msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: msw:28b246d280ff19e8c501a9673ac1839e5a5393b16893f5e6c532c72e2e2a39d7
Branches Tags
msw:master
...
compare: msw:403a70a8864d82f3dc0d39d9e06dcfb39c5616914bf93811da284788e59d5b68
Branches Tags
msw:master

2 Commits
28b246d280 ... 403a70a886

Author SHA256 Message Date
Marc S. Weidner
403a70a886 Merge remote-tracking branch 'origin/master'
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m49s
Details
2025-10-26 17:22:09 +00:00
Marc S. Weidner
3d39f44c75 V8.00.000.2025.06.17 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
 2025-10-26 17:21:58 +00:00
1 changed files with 8 additions and 0 deletions
Expand all files Collapse all files

8
func/cdi_3200_partitioning/3220_partition_encryption.sh
View File

@@ -68,20 +68,24 @@ partition_encryption() {
declare -a ary_luks_opts=() declare -a ary_luks_opts=()
### SECRETS handling ---------------------------------------------------------------------------------------------------------
guard_trace on guard_trace on
printf '%s' "${CISS_SECRET_LUKS_BOOT}" >| "${DIR_CNF}/password_luks_boot.txt" && chmod 0600 "${DIR_CNF}/password_luks_boot.txt" printf '%s' "${CISS_SECRET_LUKS_BOOT}" >| "${DIR_CNF}/password_luks_boot.txt" && chmod 0600 "${DIR_CNF}/password_luks_boot.txt"
printf '%s' "${CISS_SECRET_LUKS_COMMON}" >| "${DIR_CNF}/password_luks_common.txt" && chmod 0600 "${DIR_CNF}/password_luks_common.txt" printf '%s' "${CISS_SECRET_LUKS_COMMON}" >| "${DIR_CNF}/password_luks_common.txt" && chmod 0600 "${DIR_CNF}/password_luks_common.txt"
unset CISS_SECRET_LUKS_BOOT CISS_SECRET_LUKS_COMMON unset CISS_SECRET_LUKS_BOOT CISS_SECRET_LUKS_COMMON
guard_trace on guard_trace on
### SECRETS handling ---------------------------------------------------------------------------------------------------------
if [[ -n "${VAR_LUKS_URL}" ]]; then if [[ -n "${VAR_LUKS_URL}" ]]; then
VAR_LUKS_URL=${VAR_LUKS_URL%/} VAR_LUKS_URL=${VAR_LUKS_URL%/}
### SECRETS handling -------------------------------------------------------------------------------------------------------
guard_trace on guard_trace on
var_temp_plain_nc_auth="${CISS_SECRET_LUKS_BACKUP}" var_temp_plain_nc_auth="${CISS_SECRET_LUKS_BACKUP}"
unset CISS_SECRET_LUKS_BACKUP unset CISS_SECRET_LUKS_BACKUP
guard_trace on guard_trace on
### SECRETS handling -------------------------------------------------------------------------------------------------------
do_log "debug" "file_only" "3220() Var: [var_temp_plain_nc_auth] set." do_log "debug" "file_only" "3220() Var: [var_temp_plain_nc_auth] set."
@@ -272,6 +276,7 @@ partition_encryption() {
if [[ -n "${VAR_LUKS_URL}" ]]; then if [[ -n "${VAR_LUKS_URL}" ]]; then
### SECRETS handling ---------------------------------------------------------------------------------------------------
guard_trace on guard_trace on
if curl --silent --show-error --fail --retry 2 "${VAR_LUKS_URL}/public.php/webdav/${var_luks_backup_name}" \ if curl --silent --show-error --fail --retry 2 "${VAR_LUKS_URL}/public.php/webdav/${var_luks_backup_name}" \
@@ -288,6 +293,7 @@ partition_encryption() {
fi fi
guard_trace off guard_trace off
### SECRETS handling ---------------------------------------------------------------------------------------------------
fi fi
@@ -295,9 +301,11 @@ partition_encryption() {
done done
### SECRETS handling ---------------------------------------------------------------------------------------------------------
guard_trace on guard_trace on
[[ -n "${VAR_LUKS_URL}" ]] && unset var_temp_plain_nc_auth [[ -n "${VAR_LUKS_URL}" ]] && unset var_temp_plain_nc_auth
guard_trace off guard_trace off
### SECRETS handling ---------------------------------------------------------------------------------------------------------
ciss_secrets_wiper "${DIR_CNF}/password_luks_boot.txt" ciss_secrets_wiper "${DIR_CNF}/password_luks_boot.txt"
ciss_secrets_wiper "${DIR_CNF}/password_luks_common.txt" ciss_secrets_wiper "${DIR_CNF}/password_luks_common.txt"