bootstrap: Add debug mode

2025-12-22 02:00:08 +01:00 · 2025-02-23 23:31:57 -07:00
parent c0e2749dbc
commit 026499262d
1 changed files with 189 additions and 171 deletions
--- a/usr/local/share/bastille/bootstrap.sh
+++ b/usr/local/share/bastille/bootstrap.sh
@@ -34,49 +34,16 @@
 . /usr/local/etc/bastille/bastille.conf
 usage() {
-    error_exit "Usage: bastille bootstrap [release|template] [update|arch]"
+    error_notify "Usage: bastille bootstrap [option(s)] [RELEASE|TEMPLATE] [update|arch]"
    cat << EOF
    Options:
    -x | --debug          Enable debug mode.
 EOF
    exit 1
 }
 # Handle special-case commands first.
 case "$1" in
 help|-h|--help)
    usage
    ;;
 esac
 bastille_root_check
 #Validate if ZFS is enabled in rc.conf and bastille.conf.
 if [ "$(sysrc -n zfs_enable)" = "YES" ] && ! checkyesno bastille_zfs_enable; then
    warn "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"
    read answer
    case $answer in
        no|No|n|N|"")
            error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_enable."
            ;;
        yes|Yes|y|Y) ;;
    esac
 fi
 # Validate ZFS parameters.
 if checkyesno bastille_zfs_enable; then
    ## check for the ZFS pool and bastille prefix
    if [ -z "${bastille_zfs_zpool}" ]; then
        error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_zpool."
    elif [ -z "${bastille_zfs_prefix}" ]; then
        error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_prefix."
    elif ! zfs list "${bastille_zfs_zpool}" > /dev/null 2>&1; then
        error_exit "ERROR: ${bastille_zfs_zpool} is not a ZFS pool."
    fi
    ## check for the ZFS dataset prefix if already exist
    if [ -d "/${bastille_zfs_zpool}/${bastille_zfs_prefix}" ]; then
        if ! zfs list "${bastille_zfs_zpool}/${bastille_zfs_prefix}" > /dev/null 2>&1; then
            error_exit "ERROR: ${bastille_zfs_zpool}/${bastille_zfs_prefix} is not a ZFS dataset."
        fi
    fi
 fi
 validate_release_url() {
    ## check upstream url, else warn user
    if [ -n "${NAME_VERIFY}" ]; then
@@ -451,9 +418,64 @@ bootstrap_template() {
    bastille verify "${_user}/${_repo}"
 }
 # Handle options.
 while [ "$#" -gt 0 ]; do
    case "${1}" in
        -h|--help|help)
            usage
            ;;
        -x|--debug)
            enable_debug
            shift
            ;;
        -*) 
            error_exit "Unknown Option: \"${1}\""
            ;;
        *)
            break
            ;;
    esac
 done
 RELEASE="${1}"
 OPTION="${2}"
 NOCACHEDIR=
 HW_MACHINE=$(sysctl hw.machine | awk '{ print $2 }')
 HW_MACHINE_ARCH=$(sysctl hw.machine_arch | awk '{ print $2 }')
 bastille_root_check
 #Validate if ZFS is enabled in rc.conf and bastille.conf.
 if [ "$(sysrc -n zfs_enable)" = "YES" ] && ! checkyesno bastille_zfs_enable; then
    warn "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"
    read answer
    case $answer in
        no|No|n|N|"")
            error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_enable."
            ;;
        yes|Yes|y|Y) ;;
    esac
 fi
 # Validate ZFS parameters.
 if checkyesno bastille_zfs_enable; then
    ## check for the ZFS pool and bastille prefix
    if [ -z "${bastille_zfs_zpool}" ]; then
        error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_zpool."
    elif [ -z "${bastille_zfs_prefix}" ]; then
        error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_prefix."
    elif ! zfs list "${bastille_zfs_zpool}" > /dev/null 2>&1; then
        error_exit "ERROR: ${bastille_zfs_zpool} is not a ZFS pool."
