From 55c18411beca04efad7e31083f294ea292b5cccc Mon Sep 17 00:00:00 2001
From: Georg <georg@lysergic.dev>
Date: Sat, 18 Sep 2021 02:55:30 +0200
Subject: [PATCH] Init Initcpio Integration

Signed-off-by: Georg <georg@lysergic.dev>
---
 initcpio/grub-custom       | 14 ++++++++++++++
 initcpio/initcpio-hook     | 10 ++++++++++
 initcpio/initcpio-install  | 35 +++++++++++++++++++++++++++++++++++
 initcpio/install           | 16 ++++++++++++++++
 initcpio/mkinitcpio-conf   | 20 ++++++++++++++++++++
 initcpio/mkinitcpio-preset | 16 ++++++++++++++++
 6 files changed, 111 insertions(+)
 create mode 100644 initcpio/grub-custom
 create mode 100644 initcpio/initcpio-hook
 create mode 100644 initcpio/initcpio-install
 create mode 100755 initcpio/install
 create mode 100644 initcpio/mkinitcpio-conf
 create mode 100644 initcpio/mkinitcpio-preset

diff --git a/initcpio/grub-custom b/initcpio/grub-custom
new file mode 100644
index 0000000..b17c472
--- /dev/null
+++ b/initcpio/grub-custom
@@ -0,0 +1,14 @@
+#!/bin/sh
+exec tail -n +3 $0
+menuentry 'Arch Linux Remote Unlock' --class arch --class gnu-linux --class gnu {
+        load_video
+        set gfxpayload=keep
+        insmod gzio
+        insmod part_gpt
+        insmod ext2
+        search --no-floppy --fs-uuid --set=root 76320741-ff01-4abe-81b0-64ae0b122472
+        echo    'Loading ...'
+        linux   /vmlinuz-linux-lts root=UUID=XXXX rw cryptdevice=UUID=XXXX:crypt-root root=/dev/mapper/crypt-root console=tty0 console=ttyS0,115200n8 loglevel=3 ip=xxx.xxx.xxx.xxx:::255.xxx.xxx.xxx:host.example.com:eth0:off
+        echo    'Loading initial ramdisk ...'
+        initrd  /initramfs-linux-lts-luksrku.img
+}
diff --git a/initcpio/initcpio-hook b/initcpio/initcpio-hook
new file mode 100644
index 0000000..f80d7f4
--- /dev/null
+++ b/initcpio/initcpio-hook
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# Initcpio hook script for remote LUKS unlocking in BusyBox
+#
+# By Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
+
+run_hook() {
+/usr/bin/luksrku client -v /etc/luksrku-client.bin
+}
+
diff --git a/initcpio/initcpio-install b/initcpio/initcpio-install
new file mode 100644
index 0000000..315c87f
--- /dev/null
+++ b/initcpio/initcpio-install
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# Initcpio install script for remote LUKS unlocking
+#
+# By Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
+
+if [ ! -f /etc/luksrku-client.bin ]; then
+        exit 0
+fi
+build() {
+    local mod
+
+    add_module "dm-crypt"
+    add_module "dm-integrity"
+    if [[ $CRYPTO_MODULES ]]; then
+        for mod in $CRYPTO_MODULES; do
+            add_module "$mod"
+        done
+    else
+        add_all_modules "/crypto/"
+    fi
+
+    add_binary "cryptsetup"
+    add_binary "dmsetup"
+    add_file "/usr/lib/udev/rules.d/10-dm.rules"
+    add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
+    add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
+    add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
+
+    add_binary "/usr/lib/libgcc_s.so.1"
+
+    add_file "/etc/luksrku-client.bin" "/etc/luksrku-client.bin"
+    add_binary "/usr/local/sbin/luksrku" "/usr/bin/luksrku"
+    add_runscript
+}
diff --git a/initcpio/install b/initcpio/install
new file mode 100755
index 0000000..b500190
--- /dev/null
+++ b/initcpio/install
@@ -0,0 +1,16 @@
+#!/bin/bash
+#
+#
+
+install() {
+	SRC="$1"
+	DST="$2"
+	cp "$SRC" "$DST"
+	chown root:root "$DST"
+	chmod 640 "$DST"
+}
+	
+install initcpio-install /etc/initcpio/install/luksrku
+install initcpio-hook /etc/initcpio/hooks/luksrku
+install mkinitcpio-preset /etc/mkinitcpio.d/linux-lts-luksrku.preset
+install mkinitcpio-conf /etc/mkinitcpio.d/mkinitcpio.luksrku.conf
diff --git a/initcpio/mkinitcpio-conf b/initcpio/mkinitcpio-conf
new file mode 100644
index 0000000..4a47bf4
--- /dev/null
+++ b/initcpio/mkinitcpio-conf
@@ -0,0 +1,20 @@
+# vim:set ft=sh
+MODULES=()
+BINARIES=()
+FILES=()
+HOOKS=(base udev autodetect modconf block filesystems net luksrku keymap keyboard fsck)
+
+# COMPRESSION
+# Use this to compress the initramfs image. By default, zstd compression
+# is used. Use 'cat' to create an uncompressed image.
+#COMPRESSION="zstd"
+#COMPRESSION="gzip"
+#COMPRESSION="bzip2"
+#COMPRESSION="lzma"
+#COMPRESSION="xz"
+#COMPRESSION="lzop"
+#COMPRESSION="lz4"
+
+# COMPRESSION_OPTIONS
+# Additional options for the compressor
+#COMPRESSION_OPTIONS=()
diff --git a/initcpio/mkinitcpio-preset b/initcpio/mkinitcpio-preset
new file mode 100644
index 0000000..d4264c4
--- /dev/null
+++ b/initcpio/mkinitcpio-preset
@@ -0,0 +1,16 @@
+# mkinitcpio preset file for the 'linux-lts' package
+
+ALL_config="/etc/mkinitcpio.d/mkinitcpio.luksrku.conf"
+ALL_kver="/boot/vmlinuz-linux-lts"
+
+PRESETS=('default' 'regular' 'fallback')
+
+#default_config="/etc/mkinitcpio.d/mkinitcpio.luksrku.conf"
+default_image="/boot/initramfs-linux-lts-luksrku.img"
+
+#regular_config="/etc/mkinitcpio.conf"
+regular_config="/etc/mkinitcpio.conf"
+
+#fallback_config="/etc/mkinitcpio.conf"
+fallback_image="/boot/initramfs-linux-lts-fallback.img"
+fallback_options="-S autodetect"