projects / fai-configs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 6a5433e)
Fix some env variables and add LUKS and ecryptfs support
authorSamuel Cantero <scg@fsf.org>
Wed, 4 May 2016 17:18:43 +0000 (13:18 -0400)
committerSamuel Cantero <scg@fsf.org>
Wed, 4 May 2016 17:18:43 +0000 (13:18 -0400)
The hostname for install a new host with LUKS and ecryptfs support is called "sfreetop*".
The new classes have been added: LUKS and ECRYPTFS.

class/50-host-classes patch | blob | blame | history
class/FAIBASE.var patch | blob | blame | history
disk_config/LUKS [new file with mode: 0644] patch | blob
package_config/DEFAULT patch | blob | blame | history
package_config/ECRYPTFS [new file with mode: 0644] patch | blob
package_config/FAIBASE patch | blob | blame | history
scripts/ECRYPTFS/10-misc [new file with mode: 0755] patch | blob

diff --git a/class/50-host-classes b/class/50-host-classes
index a5a5e01ce051411daa735e692ec5455ec7c22210..ef4d746ce4e7a2b796da1cc1c99f253f50060267 100755 (executable)
--- a/class/50-host-classes
+++ b/class/50-host-classes
@@ -56,7 +56,9 @@ case $HOSTNAME in
     freetop*)
         echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LAPTOP 3DPRINT"
         ;;
     freetop*)
         echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LAPTOP 3DPRINT"
         ;;
-
+    sfreetop*)
+        echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LAPTOP 3DPRINT LUKS ECRYPTFS"
+        ;;
     libretop*)
         echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LAPTOP LPCONF"
         ;;
     libretop*)
         echo "FAIBASE $GRUB NW_MGR SYSADMIN XORG TRISQUEL WORKSTATION LAPTOP LPCONF"
         ;;
diff --git a/class/FAIBASE.var b/class/FAIBASE.var
index 6508335dec42c64f8ba045eb8a880e849f734899..32a1bd8e41763b149a82a706794fd18ee4feb872 100644 (file)
--- a/class/FAIBASE.var
+++ b/class/FAIBASE.var
@@ -4,7 +4,7 @@
 FAI_ALLOW_UNSIGNED=1
 
 CONSOLEFONT=
 FAI_ALLOW_UNSIGNED=1
 
 CONSOLEFONT=
-KEYMAP=us-latin1
+KEYMAP=us
 
 # Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not.
 UTC=yes
 
 # Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not.
 UTC=yes
@@ -24,12 +24,12 @@ MODULESLIST="usbkbd ehci-hcd ohci-hcd uhci-hcd usbhid psmouse"
 STOP_ON_ERROR=700
 
 # use the new partitioning tool
 STOP_ON_ERROR=700
 
 # use the new partitioning tool
-USE_SETUP_STORAGE=1
+#USE_SETUP_STORAGE=1
 
 # These values need to be in both fai.conf and the config space:
 
 
 # These values need to be in both fai.conf and the config space:
 
-FAI_CONFIG_SRC=https://vcs.fsf.org/git/fai-configs.git
+#FAI_CONFIG_SRC=https://vcs.fsf.org/git/fai-configs.git
 
 
-MNTPOINT=/srv/fai/mirror
+#MNTPOINT=/srv/fai/mirror
 
 
-FAI=/srv/fai/config
+#FAI=/srv/fai/config
diff --git a/disk_config/LUKS b/disk_config/LUKS
new file mode 100644 (file)
index 0000000..e6a0400
--- /dev/null
+++ b/disk_config/LUKS
@@ -0,0 +1,13 @@
+disk_config disk1
+
+primary /boot  500  ext4  rw
+primary -      12G  -     -
+primary /home  100-100%   xfs   rw
+
+disk_config cryptsetup
+luks:"fsfluks" - disk1.2 - -
+
+disk_config lvm
+vg fsf disk1.2
+fsf-root    /     4096-  ext4  rw,errors=remount-ro
+fsf-swap    swap  2G     swap  sw
diff --git a/package_config/DEFAULT b/package_config/DEFAULT
index c37840d7375e1e88a0c3d1f5792685e68314df4c..1f51e831598c2df8ae1ef9d3b3c1a7f370dfe95c 100644 (file)
--- a/package_config/DEFAULT
+++ b/package_config/DEFAULT
@@ -5,10 +5,9 @@ memtest86
 PACKAGES aptitude CHROOT
 linux-image-generic
 
 PACKAGES aptitude CHROOT
 linux-image-generic
 
-
 PACKAGES aptitude AMD64
 PACKAGES aptitude AMD64
-linux-image-generic initramfs-tools
-memtest86
+linux-image-4.2.0-35-lowlatency initramfs-tools
+#memtest86
 
 PACKAGES aptitude XEN
 xen-linux-system-2.6.26-2-xen-amd64
 
 PACKAGES aptitude XEN
 xen-linux-system-2.6.26-2-xen-amd64
diff --git a/package_config/ECRYPTFS b/package_config/ECRYPTFS
new file mode 100644 (file)
index 0000000..f58e092
--- /dev/null
+++ b/package_config/ECRYPTFS
@@ -0,0 +1,2 @@
+PACKAGES aptitude ECRYPTFS
+ecryptfs-utils
diff --git a/package_config/FAIBASE b/package_config/FAIBASE
index 6dee473dbe1fa8b049974a1fcb822f071f6bcc52..1550674dc04b31737b903f1711863ab1140ca0aa 100644 (file)
--- a/package_config/FAIBASE
+++ b/package_config/FAIBASE
@@ -27,7 +27,6 @@ lvm2
 git
 manpages
 man-db
 git
 manpages
 man-db
-rsyslog-
 syslog-ng
 autoconf
 automake
 syslog-ng
 autoconf
 automake
diff --git a/scripts/ECRYPTFS/10-misc b/scripts/ECRYPTFS/10-misc
new file mode 100755 (executable)
index 0000000..f7a84ca
--- /dev/null
+++ b/scripts/ECRYPTFS/10-misc
@@ -0,0 +1,16 @@
+#! /bin/bash
+
+# Set the hostname
+if [ -n $HOSTNAME ]; then
+       echo $HOSTNAME > $target/etc/hostname
+fi
+
+# Bug fix: ecryptfs needs /etc/mtab
+$ROOTCMD touch /etc/mtab
+# Create a local admin user
+$ROOTCMD adduser --disabled-password --gecos "" --shell /bin/bash --encrypt-home fsf 2> /dev/null
+$ROOTCMD echo -e "fsf\nfsf" | passwd fsf
+
+#$ROOTCMD adduser --disabled-password --gecos "" --shell /bin/bash fsf
+#$ROOTCMD echo -e "fsf\nfsf" | passwd fsf
+#$ROOTCMD sudo -u fsf -H bash -c "ecryptfs-setup-private -u fsf -l fsf -m ' '"