linka-cloud/d2vm
2
0
Fork 0
mirror of https://github.com/linka-cloud/d2vm.git synced 2024-11-22 07:46:25 +00:00
Code Issues Releases Activity

luks: implements support for debian like distibutions

Browse Source 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
This commit is contained in:
Adphi 2023-02-23 20:13:37 +01:00 committed by Adphi
parent 3ec9bdfb01
commit 2f34e19636
3 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
builder.go
View File

@ -151,8 +151,8 @@ func NewBuilder(ctx context.Context, workdir, imgTag, disk string, size uint64,
}
if luksPassword != "" {
// TODO(adphi): remove this check when we support luks encryption on other distros
if osRelease.ID != ReleaseAlpine {
return nil, fmt.Errorf("luks encryption is only supported on alpine")
if osRelease.ID == ReleaseCentOS {
return nil, fmt.Errorf("luks encryption is not supported on centos")
}
if !splitBoot {
return nil, fmt.Errorf("luks encryption requires split boot")
@ -381,7 +381,7 @@ func (b *builder) unmountImg(ctx context.Context) error {
}
merr = multierr.Append(merr, exec.Run(ctx, "umount", b.mntPoint))
if b.isLuksEnabled() {
merr = multierr.Append(merr, exec.Run(ctx, "cryptsetup", "close", b.cryptRoot))
merr = multierr.Append(merr, exec.Run(ctx, "cryptsetup", "close", b.mappedCryptRoot))
}
return multierr.Combine(
merr,
@ -503,8 +503,13 @@ func (b *builder) installKernel(ctx context.Context) error {
}
var cfg string
if b.isLuksEnabled() {
if b.osRelease.ID != ReleaseAlpine {
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptopts=target=root,source=UUID=%s", b.cmdLineExtra, b.cryptUUID))
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "", 1)
} else {
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptdm=root", b.cmdLineExtra))
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "cryptroot=UUID="+b.cryptUUID, 1)
}
} else {
cfg = fmt.Sprintf(sysconfig, b.rootUUID, b.cmdLineExtra)
}

7
templates/debian.Dockerfile
View File

@ -5,7 +5,7 @@ USER root
RUN apt-get -y update && \
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
{{- if .Luks }}
cryptsetup \
cryptsetup-initramfs \
{{- end }}
linux-image-amd64
@ -44,3 +44,8 @@ allow-hotplug eth0\n\
iface eth0 inet dhcp\n\
' > /etc/network/interfaces
{{ end }}
{{- if .Luks }}
RUN update-initramfs -u -v
{{- end }}

6
templates/ubuntu.Dockerfile
View File

@ -7,7 +7,7 @@ RUN apt-get update -y && \
linux-image-virtual \
initramfs-tools \
{{- if .Luks }}
cryptsetup \
cryptsetup-initramfs \
{{- end }}
systemd-sysv \
systemd \
@ -43,3 +43,7 @@ allow-hotplug eth0\n\
iface eth0 inet dhcp\n\
' > /etc/network/interfaces
{{ end }}
{{- if .Luks }}
RUN update-initramfs -u -v
{{- end }}