fix
This commit is contained in:
parent
09d514cae0
commit
3fe2d2657e
23
debian.sh
23
debian.sh
@ -46,6 +46,7 @@ WIRELESS_INTERFACE='wlan0'
|
|||||||
DISK_PASSWORD='123456'
|
DISK_PASSWORD='123456'
|
||||||
COMPRESSION='compress=zlib:5'
|
COMPRESSION='compress=zlib:5'
|
||||||
DEBIAN_RELEASE='stable'
|
DEBIAN_RELEASE='stable'
|
||||||
|
AUTO_DECRYPT='True'
|
||||||
FLATPAKS+=( app/net.brinkervii.grapejuice org.kde.kdenlive )
|
FLATPAKS+=( app/net.brinkervii.grapejuice org.kde.kdenlive )
|
||||||
|
|
||||||
#Packages
|
#Packages
|
||||||
@ -116,7 +117,19 @@ systemMounts(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
decryptBoot(){
|
decryptBoot(){
|
||||||
sed -i "s/none/\/etc\/keyfile.key/" /etc/crypttab
|
KEYFILE='keyfile.key'
|
||||||
|
echo;echo "Setting LUKS to use Keyfile for password entry";echo
|
||||||
|
echo;echo "Clearing Old Keys";echo
|
||||||
|
for i in 1 2 3 4 5 6
|
||||||
|
do
|
||||||
|
printf "$DISK_PASSWORD" | cryptsetup luksKillSlot ${BTRFS} $i
|
||||||
|
done
|
||||||
|
dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4
|
||||||
|
chown root:root /etc/$KEYFILE
|
||||||
|
chmod 0400 /etc/$KEYFILE
|
||||||
|
echo;echo "Adding new key......";echo
|
||||||
|
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} /etc/$KEYFILE
|
||||||
|
sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab
|
||||||
echo "KEYFILE_PATTERN=\"/etc/*.key\"" > /etc/cryptsetup-initramfs/conf-hook
|
echo "KEYFILE_PATTERN=\"/etc/*.key\"" > /etc/cryptsetup-initramfs/conf-hook
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -242,7 +255,9 @@ bootloader() {
|
|||||||
tar xf /etc/default/debian.tar -C /boot/grub/themes/
|
tar xf /etc/default/debian.tar -C /boot/grub/themes/
|
||||||
plymouth-set-default-theme -R spacefun
|
plymouth-set-default-theme -R spacefun
|
||||||
echo "root UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2) none luks" > /etc/crypttab
|
echo "root UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2) none luks" > /etc/crypttab
|
||||||
decryptBoot
|
if [ "$AUTO_DECRYPT" == "True" ];then
|
||||||
|
decryptBoot
|
||||||
|
fi
|
||||||
/sbin/update-initramfs -c -k all
|
/sbin/update-initramfs -c -k all
|
||||||
echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"" >/etc/default/grub
|
echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"" >/etc/default/grub
|
||||||
echo "GRUB_CMDLINE_LINUX=cryptdevice=UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2):root root=UUID=$(/sbin/blkid | grep root | cut -d '"' -f4) rootflags=subvol@${ROOT_NAME} mitigations=-off" >>/etc/default/grub
|
echo "GRUB_CMDLINE_LINUX=cryptdevice=UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2):root root=UUID=$(/sbin/blkid | grep root | cut -d '"' -f4) rootflags=subvol@${ROOT_NAME} mitigations=-off" >>/etc/default/grub
|
||||||
@ -254,7 +269,6 @@ bootloader() {
|
|||||||
|
|
||||||
function setup_script() {
|
function setup_script() {
|
||||||
cp -f debian.sh $TARGET/usr/bin/
|
cp -f debian.sh $TARGET/usr/bin/
|
||||||
cp -f keyfile $TARGET/etc/keyfile.key
|
|
||||||
echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh
|
echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh
|
||||||
sed -i 's/most/dep/i' $TARGET/etc/initramfs-tools/initramfs.conf
|
sed -i 's/most/dep/i' $TARGET/etc/initramfs-tools/initramfs.conf
|
||||||
echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh
|
echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh
|
||||||
@ -427,6 +441,7 @@ server-config(){
|
|||||||
apt autoremove -y
|
apt autoremove -y
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
initialize-disk() {
|
initialize-disk() {
|
||||||
parted /dev/$HARD_DISK mklabel gpt
|
parted /dev/$HARD_DISK mklabel gpt
|
||||||
parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB
|
parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB
|
||||||
@ -438,8 +453,6 @@ initialize-disk() {
|
|||||||
echo
|
echo
|
||||||
echo "Formatting....."
|
echo "Formatting....."
|
||||||
echo y | mkfs.btrfs /dev/mapper/root --force
|
echo y | mkfs.btrfs /dev/mapper/root --force
|
||||||
dd if=/dev/urandom of=keyfile bs=1024 count=4
|
|
||||||
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} keyfile
|
|
||||||
}
|
}
|
||||||
|
|
||||||
wifi() {
|
wifi() {
|
||||||
|
Loading…
Reference in New Issue
Block a user