diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2016-07-07 14:38:20 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2016-07-07 14:38:20 -0300 |
| commit | 776eebfdccaf528a1421a2906c623ca5e7872a12 (patch) | |
| tree | 13e4004569f2944da3d6c8c37e9e57812bd73b10 /share/hydractl/provision | |
| parent | 47aaddcf6979b7c90f26f540f0edcad2c2776280 (diff) | |
| download | hydra-776eebfdccaf528a1421a2906c623ca5e7872a12.tar.gz hydra-776eebfdccaf528a1421a2906c623ca5e7872a12.tar.bz2 | |
Initial code for Full Disk Encryption
Diffstat (limited to 'share/hydractl/provision')
| -rwxr-xr-x | share/hydractl/provision | 47 |
1 files changed, 34 insertions, 13 deletions
diff --git a/share/hydractl/provision b/share/hydractl/provision index 0c57e49..35021c9 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -142,16 +142,27 @@ fi # Disk partitioning. hydra_sudo_run parted -s -- $device mklabel gpt hydra_sudo_run parted -s -- $device unit MB mkpart non-fs 2 3 -hydra_sudo_run parted -s -- $device unit MB mkpart ext2 3 200 -hydra_sudo_run parted -s -- $device unit MB mkpart ext2 200 -1 hydra_sudo_run parted -s -- $device set 1 bios_grub on -hydra_sudo_run parted -s -- $device set 2 boot on -hydra_sudo_run parted -s -- $device set 3 lvm on -# Use absolute paths for devices. -boot_device="$device"2 -syst_device="$device"3 -reboot_device="`blkid | grep ^$boot_device: | cut -d ' ' -f 2 | sed -e 's/"//g'`" +if [ "$encrypt" == "y" ]; then + hydra_sudo_run parted -s -- $device unit MB mkpart ext2 3 -1 + hydra_sudo_run parted -s -- $device set 2 lvm on + + boot_device="$device"2 + syst_device="$device"2 +else + hydra_sudo_run parted -s -- $device unit MB mkpart ext2 3 200 + hydra_sudo_run parted -s -- $device unit MB mkpart ext2 200 -1 + hydra_sudo_run parted -s -- $device set 3 lvm on + + boot_device="$device"2 + syst_device="$device"3 + + # Use absolute path + reboot_device="`blkid | grep ^$boot_device: | cut -d ' ' -f 2 | sed -e 's/"//g'`" +fi + +hydra_sudo_run parted -s -- $device set 2 boot on # Create volumes. echo "Creating the needed disk volumes..." @@ -374,13 +385,23 @@ fi # Grub. if [ "$grub" == "y" ]; then - echo "Boot device setup..." - hydra_sudo_run mkfs.ext4 $boot_device - hydra_sudo_run mount $boot_device $WORK/boot - echo "$reboot_device /boot ext4 defaults,errors=remount-ro 0 2" | $SUDO tee -a $WORK/etc/fstab > /dev/null + if [ "$encrypt" != "y" ]; then + echo "Boot device setup..." + hydra_sudo_run mkfs.ext4 $boot_device + hydra_sudo_run mount $boot_device $WORK/boot + echo "$reboot_device /boot ext4 defaults,errors=remount-ro 0 2" | $SUDO tee -a $WORK/etc/fstab > /dev/null + fi echo "Setting up GRUB..." hydra_sudo_run chroot $WORK/ apt-get install grub-pc -y + + if [ "$encrypt" == "y" ]; then + echo '' >> $WORK/etc/default/grub + echo '# Full Disk Encryption Support' >> $WORK/etc/default/grub + echo 'GRUB_ENABLE_CRYPTODISK=y' >> $WORK/etc/default/grub + hydra_sudo_run chroot $WORK/ update-grub + hydra_sudo_run chroot $WORK/ grub-install $device + fi fi # Kernel. @@ -441,5 +462,5 @@ Now proceeed with final steps: - Review fstab, crypttab and optional GRUB configuration. - Rename volume group $vg if needed, updating fstab and crypttab accordingly. -See http://padrao.sarava.org/install for more information. +See https://padrao.fluxo.info/install for more information. EOF |