2021-03-11 14:04:04 +01:00
|
|
|
module start "bootloader" "Install Bootloader"
|
|
|
|
|
|
|
|
diskid="${cfg[diskid]//-/_}"
|
|
|
|
|
2021-03-12 21:55:45 +01:00
|
|
|
if [[ ! "${cfg[fde_key_store]}" == "none" ]]; then
|
2021-03-16 20:17:51 +01:00
|
|
|
sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"rd.luks.uuid=${cfg[partuuid]} /" /etc/default/grub
|
2021-03-12 22:04:53 +01:00
|
|
|
|
2021-03-12 21:55:45 +01:00
|
|
|
if [[ ! "${cfg[fde_key_store]}" == "once" ]]; then
|
2021-03-16 20:17:51 +01:00
|
|
|
if ! grep -q "GRUB_ENABLE_CRYPTODISK" /etc/default/grub; then
|
|
|
|
echo "GRUB_ENABLE_CRYPTODISK=y" >> /etc/default/grub
|
2021-03-12 21:55:45 +01:00
|
|
|
fi
|
2021-03-12 18:37:09 +01:00
|
|
|
fi
|
2021-03-11 14:04:04 +01:00
|
|
|
|
2021-03-16 20:17:51 +01:00
|
|
|
if [[ ! -f /boot/volume.key ]] && [[ ! "${cfg[fde_key_store]}" == "twice" ]] && [[ ! "${cfg[fde_key_store]}" == "once" ]]; then
|
|
|
|
dd bs=1 count=64 if=/dev/urandom of=/boot/volume.key
|
|
|
|
echo -n "${cfg[diskpw]}" | cryptsetup luksAddKey "${cfg[diskname]}${cfg[target_part]}" /boot/volume.key -d -
|
|
|
|
chmod 000 /boot/volume.key
|
|
|
|
chmod -R g-rwx,o-rwx /boot
|
2021-03-11 14:04:04 +01:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2021-03-12 21:55:45 +01:00
|
|
|
|
2021-03-16 20:17:51 +01:00
|
|
|
if ! grep -q rd.lvm.vg /etc/default/grub; then
|
|
|
|
sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"rd.lvm.vg=voidvg.${diskid} /" /etc/default/grub
|
2021-03-12 18:09:57 +01:00
|
|
|
fi
|
|
|
|
|
2021-03-16 20:17:51 +01:00
|
|
|
if ! grep -q rd.console.keymap /etc/default/grub; then
|
|
|
|
sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\" rd.vconsole.keymap=${cfg[lang_console]} /" /etc/default/grub
|
2021-03-12 19:04:37 +01:00
|
|
|
fi
|
|
|
|
|
2021-03-12 18:09:57 +01:00
|
|
|
if [[ "${cfg[hibernate]}" == "1" ]]; then
|
2021-03-16 20:17:51 +01:00
|
|
|
sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"resume=UUID=${cfg[swapuuid]} /" /etc/default/grub
|
2021-03-11 14:04:04 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ "${cfg[fde_key_store]}" == "initramfs" ]]; then
|
2021-03-16 20:17:51 +01:00
|
|
|
mkdir -p /etc/dracut.conf.d/
|
|
|
|
echo 'install_items+=" /boot/volume.key /etc/crypttab "' > /etc/dracut.conf.d/crypt-ssh.conf
|
|
|
|
echo "voidluks-${diskid} UUID=${cfg[partuuid]} /boot/volume.key luks" > /etc/crypttab
|
2021-03-11 14:04:04 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
|
2021-03-12 18:09:57 +01:00
|
|
|
module end
|