From f1c55982006fa5e2a8706f7460a4cd16e9f767d3 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 2 Jul 2016 18:29:19 -0300
Subject: Bootless: FDE support

---
 share/config/templates/bootless/grub.cfg | 52 ++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 share/config/templates/bootless/grub.cfg

(limited to 'share/config/templates/bootless/grub.cfg')

diff --git a/share/config/templates/bootless/grub.cfg b/share/config/templates/bootless/grub.cfg
new file mode 100644
index 0000000..b4e9e25
--- /dev/null
+++ b/share/config/templates/bootless/grub.cfg
@@ -0,0 +1,52 @@
+#
+# Bootless: evil-maid mitigator.
+#
+
+#
+# Load environment
+#
+if [ -s $prefix/grubenv ]; then
+  load_env
+fi
+
+#
+# Basic config
+#
+set default="0"
+set timeout=5
+
+#
+# Menu appearance
+#
+set menu_color_normal=white/blue
+set menu_color_highlight=yellow/red
+
+#
+# Handles boot from fully encrypted /boot volumes.
+#
+function bootfde {
+  insmod luks
+  insmod lvm
+
+  cryptomount lvm/${1}-root
+  set root=(crypto0)
+
+	echo	 "Loading ${1}..."
+  linux  /boot/vmlinuz-${2}-amd64 root=/dev/mapper/root cryptopts=target=root,source=/dev/mapper/${1}-root ro quiet
+  echo   'Loading initial ramdisk ...'
+  initrd /boot/initrd.img-${2}-amd64
+}
+
+#
+# Default menu entry
+#
+menuentry "Memtest86+" {
+  linux16 /boot/default/memtest/memtest86+.bin
+}
+
+#
+# Custom menu entries
+#
+if [ -e "/boot/custom/custom.cfg" ]; then
+  configfile /boot/custom/custom.cfg
+fi
-- 
cgit v1.2.3