V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-07-08 19:08:11 +02:00
parent 474941e291
commit b546a0d4af
5 changed files with 379 additions and 362 deletions
--- a/func/1080_helper_chroot.sh
+++ b/func/1080_helper_chroot.sh
@@ -15,10 +15,14 @@ guard_sourcing
 #######################################
 # Wrapper for executing commands in the desired chroot environment.
 # Globals:
+#   ERR_CHRT_COMMAND
 #   TERM
 # Arguments:
 #   $1: Target of the chroot environment.
 #   $@: Commands and options and parameters to be executed in chroot.
+# Returns:
+#   "${ERR_CHRT_COMMAND}": Unsuccessfully executed commands.
+#   0: Successfully executed commands.
 #######################################
 do_in_target() {
  declare var_chroot_target="$1"; shift
@@ -28,10 +32,10 @@ do_in_target() {
    PATH=/usr/sbin:/usr/bin:/sbin:/bin \
    TERM="${TERM}" \
    "${ary_chroot_command[@]}"; then
-    do_log "info" "false" "Success: chroot ${var_chroot_target}: ${ary_chroot_command[*]}"
+    do_log "info" "true" "Success: chroot ${var_chroot_target}: ${ary_chroot_command[*]}"
    return 0
  else
-    do_log "emergency" "false" "Failed: chroot ${var_chroot_target}: ${ary_chroot_command[*]}"
+    do_log "emergency" "true" "Failed: chroot ${var_chroot_target}: ${ary_chroot_command[*]}"
    return "${ERR_CHRT_COMMAND}"
  fi
 }
--- a/func/4000_debootstrap.sh
+++ b/func/4000_debootstrap.sh
@@ -13,21 +13,24 @@
 guard_sourcing

 #######################################
-# Install minimal Debian environment via debootstrap command.
+# Install minimal Debian environment via 'debootstrap' command.
 # Globals:
 #   ERR_DEBOOTSTRAP
 #   TARGET
+#   architecture
+#   distribution
 # Arguments:
 #   None
 # Returns:
 #   "${ERR_DEBOOTSTRAP}"
+#   0: Successfully executed commands.
 #######################################
 func_debootstrap() {
-  if debootstrap --arch amd64 bookworm "${TARGET}" https://deb.debian.org/debian; then
-    do_log "info" "false" "Executing 'debootstrap --arch amd64 bookworm '${TARGET}' https://deb.debian.org/debian' successful."
+  if debootstrap --arch="${architecture}" "${distribution}" "${TARGET}" https://deb.debian.org/debian; then
+    do_log "info" "false" "Executing 'debootstrap --arch=${architecture} ${distribution} '${TARGET}' https://deb.debian.org/debian' successful."
    return 0
  else
-    do_log "emergency" "false" "Executing 'debootstrap --arch amd64 bookworm '${TARGET}' https://deb.debian.org/debian' NOT successful."
+    do_log "emergency" "false" "Executing 'debootstrap --arch=${architecture} ${distribution} '${TARGET}' https://deb.debian.org/debian' NOT successful."
    return "${ERR_DEBOOTSTRAP}"
  fi
 }
--- a/func/4060_generate_crypttab.sh
+++ b/func/4060_generate_crypttab.sh
@@ -13,7 +13,7 @@
 guard_sourcing

 #######################################
-# '/etc/crypttab' entry writer and logger.
+# Generate target '/etc/crypttab' entries.
 # Globals:
 #   TARGET
 # Arguments:
@@ -39,7 +39,7 @@ write_crypttab() {
 #   HMP_PATH_ENCLABEL
 #   HMP_PATH_LUKSUUID
 #   TARGET
-#   accounts_dropbear_unlock
+#   user_dropbear_boot
 # Arguments:
 #   None
 # Returns:
@@ -77,7 +77,7 @@ EOF
    var_encryption_label="${HMP_PATH_ENCLABEL["${var_key}"]}"
    var_luks_uuid="${HMP_PATH_LUKSUUID["${var_key}"]}"

-    if [[ "${accounts_dropbear_unlock,,}" == "true" ]]; then
+    if [[ "${user_dropbear_boot,,}" == "true" ]]; then

      write_crypttab "${var_encryption_label}" "UUID=${var_luks_uuid}" "none" "luks,discard,initramfs"

--- a/func/4080_generate_sources.sh
+++ b/func/4080_generate_sources.sh
@@ -12,33 +12,59 @@

 guard_sourcing

-###########################################################################################
-# Generate target ${TARGET}/etc/apt/sources.list entries
+#######################################
+# Generate target '/etc/apt/sources.list' entries.
+# Globals:
+#   TARGET
+#   apt_contrib
+#   apt_deb_sources
+#   apt_mirror_directory
+#   apt_mirror_hostname
+#   apt_mirror_protocol
+#   apt_non_free
+#   apt_non_free_firmware
+#   apt_sec
+#   apt_updates_backports
+#   apt_updates_policy
+#   apt_updates_release
+#   apt_updates_security
+#   arch
+#   distribution
+# Arguments:
+#   None
+#######################################
 generate_sources() {
-  declare var_contrib var_dir var_hostname var_hostsecure var_non_free var_non_free_firmware var_protocol var_codename var_arch
+  declare -a ary_components
+  declare var_arch var_codename var_deb_src var_dir var_hostname var_hostsecure var_url var_surl

