#!/bin/bash # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.installer # SPDX-Security-Contact: security@coresecret.eu ### Definition of MUST set global Variables # shellcheck disable=SC2155 declare -grx VAR_KERNEL_INF="$(mktemp)" declare -grx VAR_KERNEL_TMP="$(mktemp)" declare -grx VAR_KERNEL_SRT="$(mktemp)" declare -grx VAR_NOTES="$(mktemp)" declare -grx LOG_ERROR="/tmp/ciss_debian_installer_$$_error.log" declare -grx VAR_SETUP_CONF="preseed.yaml" declare -grx VAR_SETUP_PART="partitioning.yaml" declare -grx VAR_SETUP_FILE="${0##*/}" # 'setup.sh' declare -grx VAR_SETUP_PATH="$(cd "$(dirname "${0}")" && pwd)" # '/opt/git/CISS.debian.installer' declare -grx VAR_SETUP_FULL="$(cd "$(dirname "${0}")" && pwd)/${0##*/}" # '/opt/git/CISS.debian.installer/setup.sh' ### Initialize variables of different directories declare -grx DIR_BAK="/tmp/.ciss/backup" declare -grx DIR_CNF="${VAR_SETUP_PATH}/.preseed" declare -grx DIR_INS="${VAR_SETUP_PATH}" declare -grx DIR_LOG="/tmp/.ciss/log" declare -grx DIR_TMP="/tmp/.ciss/tmp" ### Initialize variables for logging declare -grx LOG_ERR="${DIR_LOG}/ciss_debian_installer_$$_error.log" declare -grx LOG_INS="${DIR_LOG}/ciss_debian_installer_$$_install.log" declare -grx LOG_NIC="${DIR_LOG}/ciss_debian_installer_$$_nic.log" declare -grx LOG_UID="${DIR_LOG}/ciss_debian_installer_$$_uuid.log" declare -grx LOG_DBS="${DIR_LOG}/ciss_debian_installer_$$_debootstrap.log" ### Initialize variable of imported and cleaned 'YAML' -> 'BASH-variable'-file. declare -grx VAR_PRESEED="${DIR_TMP}/combined.var" ### Base mount paths for debootstrap. declare -grx TARGET="/target" declare -grx RECOVERY="/recovery" declare -grx VAR_SAFE_MNT_BASE="/run/ciss/bootstrap" ### Default log level. declare -gx DEFAULT_LOG_LEVEL="info" ### 1081_helper_grub.sh: ### Variable to finish GRUB CMDLINE strings. declare -grx VAR_H='"' ### 1250_yaml_parser.sh: ### Indexed Arrays for 'Debian Packages' to install and 'NTPSec Server' to use. declare -agx ARY_PACKAGES=() declare -agx ARY_NTPSRVR=() ### 1251_yaml_reader.sh: ### Variable for highest device count e.g., /dev/sdf = "f" declare -gx VAR_RECIPE_DEV_COUNTER="" ### Variable for firmware ("UEFI" || "BIOS") declare -gx VAR_RECIPE_FIRMWARE="" ### Variable for active recipe (e.g., "gben0afx256") declare -gx VAR_RECIPE_STRING="" ### Variable partition table ("gpt" || "mbr") declare -gx VAR_RECIPE_TABLE="" ### Assoziative Array (HashMap) for devices and accompanying partitions declare -Ag HMP_RECIPE_DEV_PARTITIONS ### 3200_partitioning.sh ### Assoziative Array (HashMap) to store UUIDs for each partition ### HMP_UUID_PARTITION["UUID_${var_dev}${var_part}"]="${var_uuid}" declare -Ag HMP_UUID_PARTITION ### 3220_partition_encryption.sh ### Assoziative Array (HashMap) to store Ephemeral Device for each Mount Path ### HMP_EPHEMERAL_DEV["${var_mount_path}"]="/dev/${var_dev}${var_part}" declare -Ag HMP_EPHEMERAL_DEV ### Assoziative Array (HashMap) to store Ephemeral Device Encryption Label for each Mount Path ### HMP_EPHEMERAL_ENCLABEL["${var_mount_path}"]="${var_encryption_label}" declare -Ag HMP_EPHEMERAL_ENCLABEL ### Assoziative Array (HashMap) to store UUID for each Encryption Label ### HMP_ENCRYPTIONLABEL_UUID["${var_encryption_label}"]="${var_uuid}" declare -Ag HMP_ENCRYPTIONLABEL_UUID ### Assoziative Array (HashMap) to store Encryption Label for each Mount Path ### HMP_MOUNTPATH_ENCRYPTIONLABEL["${var_mount_path}"]="${var_encryption_label}" declare -Ag HMP_MOUNTPATH_ENCRYPTIONLABEL ### 3260_setup_filesystem.sh ### Assoziative Array (HashMap) to store Crypt Mapper OR Device for each Mount Path ### HMP_MOUNTPATH_DEV["${var_mount_path}"]="/dev/mapper/${var_encryption_label}" ### HMP_MOUNTPATH_DEV["${var_mount_path}"]="/dev/${var_dev}${var_part}" declare -Ag HMP_MOUNTPATH_DEV ### TODO # [3_5_1_functions_installation_partition_encryption()] Create a hashmap to store the device path for each ephemeral partition # MAP_EPHEMERAL_DEV["${MOUNT_PATH}"]="/dev/${DEV}${PARTITION}" declare -g -A MAP_EPHEMERAL_DEV=() # [3_5_1_functions_installation_partition_encryption()] Create a hashmap to store the encryption label for each ephemeral partition # MAP_EPHEMERAL_ENCLABEL["${MOUNT_PATH}"]="${ENCRYPTION_LABEL}" declare -g -A MAP_EPHEMERAL_ENCLABEL=() # [3_5_1_functions_installation_partition_encryption()] Create a hashmap to store UUIDs for each encrypted partition # MAP_UUID_CRYPT["${ENCRYPTION_LABEL}"]="${UUID}" declare -g -A MAP_UUID_CRYPT=() # [3_5_1_functions_installation_partition_encryption()] Create a hashmap to store the device path for each encrypted partition # MAP_PATH_CRYPT["${MOUNT_PATH}"]="${ENCRYPTION_LABEL}" declare -g -A MAP_PATH_CRYPT=() # [3_6_0_functions_installation_setup_filesystem()] Create a hashmap to store the mount paths of each partition declare -g -A MAP_MOUNTPATH_DEV=() # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh