summaryrefslogtreecommitdiff
path: root/src/parted-usb.sh
blob: cfd2ad1653fa17632e130947ab4467c4299db685 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

#!/bin/bash
die()
{
    printf 'Error: %s\n' "$*" >&2
    exit 1
}
KiB()
{
    printf %s $(("$1" * 1024))
}
MiB()
{
    KiB $(KiB "$1")
}

. samizdat-paths.sh || die 'samizdat-paths.sh not found'

samizdat_linux_dir=/boot
: ${GPG_INPUT_DIR:=/cdrom/gnupghome}

if [[ $UID != 0 ]]
then
    exit 1
fi

for d in "$samizdat_linux_dir" "$GPG_INPUT_DIR"
do
    if ! test -d "$d"
    then
        exit 1
    fi
done

start_keys=64 # megs
end_keys=256 # megs

target=fallacy.img.tmp

initialize_target()
{
    rm -f "$target"
    fallocate -l $(($(KiB 17) + $(MiB $end_keys))) "$target"
}

partition_target()
{
    parted "$target" -sm -a optimal                                          \
           unit B                                                            \
           mklabel gpt                                                       \
           mkpart samizdat-grub 1MiB 8MiB                                    \
           set 1 bios_grub on                                                \
           mkpart samizdat-plaintext btrfs ${start_keys}MiB ${end_keys}MiB
}

make_target_bootable()
{
    version=${1:+-$1}
    losetup -f "$target"
    dev=$(losetup -j "$target" -O NAME --noheadings)

    kpartx -vasas "$dev"
    kdev=/dev/mapper/${dev##*/}

    mnt=$target.mnt

    mkfs.btrfs --mixed "$kdev"p2
    mkdir -p "$mnt"
    mount "$kdev"p2 "$mnt"
    rsync  -aL --info=STATS  "$samizdat_linux_dir"/vmlinuz${version} "$samizdat_linux_dir"/initrd.img${version} "$mnt"/linux/

    boot_dir=$mnt/boot
    mkdir -p "$boot_dir"/grub
    cp -a grub.cfg "$boot_dir"/grub

    # grub-install -v -d "$samizdat_grub_efi_dir"/grub/i386-pc --boot-directory "$mnt"/boot "$dev"
    eatmydata -- grub-install -v --boot-directory "$boot_dir" "$dev"
    sync
}

release_target()
{
    umount "$mnt"
    kpartx -d "$dev"
    losetup -d "$dev"
}

add_keys()
{
    local mnt dev target="$1"
    mnt=$target.mnt
    mkdir -p "$mnt"
    losetup -f "$target" -o $(MiB $start_keys)
    dev=$(losetup -j "$target" -O NAME --noheadings)
    mount "$dev" "$mnt"
    rsync  -a  --info=STATS  "$GPG_INPUT_DIR"/          "$mnt"/gnupghome/
    umount "$mnt"
    losetup -d "$dev"
}

set -e

if [ ! -e "$target" ]
then
    initialize_target
    partition_target
    make_target_bootable ${1:4.9.0-0.bpo.2-amd64}
    release_target
fi

cp --reflink=always "$target" "$target".keyed
add_keys "$target".keyed

qemu-system-x86_64 -enable-kvm -smp 2 -m 512 -k en-us -vga qxl -drive file="$target".keyed,format=raw

# rm -f "$target"
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-02 14:17:34 +0000