From 602680ab9db41e60ffadacae5c9f190c6d105d86 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Thu, 6 Jan 2022 20:08:28 +0200
Subject: make v-i use luks only if specified

Sponsored-by: author
---
 v-i | 57 +++++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 43 insertions(+), 14 deletions(-)

(limited to 'v-i')

diff --git a/v-i b/v-i
index e585de1..bf1903e 100755
--- a/v-i
+++ b/v-i
@@ -129,13 +129,43 @@ def vmdb_spec(cryptsetup_password, playbook):
                 "end": "1G",
                 "tag": "boot",
             },
-            {
-                "mkpart": "primary",
-                "device": device,
-                "start": "1G",
-                "end": "100%",
-                "tag": "cryptsetup0",
-            },
+        ]
+    }
+
+    # Set up pv0 for lvm2, either encrypted or cleartext.
+    if cryptsetup_password:
+        spec["steps"].extend(
+            [
+                {
+                    "mkpart": "primary",
+                    "device": device,
+                    "start": "1G",
+                    "end": "100%",
+                    "tag": "cryptsetup0",
+                },
+                {
+                    "cryptsetup": "cryptsetup0",
+                    "password": cryptsetup_password,
+                    "name": "pv0",
+                },
+            ]
+        )
+    else:
+        spec["steps"].extend(
+            [
+                {
+                    "mkpart": "primary",
+                    "device": device,
+                    "start": "1G",
+                    "end": "100%",
+                    "tag": "pv0",
+                },
+            ]
+        )
+
+    # Create file systems and install Debian.
+    spec["steps"].extend(
+        [
             {
                 "mkfs": "vfat",
                 "partition": "efi",
@@ -144,11 +174,6 @@ def vmdb_spec(cryptsetup_password, playbook):
                 "mkfs": "ext2",
                 "partition": "boot",
             },
-            {
-                "cryptsetup": "cryptsetup0",
-                "password": cryptsetup_password,
-                "name": "pv0",
-            },
             {
                 "vgcreate": "vg0",
                 "physical": ["pv0"],
@@ -220,9 +245,12 @@ def vmdb_spec(cryptsetup_password, playbook):
                 "image-dev": device,
             },
         ]
-    }
+    )
+
+    # If a playbook has been specified, add an ansible step.
     if playbook:
         spec["steps"].append({"ansible": "root", "playbook": playbook})
+
     return spec
 
 
@@ -232,12 +260,13 @@ def main():
     p.add_argument("--log", default="install.log")
     p.add_argument("--cache", default="cache.tar.gz")
     p.add_argument("--playbook")
+    p.add_argument("--luks")
     p.add_argument("device")
     args = p.parse_args()
 
     clean_up_disks()
 
-    spec = vmdb_spec("asdf", args.playbook)
+    spec = vmdb_spec(args.luks, args.playbook)
     tmp = tempfile.mkdtemp()
     specfile = os.path.join(tmp, "spec.yaml")
     if args.verbose:
-- 
cgit v1.2.1