Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2024-12-22 13:45:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

set umask for encrypted swapfile creation

Browse Source
This commit is contained in:
Daniel Micay 2024-06-21 22:36:27 -04:00
parent 597f534d63
commit 4382120e37
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deploy-initial
View File

@ -60,7 +60,7 @@ rsync -cv nftables/nftables-${hosts_firewall[$host]:-web}.conf $remote:/mnt/etc/
ssh $remote "arch-chroot /mnt systemctl enable chronyd.service fstrim.timer logrotate.timer nftables.service plocate-updatedb.timer systemd-networkd.service sshd.service unbound.service"
ssh $remote "arch-chroot /mnt systemctl disable remote-fs.target systemd-network-generator.service"
ssh $remote "dd if=/dev/random of=/mnt/swapfile bs=1M count=$swap status=progress"
ssh $remote "umask 077 && dd if=/dev/random of=/mnt/swapfile bs=1M count=$swap status=progress"
password=$(head -c32 <(tr -dc A-Za-z0-9 </dev/random))
echo password: $password