30 lines
1.2 KiB
Plaintext
30 lines
1.2 KiB
Plaintext
module start "bootloader" "Install Bootloader"
|
|
|
|
source "${vars}/disk"
|
|
diskid="${cfg[diskid]//-/_}"
|
|
|
|
if [[ ! "${cfg[fde_key_store]}" == "none" ]] && [[ ! "${cfg[fde_key_store]}" == "once" ]]; then
|
|
if ! grep -q "GRUB_ENABLE_CRYPTODISK" "${dest}"/etc/default/grub; then
|
|
echo "GRUB_ENABLE_CRYPTODISK=y" >> "${dest}"/etc/default/grub
|
|
fi
|
|
|
|
if [[ ! -f "${dest}"/boot/volume.key ]]; then
|
|
dd bs=1 count=64 if=/dev/urandom of="${dest}"/boot/volume.key
|
|
echo -n "${cfg[diskpw]}" | cryptsetup luksAddKey "${cfg[diskname]}${cfg[target_part]}" "${dest}"/boot/volume.key -d -
|
|
chmod 000 "${dest}"/boot/volume.key
|
|
chmod -R g-rwx,o-rwx "${dest}"/boot
|
|
fi
|
|
fi
|
|
|
|
if ! grep -q rd.lvm.vg "${dest}"/etc/default/grub; then
|
|
sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT/s/=\"/=\"rd.lvm.vg=voidvg.${diskid} rd.luks.uuid=${cfg[partuuid]} rd.vconsole.keymap=${cfg[lang_console]} /" "${dest}"/etc/default/grub
|
|
fi
|
|
|
|
if [[ "${cfg[fde_key_store]}" == "initramfs" ]]; then
|
|
mkdir -p "${dest}"/etc/dracut.conf.d/
|
|
echo 'install_items+=" /boot/volume.key /etc/crypttab "' > "${dest}"/etc/dracut.conf.d/crypt-ssh.conf
|
|
echo "voidluks-${diskid} UUID=${cfg[partuuid]} /boot/volume.key luks" > "${dest}"/etc/crypttab
|
|
fi
|
|
|
|
|
|
module end |