Compare commits
No commits in common. "015e7a1c77741524c4dbaafa3367bec835522307" and "87ebff5bcaa42c7d34e4f0cddb340494380f1d1c" have entirely different histories.
015e7a1c77
...
87ebff5bca
11 changed files with 19 additions and 115 deletions
|
@ -1,5 +1,4 @@
|
||||||
ARG BASE_IMAGE=debian:buster
|
FROM debian:buster
|
||||||
FROM ${BASE_IMAGE}
|
|
||||||
|
|
||||||
ENV DEBIAN_FRONTEND noninteractive
|
ENV DEBIAN_FRONTEND noninteractive
|
||||||
|
|
||||||
|
|
|
@ -1,16 +1,16 @@
|
||||||
# pi-gen
|
# pi-gen
|
||||||
|
|
||||||
Tool used to create Raspberry Pi OS images. (Previously known as Raspbian).
|
_Tool used to create the raspberrypi.org Raspbian images_
|
||||||
|
|
||||||
|
|
||||||
## Dependencies
|
## Dependencies
|
||||||
|
|
||||||
pi-gen runs on Debian-based operating systems. Currently it is only supported on
|
pi-gen runs on Debian based operating systems. Currently it is only supported on
|
||||||
either Debian Buster or Ubuntu Xenial and is known to have issues building on
|
either Debian Buster or Ubuntu Xenial and is known to have issues building on
|
||||||
earlier releases of these systems. On other Linux distributions it may be possible
|
earlier releases of these systems. On other Linux distributions it may be possible
|
||||||
to use the Docker build described below.
|
to use the Docker build described below.
|
||||||
|
|
||||||
To install the required dependencies for `pi-gen` you should run:
|
To install the required dependencies for pi-gen you should run:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
apt-get install coreutils quilt parted qemu-user-static debootstrap zerofree zip \
|
apt-get install coreutils quilt parted qemu-user-static debootstrap zerofree zip \
|
||||||
|
@ -68,7 +68,7 @@ The following environment variables are supported:
|
||||||
system for each build stage, amounting to tens of gigabytes in the case of
|
system for each build stage, amounting to tens of gigabytes in the case of
|
||||||
Raspbian.
|
Raspbian.
|
||||||
|
|
||||||
**CAUTION**: If your working directory is on an NTFS partition you probably won't be able to build: make sure this is a proper Linux filesystem.
|
**CAUTION**: If your working directory is on an NTFS partition you probably won't be able to build. Make sure this is a proper Linux filesystem.
|
||||||
|
|
||||||
* `DEPLOY_DIR` (Default: `"$BASE_DIR/deploy"`)
|
* `DEPLOY_DIR` (Default: `"$BASE_DIR/deploy"`)
|
||||||
|
|
||||||
|
@ -124,24 +124,12 @@ The following environment variables are supported:
|
||||||
|
|
||||||
* `WPA_ESSID`, `WPA_PASSWORD` and `WPA_COUNTRY` (Default: unset)
|
* `WPA_ESSID`, `WPA_PASSWORD` and `WPA_COUNTRY` (Default: unset)
|
||||||
|
|
||||||
If these are set, they are use to configure `wpa_supplicant.conf`, so that the Raspberry Pi can automatically connect to a wireless network on first boot. If `WPA_ESSID` is set and `WPA_PASSWORD` is unset an unprotected wireless network will be configured. If set, `WPA_PASSWORD` must be between 8 and 63 characters.
|
If these are set, they are use to configure `wpa_supplicant.conf`, so that the Raspberry Pi can automatically connect to a wifi network on first boot. If `WPA_ESSID` is set and `WPA_PASSWORD` is unset an unprotected wifi network will be configured. If set, `WPA_PASSWORD` must be between 8 and 63 characters.
|
||||||
|
|
||||||
* `ENABLE_SSH` (Default: `0`)
|
* `ENABLE_SSH` (Default: `0`)
|
||||||
|
|
||||||
Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you Raspberry Pi.
|
Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you Raspberry Pi.
|
||||||
|
|
||||||
* `PUBKEY_SSH_FIRST_USER` (Default: unset)
|
|
||||||
|
|
||||||
Setting this to a value will make that value the contents of the FIRST_USER_NAME's ~/.ssh/authorized_keys. Obviously the value should
|
|
||||||
therefore be a valid authorized_keys file. Note that this does not
|
|
||||||
automatically enable SSH.
|
|
||||||
|
|
||||||
* `PUBKEY_ONLY_SSH` (Default: `0`)
|
|
||||||
|
|
||||||
* Setting to `1` will disable password authentication for SSH and enable
|
|
||||||
public key authentication. Note that if SSH is not enabled this will take
|
|
||||||
effect when SSH becomes enabled.
|
|
||||||
|
|
||||||
* `STAGE_LIST` (Default: `stage*`)
|
* `STAGE_LIST` (Default: `stage*`)
|
||||||
|
|
||||||
If set, then instead of working through the numeric stages in order, this list will be followed. For example setting to `"stage0 stage1 mystage stage2"` will run the contents of `mystage` before stage2. Note that quotes are needed around the list. An absolute or relative path can be given for stages outside the pi-gen directory.
|
If set, then instead of working through the numeric stages in order, this list will be followed. For example setting to `"stage0 stage1 mystage stage2"` will run the contents of `mystage` before stage2. Note that quotes are needed around the list. An absolute or relative path can be given for stages outside the pi-gen directory.
|
||||||
|
@ -276,7 +264,7 @@ maintenance and allows for more easy customization.
|
||||||
|
|
||||||
- **Stage 2** - lite system. This stage produces the Raspbian-Lite image. It
|
- **Stage 2** - lite system. This stage produces the Raspbian-Lite image. It
|
||||||
installs some optimized memory functions, sets timezone and charmap
|
installs some optimized memory functions, sets timezone and charmap
|
||||||
defaults, installs fake-hwclock and ntp, wireless LAN and bluetooth support,
|
defaults, installs fake-hwclock and ntp, wifi and bluetooth support,
|
||||||
dphys-swapfile, and other basics for managing the hardware. It also
|
dphys-swapfile, and other basics for managing the hardware. It also
|
||||||
creates necessary groups and gives the pi user access to sudo and the
|
creates necessary groups and gives the pi user access to sudo and the
|
||||||
standard console hardware permission groups.
|
standard console hardware permission groups.
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# TouchPrint
|
# TouchPrint
|
||||||
TouchPrint is a lightweight fork of Raspberry Pi OS whos purpose is to securely host OctoPrint and to (optionally) display it on a connected screen.
|
TouchPrint is a lightweight fork of Raspberry Pi OS whos purpose is to host OctoPrint and to display it on a connected screen.
|
||||||
TouchPrint is very customizable. Both the GUI and/or OctoPrint can be disabled if you already have an existing setup to perform these tasks.
|
TouchPrint is very customizable, and both the GUI and/or OctoPrint can be disabled if you already have an existing setup to perform those tasks.
|
||||||
|
|
||||||
# Table of Contents
|
# Table of Contents
|
||||||
- [Screenshots](#screenshots)
|
- [Screenshots](#screenshots)
|
||||||
|
|
|
@ -74,17 +74,7 @@ fi
|
||||||
# Modify original build-options to allow config file to be mounted in the docker container
|
# Modify original build-options to allow config file to be mounted in the docker container
|
||||||
BUILD_OPTS="$(echo "${BUILD_OPTS:-}" | sed -E 's@\-c\s?([^ ]+)@-c /config@')"
|
BUILD_OPTS="$(echo "${BUILD_OPTS:-}" | sed -E 's@\-c\s?([^ ]+)@-c /config@')"
|
||||||
|
|
||||||
# Check the arch of the machine we're running on. If it's 64-bit, use a 32-bit base image instead
|
${DOCKER} build -t pi-gen "${DIR}"
|
||||||
case "$(uname -m)" in
|
|
||||||
x86_64|aarch64)
|
|
||||||
BASE_IMAGE=i386/debian:buster
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
BASE_IMAGE=debian:buster
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
${DOCKER} build --build-arg BASE_IMAGE=${BASE_IMAGE} -t pi-gen "${DIR}"
|
|
||||||
|
|
||||||
if [ "${CONTAINER_EXISTS}" != "" ]; then
|
if [ "${CONTAINER_EXISTS}" != "" ]; then
|
||||||
trap 'echo "got CTRL+C... please wait 5s" && ${DOCKER} stop -t 5 ${CONTAINER_NAME}_cont' SIGINT SIGTERM
|
trap 'echo "got CTRL+C... please wait 5s" && ${DOCKER} stop -t 5 ${CONTAINER_NAME}_cont' SIGINT SIGTERM
|
||||||
time ${DOCKER} run --rm --privileged \
|
time ${DOCKER} run --rm --privileged \
|
||||||
|
|
8
build.sh
8
build.sh
|
@ -172,7 +172,6 @@ export WPA_ESSID
|
||||||
export WPA_PASSWORD
|
export WPA_PASSWORD
|
||||||
export WPA_COUNTRY
|
export WPA_COUNTRY
|
||||||
export ENABLE_SSH="${ENABLE_SSH:-0}"
|
export ENABLE_SSH="${ENABLE_SSH:-0}"
|
||||||
export PUBKEY_ONLY_SSH="${PUBKEY_ONLY_SSH:-0}"
|
|
||||||
|
|
||||||
export LOCALE_DEFAULT="${LOCALE_DEFAULT:-en_US.UTF-8}"
|
export LOCALE_DEFAULT="${LOCALE_DEFAULT:-en_US.UTF-8}"
|
||||||
|
|
||||||
|
@ -183,8 +182,6 @@ export TIMEZONE_DEFAULT="${TIMEZONE_DEFAULT:-UTC}"
|
||||||
|
|
||||||
export GIT_HASH=${GIT_HASH:-"$(git rev-parse HEAD)"}
|
export GIT_HASH=${GIT_HASH:-"$(git rev-parse HEAD)"}
|
||||||
|
|
||||||
export PUBKEY_SSH_FIRST_USER
|
|
||||||
|
|
||||||
export CLEAN
|
export CLEAN
|
||||||
export IMG_NAME
|
export IMG_NAME
|
||||||
export APT_PROXY
|
export APT_PROXY
|
||||||
|
@ -230,11 +227,6 @@ if [[ -n "${WPA_PASSWORD}" && ${#WPA_PASSWORD} -lt 8 || ${#WPA_PASSWORD} -gt 63
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "${PUBKEY_ONLY_SSH}" = "1" && -z "${PUBKEY_SSH_FIRST_USER}" ]]; then
|
|
||||||
echo "Must set 'PUBKEY_SSH_FIRST_USER' to a valid SSH public key if using PUBKEY_ONLY_SSH"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
mkdir -p "${WORK_DIR}"
|
mkdir -p "${WORK_DIR}"
|
||||||
log "Begin ${BASE_DIR}"
|
log "Begin ${BASE_DIR}"
|
||||||
|
|
||||||
|
|
|
@ -40,32 +40,8 @@ BOOT_LENGTH=$(echo "$PARTED_OUT" | grep -e '^1:' | cut -d':' -f 4 | tr -d B)
|
||||||
ROOT_OFFSET=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 2 | tr -d B)
|
ROOT_OFFSET=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 2 | tr -d B)
|
||||||
ROOT_LENGTH=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 4 | tr -d B)
|
ROOT_LENGTH=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 4 | tr -d B)
|
||||||
|
|
||||||
echo "Mounting BOOT_DEV..."
