#!/bin/bash # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.live.builder # SPDX-Security-Contact: security@coresecret.eu set -Ceuo pipefail printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 '%s' starting ... \e[0m\n" "${0}" if [[ ! -d "${VAR_HANDLER_BUILD_DIR}"/config/includes.chroot/etc/dhcp ]]; then mkdir -p "${VAR_HANDLER_BUILD_DIR}"/config/includes.chroot/etc/dhcp fi cat << 'EOF' >> "${VAR_HANDLER_BUILD_DIR}"/config/includes.chroot/etc/dhcp/dhclient.conf # Custom dhclient config to override DHCP DNS # dns01.eddns.eu, dns02.eddns.de, dns03.eddns.eu; supersede domain-name-servers 135.181.207.105, 89.58.62.53, 138.199.237.109; # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf EOF cat << 'EOF' >> "${VAR_HANDLER_BUILD_DIR}"/config/includes.chroot/etc/dhcpcd.conf # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-08-12; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.live.builder # SPDX-Security-Contact: security@coresecret.eu ### No Global APIPA-Fallback. #noipv4ll ### A ServerID is required by RFC2131. #require dhcp_server_identifier ### Respect the network MTU. This is applied to DHCP routes. #option interface_mtu ### A list of options to request from the DHCP server. #option host_name #option domain_name #option domain_search #option rapid_commit ### Most distributions have NTP support. #option ntp_servers ### Ask server to update both A and PTR via FQDN (RFC 4702 semantics). #fqdn both ###----------------------------------------------------------------------------------------------------------------------------- ### Global defaults for all interfaces. option host_name option domain_name option domain_search ### Ask server to update both A and PTR via FQDN (RFC 4702 semantics). fqdn both ###----------------------------------------------------------------------------------------------------------------------------- ### Enforce static DNS and prevent dhcpcd from writing 'resolv.conf'. nooption domain_name_servers nohook resolv.conf rdnssd ### Static resolvers (IPv4). ### (This does NOT write '/etc/resolv.conf' because of nohook above.) static domain_name_servers=135.181.207.105 89.58.62.53 138.199.237.109 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf EOF cat << 'EOF' >| "${VAR_HANDLER_BUILD_DIR}"/config/includes.chroot/etc/resolv.conf # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-08-12; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.live.builder # SPDX-Security-Contact: security@coresecret.eu # static /etc/resolv.conf (CISS) nameserver 135.181.207.105 nameserver 89.58.62.53 nameserver 138.199.237.109 options edns0 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf EOF printf "\e[92m++++ ++++ ++++ ++++ ++++ ++++ ++ ✅ '%s' successfully applied. \e[0m\n" "${0}" exit 0 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh