Synchronize GRUB across multiple disks. https://r00t2.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
bootsync/sample.config.xml

93 lines
4.6 KiB

<?xml version="1.0" encoding="UTF-8" ?>
<!-- This example assumes Grub2 and UEFI. It should be flexible enough to tweak for other use cases
if you know what the hell you're doing. -->
<!--
SEE prep.txt FOR WHAT MUST BE DONE BEFORE RUNNING BOOTSYNC.
-->
<bootsync xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://git.square-r00t.net/BootSync/"
xsi:schemaLocation="http://git.square-r00t.net/BootSync/plain/bootsync.xsd">
<!-- The actual EFI System Partitions (ESP). At least two are required. -->
<!-- Each drive should be prepared ahead of time with efibootmgr and grub-install (see prep.txt). -->
<partitions>
<!-- These should all be unique values.
Don't do something dumb like mount different partitions on the same mountpoint or the
the same partition on multiple mountpoints. -->
<!-- Future versions of this script may support things like UUIDs or labels as an alternative to path=,
but in the meanwhile it relies on device paths explicitly. -->
<part path="/dev/sdb1" mount="/mnt/boot1"/>
<part path="/dev/sdd1" mount="/mnt/boot2"/>
</partitions>
<!--
If fileChecks isn't provided, we will still sync syncPaths (which IS required).
These files will be evaluated to and synced to the ESP partitions with the same relative path.
i.e. (part[@mount])/(file)
fileChecks[@hashtype] attribute is used to checksum all <file> children,
unless they specify their own hashtype attribute (the default is hashtype="md5" for speed optimizations).
Guaranteed valid hashtype values are:
sha1
sha224
sha256
sha384
sha512
blake2b
blake2s
If you have a non-FIPS-compliant Python (you very most likely do), the following hashtype is also available:
md5
If you have a recent enough OpenSSL (and python3), you have the additional hashtype values available:
sha3_224
sha3_256
sha3_384
sha3_512
shake_128
shake_256
Additionally, the value "false" is always available to disable hashing for a specific <file> object or to set
the default. No checksumming will be done in this case and the file will always be overwritten on every run.
This is *highly not recommended* for solid-state disks or if you have large files you plan on syncing to
the alternate ESPs (e.g. loop-mounted ISO/IMG files).
"isKernel" is by default false, but if true it is treated specially to get a kernel version.
This is to notify you if a reboot is required. If no <file> item is isKernel="true", no reboot requirement
detection will be done.
Only *the last* <file> with isKernel="true" listed is used as the kernel identifier.
-->
<fileChecks hashtype="sha1">
<!-- RELATIVE paths to /boot on your / mount. -->
<file>initramfs-linux.img</file>
<file>intel-ucode.img</file>
<file>memtest86+/memtest.bin</file>
<file isKernel="true" hashtype="sha512">vmlinuz-linux</file>
</fileChecks>
<!--
These are system paths to sync to the ESPs. They are synced recursively.
"hashtype" is also supported for syncPaths and path objects just as the same with fileChecks
and file objects (see above).
"source" should be absolute.
"target" should be relative (to the ESP mount).
"pattern" is a regex to match to restrict *filenames* to sync. Use ".*" for all files.
-->
<syncPaths hashtype="sha1">
<!-- For example, these are grub theme files. -->
<path source="/usr/share/grub/themes" target="grub/themes" pattern=".*"/>
<!-- These are grub modules - specifically, UEFI. -->
<path source="/usr/lib/grub/x86_64-efi" target="grub/x86_64-efi" pattern="^.*\.(mod|lst|sh)$"/>
<!-- And these are ISO files, in case you're like me and do loop mounting in Grub for rescue situations.
(e.g. https://wiki.archlinux.org/index.php/Multiboot_USB_drive#Using_GRUB_and_loopback_devices) -->
<!-- You can do this yourself easily via https://git.square-r00t.net/RelChk/ -->
<!-- <path hashtype="false" source="/boot/iso" target="iso" pattern="^.*\.(iso|img)$"/> -->
<!-- I use RelChk (see above), so I also copy over the .json files that contain easily accessible information
about the ISO images. -->
<path hashtype="md5" source="/boot/iso" target="iso" pattern="^.*\.(iso|img|json)$"/>
</syncPaths>
</bootsync>