core: implement gateway validation for DHCP and static networks

Add validation for gateway settings based on network type.

ct/vaultwarden.sh

@@ -37,11 +37,6 @@ function update_script() {
     "2" "Set Admin Token")
 
   if [ "$UPD" == "1" ]; then
-    INSTALLED_VERSION="$(/opt/vaultwarden/bin/vaultwarden --version 2>/dev/null | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' | head -n1)"
-    if [[ -n "$INSTALLED_VERSION" ]] &&
-      ! grep -qxF "$INSTALLED_VERSION" "$HOME/.vaultwarden" 2>/dev/null; then
-      printf '%s\n' "$INSTALLED_VERSION" >"$HOME/.vaultwarden"
-    fi
     if check_for_gh_release "vaultwarden" "dani-garcia/vaultwarden"; then
       msg_info "Stopping Service"
       systemctl stop vaultwarden

misc/build.func

@@ -979,6 +979,20 @@ base_settings() {
 
   IPV6_METHOD=${var_ipv6_method:-"none"}
   GATE=${var_gateway:-""}
+
+  # Guard against invalid gateway combinations from defaults/app vars:
+  # - DHCP must not force a static gateway
+  # - Static IPv4 must use a gateway in the same subnet
+  if [[ "$NET" == "dhcp" && -n "$GATE" ]]; then
+    msg_warn "Ignoring var_gateway '$GATE' because var_net is 'dhcp'"
+    GATE=""
+  elif [[ "$NET" != "dhcp" && -n "$GATE" ]]; then
+    if ! validate_gateway_in_subnet "$NET" "$GATE"; then
+      msg_warn "Ignoring var_gateway '$GATE' because it is not in subnet of var_net '$NET'"
+      GATE=""
+    fi
+  fi
+
   APT_CACHER=${var_apt_cacher:-""}
   APT_CACHER_IP=${var_apt_cacher_ip:-""}