V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m57s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m57s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -13,8 +13,9 @@
|
||||
guard_sourcing
|
||||
|
||||
#######################################
|
||||
# Parsing './.preseed/preseed.yaml'.
|
||||
# Parsing './.preseed/preseed.yaml' and './.preseed/partitioning.yaml'.
|
||||
# Globals:
|
||||
# ARY_BOOTPARAM
|
||||
# ARY_NTPSRVR
|
||||
# ARY_PACKAGES
|
||||
# DIR_CNF
|
||||
@@ -30,7 +31,7 @@ yaml_parser() {
|
||||
|
||||
yq -o=shell "${DIR_TMP}/combined.yaml" >| "${VAR_PRESEED}"
|
||||
|
||||
declare -agx ARY_BOOTPARAM ARY_NTPSRVR ARY_PACKAGES
|
||||
declare -agx ARY_BOOTPARAM=() ARY_NTPSRVR=() ARY_PACKAGES=()
|
||||
declare var_key var_value
|
||||
|
||||
while IFS='=' read -r var_key var_value; do
|
||||
|
||||
@@ -121,19 +121,6 @@ partition_encryption() {
|
||||
|
||||
fi
|
||||
|
||||
if [[ "${var_encryption_nuke,,}" == "true" ]]; then
|
||||
|
||||
cryptsetup luksAddKey \
|
||||
--key-file="${DIR_CNF}/password.txt" \
|
||||
--new-keyfile="${DIR_CNF}/password_nuke.txt" \
|
||||
--new-key-slot 31 \
|
||||
--batch-mode --verbose \
|
||||
"/dev/${var_dev}${var_part}"
|
||||
|
||||
do_log "info" "false" "Partition: '/dev/${var_dev}${var_part}' 'Nuke-Key' added."
|
||||
|
||||
fi
|
||||
|
||||
cryptsetup luksHeaderBackup --header-backup-file="${DIR_BAK}/luks_header_${var_dev}${var_part}.bak" "/dev/${var_dev}${var_part}"
|
||||
do_log "info" "false" "Partition: '/dev/${var_dev}${var_part}' LUKS Header saved: '${DIR_BAK}/luks_header_${var_dev}${var_part}.bak'."
|
||||
|
||||
|
||||
@@ -58,16 +58,16 @@ setup_network() {
|
||||
declare -a ary_ipv4_ns ary_ipv6_ns
|
||||
|
||||
ary_ipv4_ns+=("${network_static_ipv4nameserver_0}")
|
||||
[[ -n "${network_static_ipv4nameserver_1}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_1}")
|
||||
[[ -n "${network_static_ipv4nameserver_2}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_2}")
|
||||
[[ -n "${network_static_ipv4nameserver_fallback_0}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_fallback_0}")
|
||||
[[ -n "${network_static_ipv4nameserver_fallback_1}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_fallback_1}")
|
||||
[[ -v "${network_static_ipv4nameserver_1}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_1}")
|
||||
[[ -v "${network_static_ipv4nameserver_2}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_2}")
|
||||
[[ -v "${network_static_ipv4nameserver_fallback_0}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_fallback_0}")
|
||||
[[ -v "${network_static_ipv4nameserver_fallback_1}" ]] && ary_ipv4_ns+=("${network_static_ipv4nameserver_fallback_1}")
|
||||
|
||||
ary_ipv6_ns+=("${network_static_ipv6nameserver_0}")
|
||||
[[ -n "${network_static_ipv6nameserver_1}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_1}")
|
||||
[[ -n "${network_static_ipv6nameserver_2}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_2}")
|
||||
[[ -n "${network_static_ipv6nameserver_fallback_0}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_fallback_0}")
|
||||
[[ -n "${network_static_ipv6nameserver_fallback_1}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_fallback_1}")
|
||||
[[ -v "${network_static_ipv6nameserver_1}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_1}")
|
||||
[[ -v "${network_static_ipv6nameserver_2}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_2}")
|
||||
[[ -v "${network_static_ipv6nameserver_fallback_0}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_fallback_0}")
|
||||
[[ -v "${network_static_ipv6nameserver_fallback_1}" ]] && ary_ipv6_ns+=("${network_static_ipv6nameserver_fallback_1}")
|
||||
|
||||
### Check current network connection and configure variables
|
||||
var_auto_nic=$(ip -o link show | awk -F': ' '/state UP/ && $2!="lo" {print $2; exit}')
|
||||
|
||||
@@ -53,9 +53,9 @@ setup_dropbear() {
|
||||
### Prepare dropbear authorized_keys
|
||||
declare -a ary_user=()
|
||||
ary_user+=("${user_root_ssh_pubkeys_0}")
|
||||
[[ -n "${user_root_ssh_pubkeys_1}" ]] && ary_user+=("${user_root_ssh_pubkeys_1}")
|
||||
[[ -n "${user_root_ssh_pubkeys_2}" ]] && ary_user+=("${user_root_ssh_pubkeys_2}")
|
||||
[[ -n "${user_root_ssh_pubkeys_3}" ]] && ary_user+=("${user_root_ssh_pubkeys_3}")
|
||||
[[ -v "${user_root_ssh_pubkeys_1}" ]] && ary_user+=("${user_root_ssh_pubkeys_1}")
|
||||
[[ -v "${user_root_ssh_pubkeys_2}" ]] && ary_user+=("${user_root_ssh_pubkeys_2}")
|
||||
[[ -v "${user_root_ssh_pubkeys_3}" ]] && ary_user+=("${user_root_ssh_pubkeys_3}")
|
||||
|
||||
touch "${TARGET}/etc/dropbear/initramfs/authorized_keys" && chmod 0600 "${TARGET}/etc/dropbear/initramfs/authorized_keys"
|
||||
printf "%s\n" "${ary_user[@]}" > "${TARGET}/etc/dropbear/initramfs/authorized_keys"
|
||||
@@ -151,7 +151,6 @@ EOF
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Finally, deploy all changes done via 'update-grub' and 'update-initramfs'.
|
||||
do_in_target "${TARGET}" update-grub
|
||||
do_in_target "${TARGET}" update-initramfs -u -v -k all
|
||||
|
||||
Reference in New Issue
Block a user