V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-07-24 18:28:35 +02:00
parent e9681e87c5
commit 0a2d983c7d
64 changed files with 525 additions and 1423 deletions
--- a/func/system/4150_setup_grub.sh
+++ b/func/system/4150_setup_grub.sh
@@ -36,7 +36,9 @@ guard_sourcing
 #   0: on success
 #######################################
 setup_grub() {
-  declare var_update_grub_required="false"
+  declare -gx var_update_grub_required="false"
+  get_all_boot_devs
+

  if [[ "${grub_skip,,}" != "true" ]]; then

@@ -44,37 +46,51 @@ setup_grub() {
    if [[ "${grub_latest,,}" == "true" ]]; then

      ### Install the GRUB2 backported version from the Bookworm backports repository.
-      do_in_target "${TARGET}" apt-get install -y -t bookworm-backports grub2 grub2-common
+      if [[ "${VAR_RECIPE_FIRMWARE}" == "uefi" ]]; then
+
+        case "${VAR_ARCHITECTURE,,}" in
+          amd64)  do_in_target "${TARGET}" apt-get install -y -t bookworm-backports grub2 grub2-common grub-efi-amd64 ;;
+          arm64)  do_in_target "${TARGET}" apt-get install -y -t bookworm-backports grub2 grub2-common grub-efi-arm64 ;;
+          i386)   do_in_target "${TARGET}" apt-get install -y -t bookworm-backports grub2 grub2-common grub-efi-ia32  ;;
+          *)      do_log "emergency" "true" "Unsupported UEFI architecture: ${VAR_ARCHITECTURE}"; return "${ERR_GRUB_ARCHITECTURE}" ;;
+        esac
+
+      else
+
+        do_in_target "${TARGET}" apt-get install -y -t bookworm-backports grub2 grub2-common grub-pc
+
+      fi

    else

      ### Install the GRUB2 stable version.
-      do_in_target "${TARGET}" apt-get install -y grub2 grub2-common
+      if [[ "${VAR_RECIPE_FIRMWARE}" == "uefi" ]]; then
+
+        case "${VAR_ARCHITECTURE,,}" in
+          amd64)  do_in_target "${TARGET}" apt-get install -y grub2 grub2-common grub-efi-amd64 ;;
+          arm64)  do_in_target "${TARGET}" apt-get install -y grub2 grub2-common grub-efi-arm64 ;;
+          i386)   do_in_target "${TARGET}" apt-get install -y grub2 grub2-common grub-efi-ia32  ;;
+          *)      do_log "emergency" "true" "Unsupported UEFI architecture: ${VAR_ARCHITECTURE}"; return "${ERR_GRUB_ARCHITECTURE}" ;;
+        esac
+
+      else
+
+        do_in_target "${TARGET}" apt-get install -y grub2 grub2-common grub-pc
+
+      fi

    fi

    ### Install grub on the specific device.
    if [[ "${grub_force_efi,,}" == "false" ]]; then

-      if [[ "${VAR_RECIPE_TABLE,,}" == "gpt" && "${VAR_RECIPE_FIRMWARE,,}" == "uefi" ]]; then
+      if [[ "${VAR_RECIPE_FIRMWARE,,}" == "uefi" ]]; then

-        do_in_target "${TARGET}" grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=Debian --modules="btrfs cryptodisk luks2 gcry_rijndael gcry_sha256 gcry_sha512 part_gpt"
-        var_update_grub_required="true"
+        install_grub_uefi_all

-      elif [[ "${VAR_RECIPE_TABLE,,}" == "gpt" && "${VAR_RECIPE_FIRMWARE,,}" == "bios"  ]]; then
+      elif [[ "${VAR_RECIPE_FIRMWARE,,}" == "bios" ]]; then

-        do_in_target "${TARGET}" grub-install --target=i386-pc --boot-directory=/boot --modules="btrfs cryptodisk luks2 gcry_rijndael gcry_sha256 gcry_sha512 part_gpt" --recheck "${grub_bootdev}"
-        var_update_grub_required="true"
-
-      elif [[ "${VAR_RECIPE_TABLE,,}" == "msdos" && "${VAR_RECIPE_FIRMWARE,,}" == "uefi" ]]; then
-
-        do_in_target "${TARGET}" grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=Debian --modules="btrfs cryptodisk luks2 gcry_rijndael gcry_sha256 gcry_sha512 part_msdos"
-        var_update_grub_required="true"
-
-      elif [[ "${VAR_RECIPE_TABLE,,}" == "msdos" && "${VAR_RECIPE_FIRMWARE,,}" == "bios" ]]; then
-
-        do_in_target "${TARGET}" grub-install --target=i386-pc --boot-directory=/boot --modules="btrfs cryptodisk luks2 gcry_rijndael gcry_sha256 gcry_sha512 part_msdos" --recheck "${grub_bootdev}"
-        var_update_grub_required="true"
+        install_grub_bios_all

