Compare commits

..

No commits in common. "86f089bfeb14a5506da281dcccc1b7ef2228bada" and "989e1dd4663253e50d8d3f8fee86ac037bd66117" have entirely different histories.

8 changed files with 89 additions and 205 deletions

View file

@ -6,7 +6,7 @@ mkdir -p ${ROOTFS_DIR}/home/octoprint/.octoprint/
install -m 600 files/config.yaml ${ROOTFS_DIR}/home/octoprint/.octoprint/config.yaml
install -m 644 files/nginx.conf ${ROOTFS_DIR}/etc/nginx/nginx.conf
echo -e "listen 443 ssl;" > ${ROOTFS_DIR}/etc/nginx/listen.conf
echo -e "listen 443;" > ${ROOTFS_DIR}/etc/nginx/listen.conf
touch ${ROOTFS_DIR}/etc/nginx/auth.conf
mkdir -p ${ROOTFS_DIR}/usr/local/bin

View file

@ -26,6 +26,7 @@
server {
include /etc/nginx/listen.conf;
ssl on;
ssl_certificate /etc/ssl/certs/nginx-octoprint.crt;
ssl_certificate_key /etc/ssl/private/nginx-octoprint.key;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";

View file

@ -1,3 +1,3 @@
VIDEO_DEVICE="/dev/video0"
VIDEO_SIZE="1280x720"
VIDEO_FRAMERATE=15
FRAMERATE=15

View file

@ -4,11 +4,11 @@
source /usr/local/etc/mjpg-server/config.sh
# Test if camera can just give us MJPG frames so that we can save a bunch of CPU
if ffmpeg -input_format mjpeg -video_size $VIDEO_SIZE -framerate $VIDEO_FRAMERATE -nostats -v quiet -i $VIDEO_DEVICE vframes 1 -f null - >/dev/null; then
/usr/local/bin/mjpeg-server -a 127.0.0.1:9000 -- ffmpeg -input_format mjpeg -video_size $VIDEO_SIZE -framerate $VIDEO_FRAMERATE -i $VIDEO_DEVICE -f mpjpeg -c:v copy -
if ffmpeg -input_format mjpeg -video_size $VIDEO_SIZE -framerate $FRAMERATE -nostats -v quiet -i $VIDEO_DEVICE vframes 1 -f null - >/dev/null; then
/usr/local/bin/mjpeg-server -a 127.0.0.1:9000 -- ffmpeg -input_format mjpeg -video_size $VIDEO_SIZE -framerate $FRAMERATE -i $VIDEO_DEVICE -f mpjpeg -c:v copy -
# Oh, it can't :( Guess I'll just blast the CPU to maybe get 5FPS
elif ffmpeg -video_size $VIDEO_SIZE -framerate $VIDEO_FRAMERATE -nostats -v quiet -i $VIDEO_DEVICE -vframes 1 -f null - >/dev/null; then
/usr/local/bin/mjpeg-server -a 127.0.0.1:9000 -- ffmpeg -input_format rawvideo -video_size $VIDEO_SIZE -framerate $VIDEO_FRAMERATE -i /dev/video0 -f mpjpeg -
elif ffmpeg -video_size $VIDEO_SIZE -framerate $FRAMERATE -nostats -v quiet -i $VIDEO_DEVICE -vframes 1 -f null - >/dev/null; then
/usr/local/bin/mjpeg-server -a 127.0.0.1:9000 -- ffmpeg -input_format rawvideo -video_size $VIDEO_SIZE -framerate $FRAMERATE -i /dev/video0 -f mpjpeg -
else
echo "FFmpeg could not start. Double check your configuration."
exit 1

