From e1838750a79db8eda3ac7530186d19ab7c50d31e Mon Sep 17 00:00:00 2001
From: Kiran Kilingar Nadumane <kirankn8@gmail.com>
Date: Mon, 22 Apr 2024 19:05:59 -0700
Subject: [PATCH] support uki

---
 stylus_uki.yaml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 stylus_uki.yaml

diff --git a/stylus_uki.yaml b/stylus_uki.yaml
new file mode 100644
index 0000000..956cac7
--- /dev/null
+++ b/stylus_uki.yaml
@@ -0,0 +1,14 @@
+#cloud-config
+stages:
+  after-install:
+    - name: Run copy pub key after install commands
+      if: '[ -e "/run/cos/uki_install_mode" ]'
+      commands:
+        - echo "Copying public key to persistent path"
+        - umount /oem || true
+        - cryptsetup close /dev/mapper/oem
+        - /usr/lib/systemd/systemd-cryptsetup attach oem $(findfs PARTLABEL=oem) - tpm2-device=auto
+        - mount /dev/mapper/oem /oem
+        - cp /run/initramfs/live/.signing-public-key /oem/.signing-public-key
+        - umount /dev/mapper/oem
+        - cryptsetup close /dev/mapper/oem
\ No newline at end of file