From d3d917f0127efe6061b96517a108344471a2de03 Mon Sep 17 00:00:00 2001
From: nd <git@notandy.de>
Date: Mon, 10 Mar 2025 19:31:08 +0100
Subject: [PATCH] bookworm support

---
 tasks/main.yml      |  4 ++--
 templates/config.j2 | 16 +++++++++++++++-
 vars/main.yml       |  2 ++
 3 files changed, 19 insertions(+), 3 deletions(-)
 create mode 100644 vars/main.yml

diff --git a/tasks/main.yml b/tasks/main.yml
index 7b2ea30..539eaab 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -6,7 +6,7 @@
   notify: update initramfs
   template:
     src: config.j2
-    dest: /etc/dropbear-initramfs/config
+    dest: "{{ dropbear_initramfs_config_path }}"
     mode: 0644
     owner: root
     group: root
@@ -15,7 +15,7 @@
   notify: update initramfs
   template:
     src: authorized_keys.j2
-    dest: /etc/dropbear-initramfs/authorized_keys
+    dest: "{{ dropbear_initramfs_path }}/authorized_keys"
     mode: 0644
     owner: root
     group: root
diff --git a/templates/config.j2 b/templates/config.j2
index 9b65a41..9e434d4 100644
--- a/templates/config.j2
+++ b/templates/config.j2
@@ -3,6 +3,7 @@
 #
 # Command line options to pass to dropbear(8)
 #
+
 # -s -> disable password login
 DROPBEAR_OPTIONS="-s"
 
@@ -13,5 +14,18 @@ DROPBEAR_OPTIONS="-s"
 # The special value 'none' keeps all interfaces up and preserves routing
 # tables and addresses.
 #
-#IFDOWN=*
+#IFDOWN="*"
 
+#
+# On local (non-NFS) mounts, the network stack and dropbear are started
+# asynchronously at init-premount stage.  This value specifies the
+# maximum number of seconds to wait (while the network/dropbear are
+# being configured) at init-bottom stage before terminating dropbear and
+# bringing the network down.
+# If the timeout is too short, and if the boot process is not blocking
+# on user input supplied via SSHd (ie no remote unlocking), then the
+# initrd might pivot to init(1) too early, thereby causing a race
+# condition between network configuration from initramfs vs from the
+# normal system.
+#
+#DROPBEAR_SHUTDOWN_TIMEOUT=60
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000..25e0d8b
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,2 @@
+dropbear_initramfs_path: "{% if ansible_distribution_release == 'bullseye' %}/etc/dropbear-initramfs/{% else %}/etc/dropbear/initramfs/{% endif %}"
+dropbear_initramfs_config_path: "{{ dropbear_initramfs_path }}{% if ansible_distribution_release == 'bullseye' %}config{% else %}dropbear.conf{% endif %}"
-- 
GitLab