From 00ef89f319aeb56f939c2cf4658cf1431d101144 Mon Sep 17 00:00:00 2001 From: LinuxSquare <7436714-OfficialLinuxSquare@users.noreply.gitlab.com> Date: Fri, 14 Jul 2023 22:10:45 +0200 Subject: [PATCH] Add cmdline --- system/bootloader.sls | 75 ++++++++++++++++++++++----- system/files/bootloader_cmdline.jinja | 1 + system/init.sls | 1 - 3 files changed, 63 insertions(+), 14 deletions(-) create mode 100644 system/files/bootloader_cmdline.jinja diff --git a/system/bootloader.sls b/system/bootloader.sls index 8d528fe..340cab3 100644 --- a/system/bootloader.sls +++ b/system/bootloader.sls @@ -1,21 +1,70 @@ +include: + - .base + system_bootloader_pkgs: pkg.installed: - pkgs: - - syslinux - -{% if salt['pillar.get']('disk') != "" and salt['pillar.get']('disk') != None %} -system_bootload_gptmbr: - cmd.run: - - name: "dd bs=440 count=1 notrunc if=/usr/share/syslinux/gptmbr.bin of={{ salt['pillar.get']('drive') }}" - - require: - - system_bootloader_pkgs -{% endif %} + - grub + - grub-efi + - mkinitfs + - mkinitfs-doc + - efibootmgr system_bootloader_install: cmd.run: - - name: 'extlinux --install /boot' + - name: "grub-install --target=x86_64-efi --efi-directory=/efi" - require: - system_bootloader_pkgs - {% if salt['pillar.get']('disk') != "" and salt['pillar.get']('disk') != None %} - - system_bootload_gptmbr - {% endif %} + +system_bootloader_config: + cmd.run: + - name: 'grub-mkconfig -o /efi/grub/grub.cfg' + - require: + - system_bootloader_pkgs + - system_bootloader_install + +system_bootloader_mkinitfs_conf: + file.keyvalue: + - name: /etc/mkinitfs/mkinitfs.conf + - key_values: + features: '"ata base cdrom ext4 btrfs keymap kms mmc nvme raid scsi usb virtio"' + - separator: '=' + - uncomment: '# ' + - key_ignore_case: false + - value_ignore_case: false + - append_if_not_found: true + - require: + - system_base_pkgs + - system_bootloader_pkgs + - system_bootloader_install + +{% set CURRENT_SUBVOLUME_TIMESTAMP = salt['cmd.shell']('CURRENT_SUBVOLUME=$(LC_ALL=C btrfs sub show / | LC_ALL=C grep -aPom1 \'^\s*Name:\s*\K\S.*\'); TIMESTAMP_FORMAT=\'[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}_[[:digit:]]{2}-[[:digit:]]{2}-[[:digit:]]{2}\'; echo "$CURRENT_SUBVOLUME" | grep -Eo "$TIMESTAMP_FORMAT"') %} +{% set CURRENT_SUBVOLUME_TIMESTAMP_HUMAN = salt['cmd.shell']('CURRENT_SUBVOLUME_TIMESTAMP=\'' + CURRENT_SUBVOLUME_TIMESTAMP + '\'; echo "${CURRENT_SUBVOLUME_TIMESTAMP:0:10} ${CURRENT_SUBVOLUME_TIMESTAMP:11:2}:${CURRENT_SUBVOLUME_TIMESTAMP:14:2}"') %} +{% set KERNEL_VERSION = salt['cmd.shell']('uname -r') %} + +system_bootloader_os-release: + file.keyvalue: + - name: /etc/os-release + - key_values: + VERSION_ID: '"Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN }} | Kernel: {{ KERNEL_VERSION }}"' + - separator: '=' + - uncomment: '# ' + - key_ignore_case: False + - append_if_not_found: True + - require: + - system_base_pkgs + - system_bootloader_pkgs + +system_bootloader_cmdline: + file.managed: + - name: /proc/cmdline + - source: salt://{{ tpldir }}/files/bootloader_cmdline.jinja + - template: jinja + - user: root + - group: root + - mode: '0644' + - context: + CURRENT_SUBVOLUME_TIMESTAMP: {{ CURRENT_SUBVOLUME_TIMESTAMP }} + - require: + - system_base_pkgs + - system_bootloader_pkgs diff --git a/system/files/bootloader_cmdline.jinja b/system/files/bootloader_cmdline.jinja new file mode 100644 index 0000000..c7a494b --- /dev/null +++ b/system/files/bootloader_cmdline.jinja @@ -0,0 +1 @@ +root="LABEL=ROOT" rootflags=subvol=@root_{{ CURRENT_SUBVOLUME_TIMESTAMP }} lockdown=confidentiality diff --git a/system/init.sls b/system/init.sls index 94d162f..ce587f1 100644 --- a/system/init.sls +++ b/system/init.sls @@ -1,6 +1,5 @@ include: - .base - - .bootloader - .disks - .firewall - .user