V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m28s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m28s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -31,7 +31,7 @@ partitioning() {
|
|||||||
declare -a ary_devs ary_parts
|
declare -a ary_devs ary_parts
|
||||||
|
|
||||||
### Iterate over all devices in the recipe.
|
### Iterate over all devices in the recipe.
|
||||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_dev in "${ary_devs[@]}"; do
|
for var_dev in "${ary_devs[@]}"; do
|
||||||
|
|
||||||
### All current data for the respective device will be deleted.
|
### All current data for the respective device will be deleted.
|
||||||
@@ -59,15 +59,15 @@ partitioning() {
|
|||||||
esac
|
esac
|
||||||
|
|
||||||
### Iterate over all partitions for this device.
|
### Iterate over all partitions for this device.
|
||||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_part in "${ary_parts[@]}"; do
|
for var_part in "${ary_parts[@]}"; do
|
||||||
|
|
||||||
### Extract parameters from YAML.
|
### Extract parameters from YAML.
|
||||||
var_begin=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.begin" "${VAR_SETUP_PART}")
|
var_begin=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.begin" "${VAR_SETUP_PART}")
|
||||||
var_end=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.end" "${VAR_SETUP_PART}")
|
var_end=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.end" "${VAR_SETUP_PART}")
|
||||||
var_fs=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
var_fs=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
||||||
var_boot=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.bootable" "${VAR_SETUP_PART}")
|
var_boot=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.bootable" "${VAR_SETUP_PART}")
|
||||||
var_pri=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.primary" "${VAR_SETUP_PART}")
|
var_pri=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.primary" "${VAR_SETUP_PART}")
|
||||||
|
|
||||||
### Generate partition.
|
### Generate partition.
|
||||||
if [[ "${var_end}" == "-1" ]]; then
|
if [[ "${var_end}" == "-1" ]]; then
|
||||||
|
|||||||
@@ -38,28 +38,28 @@ partition_encryption() {
|
|||||||
declare -a ary_devs ary_parts
|
declare -a ary_devs ary_parts
|
||||||
|
|
||||||
### Iterate over all devices in the recipe.
|
### Iterate over all devices in the recipe.
|
||||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_dev in "${ary_devs[@]}"; do
|
for var_dev in "${ary_devs[@]}"; do
|
||||||
|
|
||||||
### Iterate over all partitions for this device.
|
### Iterate over all partitions for this device.
|
||||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_part in "${ary_parts[@]}"; do
|
for var_part in "${ary_parts[@]}"; do
|
||||||
|
|
||||||
### Extract parameters from YAML.
|
### Extract parameters from YAML.
|
||||||
var_encryption_enable=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
var_encryption_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||||
var_encryption_ephemeral=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.ephemeral" "${VAR_SETUP_PART}")
|
var_encryption_ephemeral=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.ephemeral" "${VAR_SETUP_PART}")
|
||||||
var_encryption_integrity=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.integrity" "${VAR_SETUP_PART}")
|
var_encryption_integrity=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.integrity" "${VAR_SETUP_PART}")
|
||||||
var_encryption_nuke=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.nuke" "${VAR_SETUP_PART}")
|
var_encryption_nuke=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.nuke" "${VAR_SETUP_PART}")
|
||||||
var_encryption_cipher=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.cipher" "${VAR_SETUP_PART}")
|
var_encryption_cipher=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.cipher" "${VAR_SETUP_PART}")
|
||||||
var_encryption_hash=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.hash" "${VAR_SETUP_PART}")
|
var_encryption_hash=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.hash" "${VAR_SETUP_PART}")
|
||||||
var_encryption_iter=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.itertime" "${VAR_SETUP_PART}")
|
var_encryption_iter=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.itertime" "${VAR_SETUP_PART}")
|
||||||
var_encryption_key=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.key" "${VAR_SETUP_PART}")
|
var_encryption_key=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.key" "${VAR_SETUP_PART}")
|
||||||
var_encryption_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
var_encryption_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||||
var_encryption_meta=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.metadatasize" "${VAR_SETUP_PART}")
|
var_encryption_meta=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.metadatasize" "${VAR_SETUP_PART}")
|
||||||
var_encryption_pbkdf=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.pbkdf" "${VAR_SETUP_PART}")
|
var_encryption_pbkdf=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.pbkdf" "${VAR_SETUP_PART}")
|
||||||
var_encryption_rng=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.rng" "${VAR_SETUP_PART}")
|
var_encryption_rng=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.rng" "${VAR_SETUP_PART}")
|
||||||
var_filesystem_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
var_filesystem_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
||||||
var_mount_path=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
var_mount_path=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||||
|
|
||||||
if [[ "${var_encryption_enable,,}" != "true" ]]; then
|
if [[ "${var_encryption_enable,,}" != "true" ]]; then
|
||||||
continue
|
continue
|
||||||
|
|||||||
@@ -29,24 +29,24 @@ partition_formatting() {
|
|||||||
declare -a ary_devs ary_parts ary_opts ary_fmt_opts
|
declare -a ary_devs ary_parts ary_opts ary_fmt_opts
|
||||||
|
|
||||||
### Iterate over all devices in the recipe.
|
### Iterate over all devices in the recipe.
|
||||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_dev in "${ary_devs[@]}"; do
|
for var_dev in "${ary_devs[@]}"; do
|
||||||
|
|
||||||
### Iterate over all partitions for this device.
|
### Iterate over all partitions for this device.
|
||||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_part in "${ary_parts[@]}"; do
|
for var_part in "${ary_parts[@]}"; do
|
||||||
|
|
||||||
### Extract parameters from YAML.
|
### Extract parameters from YAML.
|
||||||
var_encryption_enable=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
var_encryption_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||||
var_encryption_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
var_encryption_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||||
var_fs_btrfs_checksum=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.checksum" "${VAR_SETUP_PART}")
|
var_fs_btrfs_checksum=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.checksum" "${VAR_SETUP_PART}")
|
||||||
var_fs_btrfs_compress=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.compress" "${VAR_SETUP_PART}")
|
var_fs_btrfs_compress=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.compress" "${VAR_SETUP_PART}")
|
||||||
var_fs_btrfs_dedup=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.dedup" "${VAR_SETUP_PART}")
|
var_fs_btrfs_dedup=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.dedup" "${VAR_SETUP_PART}")
|
||||||
var_fs_format=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.format" "${VAR_SETUP_PART}")
|
var_fs_format=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.format" "${VAR_SETUP_PART}")
|
||||||
var_fs_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
var_fs_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
||||||
var_fs_options=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.options" "${VAR_SETUP_PART}")
|
var_fs_options=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.options" "${VAR_SETUP_PART}")
|
||||||
var_fs_version=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
var_fs_version=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
||||||
var_mount_path=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
var_mount_path=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||||
|
|
||||||
[[ "${var_fs_format,,}" != "true" ]] && continue
|
[[ "${var_fs_format,,}" != "true" ]] && continue
|
||||||
|
|
||||||
|
|||||||
@@ -24,46 +24,47 @@ guard_sourcing
|
|||||||
setup_filesystem() {
|
setup_filesystem() {
|
||||||
### Declare Arrays and Variables.
|
### Declare Arrays and Variables.
|
||||||
declare -Ag HMP_MOUNTPATH_DEV
|
declare -Ag HMP_MOUNTPATH_DEV
|
||||||
declare var_dev var_part var_encryption_enable var_encryption_label var_mount_enable var_mount_path
|
declare var_dev var_part var_encryption_enable var_encryption_label var_mount_enable var_mount_path var_node
|
||||||
|
declare -a ary_devs ary_parts
|
||||||
|
|
||||||
### Iterate over all devices in the recipe.
|
### Iterate over all devices in the recipe.
|
||||||
for var_dev in $(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}"); do
|
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
|
for var_dev in "${ary_devs[@]}"; do
|
||||||
|
|
||||||
### Iterate over all partitions for this device.
|
### Iterate over all partitions for this device.
|
||||||
for var_part in $(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}"); do
|
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
|
for var_part in "${ary_parts[@]}"; do
|
||||||
|
|
||||||
### Extract parameters from YAML.
|
### Extract parameters from YAML.
|
||||||
var_encryption_enable=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
var_encryption_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||||
var_encryption_label=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
var_encryption_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||||
var_mount_enable=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.enable" "${VAR_SETUP_PART}")
|
var_mount_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.enable" "${VAR_SETUP_PART}")
|
||||||
var_mount_path=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
var_mount_path=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||||
|
|
||||||
if [[ "${var_mount_enable,,}" == "true" ]]; then
|
[[ -z "${var_mount_path}" ]] && continue
|
||||||
|
|
||||||
if [[ -n "${var_mount_path}" ]]; then
|
[[ "${var_mount_enable,,}" != "true" ]] && continue
|
||||||
|
|
||||||
if [[ "${var_encryption_enable,,}" == "true" && "${var_mount_path}" != "SWAP" && "${var_mount_path}" != "/tmp" ]]; then
|
[[ "${var_mount_path,,}" == "swap" || "${var_mount_path,,}" == "/tmp" ]] && continue
|
||||||
|
|
||||||
### Encrypted partition
|
if [[ "${var_encryption_enable}" == "true" ]]; then
|
||||||
HMP_MOUNTPATH_DEV["${var_mount_path}"]="/dev/mapper/${var_encryption_label}"
|
|
||||||
do_log "info" "false" "Saved in HashMap MAP_MOUNTPATH_DEV: '${var_mount_path}' -> '${HMP_MOUNTPATH_DEV["${var_mount_path}"]}'"
|
|
||||||
|
|
||||||
elif [[ "${var_encryption_enable,,}" == "false" && "${var_mount_path}" != "SWAP" && "${var_mount_path}" != "/tmp" ]]; then
|
var_node="/dev/mapper/${var_encryption_label}"
|
||||||
|
|
||||||
### Unencrypted partition
|
elif [[ "${var_encryption_enable}" == "false" ]]; then
|
||||||
HMP_MOUNTPATH_DEV["${var_mount_path}"]="/dev/${var_dev}${var_part}"
|
|
||||||
do_log "info" "false" "Saved in HashMap MAP_MOUNTPATH_DEV: '${var_mount_path}' -> '${HMP_MOUNTPATH_DEV["${var_mount_path}"]}'"
|
|
||||||
|
|
||||||
else
|
var_node="/dev/${var_dev}${var_part}"
|
||||||
|
|
||||||
do_log "error" "false" "Invalid value for encryption_enable: '${var_encryption_enable}', should be either true or false."
|
else
|
||||||
|
|
||||||
fi
|
do_log "error" "false" "Invalid value for encryption_enable: '${var_encryption_enable}', should be true or false."
|
||||||
|
continue
|
||||||
fi
|
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
HMP_MOUNTPATH_DEV["$var_mount_path"]="${var_node}"
|
||||||
|
do_log "info" "false" "Saved in HashMap HMP_MOUNTPATH_DEV: '${var_mount_path}' -> '${HMP_MOUNTPATH_DEV["${var_mount_path}"]}'"
|
||||||
|
|
||||||
done
|
done
|
||||||
|
|
||||||
done
|
done
|
||||||
|
|||||||
@@ -136,11 +136,11 @@ mount_partition() {
|
|||||||
declare -a ary_devs ary_parts
|
declare -a ary_devs ary_parts
|
||||||
|
|
||||||
### Iterate over all devices in the recipe.
|
### Iterate over all devices in the recipe.
|
||||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_dev in "${ary_devs[@]}"; do
|
for var_dev in "${ary_devs[@]}"; do
|
||||||
|
|
||||||
### Iterate over all partitions for this device.
|
### Iterate over all partitions for this device.
|
||||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||||
for var_part in "${ary_parts[@]}"; do
|
for var_part in "${ary_parts[@]}"; do
|
||||||
|
|
||||||
### Extract parameters from YAML.
|
### Extract parameters from YAML.
|
||||||
|
|||||||
Reference in New Issue
Block a user