V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 54s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 54s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -36,8 +36,9 @@ guard_sourcing
|
||||
# 0: on success
|
||||
#######################################
|
||||
generate_sources() {
|
||||
declare -a ary_components
|
||||
declare var_arch var_codename var_deb_src var_dir var_hostname var_hostsecure var_url var_surl
|
||||
### Declare Arrays, HashMaps, and Variables.
|
||||
declare -a ary_components=()
|
||||
declare var_arch="" var_codename="" var_deb_src="" var_dir="" var_hostname="" var_hostsecure="" var_url var_surl=""
|
||||
|
||||
# shellcheck disable=SC2154 # "${architecture}"
|
||||
var_arch="${architecture,,}"
|
||||
@@ -52,88 +53,126 @@ generate_sources() {
|
||||
# shellcheck disable=SC2154 # "${apt_sec}"
|
||||
var_hostsecure="${apt_sec,,}"
|
||||
|
||||
ary_components=(main)
|
||||
[[ "${apt_contrib,,}" == "true" ]] && ary_components+=(contrib)
|
||||
[[ "${apt_non_free,,}" == "true" ]] && ary_components+=(non-free)
|
||||
[[ "${apt_non_free_firmware,,}" == "true" ]] && ary_components+=(non-free-firmware)
|
||||
ary_components=( "main" )
|
||||
[[ "${apt_contrib,,}" == "true" ]] && ary_components+=( "contrib" )
|
||||
[[ "${apt_non_free,,}" == "true" ]] && ary_components+=( "non-free" )
|
||||
[[ "${apt_non_free_firmware,,}" == "true" ]] && ary_components+=( "non-free-firmware" )
|
||||
|
||||
if [[ "${apt_mirror_protocol,,}" == "https" ]]; then
|
||||
|
||||
var_url="https://${var_hostname}${var_dir}"
|
||||
var_surl="https://${var_hostsecure}/debian-security"
|
||||
|
||||
elif [[ "${apt_mirror_protocol,,}" == "http" ]]; then
|
||||
|
||||
var_url="http://${var_hostname}${var_dir}"
|
||||
var_surl="http://${var_hostsecure}/debian-security"
|
||||
|
||||
else
|
||||
|
||||
var_url="https://${var_hostname}${var_dir}"
|
||||
var_surl="https://${var_hostsecure}/debian-security"
|
||||
|
||||
fi
|
||||
|
||||
: >| "${TARGET}/etc/apt/sources.list"
|
||||
chmod 0644 "${TARGET}/etc/apt/sources.list"
|
||||
|
||||
### Main Repository
|
||||
# shellcheck disable=SC2153
|
||||
cat << EOF >> "${TARGET}/etc/apt/sources.list"
|
||||
# /etc/apt/sources.list : Generated by CISS.debian.installer
|
||||
# Architecture : ${var_arch}
|
||||
# Distribution : ${var_codename}
|
||||
# SPDX-Version: 3.0
|
||||
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
|
||||
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
||||
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-FileType: SOURCE
|
||||
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
|
||||
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
|
||||
# SPDX-PackageName: CISS.debian.installer
|
||||
# SPDX-Security-Contact: security@coresecret.eu
|
||||
|
||||
# /etc/apt/sources.list : Generated by CISS.debian.installer ${VAR_VERSION}
|
||||
# Architecture : ${VAR_ARCHITECTURE}
|
||||
# Distribution : ${VAR_CODENAME}
|
||||
|
||||
#------------------------------------------------------------------------------------------------------------------------------#
|
||||
# OFFICIAL DEBIAN REPOS #
|
||||
#------------------------------------------------------------------------------------------------------------------------------#
|
||||
deb ${var_url} ${var_codename} ${ary_components[*]}
|
||||
EOF
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename} ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename} ${ary_components[*]}'."
|
||||
|
||||
if [[ "${var_deb_src}" == "true" ]]; then
|
||||
|
||||
echo "deb-src ${var_url} ${var_codename} ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename} ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename} ${ary_components[*]}'."
