2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-26 11:30:23 +00:00

Add support to retrieve private key and crypt mount diskless/cloning

This commit is contained in:
Jarrod Johnson 2021-07-23 16:49:02 -04:00
parent 1e653851fe
commit 1e44deecf6

View File

@ -8,13 +8,25 @@ else
/opt/confluent/bin/urlmount $confluent_urls /mnt/remoteimg
fi
/opt/confluent/bin/confluent_imginfo /mnt/remoteimg/rootimg.sfs > /tmp/rootimg.info
loopdev=$(losetup -f)
mountsrc=$loopdev
losetup -r $loopdev /mnt/remoteimg/rootimg.sfs
if grep '^Format: confluent_crypted' /tmp/rootimg.info > /dev/null; then
curl -sf -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent/confluent.apikey)" https://$confluent_mgr/confluent-api/self//profileprivate/pending/rootimg.key' > /tmp/rootimg.key
cipher=$(head -n 1 /tmp/rootimg.key)
key=$(head -n 1 /tmp/rootimg.key)
len=$(stat -c %s /mnt/remoteimg/rootimg.sfs)
len=$(((i-4096)/512))
dmsetup create cryptimg --table "0 $len crypt $cipher $key 0 $loopdev 8"
/opt/confluent/bin/confluent_imginfo /dev/mapper/cryptimg > /tmp/rootimg.info
mntsrc=/dev/mapper/cryptimg
fi
if grep '^Format: squashfs' /tmp/rootimg.info > /dev/null; then
mount -o loop,ro /mnt/remoteimg/*.sfs /mnt/remote
mount -o ro $mountsrc /mnt/remote
elif grep '^Format: confluent_multisquash' /tmp/rootimg.info; then
loopdev=$(losetup -f)
losetup -r $loopdev /mnt/remoteimg/rootimg.sfs
tail -n +3 /tmp/rootimg.info | awk '{print 0 " " $4 " '$loopdev' " $3 " " $7}'
tail -n +3 /tmp/rootimg.info | awk '{gsub("/", "_"); print "echo 0 " $4 " linear '$loopdev' " $3 " | dmsetup create mproot" $7}' > /tmp/setupmount.sh
tail -n +3 /tmp/rootimg.info | awk '{print 0 " " $4 " '$mountsrc' " $3 " " $7}'
tail -n +3 /tmp/rootimg.info | awk '{gsub("/", "_"); print "echo 0 " $4 " linear '$mountsrc' " $3 " | dmsetup create mproot" $7}' > /tmp/setupmount.sh
. /tmp/setupmount.sh
cat /tmp/setupmount.sh |awk '{printf "mount /dev/mapper/"$NF" "; sub("mproot", ""); gsub("_", "/"); print "/mnt/remote"$NF}' > /tmp/mountparts.sh
. /tmp/mountparts.sh