Merge pull request #63 from random-archer/dev-refactor-install

refactor install

README.md

@@ -4,7 +4,7 @@
 
 [![Master Status](https://dev.azure.com/random-archer/mkinitcpio-systemd-tool/_apis/build/status/random-archer.mkinitcpio-systemd-tool?branchName=master)](https://dev.azure.com/random-archer/mkinitcpio-systemd-tool/_build/latest?definitionId=1&branchName=master)
 
-### Summary 
+### Summary
 
 <details>
 <summary>
@@ -19,14 +19,14 @@ Provisioning tool for systemd in initramfs (systemd-tool):
 Core features provided by the hook:
 * unified systemd + mkinitcpio configuration
 * automatic provisioning of binary and config resources
-* on-demand invocation of mkinitcpio scripts and in-line functions 
+* on-demand invocation of mkinitcpio scripts and in-line functions
 
 Features provided by the included service units:
 * initrd debugging
 * early network setup
 * interactive user shell
 * remote ssh access in initrd
-* cryptsetup + custom password agent 
+* cryptsetup + custom password agent
 
 </details>
 
@@ -72,7 +72,7 @@ systemctl reboot
 ### Install Details
 
 `pacman` install actions:
-* take a look in [arch repo](https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/mkinitcpio-systemd-tool) 
+* take a look in [arch repo](https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/mkinitcpio-systemd-tool)
   and [make file](https://github.com/random-archer/mkinitcpio-systemd-tool/blob/master/Makefile)
 * provision user config and vendor systemd units into:
 * `/etc/mkinitcpio-systemd-tool` (with backup)
@@ -82,7 +82,7 @@ systemctl reboot
 * look for enabled units in the `/etc/systemd/system`
 * include in initrd units containing marker `/etc/initrd-release`
 * activate transitively in initrd any discovered systemd service units
-* auto provision into initramfs resources declared inside initrd service units  
+* auto provision into initramfs resources declared inside initrd service units
 
 ### Provisioning Questions and Answers
 
@@ -98,17 +98,17 @@ how can I customize installed service units?
 
 how can I review generated `/boot/initramfs-linux.img`?
 * to review `initramfs.img` after `mkinitcpio` but before `reboot`, use:
-* visually, with [midnight commander](https://www.archlinux.org/packages/community/x86_64/mc/) 
-  or scripted, with [mkinitcpio lsinitcpio](https://wiki.archlinux.org/index.php/Mkinitcpio#Extracting_the_image) 
+* visually, with [midnight commander](https://www.archlinux.org/packages/community/x86_64/mc/)
+  or scripted, with [mkinitcpio lsinitcpio](https://wiki.archlinux.org/index.php/Mkinitcpio#Extracting_the_image)
 
 how systemd unit transitive dependency provisioning works?
 * see `mkinitcpio-install.sh/add_systemd_unit_X()`
-* units found in `[Unit]/Requires|OnFailure` are recursively installed 
+* units found in `[Unit]/Requires|OnFailure` are recursively installed
 
 what is the purpose of `[X-SystemdTool]` section in service unit files?
 * see https://github.com/systemd/systemd/issues/3340
 * this section provides configuration interface for `mkinitcpio` provisioning actions
-* directives: `InitrdPath` `InitrdLink` `InitrdBinary` `InitrdBuild` `InitrdCall` `InitrdUnit` 
+* directives: `InitrdPath` `InitrdLink` `InitrdBinary` `InitrdBuild` `InitrdCall` `InitrdUnit`
 
 how can I auto-provision my custom service unit binaries into initramfs?
 * use `InitrdBinary=/path/target-exec` to provision service binary
@@ -121,10 +121,10 @@ how can I relocate folder during provisioning?
 * not implemented, source and target folder must use the same location
 
 how can I relocate file and/or change file mode during provisioning?
-* use `InitrdPath=/target-file source=/source-file mode=NNN` 
+* use `InitrdPath=/target-file source=/source-file mode=NNN`
 
 how can I filter directory content during provisioning?
-* use `InitrdPath=/target-folder glob=*.example` 
+* use `InitrdPath=/target-folder glob=*.example`
 
 how can I provision optional folder or file?
 * use `InitrdPath=/target-file source=/source-file optional=yes`
@@ -134,40 +134,40 @@ is there a way to create empty folder or file?
 * for empty file, use `InitrdPath=/path/target-file create=yes` note NO trailing slash
 
 how can I provision a symbolic link?
-* use `InitrdLink=/path-to-link/link-name /path-to-target/target-name`
-* note that `/path-to-target/target-name` must be provisioned separately
+* use `InitrdLink=/path-to-link/link-name target=/path-to-target/target-name`
+* note that link target `/path-to-target/target-name` must be provisioned separately
 
 can I invoke a provisioning script related to my service during mkinitcpio build time?
-* use `InitrdBuild=/path-to/script.sh command=function_name` 
+* use `InitrdBuild=/path-to/script.sh command=function_name`
 
 can I call a little provisioning script snippet during mkinitcpio build time?
 * check for available `mkinitcpio` functions in `/usr/lib/initcpio/functions.sh`
-* use `InitrdCall=inline-bash-code-here` to call these functions 
+* use `InitrdCall=inline-bash-code-here` to call these functions
 
 how can I provide custom interactive user shell for ssh client
-* change sample shell file located in `/usr/lib/mkinitcpio-systemd-tool/initrd-shell.sh`  
+* change sample shell file located in `/usr/lib/mkinitcpio-systemd-tool/initrd-shell.sh`
 
 which ssh user keys are used by initramfs sshd server(s)?
 * they come from host `/root/.ssh/authorized_keys`
 
 ### Shell Script Questions and Answers
 
 there is a `initrd-shell.sh` script provided, what does it do?
-* it is used as both interactive login shell and as a systemd service 
+* it is used as both interactive login shell and as a systemd service
 * when crypto disks are present, it acts as password agent
 * when in ssh console, it offers simple interactive menu
-* when in systemd service mode, it acts as service 
+* when in systemd service mode, it acts as service
 
 how can I review `initrd-shell.sh` actions during last boot?
 * use `journalctl -b -t shell`
 
 what does `CTRL-C` do to `initrd-shell.sh` in different modes?
 * `initrd-shell.sh` provides appropriate reaction to interrupt, depending on the context
 * while in `ssh` terminal password agent prompt, it will start a menu form `initrd-shell.sh`
-* while in `/dev/tty` local debug console, it will exit from `initrd-shell.sh` 
+* while in `/dev/tty` local debug console, it will exit from `initrd-shell.sh`
 * while in `/dev/console` password agent prompt, it will restart the `initrd-shell.sh` service
 
 is there a silent or no-echo mode during password entry in `initrd-shell.sh`?
 * there are two ways to enter silent mode (see `systemd-ask-password.c`):
 * either by pressing `BACKSPACE` as first key or by pressing `TAB` at any time
-* then the prompt will show extra text: `(no echo)`  
+* then the prompt will show extra text: `(no echo)`

src/initrd-cryptsetup.path

@@ -10,6 +10,9 @@
 # this is a twin unit for initrd-cryptsetup.service
 # enable only initrd-cryptsetup.path, initrd-cryptsetup.service is activated on demand
 
+# note:
+# remove `sd-encrypt` from HOOKS=()
+
 # note:
 # mutually exclusive with initrd-plymouth.path
 
@@ -38,4 +41,7 @@ DirectoryNotEmpty=/run/systemd/ask-password
 WantedBy=sysinit.target
 
 [X-SystemdTool]
-# not used
+
+# provision disk tables in initramfs
+InitrdPath=/etc/crypttab   source=/etc/mkinitcpio-systemd-tool/config/crypttab   replace=yes
+InitrdPath=/etc/fstab      source=/etc/mkinitcpio-systemd-tool/config/fstab      replace=yes

src/initrd-cryptsetup.service

@@ -47,12 +47,10 @@ TTYPath=/dev/console
 [X-SystemdTool]
 
 # disable default password agents
-InitrdPath=/usr/lib/systemd/system/systemd-ask-password-console.path   replace=yes create=yes
-InitrdPath=/usr/lib/systemd/system/systemd-ask-password-wall.path      replace=yes create=yes
-
-# provision disk tables in initramfs
-InitrdPath=/etc/crypttab source=/etc/mkinitcpio-systemd-tool/config/crypttab   replace=yes
-InitrdPath=/etc/fstab    source=/etc/mkinitcpio-systemd-tool/config/fstab      replace=yes
+InitrdPath=/usr/lib/systemd/system/systemd-ask-password-console.path      replace=yes create=yes
+InitrdPath=/usr/lib/systemd/system/systemd-ask-password-console.service   replace=yes create=yes
+InitrdPath=/usr/lib/systemd/system/systemd-ask-password-wall.path         replace=yes create=yes
+InitrdPath=/usr/lib/systemd/system/systemd-ask-password-wall.servive      replace=yes create=yes
 