-  var_arch="${arch}"
-  var_codename=$(lsb_release --codename --short)
-  var_dir="${apt_mirror_directory}"
-  var_hostname="${apt_mirror_hostname}"
-  var_hostsecure="${apt_security_string}"
+  var_arch="${architecture,,}"
+  var_codename="${distribution,,}"
+  var_deb_src="${apt_deb_sources,,}"
+  var_dir="${apt_mirror_directory,,}"
+  var_hostname="${apt_mirror_hostname,,}"
+  var_hostsecure="${apt_sec,,}"

-  [[ "${apt_contrib,,}" == "true" ]] && var_contrib="contrib"
+  ary_components=(main)
+  [[ "${apt_contrib,,}" == true ]] && ary_components+=(contrib)
+  [[ "${apt_non_free,,}" == true ]] && ary_components+=(non-free)
+  [[ "${apt_non_free_firmware,,}" == true ]] && ary_components+=(non-free-firmware)

-  [[ "${apt_non_free,,}" == "true" ]] && var_non_free="non-free"
-
-  [[ "${apt_non_free_firmware,,}" == "true" ]] && var_non_free_firmware="non-free-firmware"
-
-  if [[ ${apt_mirror_protocol,,} == "https" ]]; then
-    var_protocol="https"
-  elif [[ ${apt_mirror_protocol,,} == "http" ]]; then
-    var_protocol="http"
+  if [[ "${apt_mirror_protocol,,}" == "https" ]]; then
+    var_url="https://${var_hostname}${var_dir}"
+    var_surl="https://${var_hostsecure}/debian-security"
+  elif [[ "${apt_mirror_protocol,,}" == "http" ]]; then
+    var_url="http://${var_hostname}${var_dir}"
+    var_surl="http://${var_hostsecure}/debian-security"
+  else
+    var_url="https://${var_hostname}${var_dir}"
+    var_surl="https://${var_hostsecure}/debian-security"
  fi

  : >| "${TARGET}/etc/apt/sources.list"
  chmod 0644 "${TARGET}/etc/apt/sources.list"

-  cat << EOF >> "${TARGET}"/etc/apt/sources.list
+  ### Main Repository
+  cat << EOF >> "${TARGET}/etc/apt/sources.list"
 # /etc/apt/sources.list : Generated by CISS.debian.installer
 # Architecture          : ${var_arch}
 # Distribution          : ${var_codename}
@@ -46,97 +72,86 @@ generate_sources() {
 #------------------------------------------------------------------------------------------------------------------------------#
 #                                                     OFFICIAL DEBIAN REPOS                                                    #
 #------------------------------------------------------------------------------------------------------------------------------#
-deb ${var_protocol}://${var_hostname}${var_dir} ${var_codename} main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
-deb-src ${var_protocol}://${var_hostname}${var_dir} ${var_codename} main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
-
+deb ${var_url} ${var_codename} ${ary_components[*]}
 EOF
+  do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename} ${ary_components[*]}'."

-  do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_protocol}://${var_hostname}${var_dir} ${var_codename} main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-  do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_protocol}://${var_hostname}${var_dir} ${var_codename} main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
+  if [[ "${var_deb_src}" == "true" ]]; then
+    echo "deb-src ${var_url} ${var_codename} ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
+    do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename} ${ary_components[*]}'."
+  fi

+  ### Security Repository
  if [[ "${apt_updates_security,,}" == "true" ]]; then
+    cat << EOF >> "${TARGET}/etc/apt/sources.list"

-    cat << EOF >> "${TARGET}"/etc/apt/sources.list
-deb ${var_protocol}://${var_hostsecure}/debian-security ${var_codename}-security main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
-deb-src ${var_protocol}://${var_hostsecure}/debian-security ${var_codename}-security main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
-
+deb ${var_surl} ${var_codename}-security ${ary_components[*]}
 EOF
-
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_protocol}://${var_hostsecure}/debian-security ${var_codename}-security main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_protocol}://${var_hostsecure}/debian-security ${var_codename}-security main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-
+    do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_surl} ${var_codename}-security ${ary_components[*]}'."
+    if [[ "${var_deb_src}" == "true" ]]; then
+      echo "deb-src ${var_surl} ${var_codename}-security ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
+      do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_surl} ${var_codename}-security ${ary_components[*]}'."
+    fi
  fi

-  if [[ ${apt_updates_release,,} == "true" ]]; then
-
-    cat << EOF >> "${TARGET}"/etc/apt/sources.list
-deb ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-updates main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
-deb-src ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-updates main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
+  ### Updates Repository
+  if [[ "${apt_updates_release,,}" == "true" ]]; then
+    cat << EOF >> "${TARGET}/etc/apt/sources.list"

