From 9511a3d84cd3536dc8db7080696bd7de455d87ef Mon Sep 17 00:00:00 2001
From: dingenbohs <dingenbohs@proficio.com>
Date: Wed, 29 Oct 2025 22:23:33 +0000
Subject: [PATCH] Update 'k3os-ipconfig.sh'

---
 k3os-ipconfig.sh | 130 ++++++++++++++++++-----------------------------
 1 file changed, 50 insertions(+), 80 deletions(-)

diff --git a/k3os-ipconfig.sh b/k3os-ipconfig.sh
index a9148e4..fb6cfb9 100644
--- a/k3os-ipconfig.sh
+++ b/k3os-ipconfig.sh
@@ -1,90 +1,60 @@
 #!/bin/bash
 
-# Define constants
-SSH_CONFIG_FILE="/etc/ssh/sshd_config"
-AUTH_LINE="PasswordAuthentication"
+# --- k3OS Automated Static IP Configuration Script ---
 
-# --- Function to check the current state ---
-get_current_state() {
-    # Using -E for extended regular expressions instead of -P for broader compatibility
-    
-    # 1. Use grep to find the line, including commented lines
-    # 2. Use sed to remove leading/trailing whitespace and the setting name
-    # 3. Use tr to convert to lowercase for reliable comparison
-    CURRENT_STATE=$(grep -iE "^\s*#?\s*${AUTH_LINE}\s+" "$SSH_CONFIG_FILE" 2>/dev/null | \
-                    sed -E "s/^\s*#?\s*${AUTH_LINE}\s*//" | \
-                    tr '[:upper:]' '[:lower:]' | \
-                    head -n 1)
-
-    # If the line is not found, or is commented out/blank, default to 'no' (SSH default security)
-    if [[ -z "$CURRENT_STATE" || "$CURRENT_STATE" == "no" ]]; then
-        echo "no"
-    elif [[ "$CURRENT_STATE" == "yes" ]]; then
-        echo "yes"
-    else
-        # Handle cases where the setting is missing or invalid. Check for an explicit 'no'.
-        if grep -qE "^\s*${AUTH_LINE}\s+no" "$SSH_CONFIG_FILE" 2>/dev/null; then
-            echo "no"
-        else
-            echo "no" # Defaulting to the most secure setting if not explicitly 'yes'
-        fi
-    fi
-}
-
-# --- Main Toggler Logic ---
-
-current=$(get_current_state)
-
-if [ "$current" == "yes" ]; then
-    NEW_STATE="no"
-    ACTION="DISABLE"
-    WARNING="WARNING: This will DISABLE password authentication and only allow SSH keys!"
-elif [ "$current" == "no" ]; then
-    NEW_STATE="yes"
-    ACTION="ENABLE"
-    WARNING="DANGER: This will ENABLE password authentication, increasing brute-force risk!"
-else
-    echo "Error: Could not determine current state of $AUTH_LINE."
-    exit 1
+# Check if the script is run as root
+if [ "$EUID" -ne 0 ]; then
+  echo "Please run this script with sudo."
+  exit 1
 fi
 
-echo "---"
-echo "Current state of ${AUTH_LINE} is: **$current**"
-echo "$WARNING"
-read -r -p "Do you want to $ACTION password authentication? (y/N): " response
+echo "--- Static IP Configuration for k3OS ---"
 
-if [[ "$response" =~ ^([yY])$ ]]; then
-    echo "Applying changes..."
-    
-    # Use 'sed' for safe, idempotent change with a backup
-    # 1. Substitute any existing line with the new one.
-    sudo sed -i.bak -E "s/^\s*#?\s*${AUTH_LINE}\s+(yes|no)/${AUTH_LINE} ${NEW_STATE}/" "$SSH_CONFIG_FILE"
-    
-    # 2. If the line was missing or not matched (a rare edge case), ensure it is added
-    if ! grep -qE "^\s*${AUTH_LINE}\s+${NEW_STATE}" "$SSH_CONFIG_FILE" 2>/dev/null; then
-        echo "${AUTH_LINE} ${NEW_STATE}" | sudo tee -a "$SSH_CONFIG_FILE" > /dev/null
-    fi
+# --- 1. Automatically Detect Network Interface ---
+# The primary interface is typically the one associated with the default gateway.
+IFACE=$(ip route | grep default | awk '{print $5}' | head -n 1)
 
-    # Restart the SSH service
-    echo "Restarting sshd to apply the new configuration..."
-    if command -v systemctl &> /dev/null; then
-        sudo systemctl restart sshd || sudo systemctl restart ssh
-    elif [ -f /etc/init.d/sshd ]; then
-        sudo /etc/init.d/sshd restart
-    else
-        echo "Error: Could not find a command to restart the SSH service. Please restart it manually."
-        exit 1
-    fi
-    
-    # Final verification
-    new_current=$(get_current_state)
-    echo "Verification: New state of ${AUTH_LINE} is: **$new_current**"
-    if [ "$new_current" == "$NEW_STATE" ]; then
-        echo "SUCCESS: Configuration changed and service restarted."
-    else
-        echo "FAILURE: Configuration change failed to verify."
-    fi
+if [ -z "$IFACE" ]; then
+  echo "Error: Could not automatically detect a primary network interface."
+  echo "Please identify the correct interface name (e.g., eth0, enp0s3) and run the script again."
+  exit 1
+fi
 
+echo "Automatically detected primary interface: $IFACE"
+echo ""
+
+# --- 2. Prompt for IP Details ---
+read -p "Enter the Static IPv4 Address (e.g., 192.168.1.100): " IP_ADDR
+read -p "Enter the Netmask (e.g., 255.255.255.0): " NETMASK
+read -p "Enter the Gateway IP Address (e.g., 192.168.1.1): " GATEWAY
+read -p "Enter the Nameserver (e.g., 1.1.1.1): " NAMESERVERS
+
+# --- 3. Format ConnMan IPv4 String ---
+# ConnMan's IPv4 format: <IP>/<NETMASK_LONG>/<GATEWAY>
+IPV4_CONFIG="${IP_ADDR}/${NETMASK}/${GATEWAY}"
+
+# --- 4. Generate and Write Configuration File ---
+CONFIG_FILE="/var/lib/connman/default.config"
+
+# Create the file content
+CONNMAN_CONFIG="[service_${IFACE}]
+Type=ethernet
+IPv4=${IPV4_CONFIG}
+IPv6=off
+Nameservers=${NAMESERVERS}"
+
+echo ""
+echo "--- Generated Configuration ---"
+echo "$CONNMAN_CONFIG"
+echo "-------------------------------"
+
+# Write to the file
+echo "$CONNMAN_CONFIG" | sudo tee "$CONFIG_FILE" > /dev/null
+
+if [ $? -eq 0 ]; then
+  echo "Successfully wrote static IP configuration for **$IFACE** to $CONFIG_FILE"
+  echo "You must now **reboot** the system for the changes to take effect."
+  echo "   (Run: 'sudo reboot')"
 else
-    echo "Action cancelled by user."
+  echo "Error writing to $CONFIG_FILE. "
 fi
\ No newline at end of file