boilerplate

2024-11-12 22:39:17 +02:00 · 2024-11-12 22:39:17 +02:00 · 1d15d9b2d7
commit 1d15d9b2d7
6 changed files with 99 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+vcpi.img.xz
+
--- a/README.md
+++ b/README.md
@ -0,0 +1,9 @@
+1. Execute the `prepare-image.sh [image]` script as `root` where `[image]` is the url to raspiOS.
+
+2. Flash the `vcpi.img.xz` with for example Balena Etcher to a SD Card
+
+3. Boot Rpi on DHCP enabled network. The boot script should run `setup.sh` on first boot.
+
+4. Login using user: `pi` pass: `vcpi`
+
+5. Debug the initial setup process with `journalctl -u firstboot`. The `setup.sh` should be automatically renamed to `setup.sh.done` if setup is successful.
--- a/prepare-image.sh
+++ b/prepare-image.sh
@ -0,0 +1,50 @@
+#!/bin/bash
+#
+
+if [ -z "$1" ]
+  then
+    echo "No image name provided"
+    exit
+fi
+
+#download source
+curl $1 --output src.img.xz
+xz -v -T 0 -d src.img.xz
+
+#setup
+losetup -P /dev/loop8 src.img
+mkdir -v /tmp/rpi-img
+mount /dev/loop8p2 /tmp/rpi-img
+mount /dev/loop8p1 /tmp/rpi-img/boot
+
+#enable ssh
+touch /tmp/rpi-img/boot/ssh
+cp -v userconf.txt /tmp/rpi-img/boot/userconf
+
+# pi user keys
+mkdir /tmp/rpi-img/home/pi/.ssh
+#echo "" > /tmp/rpi-img/home/pi/.ssh/authorized_keys
+chown 1000:1000 /tmp/rpi-img/home/pi/.ssh
+chown 1000:1000 /tmp/rpi-img/home/pi/.ssh/authorized_keys
+
+#provision scripts
+cp -v ./src/setup.sh /tmp/rpi-img/root/setup.sh
+
+#setup autorun on first boot
+cp -v ./src/firstboot.service /tmp/rpi-img/lib/systemd/system/firstboot.service
+ln -v -s /lib/systemd/system/firstboot.service /tmp/rpi-img/etc/systemd/system/multi-user.target.wants
+
+#enable systemd-time-wait-sync
+ln -v -s /lib/systemd/system/systemd-time-wait-sync.service /tmp/rpi-img/etc/systemd/system/sysinit.target.wants/systemd-time-wait-sync.service
+
+sync
+
+#cleanup
+losetup -d /dev/loop8
+umount /tmp/rpi-img/boot
+umount /tmp/rpi-img
+rmdir -v /tmp/rpi-img
+
+#write image
+xz -v -T 0 -z src.img
+mv -v src.img.xz vcpi.img.xz
--- a/src/firstboot.service
+++ b/src/firstboot.service
@ -0,0 +1,14 @@
+[Unit]
+Description=FirstBoot
+Wants=time-sync.target
+Before=rc-local.service
+After=network.target time-sync.target apt-daily.service apt-daily-upgrade.service 
+ConditionFileNotEmpty=/root/setup.sh
+
+[Service]
+ExecStart=/root/setup.sh
+Type=oneshot
+RemainAfterExit=no
+
+[Install]
+WantedBy=multi-user.target
--- a/src/setup.sh
+++ b/src/setup.sh
@ -0,0 +1,23 @@
+#!/bin/bash
+
+# upgrade system
+apt-get update
+apt-get upgrade -y
+
+# setup apps
+apt-get install htop
+
+# setup udev
+echo "SUBSYSTEM==\"usb\", ENV{DEVTYPE}==\"usb_device\", MODE=\"0666\"" > /etc/udev/rules.d/50-udev-default.rules
+
+# setup firewall
+apt-get install ufw -y
+ufw allow ssh
+ufw enable
+
+# cleanup
+mv /root/setup.sh /root/setup.sh.done
+chmod -x /root/setup.sh.done
+	
+echo "done :)"
+exit 0
--- a/userconf.txt
+++ b/userconf.txt
@ -0,0 +1 @@
+pi:$6$J3VR90uJ/TxGhcPf$OzVHJSqmGWsJlDFxCumcwftgv2okaHZlbrTyu5MX0YXKrDrVxMxsexbroXUt5CkSu0xedQAcfvHm5CDpkiiDu0
				`@ -0,0 +1 @@`
				`pi:$6$J3VR90uJ/TxGhcPf$OzVHJSqmGWsJlDFxCumcwftgv2okaHZlbrTyu5MX0YXKrDrVxMxsexbroXUt5CkSu0xedQAcfvHm5CDpkiiDu0`