msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 54s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-08-08 11:36:32 +02:00
parent cbb0383dfb
commit b38ca5a7ca
18 changed files with 191 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
func/cdi_1000_helper/1030_check_nic.sh
View File

@@ -38,7 +38,7 @@ check_nic() {
var_nic=$(dialog --ascii-lines --clear --backtitle "Specify the NIC for setup" --radiolist "NIC available" 0 0 ${var_counter} ${var_radiolist} 3>&1 1>&2 2>&3)
clear
do_log "info" "file_only" "You have selected: '${var_nic}' - proceeding with setup."
return 0
do_log "info" "file_only" "1030() You have selected: '${var_nic}' - proceeding with setup."
guard_dir && return 0
}
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

8
func/cdi_1000_helper/1080_helper_chroot.sh
View File

@@ -64,12 +64,12 @@ do_in_target() {
then
do_log "emergency" "file_only" "1080() Command of [${var_mod}]: [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none ${ary_chroot_command[*]}] failed."
do_log "emergency" "file_only" "1080() Command of ${var_mod} [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none ${ary_chroot_command[*]}] failed."
return "${ERR_CHRT_COMMAND}"
else
do_log "info" "file_only" "1080() Command of [${var_mod}]: [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none ${ary_chroot_command[*]}] successful."
do_log "info" "file_only" "1080() Command of ${var_mod} [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none ${ary_chroot_command[*]}] successful."
return 0
fi
@@ -115,7 +115,7 @@ do_in_target_script() {
then
do_log "${var_log_level_on_error}" "file_only" "1080() Command of [${var_mod}]: [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none /bin/bash -c ${var_chroot_script}] failed."
do_log "${var_log_level_on_error}" "file_only" "1080() Command of ${var_mod} [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none /bin/bash -c ${var_chroot_script}] failed."
return "${ERR_CHRT_COMMAND}"
# TODO: Test with Dialog Wrapper in interactive mode.
@@ -127,7 +127,7 @@ do_in_target_script() {
else
do_log "info" "file_only" "1080() Command of [${var_mod}]: [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none /bin/bash -c ${var_chroot_script}] successful."
do_log "info" "file_only" "1080() Command of ${var_mod} [chroot ${var_chroot_target} /usr/bin/env -i HOME=/root PATH=${var_default_path} TERM=${TERM} LANG=C.UTF-8 LC_ALL=C.UTF-8 DEBIAN_FRONTEND=noninteractive APT_LISTCHANGES_FRONTEND=none /bin/bash -c ${var_chroot_script}] successful."
return 0
fi

36
func/cdi_1000_helper/1082_helper_modules.sh
View File

@@ -34,6 +34,42 @@ generate_subnetmask() {
return 0
}
#######################################
# Collect NIC driver modules for initramfs installation.
# Arguments:
# None
# Returns:
# 0: on success
#######################################
grep_nic_driver_modules() {
### Collect all ethernet driver names and sort them uniquely.
declare -a _mods
declare var_nic_module var_nic_modules
# shellcheck disable=SC2312
readarray -t _mods < <(
lspci -k \
| grep -A2 -i ethernet \
| grep 'Kernel driver in use' \
| awk '{print $5}' \
| sort -u
)
### If only one entry remains, save it in 'var_nic_module', otherwise save all modules in 'var_nic_modules'.
if [[ "${#_mods[@]}" -eq 1 ]]; then
var_nic_module="${_mods[0]}"
else
var_nic_modules="${_mods[*]}"
fi
if [[ -n "${var_nic_module}" ]]; then
echo "${var_nic_module}"
else
echo "${var_nic_modules}"
fi
return 0
}
#######################################
# Helper module for update, full dist-upgrade, autoclean, autopurge and autoremove.
# Arguments:

6
func/cdi_4000_debootstrap/4035_setup_resolv.sh
View File

@@ -57,9 +57,9 @@ setup_resolv() {
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/resolv.conf : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/resolv.conf : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# Static file system information '/etc/resolv.conf '.

