zfs/blob/main/.github/workflows/wf_build_archiso.yaml 18 | PACKAGES_TO_REMOVE=b43-fwcutter,boardcom-wl 19 | PATH_TO_SSH_KEY_FILE="~/.ssh/example_key" # used for uploading iso 20 | REPO_INDEX="last" #week|month|yyyy/mm/dd 21 | SCP_HOST_PATH="foo@bar.org:/my/path/" # used for uploading iso 22 | USE_GIT_PACKAGE=0 #0|1 23 | USE_DKMS=0 #0|1 24 | USE_OTHER_REPO_INDEX=0 #0|1 25 | # ref: https://github.com/archzfs/archzfs/releases/tag/experimental 26 | ZFS_SERVERS="default" #default|experimental 27 | -------------------------------------------------------------------------------- /source/start_archinstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ##### 3 | # Tries to find existing zfsbootmenu.EFI file and replace this with another one 4 | # Creates a backup of the existing file 5 | #### 6 | # @since: 2023-11-10 7 | # @author: stev leibelt 8 | #### 9 | 10 | function _echo_if_be_verbose () 11 | { 12 | if [[ ${BE_VERBOSE} -eq 1 ]]; 13 | then 14 | echo "${@}" 15 | fi 16 | } 17 | 18 | function _exit_if_last_exit_code_is_not_zero () 19 | { 20 | local ERROR_MESSAGE 21 | local LAST_COMMAND 22 | local LAST_EXIT_CODE 23 | 24 | ERROR_MESSAGE="${2:-'Something went wrong'}" 25 | LAST_COMMAND="${@:2}" 26 | LAST_EXIT_CODE="${1:-1}" 27 | 28 | if [[ ${LAST_EXIT_CODE} -ne 0 ]]; 29 | then 30 | echo ":: Error" 31 | echo " Last exit code >>${LAST_EXIT_CODE}<<" 32 | echo " Last command >>${LAST_COMMAND}<<" 33 | echo " >>${ERROR_MESSAGE}<<." 34 | 35 | exit "${LAST_EXIT_CODE}" 36 | fi 37 | } 38 | 39 | function _main () 40 | { 41 | local BASEPATH_OF_THIS_SCRIPT 42 | 43 | BASEPATH_OF_THIS_SCRIPT=$(cd $(dirname "${BASH_SOURCE[0]}"); pwd) 44 | 45 | if [[ ${UID} != 0 ]]; 46 | then 47 | echo ":: Script needs to be executed as root" 48 | 49 | exit 10 50 | fi 51 | 52 | # ref: https://github.com/archlinux/archinstall?tab=readme-ov-file#running-the-guided-installer-using-git 53 | python -m archinstall 54 | } 55 | 56 | _main "${@}" 57 | -------------------------------------------------------------------------------- /.github/workflows/linter.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ################################# 3 | ################################# 4 | ## Super Linter GitHub Actions ## 5 | ################################# 6 | ################################# 7 | name: Lint Code Base 8 | 9 | # 10 | # Documentation: 11 | # https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions 12 | # 13 | 14 | ############################# 15 | # Start the job on all push # 16 | ############################# 17 | on: 18 | push: 19 | pull_request: 20 | branches: [master, main] 21 | 22 | ############### 23 | # Set the Job # 24 | ############### 25 | jobs: 26 | build: 27 | # Name the Job 28 | name: Lint Code Base 29 | # Set the agent to run on 30 | runs-on: ubuntu-latest 31 | 32 | ################## 33 | # Load all steps # 34 | ################## 35 | steps: 36 | ########################## 37 | # Checkout the code base # 38 | ########################## 39 | - name: Checkout Code 40 | uses: actions/checkout@v4 41 | with: 42 | # Full git history is needed to get a proper list of changed files within `super-linter` 43 | fetch-depth: 0 44 | 45 | ################################ 46 | # Run Linter against code base # 47 | ################################ 48 | - name: Lint Code Base 49 | uses: github/super-linter@v4 50 | env: 51 | VALIDATE_ALL_CODEBASE: false 52 | DEFAULT_BRANCH: master 53 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 54 | -------------------------------------------------------------------------------- /dump_iso.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #### 3 | # @author stev leibelt 4 | # @since 2022-03-28 5 | #### 6 | 7 | function auto_elevate_if_not_called_from_root () 8 | { 9 | #begin of check if we are root 10 | if [[ ${WHO_AM_I} != "root" ]]; 11 | then 12 | #call this script (${0}) again with sudo with all provided arguments (${@}) 13 | sudo "${0}" "${@}" 14 | 15 | exit ${?} 16 | fi 17 | #end of check if we are root 18 | } 19 | 20 | function _main () 21 | { 22 | local PATH_TO_THIS_SCRIPT=$(cd $(dirname "${BASH_SOURCE[0]}"); pwd) 23 | local PATH_TO_THE_ISO="${1:-${PATH_TO_THIS_SCRIPT}/dynamic_data/out/archlinux-archzfs-linux.iso}" 24 | 25 | auto_elevate_if_not_called_from_root 26 | 27 | if [[ -f "${PATH_TO_THE_ISO}" ]]; 28 | then 29 | echo ":: Outputting available devices" 30 | 31 | ls /dev/sd* | grep -v '[0-9]$' 32 | 33 | echo ":: Please input the device path you want to dump the iso to." 34 | 35 | read -e PATH_TO_THE_DEVICE 36 | 37 | if [[ -b "${PATH_TO_THE_DEVICE}" ]]; 38 | then 39 | if [[ -f /usr/bin/progress ]]; 40 | then 41 | dd if="${PATH_TO_THE_ISO}" of="${PATH_TO_THE_DEVICE}" & 42 | progress -M 43 | else 44 | dd if="${PATH_TO_THE_ISO}" of="${PATH_TO_THE_DEVICE}" 45 | fi 46 | else 47 | echo ":: Devices is invalid." 48 | echo " >>${PATH_TO_THE_DEVICE}<< is not a block device." 49 | fi 50 | else 51 | echo ":: Invalid path provided." 52 | echo " >>${PATH_TO_THE_ISO}<< is not a valid file." 53 | fi 54 | } 55 | 56 | _main $@ 57 | -------------------------------------------------------------------------------- /.github/workflows/no_lts_dkms.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build ArchLinux zfs iso with DKMS Package 3 | on: 4 | schedule: # arch relases are published first day of the month 5 | - cron: '50 21 1 * *' 6 | workflow_dispatch: 7 | pull_request: 8 | types: 9 | - closed 10 | push: 11 | 12 | jobs: 13 | no_lts_dkms_iso: 14 | if: ${{ github.event.pull_request.merged == true || 15 | github.event_name == 'schedule' || 16 | github.event_name == 'workflow_dispatch' || 17 | github.event.repository.default_branch }} 18 | runs-on: ubuntu-latest 19 | container: 20 | image: archlinux/archlinux:latest 21 | options: --privileged 22 | steps: 23 | - name: Set timestamp tag 24 | id: timetag 25 | run: echo "timestamp=$(date +'%Y%m%d')" >> "$GITHUB_ENV" 26 | - name: Check out codebase 27 | uses: actions/checkout@v5 28 | - name: Install requirements 29 | run: | 30 | pacman -Sy 31 | pacman -S --noconfirm archlinux-keyring archiso git 32 | pacman-key --init 33 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 34 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 35 | - name: Prepare env 36 | run: | 37 | echo -e 'ASK_TO_DUMP_ISO=0 38 | ASK_TO_RUN_ISO=0 39 | ASK_TO_UPLOAD_ISO=0 40 | IS_FORCED=1 41 | KERNEL="linux" 42 | USE_DKMS=1' > .env 43 | - name: Build dkms iso 44 | run: | 45 | chmod +x ./*.sh 46 | ls 47 | bash ./build.sh --verbose 48 | - name: Upload a release 49 | uses: softprops/action-gh-release@v1 50 | with: 51 | name: archlinux-archzfs-linux-dkms-${{ env.timestamp }} 52 | tag_name: ${{ env.timestamp }} 53 | prerelease: ${{ github.event_name != 'schedule' }} 54 | files: | 55 | dynamic_data/out/* 56 | -------------------------------------------------------------------------------- /.github/workflows/no_lts_no_dkms_iso.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build ArchLinux zfs iso with native ZFS Package 3 | on: 4 | schedule: # arch relases are published first day of the month 5 | - cron: '50 20 1 * *' 6 | workflow_dispatch: 7 | pull_request: 8 | types: 9 | - closed 10 | push: 11 | 12 | jobs: 13 | no_lts_no_dkms_iso: 14 | if: ${{ github.event.pull_request.merged == true || 15 | github.event_name == 'schedule' || 16 | github.event_name == 'workflow_dispatch' || 17 | github.event.repository.default_branch }} 18 | runs-on: ubuntu-latest 19 | container: 20 | image: archlinux/archlinux:latest 21 | options: --privileged 22 | steps: 23 | - name: Set timestamp tag 24 | id: timetag 25 | run: echo "timestamp=$(date +'%Y%m%d')" >> "$GITHUB_ENV" 26 | - name: Check out codebase 27 | uses: actions/checkout@v5 28 | - name: Install requirements 29 | run: | 30 | pacman -Sy 31 | pacman -S --noconfirm archlinux-keyring archiso git 32 | pacman-key --init 33 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 34 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 35 | - name: Prepare env 36 | run: | 37 | echo -e 'ASK_TO_DUMP_ISO=0 38 | ASK_TO_RUN_ISO=0 39 | ASK_TO_UPLOAD_ISO=0 40 | IS_FORCED=1 41 | KERNEL="linux" 42 | USE_DKMS=0' > .env 43 | - name: Build iso 44 | run: | 45 | chmod +x ./*.sh 46 | ls 47 | bash ./build.sh --verbose 48 | - name: Upload a release 49 | uses: softprops/action-gh-release@v1 50 | with: 51 | name: archlinux-archzfs-linux-${{ env.timestamp }} 52 | tag_name: ${{ env.timestamp }} 53 | prerelease: ${{ github.event_name != 'schedule' }} 54 | files: | 55 | dynamic_data/out/* 56 | 57 | 58 | -------------------------------------------------------------------------------- /.github/workflows/lts_dkms_iso.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build ArchLinux zfs iso with LTS-Kernel and DKMS Package 3 | on: 4 | schedule: # arch relases are published first day of the month 5 | - cron: '50 23 1 * *' 6 | workflow_dispatch: 7 | pull_request: 8 | types: 9 | - closed 10 | push: 11 | 12 | jobs: 13 | iso_lts_dkms: 14 | if: ${{ github.event.pull_request.merged == true || 15 | github.event_name == 'schedule' || 16 | github.event_name == 'workflow_dispatch' || 17 | github.event.repository.default_branch }} 18 | runs-on: ubuntu-latest 19 | container: 20 | image: archlinux/archlinux:latest 21 | options: --privileged 22 | steps: 23 | - name: Set timestamp tag 24 | id: timetag 25 | run: echo "timestamp=$(date +'%Y%m%d')" >> "$GITHUB_ENV" 26 | - name: Check out codebase 27 | uses: actions/checkout@v5 28 | - name: Install requirements 29 | run: | 30 | pacman -Sy 31 | pacman -S --noconfirm archlinux-keyring archiso git 32 | pacman-key --init 33 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 34 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 35 | - name: Prepare env 36 | run: | 37 | echo -e 'ASK_TO_DUMP_ISO=0 38 | ASK_TO_RUN_ISO=0 39 | ASK_TO_UPLOAD_ISO=0 40 | IS_FORCED=1 41 | KERNEL="linux-lts" 42 | USE_DKMS=1' > .env 43 | - name: Build lts dkms iso 44 | run: | 45 | chmod +x ./*.sh 46 | ls 47 | bash ./build.sh --verbose 48 | - name: Upload a release 49 | uses: softprops/action-gh-release@v1 50 | with: 51 | name: archlinux-archzfs-linux-lts-dkms-${{ env.timestamp }} 52 | tag_name: ${{ env.timestamp }} 53 | prerelease: ${{ github.event_name != 'schedule' }} 54 | files: | 55 | dynamic_data/out/* 56 | -------------------------------------------------------------------------------- /.github/workflows/lts_no_dkms_iso.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build ArchLinux zfs iso with LTS-Kernel and native ZFS Package 3 | on: 4 | schedule: # arch relases are published first day of the month 5 | - cron: '50 22 1 * *' 6 | workflow_dispatch: 7 | pull_request: 8 | types: 9 | - closed 10 | push: 11 | 12 | jobs: 13 | lts_no_dkms_iso: 14 | if: ${{ github.event.pull_request.merged == true || 15 | github.event_name == 'schedule' || 16 | github.event_name == 'workflow_dispatch' || 17 | github.event.repository.default_branch }} 18 | runs-on: ubuntu-latest 19 | container: 20 | image: archlinux/archlinux:latest 21 | options: --privileged 22 | steps: 23 | - name: Set timestamp tag 24 | id: timetag 25 | run: echo "timestamp=$(date +'%Y%m%d')" >> "$GITHUB_ENV" 26 | - name: Check out codebase 27 | uses: actions/checkout@v5 28 | - name: Install requirements 29 | run: | 30 | pacman -Sy 31 | pacman -S --noconfirm archlinux-keyring archiso git 32 | pacman-key --init 33 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 34 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 35 | - name: Prepare env 36 | run: | 37 | echo -e 'ASK_TO_DUMP_ISO=0 38 | ASK_TO_RUN_ISO=0 39 | ASK_TO_UPLOAD_ISO=0 40 | IS_FORCED=1 41 | KERNEL="linux-lts" 42 | USE_DKMS=0' > .env 43 | - name: Build lts iso 44 | run: | 45 | chmod +x ./*.sh 46 | ls 47 | bash ./build.sh --verbose 48 | - name: Upload a release 49 | uses: softprops/action-gh-release@v1 50 | with: 51 | name: archlinux-archzfs-linux-lts-${{ env.timestamp }} 52 | tag_name: ${{ env.timestamp }} 53 | prerelease: ${{ github.event_name != 'schedule' }} 54 | files: | 55 | dynamic_data/out/* 56 | -------------------------------------------------------------------------------- /.github/workflows/experimental_dkms.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build ArchLinux zfs iso with DKMS Package using experimental repository 3 | on: 4 | schedule: # arch relases are published first day of the month 5 | - cron: '50 21 1 * *' 6 | workflow_dispatch: 7 | pull_request: 8 | types: 9 | - closed 10 | push: 11 | 12 | jobs: 13 | no_lts_dkms_iso: 14 | if: ${{ github.event.pull_request.merged == true || 15 | github.event_name == 'schedule' || 16 | github.event_name == 'workflow_dispatch' || 17 | github.event.repository.default_branch }} 18 | runs-on: ubuntu-latest 19 | container: 20 | image: archlinux/archlinux:latest 21 | options: --privileged 22 | steps: 23 | - name: Set timestamp tag 24 | id: timetag 25 | run: echo "timestamp=$(date +'%Y%m%d')" >> "$GITHUB_ENV" 26 | - name: Check out codebase 27 | uses: actions/checkout@v5 28 | - name: Install requirements 29 | run: | 30 | pacman -Sy 31 | pacman -S --noconfirm archlinux-keyring archiso git 32 | pacman-key --init 33 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 34 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 35 | - name: Prepare env 36 | run: | 37 | echo -e 'ASK_TO_DUMP_ISO=0 38 | ASK_TO_RUN_ISO=0 39 | ASK_TO_UPLOAD_ISO=0 40 | IS_FORCED=1 41 | KERNEL="linux" 42 | USE_DKMS=1' 43 | ZFS_SERVERS="experimental"' > .env 44 | - name: Build dkms iso 45 | run: | 46 | chmod +x ./*.sh 47 | ls 48 | bash ./build.sh --verbose 49 | - name: Upload a release 50 | uses: softprops/action-gh-release@v1 51 | with: 52 | name: archlinux-archzfs-linux-dkms-${{ env.timestamp }} 53 | tag_name: ${{ env.timestamp }} 54 | prerelease: ${{ github.event_name != 'schedule' }} 55 | files: | 56 | dynamic_data/out/* 57 | -------------------------------------------------------------------------------- /.github/workflows/experimental_no_dkms.