+deb ${var_url} ${var_codename}-updates ${ary_components[*]}
 EOF
-
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-updates main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-updates main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-
+    do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename}-updates ${ary_components[*]}'."
+    if [[ "${var_deb_src}" == "true" ]]; then
+      echo "deb-src ${var_url} ${var_codename}-updates ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
+      do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename}-updates ${ary_components[*]}'."
+    fi
  fi

-  if [[ ${apt_updates_backports,,} == "true" ]]; then
-
-    cat << EOF >> "${TARGET}"/etc/apt/sources.list
-deb ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-backports main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
-deb-src ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-backports main ${var_contrib} ${var_non_free} ${var_non_free_firmware}
+  ### Backports Repository
+  if [[ "${apt_updates_backports,,}" == "true" ]]; then
+    cat << EOF >> "${TARGET}/etc/apt/sources.list"

+deb ${var_url} ${var_codename}-backports ${ary_components[*]}
 EOF
-
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-backports main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-    do_log "info" "false" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_protocol}://${var_hostname}${var_dir} ${var_codename}-backports main ${var_contrib} ${var_non_free} ${var_non_free_firmware}'."
-
+    do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb ${var_url} ${var_codename}-backports ${ary_components[*]}'."
+    if [[ "${var_deb_src,,}" == "true" ]]; then
+      echo "deb-src ${var_url} ${var_codename}-backports ${ary_components[*]}" >> "${TARGET}/etc/apt/sources.list"
+      do_log "info" "true" "${TARGET}/etc/apt/sources.list entry generated: 'deb-src ${var_url} ${var_codename}-backports ${ary_components[*]}'."
+    fi
  fi

-  # Clean up 'source.list'
-  sed -i '/^#/!s/[[:space:]]\+/ /g' "${TARGET}"/etc/apt/sources.list
+  ### Clean up 'sources.list'
+  sed -i '/^#/!s/[[:space:]]\+/ /g' "${TARGET}/etc/apt/sources.list"
+
+  cat << EOF >> "${TARGET}/etc/apt/sources.list"

-  cat << EOF >> "${TARGET}"/etc/apt/sources.list
 # Copyright 2018-2025; WEIDNER, Marc S., <msw@coresecret.dev>
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF

-  if do_in_target "${TARGET}" apt-get update -y; then
-    do_log "info" "true" "Command: 'apt-get update -y' executed in: '${TARGET}'."
-  else
-    do_log "emergency" "true" "Failed: Command: 'apt-get update -y' executed in: '${TARGET}'."
-  fi
+  do_in_target "${TARGET}" apt-get update -y

-  if [[ ${apt_updates_policy,,} == "unattended" ]]; then
+  if [[ "${apt_updates_policy,,}" == "unattended" ]]; then

-    if do_in_target "${TARGET}" apt-get install -y unattended-upgrades; then
-      do_log "info" "true" "Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    else
-      do_log "emergency" "true" "Failed: Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    fi
-    do_log "info" "false" "The update policy was set at installation time to: '${apt_updates_policy}' executed in: '${TARGET}'."
+    do_in_target "${TARGET}" apt-get install -y unattended-upgrades
+    do_log "info" "true" "The update policy was set at installation time to '${apt_updates_policy}'."

-  elif [[ ${apt_updates_policy,,} == "security" ]]; then
+  elif [[ "${apt_updates_policy,,}" == "security" ]]; then

-    if do_in_target "${TARGET}" apt-get install -y unattended-upgrades; then
-      do_log "info" "true" "Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    else
-      do_log "emergency" "true" "Failed: Command: 'apt-get install -y unattended-upgrades' executed in: '${TARGET}'."
-    fi
+    do_in_target "${TARGET}" apt-get install -y unattended-upgrades

    # shellcheck disable=SC2016
-    sed -i 's/^\s*"origin=Debian,codename=\${distro_codename},label=Debian";/\/\/ &/' "${TARGET}"/etc/apt/apt.conf.d/50unattended-upgrades
-    do_log "info" "false" "The update policy was set at installation time to '${apt_updates_policy}' executed in: '${TARGET}'."
+    sed -i 's/^[[:space:]]*"origin=Debian,codename=\${distro_codename},label=Debian";/\/\/ &/' "${TARGET}/etc/apt/apt.conf.d/50unattended-upgrades"
+    do_log "info" "true" "The update policy was set at installation time to '${apt_updates_policy}'."

-  elif [[ ${apt_updates_policy,,} == "none" ]]; then
+  elif [[ "${apt_updates_policy,,}" == "none" ]]; then

-    do_log "info" "false" "The update policy was set at installation to: '${apt_updates_policy}'."
+    do_log "info" "true" "The update policy was set at installation time to: '${apt_updates_policy}'."

  else

-    do_log "warning" "false" "Update policy '${apt_updates_policy}': is not supported. Using 'none' as default."
+    do_log "warning" "true" "Update policy '${apt_updates_policy}': is not supported. Using 'none' as default."

  fi
-
-  do_show_footer "${MODULE_TXT}"
 }
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh