Commit 8a623a93 authored by Nils K's avatar Nils K
Browse files

support encrypted usb storage device

parent 80b31589
Pipeline #212 canceled with stage
......@@ -5,7 +5,8 @@ echo "MNT Reform: reform-init checking boot media..."
/bin/mount -t proc /proc /proc
BOOTPREF=$(cat /reform-boot-medium)
BOOTPREF=$(cat /reform-boot-medium) # Read config file from reform-boot-config script
BOOTPART="/dev/mmcblk1p1" # SD card
if [ "x$BOOTPREF" == "x" ]
then
......@@ -13,78 +14,56 @@ then
BOOTPREF="sd"
fi
echo "Your boot preference is: $BOOTPREF"
echo "Your boot preference is: '$BOOTPREF'"
# Boot from SD card (already mounted by kernel)
if [ "$BOOTPREF" == "sd" ]
then
# Check config
if [ "$BOOTPREF" == "usb" ]; then
echo "Booting from USB storage device."
BOOTPART="/dev/sda1"
elif [ "$BOOTPREF" == "nvme" ]; then
echo "Booting from NVMe SSD."
BOOTPART="/dev/nvme0n1p1"
else
# Default. Boot from SD card (already mounted by kernel).
echo "Booting from SD card."
exec /sbin/init
fi
# Boot from USB (/dev/sda1)
if [ "$BOOTPREF" == "usb" ]
then
echo "Trying to boot from USB storage (/dev/sda1)."
/bin/mount /dev/sda1 /mnt
if [ "$?" != "0" ]
then
echo "Could not mount /dev/sda1. Falling back to SD card."
read -p Press ENTER to continue.
exec /sbin/init
fi
if [ ! -e /mnt/sbin/init ]
then
echo "No /sbin/init found on mounted disk. Falling back to SD card."
umount /mnt
read -p Press ENTER to continue.
exec /sbin/init
fi
cd /mnt
mount --move . /
exec chroot . /sbin/init
fi
# The remaining option is NVMe.
# In the future, this could check multiple partitions.
NVMEPART=/dev/nvme0n1p1
if [ ! -e $NVMEPART ]
then
echo "NVMe not found. Falling back to SD card."
read -p Press ENTER to continue.
# Check if partition exists
if [ ! -e $BOOTPART ]; then
echo "Partition '$BOOTPART' not found. Falling back to SD card."
read -r -p "Press ENTER to continue."
exec /sbin/init
fi
blkid | grep $NVMEPART | grep crypto_LUKS
LUKS=$?
if [[ "$LUKS" == "0" ]]
then
echo "Attempting to mount encrypted NVMe."
# try to mount encrypted NVMe SSD
# Check if partition is encrypted
if blkid | grep "$BOOTPART" | grep "crypto_LUKS"; then
echo "Attempting to mount encrypted partition '$BOOTPART'."
while :
do
/sbin/cryptsetup luksOpen $NVMEPART cryptroot && break
/sbin/cryptsetup luksOpen "$BOOTPART" cryptroot && break
done
/bin/mount /dev/mapper/cryptroot /mnt
else
echo "Attempting to mount unencrypted NVMe."
/bin/mount $NVMEPART /mnt
BOOTPART="/dev/mapper/cryptroot"
fi
if [ ! -e /mnt/sbin/init ]
then
# Mount
echo "Trying to boot from partition '$BOOTPART'."
if ! /bin/mount "$BOOTPART" "/mnt"; then
echo "Could not mount '$BOOTPART'. Falling back to SD card."
read -r -p "Press ENTER to continue."
exec /sbin/init
fi
# Fallback
if [ ! -e /mnt/sbin/init ]; then
echo "No /sbin/init found on mounted disk. Falling back to SD card."
umount /mnt
read -p Press ENTER to continue.
read -r -p "Press ENTER to continue."
exec /sbin/init
fi
# move root mount over to encrypted drive
cd /mnt
cd /mnt || exit 9
mount --move . /
exec chroot . /sbin/init
......@@ -21,7 +21,7 @@ then
echo "Usage: "
echo " reform-boot-config sd Boot from SD card (default)."
echo " reform-boot-config nvme Boot from NVMe SSD (encrypted or plain)."
echo " reform-boot-config usb Boot from USB storage device."
echo " reform-boot-config usb Boot from USB storage device (encrypted or plain)."
exit
fi
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment