feat: update preflight for macvlan networking

Add macvlan vars to REQUIRED_VARS. Replace port-free checks (13/14)
with container IP availability check that pings requested IPs to
verify they're not already in use on the LAN.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

preflight.sh

@@ -240,6 +240,10 @@ fi
 REQUIRED_VARS=(
   UNRAID_IP UNRAID_SSH_USER UNRAID_GITEA_DATA_PATH
   FEDORA_IP FEDORA_SSH_USER FEDORA_GITEA_DATA_PATH
+  UNRAID_MACVLAN_PARENT UNRAID_MACVLAN_SUBNET UNRAID_MACVLAN_GATEWAY
+  UNRAID_MACVLAN_IP_RANGE UNRAID_GITEA_IP UNRAID_CADDY_IP
+  FEDORA_MACVLAN_PARENT FEDORA_MACVLAN_SUBNET FEDORA_MACVLAN_GATEWAY
+  FEDORA_MACVLAN_IP_RANGE FEDORA_GITEA_IP FEDORA_CADDY_IP
   GITEA_ADMIN_USER GITEA_ADMIN_PASSWORD GITEA_ADMIN_EMAIL
   GITEA_ORG_NAME GITEA_INSTANCE_NAME
   GITEA_DOMAIN GITEA_INTERNAL_URL
@@ -388,76 +392,27 @@ if ! check_compose_fedora 2>/dev/null; then
 fi
 
 # ---------------------------------------------------------------------------
-# Check 13: Port free on Unraid
-# Uses ss (socket statistics) to check if any process is listening on the port.
-# The ! negates the grep — we PASS if the port is NOT found in use.
-# Skipped when --skip-port-checks is set (e.g. resuming with --start-from
-# after phases 1-2 have Gitea already running on these ports).
+# Check 13: Container IPs not already in use
+# Ping the requested macvlan IPs to verify they're available.
+# Skipped when --skip-port-checks is set (containers may already be running).
 # ---------------------------------------------------------------------------
 if [[ "$SKIP_PORT_CHECKS" == "true" ]]; then
-  log_info "[13] Port ${UNRAID_GITEA_PORT:-3000} free on Unraid — SKIPPED (--skip-port-checks)"
-  log_info "[14] Port ${FEDORA_GITEA_PORT:-3000} free on Fedora — SKIPPED (--skip-port-checks)"
+  log_info "[13] Container IP availability — SKIPPED (--skip-port-checks)"
 else
-  check_port_unraid() {
-    local port="${UNRAID_GITEA_PORT:-3000}"
-    local ss_output
-    local grep_rc
-
-    # Fail closed on SSH/remote command errors.
-    ss_output=$(ssh_exec UNRAID "ss -tlnp" 2>/dev/null) || return 1
-
-    # grep exit codes:
-    #   0 => match found (port in use)    => FAIL check
-    #   1 => no match (port free)         => PASS check
-    #   >1 => grep error                  => FAIL check
-    if printf '%s\n' "$ss_output" | grep -q ":${port} "; then
-      grep_rc=0
-    else
-      grep_rc=$?
+  check_ips_available() {
+    local fail=0
+    for ip_var in UNRAID_GITEA_IP UNRAID_CADDY_IP FEDORA_GITEA_IP FEDORA_CADDY_IP; do
+      local ip="${!ip_var:-}"
+      [[ -z "$ip" ]] && continue
+      # ping -c1 -W1: one packet, 1-second timeout
+      if ping -c1 -W1 "$ip" &>/dev/null; then
+        log_warn "  → $ip_var ($ip) is already responding to ping (may be in use)"
+        fail=1
       fi
-
-    case "$grep_rc" in
-      0) return 1 ;;
-      1) return 0 ;;
-      *) return 1 ;;
-    esac
+    done
+    return "$fail"
   }
-  check 13 "Port ${UNRAID_GITEA_PORT:-3000} free on Unraid" check_port_unraid
-  if ! check_port_unraid 2>/dev/null; then
-    log_error "  → Port check failed or port ${UNRAID_GITEA_PORT:-3000} is already in use on Unraid."
-  fi
-
-  # ---------------------------------------------------------------------------
-  # Check 14: Port free on Fedora
-  # ---------------------------------------------------------------------------
-  check_port_fedora() {
-    local port="${FEDORA_GITEA_PORT:-3000}"
-    local ss_output
-    local grep_rc
-
-    # Fail closed on SSH/remote command errors.
-    ss_output=$(ssh_exec FEDORA "ss -tlnp" 2>/dev/null) || return 1
-
-    # grep exit codes:
-    #   0 => match found (port in use)    => FAIL check
-    #   1 => no match (port free)         => PASS check
-    #   >1 => grep error                  => FAIL check
-    if printf '%s\n' "$ss_output" | grep -q ":${port} "; then
-      grep_rc=0
-    else
-      grep_rc=$?
-    fi
-
-    case "$grep_rc" in
-      0) return 1 ;;
-      1) return 0 ;;
-      *) return 1 ;;
-    esac
-  }
-  check 14 "Port ${FEDORA_GITEA_PORT:-3000} free on Fedora" check_port_fedora
-  if ! check_port_fedora 2>/dev/null; then
-    log_error "  → Port check failed or port ${FEDORA_GITEA_PORT:-3000} is already in use on Fedora."
-  fi
+  check 13 "Container IPs not already in use" check_ips_available
 fi
 
 # ---------------------------------------------------------------------------