Use debconf to get the options.

4 files changed, 128 insertions, 91 deletions

diff --git a/fripost-install.template b/fripost-install.template
new file mode 100644
index 0000000..696d6e0
--- /dev/null
+++ b/fripost-install.template
@@ -0,0 +1,21 @@
+# Fripost's debconf configuration
+#
+# Copyright 2013 Guilhem Moulin <guilhem@fripost.org>
+#
+# Licensed under the GNU GPL version 3 or higher.
+
+Template: fripost-install/full-disk-encryption
+Type: boolean
+Default: true
+Description: Should the system disk be fully encrypted? (Excluding /boot.)
+
+Template: fripost-install/full-disk-encryption-password
+Type: password
+Default:
+Description: Password for full-disk encryption.
+
+Template: fripost-install/full-disk-encryption-fillrandom
+Type: select
+Default: badblocks
+Choices: none, badblocks, urandom, random
+Description: How to fill the disk with random data before encryption.
diff --git a/post-install-msg.sh b/post-install-msg.sh
index 8c5d5d7..8fecde4 100755
--- a/post-install-msg.sh
+++ b/post-install-msg.sh
@@ -25,11 +25,11 @@ template=$(mktemp)
 
 cat > "$template" <<EOF
 Template: post-install/title
-Type: text
+Type: note
 Description: Installation complete
 
 Template: post-install/text
-Type: text
+Type: note
 Description: Press 'continue' to reboot
  After the reboot, you will be able to log in to this new Debian GNU/Linux
  system:
diff --git a/pre-partman.sh b/pre-partman.sh
index ebb1d1e..0aa93bd 100755
--- a/pre-partman.sh
+++ b/pre-partman.sh
@@ -10,53 +10,127 @@
 
 set -ue
 
-# Crypto, disk and network modules, required to unlock the system from our initramfs
+. /usr/share/debconf/confmodule
+
+debconf-loadtemplate fripost-install /cdrom/preseed/fripost-install.template
+
+db_input high fripost-install/full-disk-encryption || true
+db_go
+db_get fripost-install/full-disk-encryption
+[ x"${RET:-true}" = x"false" ] && exit 0
+
+# Crypto, disk and network modules, required to unlock the system from
+# our initramfs.
 # TODO: should probably be stored in debconf, since we'll need the
 # modules in the target only
 while read k rest; do /sbin/modinfo -F filename "$k"; done < /proc/modules \
 | sed -nr "s@^/lib/modules/`uname -r`/kernel/(arch|drivers/(ata|scsi))(/.*)?/([^/]+)\.ko\$@\4@p" \
 > /tmp/initramfs-modules
 
-anna-install cryptsetup-udeb openssh-server-udeb
-mkdir -pm0755 /etc/ssh/
-ssh-keygen -b 4096 -t rsa -N '' -C /etc/ssh/ssh_host_rsa_key -f /etc/ssh/ssh_host_rsa_key
+anna-install cryptsetup-udeb
+
+db_input high fripost-install/full-disk-encryption-password || true
+db_go
+db_get fripost-install/full-disk-encryption-password
+
+if [ -n "$RET" ]; then
+	touch ~root/root.key
+	chmod 0644 ~root/root.key
+	echo $RET >> ~root/root.key #TODO we don't want echo there
+	# TODO: remove passord from debconf
+else
+    anna-install openssh-server-udeb
+
+    mkdir -pm0755 /etc/ssh/
+	sshHostKey=/etc/ssh/ssh_host_rsa_key
+    ssh-keygen -b 4096 -t rsa -N '' -C $sshHostKey -f $sshHostKey
+
+    cat > /etc/ssh/sshd_config <<- EOF
+	Port 22
+	Protocol 2
+	HostKey $sshHostKey
+	UsePrivilegeSeparation no
+
+	PasswordAuthentication no
+	ChallengeResponseAuthentication no
+	HostbasedAuthentication no
+	PubkeyAuthentication yes
+
+	PermitRootLogin yes
+	AllowUsers root
+	StrictModes yes
+
+	ForceCommand /bin/sh -c 'umask 0077; cat > ~root/root.key'
+	EOF
+
+    # Populate the authorized keys. TODO: make something more generic
+    test -d ~root/.ssh || mkdir -m 0700 ~root/.ssh
+    cat > ~root/.ssh/authorized_keys <<- EOF
+	no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa ...
+	EOF
+    chmod og-rwx ~root/.ssh/authorized_keys
 
-cat > /etc/ssh/sshd_config << EOF
-Port 22
-Protocol 2
-HostKey /etc/ssh/ssh_host_rsa_key
-UsePrivilegeSeparation no
+    # Start the SSH daemon
+    touch /var/log/lastlog
+    /usr/sbin/sshd
 
-PasswordAuthentication no
-ChallengeResponseAuthentication no
-HostbasedAuthentication no
-PubkeyAuthentication yes
+    # Tell the user we're ready
+    ipv4="$(ip addr show eth0 | sed -nr 's/^\s+inet\s([0-9.]{4,32}).*/\1/p')"
+    template=$(mktemp)
 
