V8.00.000.2025.06.17
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -46,22 +46,19 @@ installation_network() {
|
||||
chroot_script "${TARGET}" "
|
||||
export INITRD=No
|
||||
apt-get purge -y dhcpcd isc-dhcp-client 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
chroot_script "${TARGET}" "
|
||||
export INITRD=No
|
||||
apt-get install -y --no-install-suggests ifupdown dhcpcd-base 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
export INITRD=No
|
||||
apt-get install -y --no-install-suggests dhcpcd-base ifupdown 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
echo "systemctl disable systemd-networkd NetworkManager" >> "${TARGET}${var_logfile}"
|
||||
echo "systemctl disable dhcpcd.service" >> "${TARGET}${var_logfile}"
|
||||
|
||||
chroot_script "${TARGET}" "
|
||||
export INITRD=No
|
||||
systemctl disable systemd-networkd NetworkManager 2>/dev/null | tee -a ${var_logfile} || true
|
||||
systemctl disable dhcpcd.service 2>/dev/null | tee -a ${var_logfile} || true
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
mkdir -p "${TARGET}/etc/network/interfaces.d"
|
||||
@@ -95,7 +92,6 @@ source-directory /etc/network/interfaces.d
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
chmod 0644 "${TARGET}/etc/network/interfaces"
|
||||
do_log "info" "file_only" "4300() Header '${TARGET}/etc/network/interfaces' created."
|
||||
@@ -104,92 +100,72 @@ EOF
|
||||
### Configure network interfaces based on 'preseed.yaml' and create network configuration files for IPv4.
|
||||
if [[ "${network_autoconfig_enable}" == "true" && "${network_choose_interface_auto}" == "true" ]]; then
|
||||
|
||||
insert_header "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
insert_comments "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces"
|
||||
# The primary network interface: IPv4 via DHCP
|
||||
auto ${VAR_FINAL_NIC}
|
||||
allow-hotplug ${VAR_FINAL_NIC}
|
||||
|
||||
iface ${VAR_FINAL_NIC} inet dhcp
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
do_log "info" "file_only" "4300() IPv4 on the primary NIC: '${VAR_FINAL_NIC}' configured with DHCP."
|
||||
|
||||
elif [[ "${network_autoconfig_enable}" == "true" && "${network_choose_interface_auto}" == "false" ]]; then
|
||||
|
||||
insert_header "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
insert_comments "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces"
|
||||
# The primary network interface: IPv4 via DHCP
|
||||
auto ${VAR_FINAL_NIC}
|
||||
allow-hotplug ${VAR_FINAL_NIC}
|
||||
|
||||
iface ${VAR_FINAL_NIC} inet dhcp
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
|
||||
do_log "info" "file_only" "4300() IPv4 on the primary NIC: '${VAR_FINAL_NIC}' configured with DHCP."
|
||||
|
||||
fi
|
||||
|
||||
if [[ "${network_autoconfig_enable}" == "false" ]]; then
|
||||
|
||||
insert_header "${TARGET}/etc/network/interfaces.d/10-ipv4-static"
|
||||
insert_comments "${TARGET}/etc/network/interfaces.d/10-ipv4-static"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces.d/10-ipv4-static"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces"
|
||||
# The primary network interface: IPv4 via static IP
|
||||
iface ${VAR_FINAL_NIC} inet static
|
||||
address ${VAR_FINAL_IPV4}
|
||||
netmask ${VAR_FINAL_IPV4_SUBNET}
|
||||
gateway ${VAR_FINAL_IPV4_GW}
|
||||
#dns-nameservers ${ARY_IPV4_NS[*]}
|
||||
auto ${VAR_FINAL_NIC}
|
||||
allow-hotplug ${VAR_FINAL_NIC}
|
||||
|
||||
iface ${VAR_FINAL_NIC} inet static
|
||||
address ${VAR_FINAL_IPV4}
|
||||
netmask ${VAR_FINAL_IPV4_SUBNET}
|
||||
gateway ${VAR_FINAL_IPV4_GW}
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv4-static"
|
||||
do_log "info" "file_only" "4300() IPv4 on the primary NIC: '${VAR_FINAL_NIC}' configured statically."
