Added quotes to var.

script/deploy.sh

@@ -93,34 +93,56 @@ hierarchy_preparation() {
   echod "\n ✅ Folder hierarchy ready"
 }
 
+setup_ssh() {
+  echod "\n ➡️ Generating new SSH key for numbus-admin..."
+
+  chmod 700 "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/"
+  ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
+
+  echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
+
+  if cat "~/.ssh/known_hosts" | grep "${LIVE_TARGET_IP}"; then
+    echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\"").
+
+  This could occur for multiple reasons :
+    - You ran the script multiple times and rebooted your live machine
+    - Your live machine uses an IP address that was used by another devices you SSHed in
+    - You are under a Man-In-The-Middle attack
+    - Other
+
+  The script $(gum style --bold "cannot continue") without the correct fingerprint installed.\n"
+
+    gum confirm "Remove the old fingerprint and accept the new one ?" || { echo -e "\n\n ❌ Exiting."; exit 22; }
+    sed -i '/${LIVE_TARGET_IP}/d' "~/.ssh/known_hosts"
+  fi
+
+  if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
+    echod "\n ✅ SSH key copied successfully"
+  else
+    echo -e "\n ❌ Failed to copy SSH key. Please check the host IP and password."
+    exit 1
+  fi
+}
+
 hardware_detection() {
 	local TMPFILE="/run/user/1000/numbus-installer/hw_detection.json"
 
 	ssh_to_host "nix-shell -p jq pciutils usbutils smartmontools iproute2 --run 'bash -s'" << SSHEND >> "${STDOUT}" 2>> "${STDERR}"
 set -euo pipefail
 
-if [[ ${DEBUG} -eq 1 ]]; then
-  mkdir -${MKDIR_FLAGS} "${REMOTE_STDOUT%std.log}"
-  mkdir -${MKDIR_FLAGS} "${REMOTE_STDERR%err.log}"
-fi
-
-# --- Initialize Global JSON Output ---
 HW_REPORT=\$(jq -n '{}')
 
-# --- Helper: Add JSON array to the main report ---
 append_to_report() {
-  local key="\$1"
-  local json_array="\$2"
-  HW_REPORT=\$(echo "\$HW_REPORT" | jq --argjson arr "\$json_array" --arg k "\$key" '.[\$k] = \$arr')
+  local key="\${1}"
+  local json_array="\${2}"
+  HW_REPORT=\$(echo "\${HW_REPORT}" | jq --argjson arr "\${json_array}" --arg k "\${key}" '.[\${k}] = \${arr}')
 }
 
-# --- 1. Detect Graphics ---
 detect_graphics() {
   local gpus="[]"
 
-  # Process each GPU found by lspci
   while read -r line; do
-    [[ -z "\$line" ]] && continue
+    [[ -z "\${line}" ]] && continue
     local brand="unknown"
     local renderer="none"
     local product="unknown"
@@ -128,11 +150,11 @@ detect_graphics() {
     local pci_addr="none"
 
     # Extract PCI address
-    pci_addr="\$(echo "\$line" | cut -d' ' -f1)"
+    pci_addr="\$(echo "\${line}" | cut -d' ' -f1)"
 
     # Brand
     for b in Intel AMD NVIDIA; do
-      if echo "\$line" | grep -iq "\$b"; then
+      if echo "\${line}" | grep -iq "\${b}"; then
         brand="\${b}"
         break
       fi
@@ -140,10 +162,9 @@ detect_graphics() {
 
     # Renderer
     if [[ -d "/dev/dri/by-path" ]]; then
-      local render_node
-      render_node=\$(ls /dev/dri/by-path | grep "\$pci_addr" | grep "render" | head -n1 || true)
-      if [[ -n "\$render_node" ]]; then
-        renderer=\$(basename "\$(readlink -f "/dev/dri/by-path/\$render_node")")
+      local render_node=\$(ls /dev/dri/by-path | grep "\${pci_addr}" | grep "render" | head -n1 || true)
+      if [[ -n "\${render_node}" ]]; then
+        renderer=\$(basename "\$(readlink -f "/dev/dri/by-path/\${render_node}")")
       fi
     fi
 
@@ -189,7 +210,7 @@ detect_corals() {
   local corals="[]"
 
   # Check PCIe Coral (Google ID 1ac1:089a)
-  if lspci -nn | grep -iq "1ac1:089a" >> "${REMOTE_STDOUT}" 2>> "${REMOTE_STDERR}"; then
+  if lspci -nn | grep -iq "1ac1:089a"; then
     local pcie_count
     pcie_count=\$(lspci -nn | grep -ic "1ac1:089a")
     for ((i=1; i<=pcie_count; i++)); do
@@ -199,7 +220,7 @@ detect_corals() {
   fi
 
   # Check USB Coral (Google ID 18d1:9302)
-  if lsusb | grep -iq "18d1:9302" >> "${REMOTE_STDOUT}" 2>> "${REMOTE_STDERR}"; then
+  if lsusb | grep -iq "18d1:9302"; then
     local usb_count
     usb_count=\$(lsusb | grep -ic "18d1:9302")
     for ((i=1; i<=usb_count; i++)); do
@@ -234,7 +255,7 @@ detect_zigbee() {
 detect_network() {
   local networks="[]"
   local default_iface
-  default_iface=\$(ip -4 route show default >> "${REMOTE_STDOUT}" 2>> "${REMOTE_STDERR}" | awk '{print \$5}' | head -n1)
+  default_iface=\$(ip -4 route show default | awk '{print \$5}' | head -n1)
 
   for iface_path in /sys/class/net/*; do
     [[ -e "\$iface_path" ]] || continue
@@ -381,22 +402,6 @@ launch_gui() {
 
 
 # --- MAIN SCRIPT FUNCTIONS --->
-setup_ssh() {
-  echod "\n ✅ Generating new SSH key for numbus-admin..."
-
-  chmod 700 "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/"
-  ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q
-
-  echod "\n ➡️   Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..."
-
-  if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then
-    echod "\n ✅ SSH key copied successfully"
-  else
-    echo -e "\n ❌ Failed to copy SSH key. Please check the host IP and password."
-    exit 1
-  fi
-}
-
 server_config_generation() {
   echod "\n 📝 Generating structured settings.json..."
   
@@ -783,6 +788,7 @@ PORT_REGEX='^[0-9]{1,5}$'
 SSH_KEY_REGEX='^ssh-[a-z0-9]+ [A-Za-z0-9+/]+.*'
 PHONE_REGEX='^\+[1-9][0-9]{7,14}$' 
 
+FOREGROUND="212"
 GUM_INPUT_PADDING="1 1"
 GUM_INPUT_HEADER_FOREGROUND="212"
 GUM_INPUT_CURSOR_FOREGROUND="212"

script/error_codes.md

@@ -0,0 +1,3 @@
+0: successful.
+1: error.
+22: SSH fingerprint in `known_hosts` for the IP is different than the current one.