6
func/cdi_4100_base/4100_generate_sources.sh
View File

@@ -94,9 +94,9 @@ generate_sources() {
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/apt/sources.list : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/apt/sources.list : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
#------------------------------------------------------------------------------------------------------------------------------#
# OFFICIAL DEBIAN REPOS #

101
func/cdi_4100_base/4121_installation_initramfs.sh Normal file
View File

@@ -0,0 +1,101 @@
#!/bin/bash
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
guard_sourcing
#######################################
# Installation of the specified kernel.
# Every 'apt-get install' command is invoked by adding 'export INITRD=No'
# to suppress the 'update-initramfs'-Kernel-Hooks, according to the initramfs-tools manpage:
# https://manpages.debian.org/testing/initramfs-tools-core/initramfs-tools.7.en.html
# Globals:
# TARGET
# VAR_KERNEL
# image
# Arguments:
# None
# Returns:
# 0: on success
#######################################
installation_initramfs() {
### Declare Arrays, HashMaps, and Variables.
declare var_modules=""
### Install the script to be called by 'update-initramfs' for installing the necessary modules to load into initramfs environment.
install -D -m 0644 -o root -g root "${VAR_SETUP_PATH}/includes/target/etc/initramfs-tools/modules" \
"${TARGET}/etc/initramfs-tools/"
insert_initramfs_comments "${TARGET}/etc/initramfs-tools/modules"
var_modules=$(grep_nic_driver_modules)
cat << EOF >> "${TARGET}/etc/initramfs-tools/modules"
### Custom NIC driver
${var_modules}
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
EOF
### MODULES: [ most | netboot | dep | list ]
## 'most' - Add most filesystem and all hard-drive drivers.
## 'dep' - Try and guess the modules to load.
cat << EOF >| "${TARGET}/etc/initramfs-tools/conf.d/driver-policy"
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/initramfs-tools/conf.d/driver-policy : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# Driver inclusion policy selected during installation.
# Note: this setting overrides the value set in the file '/etc/initramfs-tools/initramfs.conf'.
MODULES=dep
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
EOF
guard_dir && return 0
}
#######################################
# Helper to insert the Metadata field into '/etc/initramfs-tools/modules'.
# Globals:
# VAR_ARCHITECTURE
# VAR_CODENAME
# VAR_VERSION
# Arguments:
# 1: /etc/initramfs-tools/modules
# Returns:
# 0: on success
#######################################
insert_initramfs_comments() {
declare file="${1}"
sed -i '/^# SPDX-Security-Contact: security@coresecret\.eu$/a\
\
# /etc/initramfs-tools/modules : Generated by CISS.debian.installer '"${VAR_VERSION}"'\
# Architecture : '"${VAR_ARCHITECTURE}"'\
# Distribution : '"${VAR_CODENAME}"'
' "${file}"
return 0
}
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

1
func/cdi_4100_base/4130_installation_toolset.sh
View File

@@ -35,6 +35,7 @@ installation_toolset() {
[hexdump]="bsdmainutils"
[btrfs]="btrfs-progs"
[bunzip2]="bzip2"
[setupcon]="console-setup"
[base64]="coreutils"
[cat]="coreutils"
[chmod]="coreutils"

6
func/cdi_4100_base/4150_installation_chrony.sh
View File

@@ -96,9 +96,9 @@ insert_chrony_comments() {
declare file="${1}"
sed -i '/^# SPDX-Security-Contact: security@coresecret\.eu$/a\
\
# /etc/chrony/conf.d : Generated by CISS.debian.installer '"${VAR_VERSION}"'\
# Architecture : '"${VAR_ARCHITECTURE}"'\
# Distribution : '"${VAR_CODENAME}"'
# /etc/chrony/conf.d : Generated by CISS.debian.installer '"${VAR_VERSION}"'\
# Architecture : '"${VAR_ARCHITECTURE}"'\
# Distribution : '"${VAR_CODENAME}"'
' "${file}"
return 0
}

6
func/cdi_4200_boot/4200_generate_fstab.sh
View File

@@ -78,9 +78,9 @@ generate_fstab() {
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/fstab : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/fstab : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# Static file system information '/etc/fstab'.
#

6
func/cdi_4200_boot/4210_generate_crypttab.sh
View File

@@ -71,9 +71,9 @@ generate_crypttab() {
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/crypttab : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/crypttab : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# Static file system information: '/etc/crypttab'.
#

34
func/cdi_4300_network/4300_installation_network.sh
View File

@@ -65,9 +65,9 @@ installation_network() {
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/network/interfaces : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/network/interfaces : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
@@ -106,9 +106,9 @@ EOF
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/network/interfaces : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/network/interfaces.d/10-ipv4-dhcp : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# The primary network interface IPv4
auto ${VAR_FINAL_NIC}
@@ -133,9 +133,9 @@ EOF
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/network/interfaces : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/network/interfaces.d/10-ipv4-dhcp : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# The primary network interface IPv4
auto ${VAR_FINAL_NIC}
@@ -163,9 +163,9 @@ EOF
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/network/interfaces : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/network/interfaces.d/10-ipv4-static : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# The primary network interface IPv4
auto ${VAR_FINAL_NIC}
@@ -197,9 +197,9 @@ EOF
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/network/interfaces : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# /etc/network/interfaces.d/10-ipv6-dhcp : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# The primary network interface IPv6
auto ${VAR_FINAL_NIC}
@@ -227,6 +227,10 @@ EOF
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/network/interfaces.d/10-ipv6-static : Generated by CISS.debian.installer ${VAR_VERSION}
# Architecture : ${VAR_ARCHITECTURE}
# Distribution : ${VAR_CODENAME}
# The primary network interface IPv6
auto ${VAR_FINAL_NIC}
iface ${VAR_FINAL_NIC} inet6 static

49
func/cdi_4300_network/4312_dropbear_setup.sh
View File

@@ -97,19 +97,6 @@ dropbear_setup() {
install -D -m 0700 -o root -g root "${VAR_SETUP_PATH}/includes/target/etc/initramfs-tools/files/unlock_wrapper_signer.sh" \
"${TARGET}/etc/initramfs-tools/files/"
### Install the script to be called by 'update-initramfs' for installing the necessary modules to load into initramfs environment.
install -D -m 0644 -o root -g root "${VAR_SETUP_PATH}/includes/target/etc/initramfs-tools/modules" \
"${TARGET}/etc/initramfs-tools/"
var_modules=$(grep_nic_driver_modules)
cat << EOF >> "${TARGET}/etc/initramfs-tools/modules"
### Custom NIC driver
${var_modules}
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
EOF
### Install the script to be called inside the initramfs environment for preparing dropbear execution.
do_in_target "${TARGET}" mv /usr/share/initramfs-tools/scripts/init-premount/dropbear /usr/share/initramfs-tools/scripts/init-premount/dropbear.2022.83
install -D -m 0755 -o root -g root "${VAR_SETUP_PATH}/includes/target/usr/share/initramfs-tools/scripts/init-premount/dropbear" \
@@ -211,40 +198,4 @@ EOF
do_log "info" "file_only" "4312() Written: '${TARGET}/etc/dropbear/initramfs/dropbear.conf'."
return 0
}
#######################################
# Collect NIC driver modules for initramfs installation.
# Arguments:
# None
# Returns:
# 0: on success
#######################################
grep_nic_driver_modules() {
### Collect all ethernet driver names and sort them uniquely.
declare -a _mods
declare var_nic_module var_nic_modules
# shellcheck disable=SC2312
readarray -t _mods < <(
lspci -k \
| grep -A2 -i ethernet \
| grep 'Kernel driver in use' \
| awk '{print $5}' \
| sort -u
)
### If only one entry remains, save it in 'var_nic_module', otherwise save all modules in 'var_nic_modules'.
if [[ "${#_mods[@]}" -eq 1 ]]; then
var_nic_module="${_mods[0]}"
else
var_nic_modules="${_mods[*]}"
fi
if [[ -n "${var_nic_module}" ]]; then
echo "${var_nic_module}"
else
echo "${var_nic_modules}"
fi
return 0
}
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh