diff options
Diffstat (limited to 'share/hydractl/provision')
| -rwxr-xr-x | share/hydractl/provision | 45 |
1 files changed, 23 insertions, 22 deletions
diff --git a/share/hydractl/provision b/share/hydractl/provision index c7be798..70e52e5 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -51,7 +51,7 @@ function hydra_provision_lvcreate { # Cryptsetup wrapper. function hydra_cryptsetup { if [ ! -z "$1" ] && [ -b "$1" ]; then - hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat $1 + hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1 fi } @@ -386,27 +386,6 @@ EOF fi fi -# Grub. -if [ "$grub" == "y" ]; then - if [ "$encrypt" != "y" ]; then - echo "Boot device setup..." - hydra_sudo_run mkfs.ext4 $boot_device - hydra_sudo_run mount $boot_device $WORK/boot - echo "$reboot_device /boot ext4 defaults,errors=remount-ro 0 2" | $SUDO tee -a $WORK/etc/fstab > /dev/null - fi - - echo "Setting up GRUB..." - $APT_INSTALL grub-pc -y - - if [ "$encrypt" == "y" ]; then - echo '' | $SUDO tee -a $WORK/etc/default/grub > /dev/null - echo '# Full Disk Encryption Support' | $SUDO tee -a $WORK/etc/default/grub > /dev/null - echo 'GRUB_ENABLE_CRYPTODISK=y' | $SUDO tee -a $WORK/etc/default/grub > /dev/null - hydra_sudo_run chroot $WORK/ update-grub - hydra_sudo_run chroot $WORK/ grub-install $device - fi -fi - # Kernel. echo "Installing kernel..." cat <<-EOF | $SUDO tee $WORK/etc/initramfs-tools/modules > /dev/null @@ -435,6 +414,28 @@ $APT_INSTALL linux-image-$kernel_arch -y echo "Creating initramfs..." hydra_sudo_run chroot $WORK update-initramfs -v -u +# Grub. +if [ "$grub" == "y" ]; then + if [ "$encrypt" != "y" ]; then + echo "Boot device setup..." + hydra_sudo_run mkfs.ext4 $boot_device + hydra_sudo_run mount $boot_device $WORK/boot + echo "$reboot_device /boot ext4 defaults,errors=remount-ro 0 2" | $SUDO tee -a $WORK/etc/fstab > /dev/null + fi + + echo "Setting up GRUB..." + $APT_INSTALL grub-pc -y + + if [ "$encrypt" == "y" ]; then + echo '' | $SUDO tee -a $WORK/etc/default/grub > /dev/null + echo '# Full Disk Encryption Support' | $SUDO tee -a $WORK/etc/default/grub > /dev/null + echo 'GRUB_ENABLE_CRYPTODISK=y' | $SUDO tee -a $WORK/etc/default/grub > /dev/null + echo 'GRUB_PRELOAD_MODULES="lvm cryptodisk mdraid1x"' | $SUDO tee -a $WORK/etc/default/grub > /dev/null + hydra_sudo_run chroot $WORK/ update-grub + hydra_sudo_run chroot $WORK/ grub-install --recheck --force $device + fi +fi + # Utils. echo "Installing basic utilities..." $APT_INSTALL screen cron lsb-release openssl -y |