#!/bin/bash # nullpoint installer - run this from Hetzner rescue mode # wget -qO- https://git.dominik-roth.eu/dodox/nullpoint/raw/branch/master/install.sh | bash set -euo pipefail BANNER=$(cat << "EOF" :^7J5GB##&&##GPY?~: ^75B&@@@@@@&&&@@@@@@@#GJ~: 5&@@@&B5?7~^^^^^~!7YP#@@@@#! Y##P7^ :~JB#B! :: : 7PP?: :^~!!~^: :?PP7 :B@@B: !5B&@@@@&B5! :#@@B: :!!: ^G@@@&BPPB@@@@G^ :!!: :B@@@5^ ^5@@@B: :7J7: !@@@# :&@@@~ :?J7: J@@@5 :#@@@Y: :Y@@@B: 5@@@J !@@@&^ ~B@@@&G55G&@@@B~ ~&@@@~ 5@@@G: :7P#@@@@@@#P7: :B@@@Y :P@@@B~ :~!77!~: ~B@@@P Y@@@&Y^ ^5@@@@J !G@@@&P7^ ^7P&@@@G~ !P&@@@&B? :: ?B&@@@&P! ^75#&&Y :P&&5: 5&&B57^ :^^ :P&&5: ^^: ^^ [nullpoint] EOF ) clear echo -e "\n$BANNER" echo -e "\n[+] nullpoint installer starting..." # Check if we're in Hetzner rescue mode if [ ! -f /etc/hetzner-build ]; then echo "ERROR: This script must be run from Hetzner rescue mode!" exit 1 fi # Get SSH key from current session echo "[+] Detecting SSH key from current session..." SSH_KEY=$(grep "^ssh-" ~/.ssh/authorized_keys | head -1) if [ -z "$SSH_KEY" ]; then echo "ERROR: No SSH key found in authorized_keys!" echo "Please enter your SSH public key:" read -r SSH_KEY if [ -z "$SSH_KEY" ]; then echo "SSH key is required!" exit 1 fi fi echo "Found SSH key: ${SSH_KEY:0:50}..." # Ask for hostname echo -e "\n[+] Server configuration" read -p "Enter hostname [nullpoint]: " HOSTNAME HOSTNAME=${HOSTNAME:-nullpoint} # Ask for username read -p "Enter username for admin account [null]: " USERNAME USERNAME=${USERNAME:-null} # Generate secure LUKS passphrase echo -e "\n[+] Generating secure LUKS passphrase..." LUKS_PASS=$(openssl rand -base64 30) echo -e "\n================================================" echo "LUKS PASSPHRASE (SAVE THIS!):" echo "$LUKS_PASS" echo "================================================" echo -e "\nPress Enter when you've saved the passphrase..." read # Clone or download the nullpoint repo echo "[+] Downloading nullpoint configuration..." if command -v git &> /dev/null; then git clone https://git.dominik-roth.eu/dodox/nullpoint.git /tmp/nullpoint else echo "ERROR: git not available and wget fallback insufficient for dotfiles" echo "Please install git or use manual installation method" exit 1 fi # Update install.conf echo "[+] Configuring installation..." cd /tmp/nullpoint sed -i "s/^HOSTNAME .*/HOSTNAME $HOSTNAME/" install.conf sed -i "s/^CRYPTPASSWORD .*/CRYPTPASSWORD $LUKS_PASS/" install.conf # Update post-install.sh sed -i "s/^ALMA_USER=.*/ALMA_USER=\"$USERNAME\"/" post-install.sh sed -i "s|^SSH_KEY=.*|SSH_KEY=\"$SSH_KEY\"|" post-install.sh # Copy to root directory where installimage expects them cp install.conf /root/ cp post-install.sh /root/ chmod +x /root/post-install.sh # Ask for optional features echo -e "\n[+] Optional features:" read -p "Do you have a TPM and want to use it? [y/N]: " USE_TPM if [[ "$USE_TPM" =~ ^[Yy]$ ]]; then echo "TPM will be configured if available." else sed -i 's/^TPM_ENABLED=.*/TPM_ENABLED=false/' /root/post-install.sh fi read -p "Do you have Tang servers configured? [y/N]: " USE_TANG if [[ "$USE_TANG" =~ ^[Yy]$ ]]; then echo "Please edit /root/post-install.sh after installation to add Tang servers." fi # Final confirmation echo -e "\n[+] Ready to install with these settings:" echo " Hostname: $HOSTNAME" echo " Username: $USERNAME" echo " SSH Key: ${SSH_KEY:0:50}..." echo " LUKS Passphrase: [HIDDEN]" echo "" read -p "Proceed with installation? [Y/n]: " CONFIRM if [[ "$CONFIRM" =~ ^[Nn]$ ]]; then echo "Installation cancelled." exit 1 fi # Run the installer echo -e "\n[+] Starting Hetzner installimage..." echo "The installer will now run. Follow any prompts if needed." echo "" installimage -a -c /root/install.conf -s /root/post-install.sh echo -e "\n[+] Installation complete!" echo "" echo "IMPORTANT REMINDERS:" echo "1. Save your LUKS passphrase securely!" echo "2. After reboot, you'll need to enter it twice (once per disk)" echo "3. SSH to the server as user '$USERNAME'" echo "" echo "The system is ready for use!"