move to clean crypt handling
This commit is contained in:
parent
3c7d56ae48
commit
69cc01db9b
@ -3,6 +3,7 @@ package main
|
|||||||
import (
|
import (
|
||||||
"bufio"
|
"bufio"
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"os"
|
"os"
|
||||||
)
|
)
|
||||||
@ -38,6 +39,8 @@ func askSecret(prompt string) []byte {
|
|||||||
fatalf("failed to read from stdin: %v", err)
|
fatalf("failed to read from stdin: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fmt.Println()
|
||||||
|
|
||||||
s = bytes.TrimRight(s, "\r\n")
|
s = bytes.TrimRight(s, "\r\n")
|
||||||
return s
|
return s
|
||||||
}
|
}
|
||||||
|
30
go.mod
30
go.mod
@ -3,26 +3,26 @@ module novit.nc/direktil/initrd
|
|||||||
require (
|
require (
|
||||||
github.com/kr/pty v1.1.8
|
github.com/kr/pty v1.1.8
|
||||||
github.com/pkg/term v1.1.0
|
github.com/pkg/term v1.1.0
|
||||||
golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064
|
golang.org/x/crypto v0.5.0
|
||||||
golang.org/x/sys v0.0.0-20220209214540-3681064d5158
|
golang.org/x/sys v0.4.0
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
|
golang.org/x/term v0.4.0
|
||||||
|
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb
|
||||||
gopkg.in/yaml.v2 v2.4.0
|
gopkg.in/yaml.v2 v2.4.0
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
|
gopkg.in/yaml.v3 v3.0.1
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331152412-40403eca850f
|
novit.tech/direktil/pkg v0.0.0-20230201224712-5e39572dc50e
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/cavaliergopher/cpio v1.0.1 // indirect
|
github.com/cavaliergopher/cpio v1.0.1 // indirect
|
||||||
github.com/creack/pty v1.1.17 // indirect
|
github.com/creack/pty v1.1.18 // indirect
|
||||||
github.com/google/go-cmp v0.5.7 // indirect
|
github.com/google/go-cmp v0.5.9 // indirect
|
||||||
github.com/josharian/native v1.0.0 // indirect
|
github.com/josharian/native v1.1.0 // indirect
|
||||||
github.com/mdlayher/genetlink v1.2.0 // indirect
|
github.com/mdlayher/genetlink v1.3.1 // indirect
|
||||||
github.com/mdlayher/netlink v1.6.0 // indirect
|
github.com/mdlayher/netlink v1.7.1 // indirect
|
||||||
github.com/mdlayher/socket v0.1.1 // indirect
|
github.com/mdlayher/socket v0.4.0 // indirect
|
||||||
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd // indirect
|
golang.org/x/net v0.5.0 // indirect
|
||||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
|
golang.org/x/sync v0.1.0 // indirect
|
||||||
golang.zx2c4.com/wireguard v0.0.0-20220202223031-3b95c81cc178 // indirect
|
golang.zx2c4.com/wireguard v0.0.0-20220920152132-bb719d3a6e2c // indirect
|
||||||
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20220330030906-9490840b0b01 // indirect
|
|
||||||
)
|
)
|
||||||
|
|
||||||
go 1.18
|
go 1.18
|
||||||
|
89
go.sum
89
go.sum
@ -1,13 +1,12 @@
|
|||||||
github.com/cavaliergopher/cpio v1.0.1 h1:KQFSeKmZhv0cr+kawA3a0xTQCU4QxXF1vhU7P7av2KM=
|
github.com/cavaliergopher/cpio v1.0.1 h1:KQFSeKmZhv0cr+kawA3a0xTQCU4QxXF1vhU7P7av2KM=
|
||||||
github.com/cavaliergopher/cpio v1.0.1/go.mod h1:pBdaqQjnvXxdS/6CvNDwIANIFSP0xRKI16PX4xejRQc=
|
github.com/cavaliergopher/cpio v1.0.1/go.mod h1:pBdaqQjnvXxdS/6CvNDwIANIFSP0xRKI16PX4xejRQc=
|
||||||
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
|
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
|
||||||
github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI=
|
github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
|
||||||
github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
||||||
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
||||||
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
|
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||||
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
|
github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA=
|
||||||
github.com/josharian/native v1.0.0 h1:Ts/E8zCSEsG17dUqv7joXJFybuMLjQfWE04tsBODTxk=
|
github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
|
||||||
github.com/josharian/native v1.0.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
|
|
||||||
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
|
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
|
||||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
@ -15,73 +14,47 @@ github.com/kr/pty v1.1.8 h1:AkaSdXYQOWeaO3neb8EM634ahkXXe3jYbVh/F9lq+GI=
|
|||||||
github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
|
github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
|
||||||
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
||||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/mdlayher/genetlink v1.2.0 h1:4yrIkRV5Wfk1WfpWTcoOlGmsWgQj3OtQN9ZsbrE+XtU=
|
github.com/mdlayher/genetlink v1.3.1 h1:roBiPnual+eqtRkKX2Jb8UQN5ZPWnhDCGj/wR6Jlz2w=
|
||||||
github.com/mdlayher/genetlink v1.2.0/go.mod h1:ra5LDov2KrUCZJiAtEvXXZBxGMInICMXIwshlJ+qRxQ=
|
github.com/mdlayher/genetlink v1.3.1/go.mod h1:uaIPxkWmGk753VVIzDtROxQ8+T+dkHqOI0vB1NA9S/Q=
|
||||||
github.com/mdlayher/netlink v1.6.0 h1:rOHX5yl7qnlpiVkFWoqccueppMtXzeziFjWAjLg6sz0=
|
github.com/mdlayher/netlink v1.7.1 h1:FdUaT/e33HjEXagwELR8R3/KL1Fq5x3G5jgHLp/BTmg=
|
||||||
github.com/mdlayher/netlink v1.6.0/go.mod h1:0o3PlBmGst1xve7wQ7j/hwpNaFaH4qCRyWCdcZk8/vA=
|
github.com/mdlayher/netlink v1.7.1/go.mod h1:nKO5CSjE/DJjVhk/TNp6vCE1ktVxEA8VEh8drhZzxsQ=
|
||||||
github.com/mdlayher/socket v0.1.1 h1:q3uOGirUPfAV2MUoaC7BavjQ154J7+JOkTWyiV+intI=
|
github.com/mdlayher/socket v0.4.0 h1:280wsy40IC9M9q1uPGcLBwXpcTQDtoGwVt+BNoITxIw=
|
||||||
github.com/mdlayher/socket v0.1.1/go.mod h1:mYV5YIZAfHh4dzDVzI8x8tWLWCliuX8Mon5Awbj+qDs=
|
github.com/mdlayher/socket v0.4.0/go.mod h1:xxFqz5GRCUN3UEOm9CZqEJsAbe1C8OwSK46NlmWuVoc=
|
||||||
github.com/mikioh/ipaddr v0.0.0-20190404000644-d465c8ab6721/go.mod h1:Ickgr2WtCLZ2MDGd4Gr0geeCH5HybhRJbonOgQpvSxc=
|
github.com/mikioh/ipaddr v0.0.0-20190404000644-d465c8ab6721 h1:RlZweED6sbSArvlE924+mUcZuXKLBHA35U7LN621Bws=
|
||||||
github.com/pkg/term v1.1.0 h1:xIAAdCMh3QIAy+5FrE8Ad8XoDhEU4ufwbaSozViP9kk=
|
github.com/pkg/term v1.1.0 h1:xIAAdCMh3QIAy+5FrE8Ad8XoDhEU4ufwbaSozViP9kk=
|
||||||
github.com/pkg/term v1.1.0/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw=
|
github.com/pkg/term v1.1.0/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw=
|
||||||
github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
|
github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8=
|
||||||
golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
|
||||||
golang.org/x/crypto v0.0.0-20220208050332-20e1d8d225ab/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
|
||||||
golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064 h1:S25/rfnfsMVgORT4/J61MJ7rdyseOZOyvLIrZEZ7s6s=
|
|
||||||
golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE=
|
||||||
golang.org/x/net v0.0.0-20210928044308-7d9f5e0b762b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU=
|
||||||
golang.org/x/net v0.0.0-20211111083644-e5c967477495/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
|
||||||
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk=
|
golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
|
||||||
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
|
||||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
|
golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
|
||||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18=
|
||||||
golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20220207234003-57398862261d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/sys v0.0.0-20220209214540-3681064d5158 h1:rm+CHSpPEEW2IsXUib1ThaHIjuBVZjxNgSKmBLFfD4c=
|
|
||||||
golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
|
golang.org/x/term v0.4.0 h1:O7UWfv5+A2qiuulQk30kVinPoMtoIPeVaKLEgLpVkvg=
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
|
||||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
|
||||||
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
|
||||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.zx2c4.com/wireguard v0.0.0-20220920152132-bb719d3a6e2c h1:Okh6a1xpnJslG9Mn84pId1Mn+Q8cvpo4HCeeFWHo0cA=
|
||||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.zx2c4.com/wireguard v0.0.0-20220920152132-bb719d3a6e2c/go.mod h1:enML0deDxY1ux+B6ANGiwtg0yAJi1rctkTpcHNAVPyg=
|
||||||
golang.zx2c4.com/go118/netip v0.0.0-20211111135330-a4a02eeacf9d/go.mod h1:5yyfuiqVIJ7t+3MqrpTQ+QqRkMWiESiyDvPNvKYCecg=
|
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb h1:9aqVcYEDHmSNb0uOWukxV5lHV09WqiSiCuhEgWNETLY=
|
||||||
golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI=
|
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb/go.mod h1:mQqgjkW8GQQcJQsbBvK890TKqUK1DfKWkuBGbOkuMHQ=
|
||||||
golang.zx2c4.com/wireguard v0.0.0-20220202223031-3b95c81cc178 h1:Nrf94TOjrvW8nm6N3u2xtbnMZaZudNI9b8nIJH8p8qY=
|
|
||||||
golang.zx2c4.com/wireguard v0.0.0-20220202223031-3b95c81cc178/go.mod h1:TjUWrnD5ATh7bFvmm/ALEJZQ4ivKbETb6pmyj1vUoNI=
|
|
||||||
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20220330030906-9490840b0b01 h1:G30UzvXRxKoX1KgKOkts6f5qVE9cucifzg46J2s1Cmg=
|
|
||||||
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20220330030906-9490840b0b01/go.mod h1:8P32Ilp1kCpwB4ItaHyvSk4xAtnpQ+8gQVfg5WaO1TU=
|
|
||||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
novit.nc/direktil/pkg v0.0.0-20220221171542-fd3ce3a1491b/go.mod h1:zwTVO6U0tXFEaga73megQIBK7yVIKZJVePaIh/UtdfU=
|
novit.nc/direktil/pkg v0.0.0-20220221171542-fd3ce3a1491b/go.mod h1:zwTVO6U0tXFEaga73megQIBK7yVIKZJVePaIh/UtdfU=
|
||||||
novit.tech/direktil/pkg v0.0.0-20220330123644-8a2398667238 h1:al1i3XBlSPaxlcWom0NGMR3gOh90PtPh8z944jAZg5g=
|
novit.tech/direktil/pkg v0.0.0-20230201224712-5e39572dc50e h1:eQFbzcuB4wOSrnOhkcN30hFDCIack40VkIoqVRbWnWc=
|
||||||
novit.tech/direktil/pkg v0.0.0-20220330123644-8a2398667238/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
novit.tech/direktil/pkg v0.0.0-20230201224712-5e39572dc50e/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331124929-ba878f31b8e0 h1:QGyQyvC+x9+CJxkFUOR2MqafiaokPSJkrUguocXpS7o=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331124929-ba878f31b8e0/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331125853-8c51e2a555a6 h1:tvdL2ZxdGZP0EUf+a82aAmlhp/Wvngia9JlpJW+XiAA=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331125853-8c51e2a555a6/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331135252-bf8427988ad7 h1:8LNQczE0Y7dRjvmeNgeMexHn1NiixEwqs5TVCdOoYds=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331135252-bf8427988ad7/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331140020-b11c53b36ae8 h1:hWOk8M67kCXr/Er5fmts4OSblk2KdbfqRtKZ3rAtZt0=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331140020-b11c53b36ae8/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331152412-40403eca850f h1:Ka7zFkP01l4TW9JSmQQzaYVOq0i+qf+JIWAfyoreoSk=
|
|
||||||
novit.tech/direktil/pkg v0.0.0-20220331152412-40403eca850f/go.mod h1:2Mir5x1eT/e295WeFGzzXa4siunKX4z+rmNPfVsXS0k=
|
|
||||||
|
128
lvm.go
128
lvm.go
@ -7,18 +7,32 @@ import (
|
|||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
"sort"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
"novit.nc/direktil/initrd/lvm"
|
"novit.nc/direktil/initrd/lvm"
|
||||||
config "novit.tech/direktil/pkg/bootstrapconfig"
|
config "novit.tech/direktil/pkg/bootstrapconfig"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func sortedKeys[T any](m map[string]T) (keys []string) {
|
||||||
|
keys = make([]string, 0, len(m))
|
||||||
|
for k := range m {
|
||||||
|
keys = append(keys, k)
|
||||||
|
}
|
||||||
|
sort.Strings(keys)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
func setupLVM(cfg *config.Config) {
|
func setupLVM(cfg *config.Config) {
|
||||||
if len(cfg.LVM) == 0 {
|
if len(cfg.LVM) == 0 {
|
||||||
log.Print("no LVM VG configured.")
|
log.Print("no LVM VG configured.")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// [dev] = filesystem
|
||||||
|
// eg: [/dev/sda1] = ext4
|
||||||
|
createdDevs := map[string]string{}
|
||||||
|
|
||||||
run("pvscan")
|
run("pvscan")
|
||||||
run("vgscan", "--mknodes")
|
run("vgscan", "--mknodes")
|
||||||
|
|
||||||
@ -27,17 +41,21 @@ func setupLVM(cfg *config.Config) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
for _, vg := range cfg.LVM {
|
for _, vg := range cfg.LVM {
|
||||||
setupLVs(vg)
|
setupLVs(vg, createdDevs)
|
||||||
}
|
}
|
||||||
|
|
||||||
run("vgchange", "--sysinit", "-a", "ly")
|
run("vgchange", "--sysinit", "-a", "ly")
|
||||||
|
|
||||||
for _, vg := range cfg.LVM {
|
setupCrypt(cfg.Crypt, createdDevs)
|
||||||
setupCrypt(vg)
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, vg := range cfg.LVM {
|
devs := make([]string, 0, len(createdDevs))
|
||||||
setupFS(vg)
|
for k := range createdDevs {
|
||||||
|
devs = append(devs, k)
|
||||||
|
}
|
||||||
|
sort.Strings(devs)
|
||||||
|
|
||||||
|
for _, dev := range devs {
|
||||||
|
setupFS(dev, createdDevs[dev])
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -113,7 +131,7 @@ func setupVG(vg config.LvmVG) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func setupLVs(vg config.LvmVG) {
|
func setupLVs(vg config.LvmVG, createdDevs map[string]string) {
|
||||||
lvsRep := lvm.LVSReport{}
|
lvsRep := lvm.LVSReport{}
|
||||||
err := runJSON(&lvsRep, "lvs", "--reportformat", "json")
|
err := runJSON(&lvsRep, "lvs", "--reportformat", "json")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -171,6 +189,12 @@ func setupLVs(vg config.LvmVG) {
|
|||||||
|
|
||||||
dev := "/dev/" + vg.VG + "/" + lv.Name
|
dev := "/dev/" + vg.VG + "/" + lv.Name
|
||||||
zeroDevStart(dev)
|
zeroDevStart(dev)
|
||||||
|
|
||||||
|
fs := lv.FS
|
||||||
|
if fs == "" {
|
||||||
|
fs = vg.Defaults.FS
|
||||||
|
}
|
||||||
|
createdDevs[dev] = fs
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -188,21 +212,52 @@ func zeroDevStart(dev string) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func setupCrypt(vg config.LvmVG) {
|
func setupCrypt(devSpecs []config.CryptDev, createdDevs map[string]string) {
|
||||||
cryptDevs := map[string]bool{}
|
|
||||||
|
|
||||||
var password []byte
|
var password []byte
|
||||||
passwordVerified := false
|
passwordVerified := false
|
||||||
|
|
||||||
for _, lv := range vg.LVs {
|
// flat, expanded devices to open
|
||||||
if lv.Crypt == "" {
|
devNames := make([]config.CryptDev, 0, len(devSpecs))
|
||||||
|
|
||||||
|
for _, devSpec := range devSpecs {
|
||||||
|
if devSpec.Dev == "" && devSpec.Prefix == "" {
|
||||||
|
fatalf("crypt: name %q: no dev or match set", devSpec.Name)
|
||||||
|
}
|
||||||
|
if devSpec.Dev != "" && devSpec.Prefix != "" {
|
||||||
|
fatalf("crypt: name %q: both dev (%q) and match (%q) are set", devSpec.Name, devSpec.Dev, devSpec.Prefix)
|
||||||
|
}
|
||||||
|
|
||||||
|
if devSpec.Dev != "" {
|
||||||
|
// already flat
|
||||||
|
devNames = append(devNames, devSpec)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
if cryptDevs[lv.Crypt] {
|
matches, err := filepath.Glob(devSpec.Prefix + "*")
|
||||||
fatalf("duplicate crypt device name: %s", lv.Crypt)
|
if err != nil {
|
||||||
|
fatalf("failed to search for device matches: %v", err)
|
||||||
}
|
}
|
||||||
cryptDevs[lv.Crypt] = true
|
|
||||||
|
for _, m := range matches {
|
||||||
|
suffix := m[len(devSpec.Prefix):]
|
||||||
|
|
||||||
|
devNames = append(devNames, config.CryptDev{Dev: m, Name: devSpec.Name + suffix})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
cryptDevs := map[string]bool{}
|
||||||
|
|
||||||
|
for _, devName := range devNames {
|
||||||
|
name, dev := devName.Name, devName.Dev
|
||||||
|
|
||||||
|
if name == "" {
|
||||||
|
name = filepath.Base(dev)
|
||||||
|
}
|
||||||
|
|
||||||
|
if cryptDevs[name] {
|
||||||
|
fatalf("duplicate crypt device name: %s", name)
|
||||||
|
}
|
||||||
|
cryptDevs[name] = true
|
||||||
|
|
||||||
retryOpen:
|
retryOpen:
|
||||||
if len(password) == 0 {
|
if len(password) == 0 {
|
||||||
@ -213,7 +268,10 @@ func setupCrypt(vg config.LvmVG) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
dev := "/dev/" + vg.VG + "/" + lv.Name
|
fs := createdDevs[dev]
|
||||||
|
delete(createdDevs, dev)
|
||||||
|
|
||||||
|
tgtDev := "/dev/mapper/" + name
|
||||||
|
|
||||||
needFormat := !devInitialized(dev)
|
needFormat := !devInitialized(dev)
|
||||||
if needFormat {
|
if needFormat {
|
||||||
@ -242,10 +300,20 @@ func setupCrypt(vg config.LvmVG) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
fatalf("failed luksFormat: %v", err)
|
fatalf("failed luksFormat: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
createdDevs[tgtDev] = fs
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Print("openning encrypted device ", lv.Crypt, " from ", dev)
|
if len(password) == 0 {
|
||||||
cmd := exec.Command("cryptsetup", "open", dev, lv.Crypt, "--key-file=-")
|
password = askSecret("crypt password")
|
||||||
|
|
||||||
|
if len(password) == 0 {
|
||||||
|
fatalf("empty password given")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Print("openning encrypted device ", name, " from ", dev)
|
||||||
|
cmd := exec.Command("cryptsetup", "open", dev, name, "--key-file=-")
|
||||||
cmd.Stdin = bytes.NewBuffer(password)
|
cmd.Stdin = bytes.NewBuffer(password)
|
||||||
cmd.Stdout = stdout
|
cmd.Stdout = stdout
|
||||||
cmd.Stderr = stderr
|
cmd.Stderr = stderr
|
||||||
@ -261,7 +329,7 @@ func setupCrypt(vg config.LvmVG) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if needFormat {
|
if needFormat {
|
||||||
zeroDevStart("/dev/mapper/" + lv.Crypt)
|
zeroDevStart(tgtDev)
|
||||||
}
|
}
|
||||||
|
|
||||||
passwordVerified = true
|
passwordVerified = true
|
||||||
@ -294,33 +362,25 @@ func devInitialized(dev string) bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
func setupFS(vg config.LvmVG) {
|
func setupFS(dev, fs string) {
|
||||||
for _, lv := range vg.LVs {
|
|
||||||
dev := "/dev/" + vg.VG + "/" + lv.Name
|
|
||||||
|
|
||||||
if lv.Crypt != "" {
|
|
||||||
dev = "/dev/mapper/" + lv.Crypt
|
|
||||||
}
|
|
||||||
|
|
||||||
if devInitialized(dev) {
|
if devInitialized(dev) {
|
||||||
log.Print("device ", dev, " already formatted")
|
log.Print("device ", dev, " already formatted")
|
||||||
continue
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if lv.FS == "" {
|
if fs == "" {
|
||||||
lv.FS = vg.Defaults.FS
|
fs = "ext4"
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Print("formatting ", dev, " (", lv.FS, ")")
|
log.Print("formatting ", dev, " (", fs, ")")
|
||||||
args := make([]string, 0)
|
args := make([]string, 0)
|
||||||
|
|
||||||
switch lv.FS {
|
switch fs {
|
||||||
case "btrfs":
|
case "btrfs":
|
||||||
args = append(args, "-f")
|
args = append(args, "-f")
|
||||||
case "ext4":
|
case "ext4":
|
||||||
args = append(args, "-F")
|
args = append(args, "-F")
|
||||||
}
|
}
|
||||||
|
|
||||||
run("mkfs."+lv.FS, append(args, dev)...)
|
run("mkfs."+fs, append(args, dev)...)
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -26,8 +26,9 @@ networks:
|
|||||||
- eno.*
|
- eno.*
|
||||||
- enp.*
|
- enp.*
|
||||||
script: |
|
script: |
|
||||||
|
ip a add 2001:41d0:306:168f::1337:2eed/64 dev $iface
|
||||||
ip li set $iface up
|
ip li set $iface up
|
||||||
udhcpc $iface
|
#udhcpc $iface
|
||||||
|
|
||||||
lvm:
|
lvm:
|
||||||
- vg: storage
|
- vg: storage
|
||||||
@ -52,18 +53,28 @@ lvm:
|
|||||||
|
|
||||||
lvs:
|
lvs:
|
||||||
- name: bootstrap
|
- name: bootstrap
|
||||||
crypt: bootstrap
|
|
||||||
size: 2g
|
size: 2g
|
||||||
|
|
||||||
- name: varlog
|
- name: varlog
|
||||||
crypt: varlog
|
|
||||||
extents: 10%FREE
|
extents: 10%FREE
|
||||||
|
# size: 10g
|
||||||
|
|
||||||
|
- name: podman
|
||||||
|
extents: 10%FREE
|
||||||
|
# size: 10g
|
||||||
|
|
||||||
- name: dls
|
- name: dls
|
||||||
crypt: dls
|
|
||||||
extents: 100%FREE
|
extents: 100%FREE
|
||||||
|
# size: 10g
|
||||||
|
|
||||||
|
crypt:
|
||||||
|
- dev: /dev/storage/bootstrap
|
||||||
|
- dev: /dev/storage/dls
|
||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
dev: /dev/mapper/bootstrap
|
dev: /dev/mapper/bootstrap
|
||||||
#seed: https://direktil.novit.io/bootstraps/dls
|
# TODO seed: https://direktil.novit.io/bootstraps/dls-crypt
|
||||||
|
seed: http://192.168.10.254:7606/hosts/m1/bootstrap.tar
|
||||||
|
# TODO seed_sign_key: "..."
|
||||||
|
# TODO load_and_close: true
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user