From 26280fee1361d54ad511f8b37dc42a7d5550fb85 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Mon, 8 Aug 2011 18:02:13 -0300
Subject: Adding support for non-encrypted systems

---
 share/hydractl/provision | 33 +++++++++++++++++++++++++++------
 1 file changed, 27 insertions(+), 6 deletions(-)

diff --git a/share/hydractl/provision b/share/hydractl/provision
index 83a19a0..12e27da 100755
--- a/share/hydractl/provision
+++ b/share/hydractl/provision
@@ -10,6 +10,7 @@ hydra_config_load
 # Setup.
 hydra_user_input device /dev/sdb "Destination device"
 hydra_user_input swap_device /dev/sda1 "Final swap device"
+hydra_user_input encrypt y "Encrypt system and storage volumes? (y/n)"
 hydra_user_input garbage y "Pre-fill volumes with garbage? (y/n)"
 hydra_user_input hostname $HOSTNAME "Hostname"
 hydra_user_input domain example.com "Domain"
@@ -60,10 +61,15 @@ if [ "$garbage" == "y" ]; then
 fi
 
 # Create root device.
-echo "Creating root device..."
-cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/$vg/root
-cryptsetup luksOpen /dev/$vg/root debootstrap
-mkfs.ext3 /dev/mapper/debootstrap
+if [ "$encrypt" == "y" ]; then
+  echo "Creating encrypted root device..."
+  cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/$vg/root
+  cryptsetup luksOpen /dev/$vg/root debootstrap
+  mkfs.ext3 /dev/mapper/debootstrap
+else
+  echo "Creating root device..."
+  mkfs.ext3 /dev/vg/root
+fi
 
 # Initial system install.
 echo "Installing base system..."
@@ -98,18 +104,33 @@ chroot /tmp/debootstrap/ apt-get install locales cryptsetup lvm2 initramfs-tools
 
 # Crypttab.
 echo "Configuring crypttab..."
-cat > /tmp/debootstrap/etc/crypttab <<-EOF
+if [ "$encrypt" == "y" ]; then
+  cat > /tmp/debootstrap/etc/crypttab <<-EOF
 # <target name> <source device>   <key file>  <options>
 root            /dev/mapper/vg-root     none            luks,cipher=aes-cbc-essiv:sha256
 cswap           $swap_device               /dev/random     swap,cipher=aes-cbc-essiv:sha256
 EOF
+else
+if [ "$encrypt" == "y" ]; then
+  cat > /tmp/debootstrap/etc/crypttab <<-EOF
+# <target name> <source device>   <key file>  <options>
+cswap           $swap_device               /dev/random     swap,cipher=aes-cbc-essiv:sha256
+EOF
+fi
 
 # Fstab.
 echo "Configuring fstab..."
-cat > /tmp/debootstrap/etc/fstab <<-EOF
+if [ "$encrypt" == "y" ]; then
+  cat > /tmp/debootstrap/etc/fstab <<-EOF
 /dev/mapper/cswap none swap sw 0 0
 /dev/mapper/root  /    ext3 defaults,errors=remount-ro 0 1
 EOF
+else
+  cat > /tmp/debootstrap/etc/fstab <<-EOF
+/dev/mapper/cswap none swap sw 0 0
+/dev/vg/root      /    ext3 defaults,errors=remount-ro 0 1
+EOF
+fi
 
 # Boot.
 echo "Boot device setup..."
-- 
cgit v1.2.3