14cd6b1 allow sector size 512<=x<=4096 pow2 per cryptsetup
~ioiojo pushed to ~ioiojo/star git
Polyglot Linux installer
Launch TUI:
star
Launch REPL:
star repl
Fennel:
(local star (require :star))
;;; Choose distro for installation, along with disk encryption, security level,
;;; filesystem, and more.
(local cfg (star.cfg))
;;; Pre-select Alpine, root partition formatted Ext4 /boot included.
(local cfg (star.cfg {:distro :alpine
:filesystem :ext4}))
;;; Or, equivalently:
(local cfg (star.cfg {:distro :alpine
:filesystem :ext4
;; :disk-encryption defaults to :none
:disk-encryption :none}))
;;; Pre-select Alpine, LVM on dm-crypt full disk encryption (including
;;; encrypted /boot), root volume LVM logical volumes formatted Ext4.
(local cfg (star.cfg {:distro :alpine
:filesystem {:root :ext4 :lvm true}
:disk-encryption :dm-crypt
;; :dm-crypt-target defaults to :both
:dm-crypt-target :both}))
;;; Or, equivalently:
(local cfg (star.cfg {:distro :alpine
:filesystem {:root :ext4 :lvm true}
:disk-encryption :dm-crypt}))
;;; Pre-select Arch, LVM on dm-crypt full disk encryption (including encrypted
;;; /boot), root volume LVM logical volumes excepting /boot formatted Ext4,
;;; /boot LVM logical volume formatted Ext2.
(local cfg (star.cfg {:distro :arch
:filesystem {:root :ext4 :lvm true
:boot :ext2}
:disk-encryption :dm-crypt}))
;;; Pre-select Arch, dm-crypt full disk encryption (including encrypted /boot),
;;; root volume formatted Btrfs.
(local cfg (star.cfg {:distro :arch
:filesystem :btrfs
:disk-encryption :dm-crypt}))
;;; Pre-select Arch, LVM on dm-crypt full disk encryption (including encrypted
;;; /boot) with headerless root volume on unpartitioned device its header
;;; detached and stored in encrypted boot volume on separate device, root
;;; volume LVM logical volumes formatted NILFS2, boot volume formatted Ext2.
(local cfg (star.cfg {:distro :arch
:filesystem {:root :nilfs2 :lvm true
:boot :ext2}
:disk-encryption :dm-crypt
;; :second-factor :strategy defaults to :mort
:second-factor {:strategy :mort}}))
;;; Pre-select Void, dm-crypt full disk encryption (excepting /boot) with
;;; headerless root volume on unpartitioned device its header detached and
;;; stored in unencrypted boot partition on separate device, root volume
;;; formatted Ext4, boot partition formatted Ext4.
(local cfg (star.cfg {:distro :void
:filesystem :ext4
:disk-encryption :dm-crypt
;; omit /boot encryption
:dm-crypt-target :root
;; :second-factor :strategy defaults to :mort
:second-factor true}))
;;; Pre-select Void, hybrid fscrypt/dm-crypt full disk encryption (including
;;; encrypted /boot), fscrypt on root partition formatted Ext4, dm-crypt boot
;;; volume formatted Ext4.
(local cfg (star.cfg {:distro :void
:filesystem :ext4
:disk-encryption :both
:dm-crypt-target :boot}))
;;; Pre-select Void, fscrypt full disk encryption (excepting /boot), fscrypt
;;; on root partition formatted F2FS, unencrypted boot partition formatted F2FS.
(local cfg (star.cfg {:distro :void
:filesystem :f2fs
:disk-encryption :fs-crypt}))
;;; Serialize configuration to disk sans sensitive passwords.
(cfg:save "/path/to/saved/cfg")
;;; Bootstrap new machine with pre-configured settings.
(star.new cfg)
;;; Bootstrap new machine sans pre-configured settings - implies (star.cfg).
(star.new)
;;; Perform system rescue with pre-configured settings.
(local rescue (star.rescue cfg))
;;; Perform system rescue sans pre-configured settings - implies limited version
;;; of (star.cfg).
(local rescue (star.rescue))
;;; Display rescue commands.
(rescue.help)
;;; Open encrypted volume(s) and/or LVM volume group, mount filesystems.
(rescue:open)
;;; Resume bootstrap from saved progress - implies (rescue:open).
(rescue:resume "/path/to/saved/progress")
;;; Unmount filesystems, close LVM volume group and/or encrypted volume(s).
(rescue:close)
¹: Until libsodium's build.zig
works with latest dev version of Zig.
²: Temporary workaround to be removed pending build dependencies support in Zig package manager.
To run the tests:
just peru-sync
just
Licensed under either of
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.