 # provide folder for sysroot.mount
 InitrdPath=/sysroot/    create=yes
@@ -61,8 +59,7 @@ InitrdPath=/sysroot/    create=yes
 InitrdPath=/run/cryptsetup/    create=yes
 
 # include early swap support
-InitrdBinary=/usr/bin/swapon
-InitrdBinary=/usr/bin/swapoff
+InitrdBinary=/usr/bin/mkswap
 
 # include cryptsetup binaries
 InitrdBinary=/usr/bin/dmsetup

src/initrd-debug-progs.service

@@ -32,6 +32,10 @@ InitrdBinary=/usr/bin/journalctl
 InitrdBinary=/usr/bin/less replace=yes
 #InitrdBinary=/usr/bin/systemd-analyze
 
+# early swap support
+InitrdBinary=/usr/bin/swapon    optional=yes
+InitrdBinary=/usr/bin/swapoff   optional=yes
+
 # midnight commander
 InitrdBinary=/usr/bin/mc
 InitrdBinary=/usr/bin/mcedit

src/initrd-network.service

@@ -31,23 +31,23 @@ WantedBy=sysinit.target
 # TODO use predictable network interface names
 #InitrdPath=/usr/lib/udev/rules.d/80-net-setup-link.rules
 
-# include network activated in initramfs 
+# include network activated in initramfs
 InitrdPath=/etc/systemd/network/initrd-network.network source=/etc/mkinitcpio-systemd-tool/network/initrd-network.network
 
-# provision discovered network kernel modules 
+# provision discovered network kernel modules
 InitrdCall=add_checked_modules /drivers/net/
 
 # runtime location of resolv.conf provided by systemd-resolved.service
-InitrdLink=/etc/resolv.conf /run/systemd/resolve/resolv.conf
+InitrdLink=/etc/resolv.conf target=/run/systemd/resolve/resolv.conf
 
-# ensure consistent host name 
+# ensure consistent host name
 InitrdPath=/etc/hostname replace=yes optional=yes
 
-# include default config file for systemd-resolved.service 
+# include default config file for systemd-resolved.service
 InitrdPath=/usr/lib/systemd/resolv.conf
 
 # dns resolution support
 InitrdBinary=/usr/lib/libnss_dns.so.2 optional=yes
 
-# required for systemd-resolved 
+# required for systemd-resolved
 InitrdPath=/var/tmp/        create=yes

src/initrd-shell.service

@@ -27,7 +27,7 @@ InitrdBinary=/usr/bin/systemd-cat
 InitrdBinary=/usr/bin/journalctl
 
 # configure login script
-InitrdLink=/root/.profile /usr/lib/mkinitcpio-systemd-tool/initrd-shell.sh
+InitrdLink=/root/.profile target=/usr/lib/mkinitcpio-systemd-tool/initrd-shell.sh
 
 # configure user settings
 InitrdPath=/etc/group  replace=yes
@@ -40,9 +40,9 @@ InitrdBuild=/usr/lib/mkinitcpio-systemd-tool/initrd-build.sh command=do_secret_c
 InitrdPath=/root/.ssh/authorized_keys source=/root/.ssh/authorized_keys mode=600
 
 # override system actions
-InitrdLink=/usr/bin/halt /usr/bin/systemctl
-InitrdLink=/usr/bin/reboot /usr/bin/systemctl
-InitrdLink=/usr/bin/shutdown /usr/bin/systemctl
+InitrdLink=/usr/bin/halt       target=/usr/bin/systemctl
+InitrdLink=/usr/bin/reboot     target=/usr/bin/systemctl
+InitrdLink=/usr/bin/shutdown   target=/usr/bin/systemctl
 
 # required by /etc/nsswitch.conf
 InitrdBinary=/usr/lib/libnss_compat.so optional=yes

src/initrd-shell.sh

@@ -9,7 +9,7 @@
 # * implements minimal interactive menu
 # * implements password query/reply agent, see reference.md
 
-# https://github.com/koalaman/shellcheck
+# Using shell linter: https://github.com/koalaman/shellcheck
 # shellcheck shell=dash
 # shellcheck disable=SC1008 # This shebang was unrecognized
 # shellcheck disable=SC2169 # In dash, [[ ]] is not supported