|
BOOT_DEV=$(losetup --show -f -o "${BOOT_OFFSET}" --sizelimit "${BOOT_LENGTH}" "${IMG_FILE}")
|
||||||
cnt=0
|
ROOT_DEV=$(losetup --show -f -o "${ROOT_OFFSET}" --sizelimit "${ROOT_LENGTH}" "${IMG_FILE}")
|
||||||
until BOOT_DEV=$(losetup --show -f -o "${BOOT_OFFSET}" --sizelimit "${BOOT_LENGTH}" "${IMG_FILE}"); do
|
|
||||||
if [ $cnt -lt 5 ]; then
|
|
||||||
cnt=$((cnt + 1))
|
|
||||||
echo "Error in losetup for BOOT_DEV. Retrying..."
|
|
||||||
sleep 5
|
|
||||||
else
|
|
||||||
echo "ERROR: losetup for BOOT_DEV failed; exiting"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "Mounting ROOT_DEV..."
|
|
||||||
cnt=0
|
|
||||||
until ROOT_DEV=$(losetup --show -f -o "${ROOT_OFFSET}" --sizelimit "${ROOT_LENGTH}" "${IMG_FILE}"); do
|
|
||||||
if [ $cnt -lt 5 ]; then
|
|
||||||
cnt=$((cnt + 1))
|
|
||||||
echo "Error in losetup for ROOT_DEV. Retrying..."
|
|
||||||
sleep 5
|
|
||||||
else
|
|
||||||
echo "ERROR: losetup for ROOT_DEV failed; exiting"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "/boot: offset $BOOT_OFFSET, length $BOOT_LENGTH"
|
echo "/boot: offset $BOOT_OFFSET, length $BOOT_LENGTH"
|
||||||
echo "/: offset $ROOT_OFFSET, length $ROOT_LENGTH"
|
echo "/: offset $ROOT_OFFSET, length $ROOT_LENGTH"
|
||||||
|
|
||||||
|
|
|
@ -17,32 +17,8 @@ BOOT_LENGTH=$(echo "$PARTED_OUT" | grep -e '^1:' | cut -d':' -f 4 | tr -d B)
|
||||||
ROOT_OFFSET=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 2 | tr -d B)
|
ROOT_OFFSET=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 2 | tr -d B)
|
||||||
ROOT_LENGTH=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 4 | tr -d B)
|
ROOT_LENGTH=$(echo "$PARTED_OUT" | grep -e '^2:' | cut -d':' -f 4 | tr -d B)
|
||||||
|
|
||||||
echo "Mounting BOOT_DEV..."
|
BOOT_DEV=$(losetup --show -f -o "${BOOT_OFFSET}" --sizelimit "${BOOT_LENGTH}" "${IMG_FILE}")
|
||||||
cnt=0
|
ROOT_DEV=$(losetup --show -f -o "${ROOT_OFFSET}" --sizelimit "${ROOT_LENGTH}" "${IMG_FILE}")
|
||||||
until BOOT_DEV=$(losetup --show -f -o "${BOOT_OFFSET}" --sizelimit "${BOOT_LENGTH}" "${IMG_FILE}"); do
|
|
||||||
if [ $cnt -lt 5 ]; then
|
|
||||||
cnt=$((cnt + 1))
|
|
||||||
echo "Error in losetup for BOOT_DEV. Retrying..."
|
|
||||||
sleep 5
|
|
||||||
else
|
|
||||||
echo "ERROR: losetup for BOOT_DEV failed; exiting"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "Mounting ROOT_DEV..."
|
|
||||||
cnt=0
|
|
||||||
until ROOT_DEV=$(losetup --show -f -o "${ROOT_OFFSET}" --sizelimit "${ROOT_LENGTH}" "${IMG_FILE}"); do
|
|
||||||
if [ $cnt -lt 5 ]; then
|
|
||||||
cnt=$((cnt + 1))
|
|
||||||
echo "Error in losetup for ROOT_DEV. Retrying..."
|
|
||||||
sleep 5
|
|
||||||
else
|
|
||||||
echo "ERROR: losetup for ROOT_DEV failed; exiting"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "/boot: offset $BOOT_OFFSET, length $BOOT_LENGTH"
|
echo "/boot: offset $BOOT_OFFSET, length $BOOT_LENGTH"
|
||||||
echo "/: offset $ROOT_OFFSET, length $ROOT_LENGTH"
|
echo "/: offset $ROOT_OFFSET, length $ROOT_LENGTH"
|
||||||
|
|
||||||
|
|
|
@ -2,4 +2,4 @@
|
||||||
+++ stage2/rootfs/boot/cmdline.txt
|
+++ stage2/rootfs/boot/cmdline.txt
|
||||||
@@ -1 +1 @@
|
@@ -1 +1 @@
|
||||||
-console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait
|
-console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait
|
||||||
+console=serial0,115200 console=tty12 root=ROOTDEV rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait quiet loglevel=3 init=/usr/lib/raspi-config/init_resize.sh
|
+console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait quiet init=/usr/lib/raspi-config/init_resize.sh
|
||||||
|
|
|
@ -12,18 +12,6 @@ install -m 644 files/console-setup "${ROOTFS_DIR}/etc/default/"
|
||||||
|
|
||||||
install -m 755 files/rc.local "${ROOTFS_DIR}/etc/"
|
install -m 755 files/rc.local "${ROOTFS_DIR}/etc/"
|
||||||
|
|
||||||
if [ -n "${PUBKEY_SSH_FIRST_USER}" ]; then
|
|
||||||
install -v -m 0700 -o 1000 -g 1000 -d "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh
|
|
||||||
echo "${PUBKEY_SSH_FIRST_USER}" >"${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys
|
|
||||||
chown 1000:1000 "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys
|
|
||||||
chmod 0600 "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "${PUBKEY_ONLY_SSH}" = "1" ]; then
|
|
||||||
sed -i -Ee 's/^#?[[:blank:]]*PubkeyAuthentication[[:blank:]]*no[[:blank:]]*$/PubkeyAuthentication yes/
|
|
||||||
s/^#?[[:blank:]]*PasswordAuthentication[[:blank:]]*yes[[:blank:]]*$/PasswordAuthentication no/' "${ROOTFS_DIR}"/etc/ssh/sshd_config
|
|
||||||
fi
|
|
||||||
|
|
||||||
on_chroot << EOF
|
on_chroot << EOF
|
||||||
systemctl disable hwclock.sh
|
systemctl disable hwclock.sh
|
||||||
systemctl disable nfs-common
|
systemctl disable nfs-common
|
||||||
|
|
|
@ -26,12 +26,7 @@ network={
|
||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Disable wifi on 5GHz models if WPA_COUNTRY is not set
|
# Disable wifi on 5GHz models
|
||||||
mkdir -p "${ROOTFS_DIR}/var/lib/systemd/rfkill/"
|
mkdir -p "${ROOTFS_DIR}/var/lib/systemd/rfkill/"
|
||||||
if [ -n "$WPA_COUNTRY" ]; then
|
|
||||||
echo 0 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-3f300000.mmcnr:wlan"
|
|
||||||
echo 0 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-fe300000.mmcnr:wlan"
|
|
||||||
else
|
|
||||||
echo 1 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-3f300000.mmcnr:wlan"
|
echo 1 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-3f300000.mmcnr:wlan"
|
||||||
echo 1 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-fe300000.mmcnr:wlan"
|
echo 1 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-fe300000.mmcnr:wlan"
|
||||||
fi
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ mkdir -p ${ROOTFS_DIR}/etc/systemd/system/getty@tty1.service.d/
|
||||||
cat > ${ROOTFS_DIR}/etc/systemd/system/getty@tty1.service.d/override.conf << 'EOF'
|
cat > ${ROOTFS_DIR}/etc/systemd/system/getty@tty1.service.d/override.conf << 'EOF'
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart=
|
ExecStart=
|
||||||
ExecStart=-/usr/sbin/agetty --skip-login --nonewline --noissue --autologin root --noclear %I $TERM
|
ExecStart=-/usr/sbin/agetty --autologin root --noclear %I $TERM
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
on_chroot << EOF
|
on_chroot << EOF
|
||||||
|
|
Loading…
Reference in a new issue