A bash script to install Void Linux with optional LUKS encryption, optional LVM, btrfs filesystem and optional swap as file.
The VoidLinuxInstaller script is an attempt to make my gist an interactive bash script.
The script is now a much more interactive one, with a hopefully proper menu. The last version of the old one can always be found at the following link.
As stated in the gist, this script provides:
/boot
) with LUKS1/2;/boot
) as bootloader;To know how the script works in details, please jump to the How does it work? section!
To know how to run the script, please jump to the How to run it? section!
This script comes from my need to automate my gist as much as I can, and also as a way to learn Bash scripting as well. This is my first Bash script ever created so bugs, errors and really ugly code are expected!
I've tried this script a lot with virtual machines and following every step always brought me to a functional system, so there should be no problem from this point of view!
Pull requests are absolutely welcome!
First update xbps
package:
xbps-install -Suvy xbps
then install wget
or curl
package:
# For wget
xbps-install -Suvy wget
# For curl
xbps-install -Suvy curl
then download the needed file:
# For wget
wget https://raw.githubusercontent.com/Le0xFF/VoidLinuxInstaller/main/vli.sh -O $HOME/vli.sh
# For curl
curl -o $HOME/vli.sh https://raw.githubusercontent.com/Le0xFF/VoidLinuxInstaller/main/vli.sh
then make it executable:
chmod +x $HOME/vli.sh
and finally run it:
bash $HOME/vli.sh
The script requires internet connection, because xbps packages must be downloaded for the chroot method to work.
Here is documented how the script works in details. With It will:
/dev/mapper/<encrypted_name>
;/
and to add more space in the future without reformatting the whole system:
/dev/mapper/<vg_name>
;/dev/mapper/<vg_name>-<lv_root_name>
;/boot/efi
;create_btrfs_subvolumes
function (BTRFS mount options official documentation):
rw,noatime,discard=async,compress-force=zstd,space_cache=v2,commit=120
/@
/@home
/@snapshots
/@swap
/var/cache/xbps
/var/tmp
/var/log
x86_64
and x86_64-musl
;/
permissions;/etc/fstab
file;binary-bootstrap
because xbps-src
can't do that while being already in a chrooted environment; see related issues: #30496, #35018, #35410)To have a smooth script workflow, the following is the suggested disk layout:
These two will be physical partition.
You don't need to create a /home
partition because BTRFS subvolumes will take care of that.
Following the script, at the very end your drive will end up being like the following, if you chose LUKS, LVM and GRUB2 as bootloader:
/dev/nvme0n1 259:0 0 953,9G 0 disk
├─/dev/nvme0n1p1 259:1 0 1G 0 part /boot/efi
└─/dev/nvme0n1p2 259:2 0 942,9G 0 part
└─/dev/mapper/<encrypted_name> 254:0 0 942,9G 0 crypt
└─/dev/mapper/<vg_name>-<lv_root_name> 254:1 0 942,9G 0 lvm /.snapshots
/var/log
/home
/
Note:
/.snapshots
will be available after following the Follow up for@snapshots
subvolume section.
@snapshots
subvolumeWith this script, the @snapshots
subvolume will be created, but not the /.snapshots
folder. This is done to avoid stupid snapper issues when trying to create a configuration for /
.
So after installing snapper
from Void Linux's repositories and after creating a configuration for /
, you have to delete the subvolume that snapper will automatically create. After that create the /.snapshots
folder and then uncomment the relative line from /etc/fstab
:
# run these commands as root
snapper -c root create-config /
btrfs subvolume delete /.snapshots
mkdir /.snapshots
sed -i '/@snapshots/s/^#//' /etc/fstab
reboot
Source: Arch Wiki
In case a wrong password was put in GRUB2, a shell will be dropped.
In order to boot the system, the encrypted partition have to be unlocked and the right GRUB configuration file must be loaded.
This can be done with the following commands, regardless of whether a custom keyboard layout in GRUB was set or not:
# unlock all the encrypted partitions
cryptomount -a
# input your password, then insert module normal and run it
insmod normal
normal
The following method is a little more complicated and should not be used, even if it works as well. It's kept only for archive purpose.
# unlock all the encrypted partitions
cryptomount -a
# input your password and if LVM was used, then
set root=(lvm/<vg_name>-<lv_root_name>)/@
# if LVM was not used, then (<uuid> is the same printed on screen; you can also use (crypto#), where # is where your system is, typically 0)
set root=(cryptouuid/<uuid>)/@
# finally load main GRUB2 configuration file
set prefix=$root/boot/grub
configfile $prefix/grub.cfg
In case anything will break, you will just have to delete the @
subvolume, create it again and reinstall your distro. /home
folder won't be affected in any way.
In details, after booting a LiveCD, mount the encrypted partition:
cryptsetup open /dev/nvme0n1p2 <encrypted_name>
Scan for Volume Groups and then enable the one you need:
vgscan
vgchange -ay <vg_name>
Mount the true btrfs root by its subvol or by its subvolid:
# by subvol
mount -o subvol=/ /dev/mapper/<vg_name>-<lv_root_name> /mnt
# or by subvolid
mount -o subvolid=0 /dev/mapper/<vg_name>-<lv_root_name> /mnt
After that if you do an ls /mnt/
you will see all the subvolume previously created.
Now you must delete ONLY the @
subvolume and finally unmount /mnt
:
btrfs subvolume delete /mnt/@
umount /mnt
You now have to reinstall Void Linux manually (the script is not programmed to help you this time). For this you can follow the original gist and start again from Mount partitions and create btrfs subvolumes instruction, without creating the @home
subvolume.
When the package reconfiguration is finished, you have to create a user with the same name of the one you created before, possibly adding it to the same groups as before, but you can do it later too.
Don't add the -m
flag or your original home folder will be destroyed:
useradd -G wheel <same_user>
passwd <same_user>
This is not necessary because adding the same user will automatically change the home folder permission, but just in case:
chown -R <same_user>:<same_user> /home/<same_user>
Probably the following could also be done from a running system, but maybe it's better to boot a LiveCD just in case.
First a new physical drive must be added to the system. This drive in the following example will be called /dev/sda
.
After booting a LiveCD, mount the encrypted partition:
cryptsetup open /dev/nvme0n1p2 <encrypted_name>
Scan for Volume Groups and then enable the one you need:
vgscan
vgchange -ay <vg_name>
Scan for Logical Volumes and then enable the one you need:
lvscan
lvchange -ay <vg_name>/<lv_root_name>
Then a new Physical Volume for the new drive must be created:
pvcreate /dev/sda
After that it must be added to the existing Logical Volume:
vgextend <lv_root_name> /dev/sda
Then the Logical Volume must be extended to cover the new free space:
lvm lvextend -l +100%FREE <vg_name>/<lv_root_name>
Finally also the BTRFS filesystem must be extended to cover all the free space; to do that, the BTRFS partition must be mounted:
mount -t btrfs /dev/mapper/<vg_name>-<lv_root_name> /mnt/
btrfs filesystem resize max /mnt/
[1] https://tldp.org/LDP/Bash-Beginners-Guide/html/index.html
[2] https://gist.github.com/tobi-wan-kenobi/bff3af81eac27e210e1dc88ba660596e
[3] https://gist.github.com/gbrlsnchs/9c9dc55cd0beb26e141ee3ea59f26e21
[4] https://unixsheikh.com/tutorials/real-full-disk-encryption-using-grub-on-void-linux-for-bios.html