diff options
-rw-r--r-- | templates/custom.cfg | 26 | ||||
-rw-r--r-- | templates/grub.cfg | 111 |
2 files changed, 137 insertions, 0 deletions
diff --git a/templates/custom.cfg b/templates/custom.cfg new file mode 100644 index 0000000..87de184 --- /dev/null +++ b/templates/custom.cfg @@ -0,0 +1,26 @@ +# +# Menu appearance +# +set menu_color_normal=white/blue +set menu_color_highlight=yellow/red + +# +# Example: imagens stored in the USB stick: just put your images under custom/debian/images. +# +menuentry 'Example: Darkstar' { + set volume=/dev/sda5 + set version=3.16.0-4-amd64 + set target=sda5_crypt + set rootfs=darkstar--vg-root + set distro=debian + bootimg ${volume} ${version} ${source} ${target} ${distro} +} + +# +# Example: Full Disk Encryption: images are loaded from encrypted partition. +# +menuentry 'Example: Darkstar FDE' { + set volume=darkstar + set version=3.16.0-4-amd64 + bootfde ${volume} ${version} +} diff --git a/templates/grub.cfg b/templates/grub.cfg new file mode 100644 index 0000000..35827db --- /dev/null +++ b/templates/grub.cfg @@ -0,0 +1,111 @@ +# +# Bootless: evil-maid mitigator. +# + +# +# Load environment +# +if [ -s $prefix/grubenv ]; then + load_env +fi + +# +# Basic config +# +set default="0" +set timeout=5 + +# +# Menu appearance +# +set menu_color_normal=white/blue +set menu_color_highlight=yellow/red + +# +# Handles boot from fully encrypted /boot volumes. +# Usage: bootfde <volume> <kernel-version> [source] [target] +# +function bootfde { + insmod luks + insmod lvm + + set volume=${1} + + if [ "${2}" ]; then + set version=${2} + else + set version=3.16.0-4-amd64 + fi + + if [ "${3}" ]; then + set source=${3} + else + set source=/dev/mapper/${1} + fi + + if [ "${4}" ]; then + set target=${4} + else + set target=root + fi + + cryptomount lvm/${volume} + set root=(crypto0) + echo "Loading ${volume}..." + linux /boot/vmlinuz-${version} root=/dev/mapper/${target} cryptopts=target=${target},source=${source} ro quiet + echo 'Loading initial ramdisk ...' + initrd /boot/initrd.img-${version} +} + +# +# Handles boot from images stored in the USB stick. +# Usage: bootfde <volume> <kernel-version> [target] [rootfs] [distro] +# +function bootimg { + set volume=${1} + + if [ "${2}" ]; then + set version=${2} + else + set version=3.16.0-4-amd64 + fi + + if [ "${3}" ]; then + set target=${3} + else + set target=root + fi + + if [ "${4}" ]; then + set rootfs=${4} + else + set rootfs=${target} + fi + + if [ "${5}" ]; then + set distro=${5} + else + set distro=debian + fi + + echo "Loading ${1}..." + linux /boot/custom/${distro}/vmlinuz-${version} root=/dev/mapper/${rootfs} cryptopts=target=${target},source=${volume} ro quiet apparmor=1 security=apparmor + echo 'Loading initial ramdisk ...' + initrd /boot/custom/${distro}/initrd.img-${version} +} + +# +# Default menu entry +# +menuentry "Memtest86+" { + linux16 /boot/default/memtest/memtest86+.bin +} + +# +# Custom menu entries +# +if [ -e "/boot/custom/custom.cfg" ]; then + menuentry "Custom configurations" { + configfile /boot/custom/custom.cfg + } +fi |