unbrot/fedora-OEMDRV
1
0
Fork 0
forked from obel1x/fedora-OEMDRV
Code Pull Requests Activity

Refactor configure.sh: per-variable validation loop with DNS domain check

Browse Source 
Each variable is now prompted in a retry loop so a failed test re-prompts
that specific variable instead of restarting the whole wizard. Adds DNS-based
IPA domain validation (_ldap._tcp SRV + _kerberos TXT + _kerberos._udp SRV),
matching what ipa-client-install --domain performs. Fixes syntax errors
(bare `do` → `while true; do`, `continue` → `break`). Expands VARS to include
IPAVAULTNAME, CLIENT_SOFTWARE_SRC, DISTCONFIGPATH_SRC.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Brot der Bot
2026-04-30 12:52:41 +02:00
parent 2032bde99d
commit d316a7b605
1 changed files with 76 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
system_setup/configure.sh
+76 -40
View File
@@ -52,12 +52,84 @@ do_configure() {
echo ""
source "$CONF_FILE"
VARS=("TLDOMAIN" "DOMAIN" "SERVERFQDN_IPA" "SERVERFQDN_NC" "CLIENTADMINGROUP" "IPAVAULTUSE" )
VARS=("TLDOMAIN" "SERVERFQDN_IPA" "DOMAIN" "SERVERFQDN_NC" "IPAVAULTUSE" "IPAVAULTNAME" "CLIENT_SOFTWARE_SRC" "DISTCONFIGPATH_SRC" "CLIENTADMINGROUP" )
for ELE in "${VARS[@]}"
do
new_ELE=$(prompt_value "${ELE}" "${!ELE}")
set_conf_var "${ELE}" "${new_ELE}"
source "$CONF_FILE"
while true; do
new_ELE=$(prompt_value "${ELE}" "${!ELE}")
set_conf_var "${ELE}" "${new_ELE}"
source "$CONF_FILE"
REPEAT_TEST=1
case ${ELE} in
"SERVERFQDN_NC") echo ""
echo "=== Testing: Nextcloud server ==="
NC_STATUS=$(curl -fsSL "https://${SERVERFQDN_NC}/status.php" 2>/dev/null)
if echo "$NC_STATUS" | grep -q '"installed":true'; then
NC_VERSION=$(echo "$NC_STATUS" | grep -oP '(?<="versionstring":")[^"]+')
echo "Nextcloud confirmed at ${SERVERFQDN_NC} (version ${NC_VERSION})."
REPEAT_TEST=0
else
echo ""
echo "WARNING: '${SERVERFQDN_NC}' does not appear to be a valid Nextcloud server."
echo " Could not reach https://${SERVERFQDN_NC}/status.php or response was unexpected."
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
fi
;;
"SERVERFQDN_IPA") echo ""
echo "=== Testing: FreeIPA server ==="
IPA_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
"https://${SERVERFQDN_IPA}/ipa/session/json" 2>/dev/null)
if [[ "$IPA_CODE" == "200" || "$IPA_CODE" == "401" ]]; then
echo "FreeIPA server confirmed at ${SERVERFQDN_IPA}."
REPEAT_TEST=0
else
echo ""
echo "WARNING: '${SERVERFQDN_IPA}' does not appear to be a valid FreeIPA server."
echo " https://${SERVERFQDN_IPA}/ipa/session/json returned: ${IPA_CODE:-no response}"
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
fi
;;
"DOMAIN") echo ""
echo "=== Testing: IPA Domain DNS records ==="
if ! command -v dig &>/dev/null; then
echo "WARNING: 'dig' not found; skipping DNS check."
REPEAT_TEST=0
else
LDAP_SRV=$(dig +short SRV "_ldap._tcp.${DOMAIN}" 2>/dev/null)
KRB_TXT=$(dig +short TXT "_kerberos.${DOMAIN}" 2>/dev/null)
KDC_SRV=$(dig +short SRV "_kerberos._udp.${DOMAIN}" 2>/dev/null)
if [[ -n "$LDAP_SRV" && -n "$KRB_TXT" ]]; then
REALM=$(echo "$KRB_TXT" | tr -d '"')
echo "IPA domain confirmed: ${DOMAIN}"
echo " Kerberos realm : ${REALM}"
[[ -n "$KDC_SRV" ]] && echo " KDC SRV : ${KDC_SRV}"
REPEAT_TEST=0
else
echo ""
[[ -z "$LDAP_SRV" ]] && echo "WARNING: No _ldap._tcp.${DOMAIN} SRV record found."
[[ -z "$KRB_TXT" ]] && echo "WARNING: No _kerberos.${DOMAIN} TXT record found."
echo " '${DOMAIN}' does not appear to be a valid IPA domain."
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
fi
fi
;;
*) REPEAT_TEST=0
;;
esac
[[ $REPEAT_TEST == 0 ]] && break
done
done
echo ""
@@ -67,42 +139,6 @@ do_configure() {
while true; do
do_configure
echo ""
echo "=== Testing: Nextcloud server ==="
NC_STATUS=$(curl -fsSL "https://${SERVERFQDN_NC}/status.php" 2>/dev/null)
if echo "$NC_STATUS" | grep -q '"installed":true'; then
NC_VERSION=$(echo "$NC_STATUS" | grep -oP '(?<="versionstring":")[^"]+')
echo "Nextcloud confirmed at ${SERVERFQDN_NC} (version ${NC_VERSION})."
else
echo ""
echo "WARNING: '${SERVERFQDN_NC}' does not appear to be a valid Nextcloud server."
echo " Could not reach https://${SERVERFQDN_NC}/status.php or response was unexpected."
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
continue
fi
echo ""
echo "=== Testing: FreeIPA server ==="
IPA_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
"https://${SERVERFQDN_IPA}/ipa/session/json" 2>/dev/null)
if [[ "$IPA_CODE" == "200" || "$IPA_CODE" == "401" ]]; then
echo "FreeIPA server confirmed at ${SERVERFQDN_IPA}."
else
echo ""
echo "WARNING: '${SERVERFQDN_IPA}' does not appear to be a valid FreeIPA server."
echo " https://${SERVERFQDN_IPA}/ipa/session/json returned: ${IPA_CODE:-no response}"
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
continue
fi
echo ""
echo "=== Select Kickstart Profile ==="
KS_DIR="${SCRIPTDIR}/../ks_base_profiles"