- sudo systemctl daemon-reload # needed if the file was already there
- sudo systemctl enable keyscriptoff.service
- sudo systemctl start keyscriptoff.service
-
- # from /usr/share/doc/dropbear-initramfs/README.initramfs.gz
- while read m _; do /sbin/modinfo -F filename "$m"; done </proc/modules | \
- sed -nr "s@^/lib/modules/`uname -r`/kernel/drivers/net(/.*)?/([^/]+)\.ko\$@\2@p" \
- | sudo dd of=/etc/initramfs-tools/modules
- sudo apt-get -y install initramfs-tools-core
- # initram auth keys get setup with rootsshsync
- # then for remote unlock, ssh and do this once per crypt disk:
- # echo -n PASS >/lib/cryptsetup/passfifo
+ sudo systemctl daemon-reload # needed if the file was already there
+ sudo systemctl enable keyscriptoff.service
+ sudo systemctl start keyscriptoff.service
+
+ pi rsync
+
+ ## /usr/share/doc/dropbear-initramfs/README.initramfs.gz
+ ## claims we need to do this. but it works fine without it.
+ # tmp=$(mktemp)
+ # while read -r m _; do /sbin/modinfo -F filename "$m"; done </proc/modules | \
+ # sed -nr "s@^/lib/modules/$(uname -r)/kernel/drivers/net(/.*)?/([^/]+)\.ko\$@\2@p" \
+ # | sudo dd of=$tmp
+ # if ! diff -q /etc/initramfs-tools/modules $tmp &>/dev/null; then
+ # sudo dd if=$tmp of=/etc/initramfs-tools/modules
+ # sudo /usr/sbin/update-initramfs -u -k all
+ # fi
+ #
+ ## if we were creating an intall for a different machine needing different modules, we could include them all like this:
+ ## find /lib/modules/*/kernel/drivers/net /lib/modules/*/kernel/net -type f -name '*.ko' -printf "%f\n" | sed 's/.ko$//' | sort -u >/etc/initramfs-tools/modules
+
+ # this is here to cleanup the leftover from the comments above. remove it eventually.
+ if [[ -s /etc/initramfs-tools/modules ]]; then
+ sudo truncate -s0 /etc/initramfs-tools/modules
+ sudo /usr/sbin/update-initramfs -u -k all
+ fi
+
+ # initram auth keys get setup with rootsshsync
+ $script_dir/rootsshsync
+ # then for remote unlock, ssh and do this once per crypt disk:
+ # echo -n PASS >/lib/cryptsetup/passfifo
+ # or for buster+
+ # cryptroot-unlock
+