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build ArchLinux zfs iso with native ZFS Package using experimental repository 3 | on: 4 | schedule: # arch relases are published first day of the month 5 | - cron: '50 20 1 * *' 6 | workflow_dispatch: 7 | pull_request: 8 | types: 9 | - closed 10 | push: 11 | 12 | jobs: 13 | no_lts_no_dkms_iso: 14 | if: ${{ github.event.pull_request.merged == true || 15 | github.event_name == 'schedule' || 16 | github.event_name == 'workflow_dispatch' || 17 | github.event.repository.default_branch }} 18 | runs-on: ubuntu-latest 19 | container: 20 | image: archlinux/archlinux:latest 21 | options: --privileged 22 | steps: 23 | - name: Set timestamp tag 24 | id: timetag 25 | run: echo "timestamp=$(date +'%Y%m%d')" >> "$GITHUB_ENV" 26 | - name: Check out codebase 27 | uses: actions/checkout@v5 28 | - name: Install requirements 29 | run: | 30 | pacman -Sy 31 | pacman -S --noconfirm archlinux-keyring archiso git 32 | pacman-key --init 33 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 34 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 35 | - name: Prepare env 36 | run: | 37 | echo -e 'ASK_TO_DUMP_ISO=0 38 | ASK_TO_RUN_ISO=0 39 | ASK_TO_UPLOAD_ISO=0 40 | IS_FORCED=1 41 | KERNEL="linux" 42 | USE_DKMS=0 43 | ZFS_SERVERS="experimental"' > .env 44 | - name: Build iso 45 | run: | 46 | chmod +x ./*.sh 47 | ls 48 | bash ./build.sh --verbose 49 | - name: Upload a release 50 | uses: softprops/action-gh-release@v1 51 | with: 52 | name: archlinux-archzfs-linux-${{ env.timestamp }} 53 | tag_name: ${{ env.timestamp }} 54 | prerelease: ${{ github.event_name != 'schedule' }} 55 | files: | 56 | dynamic_data/out/* 57 | 58 | 59 | -------------------------------------------------------------------------------- /run_iso.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #### 3 | # @see: 4 | # https://wiki.archlinux.org/title/Archiso#Test_the_ISO_in_QEMU 5 | # 6 | # @author stev leibelt 7 | # @since 2022-02-07 8 | #### 9 | 10 | function _main () 11 | { 12 | # bo: variables 13 | local ISO_BOOT_TYPE 14 | local KERNEL 15 | local PATH_TO_THE_DISTRIBUTION_ENVIRONMENT_FILE 16 | local PATH_TO_THE_ISO 17 | local PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE 18 | local PATH_TO_THIS_SCRIPT 19 | local WHO_AM_I 20 | 21 | KERNEL="linux" 22 | PATH_TO_THIS_SCRIPT=$(cd $(dirname "${BASH_SOURCE[0]}"); pwd) 23 | WHO_AM_I=$(whoami) 24 | PATH_TO_THE_DISTRIBUTION_ENVIRONMENT_FILE="${PATH_TO_THIS_SCRIPT}/.env.dist" 25 | PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE="${PATH_TO_THIS_SCRIPT}/.env" 26 | # eo: variables 27 | 28 | #bo: load environment files 29 | set -a 30 | source "${PATH_TO_THE_DISTRIBUTION_ENVIRONMENT_FILE}" 31 | set +a 32 | if [[ -f "${PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE}" ]]; 33 | then 34 | set -a 35 | source "${PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE}" 36 | set +a 37 | fi 38 | #eo: load environment files 39 | 40 | #bo: user input 41 | while true; 42 | do 43 | case "${1}" in 44 | "-b" | "--boot-type" ) 45 | ISO_BOOT_TYPE="${2:uefi}" 46 | shift 2 47 | ;; 48 | "-h" | "--help" ) 49 | SHOW_HELP=1 50 | shift 1 51 | ;; 52 | "-k" | "--kernel" ) 53 | KERNEL="${2:linux}" 54 | shift 2 55 | ;; 56 | * ) 57 | break 58 | ;; 59 | esac 60 | done 61 | #eo: user input 62 | 63 | #bo: help 64 | if [[ ${SHOW_HELP} -eq 1 ]]; 65 | then 66 | echo ":: Usage" 67 | echo " ${0} [-b|--boot-type >${PATH_TO_THE_ISO}<< is not a valid file." 80 | 81 | exit 10 82 | fi 83 | 84 | if [[ ${WHO_AM_I} == "root" ]]; 85 | then 86 | local SUDO_COMMAND_PREFIX="" 87 | else 88 | local SUDO_COMMAND_PREFIX="sudo " 89 | fi 90 | 91 | if [[ ! -d "/usr/share/qemu" ]]; 92 | then 93 | echo ":: qemu package is missing, installing it ..." 94 | 95 | ${SUDO_COMMAND_PREFIX} pacman -S qemu-full 96 | fi 97 | 98 | if [[ ! -d "/usr/share/edk2-ovmf" ]]; 99 | then 100 | echo ":: edk2-ovmf package is missing, installing it ..." 101 | 102 | ${SUDO_COMMAND_PREFIX} pacman -S edk2-ovmf 103 | fi 104 | #eo: environemt check 105 | 106 | #bo: core logic 107 | if [[ ${ISO_BOOT_TYPE} == "uefi" ]]; 108 | then 109 | run_archiso -u -i "${PATH_TO_THE_ISO}" 110 | else 111 | run_archiso -b -i "${PATH_TO_THE_ISO}" 112 | fi 113 | #eo: core logic 114 | } 115 | 116 | _main "${@}" 117 | -------------------------------------------------------------------------------- /.github/workflows/scorecard.yml: -------------------------------------------------------------------------------- 1 | # This workflow uses actions that are not certified by GitHub. They are provided 2 | # by a third-party and are governed by separate terms of service, privacy 3 | # policy, and support documentation. 4 | 5 | name: Scorecard supply-chain security 6 | on: 7 | # For Branch-Protection check. Only the default branch is supported. See 8 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection 9 | branch_protection_rule: 10 | # To guarantee Maintained check is occasionally updated. See 11 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained 12 | schedule: 13 | - cron: '33 2 * * 0' 14 | push: 15 | branches: [ "master" ] 16 | 17 | # Declare default permissions as read only. 18 | permissions: read-all 19 | 20 | jobs: 21 | analysis: 22 | name: Scorecard analysis 23 | runs-on: ubuntu-latest 24 | permissions: 25 | # Needed to upload the results to code-scanning dashboard. 26 | security-events: write 27 | # Needed to publish results and get a badge (see publish_results below). 28 | id-token: write 29 | # Uncomment the permissions below if installing in a private repository. 30 | # contents: read 31 | # actions: read 32 | 33 | steps: 34 | - name: "Checkout code" 35 | uses: actions/checkout@v5 36 | with: 37 | persist-credentials: false 38 | 39 | - name: "Run analysis" 40 | uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 41 | with: 42 | results_file: results.sarif 43 | results_format: sarif 44 | # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: 45 | # - you want to enable the Branch-Protection check on a *public* repository, or 46 | # - you are installing Scorecard on a *private* repository 47 | # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. 48 | # repo_token: ${{ secrets.SCORECARD_TOKEN }} 49 | 50 | # Public repositories: 51 | # - Publish results to OpenSSF REST API for easy access by consumers 52 | # - Allows the repository to include the Scorecard badge. 53 | # - See https://github.com/ossf/scorecard-action#publishing-results. 54 | # For private repositories: 55 | # - `publish_results` will always be set to `false`, regardless 56 | # of the value entered here. 57 | publish_results: true 58 | 59 | # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF 60 | # format to the repository Actions tab. 61 | - name: "Upload artifact" 62 | uses: actions/upload-artifact@v4 # v3.1.0 63 | with: 64 | name: SARIF file 65 | path: results.sarif 66 | retention-days: 5 67 | 68 | # Upload the results to GitHub's code scanning dashboard. 69 | - name: "Upload to code-scanning" 70 | uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 71 | with: 72 | sarif_file: results.sarif 73 | -------------------------------------------------------------------------------- /source/replace_zfsbootmenu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ##### 3 | # Tries to find existing zfsbootmenu.EFI file and replace this with another one 4 | # Creates a backup of the existing file 5 | #### 6 | # @since: 2023-11-10 7 | # @author: stev leibelt 8 | #### 9 | 10 | function _echo_if_be_verbose () 11 | { 12 | if [[ ${BE_VERBOSE} -eq 1 ]]; 13 | then 14 | echo "${@}" 15 | fi 16 | } 17 | 18 | function _exit_if_last_exit_code_is_not_zero () 19 | { 20 | local ERROR_MESSAGE 21 | local LAST_COMMAND 22 | local LAST_EXIT_CODE 23 | 24 | ERROR_MESSAGE="${2:-'Something went wrong'}" 25 | LAST_COMMAND="${@:2}" 26 | LAST_EXIT_CODE="${1:-1}" 27 | 28 | if [[ ${LAST_EXIT_CODE} -ne 0 ]]; 29 | then 30 | echo ":: Error" 31 | echo " Last exit code >>${LAST_EXIT_CODE}<<" 32 | echo " Last command >>${LAST_COMMAND}<<" 33 | echo " >>${ERROR_MESSAGE}<<." 34 | 35 | exit "${LAST_EXIT_CODE}" 36 | fi 37 | } 38 | 39 | function _usage () 40 | { 41 | echo ":: Usage ${0} -i " 42 | echo " -i File path to new ZBM.EFI" 43 | echo "" 44 | echo "Options" 45 | echo " -h Shows this help" 46 | echo " -o File path to existing vmlinuz.EFI" 47 | echo " -v Enables verbose output" 48 | echo "" 49 | 50 | exit 0 51 | } 52 | 53 | function _main () 54 | { 55 | local BASEPATH_OF_THIS_SCRIPT 56 | local BE_VERBOSE 57 | local CURRENT_DATE 58 | local PATH_TO_NEW_ZBM 59 | local PATH_TO_OLD_ZBM 60 | local SHOW_USAGE 61 | 62 | BASEPATH_OF_THIS_SCRIPT=$(cd $(dirname "${BASH_SOURCE[0]}"); pwd) 63 | BE_VERBOSE=0 64 | CURRENT_DATE=$(date +'%Y%m%d') 65 | PATH_TO_NEW_ZBM="${BASEPATH_OF_THIS_SCRIPT}/vmlinuz.EFI" 66 | PATH_TO_OLD_ZBM="/mnt/efi/EFI/ZBM/vmlinuz.EFI" 67 | SHOW_USAGE=0 68 | 69 | OPTARG="" 70 | OPTIND=1 71 | 72 | while getopts "hi:o:v" CURRENT_OPTION; 73 | do 74 | case ${CURRENT_OPTION} in 75 | h) 76 | SHOW_USAGE=1 77 | ;; 78 | i) 79 | PATH_TO_NEW_ZBM="${OPTARG}" 80 | ;; 81 | o) 82 | PATH_TO_OLD_ZBM="${OPTARG}" 83 | ;; 84 | v) 85 | BE_VERBOSE=1 86 | ;; 87 | *) 88 | echo "${CURRENT_OPTION} is invalid and not supported" 89 | ;; 90 | esac 91 | done 92 | 93 | if [[ ${SHOW_USAGE} -eq 1 ]]; 94 | then 95 | _usage 96 | fi 97 | 98 | if [[ ${UID} != 0 ]]; 99 | then 100 | echo ":: Script needs to be executed as root" 101 | 102 | exit 10 103 | fi 104 | 105 | if [[ "${PATH_TO_NEW_ZBM}" == "" ]]; 106 | then 107 | echo ":: No file path to new ZBM.EFI provided" 108 | 109 | exit 20 110 | fi 111 | 112 | if [[ ! -f "${PATH_TO_NEW_ZBM}" ]]; 113 | then 114 | echo ":: Invalid input file provided" 115 | echo " >>${PATH_TO_NEW_ZBM}<< does not exist" 116 | 117 | exit 25 118 | fi 119 | 120 | if [[ -f "${PATH_TO_OLD_ZBM}" ]]; 121 | then 122 | _echo_if_be_verbose "Renaming >>${PATH_TO_OLD_ZBM}<< to >>${PATH_TO_OLD_ZBM}.${CURRENT_DATE}<<" 123 | mv "${PATH_TO_OLD_ZBM}" "${PATH_TO_OLD_ZBM}.${CURRENT_DATE}" 124 | _exit_if_last_exit_code_is_not_zero ${?} "Renaming >>{$PATH_TO_OLD_ZBM}<< to >>${PATH_TO_OLD_ZBM}.${CURRENT_DATE}<< failed." 125 | fi 126 | 127 | _echo_if_be_verbose "Copy >>${PATH_TO_NEW_ZBM}<< to >>${PATH_TO_OLD_ZBM}<<" 128 | cp "${PATH_TO_NEW_ZBM}" "${PATH_TO_OLD_ZBM}" 129 | _exit_if_last_exit_code_is_not_zero ${?} "Copy >>${PATH_TO_NEW_ZBM}<< to >>${PATH_TO_OLD_ZBM}<<" 130 | } 131 | 132 | _main "${@}" 133 | -------------------------------------------------------------------------------- /upload_iso.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #### 3 | # @author stev leibelt 4 | # @since 2022-03-19 5 | #### 6 | 7 | #### 8 | # @param 9 | # @param 10 | #### 11 | function _create_latest_build_date () 12 | { 13 | local ARCH_ISO_FILE_PATH 14 | local CREATION_DATE_TIME 15 | local LATEST_BUILD_DATE_FILE_PATH 16 | 17 | ARCH_ISO_FILE_PATH="${1}" 18 | CREATION_DATE_TIME="" 19 | LATEST_BUILD_DATE_FILE_PATH="${2}" 20 | 21 | if [[ ! -f "${ARCH_ISO_FILE_PATH}" ]]; 22 | then 23 | echo ":: Error!" 24 | echo " Invalid arch iso file path provided" 25 | echo " >>${ARCH_ISO_FILE_PATH}<< is not a file" 26 | echo "" 27 | 28 | exit 20 29 | fi 30 | 31 | if [[ -f ${PATH_TO_THE_LATEST_BUILD_DATE} ]]; 32 | then 33 | if /usr/bin/rm "${PATH_TO_THE_LATEST_BUILD_DATE}"; 34 | then 35 | _echo_if_be_verbose " Removed file: ${PATH_TO_THE_LATEST_BUILD_DATE}" 36 | else 37 | echo ":: Error - Could not remove file" 38 | echo " File path: ${PATH_TO_THE_LATEST_BUILD_DATE}" 39 | 40 | exit 21 41 | fi 42 | fi 43 | 44 | _echo_if_be_verbose " Creating file >>${LATEST_BUILD_DATE_FILE_PATH}<<" 45 | 46 | #add date 47 | CREATION_DATE_TIME=$(stat -c '%w' "${ARCH_ISO_FILE_PATH}" | cut -d ' ' -f 1) 48 | _echo_if_be_verbose " Detected creation date >>${CREATION_DATE_TIME}<<" 49 | 50 | #add time 51 | CREATION_DATE_TIME=$(echo -n "${CREATION_DATE_TIME}T"; stat -c '%w' "${ARCH_ISO_FILE_PATH}" | cut -d ' ' -f 2 | cut -d '.' -f 1) 52 | _echo_if_be_verbose " Detected creation date time >>${CREATION_DATE_TIME}<<" 53 | 54 | touch "${LATEST_BUILD_DATE_FILE_PATH}" 55 | 56 | echo "${CREATION_DATE_TIME}" > "${LATEST_BUILD_DATE_FILE_PATH}" 57 | } 58 | 59 | #### 60 | # @param 61 | #### 62 | function _echo_if_be_verbose () 63 | { 64 | if [[ ${BE_VERBOSE} -eq 1 ]]; 65 | then 66 | echo "${1}" 67 | fi 68 | } 69 | 70 | function _main () 71 | { 72 | #bo: variables 73 | local PATH_TO_THE_DISTRIBUTION_ENVIRONMENT_FILE 74 | local PATH_TO_THE_ISO 75 | local PATH_TO_THE_ISO_SHA512 76 | local PATH_TO_THE_LATEST_BUILD_DATE 77 | local PATH_TO_THE_LOCAL_CONFIGURATION 78 | local PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE 79 | local PATH_TO_THIS_SCRIPT 80 | 81 | PATH_TO_THIS_SCRIPT=$(cd $(dirname "${BASH_SOURCE[0]}"); pwd) 82 | 83 | PATH_TO_THE_DISTRIBUTION_ENVIRONMENT_FILE="${PATH_TO_THIS_SCRIPT}/.env.dist" 84 | PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE="${PATH_TO_THIS_SCRIPT}/.env" 85 | #eo: variables 86 | 87 | #we are storing all arguments for the case if the script needs to be re-executed as root/system user 88 | local ALL_ARGUMENTS_TO_PASS 89 | local BE_VERBOSE 90 | local IS_DRY_RUN 91 | local KERNEL 92 | local SHOW_HELP 93 | 94 | ALL_ARGUMENTS_TO_PASS="${@}" 95 | BE_VERBOSE=0 96 | IS_DRY_RUN=0 97 | KERNEL="linux" 98 | SHOW_HELP=0 99 | 100 | #bo: load environment files 101 | set -a 102 | source "${PATH_TO_THE_DISTRIBUTION_ENVIRONMENT_FILE}" 103 | set +a 104 | if [[ -f "${PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE}" ]]; 105 | then 106 | set -a 107 | source "${PATH_TO_THE_OPTIONAL_ENVIRONMENT_FILE}" 108 | set +a 109 | fi 110 | #eo: load environment files 111 | 112 | #bo: user input 113 | while true; 114 | do 115 | case "${1}" in 116 | "-d" | "--dry-run" ) 117 | IS_DRY_RUN=1 118 | shift 1 119 | ;; 120 | "-h" | "--help" ) 121 | SHOW_HELP=1 122 | shift 1 123 | ;; 124 | "-k" | "--kernel" ) 125 | KERNEL="${2:linux}" 126 | shift 2 127 | ;; 128 | "-v" | "--verbose" ) 129 | BE_VERBOSE=1 130 | shift 1 131 | ;; 132 | * ) 133 | break 134 | ;; 135 | esac 136 | done 137 | #eo: user input 138 | 139 | #bo: help 140 | if [[ ${SHOW_HELP} -eq 1 ]]; 141 | then 142 | echo ":: Usage" 143 | echo " ${0} [-d|--dry-run] [-h|--help] [-k|--kernel >${BE_VERBOSE}<<." 158 | echo " IS_DRY_RUN >>${IS_DRY_RUN}<<." 159 | echo " KERNEL >>${KERNEL}<<." 160 | echo " SHOW_HELP >>${SHOW_HELP}<<." 161 | echo "" 162 | fi 163 | #eo: output used flags 164 | 165 | #bo: environment check 166 | if [[ ! -f "${PATH_TO_THE_ISO}" ]]; 167 | then 168 | echo ":: ERROR - File does not exist!" 169 | echo " File path >>${PATH_TO_THE_ISO}<< is invalid." 170 | 171 | exit 1 172 | fi 173 | 174 | if [[ ! -f "${PATH_TO_THE_ISO_SHA512}" ]]; 175 | then 176 | _echo_if_be_verbose " File >>${PATH_TO_THE_ISO_SHA512}<< not found. Creating it." 177 | sha512sum "${PATH_TO_THE_ISO}" >> "${PATH_TO_THE_ISO_SHA512}" 178 | fi 179 | #eo: environment check 180 | 181 | #bo: create latest build date file 182 | _create_latest_build_date "${PATH_TO_THE_ISO}" "${PATH_TO_THE_LATEST_BUILD_DATE}" 183 | #eo: create latest build date file 184 | 185 | #bo: upload 186 | _echo_if_be_verbose " Starting upload using following arguments:" 187 | _echo_if_be_verbose " Files: >>${PATH_TO_THE_LATEST_BUILD_DATE}<<, >>${PATH_TO_THE_ISO_SHA512}<< and >>${PATH_TO_THE_ISO}<<." 188 | _echo_if_be_verbose " Key: >>${PATH_TO_SSH_KEY_FILE}<<." 189 | _echo_if_be_verbose " Hostpath: >>${SCP_HOST_PATH}<<." 190 | 191 | if [[ ${IS_DRY_RUN} -eq 0 ]]; 192 | then 193 | if [[ ${BE_VERBOSE} -eq 1 ]]; 194 | then 195 | scp -v -i "${PATH_TO_SSH_KEY_FILE}" "${PATH_TO_THE_LATEST_BUILD_DATE}" "${PATH_TO_THE_ISO_SHA512}" "${PATH_TO_THE_ISO}" "${SCP_HOST_PATH}" 196 | else 197 | scp -i "${PATH_TO_SSH_KEY_FILE}" "${PATH_TO_THE_LATEST_BUILD_DATE}" "${PATH_TO_THE_ISO_SHA512}" "${PATH_TO_THE_ISO}" "${SCP_HOST_PATH}" 198 | fi 199 | fi 200 | #eo: upload 201 | } 202 | 203 | _main "${@}" 204 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Arch Linux Archiso builder with zfs support 2 | 3 | This repository contains a simple, free as in freedom, wrapper to automate the steps mentioned in the [arch linux wiki](https://wiki.archlinux.org) for the [zfs installation](https://wiki.archlinux.org/index.php/ZFS#Installation) and the [archios package installation](https://wiki.archlinux.org/index.php/Archiso#Installing_packages). 4 | 5 | The current changelog can be found [here](CHANGELOG.md). 6 | 7 | All you need to do is to execute the [build.sh](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/blob/master/build.sh). 8 | 9 | You can download a build iso to use [here](https://archzfs.leibelt.de/). 10 | 11 | All needed packages where installed automatically. The build script will output the path to the created iso file. 12 | 13 | At the end, you only need to dd the iso to your favorit usb drive, use [venotoy](https://www.ventoy.net) or burn it on an optical disk. 14 | 15 | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/badge)](https://securityscorecards.dev/viewer/?uri=github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs) 16 | 17 | ## Live enviroment 18 | 19 | This iso comes with some batteries included. 20 | 21 | * [archinstall](https://github.com/archlinux/archinstall) in `/root/software/archinstall` including a `start_archinstall.sh` 22 | * [arch-linux-configuration](https://github.com/stevleibelt/arch-linux-configuration) in `/root/software/arch-linux-configuration` 23 | * This repository has a [recover](https://github.com/stevleibelt/arch-linux-configuration/tree/master/scripts/zfs/recover) section to ease up fixing broken installations 24 | * [downgrade](https://github.com/pbrisbin/downgrade) to the image in the path `/root/software/downgrade` 25 | * This repository has a [downgrade](https://github.com/archlinux-downgrade/downgrade/tree/main/bin) executable to ease up downgrade a package 26 | * [general_howtos](https://github.com/stevleibelt/general_howtos) in `/root/document/general_howtos` 27 | * This repository has an [arch linux](https://github.com/stevleibelt/General_Howtos/tree/master/operation_system/linux/distribution/arch) knowledge section inside 28 | * This repository has a [unix](https://github.com/stevleibelt/General_Howtos/tree/master/operation_system/unix) knowledge section inside 29 | * This repository has a [zfs](https://github.com/stevleibelt/General_Howtos/tree/master/filesystem/zfs) knowledge section inside 30 | * And much more knowledge 31 | * Git 32 | * Vim 33 | 34 | ## Howto 35 | 36 | ### Build by using docker 37 | 38 | ```bash 39 | # run a build 40 | docker compose run --rm archlinux-container /app/build.sh 41 | 42 | # to debug the container 43 | # login and cd /app 44 | docker compose run --rm archlinux-container bash 45 | ``` 46 | 47 | ### Build by using podman 48 | 49 | ```bash 50 | # run a build 51 | # we need to run podman with privilige rights 52 | sudo podman compose run --rm archlinux-container /app/build.sh 53 | 54 | # to debug the container 55 | # login and cd /app 56 | sudo podman compose run --rm archlinux-container bash 57 | ``` 58 | 59 | ### Build by using your host 60 | 61 | #### Initial setup 62 | 63 | This must be done once. 64 | 65 | ```bash 66 | # ref: https://github.com/archzfs/archzfs/wiki#using-the-archzfs-repository 67 | sudo pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 68 | sudo pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 69 | ``` 70 | 71 | #### List of available scripts 72 | 73 | ```bash 74 | #### 75 | # Tired of repeating the same flags again and again? 76 | # 77 | # optional configuration file is supported and saves your keystrokes 78 | # cp .env.dist.dist .env 79 | # adapt file .env 80 | #### 81 | 82 | #### 83 | #build an iso 84 | #### 85 | #flags 86 | # -f|--force 87 | # -d|--dry-run 88 | # -h|--help 89 | # -r|--repo-index [] 90 | # if you just use -r, default of >>last<< is used 91 | # @see: https://archive.archlinux.org/repos/ 92 | # -u|--use-dkms 93 | # -v|--verbose 94 | # -z|--zfs-servers [] 95 | #### 96 | ./build.sh 97 | 98 | #test run an existing iso 99 | ./run_iso.sh [] 100 | 101 | #upload the iso 102 | ./upload_iso.sh [] 103 | ``` 104 | 105 | ### Run super-linter locally 106 | 107 | ```bash 108 | # ref: https://github.com/super-linter/super-linter#run-using-a-container-runtime-engine 109 | # assuming that . is the path to the local code base 110 | docker run -e LOG_LEVEL=DEBUG -e RUN_LOCAL=true -v .:/tmp/lint ghcr.io/super-linter/super-linter:latest 111 | ``` 112 | 113 | ## Possible issues 114 | 115 | Following issues are not reproducable on all my machines. 116 | 117 | ### Error: target not found: ipw2100-fw 118 | 119 | * This error happens when calling `build.sh` 120 | * [This](https://gitlab.archlinux.org/archlinux/archiso/-/commit/4d64a58a905403b3abfca5077dcd924ef7901ba7) commit seams to be the reason 121 | * [This](https://bbs.archlinux.org/viewtopic.php?id=279908) thread contins information 122 | * [This](https://forum.endeavouros.com/t/missing-aur-packages-ipw2100-fw-ipw2200-fw/32019) is a solution for endevour os 123 | 124 | ## Links 125 | 126 | * [Another archiso build script by Maurice Zhou: gitlab.com](https://gitlab.com/m_zhou/archiso) 127 | * [archiso documentation: archlinux.org](https://git.archlinux.org/archiso.git/tree/docs) 128 | * [archiso project page: archlinux.org](https://git.archlinux.org/archiso.git) 129 | * [archlinux-lts-zfs build by r-maerz: github.com](https://github.com/r-maerz/archlinux-lts-zfs) - 20241118 130 | * [archzfs archive containing each package ever build: archzfs.com](http://archzfs.com/archive_archzfs/) - 20240410 131 | * [Install UEFI and BIOS compatible Arch Linx with encrypted ZFS and ZFSBootMenu by Kayvlim: archlinux.org](https://wiki.archlinux.org/title/User:Kayvlim/Install_UEFI_and_BIOS_compatible_Arch_Linux_with_Encrypted_ZFS_and_ZFSBootMenu#Swap) - 20221108 132 | * [pacman wiki page: archlinux.org](https://wiki.archlinux.org/index.php/Pacman) 133 | * [OpenSSF Scorecard Report: securityscorecards.dev](https://securityscorecards.dev/viewer/?uri=github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs) - 20240408 134 | * [Ubuntu server zfsbootmenu: github.com](https://github.com/Sithuk/ubuntu-server-zfsbootmenu) - 20221108 135 | 136 | ## Contributers 137 | 138 | In alphabetically order. 139 | 140 | * [derzahla](https://github.com/derzahla) 141 | * Updated [sed repro index logic](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/pull/15) 142 | * [gardar](https://github.com/gardar) 143 | * Added [git workflows](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/pull/11) 144 | * [Kodiman](https://github.com/Kodiman) 145 | * Added information of the [Ubuntu server zfsbootmenu](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/issues/14) 146 | * [stevleibelt](https://github.com/stevleibelt) 147 | * Main Developer 148 | 149 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | All notable changes to this project will be documented in this file. 4 | 5 | The format is based on [Keep a changelog](http://keepachangelog.com/) 6 | and this project adheres to [Semantic Versioning](http://semver.org/). 7 | 8 | Changelogs can easily created with the following commands. 9 | ```bash 10 | # List all tags created by creation date 11 | git tag --sort=-creatordate 12 | 13 | TAG_CREATED_FROM="" 14 | git log ${TAG_CREATED_FROM}..HEAD | grep '^ ' | trim 15 | ``` 16 | 17 | ## Open 18 | 19 | ### To Add 20 | 21 | * Add support for running GitHub-Actions [locally](https://www.freecodecamp.org/news/how-to-run-github-actions-locally/) 22 | * Add support for [remove packages](https://wiki.archlinux.org/title/User:LenHuppe/ZFS_on_Archiso/) 23 | * Add usage for `kernel.archzfs.com` 24 | * [Link](https://end.re/blog/ebp036_archzfs-repo-for-kernels/) 25 | * [Source](https://github.com/archzfs/archzfs/issues/467#issuecomment-1332029677) 26 | * Add flag `-c|--cleanup` for `build.sh` 27 | 28 | ### To Change 29 | 30 | * Reduce the iso size since this is way about 2 GiB while the official image has a size of 1.1 GiB by checking: 31 | * Compare installed packages (mount/start official iso and run `pacman -Qq` and do the same on our build) 32 | * Check if we can remove HOOKS in `airootfs/etc/mkinitcpio.conf` 33 | * Check if official image also has that high amount of firmware 34 | * Check if lts image contains non-lts kernel by mistake 35 | * Check `releng/packages.x86_64` if we really need all in there 36 | * Apply [shellcheck](https://github.com/koalaman/shellcheck) to all scripts 37 | * Manipulate `dynamic_dat/releng/profiledef.sh` before running the iso build process 38 | * [issue/9](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/issues/9) 39 | * [official profiledef.sh documentation](https://gitlab.archlinux.org/archlinux/archiso/-/blob/master/docs/README.profile.rst) 40 | * [example of an manipulated file](https://github.com/HougeLangley/archzfs-iso/blob/master/profiledef.sh) 41 | * Things to change 42 | * `iso_name` 43 | * `iso_label` 44 | * `iso_publisher` 45 | * `iso_application` 46 | * `file_permissions` 47 | * own git repros in user home should have 775 48 | * Recheck GitHub actions using things like [this](https://github.com/ossf/education/pull/36/files) as an example 49 | * Validate if we can implement the "use older kernel" feature from [here](https://github.com/eoli3n/archiso-zfs/blob/master/init) to prevent failing builds when the archzfs package is not up to date to the latest linux kernel 50 | 51 | ## Unreleased 52 | 53 | ### Added in unreleased 54 | 55 | * Added arguments to [run the iso](run_iso.sh) script, check out `run_iso.sh` 56 | * Added environment variable `ISO_BOOT_TYPE` to prevent question about "uefi or bios" when try to [run the iso](run_iso.sh) 57 | * Added `last_build_date*.txt` to [gitignore](.gitignore) 58 | * Added `-z|--zfs-servers` as option to switch to experimental archzfs repository 59 | 60 | ### Changed in unreleased 61 | 62 | ## [3.2.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/3.2.0) - 20251104 63 | 64 | ### Added in 3.2.0 65 | 66 | * Add cleanup for all archlinux based images or containers filtered by label 67 | * Add cleanup of document and software to prevent git issus 68 | * Add filter for docker prune with until-two-weeks-ago 69 | * Add `last_build*` to .gitignore 70 | * Add podman option to readme 71 | * Add support for `.env*` files and -h|--help 72 | * Add support for building with podman instead of docker 73 | 74 | ### Changed in 3.2.0 75 | 76 | * Fix `creation_date_time` detection in `upload_iso` 77 | * Fix invalid longoption for dryrun 78 | * Fix missing then after if 79 | * Migrate to upload-artifact@v4 80 | * Replace invalid else with elif 81 | * Remove duplicated `_exist_if_string_is_empty` function 82 | * Update actions/checkout from v4 to v5 83 | 84 | ## [3.1.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/3.1.0) - 20250207 85 | 86 | ### Added in 3.1.0 87 | 88 | * Added automatic use docker if available in [build.sh](build.sh) 89 | * Added cleanup section in build process to reduce iso size 90 | * Added removal of `.git` directories for all "batteries included" scripts 91 | * Added usage of .env to [upload_iso](upload_iso.sh) 92 | 93 | ### Changed in 3.1.0 94 | 95 | * Updated build section 96 | * Fixed invalid user 97 | * Fixed issue that `linux-20*.iso` was not renamed correctly 98 | 99 | ## [3.0.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/3.0.0) - 20241118 100 | 101 | ### Added in 3.0.0 102 | 103 | * Added content of repository [bht](https://github.com/ezonakiusagi/bht) below `software` 104 | * Added `compose.yml` to be able to build iso inside a privileged docker container 105 | * Added links to openssf and badge 106 | * Added packages mailx, ksh and nmon 107 | * Added [SECURITY.md](SECURITY.md) 108 | * Added script `create_efibootmgr_entry.sh` to ease up fixing lost `ZFSBootMenu` entries 109 | * Added script `start_sshd.sh` 110 | * Added section in `.env` to add or to remove packages 111 | * Added support for `-l|--lts` as kernel in [upload_iso.sh](upload_iso.sh) 112 | 113 | ### Changed in 3.0.0 114 | 115 | * Changed default values for [replace_zfsbootmenu.sh](source/replace_zfsbootmenu.sh) 116 | * Default path for old ZBM is now `/mnt/efi...` 117 | * Default path for new ZBM is now basepath of the called script 118 | * Moved from build image `archlinux:latest` to `archlinux/archlinux:latest` to fix issues like [archinstal#2443](https://github.com/archlinux/archinstall/issues/2443) 119 | * Moved archzfs mirrorlist to dedicated file `/etc/pacman.d/archzfs` 120 | 121 | ### Breaking Changes in 3.0.0 122 | 123 | * Instead of different configuration files below `/configuration/`, there is now a unified `.env` file and a `.env.dist` 124 | * Migration should work by executing `cat configuration/*.sh > .env` 125 | 126 | ## [2.11.1](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.11.1) - 20231111 127 | 128 | ### Changed in 2.11.1 129 | 130 | * Fix invalid broken ZFSBootMenu EFI (Portable) downloadpath 131 | 132 | ## [2.11.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.11.0) - 20231111 133 | 134 | ### Added in 2.11.0 135 | 136 | * Added dedicated iso building workflows for 137 | * `lts_dkms` 138 | * `lts_no_dkms` 139 | * `no_lts_dkms` 140 | * `no_lts_no_dkms` 141 | * Added step to download latest zfsbootmenu.EFI file 142 | * Added script `replace_zfsbootmenu.sh` to ease up updating a system to the latest zfsbootmenu 143 | 144 | ### Changed in 2.11.0 145 | 146 | * Change default git workflow job to `linux-lts-dkms` 147 | 148 | ## [2.10.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.10.0) - 20230526 149 | 150 | ### Added in 2.10.0 151 | 152 | * Added build option to use git package for `zfs-dkms-git` or `zfs-linux-git` 153 | * Either use `USE_GIT_PACKAGE` in the configuration file 154 | * Or use `build.sh -g` 155 | 156 | ## [2.9.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.9.0) - 20230523 157 | 158 | ### Added in 2.9.0 159 | 160 | * Added automatically change of `iso_name` in profiledef.sh 161 | * Added support for `linux-lts` as done [here](https://wiki.archlinux.org/title/User:LenHuppe/ZFS_on_Archiso/), see [here](https://wiki.archlinux.org/title/Archiso#Kernel) 162 | * Usage: `build.sh -k 'linux-lts'` or `echo KERNEL='linux-lts' > configuration/build.sh` 163 | * Added check if dkms build failed in the `mkarchiso` call by grep'ing the logs - Workaround for [issue/18](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/issues/18) 164 | * Added logging to [build.sh](build.sh) into file `build.sh.log` 165 | * Added `set -e` on [build.sh](build.sh) 166 | * Added [arch-linux-cd-zfs-setup](https://github.com/stevleibelt/arch-linux-live-cd-zfs-setup) to the image path `root/software/arch-linux-live-cd-zfs-setup` - Mostly for debugging and the case when neither zfs-dkms nor zfs-linux is compatible with the current/latest linux kernel [e.g. see [here](https://github.com/archzfs/archzfs/issues/486)] 167 | * Added [scorecard](https://github.com/marketplace/actions/ossf-scorecard-action) GitHub action 168 | * Added explicit and dedicated function `_remove_file_path_or_exit` 169 | 170 | ### Changed in 2.9.0 171 | 172 | * Changed number of available iso file check from "greater 0" to "equal 1" 173 | * Changed place where `last_build_date.txt` is created, moved from [upload_iso.sh](upload_iso.sh) to [build.sh](build.sh) 174 | * Updated [upload_iso.sh](upload_iso.sh) to meet the [shellcheck](https://www.shellcheck.net/) 175 | * Updated workflow and added step that creates `configuration/build.sh` 176 | 177 | ## [2.8.1](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.8.1) - 20230129 178 | 179 | ### Changed in 2.8.1 180 | 181 | * Updated [sed repro index logic](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/pull/15) 182 | 183 | ## [2.8.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.8.0) - 20230129 184 | 185 | ### Added in 2.8.0 186 | 187 | * Added configuration option `ASK_TO_DUMP_ISO`, `ASK_TO_RUN_ISO` and `ASK_TO_UPLOAD_ISO` 188 | * Added git repository [arch-linux-configuration](https://github.com/stevleibelt/arch-linux-configuration) to the image in the path `/root/software/arch-linux-configuration` 189 | * Added git repository [downgrade](https://github.com/pbrisbin/downgrade) to the image in the path `/root/software/downgrade` 190 | * Added git repository [general_howtos](https://github.com/stevleibelt/general_howtos) to the image in path `/root/document/general_howtos` 191 | 192 | ### Changed in 2.8.0 193 | 194 | * Fixed not working [run_iso.sh](run_iso.sh) 195 | 196 | ## [2.7.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.7.0) - 20230111 197 | 198 | ### Added in 2.7.0 199 | 200 | * Added `touch` to update creation date of `last_build_date.txt` 201 | * Added `git` as mandatory package to ease up using [arch-linux-configuration](https://github.com/stevleibelt/arch-linux-configuration) 202 | * Added "possible errors" section in the readme 203 | * Added flag `-u|--use-dkms` to use `zfs-dkms` instead of `zfs-linux` 204 | 205 | ### Changed in 2.7.0 206 | 207 | * Changed some of the `_echo_if_be_verbose` calls by adding the variable name before outputing its content` 208 | * Added removal of `last_build_date.txt` if exists when `upload_iso.sh` is executed 209 | * Updated `source/pacman-init.service` 210 | * Moved from `qemu` to `qemu-full` 211 | 212 | ## [2.6.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.6.0) - 20220419 213 | 214 | ### Changed in 2.6.0 215 | 216 | * Fixed [issue/8](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/issues/8) 217 | 218 | ## [2.5.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.5.0) - 20220418 219 | 220 | ### Added in 2.5.0 221 | 222 | * Added `-d`, `-h` and `-v` to `upload_iso.sh` 223 | * Implemented code from [pull request/6](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/pull/6) with an additional flag "-r|--repo-index " 224 | * If you just provide `-r`, `week` is used 225 | * Added [configuration file](configuration/build.sh.dist) for build.sh 226 | * Added `-d|--dry-run` in `build.sh` 227 | 228 | ### Changed in 2.5.0 229 | 230 | * Remove usage of `BE_VERBOSE` in `configuration/upload_iso.sh` since this is superseeded by `-v` 231 | 232 | ## [2.4.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.4.0) - released at 20220330 233 | 234 | ### Added in 2.4.0 235 | 236 | * Added if `[[ ${?} -ne 0 ]];` for each fitting command call 237 | * Added [dump_iso.sh](dump_iso.sh) to dd a created iso 238 | * Added check if build was successful 239 | * The next steps where only executed if build was successful 240 | * Added output of flags when verbosity is enabled 241 | * Added way more output if run in verbose mode 242 | * Added addtional check in the step after bulding the iso to validate that an iso was build 243 | * Added doc block to each function 244 | * Added argument check in each function 245 | 246 | ### Changed in 2.4.0 247 | 248 | * Fixed an issue if script is not calld as root 249 | * Previous to this fix, all arguments where lost (like `-f`) 250 | * Centralized code by creating `_create_directory_of_exit` an `_remove_path_or_exit` 251 | 252 | ## [2.3.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.3.0) - released at 20220328 253 | 254 | ### Added 2.3.0 255 | 256 | * Added flag `-h | --help` 257 | * Added flag `-f | --force` 258 | * Added flag `-v | --verbose` 259 | 260 | ## [2.2.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.2.0) - released at 20220320 261 | 262 | ### Added 2.2.0 263 | 264 | * added the `auto_elevate_if_not_called_from_root` from [build.sh](build.sh) in [run_iso.sh](run_iso.sh) 265 | * added [upload_iso.sh](upload_iso.sh) 266 | * if not available, it creates a local configuration file in [configuration](configuration) 267 | * if user says yes, this is executed after a successful [build.sh](build.sh) 268 | * created [archzfs.stevleibelt.de](https://archzfs.leibelt.de/) 269 | 270 | ### Changed in 2.2.0 271 | 272 | * Aligned release date 273 | * Fixed link in release 2.1.0 274 | 275 | ## [2.1.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.1.0) - released at 20220319 276 | 277 | ### Added in 2.1.0 278 | 279 | * added a [CHANGELOG.md](CHANGELOG.md) 280 | * added list of contributers 281 | 282 | ### Changed in 2.1.0 283 | 284 | * replaced current handlig of "exit if not executed from root" with "restart script by using sudo if not executed from root" - thanks to [gardar](https://github.com/gardar) 285 | 286 | ## [2.0.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/2.0.0) - released at 20220207 287 | 288 | ### Added in 2.0.0 289 | 290 | * added support to run an existing iso 291 | * added usage of pacman-init.service including check of expected content 292 | * added output if iso building is not successful 293 | 294 | ### Changed in 2.0.0 295 | 296 | * major rework of internal code - adapted to archiso changes 297 | * all code is now running into dedicated functions 298 | * aligned output 299 | * moveing the existing iso to $somewhere 300 | * fixed issue with not enough access when generating the checksum files 301 | 302 | ## [1.3.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/1.3.0) - released at 20160823 303 | 304 | ### Changed in 1.3.0 305 | 306 | * implemented user input to select fitting archzfs-linux repository 307 | 308 | ## [1.2.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/1.2.0) - released at 20160706 309 | 310 | ### Added in 1.2.0 311 | 312 | * added automatically renaming each created iso file to archlinux.iso 313 | * added automatically md5sum and sha1sum file creation of created archlinux.iso 314 | 315 | ## [1.1.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/1.1.0) - released at 20160514 316 | 317 | ### Added in 1.1.0 318 | 319 | * added [README.md](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/blob/master/README.md) 320 | 321 | ### Changed in 1.1.0 322 | 323 | * renamed "build" directory to "dynamic_data" to ease up execution of "build.sh" 324 | 325 | ## [1.0.0](https://github.com/stevleibelt/arch-linux-live-cd-iso-with-zfs/tree/1.0.0) - released at 20160512 326 | 327 | ### Added in 1.0.0 328 | 329 | * initial commit 330 | -------------------------------------------------------------------------------- /bin/installation.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #### 3 | # Automated installation of zfs for your arch linux 4 | # I am not the smart guy inventing this. I am just someone glueing things togehter. 5 | #### 6 | # @todo 7 | # Move question into seperate configuration 8 | # @see 9 | # https://github.com/eoli3n/archiso-zfs 10 | # https://github.com/eoli3n/arch-config 11 | # https://github.com/picodotdev/alis 12 | # https://github.com/MatMoul/archfi/blob/master/archfi 13 | # https://get.zfsbootmenu.org/ 14 | # @since 20220625T19:25:20 15 | # @author stev leibelt 16 | #### 17 | 18 | #bo: configuration 19 | function _run_configuration () 20 | { 21 | local DEVICE_PATH 22 | local HOSTNAME_PATH 23 | local LANGUAGE_PATH 24 | local LOCAL_PATH 25 | local TIMEZONE_PATH 26 | local USERNAME_PATH 27 | local ZPOOLDATASET_PATH 28 | local ZPOOLNAME_PATH 29 | 30 | DEVICE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/device" 31 | HOSTNAME_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/hostname" 32 | LANGUAGE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/language" 33 | LOCAL_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/local" 34 | TIMEZONE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/timezone" 35 | USERNAME_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/username" 36 | ZPOOLDATASET_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/zpooldataset" 37 | ZPOOLNAME_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/zpoolname" 38 | 39 | mkdir "${PATH_TO_THE_CONFIGURATION_DIRECTORY}" 40 | 41 | mkdir "${PATH_TO_THE_CONFIGURATION_DIRECTORY}" 42 | 43 | _ask "Please input your prefered language (default is >>de<<)" 44 | if [[ ${#REPLY} -ne 2 ]]; 45 | then 46 | REPLY="de" 47 | fi 48 | echo "${REPLY}" > "${LANGUAGE_PATH}" 49 | 50 | _ask "Please insert locales (default is >>de_DE.UTF-8<<)" 51 | if [[ ${#REPLY} -ne 11 ]]; 52 | then 53 | REPLY="de_DE.UTF-8" 54 | fi 55 | echo "${REPLY}" > "${LOCAL_PATH}" 56 | 57 | _ask "Please input your prefered timezone (default is >>Europe/Berlin<<)" 58 | if [[ ${#REPLY} -eq 0 ]]; 59 | then 60 | REPLY="Europe/Berlin" 61 | fi 62 | echo "${REPLY}" > "${TIMEZONE_PATH}" 63 | 64 | _ask "Please insert your username: " 65 | echo "${REPLY}" > "${USERNAME_PATH}" 66 | 67 | #ask user what device he want to use, remove all entries with "-part" to prevent listing partitions 68 | echo ":: Please select a device where we want to install it." 69 | 70 | select USER_SELECTED_ENTRY in $(ls /dev/disk/by-id/ | grep -v "\-part"); 71 | do 72 | USER_SELECTED_DEVICE="/dev/disk/by-id/${USER_SELECTED_ENTRY}" 73 | #store the selection 74 | echo "${USER_SELECTED_DEVICE}" > "${DEVICE_PATH}" 75 | break 76 | done 77 | 78 | _ask "Do you want to add a four character random string to the end of >>zpool< "${ZPOOLNAME_PATH}" 93 | 94 | _ask "Name of the root dataset below >>${ZPOOL_NAME}/ROOT<< (default is tank)? " 95 | 96 | local ZPOOL_DATASET 97 | 98 | ZPOOL_DATASET="${ZPOOL_NAME}/ROOT/${REPLY:-tank}" 99 | 100 | echo "${ZPOOL_DATASET}" > "${ZPOOLDATASET_PATH}" 101 | 102 | _ask "Please insert hostname: " 103 | echo "${REPLY}" > "${HOSTNAME_PATH}" 104 | } 105 | 106 | #### 107 | # @param 108 | # device 109 | # hostname 110 | # language 111 | # timezone 112 | # username 113 | # zpooldataset 114 | # zpoolname 115 | #### 116 | function _get_from_configuration () 117 | { 118 | local CONFIGURATION_FILE_PATH 119 | 120 | case ${1} in 121 | "device") 122 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/device" 123 | ;; 124 | "hostname") 125 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/hostname" 126 | ;; 127 | "language") 128 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/language" 129 | ;; 130 | "local") 131 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/local" 132 | ;; 133 | "timezone") 134 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/timezone" 135 | ;; 136 | "username") 137 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/username" 138 | ;; 139 | "zpooldataset") 140 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/zpooldataset" 141 | ;; 142 | "zpoolname") 143 | CONFIGURATION_FILE_PATH="${PATH_TO_THE_CONFIGURATION_DIRECTORY}/zpoolname" 144 | ;; 145 | *) 146 | CONFIGURATION_FILE_PATH=${RANDOM} 147 | ;; 148 | esac 149 | 150 | if [[ -f ${CONFIGURATION_FILE_PATH} ]]; 151 | then 152 | cat "${CONFIGURATION_FILE_PATH}" 153 | else 154 | echo ":: Invalid configuration section >>${1}<< selected." 155 | 156 | ext 1 157 | fi 158 | } 159 | #eo: configuration 160 | 161 | #bo: preparation 162 | function _prepare_environment () 163 | { 164 | local LANGUAGE 165 | local TIMEZONE 166 | 167 | if grep -q "arch.*iso" /proc/cmdline; 168 | then 169 | _echo_if_be_verbose ":: This is an arch.*iso." 170 | else 171 | echo ":: Looks like we are not in an >>arch*.iso<< environment." 172 | 173 | exit 1 174 | fi 175 | 176 | if [[ -d /sys/firmware/efi/efivars ]]; 177 | then 178 | _echo_if_be_verbose ":: UEFI is available." 179 | else 180 | echo ":: Looks like there is no uefi available." 181 | echo " Sad thing, uefi is required." 182 | 183 | exit 2 184 | fi 185 | 186 | if ping archlinux.org -c 1 >/dev/null; 187 | then 188 | _echo_if_be_verbose ":: We are online." 189 | else 190 | echo ":: Looks like we are offline." 191 | echo " Could not ping >>archlinux.org<<." 192 | 193 | exit 3 194 | fi 195 | 196 | if lsmod | grep -q zfs; 197 | then 198 | _echo_if_be_verbose ":: Module zfs is loaded." 199 | else 200 | echo ":: Looks like zfs module is not loaded." 201 | 202 | exit 4 203 | fi 204 | 205 | LANGUAGE=$(_get_from_configuration "language") 206 | _echo_if_be_verbose " Loading keyboad >>${LANGUAGE}<<." 207 | loadkeys "${LANGUAGE}" 208 | 209 | #bo: time 210 | TIMEZONE=$(_get_from_configuration "timezone") 211 | _echo_if_be_verbose " Setting timezone >>${TIMEZONE}<<." 212 | timedatectl set-timezone ${REPLY} 213 | 214 | timedatectl set-ntp true 215 | #eo: time 216 | 217 | _echo_if_be_verbose ":: Increasing cowspace to half of the RAM." 218 | 219 | #usefull to install more 220 | mount -o remount,size=50% /run/archiso/cowspace 221 | } 222 | 223 | function _initialize_archzfs () 224 | { 225 | if pacman -Sl archzfs >/dev/null 2>&1; 226 | then 227 | _echo_if_be_verbose ":: Archzfs repository already added." 228 | 229 | return 230 | fi 231 | 232 | _echo_if_be_verbose ":: Adding archzfs to the repository." 233 | _confirm_every_step 234 | 235 | #adding key 236 | pacman -Syy archlinux-keyring --noconfirm &>/dev/null 237 | pacman-key --populate archlinux &>/dev/null 238 | pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76 239 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 240 | 241 | #creating mirrorlist 242 | cat >> /etc/pacman.d/archzfs <<"DELIM" 243 | Server = http://archzfs.com/archzfs/x86_64 244 | Server = http://mirror.sum7.eu/archlinux/archzfs/archzfs/x86_64 245 | Server = https://mirror.biocrafting.net/archlinux/archzfs/archzfs/x86_64 246 | DELIM 247 | 248 | #adding repository 249 | cat >> /etc/pacman.conf <<"DELIM" 250 | [archzfs] 251 | Include = /etc/pacman.d/archzfs 252 | DELIM 253 | 254 | #updating packages 255 | pacman -Sy &>/dev/null 256 | 257 | #@see https://github.com/eoli3n/archiso-zfs/blob/master/init#L46 258 | #maybe add a flag like >>--archive-version="2022/02/01"<< 259 | } 260 | #eo: preparation 261 | 262 | #bo: configuration 263 | function _setup_zfs_passphrase () 264 | { 265 | read -r -p "> Please insert your zfs passphrase: " -s USER_INPUT_PASSPHRASE 266 | echo "" #needed since read does not output \n 267 | 268 | echo "${USER_INPUT_PASSPHRASE}" > /etc/zfs/zroot.key 269 | chmod 000 /etc/zfs/zroot.key 270 | } 271 | 272 | function _wipe_device () 273 | { 274 | local DEVICE_PATH 275 | 276 | DEVICE_PATH=$(_get_from_configuration "device") 277 | 278 | _ask "Do you want to wipe the device >>${DEVICE_PATH}<>${DEVICE_PATH}<<.." 283 | dd if=/dev/zero of="${DEVICE_PATH}" bs=512 count=1 284 | 285 | _echo_if_be_verbose ":: wipefs >>${DEVICE_PATH}<<." 286 | wipefs -af "${DEVICE_PATH}" 287 | 288 | _echo_if_be_verbose ":: sgdisk >>${DEVICE_PATH}<<." 289 | sgdisk -Zo "${DEVICE_PATH}" 290 | else 291 | echo ":: No wipe, no progress." 292 | echo " Will exit now." 293 | 294 | exit 0 295 | fi 296 | } 297 | 298 | function _partition_device () 299 | { 300 | local DEVICE_PATH= 301 | local EFI_PARTITION 302 | 303 | DEVICE_PATH=$(_get_from_configuration "device") 304 | 305 | _echo_if_be_verbose ":: Creating EFI partition." 306 | sgdisk -n1:1M:+512M -t1:EF00 "${DEVICE_PATH}" 307 | EFI_PARTITION="${DEVICE_PATH}-part1" 308 | 309 | _echo_if_be_verbose ":: Creating ZFS partition." 310 | sgdisk -n3:0:0 -t3:bf01 "${DEVICE_PATH}" 311 | 312 | _echo_if_be_verbose ":: Informing kernel about partition changes." 313 | partprobe "${DEVICE_PATH}" 314 | 315 | _echo_if_be_verbose ":: Formating EFI partition." 316 | sleep 1 #needed to fix a possible issue that partprobe is not done yet 317 | mkfs.vfat "${EFI_PARTITION}" 318 | } 319 | 320 | function _setup_zpool_and_dataset () 321 | { 322 | local EFI_PARTITION 323 | local DEVICE_PATH 324 | local ZFS_PARTITION 325 | local ZPOOL_NAME 326 | local ZPOOL_DATASET 327 | 328 | DEVICE_PATH=$(_get_from_configuration "device") 329 | ZPOOL_NAME=$(_get_from_configuration "zpoolname") 330 | ZPOOL_DATASET=$(_get_from_configuration "zpooldataset") 331 | 332 | local EFI_PARTITION="${DEVICE_PATH}-part1" 333 | local ZFS_PARTITION="${DEVICE_PATH}-part3" 334 | 335 | _echo_if_be_verbose ":: Using device partition >>${ZFS_PARTITION}<<" 336 | _echo_if_be_verbose " Creating zfs pool on device path >>${ZFS_PARTITION}<<." 337 | 338 | if [[ ! -h "${EFI_PARTITION}" ]]; 339 | then 340 | echo ":: Expected device link >>${EFI_PARTITION}<< does not exist." 341 | 342 | exit 1 343 | fi 344 | 345 | if [[ ! -h "${ZFS_PARTITION}" ]]; 346 | then 347 | echo ":: Expected device link >>${ZFS_PARTITION}<< does not exist." 348 | 349 | exit 2 350 | fi 351 | 352 | if [[ ! -f /etc/zfs/zroot.key ]]; 353 | then 354 | echo ":: Expected file >>/etc/zfs/zroot.key<< does not exist." 355 | 356 | exit 3 357 | fi 358 | 359 | zpool create -f -o ashift=12 \ 360 | -o autotrim=on \ 361 | -O acltype=posixacl \ 362 | -O compression=zstd \ 363 | -O relatime=on \ 364 | -O xattr=sa \ 365 | -O dnodesize=legacy \ 366 | -O encryption=aes-256-gcm \ 367 | -O keyformat=passphrase \ 368 | -O keylocation=file:///etc/zfs/zroot.key \ 369 | -O normalization=formD \ 370 | -O mountpoint=none \ 371 | -O canmount=off \ 372 | -O devices=off \ 373 | -R /mnt \ 374 | "${ZPOOL_NAME}" "${ZFS_PARTITION}" 375 | 376 | _confirm_every_step 377 | 378 | #bo: create pool 379 | _echo_if_be_verbose ":: Creating root dataset" 380 | zfs create -o mountpoint=none "${ZPOOL_NAME}/ROOT" 381 | 382 | _echo_if_be_verbose ":: Set the commandline" 383 | zfs set org.zfsbootmenu:commandline="ro quiet" "${ZPOOL_NAME}/ROOT" 384 | #eo: create pool 385 | 386 | #bo: create system dataset 387 | _echo_if_be_verbose ":: Creating root dataset >>${ZPOOL_DATASET}<<" 388 | zfs create -o mountpoint=/ -o canmount=noauto "${ZPOOL_DATASET}" 389 | 390 | _echo_if_be_verbose ":: Creating zfs hostid" 391 | zgenhostid 392 | 393 | _echo_if_be_verbose ":: Configuring bootfs" 394 | zpool set bootfs="${ZPOOL_DATASET}" "${ZPOOL_NAME}" 395 | 396 | _echo_if_be_verbose ":: Manually mounting dataset" 397 | zfs mount "${ZPOOL_DATASET}" 398 | _confirm_every_step 399 | #eo: create system dataset 400 | 401 | #bo: create home dataset 402 | _echo_if_be_verbose ":: Creating home dataset" 403 | zfs create -o mountpoint=/ -o canmount=off "${ZPOOL_NAME}/data" 404 | zfs create "${ZPOOL_NAME}/data/home" 405 | _confirm_every_step 406 | #eo: create home dataset 407 | 408 | #bo: pool reload 409 | _echo_if_be_verbose ":: Export pool" 410 | zpool export "${ZPOOL_NAME}" 411 | 412 | _echo_if_be_verbose ":: Import pool" 413 | zpool import -d /dev/disk/by-id -R /mnt "${ZPOOL_NAME}" -N -f 414 | zfs load-key "${ZPOOL_NAME}" 415 | _confirm_every_step 416 | #eo: pool reload 417 | 418 | #bo: mount system 419 | _echo_if_be_verbose ":: Mounting system dataset" 420 | zfs mount "${ZPOOL_DATASET}" 421 | ##mounting the rest 422 | zfs mount -a 423 | 424 | _echo_if_be_verbose ":: Mounting EFI partition >>${EFI_PARTITION}<<" 425 | mkdir -p /mnt/efi 426 | mount "${EFI_PARTITION}" /mnt/efi 427 | _confirm_every_step 428 | #eo: mount system 429 | 430 | #bo: copy zfs cache 431 | _echo_if_be_verbose ":: Copy zpool cache" 432 | mkdir -p /mnt/etc/zfs 433 | zpool set cachefile=/etc/zfs/zpool.cache "${ZPOOL_NAME}" 434 | _confirm_every_step 435 | #eo: copy zfs cache 436 | } 437 | #eo: configuration 438 | 439 | #bo: general 440 | #### 441 | # @param 442 | #### 443 | function _ask () 444 | { 445 | read -p ">> ${1}: " -r 446 | echo 447 | } 448 | 449 | function _confirm_every_step () 450 | { 451 | if [[ ${CONFIRM_EVERY_STEP} -eq 1 ]]; 452 | then 453 | read -p "Press enter to continue" 454 | fi 455 | } 456 | 457 | #### 458 | # @param 459 | #### 460 | function _echo_if_be_verbose () 461 | { 462 | if [[ ${BE_VERBOSE} -gt 0 ]]; 463 | then 464 | echo "${1}" 465 | fi 466 | } 467 | 468 | function _main () 469 | { 470 | #bo: variables 471 | local AVAILABLE_STEPS 472 | local BE_VERBOSE 473 | local CURRENT_RUNNING_KERNEL_VERSION 474 | local CURRENT_STEP 475 | local CURRENT_WORKING_DIRECTORY 476 | local CONFIRM_EVERY_STEP 477 | local IS_DRY_RUN 478 | local PATH_TO_THE_CONFIGURATION_DIRECTORY 479 | local PATH_TO_THIS_SCRIPT 480 | local SELECTED_STEP 481 | local SHOW_HELP 482 | local ZPOOL_NAME 483 | 484 | AVAILABLE_STEPS=8 485 | CURRENT_WORKING_DIRECTORY=$(pwd) 486 | PATH_TO_THE_CONFIGURATION_DIRECTORY="/tmp/_configuration" 487 | PATH_TO_THIS_SCRIPT=$(cd "$(dirname "${0}")" || exit; pwd) 488 | CURRENT_RUNNING_KERNEL_VERSION=$(uname -r) 489 | #eo: variables 490 | 491 | #bo: user input 492 | BE_VERBOSE=0 493 | SELECTED_STEP=0 494 | CONFIRM_EVERY_STEP=0 495 | IS_DRY_RUN=0 496 | SHOW_HELP=0 497 | 498 | while true; 499 | do 500 | case "${1}" in 501 | "-d" | "--dry-run" ) 502 | IS_DRY_RUN=1 503 | ;; 504 | "-c" | "--confirm" ) 505 | CONFIRM_EVERY_STEP=1 506 | shift 1 507 | ;; 508 | "-h" | "--help" ) 509 | SHOW_HELP=1 510 | shift 1 511 | ;; 512 | "-s" | "--step" ) 513 | SELECTED_STEP="${2}" 514 | shift 2 515 | ;; 516 | "-v" | "--verbose" ) 517 | set +x 518 | exec &> >(tee "debug.log") 519 | echo ":: >>debug.log<< is filled with data" 520 | BE_VERBOSE=1 521 | shift 1 522 | ;; 523 | * ) 524 | break 525 | ;; 526 | esac 527 | done 528 | #eo: user input 529 | 530 | #bo: verbose output 531 | if [[ ${BE_VERBOSE} -eq 1 ]]; 532 | then 533 | echo ":: Dumping variables" 534 | echo " BE_VERBOSE: >>${BE_VERBOSE}<<." 535 | echo " CONFIRM_EVERY_STEP: >>${CONFIRM_EVERY_STEP}<<." 536 | echo " CURRENT_RUNNING_KERNEL_VERSION: >>${CURRENT_RUNNING_KERNEL_VERSION}<<." 537 | echo " CURRENT_WORKING_DIRECTORY: >>${CURRENT_WORKING_DIRECTORY}<<." 538 | echo " IS_DRY_RUN: >>${IS_DRY_RUN}<<." 539 | echo " PATH_TO_THIS_SCRIPT: >>${PATH_TO_THIS_SCRIPT}<<." 540 | echo " PROJECT_ROOT_PATH: >>${PROJECT_ROOT_PATH}<<." 541 | echo " SELECTED_STEP: >>${SELECTED_STEP}<< from >>${AVAILABLE_STEPS}<<." 542 | echo "" 543 | fi 544 | #eo: verbose output 545 | 546 | #bo: help 547 | if [[ ${SHOW_HELP} -eq 1 ]]; 548 | then 549 | echo ":: Usage" 550 | echo " ${0} [-c|--confirm] [-d|--dry-run] [-h|--help] [-s|--step ] [-v|--verbose]" 551 | 552 | exit 0 553 | fi 554 | #eo: help 555 | 556 | #bo: configuration 557 | if [[ ! -d "${PATH_TO_THE_CONFIGURATION_DIRECTORY}" ]]; 558 | then 559 | _run_configuration 560 | fi 561 | #eo: configuration 562 | 563 | #bo: preparation 564 | CURRENT_STEP=1 565 | 566 | if [[ ${SELECTED_STEP} -eq 0 ]] || [[ ${SELECTED_STEP} -eq ${CURRENT_STEP} ]]; 567 | then 568 | _echo_if_be_verbose ":: bo step ${CURRENT_STEP} - preperation" 569 | 570 | _prepare_environment 571 | _confirm_every_step 572 | 573 | _initialize_archzfs 574 | _confirm_every_step 575 | 576 | _echo_if_be_verbose ":: eo step ${CURRENT_STEP} - preperation" 577 | fi 578 | 579 | #@see https://github.com/eoli3n/archiso-zfs/blob/master/init#L157 580 | #I guess we don't need it since we are running an archzfs 581 | #eo: preparation 582 | 583 | #bo: configuration 584 | CURRENT_STEP=2 585 | 586 | if [[ ${SELECTED_STEP} -eq 0 ]] || [[ ${SELECTED_STEP} -eq ${CURRENT_STEP} ]]; 587 | then 588 | _echo_if_be_verbose ":: bo step ${CURRENT_STEP} - device setup" 589 | 590 | _select_device 591 | _setup_zfs_passphrase 592 | _confirm_every_step 593 | 594 | _wipe_device 595 | _partition_device 596 | _setup_zpool_and_dataset 597 | _confirm_every_step 598 | 599 | _echo_if_be_verbose ":: Sorting mirrors" 600 | systemctl start reflector 601 | 602 | _echo_if_be_verbose ":: eo step ${CURRENT_STEP} - device setup" 603 | fi 604 | #eo: configuration 605 | 606 | #bo: installation 607 | CURRENT_STEP=3 608 | 609 | if [[ ${SELECTED_STEP} -eq 0 ]] || [[ ${SELECTED_STEP} -eq ${CURRENT_STEP} ]]; 610 | then 611 | _echo_if_be_verbose ":: bo step${CURRENT_STEP} - Install base system" 612 | #@todo: ask for a list or let the user provide a list of tools 613 | pacstrap /mnt \ 614 | base \ 615 | base-devel \ 616 | linux \ 617 | linux-headers \ 618 | linux-firmware \ 619 | efibootmgr \ 620 | vim \ 621 | git \ 622 | networkmanager 623 | 624 | _confirm_every_step 625 | 626 | ZPOOL_NAME=$(_get_from_configuration "zpoolname") 627 | 628 | _echo_if_be_verbose " Generate fstab excluding zfs entries" 629 | genfstab -U /mnt | grep -v "${ZPOOL_NAME}" | tr -s '\n' | sed 's/\/mnt//' > /mnt/etc/fstab 630 | 631 | _echo_if_be_verbose ":: eo step${CURRENT_STEP} - Install base system" 632 | fi 633 | 634 | CURRENT_STEP=4 635 | 636 | if [[ ${SELECTED_STEP} -eq 0 ]] || [[ ${SELECTED_STEP} -eq ${CURRENT_STEP} ]]; 637 | then 638 | _echo_if_be_verbose ":: bo step ${CURRENT_STEP} - Configure base system" 639 | 640 | local USER_INPUT_LANGUAGE 641 | local USER_INPUT_LOCAL 642 | local USER_INPUT_TIMEZONE 643 | local USER_HOSTNAME 644 | 645 | USER_INPUT_LANGUAGE=$(_get_from_configuration "language") 646 | USER_INPUT_LOCAL=$(_get_from_configuration "local") 647 | USER_INPUT_TIMEZONE=$(_get_from_configuration "timezone") 648 | USER_HOSTNAME=$(_get_from_configuration "hostname") 649 | 650 | echo "${USER_HOSTNAME}" > /mnt/etc/hostname 651 | 652 | _echo_if_be_verbose ":: Configuring /etc/hosts" 653 | 654 | cat > /mnt/etc/hosts < 656 | 127.0.0.1 localhost ${USER_HOSTNAME} 657 | ::1 localhost ${USER_HOSTNAME} 658 | DELIM 659 | 660 | echo "KEYMAP=${USER_INPUT_LANGUAGE}" > /mnt/etc/vconsole.conf 661 | sed -i "s/#\(${USER_INPUT_LOCAL}\)/\1/" /mnt/etc/locale.gen 662 | echo "LANG=\"${USER_INPUT_LOCAL}\"" > /mnt/etc/locale.conf 663 | 664 | _echo_if_be_verbose ":: eo step ${CURRENT_STEP} - Configure base system" 665 | 666 | _confirm_every_step 667 | fi 668 | 669 | CURRENT_STEP=5 670 | 671 | if [[ ${SELECTED_STEP} -eq 0 ]] || [[ ${SELECTED_STEP} -eq ${CURRENT_STEP} ]]; 672 | then 673 | _echo_if_be_verbose ":: bo step ${CURRENT_STEP} - Setup zfs" 674 | local USER_NAME 675 | 676 | USER_NAME=$(_get_from_configuration "username") 677 | 678 | _echo_if_be_verbose " Preparing initramfs" 679 | cat > /mnt/etc/mkinitcpio.conf <> /etc/pacman.d/archzfs <<"EOSF" 710 | Server = http://archzfs.com/archzfs/x86_64 711 | Server = http://mirror.sum7.eu/archlinux/archzfs/archzfs/x86_64 712 | Server = https://mirror.biocrafting.net/archlinux/archzfs/archzfs/x86_64 713 | EOSF 714 | 715 | cat >> /etc/pacman.conf <<"EOSF" 716 | [archzfs] 717 | Include = /etc/pacman.d/archzfs 718 | EOSF 719 | pacman -Syu --noconfirm zfs-utils 720 | 721 | #synchronize clock 722 | hwclock --systohc 723 | 724 | #set date 725 | timedatectl set-ntp true 726 | 727 | #@todo: fetch from previous 728 | timedatectl set-timezone ${USER_INPUT_TIMEZONE} 729 | 730 | #generate locale 731 | locale-gen 732 | source /etc/locale.conf 733 | 734 | #generate initramfs 735 | mkinitcpio -P 736 | 737 | #install zfsbootmenu and dependencies 738 | #maybe use a prebuild instead? 739 | #@see: https://get.zfsbootmenu.org/ 740 | 741 | #bo: from the arch wiki 742 | #@see: https://wiki.archlinux.org/title/Install_Arch_Linux_on_ZFS#Using_ZFSBootMenu_for_UEFI 743 | # /boot must be on the root filesystem 744 | # mount your esp 745 | # 746 | ##bo: generate image 747 | # pacman -S zfsbootmenu (aur) and efibootmgr 748 | # configure /etc/zfsbootmenu/config.yaml 749 | # generate zfsbootmenu image 750 | # generate-zbm 751 | # configure zfs boot commandline arguments 752 | # zfs set org.zfsbootmenu:commandline="rw" zroot/ROOT 753 | # add zfsbootmenu entry to efi boot manager 754 | # # efibootmgr -c -d your_esp_disk -p your_esp_partition_number -L "ZFSBootMenu" -l '\EFI\zbm\vmlinuz-linux.EFI' 755 | ##eo: generate image 756 | ##bo: use binary 757 | # pacman -S zfsbootmenu-efi-bin (aur) and efibootmgr 758 | # configure zfs boot commandline arguments 759 | # zfs set org.zfsbootmenu:commandline="rw" zroot/ROOT 760 | # add zfsbootmenu entry to efi boot manager 761 | # # efibootmgr -c -d your_esp_disk -p your_esp_partition_number -L "ZFSBootMenu" -l '\EFI\zbm\zfsbootmenu-release-vmlinuz-x86_64.EFI' 762 | ##eo: use binary 763 | #eo: from the arch wiki 764 | 765 | git clone --depth=1 https://github.com/zbm-dev/zfsbootmenu/ /tmp/zfsbootmenu 766 | pacman -S cpanminus kexec-tools fzf util-linux --noconfirm 767 | cd /tmp/zfsbootmenu 768 | make 769 | make install 770 | cpanm --notest --installdeps . 771 | 772 | #create user 773 | useradd -m ${USER_NAME} 774 | DELIM 775 | _confirm_every_step 776 | 777 | echo " Setting password of >>root<<" 778 | arch-chroot /mnt /bin/passwd 779 | 780 | echo " Setting password of >>${USER_NAME}<<" 781 | arch-chroot /mnt /bin/passwd "${USER_NAME}" 782 | 783 | _confirm_every_step 784 | 785 | _echo_if_be_verbose " Configuring sudo" 786 | cat > /mnt/etc/sudoers < /mnt/etc/zfs/zfs-list.cache/${ZPOOL_NAME} 818 | systemctl enable zfs-zed.service --root=/mnt 819 | 820 | _confirm_every_step 821 | 822 | _echo_if_be_verbose ":: eo step ${CURRENT_STEP} - Configure zfs" 823 | fi 824 | 825 | CURRENT_STEP=7 826 | 827 | if [[ ${SELECTED_STEP} -eq 0 ]] || [[ ${SELECTED_STEP} -eq ${CURRENT_STEP} ]]; 828 | then 829 | _echo_if_be_verbose ":: bo step ${CURRENT_STEP} - Configure and setup zfsbootmenu" 830 | 831 | _echo_if_be_verbose " Configure zfsbootmenu" 832 | mkdir -p /mnt/efi/EFI/ZBM 833 | 834 | _echo_if_be_verbose " Generate zfsbootmenu efi" 835 | #@see https://github.com/zbm-dev/zfsbootmenu/blob/master/etc/zfsbootmenu/mkinitcpio.conf 836 | cat > /mnt/etc/zfsbootmenu/mkinitcpio.conf < /mnt/etc/zfsbootmenu/config.yaml < 5 | Everyone is permitted to copy and distribute verbatim copies 6 | of this license document, but changing it is not allowed. 7 | 8 | Preamble 9 | 10 | The GNU General Public License is a free, copyleft license for 11 | software and other kinds of works. 12 | 13 | The licenses for most software and other practical works are designed 14 | to take away your freedom to share and change the works. By contrast, 15 | the GNU General Public License is intended to guarantee your freedom to 16 | share and change all versions of a program--to make sure it remains free 17 | software for all its users. We, the Free Software Foundation, use the 18 | GNU General Public License for most of our software; it applies also to 19 | any other work released this way by its authors. You can apply it to 20 | your programs, too. 21 | 22 | When we speak of free software, we are referring to freedom, not 23 | price. Our General Public Licenses are designed to make sure that you 24 | have the freedom to distribute copies of free software (and charge for 25 | them if you wish), that you receive source code or can get it if you 26 | want it, that you can change the software or use pieces of it in new 27 | free programs, and that you know you can do these things. 28 | 29 | To protect your rights, we need to prevent others from denying you 30 | these rights or asking you to surrender the rights. Therefore, you have 31 | certain responsibilities if you distribute copies of the software, or if 32 | you modify it: responsibilities to respect the freedom of others. 33 | 34 | For example, if you distribute copies of such a program, whether 35 | gratis or for a fee, you must pass on to the recipients the same 36 | freedoms that you received. You must make sure that they, too, receive 37 | or can get the source code. And you must show them these terms so they 38 | know their rights. 39 | 40 | Developers that use the GNU GPL protect your rights with two steps: 41 | (1) assert copyright on the software, and (2) offer you this License 42 | giving you legal permission to copy, distribute and/or modify it. 43 | 44 | For the developers' and authors' protection, the GPL clearly explains 45 | that there is no warranty for this free software. For both users' and 46 | authors' sake, the GPL requires that modified versions be marked as 47 | changed, so that their problems will not be attributed erroneously to 48 | authors of previous versions. 49 | 50 | Some devices are designed to deny users access to install or run 51 | modified versions of the software inside them, although the manufacturer 52 | can do so. This is fundamentally incompatible with the aim of 53 | protecting users' freedom to change the software. The systematic 54 | pattern of such abuse occurs in the area of products for individuals to 55 | use, which is precisely where it is most unacceptable. Therefore, we 56 | have designed this version of the GPL to prohibit the practice for those 57 | products. If such problems arise substantially in other domains, we 58 | stand ready to extend this provision to those domains in future versions 59 | of the GPL, as needed to protect the freedom of users. 60 | 61 | Finally, every program is threatened constantly by software patents. 62 | States should not allow patents to restrict development and use of 63 | software on general-purpose computers, but in those that do, we wish to 64 | avoid the special danger that patents applied to a free program could 65 | make it effectively proprietary. To prevent this, the GPL assures that 66 | patents cannot be used to render the program non-free. 67 | 68 | The precise terms and conditions for copying, distribution and 69 | modification follow. 70 | 71 | TERMS AND CONDITIONS 72 | 73 | 0. Definitions. 74 | 75 | "This License" refers to version 3 of the GNU General Public License. 76 | 77 | "Copyright" also means copyright-like laws that apply to other kinds of 78 | works, such as semiconductor masks. 79 | 80 | "The Program" refers to any copyrightable work licensed under this 81 | License. Each licensee is addressed as "you". "Licensees" and 82 | "recipients" may be individuals or organizations. 83 | 84 | To "modify" a work means to copy from or adapt all or part of the work 85 | in a fashion requiring copyright permission, other than the making of an 86 | exact copy. The resulting work is called a "modified version" of the 87 | earlier work or a work "based on" the earlier work. 88 | 89 | A "covered work" means either the unmodified Program or a work based 90 | on the Program. 91 | 92 | To "propagate" a work means to do anything with it that, without 93 | permission, would make you directly or secondarily liable for 94 | infringement under applicable copyright law, except executing it on a 95 | computer or modifying a private copy. Propagation includes copying, 96 | distribution (with or without modification), making available to the 97 | public, and in some countries other activities as well. 98 | 99 | To "convey" a work means any kind of propagation that enables other 100 | parties to make or receive copies. Mere interaction with a user through 101 | a computer network, with no transfer of a copy, is not conveying. 102 | 103 | An interactive user interface displays "Appropriate Legal Notices" 104 | to the extent that it includes a convenient and prominently visible 105 | feature that (1) displays an appropriate copyright notice, and (2) 106 | tells the user that there is no warranty for the work (except to the 107 | extent that warranties are provided), that licensees may convey the 108 | work under this License, and how to view a copy of this License. If 109 | the interface presents a list of user commands or options, such as a 110 | menu, a prominent item in the list meets this criterion. 111 | 112 | 1. Source Code. 113 | 114 | The "source code" for a work means the preferred form of the work 115 | for making modifications to it. "Object code" means any non-source 116 | form of a work. 117 | 118 | A "Standard Interface" means an interface that either is an official 119 | standard defined by a recognized standards body, or, in the case of 120 | interfaces specified for a particular programming language, one that 121 | is widely used among developers working in that language. 122 | 123 | The "System Libraries" of an executable work include anything, other 124 | than the work as a whole, that (a) is included in the normal form of 125 | packaging a Major Component, but which is not part of that Major 126 | Component, and (b) serves only to enable use of the work with that 127 | Major Component, or to implement a Standard Interface for which an 128 | implementation is available to the public in source code form. A 129 | "Major Component", in this context, means a major essential component 130 | (kernel, window system, and so on) of the specific operating system 131 | (if any) on which the executable work runs, or a compiler used to 132 | produce the work, or an object code interpreter used to run it. 133 | 134 | The "Corresponding Source" for a work in object code form means all 135 | the source code needed to generate, install, and (for an executable 136 | work) run the object code and to modify the work, including scripts to 137 | control those activities. However, it does not include the work's 138 | System Libraries, or general-purpose tools or generally available free 139 | programs which are used unmodified in performing those activities but 140 | which are not part of the work. For example, Corresponding Source 141 | includes interface definition files associated with source files for 142 | the work, and the source code for shared libraries and dynamically 143 | linked subprograms that the work is specifically designed to require, 144 | such as by intimate data communication or control flow between those 145 | subprograms and other parts of the work. 146 | 147 | The Corresponding Source need not include anything that users 148 | can regenerate automatically from other parts of the Corresponding 149 | Source. 150 | 151 | The Corresponding Source for a work in source code form is that 152 | same work. 153 | 154 | 2. Basic Permissions. 155 | 156 | All rights granted under this License are granted for the term of 157 | copyright on the Program, and are irrevocable provided the stated 158 | conditions are met. This License explicitly affirms your unlimited 159 | permission to run the unmodified Program. The output from running a 160 | covered work is covered by this License only if the output, given its 161 | content, constitutes a covered work. This License acknowledges your 162 | rights of fair use or other equivalent, as provided by copyright law. 163 | 164 | You may make, run and propagate covered works that you do not 165 | convey, without conditions so long as your license otherwise remains 166 | in force. You may convey covered works to others for the sole purpose 167 | of having them make modifications exclusively for you, or provide you 168 | with facilities for running those works, provided that you comply with 169 | the terms of this License in conveying all material for which you do 170 | not control copyright. Those thus making or running the covered works 171 | for you must do so exclusively on your behalf, under your direction 172 | and control, on terms that prohibit them from making any copies of 173 | your copyrighted material outside their relationship with you. 174 | 175 | Conveying under any other circumstances is permitted solely under 176 | the conditions stated below. Sublicensing is not allowed; section 10 177 | makes it unnecessary. 178 | 179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law. 180 | 181 | No covered work shall be deemed part of an effective technological 182 | measure under any applicable law fulfilling obligations under article 183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or 184 | similar laws prohibiting or restricting circumvention of such 185 | measures. 186 | 187 | When you convey a covered work, you waive any legal power to forbid 188 | circumvention of technological measures to the extent such circumvention 189 | is effected by exercising rights under this License with respect to 190 | the covered work, and you disclaim any intention to limit operation or 191 | modification of the work as a means of enforcing, against the work's 192 | users, your or third parties' legal rights to forbid circumvention of 193 | technological measures. 194 | 195 | 4. Conveying Verbatim Copies. 196 | 197 | You may convey verbatim copies of the Program's source code as you 198 | receive it, in any medium, provided that you conspicuously and 199 | appropriately publish on each copy an appropriate copyright notice; 200 | keep intact all notices stating that this License and any 201 | non-permissive terms added in accord with section 7 apply to the code; 202 | keep intact all notices of the absence of any warranty; and give all 203 | recipients a copy of this License along with the Program. 204 | 205 | You may charge any price or no price for each copy that you convey, 206 | and you may offer support or warranty protection for a fee. 207 | 208 | 5. Conveying Modified Source Versions. 209 | 210 | You may convey a work based on the Program, or the modifications to 211 | produce it from the Program, in the form of source code under the 212 | terms of section 4, provided that you also meet all of these conditions: 213 | 214 | a) The work must carry prominent notices stating that you modified 215 | it, and giving a relevant date. 216 | 217 | b) The work must carry prominent notices stating that it is 218 | released under this License and any conditions added under section 219 | 7. This requirement modifies the requirement in section 4 to 220 | "keep intact all notices". 221 | 222 | c) You must license the entire work, as a whole, under this 223 | License to anyone who comes into possession of a copy. This 224 | License will therefore apply, along with any applicable section 7 225 | additional terms, to the whole of the work, and all its parts, 226 | regardless of how they are packaged. This License gives no 227 | permission to license the work in any other way, but it does not 228 | invalidate such permission if you have separately received it. 229 | 230 | d) If the work has interactive user interfaces, each must display 231 | Appropriate Legal Notices; however, if the Program has interactive 232 | interfaces that do not display Appropriate Legal Notices, your 233 | work need not make them do so. 234 | 235 | A compilation of a covered work with other separate and independent 236 | works, which are not by their nature extensions of the covered work, 237 | and which are not combined with it such as to form a larger program, 238 | in or on a volume of a storage or distribution medium, is called an 239 | "aggregate" if the compilation and its resulting copyright are not 240 | used to limit the access or legal rights of the compilation's users 241 | beyond what the individual works permit. Inclusion of a covered work 242 | in an aggregate does not cause this License to apply to the other 243 | parts of the aggregate. 244 | 245 | 6. Conveying Non-Source Forms. 246 | 247 | You may convey a covered work in object code form under the terms 248 | of sections 4 and 5, provided that you also convey the 249 | machine-readable Corresponding Source under the terms of this License, 250 | in one of these ways: 251 | 252 | a) Convey the object code in, or embodied in, a physical product 253 | (including a physical distribution medium), accompanied by the 254 | Corresponding Source fixed on a durable physical medium 255 | customarily used for software interchange. 256 | 257 | b) Convey the object code in, or embodied in, a physical product 258 | (including a physical distribution medium), accompanied by a 259 | written offer, valid for at least three years and valid for as 260 | long as you offer spare parts or customer support for that product 261 | model, to give anyone who possesses the object code either (1) a 262 | copy of the Corresponding Source for all the software in the 263 | product that is covered by this License, on a durable physical 264 | medium customarily used for software interchange, for a price no 265 | more than your reasonable cost of physically performing this 266 | conveying of source, or (2) access to copy the 267 | Corresponding Source from a network server at no charge. 268 | 269 | c) Convey individual copies of the object code with a copy of the 270 | written offer to provide the Corresponding Source. This 271 | alternative is allowed only occasionally and noncommercially, and 272 | only if you received the object code with such an offer, in accord 273 | with subsection 6b. 274 | 275 | d) Convey the object code by offering access from a designated 276 | place (gratis or for a charge), and offer equivalent access to the 277 | Corresponding Source in the same way through the same place at no 278 | further charge. You need not require recipients to copy the 279 | Corresponding Source along with the object code. If the place to 280 | copy the object code is a network server, the Corresponding Source 281 | may be on a different server (operated by you or a third party) 282 | that supports equivalent copying facilities, provided you maintain 283 | clear directions next to the object code saying where to find the 284 | Corresponding Source. Regardless of what server hosts the 285 | Corresponding Source, you remain obligated to ensure that it is 286 | available for as long as needed to satisfy these requirements. 287 | 288 | e) Convey the object code using peer-to-peer transmission, provided 289 | you inform other peers where the object code and Corresponding 290 | Source of the work are being offered to the general public at no 291 | charge under subsection 6d. 292 | 293 | A separable portion of the object code, whose source code is excluded 294 | from the Corresponding Source as a System Library, need not be 295 | included in conveying the object code work. 296 | 297 | A "User Product" is either (1) a "consumer product", which means any 298 | tangible personal property which is normally used for personal, family, 299 | or household purposes, or (2) anything designed or sold for incorporation 300 | into a dwelling. In determining whether a product is a consumer product, 301 | doubtful cases shall be resolved in favor of coverage. For a particular 302 | product received by a particular user, "normally used" refers to a 303 | typical or common use of that class of product, regardless of the status 304 | of the particular user or of the way in which the particular user 305 | actually uses, or expects or is expected to use, the product. A product 306 | is a consumer product regardless of whether the product has substantial 307 | commercial, industrial or non-consumer uses, unless such uses represent 308 | the only significant mode of use of the product. 309 | 310 | "Installation Information" for a User Product means any methods, 311 | procedures, authorization keys, or other information required to install 312 | and execute modified versions of a covered work in that User Product from 313 | a modified version of its Corresponding Source. The information must 314 | suffice to ensure that the continued functioning of the modified object 315 | code is in no case prevented or interfered with solely because 316 | modification has been made. 317 | 318 | If you convey an object code work under this section in, or with, or 319 | specifically for use in, a User Product, and the conveying occurs as 320 | part of a transaction in which the right of possession and use of the 321 | User Product is transferred to the recipient in perpetuity or for a 322 | fixed term (regardless of how the transaction is characterized), the 323 | Corresponding Source conveyed under this section must be accompanied 324 | by the Installation Information. But this requirement does not apply 325 | if neither you nor any third party retains the ability to install 326 | modified object code on the User Product (for example, the work has 327 | been installed in ROM). 328 | 329 | The requirement to provide Installation Information does not include a 330 | requirement to continue to provide support service, warranty, or updates 331 | for a work that has been modified or installed by the recipient, or for 332 | the User Product in which it has been modified or installed. Access to a 333 | network may be denied when the modification itself materially and 334 | adversely affects the operation of the network or violates the rules and 335 | protocols for communication across the network. 336 | 337 | Corresponding Source conveyed, and Installation Information provided, 338 | in accord with this section must be in a format that is publicly 339 | documented (and with an implementation available to the public in 340 | source code form), and must require no special password or key for 341 | unpacking, reading or copying. 342 | 343 | 7. Additional Terms. 344 | 345 | "Additional permissions" are terms that supplement the terms of this 346 | License by making exceptions from one or more of its conditions. 347 | Additional permissions that are applicable to the entire Program shall 348 | be treated as though they were included in this License, to the extent 349 | that they are valid under applicable law. If additional permissions 350 | apply only to part of the Program, that part may be used separately 351 | under those permissions, but the entire Program remains governed by 352 | this License without regard to the additional permissions. 353 | 354 | When you convey a copy of a covered work, you may at your option 355 | remove any additional permissions from that copy, or from any part of 356 | it. (Additional permissions may be written to require their own 357 | removal in certain cases when you modify the work.) You may place 358 | additional permissions on material, added by you to a covered work, 359 | for which you have or can give appropriate copyright permission. 360 | 361 | Notwithstanding any other provision of this License, for material you 362 | add to a covered work, you may (if authorized by the copyright holders of 363 | that material) supplement the terms of this License with terms: 364 | 365 | a) Disclaiming warranty or limiting liability differently from the 366 | terms of sections 15 and 16 of this License; or 367 | 368 | b) Requiring preservation of specified reasonable legal notices or 369 | author attributions in that material or in the Appropriate Legal 370 | Notices displayed by works containing it; or 371 | 372 | c) Prohibiting misrepresentation of the origin of that material, or 373 | requiring that modified versions of such material be marked in 374 | reasonable ways as different from the original version; or 375 | 376 | d) Limiting the use for publicity purposes of names of licensors or 377 | authors of the material; or 378 | 379 | e) Declining to grant rights under trademark law for use of some 380 | trade names, trademarks, or service marks; or 381 | 382 | f) Requiring indemnification of licensors and authors of that 383 | material by anyone who conveys the material (or modified versions of 384 | it) with contractual assumptions of liability to the recipient, for 385 | any liability that these contractual assumptions directly impose on 386 | those licensors and authors. 387 | 388 | All other non-permissive additional terms are considered "further 389 | restrictions" within the meaning of section 10. If the Program as you 390 | received it, or any part of it, contains a notice stating that it is 391 | governed by this License along with a term that is a further 392 | restriction, you may remove that term. If a license document contains 393 | a further restriction but permits relicensing or conveying under this 394 | License, you may add to a covered work material governed by the terms 395 | of that license document, provided that the further restriction does 396 | not survive such relicensing or conveying. 397 | 398 | If you add terms to a covered work in accord with this section, you 399 | must place, in the relevant source files, a statement of the 400 | additional terms that apply to those files, or a notice indicating 401 | where to find the applicable terms. 402 | 403 | Additional terms, permissive or non-permissive, may be stated in the 404 | form of a separately written license, or stated as exceptions; 405 | the above requirements apply either way. 406 | 407 | 8. Termination. 408 | 409 | You may not propagate or modify a covered work except as expressly 410 | provided under this License. Any attempt otherwise to propagate or 411 | modify it is void, and will automatically terminate your rights under 412 | this License (including any patent licenses granted under the third 413 | paragraph of section 11). 414 | 415 | However, if you cease all violation of this License, then your 416 | license from a particular copyright holder is reinstated (a) 417 | provisionally, unless and until the copyright holder explicitly and 418 | finally terminates your license, and (b) permanently, if the copyright 419 | holder fails to notify you of the violation by some reasonable means 420 | prior to 60 days after the cessation. 421 | 422 | Moreover, your license from a particular copyright holder is 423 | reinstated permanently if the copyright holder notifies you of the 424 | violation by some reasonable means, this is the first time you have 425 | received notice of violation of this License (for any work) from that 426 | copyright holder, and you cure the violation prior to 30 days after 427 | your receipt of the notice. 