From 1d15d9b2d7ea8e363857b95b0ca3ebc2ad3e379d Mon Sep 17 00:00:00 2001 From: deflax Date: Tue, 12 Nov 2024 22:39:17 +0200 Subject: [PATCH] boilerplate --- .gitignore | 2 ++ README.md | 9 ++++++++ prepare-image.sh | 50 +++++++++++++++++++++++++++++++++++++++++++ src/firstboot.service | 14 ++++++++++++ src/setup.sh | 23 ++++++++++++++++++++ userconf.txt | 1 + 6 files changed, 99 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100755 prepare-image.sh create mode 100644 src/firstboot.service create mode 100755 src/setup.sh create mode 100644 userconf.txt diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..40fd14c --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +vcpi.img.xz + diff --git a/README.md b/README.md new file mode 100644 index 0000000..6b4c096 --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +1. Execute the `prepare-image.sh [image]` script as `root` where `[image]` is the url to raspiOS. + +2. Flash the `vcpi.img.xz` with for example Balena Etcher to a SD Card + +3. Boot Rpi on DHCP enabled network. The boot script should run `setup.sh` on first boot. + +4. Login using user: `pi` pass: `vcpi` + +5. Debug the initial setup process with `journalctl -u firstboot`. The `setup.sh` should be automatically renamed to `setup.sh.done` if setup is successful. diff --git a/prepare-image.sh b/prepare-image.sh new file mode 100755 index 0000000..e2915c7 --- /dev/null +++ b/prepare-image.sh @@ -0,0 +1,50 @@ +#!/bin/bash +# + +if [ -z "$1" ] + then + echo "No image name provided" + exit +fi + +#download source +curl $1 --output src.img.xz +xz -v -T 0 -d src.img.xz + +#setup +losetup -P /dev/loop8 src.img +mkdir -v /tmp/rpi-img +mount /dev/loop8p2 /tmp/rpi-img +mount /dev/loop8p1 /tmp/rpi-img/boot + +#enable ssh +touch /tmp/rpi-img/boot/ssh +cp -v userconf.txt /tmp/rpi-img/boot/userconf + +# pi user keys +mkdir /tmp/rpi-img/home/pi/.ssh +#echo "" > /tmp/rpi-img/home/pi/.ssh/authorized_keys +chown 1000:1000 /tmp/rpi-img/home/pi/.ssh +chown 1000:1000 /tmp/rpi-img/home/pi/.ssh/authorized_keys + +#provision scripts +cp -v ./src/setup.sh /tmp/rpi-img/root/setup.sh + +#setup autorun on first boot +cp -v ./src/firstboot.service /tmp/rpi-img/lib/systemd/system/firstboot.service +ln -v -s /lib/systemd/system/firstboot.service /tmp/rpi-img/etc/systemd/system/multi-user.target.wants + +#enable systemd-time-wait-sync +ln -v -s /lib/systemd/system/systemd-time-wait-sync.service /tmp/rpi-img/etc/systemd/system/sysinit.target.wants/systemd-time-wait-sync.service + +sync + +#cleanup +losetup -d /dev/loop8 +umount /tmp/rpi-img/boot +umount /tmp/rpi-img +rmdir -v /tmp/rpi-img + +#write image +xz -v -T 0 -z src.img +mv -v src.img.xz vcpi.img.xz diff --git a/src/firstboot.service b/src/firstboot.service new file mode 100644 index 0000000..4dcce91 --- /dev/null +++ b/src/firstboot.service @@ -0,0 +1,14 @@ +[Unit] +Description=FirstBoot +Wants=time-sync.target +Before=rc-local.service +After=network.target time-sync.target apt-daily.service apt-daily-upgrade.service +ConditionFileNotEmpty=/root/setup.sh + +[Service] +ExecStart=/root/setup.sh +Type=oneshot +RemainAfterExit=no + +[Install] +WantedBy=multi-user.target diff --git a/src/setup.sh b/src/setup.sh new file mode 100755 index 0000000..84a86bf --- /dev/null +++ b/src/setup.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# upgrade system +apt-get update +apt-get upgrade -y + +# setup apps +apt-get install htop + +# setup udev +echo "SUBSYSTEM==\"usb\", ENV{DEVTYPE}==\"usb_device\", MODE=\"0666\"" > /etc/udev/rules.d/50-udev-default.rules + +# setup firewall +apt-get install ufw -y +ufw allow ssh +ufw enable + +# cleanup +mv /root/setup.sh /root/setup.sh.done +chmod -x /root/setup.sh.done + +echo "done :)" +exit 0 \ No newline at end of file diff --git a/userconf.txt b/userconf.txt new file mode 100644 index 0000000..acb9d87 --- /dev/null +++ b/userconf.txt @@ -0,0 +1 @@ +pi:$6$J3VR90uJ/TxGhcPf$OzVHJSqmGWsJlDFxCumcwftgv2okaHZlbrTyu5MX0YXKrDrVxMxsexbroXUt5CkSu0xedQAcfvHm5CDpkiiDu0 \ No newline at end of file