    fi
    ## check for the ZFS dataset prefix if already exist
    if [ -d "/${bastille_zfs_zpool}/${bastille_zfs_prefix}" ]; then
        if ! zfs list "${bastille_zfs_zpool}/${bastille_zfs_prefix}" > /dev/null 2>&1; then
            error_exit "ERROR: ${bastille_zfs_zpool}/${bastille_zfs_prefix} is not a ZFS dataset."
        fi
    fi
 fi
 # bootstrapping from aarch64/arm64 Debian or Ubuntu require a different value for ARCH
 # create a new variable
 if [ "${HW_MACHINE_ARCH}" = "aarch64" ]; then
@@ -462,10 +484,6 @@ else
    HW_MACHINE_ARCH_LINUX=${HW_MACHINE_ARCH}
 fi
 NOCACHEDIR=
 RELEASE="${1}"
 OPTION="${2}"
 # Alternate RELEASE/ARCH fetch support(experimental)
 if [ -n "${OPTION}" ] && [ "${OPTION}" != "${HW_MACHINE}" ] && [ "${OPTION}" != "update" ]; then
    # Supported architectures
@@ -484,133 +502,133 @@ fi
 ## Filter sane release names
 case "${1}" in
-2.[0-9]*)
+    2.[0-9]*)
-    ## check for MidnightBSD releases name
+        ## check for MidnightBSD releases name
-    NAME_VERIFY=$(echo "${RELEASE}")
+        NAME_VERIFY=$(echo "${RELEASE}")
-    UPSTREAM_URL="${bastille_url_midnightbsd}${HW_MACHINE_ARCH}/${NAME_VERIFY}"
+        UPSTREAM_URL="${bastille_url_midnightbsd}${HW_MACHINE_ARCH}/${NAME_VERIFY}"
-    PLATFORM_OS="MidnightBSD"
+        PLATFORM_OS="MidnightBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-*-CURRENT|*-current)
+    *-CURRENT|*-current)
-    ## check for FreeBSD releases name
+        ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT)$' | tr '[:lower:]' '[:upper:]')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT)$' | tr '[:lower:]' '[:upper:]')
-    UPSTREAM_URL=$(echo "${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}" | sed 's/releases/snapshots/')
+        UPSTREAM_URL=$(echo "${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}" | sed 's/releases/snapshots/')
-    PLATFORM_OS="FreeBSD"
+        PLATFORM_OS="FreeBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-*-RELEASE|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
+    *-RELEASE|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
-    ## check for FreeBSD releases name
+        ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([0-9]{1,2})\.[0-9](-RELEASE|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([0-9]{1,2})\.[0-9](-RELEASE|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]')
-    UPSTREAM_URL="${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
+        UPSTREAM_URL="${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
-    PLATFORM_OS="FreeBSD"
+        PLATFORM_OS="FreeBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-*-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
+    *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
-    ## check for HardenedBSD releases name(previous infrastructure, keep for reference)
+        ## check for HardenedBSD releases name(previous infrastructure, keep for reference)
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})(-stable-last)$' | sed 's/STABLE/stable/g' | sed 's/last/LAST/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})(-stable-last)$' | sed 's/STABLE/stable/g' | sed 's/last/LAST/g')
-    UPSTREAM_URL="${bastille_url_hardenedbsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/hardenedbsd-${NAME_VERIFY}"
+        UPSTREAM_URL="${bastille_url_hardenedbsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/hardenedbsd-${NAME_VERIFY}"
-    PLATFORM_OS="HardenedBSD"
+        PLATFORM_OS="HardenedBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-*-stable-build-[0-9]*|*-STABLE-BUILD-[0-9]*)
+    *-stable-build-[0-9]*|*-STABLE-BUILD-[0-9]*)
-    ## check for HardenedBSD(specific stable build releases)
+        ## check for HardenedBSD(specific stable build releases)
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build)-([0-9]{1,3})$' | sed 's/BUILD/build/g' | sed 's/STABLE/stable/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build)-([0-9]{1,3})$' | sed 's/BUILD/build/g' | sed 's/STABLE/stable/g')
-    NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/-build-[0-9]\{1,3\}//g')
