msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 59s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-09-02 15:22:39 +02:00
parent b7494af52a
commit ddf039b09f
6 changed files with 31 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.preseed/preseed.yaml
View File

@@ -423,7 +423,7 @@ grub_parameter:
grub: grub:
background: # RECOMMENDED settings: JPG 1280 x 1024 px or JPG 1920 x 1080 px background: # RECOMMENDED settings: JPG 1280 x 1024 px or JPG 1920 x 1080 px
enable: true # If you want to add a GRUB background. enable: true # If you want to add a GRUB background.
path: "/includes/target/etc/default/grub.d/hexagon_1280_720.png" path: "/includes/target/etc/default/grub.d/hexagon_800_600.png"
bootdev: "/dev/sda" # Due notably to potential USB sticks, the location of the primary drive cannot be determined bootdev: "/dev/sda" # Due notably to potential USB sticks, the location of the primary drive cannot be determined
# safely in general, so this needs to be specified. # safely in general, so this needs to be specified.
force_efi: true # Force GRUB installation to the EFI removable media path? force_efi: true # Force GRUB installation to the EFI removable media path?

22
func/cdi_4200_boot/4210_generate_crypttab.sh
View File

@@ -85,8 +85,9 @@ EOF
if [[ "${VAR_DROPBEAR}" == "true" ]]; then if [[ "${VAR_DROPBEAR}" == "true" ]]; then
if [[ "${var_key}" == "/" ]]; then case "${var_key,,}" in
"/")
mkdir -p "${TARGET}/etc/initramfs-tools/files" mkdir -p "${TARGET}/etc/initramfs-tools/files"
mkdir -p "${TARGET}/usr/lib/cryptsetup/scripts" mkdir -p "${TARGET}/usr/lib/cryptsetup/scripts"
@@ -97,17 +98,26 @@ EOF
"${TARGET}/lib/cryptsetup/scripts/" "${TARGET}/lib/cryptsetup/scripts/"
#write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=/lib/cryptsetup/scripts/unlock_wrapper.sh" #write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=/lib/cryptsetup/scripts/unlock_wrapper.sh"
printf "### Early-unlocked (initramfs) - single passphrase via decrypt_keyctl\n" >> "${TARGET}/etc/crypttab"
write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=decrypt_keyctl,tries=1" write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=decrypt_keyctl,tries=1"
;;
elif [[ "${var_key}" == "/usr" ]]; then "/usr")
printf "### Early-unlocked (initramfs) - single passphrase via decrypt_keyctl\n" >> "${TARGET}/etc/crypttab"
write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=decrypt_keyctl,tries=1" write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=decrypt_keyctl,tries=1"
;;
else "/boot")
printf "### LUKS encrypted '/boot' different passphrase, not in initramfs\n" >> "${TARGET}/etc/crypttab"
write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard"
;;
write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs,keyscript=decrypt_keyctl,tries=1" *)
printf "### Late-unlocked (userspace) no initramfs, independent prompts / tokens\n" >> "${TARGET}/etc/crypttab"
write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard"
;;
fi esac
else else

2
func/cdi_4200_boot/4230_installation_grub.sh
View File

@@ -128,7 +128,7 @@ GRUB_BACKGROUND="/etc/default/grub.d/${var_background}"
# note that you can use only modes which your graphic card supports via VBE # note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command 'vbeinfo' # you can see them in real GRUB with the command 'vbeinfo'
# GRUB_GFXMODE=1920x1080,1280x1024,1024x768,800x600 # GRUB_GFXMODE=1920x1080,1280x1024,1024x768,800x600
GRUB_GFXMODE=auto GRUB_GFXMODE=800x600
GRUB_GFXPAYLOAD_LINUX=keep GRUB_GFXPAYLOAD_LINUX=keep
EOF EOF

5
func/cdi_4300_network/4312_dropbear_setup.sh
View File

@@ -36,7 +36,8 @@ guard_sourcing
####################################### #######################################
dropbear_setup() { dropbear_setup() {
### Declare Arrays, HashMaps, and Variables. ### Declare Arrays, HashMaps, and Variables.
declare network_static_ipv4ntpserver_0="192.53.103.108" declare network_static_ipv4ntpserver_0="192.53.103.108" \
var_force_command_string='command="/usr/local/bin/unlock-wrapper.sh",no-agent-forwarding,no-port-forwarding,no-X11-forwarding '
### Prepare strong dropbear host keys ### Prepare strong dropbear host keys
rm -f "${TARGET}"/etc/dropbear/initramfs/dropbear*key* rm -f "${TARGET}"/etc/dropbear/initramfs/dropbear*key*
@@ -49,7 +50,7 @@ dropbear_setup() {
### Prepare dropbear authorized_keys ### Prepare dropbear authorized_keys
touch "${TARGET}/etc/dropbear/initramfs/authorized_keys" && chmod 0600 "${TARGET}/etc/dropbear/initramfs/authorized_keys" touch "${TARGET}/etc/dropbear/initramfs/authorized_keys" && chmod 0600 "${TARGET}/etc/dropbear/initramfs/authorized_keys"
printf "%s\n" "${user_root_sshpubkey}" >> "${TARGET}/etc/dropbear/initramfs/authorized_keys" printf "%s\n" "${var_force_command_string}${user_root_sshpubkey}" >> "${TARGET}/etc/dropbear/initramfs/authorized_keys"
install -m 0644 -o root -g root "${VAR_SETUP_PATH}/includes/target/etc/banner" "${TARGET}/etc/dropbear/initramfs/" install -m 0644 -o root -g root "${VAR_SETUP_PATH}/includes/target/etc/banner" "${TARGET}/etc/dropbear/initramfs/"
### Check for initramfs "IP"-variable: static or dynamic configuration vai dhcp. ### Check for initramfs "IP"-variable: static or dynamic configuration vai dhcp.

BIN
includes/target/etc/default/grub.d/club_800_600.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 621 KiB

BIN
includes/target/etc/default/grub.d/hexagon_800_600.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 273 KiB