fix : changelog plus readme a jour

RebuildBdd/bootstrap-target-host.sh

@@ -221,6 +221,14 @@ if [[ -n "$TARGET_REPO_SUBDIR" ]]; then
   fi
 fi
 
+for critical_dir in "$TARGET_CLONE_DIR" "$TARGET_SCRIPT_DIR" "$TARGET_REPO_DIR"; do
+  [[ -n "$critical_dir" ]] || fail "répertoire critique vide"
+  [[ "$critical_dir" != "/" ]] || fail "répertoire critique dangereux refusé : $critical_dir"
+  [[ "$critical_dir" != "/root" ]] || fail "répertoire critique dangereux refusé : $critical_dir"
+  [[ "$critical_dir" != "/home" ]] || fail "répertoire critique dangereux refusé : $critical_dir"
+  [[ ! "$critical_dir" =~ ^/home/[^/]+$ ]] || fail "répertoire critique dangereux refusé : $critical_dir"
+done
+
 [[ -n "$TARGET_ENV_NAME_VALUE" ]] || fail "TARGET_ENV_NAME manquante"
 [[ -n "$TARGET_PGHOST_VALUE" ]] || fail "TARGET_PGHOST/GLOBAL_PGHOST manquant"
 [[ -n "$TARGET_PGPORT_VALUE" ]] || fail "TARGET_PGPORT/GLOBAL_PGPORT manquant"
@@ -258,7 +266,7 @@ SSH_OPTS=(
   -p "$BOOTSTRAP_PORT"
   -o IdentitiesOnly=yes
   -o BatchMode=yes
-  -o StrictHostKeyChecking=accept-new
+  -o StrictHostKeyChecking=yes
   -o ConnectTimeout=8
 )
 
@@ -339,6 +347,7 @@ BACKUP_LOG_DIR=$(shell_quote "$TARGET_BACKUP_LOG_DIR_VALUE")
 LOCAL_RESTORE_BASE_DIR=$(shell_quote "$TARGET_LOCAL_RESTORE_BASE_DIR_VALUE")
 REMOTE_ROLES_DIR_NAME=$(shell_quote "$TARGET_REMOTE_ROLES_DIR_NAME_VALUE")
 SSH_KEY=$(shell_quote "$TARGET_SSH_KEY_VALUE")
+BACKUP_KNOWN_HOSTS_STRICT=$(shell_quote "$TARGET_BACKUP_KNOWN_HOSTS_STRICT_VALUE")
 
 AUTO_INSTALL_POSTGRES=$(shell_quote "$TARGET_AUTO_INSTALL_POSTGRES_VALUE")
 AUTO_CREATE_PGUSER=$(shell_quote "$TARGET_AUTO_CREATE_PGUSER_VALUE")
@@ -385,6 +394,10 @@ if ! command -v ssh-keyscan >/dev/null 2>&1; then
 fi
 
 if ! ssh-keygen -F $(shell_quote "$TARGET_BACKUP_REMOTE_HOST_VALUE") -f $(shell_quote "$REMOTE_KNOWN_HOSTS") >/dev/null 2>&1; then
+  if [[ $(shell_quote "$STRICT_OPTION") == yes ]]; then
+    echo 'hôte backup absent de known_hosts en mode strict ; empreinte à provisionner manuellement' >&2
+    exit 1
+  fi
   ssh-keyscan -p $(shell_quote "$TARGET_BACKUP_REMOTE_SSH_PORT_VALUE") -H $(shell_quote "$TARGET_BACKUP_REMOTE_HOST_VALUE") >> $(shell_quote "$REMOTE_KNOWN_HOSTS") 2>/dev/null
 fi
 "
@@ -488,6 +501,10 @@ REMOTE_REPO_CMD="
 set -euo pipefail
 
 if [[ ! -d $(shell_quote "${TARGET_CLONE_DIR}/.git") ]]; then
+  if [[ $(shell_quote "$TARGET_CLONE_DIR") == / || $(shell_quote "$TARGET_CLONE_DIR") == /root || $(shell_quote "$TARGET_CLONE_DIR") == /home || $(shell_quote "$TARGET_CLONE_DIR") =~ ^/home/[^/]+$ ]]; then
+    echo 'TARGET_CLONE_DIR dangereux refusé' >&2
+    exit 1
+  fi
   rm -rf $(shell_quote "$TARGET_CLONE_DIR")
   git clone --branch $(shell_quote "$TARGET_REPO_BRANCH") --single-branch $(shell_quote "$TARGET_REPO_URL") $(shell_quote "$TARGET_CLONE_DIR")
 else