View file

@ -72,39 +72,24 @@ suggested_menu () {
done
}
# Import settings from sdcard's fat32 partition if available
if [[ -f /boot/settings ]]; then
source /boot/settings
else
dialog --title "NOTICE" --colors --msgbox "This collection of software is currently in beta, it may contain several bugs. This software is \Zb\Z1NOT\Zn recommended for a production environment." 10 50
fi
dialog --title "NOTICE" --colors --msgbox "This collection of software is currently in beta, it may contain several bugs. This software is \Zb\Z1NOT\Zn recommended for a production environment." 10 50
# Makes a certificate and key for Nginx HTTPS
openssl req -x509 -nodes -days 36500 -newkey rsa:4096 -subj "/C=/ST=/L=/O=/OU=/CN=*/emailAddress=" -out /etc/ssl/certs/nginx-octoprint.crt -keyout /etc/ssl/private/nginx-octoprint.key
# Force the user to change the pi user's password before the RPi gets botnetted
if [[ -n $PI_PWD_HASH ]]; then
change_password hash $PI_PWD_HASH
else
change_password $PI_PWD
fi
change_password
if ! [[ -n $SKIP_NETWORK ]] && dialog --title "Network Configuration" --nocancel --yesno "Do you wish to open nmtui, a program to help configure your ethernet/wireless interfaces?" 10 50; then
nmtui
fi
dialog --title "Network Configuration" --nocancel --msgbox "Setup will now open nmtui, a program to help configure your ethernet/wireless interfaces. Hit Quit when you are done." 10 50
nmtui
# Configure the timezone
if [[ -n $TIMEZONE ]]; then
ln -fs /usr/share/zoneinfo/$TIMEZONE /etc/localtime
DEBIAN_FRONTEND=noninteractive dpkg-reconfigure --frontend noninteractive tzdata
else
dpkg-reconfigure tzdata
fi
dpkg-reconfigure tzdata
# Enable/disable OctoPrint, GUI, MJPG and SSH
service_toggle ${SERVICE_TOGGLE[0]} ${SERVICE_TOGGLE[1]} ${SERVICE_TOGGLE[2]} ${SERVICE_TOGGLE[3]}
service_toggle
screen_timeout $SCREEN_TIMEOUT
screen_timeout
# If a touchscreen is detected, and the GUI is enabled, ask the user if they want to calibrate it
if ( udevadm info --export-db | grep ID_INPUT_TOUCHSCREEN=1 >/dev/null ) && [[ $(readlink -f /etc/systemd/system/default.target) == "/usr/lib/systemd/system/graphical.target" ]] && dialog --title "Touchscreen Calibration" --defaultno --yesno "Do you wish to calibrate your touchscreen?\nMost touchscreens are calibrated out of the factory, so this is usually not needed." 10 60; then
@ -112,43 +97,34 @@ if ( udevadm info --export-db | grep ID_INPUT_TOUCHSCREEN=1 >/dev/null ) && [[ $
fi
# If OctoPrint and the GUI are running locally, ask the user if they want to change the autologin user
if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] && [[ $(readlink -f /etc/systemd/system/default.target) == "/usr/lib/systemd/system/graphical.target" ]] && ( [[ "$OCTO_AUTOLOGIN" != "" ]] || dialog --title "OctoPrint AutoLogin" --yesno "Do you wish to configure the user that the GUI auto logs in as in OctoPrint?\nThis is required if you wish to enable access control in OctoPrint." 10 60 ); then
octo_autologin $OCTO_AUTOLOGIN
if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] && [[ $(readlink -f /etc/systemd/system/default.target) == "/usr/lib/systemd/system/graphical.target" ]] && dialog --title "OctoPrint AutoLogin" --yesno "Do you wish to configure the user that the GUI auto logs in as in OctoPrint?\nThis is required if you wish to enable access control in OctoPrint." 10 60; then
octo_autologin
fi
# If OctoPrint/MJPG Streamer is running locally, ask if the user wants to change the default listening port/IP (optional)
if ( [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] || [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]] ) && ( [[ "$NGINX_LISTEN" != "" ]] || dialog --title "Nginx Config" --defaultno --yesno "Do you wish to change the default Nginx listening address and/or port?" 10 60 ); then
nginx_listen $NGINX_LISTEN
if ( [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] || [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]] ) && dialog --title "Nginx Config" --defaultno --yesno "Do you wish to change the default Nginx listening address and/or port?" 10 60; then
nginx_listen
fi
# If MJPG service is enabled, ask the user to configure Nginx basic auth and the video device
if [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]]; then
if [[ -n $NGINX_AUTH_HASH ]]; then
nginx_auth hash $NGINX_AUTH_HASH
else
nginx_auth $NGINX_AUTH
fi
video_select $MJPG_DEVICE
video_config $MJPG_SIZE $MJPG_FRAMERATE
nginx_auth
video_select
video_config
fi
# If OctoPrint is running locally, ask if user wants to preinstall recommended plugins
if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] && ! [[ -n $SKIP_PLUGINS ]] && dialog --title "Plugin Manager" --yesno "Do you wish to preinstall some suggested plugins?" 10 60; then
if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] && dialog --title "Plugin Manager" --yesno "Do you wish to preinstall some suggested plugins?" 10 60; then
recommended_menu && suggested_menu
chown -R octoprint:octoprint /srv/octoprint
chown -R octoprint:octoprint /home/octoprint
fi
# Just incase
chown -R octoprint:octoprint /srv/octoprint
chown -R octoprint:octoprint /home/octoprint
# Delete the autologin override and first-time setup utility
rm /etc/systemd/system/getty@tty1.service.d/override.conf
rm /etc/profile.d/first-time.sh
if ! [[ -f /boot/settings ]]; then
dialog --title "TouchPrint Config" --colors --msgbox "Congratulations! Your install of TouchPrint has been successfully configured.\n\n\Z1To change these settings later, login to your Raspberry Pi and run \"\Z1\Zbtp-config\Zn\Z1\"." 0 0
fi
dialog --title "TouchPrint Config" --colors --msgbox "Congratulations! Your install of TouchPrint has been successfully configured.\n\n\Z1To change these settings later, login to your Raspberry Pi and run \"\Z1\Zbtp-config\Zn\Z1\"." 0 0
dialog --title "TouchPrint Config" --infobox "Rebooting..." 0 0
sleep 1
reboot

0
stage2/06-utils/files/octo-settings Executable file → Normal file
View file

View file

@ -1,17 +1,5 @@
change_password () {
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo "PI_PWD_HASH='$(awk -F ":" '/pi/{print $2}' /etc/shadow)'" >> $2
return 0;
elif [[ "$1" == "hash" ]]; then
usermod -p "$2" pi
return 0;
else
local PASSWORD="$1"
fi
else
local PASSWORD="$(dialog --title "Change Password" $FIRST_TIME --insecure --passwordbox "Enter new password for user \"pi\"" 10 50 3>&1 1>&2 2>&3 || return 0)"
fi
# If the password field was left blank and we aren't in the first time setup, exit
[[ $PASSWORD == "" ]] && [[ $FIRST_TIME == "" ]] && return 0
@ -38,20 +26,6 @@ change_password () {
}
service_toggle () {
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo "SERVICE_TOGGLE=\"$(if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]]; then echo "true"; else echo "false"; fi) \
$(if [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]]; then echo "true"; else echo "false"; fi) \
$(if [[ $(systemctl get-default) == "graphical.target" ]]; then echo "true"; else echo "false"; fi) \
$(if [[ -f /etc/systemd/system/multi-user.target.wants/ssh.service ]]; then echo "true"; else echo "false"; fi)\"" >> $2
return 0
else
local ENABLE_OCTO=$1
local ENABLE_MJPG=$2
local ENABLE_GUI=$3
local ENABLE_SSH=$4
fi
else
# Toggle the checkboxes if the service is active or not
local SERVICE_MENU=$(dialog $FIRST_TIME --title "Select services" --checklist "Enable/disable services" 0 0 0 \
"1" "OctoPrint" $(if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]]; then echo "ON"; else echo "OFF"; fi) \
@ -74,10 +48,9 @@ $(if [[ -f /etc/systemd/system/multi-user.target.wants/ssh.service ]]; then echo
"4") ENABLE_SSH=true ;;
esac
done
fi
# If FIRST_TIME is not empty, this is the first time boot so don't actually start stuff, otherwise use normal behaviour
if [[ "$FIRST_TIME" != "" ]]; then
if ! [[ "$FIRST_TIME" == "" ]]; then
if [[ $ENABLE_OCTO == true ]]; then
systemctl enable octoprint
else
@ -169,22 +142,7 @@ EOF
}
screen_timeout () {
if [[ -f /home/kiosk/.xtimeout ]]; then
local TIMEOUT=$(awk '/xset s [0-9 o O]/{print $3}' /home/kiosk/.xtimeout)
else
local TIMEOUT="off"
fi
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo "SCREEN_TIMEOUT=$(awk '/xset s [0-9 o O]/{print $3}' /home/kiosk/.xtimeout)" >> $2
return 0
else
TIMEOUT=$1
fi
else
local TIMEOUT=$(dialog $FIRST_TIME --title "Screen Timeout" --inputbox "Input your desired screen timeout in seconds.\nEnter \"off\" to disable the screen timeout.\n\nAdding a screen timeout can reduce screen burn in.\n\nDefault: off" 12 60 $TIMEOUT 3>&1 1>&2 2>&3 || return 0)
fi
local TIMEOUT=$(dialog $FIRST_TIME --title "Screen Timeout" --inputbox "Input your desired screen timeout in seconds.\nEnter \"off\" to disable the screen timeout.\n\nAdding a screen timeout can reduce screen burn in.\n\nDefault: off" 12 60 "off" 3>&1 1>&2 2>&3 || return 0)
# If timeout is blank, exit before we break everything
[[ "$TIMEOUT" == "" ]] && return 0
@ -195,84 +153,53 @@ screen_timeout () {
xset s noblank
EOF
if [[ $(readlink -f /etc/systemd/system/default.target) == "/usr/lib/systemd/system/graphical.target" ]] && [[ "$FIRST_TIME" == "" ]]; then
if [[ $(readlink -f /etc/systemd/system/default.target) == "/usr/lib/systemd/system/graphical.target" ]]; then
ASK_REBOOT=true
fi
}
octo_autologin () {
local AUTOLOGIN_MENU=$(octo-settings read accessControl autologinAs)
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo "OCTO_AUTOLOGIN=$AUTOLOGIN_MENU" >> $2
return 0
else
AUTOLOGIN_MENU=$1
fi
else
AUTOLOGIN_MENU="$(dialog --title "OctoPrint AutoLogin" --inputbox "Enter the username of the user that you want the GUI to autologin as on startup." 10 50 $AUTOLOGIN_MENU 3>&1 1>&2 2>&3 || return 0)"
fi
local AUTOLOGIN_MENU="$(dialog --title "OctoPrint AutoLogin" --inputbox "Enter the username of the user that you want the GUI to autologin as on startup." 10 50 $(octo-settings read accessControl autologinAs) 3>&1 1>&2 2>&3 || return 0)"
# If the text field is blank, exit before everything (probably doesn't) break
[[ "$AUTOLOGIN_MENU" == "" ]] && return 0
octo-settings write accessControl autologinAs $AUTOLOGIN_MENU
if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]] && [[ "$FIRST_TIME" == "" ]]; then
if [[ -f /etc/systemd/system/multi-user.target.wants/octoprint.service ]]; then
systemctl restart octoprint
ASK_REBOOT=true
fi
}
nginx_listen () {
local LISTEN=""
# Grab the variable from the nginx conf if it exists, otherwise use default
if [[ -f /etc/nginx/listen.conf ]]; then
local LISTEN=$(awk '/listen/{gsub(";",""); print $2}' /etc/nginx/listen.conf)
LISTEN=$(awk '/listen/{gsub(";",""); print $2}' /etc/nginx/listen.conf)
else
local LISTEN="443"
LISTEN="443"
fi
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo "NGINX_LISTEN=$LISTEN" >> $2
return 0
fi
else
LISTEN=$(dialog --title "Nginx Config" --inputbox "Configure what port and IP Nginx should listen on.\nTo listen on all IPs, just enter the port.\nDefault: 443" 11 50 "$LISTEN" 3>&1 1>&2 2>&3 || return 0)
fi
[[ "$LISTEN" == "" ]] && return 0
# Write new value to nginx
echo "listen $LISTEN ssl;" > /etc/nginx/listen.conf
echo "listen $LISTEN;" > /etc/nginx/listen.conf
if [[ -f /etc/systemd/system/multi-user.target.wants/nginx.service ]] && [[ "$FIRST_TIME" == "" ]]; then
if [[ -f /etc/systemd/system/multi-user.target.wants/nginx.service ]]; then
systemctl restart nginx
ASK_REBOOT=true
fi
}
nginx_auth () {
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]] && [[ -f /etc/nginx/.htpasswd ]]; then
echo "NGINX_AUTH_HASH='$(cat /etc/nginx/.htpasswd)'" >> $2
return 0
else
if [[ "$1" == "hash" ]]; then
echo -e "satisfy any;\nallow 127.0.0.1;\ndeny all;\nauth_basic \"TouchPrint MJPG Stream\";\nauth_basic_user_file /etc/nginx/.htpasswd;" > /etc/nginx/auth.conf
echo "$(echo $2 | awk -F ":" '{print $1}'):$(echo $2 | awk -F ":" '{print $2}')" > /etc/nginx/.htpasswd
return 0;
else
local NGINXAUTH_MENU=($1 $2)
fi
fi
else
local NGINXAUTH_MENU=$(dialog --colors $FIRST_TIME --insecure --title "Nginx Config" --mixedform "Input desired username and password for the MJPG stream.\n\nLeave both fields blank if you do not want authentication \Zb\Z1(NOT RECOMMENDED)\Zn." 12 60 0\
"Username: " 1 1 "$(awk -F ":" '{print $1}' /etc/nginx/.htpasswd)" 1 11 10 0 0 \
"Username: " 1 1 "" 1 11 10 0 0 \
"Password: " 2 1 "" 2 11 30 0 1 3>&1 1>&2 2>&3 || return 0)
NGINXAUTH_MENU=($NGINXAUTH_MENU)
fi
# If all the fields are blank, remove the auth stuff and exit
if [[ "${NGINXAUTH_MENU[*]}" == "" ]]; then
@ -298,13 +225,13 @@ nginx_auth () {
chown root:www-data /etc/nginx/.htpasswd
chmod 640 /etc/nginx/.htpasswd
if [[ -f /etc/systemd/system/multi-user.target.wants/nginx.service ]] && [[ "$FIRST_TIME" == "" ]]; then
if [[ -f /etc/systemd/system/multi-user.target.wants/nginx.service ]]; then
systemctl restart nginx
fi
}
video_select () {
# In the extremely unlikely event that there are no video devices, don't continue
# In the unlikely event that there are no video devices, don't continue
if ! ls /dev/video* 2>&1 >/dev/null; then
dialog --title "Video Config" --colors --msgbox "\Z1\ZbNo video devices detected!" 5 30
return 1
@ -313,14 +240,6 @@ video_select () {
# Grab config values
source /usr/local/etc/mjpg-server/config.sh
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo "MJPG_DEVICE=$VIDEO_DEVICE" >> $2
return 0
else
local DEVICE_MENU="$1"
fi
else
# Grab all video devices
local DEVICES=($(ls /dev/video*))
@ -336,14 +255,13 @@ video_select () {
done
local DEVICE_MENU=$(dialog --title "MJPG Config" $FIRST_TIME --radiolist "Choose which video device you wish to use for MJPG-Streamer" 10 50 0 $DEVICELIST 3>&1 1>&2 2>&3 || return 0)
fi
[[ "$DEVICE_MENU" == "" ]] && return 0
# Write selected value to config file
echo -e "VIDEO_DEVICE=$DEVICE_MENU\nVIDEO_SIZE=$VIDEO_SIZE\nFRAMERATE=$FRAMERATE" > /usr/local/etc/mjpg-server/config.sh
if [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]] && [[ "$FIRST_TIME" == "" ]]; then
if [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]]; then
systemctl restart mjpg-streamer
fi
}
@ -352,26 +270,15 @@ video_config () {
# Include config values
source /usr/local/etc/mjpg-server/config.sh
if [[ "$1" != "" ]]; then
if [[ "$1" == "export" ]]; then
echo -e "MJPG_FRAMERATE=$VIDEO_FRAMERATE\nMJPG_SIZE=$VIDEO_SIZE" >> $2
return 0
else
local VIDEOCONFIG_MENU=($1 $2)
fi
else
# Set video device to a resonable default if it isn't set for some reason
if [[ "$VIDEO_DEVICE" == "" ]]; then
VIDEO_DEVICE="/dev/video0"
fi
local VIDEOCONFIG_MENU=$(dialog $FIRST_TIME --title "MJPG Config" --form "Choose desired camera resolution and framerate." 10 50 0 \
local VIDEOCONFIG_MENU=$(dialog $FIRST_TIME --title "MJPG Config" --form "Choose desired camera resolution and framerate." 10 50 0\
"Resolution: " 1 1 "$VIDEO_SIZE" 1 13 10 0 \
"Framerate: " 2 1 "$VIDEO_FRAMERATE" 2 12 3 0 3>&1 1>&2 2>&3 || return 0)
"Framerate: " 2 1 "$FRAMERATE" 2 12 3 0 3>&1 1>&2 2>&3 || return 0)
VIDEOCONFIG_MENU=($VIDEOCONFIG_MENU)
fi
[[ "${VIDEOCONFIG_MENU[@]}" == "" ]] && return 0
# If one of the fields is empty, tell the user to start over
if [[ "${VIDEOCONFIG_MENU[0]}" == "" ]] || [[ "${VIDEOCONFIG_MENU[1]}" == "" ]]; then
@ -381,9 +288,9 @@ video_config () {
fi
# Write values to config file
echo -e "VIDEO_DEVICE=$VIDEO_DEVICE\nVIDEO_SIZE=${VIDEOCONFIG_MENU[0]}\nVIDEO_FRAMERATE=${VIDEOCONFIG_MENU[1]}" > /usr/local/etc/mjpg-server/config.sh
echo -e "VIDEO_DEVICE=$VIDEO_DEVICE\nVIDEO_SIZE=${VIDEOCONFIG_MENU[0]}\nFRAMERATE=${VIDEOCONFIG_MENU[1]}" > /usr/local/etc/mjpg-server/config.sh
if [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]] && [[ "$FIRST_TIME" == "" ]]; then
if [[ -f /etc/systemd/system/multi-user.target.wants/mjpg-streamer.service ]]; then
systemctl restart mjpg-streamer
fi
}

View file

@ -1,3 +1,3 @@
xset s off
xset s 60
xset -dpms
xset s noblank