* [ general ] Change Toolchain download method. Introduce torrent downloads by using Aria2. If torrent download fails it proceeds to download from servers. It can download from all mirrors at once, so download speed is dramatically increased. @mzhboy DOWNLOAD_MIRROR parameter is not needed here anymore. The same method is used to download rootfilesystem cache. Based on ideas from here https://github.com/armbian/build/pull/1364
* Added yet another mirror for speeding up the download process, few small adjustements for torrent downloading
* Optimising direct download when DOWNLOAD_MIRROR is set to 'china' due to aria2 download limitations
* Both mirrors support HTTPS, changing
Further I introduced the variable CRYPTROOT_PARAMETERS to have the ability to pass more options to the cryptsetup command.
I've test this on an Odroid HC2 (XU4) with default kernel configuration, full OS image, "next" branch and stretch as server:
- default without encryption
- encryption with user sepcific cryptsetup parameters
- encryption without user specific cryptsetup parameters
This was already implemented with https://github.com/armbian/build/pull/948,
before but never made it into the master branch yet. Probably because the
development branch has been abandoned in the meantime and it is to much effort
now to merge it into master.
It includes all the cleanup changes from commit 08743d3 and has been successfully
tested on an Odroid HC1.
In addition to what is currently in the `luks` branch the following improvments
where done/added:
1. update_initramfs() function in debbootstrap-ng.sh, which needs to be invoked
after the partition layout and /etc/crypttab was created. Else `cryptroot-unlock`
won't work and you'll run into:
https://serverfault.com/questions/907254/cryproot-unlock-with-dropbear-timeout-while-waiting-for-askpass
Apart from that it might be useful to always run `update-initramfs` at the end
of the build process anyway, in case customize_image (userpatches) made some
changes to the initramfs tools configs.
2. CRYPTROOT_SSH_UNLOCK=yes/no config option. It's by default set to yes, but it
might be desired by some users to disable enable SSH/dropbear access while
still having LUKS support. E.g. if they have a device that has a display
and keyboard.
3. If no `authorized_keys` file is provided via userpatches, a new SSH key pair
is generated and for convenience copied to the output directory along with
the final image.
