]> gitweb.fluxo.info Git - hydra.git/commitdiff
projects / hydra.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 31677b3)
Provision: LUKS and Grub changes
authorSilvio Rhatto <rhatto@riseup.net>
Fri, 29 Jul 2016 17:41:00 +0000 (14:41 -0300)
committerSilvio Rhatto <rhatto@riseup.net>
Fri, 29 Jul 2016 17:41:00 +0000 (14:41 -0300)
share/config/provision/tpc.conf patch | blob | history
share/hydractl/provision patch | blob | history

diff --git a/share/config/provision/tpc.conf b/share/config/provision/tpc.conf
index 602bdfb6db081716f319dbfac4a0a3c60371d9a0..b0a6e7413086ed34972d0d44b49790b09b56b6ef 100644 (file)
--- a/share/config/provision/tpc.conf
+++ b/share/config/provision/tpc.conf
@@ -10,7 +10,7 @@ var_size="0"                            # Size of var partition
 encrypt="y"                             # Encrypt volumes?
 garbage="n"                             # Pre-fill volumes with garbage?
 disable_zeroing="n"                     # Disable zeroing of lvm volumes?
-random_swap="y"                         # Random swap?
+random_swap="n"                         # Random swap?
 arch="amd64"                            # System arch
 version="wheezy"                        # Distro version
 grub="y"                                # Setup GRUB?
diff --git a/share/hydractl/provision b/share/hydractl/provision
index c7be798f7f3d8cc13db991522bfdaf80bd9b18ad..70e52e59c2f3aa512c86869c512d41143551be2f 100755 (executable)
--- a/share/hydractl/provision
+++ b/share/hydractl/provision
@@ -51,7 +51,7 @@ function hydra_provision_lvcreate {
 # Cryptsetup wrapper.
 function hydra_cryptsetup {
   if [ ! -z "$1" ] && [ -b "$1" ]; then
-    hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random luksFormat $1
+    hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1
   fi
 }
 
@@ -386,27 +386,6 @@ EOF
   fi
 fi
 
-# Grub.
-if [ "$grub" == "y" ]; then
-  if [ "$encrypt" != "y" ]; then
-    echo "Boot device setup..."
-    hydra_sudo_run mkfs.ext4 $boot_device
-    hydra_sudo_run mount $boot_device $WORK/boot
-    echo "$reboot_device /boot ext4 defaults,errors=remount-ro 0 2" | $SUDO tee -a $WORK/etc/fstab > /dev/null
-  fi
-
-  echo "Setting up GRUB..."
-  $APT_INSTALL grub-pc -y
-
-  if [ "$encrypt" == "y" ]; then
-    echo ''                                  | $SUDO tee -a $WORK/etc/default/grub > /dev/null
-    echo '# Full Disk Encryption Support'    | $SUDO tee -a $WORK/etc/default/grub > /dev/null
-    echo 'GRUB_ENABLE_CRYPTODISK=y'          | $SUDO tee -a $WORK/etc/default/grub > /dev/null
-    hydra_sudo_run chroot $WORK/ update-grub
-    hydra_sudo_run chroot $WORK/ grub-install $device
-  fi
-fi
-
 # Kernel.
 echo "Installing kernel..."
 cat <<-EOF | $SUDO tee $WORK/etc/initramfs-tools/modules > /dev/null
@@ -435,6 +414,28 @@ $APT_INSTALL linux-image-$kernel_arch -y
 echo "Creating initramfs..."
 hydra_sudo_run chroot $WORK update-initramfs -v -u
 
+# Grub.
+if [ "$grub" == "y" ]; then
+  if [ "$encrypt" != "y" ]; then
+    echo "Boot device setup..."
+    hydra_sudo_run mkfs.ext4 $boot_device
+    hydra_sudo_run mount $boot_device $WORK/boot
+    echo "$reboot_device /boot ext4 defaults,errors=remount-ro 0 2" | $SUDO tee -a $WORK/etc/fstab > /dev/null
+  fi
+
+  echo "Setting up GRUB..."
+  $APT_INSTALL grub-pc -y
+
+  if [ "$encrypt" == "y" ]; then
+    echo ''                                               | $SUDO tee -a $WORK/etc/default/grub > /dev/null
+    echo '# Full Disk Encryption Support'                 | $SUDO tee -a $WORK/etc/default/grub > /dev/null
+    echo 'GRUB_ENABLE_CRYPTODISK=y'                       | $SUDO tee -a $WORK/etc/default/grub > /dev/null
+    echo 'GRUB_PRELOAD_MODULES="lvm cryptodisk mdraid1x"' | $SUDO tee -a $WORK/etc/default/grub > /dev/null
+    hydra_sudo_run chroot $WORK/ update-grub
+    hydra_sudo_run chroot $WORK/ grub-install --recheck --force $device
+  fi
+fi
+
 # Utils.
 echo "Installing basic utilities..."
 $APT_INSTALL screen cron lsb-release openssl -y
Hydra Suite