diff --git a/_machines/ares.yml b/_machines/ares.yml index 7242119..b6076c6 100644 --- a/_machines/ares.yml +++ b/_machines/ares.yml @@ -2,6 +2,7 @@ font_size: 11 gpu: amd cpu: amd +encrypted_root: true users: - name: hannes diff --git a/_machines/dionysus.yml b/_machines/dionysus.yml index 0bcd472..3b79572 100644 --- a/_machines/dionysus.yml +++ b/_machines/dionysus.yml @@ -2,6 +2,7 @@ font_size: 11 gpu: intel cpu: intel +encrypted_root: true users: - name: hannes diff --git a/_machines/hera.yml b/_machines/hera.yml index d3cc0f0..2fa288e 100644 --- a/_machines/hera.yml +++ b/_machines/hera.yml @@ -2,6 +2,7 @@ font_size: 11 gpu: intel cpu: intel +encrypted_root: false # make sure that display manager works system_default_target: "graphical.target" diff --git a/_machines/neptune.yml b/_machines/neptune.yml index 6ab31f4..b780da6 100644 --- a/_machines/neptune.yml +++ b/_machines/neptune.yml @@ -2,6 +2,7 @@ font_size: 11 gpu: nvidia cpu: intel +encrypted_root: true users: - name: hannes-work diff --git a/install_scripts/ares.sh b/install_scripts/ares.sh index a971c5d..71ee843 100755 --- a/install_scripts/ares.sh +++ b/install_scripts/ares.sh @@ -89,7 +89,7 @@ cat < /etc/hosts 127.0.1.1 ares EOF -sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck microcode)/' /etc/mkinitcpio.conf +sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf mkinitcpio -P diff --git a/install_scripts/dionysus.sh b/install_scripts/dionysus.sh index be8b96f..2ac1bfa 100755 --- a/install_scripts/dionysus.sh +++ b/install_scripts/dionysus.sh @@ -89,7 +89,7 @@ cat < /etc/hosts 127.0.1.1 dionysus EOF -sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck microcode)/' /etc/mkinitcpio.conf +sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf mkinitcpio -P diff --git a/install_scripts/hera.sh b/install_scripts/hera.sh index 1820e2a..122a3c3 100755 --- a/install_scripts/hera.sh +++ b/install_scripts/hera.sh @@ -83,7 +83,7 @@ cat < /etc/hosts 127.0.1.1 hera EOF -sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block filesystems resume fsck microcode)/' /etc/mkinitcpio.conf +sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block filesystems resume fsck)/' /etc/mkinitcpio.conf mkinitcpio -P diff --git a/install_scripts/neptune.sh b/install_scripts/neptune.sh index d37fdc4..e455b89 100755 --- a/install_scripts/neptune.sh +++ b/install_scripts/neptune.sh @@ -89,7 +89,7 @@ cat < /etc/hosts 127.0.1.1 neptune EOF -sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck microcode)/' /etc/mkinitcpio.conf +sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf mkinitcpio -P diff --git a/playbook.yml b/playbook.yml index b0c5bb0..ec35958 100644 --- a/playbook.yml +++ b/playbook.yml @@ -530,6 +530,25 @@ state: present become: true + - name: set mkinitcpio hooks + set_fact: + mkinitcpio_hooks: "base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck" + when: machine.encrypted_root|bool + + - name: set mkinitcpio hooks + set_fact: + mkinitcpio_hooks: "base udev autodetect microcode modconf kms keyboard keymap consolefont block filesystems resume fsck" + when: not machine.encrypted_root|bool + + - name: configure mkinitcpio hooks + lineinfile: + path: /etc/mkinitcpio.conf + regexp: "^#?HOOKS=.*$" + line: 'HOOKS=({{ mkinitcpio_hooks }})' + become: true + notify: + - rebuild initrd + - name: use vz4 for mkinitcpio compression lineinfile: path: /etc/mkinitcpio.conf