      fi

@@ -173,4 +189,123 @@ EOF

  return 0
 }
+
+#######################################
+# Detects and collects all boot devices for GRUB installation.
+# Supports /dev/sdX, /dev/vdX, /dev/hdX, /dev/nvmeXn1, /dev/mmcblkX.
+# Globals:
+#   VAR_RECIPE_DEV_COUNTER
+#   ary_bootdev_all
+#   grub_bootdev
+# Arguments:
+#   None
+# Returns:
+#   0: on success
+#######################################
+get_all_boot_devs() {
+  declare -ag ary_bootdev_all=()
+  declare dev="" dev_prefix="" dev_path="" letter=""
+  declare -i ascii ascii_end ascii_start
+
+  ### Determine prefix from grub_bootdev (e.g., "sd", "vd", "nvme", "mmcblk")
+  dev_prefix=$(basename "${grub_bootdev}" | sed -E 's/^([a-z]+)[a-z0-9]*$/\1/')
+
+  case "${dev_prefix}" in
+    sd|vd|hd)
+      ascii_start=$(printf '%d' "'a")
+      ascii_end=$(printf '%d' "'${VAR_RECIPE_DEV_COUNTER}")
+      for ((ascii = ascii_start; ascii <= ascii_end; ascii++)); do
+        letter=$(printf "%b" "\\$(printf '%03o' "${ascii}")")
+        dev_path="/dev/${dev_prefix}${letter}"
+        [[ -b "${dev_path}" ]] && ary_bootdev_all+=("${dev_path}")
+      done
+      ;;
+    nvme)
+      # shellcheck disable=SC2312
+      while read -r dev; do
+        ary_bootdev_all+=("/dev/${dev}")
+      done < <(lsblk -dn -o NAME | grep -E '^nvme[0-9]+n1$')
+      ;;
+    mmcblk)
+      # shellcheck disable=SC2312
+      while read -r dev; do
+        ary_bootdev_all+=("/dev/${dev}")
+      done < <(lsblk -dn -o NAME | grep -E '^mmcblk[0-9]+$')
+      ;;
+    *)
+      do_log "warning" "true" "Unrecognized boot device prefix: ${dev_prefix}"
+      ;;
+  esac
+
+  return 0
+}
+
+#######################################
+# Installs GRUB in BIOS mode on all block devices.
+# Globals:
+#   TARGET
+#   VAR_RECIPE_TABLE
+#   ary_bootdev_all
+#   var_update_grub_required
+# Arguments:
+#   None
+# Returns:
+#   0: on success
+#   ERR_PARTITIONTBL on failure
+#######################################
+install_grub_bios_all() {
+  declare dev="" partmod=""
+
+  case "${VAR_RECIPE_TABLE,,}" in
+    gpt)       partmod="part_gpt"   ;;
+    msdos|mbr) partmod="part_msdos" ;;
+    *)         do_log "emergency" "true" "Unknown partition table type: '${VAR_RECIPE_TABLE}'."; return "${ERR_PARTITIONTBL}" ;;
+  esac
+
+  declare var_modules="btrfs cryptodisk luks2 gcry_rijndael gcry_sha256 gcry_sha512 ${partmod}"
+  declare -a args=(--target=i386-pc --boot-directory=/boot "--modules=${var_modules}")
+  args+=(--recheck)
+
+  for dev in "${ary_bootdev_all[@]}"; do
+    do_in_target "${TARGET}" grub-install "${args[@]}" "${dev}"
+    do_log "info" "true" "Installed: GRUB on Device: '${dev}' (BIOS)."
+    var_update_grub_required="true"
+  done
+
+  return 0
+}
+
+#######################################
+# Installs GRUB to all ESPs in UEFI mode.
+# Globals:
+#   TARGET
+#   VAR_RECIPE_TABLE
+#   ary_bootdev_all
+#   var_update_grub_required
+# Arguments:
+#   None
+# Returns:
+#   0: on success
+#   ERR_PARTITIONTBL on failure
+#######################################
+install_grub_uefi_all() {
+  declare dev="" partmod=""
+
+  case "${VAR_RECIPE_TABLE,,}" in
+    gpt)       partmod="part_gpt"   ;;
+    msdos|mbr) partmod="part_msdos" ;;
+    *)         do_log "emergency" "true" "Unknown partition table type: '${VAR_RECIPE_TABLE}'."; return "${ERR_PARTITIONTBL}" ;;
+  esac
+
+  declare var_modules="btrfs cryptodisk luks2 gcry_rijndael gcry_sha256 gcry_sha512 ${partmod}"
+  declare -a args=(--target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=Debian "--modules=${var_modules}")
+
+  for dev in "${ary_bootdev_all[@]}"; do
+    do_in_target "${TARGET}" grub-install "${args[@]}"
+    do_log "info" "true" "Installed: GRUB on Device: '${dev}' (UEFI)."
+    var_update_grub_required="true"
+  done
+
+  return 0
+}
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh