From ffdd76098f640936127459aebab79fa421bdda5a Mon Sep 17 00:00:00 2001 From: Logan Gartner Date: Wed, 12 Aug 2020 02:06:56 -0600 Subject: [PATCH] Removed old files, first-time improvements Removed the stupid Mathematica EULA agreement Added screen timeout adjustments Shuffled files around to more appropriate places Added a TODO file so that I can keep track of stuff to add OctoPrint account is now a system account and cannnot be logged into First-time is now in profile.d. It is now ran by getty which automatically logs in as root on first boot and then runs the script First-time now uses chpasswd instead of passwd (passwd is shit for this) --- TODO.md | 12 +++ stage1/01-sys-tweaks/files/.xprofile | 4 +- stage2/03-accept-mathematica-eula/00-debconf | 2 - stage2/04-octoprint/01-run.sh | 3 - stage2/04-octoprint/files/first-time.service | 10 --- stage2/04-octoprint/files/first-time.sh | 52 ------------ stage2/04-octoprint/files/octoprint.service | 1 - stage2/05-firsttime/00-run.sh | 11 +++ stage2/05-firsttime/files/first-time.sh | 85 ++++++++++++++++++++ 9 files changed, 111 insertions(+), 69 deletions(-) create mode 100644 TODO.md delete mode 100644 stage2/03-accept-mathematica-eula/00-debconf delete mode 100644 stage2/04-octoprint/files/first-time.service delete mode 100755 stage2/04-octoprint/files/first-time.sh create mode 100755 stage2/05-firsttime/00-run.sh create mode 100755 stage2/05-firsttime/files/first-time.sh diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..674cb2d --- /dev/null +++ b/TODO.md @@ -0,0 +1,12 @@ +# TODO: + +## First time/Octo-Config +- Change OctoPrint listening address and port +- Change frontend listening address and port + +## Frontend +- Autodetect OctoPrint port if hosted locally + +## Misc +- 64 bit builds +- More security diff --git a/stage1/01-sys-tweaks/files/.xprofile b/stage1/01-sys-tweaks/files/.xprofile index 5d3d1f9..6f148a0 100644 --- a/stage1/01-sys-tweaks/files/.xprofile +++ b/stage1/01-sys-tweaks/files/.xprofile @@ -1 +1,3 @@ -exec openbox-session +xset s 0 +xset -dpms +exec openbox-session diff --git a/stage2/03-accept-mathematica-eula/00-debconf b/stage2/03-accept-mathematica-eula/00-debconf deleted file mode 100644 index d9743fe..0000000 --- a/stage2/03-accept-mathematica-eula/00-debconf +++ /dev/null @@ -1,2 +0,0 @@ -# Do you accept the Wolfram - Raspberry PiĀ® Bundle License Agreement? -wolfram-engine shared/accepted-wolfram-eula boolean true diff --git a/stage2/04-octoprint/01-run.sh b/stage2/04-octoprint/01-run.sh index 004933a..b6546b1 100755 --- a/stage2/04-octoprint/01-run.sh +++ b/stage2/04-octoprint/01-run.sh @@ -1,12 +1,9 @@ #!/bin/bash -e install -m 644 files/octoprint.service ${ROOTFS_DIR}/etc/systemd/system/octoprint.service -install -m 644 files/first-time.service ${ROOTFS_DIR}/etc/systemd/system/first-time.service -install -m 755 files/first-time.sh ${ROOTFS_DIR}/usr/local/bin/first-time.sh on_chroot << EOF systemctl set-default multi-user.target -systemctl enable first-time if ! pip list | grep -F octoprint; then if [ -d /home/octoprint ]; then cd /home/octoprint || exit 1 diff --git a/stage2/04-octoprint/files/first-time.service b/stage2/04-octoprint/files/first-time.service deleted file mode 100644 index 060cea3..0000000 --- a/stage2/04-octoprint/files/first-time.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Raspberry Pi first time setup - -[Service] -Type=simple -ExecStart=/usr/local/bin/first-time.sh - -[Install] -WantedBy=multi-user.target - diff --git a/stage2/04-octoprint/files/first-time.sh b/stage2/04-octoprint/files/first-time.sh deleted file mode 100755 index 6f6f3a2..0000000 --- a/stage2/04-octoprint/files/first-time.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/bash - -change_password () { - local PASSWORD="$(whiptail --title "Change Password" --passwordbox "Enter new password for user \"pi\"" 10 50 3>&1 1>&2 2>&3)" - if [[ $? != 0 ]]; then return 1; fi - if [[ "$PASSWORD" == "raspberry" ]]; then - whiptail --title "Change Password" --msgbox "That password sucks. Please use a different one :)" 10 50 - change_password - return 0 - fi - if [[ "$(whiptail --passwordbox "Confirm new password for user \"pi\"" 10 50 3>&1 1>&2 2>&3)" == "$PASSWORD" ]]; then - if [[ $? != 0 ]]; then return 1; fi - echo -e "$PASSWORD\n$PASSWORD" | passwd pi - else - whiptail --title "Change Password" --msgbox "Passwords did not match!" 10 50 - change_password - return 0 - fi - local OCTOPASS="$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c20)" - echo -e "$OCTOPASS\n$OCTOPASS" | passwd octoprint - local ROOTPASS="$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c20)" - echo -e "$ROOTPASS\n$ROOTPASS" | passwd root - unset OCTOPASS - unset ROOTPASS - unset PASSWORD -} - -service_select () { - local SERVICE_MENU=$(whiptail --title "Select services" --checklist "Enable/disable services" 0 0 0 \ - "OctoPrint" "" ON \ - "GUI" "" ON \ - "SSH" "" OFF 3>&1 1>&2 2>&3) - SERVICE_MENU=($SERVICE_MENU) - - for i in "${SERVICE_MENU[@]}"; do - case $i in - "OctoPrint") systemctl enable octoprint ;; - "GUI") systemctl set-default graphical.target ;; - "SSH") - ssh-keygen -A - systemctl enable sshd ;; - esac - done -} - -nmtui -configure_password || exit 1 -service_select || exit 1 -systemctl disable first-time || exit 1 -rm /etc/systemd/system/first-time.service -reboot - diff --git a/stage2/04-octoprint/files/octoprint.service b/stage2/04-octoprint/files/octoprint.service index 08c3b66..2be41af 100644 --- a/stage2/04-octoprint/files/octoprint.service +++ b/stage2/04-octoprint/files/octoprint.service @@ -4,7 +4,6 @@ Description=OctoPrint Daemon [Service] Type=simple User=octoprint -Group=octoprint ExecStart=/home/octoprint/OctoPrint/venv/bin/octoprint serve [Install] diff --git a/stage2/05-firsttime/00-run.sh b/stage2/05-firsttime/00-run.sh new file mode 100755 index 0000000..01edd25 --- /dev/null +++ b/stage2/05-firsttime/00-run.sh @@ -0,0 +1,11 @@ +#!/bin/bash -e + +install -m 755 files/first-time.sh ${ROOTFS_DIR}/etc/profile.d/first-time.sh + +mkdir -p ${ROOTFS_DIR}/etc/systemd/system/getty@tty1.service.d/ +cat > ${ROOTFS_DIR}/etc/systemd/system/getty@tty1.service.d/override.conf << 'EOF' +[Service] +ExecStart= +ExecStart=-/usr/sbin/agetty --autologin root --noclear %I $TERM +EOF + diff --git a/stage2/05-firsttime/files/first-time.sh b/stage2/05-firsttime/files/first-time.sh new file mode 100755 index 0000000..83ec0a8 --- /dev/null +++ b/stage2/05-firsttime/files/first-time.sh @@ -0,0 +1,85 @@ +#!/bin/bash + +if [ "$EUID" -ne 0 ]; then + echo "This image has not been configured properly. Please complain to Logan" + exit 1 +fi + +change_password () { + local PASSWORD="$(whiptail --title "Change Password" --nocancel --passwordbox "Enter new password for user \"pi\"" 10 50 3>&1 1>&2 2>&3)" + if [[ $? != 0 ]]; then return 1; fi + if [[ "$PASSWORD" == "raspberry" ]]; then + whiptail --title "Change Password" --nocancel --msgbox "That password sucks. Please use a different one :)" 10 50 + change_password + return 0 + fi + if [[ "$(whiptail --nocancel --passwordbox "Confirm new password for user \"pi\"" 10 50 3>&1 1>&2 2>&3)" == "$PASSWORD" ]]; then + if [[ $? != 0 ]]; then return 1; fi + echo -e "pi:$PASSWORD" | chpasswd + else + whiptail --title "Change Password" --nocancel --msgbox "Passwords did not match!" 10 50 + change_password + return 0 + fi + local OCTOPASS="$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c20)" + echo -e "octoprint:$OCTOPASS" | chpasswd + local ROOTPASS="$(cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c20)" + echo -e "root:$ROOTPASS" | chpasswd + unset OCTOPASS + unset ROOTPASS + unset PASSWORD +} + +service_select () { + local SERVICE_MENU=$(whiptail --separate-output --nocancel --title "Select services" --checklist "Enable/disable services" 0 0 0 \ + "1" "OctoPrint" ON \ + "2" "GUI" ON \ + "3" "SSH" OFF 3>&1 1>&2 2>&3) + SERVICE_MENU=($SERVICE_MENU) + + for i in "${SERVICE_MENU[@]}"; do + case $i in + "1") systemctl enable octoprint ;; + "2") systemctl set-default graphical.target ;; + "3") + ssh-keygen -A + systemctl enable sshd ;; + esac + done +} + +screen_timeout() { + local TIMEOUT=$(whiptail --nocancel --title "Screen Timeout" --inputbox "Input your desired screen timeout in seconds.\nEnter \"off\" to disable the screen timeout." "0" 10 50 "0" 3>&1 1>&2 2>&3) + cat > /home/pi/.xprofile << EOF + xset s ${TIMEOUT} + xset -dpms + exec openbox-session +EOF +} + +: << EOF +main_menu () { + local MAINMENU=$(whiptail --separate-output --nocancel --title "Pi Setup" --menu "" 10 50 0 \ + "1" "Setup Networking" \ + "2" "Configure services" \ + "3" "Configure screen timeout" \ + "4" "Exit" 3>&1 1>&2 2>&3) + + case $MAINMENU in + "1") nmtui; main_menu; return 0;; + "2") service_select; main_menu; return 0;; + "3") screen_timeout; main_menu; return 0;; + "4") return 0;; + esac +} +EOF + +change_password || exit 1 +whiptail --title "Network Configuration" --nocancel --msgbox "Setup will now open nmtui, a program to help configure your ethernet/wireless interfaces. Hit Quit when you are done." 10 50 +nmtui +service_select || exit 1 +screen_timeout || exit 1 +rm /etc/systemd/system/getty@tty1.service.d/override.conf +rm /etc/profile.d/first-time.sh +reboot +