First version of luks encrypted archinstall.

3 files changed, 54 insertions, 2 deletions

diff --git a/stages/second_stage.sh b/stages/second_stage.sh
index 34c4a49..015d89b 100644
--- a/stages/second_stage.sh
+++ b/stages/second_stage.sh
@@ -29,10 +29,10 @@ bash configure_timezone.sh /usr/share/zoneinfo/Europe/Berlin
 
 bash configure_network.sh $hostname
 
-bash recreate_initramfs.sh
+bash configure_initramfs.sh
 
 bash configure_users.sh $admin_username $DEFAULT_PASSWORD
 
-bash install_bootloader.sh $efi_partition_path
+bash install_bootloader.sh $efi_partition_path $system_encryption
 
 bash configure_desktop.sh
diff --git a/util/configure_initramfs.sh b/util/configure_initramfs.sh
new file mode 100644
index 0000000..3222a89
--- /dev/null
+++ b/util/configure_initramfs.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+
+#  archinstall - A minimal Installation Script for Arch Linux
+#  Copyright (C) 2019  xengineering
+
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+
+#  You should have received a copy of the GNU General Public License
+#  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+
+new_hooks_config_line="HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)"
+echo "new_hooks_config_line: $new_hooks_config_line"
+old_hooks_config_line=$(cat /etc/mkinitcpio.conf | grep "^HOOKS=")
+echo "old_hooks_config_line: $old_hooks_config_line"
+
+sed -i "s|$old_hooks_config_line|$new_hooks_config_line|" /etc/mkinitcpio.conf
+
+mkinitcpio -P
+
+
+echo "Configured initramfs - OK"
diff --git a/util/install_bootloader.sh b/util/install_bootloader.sh
index cf6c374..4d3e9b9 100644
--- a/util/install_bootloader.sh
+++ b/util/install_bootloader.sh
@@ -19,11 +19,32 @@
 
 
 efi_partition_path=$1
+system_encryption=$2
+
+
+############ Add encryption setting in /etc/default/grub before calling grub-mkconfig
+## to generate /boot/grub/grub.cfg
+
+## See: https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration#Boot_loader
 
 
 mount $efi_partition_path /mnt
 grub-install --target=x86_64-efi --efi-directory=/mnt --bootloader-id=GRUB \
 --removable
+
+if [ $system_encryption == "yes" ];then
+
+    cryptdevice_uuid=$(lsblk --fs | grep $main_partition_path | awk '{print $3}')
+    echo "cryptdevice_uuid: $cryptdevice_uuid"
+    old_kernel_param_line=$(cat /etc/default/grub | grep "GRUB_CMDLINE_LINUX_DEFAULT")
+    echo "old_kernel_param_line: $old_kernel_param_line"
+    new_kernal_param_line="GRUB_CMDLINE_LINUX_DEFAULT=\"loglevel=3 quiet cryptdevice=UUID=${cryptdevice_uuid}:main root=/dev/mapper/main\""
+    echo "new_kernel_param_line: $new_kernal_param_line"
+    echo "Adding kernel parameters to /etc/default/grub"
+    sed -i "s|$old_kernel_param_line|$new_kernal_param_line|" /etc/default/grub
+
+fi
+
 grub-mkconfig -o /boot/grub/grub.cfg
 umount $efi_partition_path