V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m28s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m28s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -31,7 +31,7 @@ partitioning() {
|
||||
declare -a ary_devs ary_parts
|
||||
|
||||
### Iterate over all devices in the recipe.
|
||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_dev in "${ary_devs[@]}"; do
|
||||
|
||||
### All current data for the respective device will be deleted.
|
||||
@@ -59,15 +59,15 @@ partitioning() {
|
||||
esac
|
||||
|
||||
### Iterate over all partitions for this device.
|
||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_part in "${ary_parts[@]}"; do
|
||||
|
||||
### Extract parameters from YAML.
|
||||
var_begin=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.begin" "${VAR_SETUP_PART}")
|
||||
var_end=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.end" "${VAR_SETUP_PART}")
|
||||
var_fs=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
||||
var_boot=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.bootable" "${VAR_SETUP_PART}")
|
||||
var_pri=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.primary" "${VAR_SETUP_PART}")
|
||||
var_begin=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.begin" "${VAR_SETUP_PART}")
|
||||
var_end=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.end" "${VAR_SETUP_PART}")
|
||||
var_fs=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
||||
var_boot=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.bootable" "${VAR_SETUP_PART}")
|
||||
var_pri=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.primary" "${VAR_SETUP_PART}")
|
||||
|
||||
### Generate partition.
|
||||
if [[ "${var_end}" == "-1" ]]; then
|
||||
|
||||
@@ -38,28 +38,28 @@ partition_encryption() {
|
||||
declare -a ary_devs ary_parts
|
||||
|
||||
### Iterate over all devices in the recipe.
|
||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_dev in "${ary_devs[@]}"; do
|
||||
|
||||
### Iterate over all partitions for this device.
|
||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_part in "${ary_parts[@]}"; do
|
||||
|
||||
### Extract parameters from YAML.
|
||||
var_encryption_enable=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||
var_encryption_ephemeral=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.ephemeral" "${VAR_SETUP_PART}")
|
||||
var_encryption_integrity=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.integrity" "${VAR_SETUP_PART}")
|
||||
var_encryption_nuke=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.nuke" "${VAR_SETUP_PART}")
|
||||
var_encryption_cipher=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.cipher" "${VAR_SETUP_PART}")
|
||||
var_encryption_hash=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.hash" "${VAR_SETUP_PART}")
|
||||
var_encryption_iter=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.itertime" "${VAR_SETUP_PART}")
|
||||
var_encryption_key=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.key" "${VAR_SETUP_PART}")
|
||||
var_encryption_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||
var_encryption_meta=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.metadatasize" "${VAR_SETUP_PART}")
|
||||
var_encryption_pbkdf=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.pbkdf" "${VAR_SETUP_PART}")
|
||||
var_encryption_rng=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.rng" "${VAR_SETUP_PART}")
|
||||
var_filesystem_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
||||
var_mount_path=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||
var_encryption_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||
var_encryption_ephemeral=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.ephemeral" "${VAR_SETUP_PART}")
|
||||
var_encryption_integrity=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.integrity" "${VAR_SETUP_PART}")
|
||||
var_encryption_nuke=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.nuke" "${VAR_SETUP_PART}")
|
||||
var_encryption_cipher=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.cipher" "${VAR_SETUP_PART}")
|
||||
var_encryption_hash=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.hash" "${VAR_SETUP_PART}")
|
||||
var_encryption_iter=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.itertime" "${VAR_SETUP_PART}")
|
||||
var_encryption_key=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.key" "${VAR_SETUP_PART}")
|
||||
var_encryption_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||
var_encryption_meta=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.metadatasize" "${VAR_SETUP_PART}")
|
||||
var_encryption_pbkdf=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.pbkdf" "${VAR_SETUP_PART}")
|
||||
var_encryption_rng=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.rng" "${VAR_SETUP_PART}")
|
||||
var_filesystem_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
||||
var_mount_path=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||
|
||||
if [[ "${var_encryption_enable,,}" != "true" ]]; then
|
||||
continue
|
||||
|
||||
@@ -29,24 +29,24 @@ partition_formatting() {
|
||||
declare -a ary_devs ary_parts ary_opts ary_fmt_opts
|
||||
|
||||
### Iterate over all devices in the recipe.
|
||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_dev in "${ary_devs[@]}"; do
|
||||
|
||||
### Iterate over all partitions for this device.
|
||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_part in "${ary_parts[@]}"; do
|
||||
|
||||
### Extract parameters from YAML.
|
||||
var_encryption_enable=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||
var_encryption_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||
var_fs_btrfs_checksum=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.checksum" "${VAR_SETUP_PART}")
|
||||
var_fs_btrfs_compress=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.compress" "${VAR_SETUP_PART}")
|
||||
var_fs_btrfs_dedup=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.dedup" "${VAR_SETUP_PART}")
|
||||
var_fs_format=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.format" "${VAR_SETUP_PART}")
|
||||
var_fs_label=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
||||
var_fs_options=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.options" "${VAR_SETUP_PART}")
|
||||
var_fs_version=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
||||
var_mount_path=$(yq_val e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||
var_encryption_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||
var_encryption_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||
var_fs_btrfs_checksum=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.checksum" "${VAR_SETUP_PART}")
|
||||
var_fs_btrfs_compress=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.compress" "${VAR_SETUP_PART}")
|
||||
var_fs_btrfs_dedup=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.btrfs.dedup" "${VAR_SETUP_PART}")
|
||||
var_fs_format=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.format" "${VAR_SETUP_PART}")
|
||||
var_fs_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.label" "${VAR_SETUP_PART}")
|
||||
var_fs_options=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.options" "${VAR_SETUP_PART}")
|
||||
var_fs_version=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.filesystem.version" "${VAR_SETUP_PART}")
|
||||
var_mount_path=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||
|
||||
[[ "${var_fs_format,,}" != "true" ]] && continue
|
||||
|
||||
|
||||
@@ -24,46 +24,47 @@ guard_sourcing
|
||||
setup_filesystem() {
|
||||
### Declare Arrays and Variables.
|
||||
declare -Ag HMP_MOUNTPATH_DEV
|
||||
declare var_dev var_part var_encryption_enable var_encryption_label var_mount_enable var_mount_path
|
||||
declare var_dev var_part var_encryption_enable var_encryption_label var_mount_enable var_mount_path var_node
|
||||
declare -a ary_devs ary_parts
|
||||
|
||||
### Iterate over all devices in the recipe.
|
||||
for var_dev in $(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}"); do
|
||||
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_dev in "${ary_devs[@]}"; do
|
||||
|
||||
### Iterate over all partitions for this device.
|
||||
for var_part in $(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}"); do
|
||||
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_part in "${ary_parts[@]}"; do
|
||||
|
||||
### Extract parameters from YAML.
|
||||
var_encryption_enable=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||
var_encryption_label=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||
var_mount_enable=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.enable" "${VAR_SETUP_PART}")
|
||||
var_mount_path=$(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||
var_encryption_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.enable" "${VAR_SETUP_PART}")
|
||||
var_encryption_label=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.encryption.label" "${VAR_SETUP_PART}")
|
||||
var_mount_enable=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.enable" "${VAR_SETUP_PART}")
|
||||
var_mount_path=$(yq_val ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev}.${var_part}.mount.path" "${VAR_SETUP_PART}")
|
||||
|
||||
if [[ "${var_mount_enable,,}" == "true" ]]; then
|
||||
[[ -z "${var_mount_path}" ]] && continue
|
||||
|
||||
if [[ -n "${var_mount_path}" ]]; then
|
||||
[[ "${var_mount_enable,,}" != "true" ]] && continue
|
||||
|
||||
if [[ "${var_encryption_enable,,}" == "true" && "${var_mount_path}" != "SWAP" && "${var_mount_path}" != "/tmp" ]]; then
|
||||
[[ "${var_mount_path,,}" == "swap" || "${var_mount_path,,}" == "/tmp" ]] && continue
|
||||
|
||||
### Encrypted partition
|
||||
HMP_MOUNTPATH_DEV["${var_mount_path}"]="/dev/mapper/${var_encryption_label}"
|
||||
do_log "info" "false" "Saved in HashMap MAP_MOUNTPATH_DEV: '${var_mount_path}' -> '${HMP_MOUNTPATH_DEV["${var_mount_path}"]}'"
|
||||
if [[ "${var_encryption_enable}" == "true" ]]; then
|
||||
|
||||
elif [[ "${var_encryption_enable,,}" == "false" && "${var_mount_path}" != "SWAP" && "${var_mount_path}" != "/tmp" ]]; then
|
||||
var_node="/dev/mapper/${var_encryption_label}"
|
||||
|
||||
### Unencrypted partition
|
||||
HMP_MOUNTPATH_DEV["${var_mount_path}"]="/dev/${var_dev}${var_part}"
|
||||
do_log "info" "false" "Saved in HashMap MAP_MOUNTPATH_DEV: '${var_mount_path}' -> '${HMP_MOUNTPATH_DEV["${var_mount_path}"]}'"
|
||||
elif [[ "${var_encryption_enable}" == "false" ]]; then
|
||||
|
||||
else
|
||||
var_node="/dev/${var_dev}${var_part}"
|
||||
|
||||
do_log "error" "false" "Invalid value for encryption_enable: '${var_encryption_enable}', should be either true or false."
|
||||
else
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
do_log "error" "false" "Invalid value for encryption_enable: '${var_encryption_enable}', should be true or false."
|
||||
continue
|
||||
|
||||
fi
|
||||
|
||||
HMP_MOUNTPATH_DEV["$var_mount_path"]="${var_node}"
|
||||
do_log "info" "false" "Saved in HashMap HMP_MOUNTPATH_DEV: '${var_mount_path}' -> '${HMP_MOUNTPATH_DEV["${var_mount_path}"]}'"
|
||||
|
||||
done
|
||||
|
||||
done
|
||||
|
||||
@@ -136,11 +136,11 @@ mount_partition() {
|
||||
declare -a ary_devs ary_parts
|
||||
|
||||
### Iterate over all devices in the recipe.
|
||||
readarray -t ary_devs < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_devs < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_dev in "${ary_devs[@]}"; do
|
||||
|
||||
### Iterate over all partitions for this device.
|
||||
readarray -t ary_parts < <(yq e ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
readarray -t ary_parts < <(yq e -r ".recipe.${VAR_RECIPE_STRING}.dev.${var_dev} | keys | .[]" "${VAR_SETUP_PART}")
|
||||
for var_part in "${ary_parts[@]}"; do
|
||||
|
||||
### Extract parameters from YAML.
|
||||
|
||||
Reference in New Issue
Block a user