4 files changed, 67 insertions, 11 deletions

diff --git a/initramfs-tools/hooks/samizdat b/initramfs-tools/hooks/samizdat
index 78ece68..9b8a335 100755
--- a/initramfs-tools/hooks/samizdat
+++ b/initramfs-tools/hooks/samizdat
@@ -10,7 +10,7 @@ PATH=/usr/local/bin:$PATH
 
 repo_execs=$(echo "${samizdat_initrd_files_dir}"/*)
 
-path_execs='mountpoint openvt rsync gpg2 gpg-agent pinentry-curses truncate cryptsetup mkfs.btrfs btrfs fsck.hfsplus wait_for_files samizdat-pinentry dynmenu samizdat-password-agent samizdat-gpg-agent'
+path_execs='mountpoint openvt rsync gpg2 gpg-agent pinentry-curses truncate cryptsetup mkfs.btrfs btrfs fsck.hfsplus wait_for_files samizdat-pinentry dynmenu samizdat-password-agent samizdat-gpg-agent parted'
 
 graft_paths="
     /bin/OpenVT=/bin/openvt
diff --git a/src/initrd/btrfs-create.sh b/src/initrd/btrfs-create.sh
index c13d981..5d359a9 100644
--- a/src/initrd/btrfs-create.sh
+++ b/src/initrd/btrfs-create.sh
@@ -168,6 +168,21 @@ filesystem_incomplete()
     [ "$n" != 1 ]
 }
 
+partition_new_hard_drive_DESTROYING_EVERYTHING()
+{
+    local target="$1"
+    # [ "$(parted -sm "$target" print | grep -c :)"  = 1 ] || return
+    parted "$target" -sm                  \
+           unit B                         \
+           mklabel gpt                    \
+           mkpart primary 32KiB 4MiB      \
+           set 1 bios_grub on             \
+           mkpart primary btrfs 4MiB 1GiB \
+           name 2 gpg-incomplete          \
+           mkpart primary 1GiB 100%       \
+           name 3 luks-incomplete
+}
+
 open_samizdat()
 {
   local imgfile="$1" keyfile="$2"
diff --git a/src/initrd/grok-block b/src/initrd/grok-block
index 081238a..086722d 100755
--- a/src/initrd/grok-block
+++ b/src/initrd/grok-block
@@ -46,6 +46,16 @@ addmenu_makeroot()
   ) &
 }
 
+addmenu_destroy_hard_drive()
+{
+    local device="$1"
+    (
+        addmenu "$device//$loopfile" \
+                "[ Install Samizdat to $device -- THIS DESTROYS ALL DATA ]" \
+                "menu-select boot-destroy-disk $device"
+    ) &
+}
+
 retry_mount()
 {
   tries=20
@@ -75,6 +85,7 @@ gpg_verify()
   export GNUPGHOME=/gpg/gnupghome
   gpg2 --lock-never --no-permission-warning --no-auto-check-trustdb --no-options --verify "$1"
 }
+
 is_lvm()
 {
   for n in 0 1 2 3; do
@@ -83,6 +94,19 @@ is_lvm()
   return 1
 }
 
+is_device_without_partitions()
+{
+    case "$1" in /dev/nbd*|/dev/sr*|*[0-9]) return 1 ;; esac
+
+    [ "$(parted -sm "$1" print | grep -c :)" = 1 ]
+}
+
+is_incomplete_samizdat_install()
+{
+    local partition_names="$(parted -sm "$1" print | sed 1,2d | awk -F: -e '{printf "%s:", $6}')"
+    [ "$partition_names" = 'primary:gpg-incomplete:luks-incomplete:' ]
+}
+
 grok_block()
 {
   local mountpoint="/mnt/${DEVNAME##*/}"
@@ -108,14 +132,22 @@ grok_block()
     retry_mount $mount_type -o ro "$DEVNAME" "$mountpoint"
   fi
 
-  if [ "$DEVNAME" = /dev/nbd0 ] && mountpoint -q "$mountpoint"; then
+  if ! mountpoint -q "$mountpoint"; then
+      rmdir "$mountpoint"
+      is_device_without_partitions "$DEVNAME" ||
+          is_incomplete_samizdat_install "$DEVNAME" &&
+              addmenu_destroy_hard_drive "$DEVNAME"
+
+      # TODO: Need option to boot the partitions we create
+      # TODO: And what if we create partitions and then reboot the machine mid-install?
 
+  elif [ "$DEVNAME" = /dev/nbd0 ]; then
     # This is our rootfs, over the network
     umount "$mountpoint"
     rmdir "$mountpoint"
     bootdone samizdat-nbd-dev
 
-  elif mountpoint -q "$mountpoint"; then
+  else
     umount=true
     # Device has an unencrypted filesystem on it.
     # So we mount it and look for loop-back overlays.
@@ -164,8 +196,6 @@ grok_block()
       umount "$mountpoint"
       rmdir "$mountpoint"
     fi
-  else
-    rmdir "$mountpoint"
   fi
 }
 
diff --git a/src/initrd/menu-select b/src/initrd/menu-select
index 129d685..4908b03 100755
--- a/src/initrd/menu-select
+++ b/src/initrd/menu-select
@@ -1,10 +1,11 @@
 #!/bin/sh
 # usage:
-#  $0 boot-ram                                          - use memory-only overlay
-#  $0 boot-new       [dev name] [loop file] [megabytes] - create new luks-encrypted overlay
-#  $0 boot-overwrite [dev name] [loop file] [megabytes] - overwrite with new luks overlay
-#  $0 boot-luks      [dev name] [loop file]             - boot existing luks-encrypted overlay
-#  $0 boot-gpg       [key id] [gnupg homedir] [???]     - boot any device signed with the key
+#  $0 boot-ram                                             - use memory-only overlay
+#  $0 boot-new          [dev name] [loop file] [megabytes] - create new luks-encrypted overlay
+#  $0 boot-overwrite    [dev name] [loop file] [megabytes] - overwrite with new luks overlay
+#  $0 boot-luks         [dev name] [loop file]             - boot existing luks-encrypted overlay
+#  $0 boot-destroy-disk [dev-name]                         - install to a fresh hard disk
+#  $0 boot-gpg          [key id] [gnupg homedir] [???]     - boot any device signed with the key
 
 . btrfs-create.sh
 . common.sh
@@ -37,7 +38,7 @@ while [ $# -ge 1 ]; do
 done
 [ -z "$badopts" ] || error 'usage error'
 
-[ $# -ge 2 -o "$1" = 'boot-ram' ] || error 'usage error'
+[ $# -ge 2 -o "$1" = 'boot-ram' -o "$1" = boot-destroy-disk ] || error 'usage error'
 
 remountrw()
 {
@@ -80,6 +81,16 @@ case "$1" in
         error
     }
   ;;
+  boot-destroy-disk)
+    dev="$2"
+    partition_new_hard_drive_DESTROYING_EVERYTHING "$dev" || error
+
+
+    # TODO: IMPLEMENT ME
+    # partition disk
+    # init_samizdat
+
+  ;;
   boot-overwrite|boot-new|boot-luks)
     dev="$2"
     loopfile="$3"