mirror of
https://github.com/linka-cloud/d2vm.git
synced 2024-11-29 11:06:24 +00:00
luks: implements support for debian like distibutions
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
This commit is contained in:
parent
3ec9bdfb01
commit
2f34e19636
15
builder.go
15
builder.go
@ -151,8 +151,8 @@ func NewBuilder(ctx context.Context, workdir, imgTag, disk string, size uint64,
|
|||||||
}
|
}
|
||||||
if luksPassword != "" {
|
if luksPassword != "" {
|
||||||
// TODO(adphi): remove this check when we support luks encryption on other distros
|
// TODO(adphi): remove this check when we support luks encryption on other distros
|
||||||
if osRelease.ID != ReleaseAlpine {
|
if osRelease.ID == ReleaseCentOS {
|
||||||
return nil, fmt.Errorf("luks encryption is only supported on alpine")
|
return nil, fmt.Errorf("luks encryption is not supported on centos")
|
||||||
}
|
}
|
||||||
if !splitBoot {
|
if !splitBoot {
|
||||||
return nil, fmt.Errorf("luks encryption requires split boot")
|
return nil, fmt.Errorf("luks encryption requires split boot")
|
||||||
@ -381,7 +381,7 @@ func (b *builder) unmountImg(ctx context.Context) error {
|
|||||||
}
|
}
|
||||||
merr = multierr.Append(merr, exec.Run(ctx, "umount", b.mntPoint))
|
merr = multierr.Append(merr, exec.Run(ctx, "umount", b.mntPoint))
|
||||||
if b.isLuksEnabled() {
|
if b.isLuksEnabled() {
|
||||||
merr = multierr.Append(merr, exec.Run(ctx, "cryptsetup", "close", b.cryptRoot))
|
merr = multierr.Append(merr, exec.Run(ctx, "cryptsetup", "close", b.mappedCryptRoot))
|
||||||
}
|
}
|
||||||
return multierr.Combine(
|
return multierr.Combine(
|
||||||
merr,
|
merr,
|
||||||
@ -503,8 +503,13 @@ func (b *builder) installKernel(ctx context.Context) error {
|
|||||||
}
|
}
|
||||||
var cfg string
|
var cfg string
|
||||||
if b.isLuksEnabled() {
|
if b.isLuksEnabled() {
|
||||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptdm=root", b.cmdLineExtra))
|
if b.osRelease.ID != ReleaseAlpine {
|
||||||
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "cryptroot=UUID="+b.cryptUUID, 1)
|
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptopts=target=root,source=UUID=%s", b.cmdLineExtra, b.cryptUUID))
|
||||||
|
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "", 1)
|
||||||
|
} else {
|
||||||
|
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptdm=root", b.cmdLineExtra))
|
||||||
|
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "cryptroot=UUID="+b.cryptUUID, 1)
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, b.cmdLineExtra)
|
cfg = fmt.Sprintf(sysconfig, b.rootUUID, b.cmdLineExtra)
|
||||||
}
|
}
|
||||||
|
@ -5,7 +5,7 @@ USER root
|
|||||||
RUN apt-get -y update && \
|
RUN apt-get -y update && \
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
||||||
{{- if .Luks }}
|
{{- if .Luks }}
|
||||||
cryptsetup \
|
cryptsetup-initramfs \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
linux-image-amd64
|
linux-image-amd64
|
||||||
|
|
||||||
@ -44,3 +44,8 @@ allow-hotplug eth0\n\
|
|||||||
iface eth0 inet dhcp\n\
|
iface eth0 inet dhcp\n\
|
||||||
' > /etc/network/interfaces
|
' > /etc/network/interfaces
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- if .Luks }}
|
||||||
|
RUN update-initramfs -u -v
|
||||||
|
{{- end }}
|
||||||
|
@ -7,7 +7,7 @@ RUN apt-get update -y && \
|
|||||||
linux-image-virtual \
|
linux-image-virtual \
|
||||||
initramfs-tools \
|
initramfs-tools \
|
||||||
{{- if .Luks }}
|
{{- if .Luks }}
|
||||||
cryptsetup \
|
cryptsetup-initramfs \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
systemd-sysv \
|
systemd-sysv \
|
||||||
systemd \
|
systemd \
|
||||||
@ -43,3 +43,7 @@ allow-hotplug eth0\n\
|
|||||||
iface eth0 inet dhcp\n\
|
iface eth0 inet dhcp\n\
|
||||||
' > /etc/network/interfaces
|
' > /etc/network/interfaces
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
|
{{- if .Luks }}
|
||||||
|
RUN update-initramfs -u -v
|
||||||
|
{{- end }}
|
||||||
|
Loading…
Reference in New Issue
Block a user