fix
This commit is contained in:
parent
09d514cae0
commit
3fe2d2657e
23
debian.sh
23
debian.sh
@ -46,6 +46,7 @@ WIRELESS_INTERFACE='wlan0'
|
||||
DISK_PASSWORD='123456'
|
||||
COMPRESSION='compress=zlib:5'
|
||||
DEBIAN_RELEASE='stable'
|
||||
AUTO_DECRYPT='True'
|
||||
FLATPAKS+=( app/net.brinkervii.grapejuice org.kde.kdenlive )
|
||||
|
||||
#Packages
|
||||
@ -116,7 +117,19 @@ systemMounts(){
|
||||
}
|
||||
|
||||
decryptBoot(){
|
||||
sed -i "s/none/\/etc\/keyfile.key/" /etc/crypttab
|
||||
KEYFILE='keyfile.key'
|
||||
echo;echo "Setting LUKS to use Keyfile for password entry";echo
|
||||
echo;echo "Clearing Old Keys";echo
|
||||
for i in 1 2 3 4 5 6
|
||||
do
|
||||
printf "$DISK_PASSWORD" | cryptsetup luksKillSlot ${BTRFS} $i
|
||||
done
|
||||
dd if=/dev/urandom of=/etc/$KEYFILE bs=1024 count=4
|
||||
chown root:root /etc/$KEYFILE
|
||||
chmod 0400 /etc/$KEYFILE
|
||||
echo;echo "Adding new key......";echo
|
||||
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} /etc/$KEYFILE
|
||||
sed -i "s/none/\/etc\/$KEYFILE/" /etc/crypttab
|
||||
echo "KEYFILE_PATTERN=\"/etc/*.key\"" > /etc/cryptsetup-initramfs/conf-hook
|
||||
}
|
||||
|
||||
@ -242,7 +255,9 @@ bootloader() {
|
||||
tar xf /etc/default/debian.tar -C /boot/grub/themes/
|
||||
plymouth-set-default-theme -R spacefun
|
||||
echo "root UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2) none luks" > /etc/crypttab
|
||||
decryptBoot
|
||||
if [ "$AUTO_DECRYPT" == "True" ];then
|
||||
decryptBoot
|
||||
fi
|
||||
/sbin/update-initramfs -c -k all
|
||||
echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"" >/etc/default/grub
|
||||
echo "GRUB_CMDLINE_LINUX=cryptdevice=UUID=$(/sbin/blkid | grep $BTRFS | cut -d '"' -f2):root root=UUID=$(/sbin/blkid | grep root | cut -d '"' -f4) rootflags=subvol@${ROOT_NAME} mitigations=-off" >>/etc/default/grub
|
||||
@ -254,7 +269,6 @@ bootloader() {
|
||||
|
||||
function setup_script() {
|
||||
cp -f debian.sh $TARGET/usr/bin/
|
||||
cp -f keyfile $TARGET/etc/keyfile.key
|
||||
echo 'bash /usr/bin/debian.sh kernel-packages' >>$TARGET/setup.sh
|
||||
sed -i 's/most/dep/i' $TARGET/etc/initramfs-tools/initramfs.conf
|
||||
echo "bash /usr/bin/debian.sh bootloader $1" >>$TARGET/setup.sh
|
||||
@ -427,6 +441,7 @@ server-config(){
|
||||
apt autoremove -y
|
||||
}
|
||||
|
||||
|
||||
initialize-disk() {
|
||||
parted /dev/$HARD_DISK mklabel gpt
|
||||
parted /dev/$HARD_DISK mkpart primary fat32 1MiB 200MiB
|
||||
@ -438,8 +453,6 @@ initialize-disk() {
|
||||
echo
|
||||
echo "Formatting....."
|
||||
echo y | mkfs.btrfs /dev/mapper/root --force
|
||||
dd if=/dev/urandom of=keyfile bs=1024 count=4
|
||||
printf "$DISK_PASSWORD" | cryptsetup luksAddKey ${BTRFS} keyfile
|
||||
}
|
||||
|
||||
wifi() {
|
||||
|
Loading…
Reference in New Issue
Block a user