V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-07-08 00:13:43 +02:00
parent 813f3ec5d7
commit a3aa3df386
3 changed files with 149 additions and 180 deletions
--- a/source/func/3.7.4.functions_installation_generate_sources.sh
+++ b/source/func/3.7.4.functions_installation_generate_sources.sh
@@ -1,176 +0,0 @@
-#!/bin/bash
-# SPDX-Version: 3.0
-# SPDX-CreationInfo: 2025-02-13; WEIDNER, Marc S.; <cendev@coresecret.eu>
-# SPDX-ExternalRef: GIT https://cendev.eu/marc.weidner/CISS.2025.debian.installer.git
-# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
-# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <cendev@coresecret.eu>
-# SPDX-FileType: SOURCE
-# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
-# SPDX-LicenseComment: This file is part of the CISS.2025.hardened.installer framework.
-# SPDX-PackageName: CISS.2025.hardened.installer
-# SPDX-Security-Contact: security@coresecret.eu
-
-###########################################################################################
-# 3.7.4. Functions - installation - generate sources                                      #
-###########################################################################################
-
-###########################################################################################
-# Generate target ${TARGET}/etc/apt/sources.list entries
-# Globals:
-#   MODULE_ERR
-#   MODULE_TXT
-#   TARGET
-#   apt_contrib
-#   apt_mirror_directory
-#   apt_mirror_hostname
-#   apt_mirror_protocol
-#   apt_non_free
-#   apt_non_free_firmware
-#   apt_security_string
-#   apt_updates_backports
-#   apt_updates_policy
-#   apt_updates_release
-#   apt_updates_security
-# Arguments:
-#   None
-###########################################################################################
-3_7_4_functions_installation_generate_sources() {
-  declare -g -x MODULE_ERR="3_7_4_functions_installation_generate_sources"
-  declare -g -x MODULE_TXT="Generating '${TARGET}/etc/apt/sources.list'"
-  do_show_header "${MODULE_TXT}"
-
-  declare CONTRIB=""
-  declare DIR=""
-  declare HOSTNAME=""
-  declare HOSTSECURE=""
-  declare NON_FREE=""
-  declare NON_FREE_FIRMWARE=""
-  declare PROTOCOL=""
-
-  DIR="${apt_mirror_directory}"
-  HOSTNAME="${apt_mirror_hostname}"
-  HOSTSECURE="${apt_security_string}"
-
-  if [[ ${apt_contrib,,} == "true" ]]; then
-    CONTRIB="contrib"
-  fi
-
-  if [[ ${apt_non_free,,} == "true" ]]; then
-    NON_FREE="non-free"
-  fi
-
-  if [[ ${apt_non_free_firmware,,} == "true" ]]; then
-    NON_FREE_FIRMWARE="non-free-firmware"
-  fi
-
-  if [[ ${apt_mirror_protocol,,} == "https" ]]; then
-    PROTOCOL="https"
-  elif [[ ${apt_mirror_protocol,,} == "http" ]]; then
-    PROTOCOL="http"
-  fi
-
-  declare CODENAME
-  # apt-get install -y lsb-release
-  CODENAME=$(lsb_release --codename --short)
-
-  touch "${TARGET}"/etc/apt/sources.list
-  chmod 0644 "${TARGET}"/etc/apt/sources.list
-
-  cat << EOF >> "${TARGET}"/etc/apt/sources.list
-#-----------------------------------------------------------------------------------------#
-#                                  OFFICIAL DEBIAN REPOS                                  #
-#-----------------------------------------------------------------------------------------#
-deb ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME} main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-deb-src ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME} main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-
-EOF
-
-  do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME} main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-  do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME} main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-
-  if [[ ${apt_updates_security,,} == "true" ]]; then
-
-    cat << EOF >> "${TARGET}"/etc/apt/sources.list
-deb ${PROTOCOL}://${HOSTSECURE}/debian-security ${CODENAME}-security main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-deb-src ${PROTOCOL}://${HOSTSECURE}/debian-security ${CODENAME}-security main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-
-EOF
-
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${PROTOCOL}://${HOSTSECURE}/debian-security ${CODENAME}-security main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${PROTOCOL}://${HOSTSECURE}/debian-security ${CODENAME}-security main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-
-  fi
-
-  if [[ ${apt_updates_release,,} == "true" ]]; then
-
-    cat << EOF >> "${TARGET}"/etc/apt/sources.list
-deb ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-updates main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-deb-src ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-updates main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-
-EOF
-
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-updates main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-updates main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-
-  fi
-
-  if [[ ${apt_updates_backports,,} == "true" ]]; then
-
-    cat << EOF >> "${TARGET}"/etc/apt/sources.list
-deb ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-backports main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-deb-src ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-backports main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}
-
-EOF
-
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-backports main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${PROTOCOL}://${HOSTNAME}${DIR} ${CODENAME}-backports main ${CONTRIB} ${NON_FREE} ${NON_FREE_FIRMWARE}'."
-
-  fi
-
-  # Clean up 'source.list'
-  sed -i '/^#/!s/[[:space:]]\+/ /g' "${TARGET}"/etc/apt/sources.list
-
-  cat << EOF >> "${TARGET}"/etc/apt/sources.list
-# Copyright 2018-2025; WEIDNER, Marc S., <cendev@coresecret.eu>
-EOF
-
-  if do_in_target "${TARGET}" apt-get update -y; then
-    do_log "info" "true" "Command: 'apt-get update -y' executed in: '${TARGET}'."
-  else
-    do_log "emergency" "true" "Failed: Command: 'apt-get update -y' executed in: '${TARGET}'."
-  fi
-
-  if [[ ${apt_updates_policy,,} == "unattended" ]]; then
-
-    if do_in_target "${TARGET}" apt-get install -y unattended-upgrades; then
-      do_log "info" "true" "Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    else
-      do_log "emergency" "true" "Failed: Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    fi
-    do_log "info" "false" "The update policy was set at installation time to: '${apt_updates_policy}' executed in: '${TARGET}'."
-
-  elif [[ ${apt_updates_policy,,} == "security" ]]; then
-
-    if do_in_target "${TARGET}" apt-get install -y unattended-upgrades; then
-      do_log "info" "true" "Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    else
-      do_log "emergency" "true" "Failed: Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    fi
-
-    # shellcheck disable=SC2016
-    sed -i 's/^\s*"origin=Debian,codename=\${distro_codename},label=Debian";/\/\/ &/' "${TARGET}"/etc/apt/apt.conf.d/50unattended-upgrades
-    do_log "info" "false" "The update policy was set at installation time to '${apt_updates_policy}' executed in: '${TARGET}'."
-
-  elif [[ ${apt_updates_policy,,} == "none" ]]; then
-
-    do_log "info" "false" "The update policy was set at installation to: '${apt_updates_policy}'."
-
-  else
-
-    do_log "warning" "false" "Update policy '${apt_updates_policy}': is not supported. Using 'none' as default."
-
-  fi
-
-  do_show_footer "${MODULE_TXT}"
-}
-# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh: