Skip to content

Commit

Permalink
System: add virtual read-only overlayfs module (#69)
Browse files Browse the repository at this point in the history
  • Loading branch information
igorpecovnik authored Sep 12, 2024
1 parent e820b96 commit 4a1dd96
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 1 deletion.
23 changes: 22 additions & 1 deletion lib/armbian-configng/config.ng.jobs.json
Original file line number Diff line number Diff line change
Expand Up @@ -272,8 +272,29 @@
"src_reference": "https://github.com/armbian/config/blob/master/debian-config-jobs#L1446",
"author": "Igor Pecovnik",
"condition": "grep -q 'beta.armbian.com' /etc/apt/sources.list.d/armbian.list && [[ -z \"$(apt-mark showhold)\" ]]"
},
{
"id": "S12",
"description": "Enable read only filesystem",
"prompt": "This will enable Armbian read-only filesystem. Reboot is mandatory?\n\nWould you like to continue?",
"command": [ "manage_overlayfs enable" ],
"status": "Active",
"doc_link": "",
"src_reference": "",
"author": "Igor Pecovnik",
"condition": "modinfo overlay > /dev/null 2>&1 && [[ -z $(findmnt -k /media/root-ro | tail -1) ]] && [[ \"${DISTRO}\"=Ubuntu ]]"
},
{
"id": "S13",
"description": "Disable read only filesystem",
"prompt": "This will disable Armbian read-only filesystem. Reboot is mandatory?\n\nWould you like to continue?",
"command": [ "manage_overlayfs disable" ],
"status": "Active",
"doc_link": "",
"src_reference": "",
"author": "Igor Pecovnik",
"condition": "command -v overlayroot-chroot > /dev/null 2>&1 && findmnt -k /media/root-ro | tail -1 | grep -w /media/root-ro > /dev/null 2>&1"
}

]
},
{
Expand Down
26 changes: 26 additions & 0 deletions lib/armbian-configng/config.ng.system.sh
Original file line number Diff line number Diff line change
Expand Up @@ -149,4 +149,30 @@ if ! grep -q 'beta.armbian.com' /etc/apt/sources.list.d/armbian.list; then
sed -i "s/http:\/\/[^ ]*/http:\/\/beta.armbian.com/" /etc/apt/sources.list.d/armbian.list
armbian_fw_manipulate "reinstall"
fi
}

module_options+=(
["manage_overlayfs,author"]="igorpecovnik"
["manage_overlayfs,ref_link"]=""
["manage_overlayfs,feature"]="overlayfs"
["manage_overlayfs,desc"]="Set Armbian root filesystem to read only"
["manage_overlayfs,example"]="manage_overlayfs enable|disable"
["manage_overlayfs,status"]="Active"
)
#
# @description set/unset Armbian root filesystem to read only
#
function manage_overlayfs () {

if [[ "$1" == "enable" ]]; then
debconf-apt-progress -- apt-get -o Dpkg::Options::="--force-confold" -y install overlayroot cryptsetup cryptsetup-bin
[[ ! -f /etc/overlayroot.conf ]] && cp /etc/overlayroot.conf.dpkg-new /etc/overlayroot.conf
sed -i "s/^overlayroot=.*/overlayroot=\"tmpfs\"/" /etc/overlayroot.conf
sed -i "s/^overlayroot_cfgdisk=.*/overlayroot_cfgdisk=\"enabled\"/" /etc/overlayroot.conf
else
overlayroot-chroot rm /etc/overlayroot.conf > /dev/null 2>&1
debconf-apt-progress -- apt-get -y purge overlayroot cryptsetup cryptsetup-bin
fi
# reboot is mandatory
reboot
}

0 comments on commit 4a1dd96

Please sign in to comment.