+        NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/-build-[0-9]\{1,3\}//g')
-    NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/[0-9]\{1,2\}-stable-//g')
+        NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/[0-9]\{1,2\}-stable-//g')
-    UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
+        UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
-    PLATFORM_OS="HardenedBSD"
+        PLATFORM_OS="HardenedBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-*-stable-build-latest|*-stable-BUILD-LATEST|*-STABLE-BUILD-LATEST)
+    *-stable-build-latest|*-stable-BUILD-LATEST|*-STABLE-BUILD-LATEST)
-    ## check for HardenedBSD(latest stable build release)
+        ## check for HardenedBSD(latest stable build release)
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build-latest)$' | sed 's/STABLE/stable/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build-latest)$' | sed 's/STABLE/stable/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g')
-    NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/-BUILD-LATEST//g')
+        NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/-BUILD-LATEST//g')
-    NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/[0-9]\{1,2\}-stable-BUILD-//g')
+        NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/[0-9]\{1,2\}-stable-BUILD-//g')
-    UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/installer/${NAME_BUILD}"
+        UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/installer/${NAME_BUILD}"
-    PLATFORM_OS="HardenedBSD"
+        PLATFORM_OS="HardenedBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-current-build-[0-9]*|CURRENT-BUILD-[0-9]*)
+    current-build-[0-9]*|CURRENT-BUILD-[0-9]*)
-    ## check for HardenedBSD(specific current build releases)
+        ## check for HardenedBSD(specific current build releases)
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build)-([0-9]{1,3})' | sed 's/BUILD/build/g' | sed 's/CURRENT/current/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build)-([0-9]{1,3})' | sed 's/BUILD/build/g' | sed 's/CURRENT/current/g')
-    NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/current-.*/current/g')
+        NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/current-.*/current/g')
-    NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/current-//g')
+        NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/current-//g')
-    UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
+        UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_BUILD}"
-    PLATFORM_OS="HardenedBSD"
+        PLATFORM_OS="HardenedBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-current-build-latest|current-BUILD-LATEST|CURRENT-BUILD-LATEST)
+    current-build-latest|current-BUILD-LATEST|CURRENT-BUILD-LATEST)
-    ## check for HardenedBSD(latest current build release)
+        ## check for HardenedBSD(latest current build release)
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build-latest)' | sed 's/CURRENT/current/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build-latest)' | sed 's/CURRENT/current/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g')
-    NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/current-.*/current/g')
+        NAME_RELEASE=$(echo "${NAME_VERIFY}" | sed 's/current-.*/current/g')
-    NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/current-BUILD-//g')
+        NAME_BUILD=$(echo "${NAME_VERIFY}" | sed 's/current-BUILD-//g')
-    UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/installer/${NAME_BUILD}"
+        UPSTREAM_URL="${bastille_url_hardenedbsd}${NAME_RELEASE}/${HW_MACHINE}/${HW_MACHINE_ARCH}/installer/${NAME_BUILD}"
-    PLATFORM_OS="HardenedBSD"
+        PLATFORM_OS="HardenedBSD"
-    validate_release_url
+        validate_release_url
-    ;;
+        ;;
-http?://*/*/*)
+    http?://*/*/*)
-    BASTILLE_TEMPLATE_URL=${1}
+        BASTILLE_TEMPLATE_URL=${1}
-    BASTILLE_TEMPLATE_USER=$(echo "${1}" | awk -F / '{ print $4 }')
+        BASTILLE_TEMPLATE_USER=$(echo "${1}" | awk -F / '{ print $4 }')
-    BASTILLE_TEMPLATE_REPO=$(echo "${1}" | awk -F / '{ print $5 }')
+        BASTILLE_TEMPLATE_REPO=$(echo "${1}" | awk -F / '{ print $5 }')
-    bootstrap_template
+        bootstrap_template
-    ;;
+        ;;
-git@*:*/*)
+    git@*:*/*)
-    BASTILLE_TEMPLATE_URL=${1}
+        BASTILLE_TEMPLATE_URL=${1}
-    git_repository=$(echo "${1}" | awk -F : '{ print $2 }')
+        git_repository=$(echo "${1}" | awk -F : '{ print $2 }')
-    BASTILLE_TEMPLATE_USER=$(echo "${git_repository}" | awk -F / '{ print $1 }')
+        BASTILLE_TEMPLATE_USER=$(echo "${git_repository}" | awk -F / '{ print $1 }')
-    BASTILLE_TEMPLATE_REPO=$(echo "${git_repository}" | awk -F / '{ print $2 }')
+        BASTILLE_TEMPLATE_REPO=$(echo "${git_repository}" | awk -F / '{ print $2 }')
-    bootstrap_template
+        bootstrap_template
-    ;;
+        ;;
-#adding Ubuntu Bionic as valid "RELEASE" for POC @hackacad
+    #adding Ubuntu Bionic as valid "RELEASE" for POC @hackacad
-ubuntu_bionic|bionic|ubuntu-bionic)
+    ubuntu_bionic|bionic|ubuntu-bionic)
-    PLATFORM_OS="Ubuntu/Linux"
+        PLATFORM_OS="Ubuntu/Linux"
-    LINUX_FLAVOR="bionic"
+        LINUX_FLAVOR="bionic"
-    DIR_BOOTSTRAP="Ubuntu_1804"
+        DIR_BOOTSTRAP="Ubuntu_1804"
-    ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
+        ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
-    debootstrap_release
+        debootstrap_release
-    ;;
+        ;;
-ubuntu_focal|focal|ubuntu-focal)
+    ubuntu_focal|focal|ubuntu-focal)
-    PLATFORM_OS="Ubuntu/Linux"
+        PLATFORM_OS="Ubuntu/Linux"
-    LINUX_FLAVOR="focal"
+        LINUX_FLAVOR="focal"
-    DIR_BOOTSTRAP="Ubuntu_2004"
+        DIR_BOOTSTRAP="Ubuntu_2004"
-    ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
+        ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
-    debootstrap_release
+        debootstrap_release
-    ;;
+        ;;
-ubuntu_jammy|jammy|ubuntu-jammy)
+    ubuntu_jammy|jammy|ubuntu-jammy)
-    PLATFORM_OS="Ubuntu/Linux"
+        PLATFORM_OS="Ubuntu/Linux"
-    LINUX_FLAVOR="jammy"
+        LINUX_FLAVOR="jammy"
-    DIR_BOOTSTRAP="Ubuntu_2204"
+        DIR_BOOTSTRAP="Ubuntu_2204"
-    ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
+        ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
-    debootstrap_release
+        debootstrap_release
-    ;;
+        ;;
-debian_buster|buster|debian-buster)
+    debian_buster|buster|debian-buster)
-    PLATFORM_OS="Debian/Linux"
+        PLATFORM_OS="Debian/Linux"
-    LINUX_FLAVOR="buster"
+        LINUX_FLAVOR="buster"
-    DIR_BOOTSTRAP="Debian10"
+        DIR_BOOTSTRAP="Debian10"
-    ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
+        ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
-    debootstrap_release
+        debootstrap_release
-    ;;
+        ;;
-debian_bullseye|bullseye|debian-bullseye)
+    debian_bullseye|bullseye|debian-bullseye)
-    PLATFORM_OS="Debian/Linux"
+        PLATFORM_OS="Debian/Linux"
-    LINUX_FLAVOR="bullseye"
+        LINUX_FLAVOR="bullseye"
-    DIR_BOOTSTRAP="Debian11"
+        DIR_BOOTSTRAP="Debian11"
-    ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
+        ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
-    debootstrap_release
+        debootstrap_release
-    ;;
+        ;;
-debian_bookworm|bookworm|debian-bookworm)
+    debian_bookworm|bookworm|debian-bookworm)
-    PLATFORM_OS="Debian/Linux"
+        PLATFORM_OS="Debian/Linux"
-    LINUX_FLAVOR="bookworm"
+        LINUX_FLAVOR="bookworm"
-    DIR_BOOTSTRAP="Debian12"
+        DIR_BOOTSTRAP="Debian12"
-    ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
+        ARCH_BOOTSTRAP=${HW_MACHINE_ARCH_LINUX}
-    debootstrap_release
+        debootstrap_release
-    ;;
+        ;;
-*)
+    *)
-    usage
+        usage
-    ;;
+        ;;
 esac
 case "${OPTION}" in
-update)
+    update)
-    bastille update "${RELEASE}"
+        bastille update "${RELEASE}"
-    ;;
+        ;;
 esac