#!/bin/bash # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.installer # SPDX-Security-Contact: security@coresecret.eu guard_sourcing ####################################### # Extended dynamic network variable checks and declarations depending on preseed.yaml. # Globals: # ARY_IPV4_NS # ARY_IPV6_NS # VAR_FINAL_FQDN # VAR_FINAL_IPV4 # VAR_FINAL_IPV4_GW # VAR_FINAL_IPV4_SUBNET # VAR_FINAL_IPV6 # VAR_FINAL_NIC # VAR_LINK_IPV6 # network_autoconfig_enable # network_choose_interface_static # network_hostname # network_static_ipv4address # network_static_ipv4gateway # network_static_ipv4nameserver_0 # network_static_ipv4nameserver_1 # network_static_ipv4nameserver_2 # network_static_ipv4nameserver_3 # network_static_ipv4nameserver_fallback_0 # network_static_ipv4nameserver_fallback_1 # network_static_ipv4netmask # network_static_ipv6address # network_static_ipv6nameserver_0 # network_static_ipv6nameserver_1 # network_static_ipv6nameserver_2 # network_static_ipv6nameserver_3 # network_static_ipv6nameserver_fallback_0 # network_static_ipv6nameserver_fallback_1 # Arguments: # None # Returns: # 0: on success ####################################### yaml_validator() { ### Declare Arrays, HashMaps, and Variables. # shellcheck disable=SC2034 declare -ag ARY_IPV4_NS=() ARY_IPV6_NS=() declare var_auto_nic="" var_auto_ipv4="" var_auto_ipv4_ccidr="" var_auto_ipv4_subnet="" var_auto_ipv4_gw="" \ var_auto_ipv6="" var_auto_ipv6_ccidr="" var_auto_ipv6_gw="" var_link_ipv4="" var_link_ipv6="" var_auto_fqdn="" declare -gx VAR_FINAL_NIC="" VAR_FINAL_FQDN="" VAR_FINAL_IPV4="" VAR_FINAL_IPV4_GW="" VAR_FINAL_IPV4_SUBNET="" \ VAR_FINAL_IPV6="" VAR_LINK_IPV6="" VAR_FINAL_IPV6_GW="" VAR_FINAL_IPV6_SUBNET="" ensure_lowercase "network_autoconfig_enable" ensure_lowercase "network_choose_interface_auto" ensure_lowercase "network_choose_interface_static" ensure_lowercase "network_hostname" # shellcheck disable=SC2034 [[ -v network_static_ipv4nameserver_0 ]] && ARY_IPV4_NS+=( "${network_static_ipv4nameserver_0}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv4nameserver_1 ]] && ARY_IPV4_NS+=( "${network_static_ipv4nameserver_1}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv4nameserver_2 ]] && ARY_IPV4_NS+=( "${network_static_ipv4nameserver_2}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv4nameserver_3 ]] && ARY_IPV4_NS+=( "${network_static_ipv4nameserver_3}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv4nameserver_fallback_0 ]] && ARY_IPV4_NS+=( "${network_static_ipv4nameserver_fallback_0}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv4nameserver_fallback_1 ]] && ARY_IPV4_NS+=( "${network_static_ipv4nameserver_fallback_1}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv6nameserver_0 ]] && ARY_IPV6_NS+=( "${network_static_ipv6nameserver_0}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv6nameserver_1 ]] && ARY_IPV6_NS+=( "${network_static_ipv6nameserver_1}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv6nameserver_2 ]] && ARY_IPV6_NS+=( "${network_static_ipv6nameserver_2}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv6nameserver_3 ]] && ARY_IPV6_NS+=( "${network_static_ipv6nameserver_3}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv6nameserver_fallback_0 ]] && ARY_IPV6_NS+=( "${network_static_ipv6nameserver_fallback_0}" ) # shellcheck disable=SC2034 [[ -v network_static_ipv6nameserver_fallback_1 ]] && ARY_IPV6_NS+=( "${network_static_ipv6nameserver_fallback_1}" ) ### Check current network connection and configure variables # shellcheck disable=SC2312 var_auto_nic=$(ip -o link show | awk -F': ' '/state UP/ && $2!