-PermitRootLogin yes
-AllowUsers root
-StrictModes yes
+    cat > "$template" <<- EOF
+	Template: cryptsetup-ssh-slurpkey/title
+	Type: note
+	Description: Waiting for passphrase
 
-ForceCommand /bin/sh -c 'umask 0077; cat > ~root/root.key'
-EOF
+	Template: cryptsetup-ssh-slurpkey/text
+	Type: note
+	Description: Press 'continue' once you have sent the key
+	 You now need to send the encryption key for LUKS/dm-crypt to
+	 this special-purpose SSH server:
+	 .
+	     ssh -T -p 22 -l root $ipv4 < /path/to/key
+	 .
+	 To defeat MiTM-attacks, please ensure that the server fingerprint matches
+	 .
+	     $(ssh-keygen -lf $sshHostKey)
+	 .
+	 Key(s) that are granted access have the following fingerprint:
+	 .
+	EOF
+    while read pk; do
+    	# ssh-keygen can't read from STDIN, and ash doesn't have the '<<<'
+    	# construct, so we save each pubkey in a temporary file
+    	pkf=$(mktemp)
+    	echo "$pk" > "$pkf"
+    	echo "   - $(ssh-keygen -lf $pkf)" >> "$template"
+    	rm "$pkf"
+    done < ~root/.ssh/authorized_keys
+    cat >> $template <<- EOF
+	 .
+	 Note: This server is ephemeral, and will be replaced with a full-blown
+	 one toward the end of the installation.
+	EOF
 
-# Populate the authorized keys. TODO: make something more generic
-test -d ~root/.ssh || mkdir -m 0700 ~root/.ssh
-cat > ~root/.ssh/authorized_keys << EOF
-no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa ...
-EOF
-chmod og-rwx ~root/.ssh/authorized_keys
+    debconf-loadtemplate cryptsetup-ssh-slurpkey "$template"
+    # Anything sent to the SSH is stored into ~root/root.key, which is our
+    # LUKS key.
+    until test -r ~root/root.key; do
+        db_settitle cryptsetup-ssh-slurpkey/title
+        db_input critical cryptsetup-ssh-slurpkey/text
+        db_go
+    done
 
-# Start the SSH daemon
-touch /var/log/lastlog
-/usr/sbin/sshd
+	kill `cat /var/run/sshd.pid` || true
+fi
 
-# Tell the user we're ready
-/cdrom/preseed/slurpkey-msg.sh
-kill `cat /var/run/sshd.pid` || true
+db_input high fripost-install/full-disk-encryption-fillrandom || true
+db_go
+db_get fripost-install/full-disk-encryption-fillrandom
 
 # Encrypt
 
-## fill the disk with random crap
+## fill the disk with random crap (TODO: progress)
 ## partition the disk
 ## format /boot to ext2
 ## gptsync
diff --git a/slurpkey-msg.sh b/slurpkey-msg.sh
deleted file mode 100755
index 800e1e2..0000000
--- a/slurpkey-msg.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#! /bin/sh
-#
-# Tell the user that the machine is ready to slurp the key for full disk
-# encryption.
-#
-# Copyright 2013 Guilhem Moulin <guilhem@fripost.org>
-#
-# Licensed under the GNU GPL version 3 or higher.
-
-set -ue
-
-. /usr/share/debconf/confmodule
-
-ipv4="$(ip addr show eth0 | sed -nr 's/^\s+inet\s([0-9.]{4,32}).*/\1/p')"
-template=$(mktemp)
-
-cat > "$template" <<EOF
-Template: ssh-cryptsetup/title
-Type: text
-Description: Waiting for passphrase
-
-Template: ssh-cryptsetup/text
-Type: text
-Description: Press 'continue' once you have sent the key
- You now need to send the encryption key for LUKS/dm-crypt to
- this special-purpose SSH server:
- .
-     ssh -T -p 22 -l root $ipv4 < /path/to/key
- .
- To defeat MiTM-attacks, please ensure that the server fingerprint matches
- .
-     $(ssh-keygen -lf /etc/ssh/ssh_host_rsa_key)
- .
- Key(s) that are granted access have the following fingerprint:
- .
-EOF
-while read pk; do
-	# ssh-keygen can't read from STDIN, and ash doesn't have the '<<<'
-	# construct, so we save each pubkey in a temporary file
-	pkf=$(mktemp)
-	echo "$pk" > "$pkf"
-	echo "   - $(ssh-keygen -lf $pkf)" >> "$template"
-	rm "$pkf"
-done < ~root/.ssh/authorized_keys
-cat >> $template <<EOF
- .
- Note: This server is ephemeral, and will be replaced with a full-blown
- one toward the end of the installation.
-EOF
-
-debconf-loadtemplate ssh-cryptsetup "$template"
-# Anything sent to the SSH is stored into ~root/root.key, which is our
-# LUKS key.
-until test -r ~root/root.key; do
-    db_settitle ssh-cryptsetup/title
-    db_input critical ssh-cryptsetup/text
-    db_go
-done