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Configure network interfaces based on 'preseed.yaml' and create network configuration files for IPv6.
|
||||
if [[ "${network_autoconfig_enable}" == "true" && -z "${network_static_ipv6address}" ]]; then
|
||||
|
||||
insert_header "${TARGET}/etc/network/interfaces.d/10-ipv6-dhcp"
|
||||
insert_comments "${TARGET}/etc/network/interfaces.d/10-ipv6-dhcp"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces.d/10-ipv6-dhcp"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces"
|
||||
# The primary network interface: IPv6 via SLAAC (+ stateless DHCPv6 for DNS)
|
||||
iface ${VAR_FINAL_NIC} inet6 auto
|
||||
accept_ra 2
|
||||
dhcp 1
|
||||
accept_ra 2
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv6-dhcp"
|
||||
do_log "info" "file_only" "4300() IPv6 on the primary NIC: '${VAR_FINAL_NIC}' configured with DHCP."
|
||||
do_log "info" "file_only" "4300() IPv6 on the primary NIC: '${VAR_FINAL_NIC}' configured with stateless DHCPv6."
|
||||
|
||||
elif [[ "${network_autoconfig_enable}" == "false" || -n "${network_static_ipv6address}" ]]; then
|
||||
|
||||
insert_header "${TARGET}/etc/network/interfaces.d/10-ipv6-static"
|
||||
insert_comments "${TARGET}/etc/network/interfaces.d/10-ipv6-static"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces.d/10-ipv6-static"
|
||||
cat << EOF >> "${TARGET}/etc/network/interfaces"
|
||||
# The primary network interface: IPv6 via static IP
|
||||
iface ${VAR_FINAL_NIC} inet6 static
|
||||
address ${VAR_FINAL_IPV6_CIDR}
|
||||
gateway ${VAR_FINAL_IPV6_GW}
|
||||
#dns-nameservers ${ARY_IPV6_NS[*]}
|
||||
address ${VAR_FINAL_IPV6_CIDR}
|
||||
gateway ${VAR_FINAL_IPV6_GW}
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv6-static"
|
||||
do_log "info" "file_only" "4300() IPv6 on the primary NIC: '${VAR_FINAL_NIC}' configured statically."
|
||||
|
||||
fi
|
||||
|
||||
printf '# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf\n' >> "${TARGET}/etc/network/interfaces"
|
||||
|
||||
### Prepare basic 'dhcpcd-base' DHCP Client options.
|
||||
if [[ -f "${TARGET}/etc/dhcpcd.conf" ]]; then
|
||||
@@ -223,7 +199,6 @@ fqdn both
|
||||
|
||||
EOF
|
||||
|
||||
|
||||
### Ensure 'dhcpcd-base' DHCP Client is not overwriting the static nameserver settings.
|
||||
### Collect static DNS from YAML (IPv4 and IPv6).
|
||||
[[ -n "${network_static_ipv4nameserver_0:-}" ]] && ary_dns_supersede+=( "${ARY_IPV4_NS[@]}" )
|
||||
@@ -235,6 +210,7 @@ EOF
|
||||
### Enforce static DNS
|
||||
nooption domain_name_servers
|
||||
nohook rdnssd
|
||||
nohook resolvconf
|
||||
|
||||
### Static DNS-resolvers
|
||||
interface ${VAR_FINAL_NIC}
|
||||
@@ -247,18 +223,19 @@ EOF
|
||||
|
||||
fi
|
||||
|
||||
|
||||
### Footer (always).
|
||||
echo '' >> "${TARGET}/etc/dhcpcd.conf"
|
||||
echo '# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf' >> "${TARGET}/etc/dhcpcd.conf"
|
||||
|
||||
|
||||
### Check dhcpcd connectivity.
|
||||
chroot_script "${TARGET}" "
|
||||
dhcpcd -T ${VAR_FINAL_NIC} | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
dhcpcd -T ${VAR_FINAL_NIC} | tee -a ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
guard_dir && return 0
|
||||
}
|
||||
### Prevents accidental 'unset -f'.
|
||||
# shellcheck disable=SC2034
|
||||
readonly -f installation_network
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
|
||||
@@ -30,7 +30,7 @@ installation_netsec() {
|
||||
chroot_script "${TARGET}" "
|
||||
export INITRD=No
|
||||
apt-get install -y --no-install-suggests fail2ban ufw 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
guard_dir && return 0
|
||||
|
||||
@@ -32,18 +32,18 @@ update_initramfs() {
|
||||
|
||||
chroot_script "${TARGET}" "
|
||||
update-grub 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
chroot_script "${TARGET}" "
|
||||
depmod -a ${var_kernel} 2>&1 | tee -a ${var_logfile}
|
||||
update-initramfs -c -v -k all 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
chroot_script "${TARGET}" "
|
||||
update-grub 2>&1 | tee -a ${var_logfile}
|
||||
echo ExitCode: \$? >> ${var_logfile}
|
||||
echo ExitCode of PIPESTATUS[0]: [\${PIPESTATUS[0]}] >> ${var_logfile}
|
||||
"
|
||||
|
||||
chmod 0400 "${TARGET}/boot/grub/grub.cfg"
|
||||
|
||||
Reference in New Issue
Block a user