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Security Repository
|
||||
if [[ "${apt_updates_security,,}" == "true" ]]; then
|
||||
|
||||
cat << EOF >> "${TARGET}/etc/apt/sources.list"
|
||||
|
||||
deb ${var_surl} ${var_codename}-security ${ary_components[*]}
|
||||
EOF
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_surl} ${var_codename}-security ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_surl} ${var_codename}-security ${ary_components[*]}'."
|
||||
|
||||
if [[ "${var_deb_src}" == "true" ]]; then
|
||||
|
||||
echo "deb-src ${var_surl} ${var_codename}-security ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_surl} ${var_codename}-security ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_surl} ${var_codename}-security ${ary_components[*]}'."
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Updates Repository
|
||||
if [[ "${apt_updates_release,,}" == "true" ]]; then
|
||||
|
||||
cat << EOF >> "${TARGET}/etc/apt/sources.list"
|
||||
|
||||
deb ${var_url} ${var_codename}-updates ${ary_components[*]}
|
||||
EOF
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename}-updates ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename}-updates ${ary_components[*]}'."
|
||||
|
||||
if [[ "${var_deb_src}" == "true" ]]; then
|
||||
|
||||
echo "deb-src ${var_url} ${var_codename}-updates ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename}-updates ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename}-updates ${ary_components[*]}'."
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Backports Repository
|
||||
if [[ "${apt_updates_backports,,}" == "true" ]]; then
|
||||
|
||||
cat << EOF >> "${TARGET}/etc/apt/sources.list"
|
||||
|
||||
deb ${var_url} ${var_codename}-backports ${ary_components[*]}
|
||||
EOF
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename}-backports ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename}-backports ${ary_components[*]}'."
|
||||
|
||||
if [[ "${var_deb_src,,}" == "true" ]]; then
|
||||
|
||||
echo "deb-src ${var_url} ${var_codename}-backports ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
|
||||
do_log "info" "file_only" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename}-backports ${ary_components[*]}'."
|
||||
do_log "info" "file_only" "4080() ${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename}-backports ${ary_components[*]}'."
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Clean up 'sources.list'
|
||||
sed -i '/^#/!s/[[:space:]]\+/ /g' "${TARGET}/etc/apt/sources.list"
|
||||
|
||||
cat << EOF >> "${TARGET}/etc/apt/sources.list"
|
||||
|
||||
# Copyright 2018-2025; WEIDNER, Marc S., <msw@coresecret.dev>
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
|
||||
@@ -142,7 +181,7 @@ EOF
|
||||
if [[ "${apt_updates_policy,,}" == "unattended" ]]; then
|
||||
|
||||
do_in_target "${TARGET}" apt-get install -y unattended-upgrades
|
||||
do_log "info" "file_only" "The update policy was set at installation time to '${apt_updates_policy}'."
|
||||
do_log "info" "file_only" "4080() The update policy was set at installation time to '${apt_updates_policy}'."
|
||||
|
||||
elif [[ "${apt_updates_policy,,}" == "security" ]]; then
|
||||
|
||||
@@ -150,17 +189,18 @@ EOF
|
||||
|
||||
# shellcheck disable=SC2016
|
||||
sed -i 's/^[[:space:]]*"origin=Debian,codename=\${distro_codename},label=Debian";/\/\/ &/' "${TARGET}/etc/apt/apt.conf.d/50unattended-upgrades"
|
||||
do_log "info" "file_only" "The update policy was set at installation time to '${apt_updates_policy}'."
|
||||
do_log "info" "file_only" "4080() The update policy was set at installation time to '${apt_updates_policy}'."
|
||||
|
||||
elif [[ "${apt_updates_policy,,}" == "none" ]]; then
|
||||
|
||||
do_log "info" "file_only" "The update policy was set at installation time to: '${apt_updates_policy}'."
|
||||
do_log "info" "file_only" "4080() The update policy was set at installation time to: '${apt_updates_policy}'."
|
||||
|
||||
else
|
||||
|
||||
do_log "warning" "file_only" "Update policy '${apt_updates_policy}': is not supported. Using 'none' as default."
|
||||
do_log "warning" "file_only" "4080() Update policy '${apt_updates_policy}': is not supported. Using 'none' as default."
|
||||
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
|
||||
Reference in New Issue
Block a user