From 8502100074b85276e14ef3f2ca468c06f76b1410 Mon Sep 17 00:00:00 2001
From: Michael Chus <mike@mchus.pro>
Date: Thu, 5 Mar 2026 14:59:23 +0300
Subject: [PATCH] =?UTF-8?q?fix:=20dropbear/network=20boot=20ordering=20?=
 =?UTF-8?q?=E2=80=94=20dropbear=20starts=20without=20network?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- dropbear: custom init removes 'need net', only needs localmount + bee-sshsetup
- bee-network: removed 'before dropbear' dependency
- bee-network.sh: removed set -e so single iface failure does not abort script
---
 iso/builder/genapkovl-bee_debug.sh            |  3 ++
 iso/overlay-debug/etc/init.d/bee-network      |  1 -
 iso/overlay-debug/etc/init.d/dropbear         | 37 +++++++++++++++++++
 .../usr/local/bin/bee-network.sh              |  2 -
 4 files changed, 40 insertions(+), 3 deletions(-)
 create mode 100755 iso/overlay-debug/etc/init.d/dropbear

diff --git a/iso/builder/genapkovl-bee_debug.sh b/iso/builder/genapkovl-bee_debug.sh
index 0f06a43..962e32d 100755
--- a/iso/builder/genapkovl-bee_debug.sh
+++ b/iso/builder/genapkovl-bee_debug.sh
@@ -82,8 +82,11 @@ if [ -d "$OVERLAY/root" ]; then
 fi
 
 mkdir -p "$tmp/etc/dropbear" "$tmp/etc/conf.d"
+# -R: auto-generate host keys if missing
+# no dependency on networking service — bee-network handles DHCP independently
 makefile root:root 0644 "$tmp/etc/conf.d/dropbear" <<EOF
 DROPBEAR_OPTS="-R"
 EOF
 
+
 tar -c -C "$tmp" etc usr root 2>/dev/null | gzip -9n > "$HOSTNAME.apkovl.tar.gz"
diff --git a/iso/overlay-debug/etc/init.d/bee-network b/iso/overlay-debug/etc/init.d/bee-network
index 6fe7d53..41ac66f 100644
--- a/iso/overlay-debug/etc/init.d/bee-network
+++ b/iso/overlay-debug/etc/init.d/bee-network
@@ -5,7 +5,6 @@ description="Bee: bring up network interfaces via DHCP"
 depend() {
     need localmount
     before bee-audit-debug
-    before dropbear
 }
 
 start() {
diff --git a/iso/overlay-debug/etc/init.d/dropbear b/iso/overlay-debug/etc/init.d/dropbear
new file mode 100755
index 0000000..d00e07c
--- /dev/null
+++ b/iso/overlay-debug/etc/init.d/dropbear
@@ -0,0 +1,37 @@
+#!/sbin/openrc-run
+
+description="Dropbear SSH server"
+
+depend() {
+    need localmount
+    after bee-sshsetup
+    use logger
+}
+
+check_config() {
+    if [ ! -e /etc/dropbear/dropbear_rsa_host_key ]; then
+        einfo "Generating RSA host key..."
+        /usr/bin/dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
+    fi
+    if [ ! -e /etc/dropbear/dropbear_ecdsa_host_key ]; then
+        einfo "Generating ECDSA host key..."
+        /usr/bin/dropbearkey -t ecdsa -f /etc/dropbear/dropbear_ecdsa_host_key
+    fi
+    if [ ! -e /etc/dropbear/dropbear_ed25519_host_key ]; then
+        einfo "Generating ED25519 host key..."
+        /usr/bin/dropbearkey -t ed25519 -f /etc/dropbear/dropbear_ed25519_host_key
+    fi
+}
+
+start() {
+    check_config || return 1
+    ebegin "Starting dropbear"
+    /usr/sbin/dropbear ${DROPBEAR_OPTS}
+    eend $?
+}
+
+stop() {
+    ebegin "Stopping dropbear"
+    start-stop-daemon --stop --pidfile /var/run/dropbear.pid
+    eend $?
+}
diff --git a/iso/overlay-debug/usr/local/bin/bee-network.sh b/iso/overlay-debug/usr/local/bin/bee-network.sh
index 70c82ad..2670b0d 100644
--- a/iso/overlay-debug/usr/local/bin/bee-network.sh
+++ b/iso/overlay-debug/usr/local/bin/bee-network.sh
@@ -2,8 +2,6 @@
 # bee-network.sh — bring up all physical network interfaces via DHCP
 # Unattended: runs silently, logs results, never blocks.
 
-set -e
-
 LOG_PREFIX="bee-network"
 
 log() { echo "[$LOG_PREFIX] $*"; }