~bitfehler/makeimg

0ffff503ed1c6d412b4f4b0a55f83eaf47679fb2 — Conrad Hoffmann 5 months ago 0e683dd
Use password secret for Arch Linux example
2 files changed, 11 insertions(+), 3 deletions(-)

M examples/archlinux/IMGBUILD
A examples/archlinux/secrets/+rootpw
M examples/archlinux/IMGBUILD => examples/archlinux/IMGBUILD +10 -3
@@ 40,6 40,16 @@ packages="
	util-linux
"

# Set login passwords from secrets
# Format is <USER>:<SECRET_NAME>. The users _must exist_. Passwords are set
# after provisioning, so users can be created there. The passwords _must_ be
# pre-encrypted to avoid issues with cross-platform builds. The secret should
# be written e.g. like this:
#     pass show user/password | openssl passwd -6 -stdin
passwords="
	root:+rootpw
"

# The provisioning function. It is executed in the context of the new image.
# Files have been copied, patches have been applied, templates have been
# rendered (see the folders in this directory and the makeimg man page).


@@ 53,9 63,6 @@ provision() {
	# Kill the gpg-agent that was started for this
	killall gpg-agent

	# echo secret | openssl passwd -6 -stdin
	echo 'root:$6$mpWkRUWMForQFL69$zceQFLgGasM6DxC9JyYAO6XrjPDEjfp7tOyVmkiag2C2TOyR/3aeD/V0OVVvJIfU2pjEqhN9ZlXD4EVsqNsrL1' | chpasswd -e

	# This example creates a tarball as output, so we cannot install a
	# bootloader. If we were to generate a raw image, though, this is how
	# it would be done:

A examples/archlinux/secrets/+rootpw => examples/archlinux/secrets/+rootpw +1 -0
@@ 0,0 1,1 @@
echo secret | openssl passwd -6 -stdin