.

2025-08-18 01:35:27 +02:00 · 2025-08-18 01:35:27 +02:00 · 97c296da97
commit 97c296da97
parent ab251d723f
1 changed files with 17 additions and 13 deletions
--- a/post-install.sh
+++ b/post-install.sh
@ -192,29 +192,33 @@ systemctl enable clevis-luks-askpass.path || true
 echo "[+] Configuring tinyssh for remote unlock..."

 # Create tinyssh dracut module
-mkdir -p /usr/lib/dracut/modules.d/60tinyssh
+mkdir -p /usr/lib/dracut/modules.d/90tinyssh

-cat > /usr/lib/dracut/modules.d/60tinyssh/module-setup.sh << 'EOF'
+cat > /usr/lib/dracut/modules.d/90tinyssh/module-setup.sh << 'EOF'
 #!/bin/bash
+
 check() {
-    require_binaries tinysshd tinyssh-keyconvert || return 1
-    return 0
+    require_binaries tinysshd tinysshd-makekey
 }

 depends() {
    echo network
-    return 0
 }

 install() {
    inst_multiple tinysshd tinysshd-makekey
-    mkdir -p "$initdir/etc/tinyssh"
+    
+    inst_dir /etc/tinyssh
    
    # Copy authorized keys
-    [ -f /etc/tinyssh/authorized_keys ] && inst /etc/tinyssh/authorized_keys /etc/tinyssh/authorized_keys
+    if [[ -f /etc/tinyssh/authorized_keys ]]; then
+        inst /etc/tinyssh/authorized_keys /etc/tinyssh/authorized_keys
+    fi
    
-    # Copy host keys
-    [ -d /etc/tinyssh/sshkeydir ] && inst /etc/tinyssh/sshkeydir /etc/tinyssh/ 2>/dev/null || true
+    # Copy host keys directory
+    if [[ -d /etc/tinyssh/sshkeydir ]]; then
+        cp -r /etc/tinyssh/sshkeydir "$initdir/etc/tinyssh/"
+    fi
    
    # Install startup script
    inst_hook cmdline 60 "$moddir/tinyssh-start.sh"
@ -225,7 +229,7 @@ install() {
 }
 EOF

-cat > /usr/lib/dracut/modules.d/60tinyssh/tinyssh-start.sh << 'EOF'
+cat > /usr/lib/dracut/modules.d/90tinyssh/tinyssh-start.sh << 'EOF'
 #!/bin/bash
 info "Starting tinyssh SSH server on port 2222..."
 [ -d /etc/tinyssh ] || mkdir -p /etc/tinyssh
@ -233,7 +237,7 @@ info "Starting tinyssh SSH server on port 2222..."
 tinysshd -p 2222 /etc/tinyssh/sshkeydir &
 EOF

-cat > /usr/lib/dracut/modules.d/60tinyssh/unlock-luks.sh << 'EOF'
+cat > /usr/lib/dracut/modules.d/90tinyssh/unlock-luks.sh << 'EOF'
 #!/bin/bash
 echo "Available LUKS devices:"
 ls /dev/mapper/luks-* 2>/dev/null
@ -243,7 +247,7 @@ echo "Then: exit"
 /bin/bash
 EOF

-chmod +x /usr/lib/dracut/modules.d/60tinyssh/*.sh
+chmod +x /usr/lib/dracut/modules.d/90tinyssh/*.sh

 # Setup tinyssh
 mkdir -p /etc/tinyssh
@ -255,7 +259,7 @@ tinysshd-makekey /etc/tinyssh/sshkeydir

 # Configure dracut
 cat > /etc/dracut.conf.d/99-tinyssh.conf << 'EOF'
-add_dracutmodules+=" network 60tinyssh "
+add_dracutmodules+=" network tinyssh "
 install_items+=" /etc/tinyssh/authorized_keys /etc/tinyssh/sshkeydir "
 EOF