428 | 429 | Termination of your rights under this section does not terminate the 430 | licenses of parties who have received copies or rights from you under 431 | this License. If your rights have been terminated and not permanently 432 | reinstated, you do not qualify to receive new licenses for the same 433 | material under section 10. 434 | 435 | 9. Acceptance Not Required for Having Copies. 436 | 437 | You are not required to accept this License in order to receive or 438 | run a copy of the Program. Ancillary propagation of a covered work 439 | occurring solely as a consequence of using peer-to-peer transmission 440 | to receive a copy likewise does not require acceptance. However, 441 | nothing other than this License grants you permission to propagate or 442 | modify any covered work. These actions infringe copyright if you do 443 | not accept this License. Therefore, by modifying or propagating a 444 | covered work, you indicate your acceptance of this License to do so. 445 | 446 | 10. Automatic Licensing of Downstream Recipients. 447 | 448 | Each time you convey a covered work, the recipient automatically 449 | receives a license from the original licensors, to run, modify and 450 | propagate that work, subject to this License. You are not responsible 451 | for enforcing compliance by third parties with this License. 452 | 453 | An "entity transaction" is a transaction transferring control of an 454 | organization, or substantially all assets of one, or subdividing an 455 | organization, or merging organizations. If propagation of a covered 456 | work results from an entity transaction, each party to that 457 | transaction who receives a copy of the work also receives whatever 458 | licenses to the work the party's predecessor in interest had or could 459 | give under the previous paragraph, plus a right to possession of the 460 | Corresponding Source of the work from the predecessor in interest, if 461 | the predecessor has it or can get it with reasonable efforts. 462 | 463 | You may not impose any further restrictions on the exercise of the 464 | rights granted or affirmed under this License. For example, you may 465 | not impose a license fee, royalty, or other charge for exercise of 466 | rights granted under this License, and you may not initiate litigation 467 | (including a cross-claim or counterclaim in a lawsuit) alleging that 468 | any patent claim is infringed by making, using, selling, offering for 469 | sale, or importing the Program or any portion of it. 470 | 471 | 11. Patents. 472 | 473 | A "contributor" is a copyright holder who authorizes use under this 474 | License of the Program or a work on which the Program is based. The 475 | work thus licensed is called the contributor's "contributor version". 476 | 477 | A contributor's "essential patent claims" are all patent claims 478 | owned or controlled by the contributor, whether already acquired or 479 | hereafter acquired, that would be infringed by some manner, permitted 480 | by this License, of making, using, or selling its contributor version, 481 | but do not include claims that would be infringed only as a 482 | consequence of further modification of the contributor version. For 483 | purposes of this definition, "control" includes the right to grant 484 | patent sublicenses in a manner consistent with the requirements of 485 | this License. 486 | 487 | Each contributor grants you a non-exclusive, worldwide, royalty-free 488 | patent license under the contributor's essential patent claims, to 489 | make, use, sell, offer for sale, import and otherwise run, modify and 490 | propagate the contents of its contributor version. 491 | 492 | In the following three paragraphs, a "patent license" is any express 493 | agreement or commitment, however denominated, not to enforce a patent 494 | (such as an express permission to practice a patent or covenant not to 495 | sue for patent infringement). To "grant" such a patent license to a 496 | party means to make such an agreement or commitment not to enforce a 497 | patent against the party. 498 | 499 | If you convey a covered work, knowingly relying on a patent license, 500 | and the Corresponding Source of the work is not available for anyone 501 | to copy, free of charge and under the terms of this License, through a 502 | publicly available network server or other readily accessible means, 503 | then you must either (1) cause the Corresponding Source to be so 504 | available, or (2) arrange to deprive yourself of the benefit of the 505 | patent license for this particular work, or (3) arrange, in a manner 506 | consistent with the requirements of this License, to extend the patent 507 | license to downstream recipients. "Knowingly relying" means you have 508 | actual knowledge that, but for the patent license, your conveying the 509 | covered work in a country, or your recipient's use of the covered work 510 | in a country, would infringe one or more identifiable patents in that 511 | country that you have reason to believe are valid. 512 | 513 | If, pursuant to or in connection with a single transaction or 514 | arrangement, you convey, or propagate by procuring conveyance of, a 515 | covered work, and grant a patent license to some of the parties 516 | receiving the covered work authorizing them to use, propagate, modify 517 | or convey a specific copy of the covered work, then the patent license 518 | you grant is automatically extended to all recipients of the covered 519 | work and works based on it. 520 | 521 | A patent license is "discriminatory" if it does not include within 522 | the scope of its coverage, prohibits the exercise of, or is 523 | conditioned on the non-exercise of one or more of the rights that are 524 | specifically granted under this License. You may not convey a covered 525 | work if you are a party to an arrangement with a third party that is 526 | in the business of distributing software, under which you make payment 527 | to the third party based on the extent of your activity of conveying 528 | the work, and under which the third party grants, to any of the 529 | parties who would receive the covered work from you, a discriminatory 530 | patent license (a) in connection with copies of the covered work 531 | conveyed by you (or copies made from those copies), or (b) primarily 532 | for and in connection with specific products or compilations that 533 | contain the covered work, unless you entered into that arrangement, 534 | or that patent license was granted, prior to 28 March 2007. 535 | 536 | Nothing in this License shall be construed as excluding or limiting 537 | any implied license or other defenses to infringement that may 538 | otherwise be available to you under applicable patent law. 539 | 540 | 12. No Surrender of Others' Freedom. 541 | 542 | If conditions are imposed on you (whether by court order, agreement or 543 | otherwise) that contradict the conditions of this License, they do not 544 | excuse you from the conditions of this License. If you cannot convey a 545 | covered work so as to satisfy simultaneously your obligations under this 546 | License and any other pertinent obligations, then as a consequence you may 547 | not convey it at all. For example, if you agree to terms that obligate you 548 | to collect a royalty for further conveying from those to whom you convey 549 | the Program, the only way you could satisfy both those terms and this 550 | License would be to refrain entirely from conveying the Program. 551 | 552 | 13. Use with the GNU Affero General Public License. 553 | 554 | Notwithstanding any other provision of this License, you have 555 | permission to link or combine any covered work with a work licensed 556 | under version 3 of the GNU Affero General Public License into a single 557 | combined work, and to convey the resulting work. The terms of this 558 | License will continue to apply to the part which is the covered work, 559 | but the special requirements of the GNU Affero General Public License, 560 | section 13, concerning interaction through a network will apply to the 561 | combination as such. 562 | 563 | 14. Revised Versions of this License. 564 | 565 | The Free Software Foundation may publish revised and/or new versions of 566 | the GNU General Public License from time to time. Such new versions will 567 | be similar in spirit to the present version, but may differ in detail to 568 | address new problems or concerns. 569 | 570 | Each version is given a distinguishing version number. If the 571 | Program specifies that a certain numbered version of the GNU General 572 | Public License "or any later version" applies to it, you have the 573 | option of following the terms and conditions either of that numbered 574 | version or of any later version published by the Free Software 575 | Foundation. If the Program does not specify a version number of the 576 | GNU General Public License, you may choose any version ever published 577 | by the Free Software Foundation. 578 | 579 | If the Program specifies that a proxy can decide which future 580 | versions of the GNU General Public License can be used, that proxy's 581 | public statement of acceptance of a version permanently authorizes you 582 | to choose that version for the Program. 583 | 584 | Later license versions may give you additional or different 585 | permissions. However, no additional obligations are imposed on any 586 | author or copyright holder as a result of your choosing to follow a 587 | later version. 588 | 589 | 15. Disclaimer of Warranty. 590 | 591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY 592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT 593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY 594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, 595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM 597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF 598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 599 | 600 | 16. Limitation of Liability. 601 | 602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS 604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY 605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE 606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF 607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD 608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), 609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF 610 | SUCH DAMAGES. 611 | 612 | 17. Interpretation of Sections 15 and 16. 613 | 614 | If the disclaimer of warranty and limitation of liability provided 615 | above cannot be given local legal effect according to their terms, 616 | reviewing courts shall apply local law that most closely approximates 617 | an absolute waiver of all civil liability in connection with the 618 | Program, unless a warranty or assumption of liability accompanies a 619 | copy of the Program in return for a fee. 620 | 621 | END OF TERMS AND CONDITIONS 622 | 623 | How to Apply These Terms to Your New Programs 624 | 625 | If you develop a new program, and you want it to be of the greatest 626 | possible use to the public, the best way to achieve this is to make it 627 | free software which everyone can redistribute and change under these terms. 628 | 629 | To do so, attach the following notices to the program. It is safest 630 | to attach them to the start of each source file to most effectively 631 | state the exclusion of warranty; and each file should have at least 632 | the "copyright" line and a pointer to where the full notice is found. 633 | 634 | {one line to give the program's name and a brief idea of what it does.} 635 | Copyright (C) {year} {name of author} 636 | 637 | This program is free software: you can redistribute it and/or modify 638 | it under the terms of the GNU General Public License as published by 639 | the Free Software Foundation, either version 3 of the License, or 640 | (at your option) any later version. 641 | 642 | This program is distributed in the hope that it will be useful, 643 | but WITHOUT ANY WARRANTY; without even the implied warranty of 644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 645 | GNU General Public License for more details. 646 | 647 | You should have received a copy of the GNU General Public License 648 | along with this program. If not, see . 649 | 650 | Also add information on how to contact you by electronic and paper mail. 651 | 652 | If the program does terminal interaction, make it output a short 653 | notice like this when it starts in an interactive mode: 654 | 655 | {project} Copyright (C) {year} {fullname} 656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 657 | This is free software, and you are welcome to redistribute it 658 | under certain conditions; type `show c' for details. 659 | 660 | The hypothetical commands `show w' and `show c' should show the appropriate 661 | parts of the General Public License. Of course, your program's commands 662 | might be different; for a GUI interface, you would use an "about box". 663 | 664 | You should also get your employer (if you work as a programmer) or school, 665 | if any, to sign a "copyright disclaimer" for the program, if necessary. 666 | For more information on this, and how to apply and follow the GNU GPL, see 667 | . 668 | 669 | The GNU General Public License does not permit incorporating your program 670 | into proprietary programs. If your program is a subroutine library, you 671 | may consider it more useful to permit linking proprietary applications with 672 | the library. If this is what you want to do, use the GNU Lesser General 673 | Public License instead of this License. But first, please read 674 | . 675 | --------------------------------------------------------------------------------