="lo" {print $2; exit}') # shellcheck disable=SC2312 var_auto_ipv4_ccidr=$(ip -4 -o addr show "${var_auto_nic}" | awk '{print $4; exit}') # shellcheck disable=SC2312 var_auto_ipv4_subnet=$(generate_subnetmask "${var_auto_ipv4_ccidr}") # shellcheck disable=SC2312 var_auto_ipv4=$(echo "${var_auto_ipv4_ccidr}" | awk -F'/' '{print $1}') # shellcheck disable=SC2312 var_auto_ipv4_gw=$(ip route show default dev "${var_auto_nic}" | awk '/^default/ {print $3; exit}') # shellcheck disable=SC2312 var_auto_ipv6_ccidr=$(ip -6 -o addr show "${var_auto_nic}" | awk '/scope global/ {print $4; exit}') if [[ -n "${var_auto_ipv6_ccidr}" ]]; then # shellcheck disable=SC2312 var_auto_ipv6=$(echo "${var_auto_ipv6_ccidr}" | awk -F'/' '{print $1}') # shellcheck disable=SC2312 var_auto_ipv6_gw=$(ip -6 route show default dev "${var_auto_nic}" | awk '/^default/ {print $3; exit}') fi # shellcheck disable=SC2312 var_link_ipv4=$(ping -q -c 1 -W 1 -4 debian.org > /dev/null 2>&1 && echo "true" || echo "false") # shellcheck disable=SC2312 var_link_ipv6=$(ping -q -c 1 -W 1 -6 debian.org > /dev/null 2>&1 && echo "true" || echo "false") if [[ -f "/var/lib/dhcp/dhclient.${var_auto_nic}.leases" ]]; then # shellcheck disable=SC2312 var_auto_fqdn=$(grep -m1 'option host-name' "/var/lib/dhcp/dhclient.${var_auto_nic}.leases" | sed -E 's/.*"([^"]+)".*/\1/') else var_auto_fqdn="" fi do_log "info" "file_only" "1252() Live environment network check: Auto NIC ='${var_auto_nic}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv4 ='${var_auto_ipv4}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv4 CCIDR ='${var_auto_ipv4_ccidr}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv4 Subnet ='${var_auto_ipv4_subnet}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv4 Gateway ='${var_auto_ipv4_gw}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv6 ='${var_auto_ipv6}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv6 CCIDR ='${var_auto_ipv6_ccidr}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv6 Gateway ='${var_auto_ipv6_gw}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv4 Link ='${var_link_ipv4}'." do_log "info" "file_only" "1252() Live environment network check: Auto IPv6 Link ='${var_link_ipv6}'." do_log "info" "file_only" "1252() Live environment network check: Auto FQDN ='${var_auto_fqdn}'." ### Export hostname and IPv4 and IPv6 addresses for further processing according to dynamic results and preseed.yaml settings. if [[ "${network_autoconfig_enable}" == "true" ]]; then # shellcheck disable=SC2034 VAR_FINAL_NIC="${var_auto_nic}" # shellcheck disable=SC2034 VAR_FINAL_FQDN="${var_auto_fqdn}" # shellcheck disable=SC2034 VAR_FINAL_IPV4="${var_auto_ipv4}" # shellcheck disable=SC2034 VAR_FINAL_IPV4_GW="${var_auto_ipv4_gw}" # shellcheck disable=SC2034 VAR_FINAL_IPV4_SUBNET="${var_auto_ipv4_subnet}" do_log "info" "file_only" "1252() Network IPv4 autoconfiguration: [${network_autoconfig_enable}]." else # shellcheck disable=SC2034 VAR_FINAL_NIC="${network_choose_interface_static}" # shellcheck disable=SC2034 VAR_FINAL_FQDN="${network_hostname}" # shellcheck disable=SC2034 VAR_FINAL_IPV4="${network_static_ipv4address}" # shellcheck disable=SC2034 VAR_FINAL_IPV4_GW="${network_static_ipv4gateway}" # shellcheck disable=SC2034 VAR_FINAL_IPV4_SUBNET="${network_static_ipv4netmask}" do_log "info" "file_only" "1252() Network IPv4 autoconfiguration: [${network_autoconfig_enable}]." fi if [[ "${network_autoconfig_enable}" == "true" && "${var_link_ipv6}" == "true" ]]; then # shellcheck disable=SC2034 VAR_FINAL_IPV6="${var_auto_ipv6}" # shellcheck disable=SC2034 VAR_LINK_IPV6="${var_link_ipv6}" # shellcheck disable=SC2034 VAR_FINAL_IPV6_GW="${var_auto_ipv6_gw}" # shellcheck disable=SC2034 VAR_FINAL_IPV6_SUBNET="${var_auto_ipv6_ccidr}" do_log "info" "file_only" "1252() Network IPv6 autoconfiguration: [${network_autoconfig_enable}] and IPv6 Link: [${var_link_ipv6}]." elif [[ "${network_autoconfig_enable}" == "false" && -n "${network_static_ipv6address}" ]]; then # shellcheck disable=SC2034 VAR_LINK_IPV6="${var_link_ipv6}" # shellcheck disable=SC2034 VAR_FINAL_IPV6="${network_static_ipv6address}" # shellcheck disable=SC2034 VAR_FINAL_IPV6_GW="${network_static_ipv6gateway}" # shellcheck disable=SC2034 VAR_FINAL_IPV6_SUBNET="${network_static_ipv6netmask}" do_log "info" "file_only" "1252() Network IPv6 autoconfiguration: [${network_autoconfig_enable}] and IPv6 static: [${network_static_ipv6address}]." else # shellcheck disable=SC2034 VAR_FINAL_IPV6="" do_log "info" "file_only" "1252() Network IPv6 autoconfiguration: no IPv6 configuration applied." fi guard_dir && return 0 } # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh