##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
Unknown -
r732:4551fcf06923
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,14
1 [Match]
2 Name=eth0
3
4 [Network]
5 RouteMetric=10
6 IPv6PrivacyExtensions=true
7 DHCP=no
8 Address=
9 Gateway=
10 DNS=
11 DNS=
12 Domains=
13 NTP=
14 NTP=
Show file before | Show file after | Hide comments
@@ -0,0 +1,14
1 [Match]
2 Name=wlan0
3
4 [Network]
5 RouteMetric=20
6 IPv6PrivacyExtensions=true
7 DHCP=no
8 Address=
9 Gateway=
10 DNS=
11 DNS=
12 Domains=
13 NTP=
14 NTP=
Show file before | Show file after | Hide comments
@@ -0,0 +1,188
1 ############################
2 ########APT settings########
3 ############################
4 APT_SERVER=ftp.debian.org
5 APT_PROXY=
6 KEEP_APT_PROXY=false
7 APT_INCLUDES_LATE=
8 APT_INCLUDES=
9 ############################
10 ##General system settings###
11 ############################
12 SET_ARCH=32
13 RPI_MODEL=3P
14 RELEASE=buster
15 HOSTNAME=
16 DEFLOCAL=en_US.UTF-8
17 TIMEZONE=Europe/Berlin
18 EXPANDROOT=true
19 ############################
20 #######User settings########
21 ############################
22 ENABLE_ROOT=false
23 ROOT_PASSWORD=raspberry
24 ENABLE_USER=true
25 USER_NAME=pi
26 USER_PASSWORD=raspberry
27 ############################
28 ####Keyboard settings#######
29 ############################
30 XKB_MODEL=
31 XKB_LAYOUT=
32 XKB_VARIANT=
33 XKB_OPTIONS=
34 ############################
35 ######Network settings######
36 ############################
37 ENABLE_IPV6=true
38 ENABLE_WIRELESS=false
39 ENABLE_IPTABLES=false
40 ENABLE_HARDNET=false
41 ENABLE_IFNAMES=true
42 ############################
43 # Network settings (DHCP)
44 ENABLE_ETH_DHCP=true
45 ENABLE_WIFI_DHCP=true
46 ############################
47 # Network settings (static)
48 NET_ETH_ADDRESS=
49 NET_ETH_GATEWAY=
50 NET_ETH_DNS_1=
51 NET_ETH_DNS_2=
52 NET_ETH_DNS_DOMAINS=
53 NET_ETH_NTP_1=
54 NET_ETH_NTP_2=
55 ############################
56 NET_WIFI_SSID=
57 NET_WIFI_PSK=
58 ############################
59 # Network settings (static)
60 NET_WIFI_ADDRESS=
61 NET_WIFI_GATEWAY=
62 NET_WIFI_DNS_1=
63 NET_WIFI_DNS_2=
64 NET_WIFI_DNS_DOMAINS=
65 NET_WIFI_NTP_1=
66 NET_WIFI_NTP_2=
67 ############################
68 ###Basic system settings####
69 ############################
70 ENABLE_CONSOLE=false
71 ENABLE_PRINTK=false
72 ENABLE_BLUETOOTH=false
73 ENABLE_MINIUART_OVERLAY=false
74 ENABLE_TURBO=false
75 ENABLE_I2C=true
76 ENABLE_SPI=true
77 ENABLE_NONFREE=false
78 ENABLE_RSYSLOG=false
79 ENABLE_SOUND=false
80 ENABLE_HWRANDOM=true
81 ENABLE_MINGPU=false
82 ENABLE_XORG=false
83 ENABLE_WM=
84 ENABLE_SYSVINIT=false
85 ENABLE_SPLASH=true
86 ENABLE_LOGO=true
87 ENABLE_SILENT_BOOT=false
88 ############################
89 #1=disable overlay,2=turbo+overlay, otherwise leave unset
90 DISABLE_UNDERVOLT_WARNINGS=
91 ############################
92 ##Advanced system settings##
93 ############################
94 ENABLE_DPHYSSWAP=true
95 ENABLE_SYSTEMDSWAP=false
96 ############################
97 ENABLE_QEMU=false
98 QEMU_BINARY=
99 ENABLE_KEYGEN=false
100 ENABLE_MINBASE=false
101 ENABLE_SPLITFS=false
102 ENABLE_INITRAMFS=false
103 ENABLE_DBUS=true
104 ENABLE_USBBOOT=false
105 ############################
106 CHROOT_SCRIPTS=
107 ############################
108 ENABLE_UBOOT=false
109 UBOOTSRC_DIR=
110 ############################
111 ENABLE_FBTURBO=false
112 FBTURBOSRC_DIR=
113 ############################
114 ENABLE_VIDEOCORE=false
115 VIDEOCORESRC_DIR=
116 ############################
117 ENABLE_NEXMON=false
118 NEXMONSRC_DIR=
119 ############################
120 ########SSH settings########
121 ############################
122 SSH_ENABLE=true
123 SSH_ENABLE_ROOT=false
124 SSH_DISABLE_PASSWORD_AUTH=false
125 SSH_LIMIT_USERS=false
126 SSH_ROOT_PUB_KEY=
127 SSH_USER_PUB_KEY=
128 ############################
129 #####Kernel settings########
130 ############################
131 BUILD_KERNEL=true
132 CROSS_COMPILE=
133 KERNEL_ARCH=
134 KERNEL_IMAGE=
135 KERNEL_BRANCH=
136 KERNEL_DEFCONFIG=
137
138 KERNEL_THREADS=1
139 KERNEL_HEADERS=true
140 KERNEL_MENUCONFIG=false
141 KERNEL_OLDDEFCONFIG=false
142 KERNEL_CCACHE=false
143 KERNEL_REMOVESRC=true
144 KERNELSRC_DIR=
145 KERNELSRC_CLEAN=false
146 KERNELSRC_CONFIG=true
147 KERNELSRC_USRCONFIG=
148 KERNELSRC_PREBUILT=false
149 RPI_FIRMWARE_DIR=
150 KERNEL_DEFAULT_GOV=ondemand
151 KERNEL_NF=false
152 KERNEL_VIRT=false
153 KERNEL_ZSWAP=false
154 KERNEL_BPF=true
155 KERNEL_SECURITY=false
156 KERNEL_BTRFS=false
157 KERNEL_POEHAT=false
158 KERNEL_NSPAWN=false
159 KERNEL_DHKEY=true
160 ############################
161 #######Save diskspace#######
162 ############################
163 ENABLE_REDUCE=false
164 REDUCE_APT=true
165 REDUCE_DOC=false
166 REDUCE_MAN=false
167 REDUCE_VIM=false
168 REDUCE_BASH=false
169 REDUCE_HWDB=false
170 REDUCE_SSHD=false
171 REDUCE_LOCALE=false
172 REDUCE_KERNEL=false
173 ############################
174 ######CryptFS Settings######
175 ############################
176 ENABLE_CRYPTFS=false
177 CRYPTFS_PASSWORD=
178 CRYPTFS_MAPPING=secure
179 CRYPTFS_CIPHER=aes-xts-plain64
180 CRYPTFS_HASH=sha256
181 CRYPTFS_XTSKEYSIZE=256
182 CRYPTFS_DROPBEAR=false
183 CRYPTFS_DROPBEAR_PUBKEY=
184 ############################
185 #######Build settings#######
186 ############################
187 BASEDIR=
188 IMAGE_NAME= No newline at end of file
Show file before | Show file after | Hide comments
@@ -9,7 +9,8 VARIANT=""
9 COMPONENTS="main"
9 COMPONENTS="main"
10
10
11 # Use non-free Debian packages if needed
11 # Use non-free Debian packages if needed
12 if [ "$ENABLE_NONFREE" = true ] ; then
12 # One use variable which is only needed by wifi firmware blob => reworked to use non free in /etc/apt/sources.list - we could just use ENABLE_WIRELESS here
13 if [ "$ENABLE_WIRELESS" = true ] ; then
13 COMPONENTS="main,non-free,contrib"
14 COMPONENTS="main,non-free,contrib"
14 fi
15 fi
15
16
Show file before | Show file after | Hide comments
@@ -49,10 +49,16 if [ "$BUILD_KERNEL" = true ] ; then
49 fi
49 fi
50
50
51 # Calculate optimal number of kernel building threads
51 # Calculate optimal number of kernel building threads
52 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
52 if [ -n "$KERNEL_THREADS" ] && [ -r /proc/cpuinfo ] ; then
53 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
53 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
54 fi
54 fi
55
55
56 # TODO: Check if defined Threadcount is higher than actual cores
57 # if [ "$KERNEL_THREADS" > grep -c processor /proc/cpuinfo] ; then
58 # echo "Defined more Threads than core assigned to this system"
59 # exit 1
60 # fi
61
56 #Copy 32bit config to 64bit
62 #Copy 32bit config to 64bit
57 if [ "$ENABLE_QEMU" = true ] && [ "$KERNEL_ARCH" = arm64 ]; then
63 if [ "$ENABLE_QEMU" = true ] && [ "$KERNEL_ARCH" = arm64 ]; then
58 cp "${KERNEL_DIR}"/arch/arm/configs/vexpress_defconfig "${KERNEL_DIR}"/arch/arm64/configs/
64 cp "${KERNEL_DIR}"/arch/arm/configs/vexpress_defconfig "${KERNEL_DIR}"/arch/arm64/configs/
@@ -61,7 +67,7 if [ "$BUILD_KERNEL" = true ] ; then
61 # Configure and build kernel
67 # Configure and build kernel
62 if [ "$KERNELSRC_PREBUILT" = false ] ; then
68 if [ "$KERNELSRC_PREBUILT" = false ] ; then
63 # Remove device, network and filesystem drivers from kernel configuration
69 # Remove device, network and filesystem drivers from kernel configuration
64 if [ "$KERNEL_REDUCE" = true ] ; then
70 if [ "$REDUCE_KERNEL" = true ] ; then
65 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
71 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
66 sed -i\
72 sed -i\
67 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
@@ -464,8 +470,24 if [ "$BUILD_KERNEL" = true ] ; then
464 set_kernel_config CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY n
470 set_kernel_config CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY n
465 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS m
471 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS m
466 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
472 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
467
473 fi
468 set_kernel_config CONFIG_ARM64_CRYPTO y
474
475 if [ "$ENABLE_CRYPTFS" = true ] ; then
476 set_kernel_config CONFIG_EMBEDDED y
477 set_kernel_config CONFIG_EXPERT y
478 set_kernel_config CONFIG_DAX y
479 set_kernel_config CONFIG_MD y
480 set_kernel_config CONFIG_BLK_DEV_MD y
481 set_kernel_config CONFIG_MD_AUTODETECT y
482 set_kernel_config CONFIG_BLK_DEV_DM y
483 set_kernel_config CONFIG_BLK_DEV_DM_BUILTIN y
484 set_kernel_config CONFIG_DM_CRYPT y
485 set_kernel_config CONFIG_CRYPTO_BLKCIPHER y
486 set_kernel_config CONFIG_CRYPTO_CBC y
487 set_kernel_config CONFIG_CRYPTO_XTS y
488 set_kernel_config CONFIG_CRYPTO_SHA512 y
489 set_kernel_config CONFIG_CRYPTO_MANAGER y
490 set_kernel_config CONFIG_ARM64_CRYPTO y
469 set_kernel_config CONFIG_CRYPTO_SHA256_ARM64 m
491 set_kernel_config CONFIG_CRYPTO_SHA256_ARM64 m
470 set_kernel_config CONFIG_CRYPTO_SHA512_ARM64 m
492 set_kernel_config CONFIG_CRYPTO_SHA512_ARM64 m
471 set_kernel_config CONFIG_CRYPTO_SHA1_ARM64_CE m
493 set_kernel_config CONFIG_CRYPTO_SHA1_ARM64_CE m
@@ -620,8 +642,7 if [ "$BUILD_KERNEL" = true ] ; then
620 fi
642 fi
621
643
622 # KERNEL_DEFAULT_GOV was set by user
644 # KERNEL_DEFAULT_GOV was set by user
623 if [ "$KERNEL_DEFAULT_GOV" != powersave ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
645 if [ "$KERNEL_DEFAULT_GOV" != ondemand ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
624
625 case "$KERNEL_DEFAULT_GOV" in
646 case "$KERNEL_DEFAULT_GOV" in
626 performance)
647 performance)
627 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
648 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
@@ -643,9 +664,8 if [ "$BUILD_KERNEL" = true ] ; then
643 exit 1
664 exit 1
644 ;;
665 ;;
645 esac
666 esac
646
667 # unset previous default governor
647 # unset previous default governor
668 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND
648 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
649 fi
669 fi
650
670
651 #Revert to previous directory
671 #Revert to previous directory
@@ -655,25 +675,6 if [ "$BUILD_KERNEL" = true ] ; then
655 if [ "$ENABLE_QEMU" = true ] ; then
675 if [ "$ENABLE_QEMU" = true ] ; then
656 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
676 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
657 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
677 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
658
659 if [ "$ENABLE_CRYPTFS" = true ] ; then
660 {
661 echo "CONFIG_EMBEDDED=y"
662 echo "CONFIG_EXPERT=y"
663 echo "CONFIG_DAX=y"
664 echo "CONFIG_MD=y"
665 echo "CONFIG_BLK_DEV_MD=y"
666 echo "CONFIG_MD_AUTODETECT=y"
667 echo "CONFIG_BLK_DEV_DM=y"
668 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
669 echo "CONFIG_DM_CRYPT=y"
670 echo "CONFIG_CRYPTO_BLKCIPHER=y"
671 echo "CONFIG_CRYPTO_CBC=y"
672 echo "CONFIG_CRYPTO_XTS=y"
673 echo "CONFIG_CRYPTO_SHA512=y"
674 echo "CONFIG_CRYPTO_MANAGER=y"
675 } >> "${KERNEL_DIR}"/.config
676 fi
677 fi
678 fi
678
679
679 # Copy custom kernel configuration file
680 # Copy custom kernel configuration file
@@ -734,7 +735,7 if [ "$BUILD_KERNEL" = true ] ; then
734 fi
735 fi
735
736
736 # Install kernel headers
737 # Install kernel headers
737 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
738 if [ "$KERNEL_HEADERS" = true ] && [ "$REDUCE_KERNEL" = false ] ; then
738 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
739 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
739 fi
740 fi
740
741
@@ -886,4 +887,4 else # BUILD_KERNEL=false
886 cleanup
887 cleanup
887 exit 1
888 exit 1
888 fi
889 fi
889 fi
890 fi No newline at end of file
Show file before | Show file after | Hide comments
@@ -38,17 +38,17 if [ "$ENABLE_INITRAMFS" = true ] ; then
38 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
38 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
39 fi
39 fi
40
40
41 if [ "$CRYPTFS_DROPBEAR" = true ]; then
41 if [ "$CRYPTFS_DROPBEAR" = true ] ; then
42 if [ "$ENABLE_DHCP" = false ] ; then
42 if [ "$ENABLE_ETH_DHCP" = false ] ; then
43 # Get cdir from NET_ADDRESS e.g. 24
43 # Get cdir from NET_ADDRESS e.g. 24
44 cdir=$(printf "%s" "${NET_ADDRESS}" | cut -d '/' -f2)
44 cdir=$(printf "%s" "${NET_ETH_ADDRESS}" | cut -d '/' -f2)
45
45
46 # Convert cdir ro netmask e.g. 24 to 255.255.255.0
46 # Convert cdir ro netmask e.g. 24 to 255.255.255.0
47 NET_MASK=$(cdr2mask "$cdir")
47 NET_MASK=$(cdr2mask "$cdir")
48
48
49 # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
49 # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
50 # ip=<client-ip>:<server-ip>:<gw-ip>:<netmask>:<hostname>:<device>:<autoconf>
50 # ip=<client-ip>:<server-ip>:<gw-ip>:<netmask>:<HOSTNAME>:<device>:<autoconf>
51 sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
51 sed -i "\$a\nIP=${NET_ETH_ADDRESS}::${NET_ETH_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
52 else
52 else
53 sed -i "\$a\nIP=::::${HOSTNAME}::dhcp" "${ETC_DIR}"/initramfs-tools/initramfs.conf
53 sed -i "\$a\nIP=::::${HOSTNAME}::dhcp" "${ETC_DIR}"/initramfs-tools/initramfs.conf
54 fi
54 fi
Show file before | Show file after | Hide comments
@@ -176,7 +176,10 fi
176
176
177 # may need sudo systemctl disable hciuart
177 # may need sudo systemctl disable hciuart
178 if [ "$ENABLE_CONSOLE" = true ] ; then
178 if [ "$ENABLE_CONSOLE" = true ] ; then
179 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
179 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
180 #More debug output on early but with serial console
181 echo "uart_2ndstage=1" >> "${BOOT_DIR}/config.txt"
182
180 # add string to cmdline
183 # add string to cmdline
181 CMDLINE="${CMDLINE} console=serial0,115200"
184 CMDLINE="${CMDLINE} console=serial0,115200"
182
185
Show file before | Show file after | Hide comments
@@ -14,8 +14,8 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
15
15
16 # Setup hostname entry with static IP
16 # Setup hostname entry with static IP
17 if [ "$NET_ADDRESS" != "" ] ; then
17 if [ "$NET_ETH_ADDRESS" != "" ] ; then
18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
18 NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')
19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 fi
20 fi
21
21
@@ -28,52 +28,102 fi
28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29
29
30 # Install configuration for interface eth0
30 # Install configuration for interface eth0
31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
31 install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"
32
32
33 if [ "$RPI_MODEL" = 3P ] ; then
33 if [ "$RPI_MODEL" = 3P ] ; then
34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth.network"
34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"
35 fi
35 fi
36
36
37 # Install configuration for interface wl*
37 # Install configuration for interface wl*
38 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
38 install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"
39
39
40 #always with dhcp since wpa_supplicant integration is missing
40 #always with dhcp since wpa_supplicant integration is missing
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
42
42
43 if [ "$ENABLE_DHCP" = true ] ; then
43 if [ "$ENABLE_ETH_DHCP" = true ] ; then
44 # Enable DHCP configuration for interface eth0
44 # Enable DHCP configuration for interface eth0
45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"
46
46
47 # Set DHCP configuration to IPv4 only
47 # Set DHCP configuration to IPv4 only
48 if [ "$ENABLE_IPV6" = false ] ; then
48 if [ "$ENABLE_IPV6" = false ] ; then
49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"
50 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"
50 fi
51 fi
51
52
52 else # ENABLE_DHCP=false
53 else # ENABLE_ETH_DHCP=false
53 # Set static network configuration for interface eth0
54 # Set static network configuration for interface eth0
54 sed -i\
55 if [ -n NET_ETH_ADDRESS ] && [ -n NET_ETH_GATEWAY ] && [ -n NET_ETH_DNS_1 ] ; then
55 -e "s|DHCP=.*|DHCP=no|"\
56 sed -i\
56 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
57 -e "s|DHCP=.*|DHCP=no|"\
57 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
58 -e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\
58 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
59 -e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\
59 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
60 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\
60 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
61 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\
61 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
62 -e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\
62 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
63 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\
63 "${ETC_DIR}/systemd/network/eth.network"
64 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\
65 "${ETC_DIR}/systemd/network/eth0.network"
66 fi
64 fi
67 fi
65
68
66 # Remove empty settings from network configuration
67 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
68 # Remove empty settings from wlan configuration
69 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
70
69
71 # Move systemd network configuration if required by Debian release
72 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
73 # If WLAN is enabled copy wlan configuration too
74 if [ "$ENABLE_WIRELESS" = true ] ; then
70 if [ "$ENABLE_WIRELESS" = true ] ; then
75 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
71 if [ "$ENABLE_WIFI_DHCP" = true ] ; then
72 # Enable DHCP configuration for interface eth0
73 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
74
75 # Set DHCP configuration to IPv4 only
76 if [ "$ENABLE_IPV6" = false ] ; then
77 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"
78 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"
79 fi
80
81 else # ENABLE_WIFI_DHCP=false
82 # Set static network configuration for interface eth0
83 if [ -n NET_WIFI_ADDRESS ] && [ -n NET_WIFI_GATEWAY ] && [ -n NET_WIFI_DNS_1 ] ; then
84 sed -i\
85 -e "s|DHCP=.*|DHCP=no|"\
86 -e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\
87 -e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\
88 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\
89 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\
90 -e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\
91 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\
92 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\
93 "${ETC_DIR}/systemd/network/wlan0.network"
94 fi
95 fi
96
97 if [ -z "$NET_WIFI_SSID" ] && [ -z "$NET_WIFI_PSK" ] ; then
98 printf "
99 ctrl_interface=/run/wpa_supplicant
100 ctrl_interface_group=wheel
101 update_config=1
102 eapol_version=1
103 ap_scan=1
104 fast_reauth=1
105
106 " > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
107
108 #Configure WPA_supplicant
109 chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
110
111 chroot_exec systemctl enable wpa_supplicant.service
112 chroot_exec systemctl enable wpa_supplicant@wlan0.service
113 fi
114 # Remove empty settings from wlan configuration
115 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"
116 # If WLAN is enabled copy wlan configuration too
117 mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"
76 fi
118 fi
119
120 # Remove empty settings from network configuration
121 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"
122
123 # Move systemd network configuration if required by Debian release
124 mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"
125
126 #Clean up
77 rm -fr "${ETC_DIR}/systemd/network"
127 rm -fr "${ETC_DIR}/systemd/network"
78
128
79 # Enable systemd-networkd service
129 # Enable systemd-networkd service
Show file before | Show file after | Hide comments
@@ -46,7 +46,7 if [ "$ENABLE_IPTABLES" = true ] ; then
46 chroot_exec systemctl enable ip6tables.service
46 chroot_exec systemctl enable ip6tables.service
47 fi
47 fi
48
48
49 if [ "$ENABLE_SSHD" = false ] ; then
49 if [ "$SSH_ENABLE" = false ] ; then
50 # Remove SSHD related iptables rules
50 # Remove SSHD related iptables rules
51 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
51 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
52 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
52 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
Show file before | Show file after | Hide comments
@@ -6,7 +6,7
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Generate crypt(3) password string
8 # Generate crypt(3) password string
9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${ROOT_PASSWORD}")
10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
11
11
12 # Setup default user
12 # Setup default user
Show file before | Show file after | Hide comments
@@ -5,7 +5,7
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$ENABLE_SSHD" = true ] ; then
8 if [ "$SSH_ENABLE" = true ] ; then
9 DROPBEAR_ARGS=""
9 DROPBEAR_ARGS=""
10
10
11 if [ "$SSH_ENABLE_ROOT" = false ] ; then
11 if [ "$SSH_ENABLE_ROOT" = false ] ; then
Show file before | Show file after | Hide comments
@@ -24,12 +24,14 if [ "$EXPANDROOT" = true ] ; then
24 fi
24 fi
25
25
26 # Ensure openssh server host keys are regenerated on first boot
26 # Ensure openssh server host keys are regenerated on first boot
27 if [ "$ENABLE_SSHD" = true ] ; then
27 if [ "$SSH_ENABLE" = true ] ; then
28 cat files/firstboot/30-generate-ssh-keys.sh >> "${ETC_DIR}/rc.firstboot"
28 cat files/firstboot/30-generate-ssh-keys.sh >> "${ETC_DIR}/rc.firstboot"
29 fi
29 fi
30
30
31 if [ "$ENABLE_DBUS" = true ] ; then
31 # Ensure that dbus machine-id exists
32 # Ensure that dbus machine-id exists
32 cat files/firstboot/40-generate-machineid.sh >> "${ETC_DIR}/rc.firstboot"
33 cat files/firstboot/40-generate-machineid.sh >> "${ETC_DIR}/rc.firstboot"
34 fi
33
35
34 # Create /etc/resolv.conf symlink
36 # Create /etc/resolv.conf symlink
35 cat files/firstboot/41-create-resolv-symlink.sh >> "${ETC_DIR}/rc.firstboot"
37 cat files/firstboot/41-create-resolv-symlink.sh >> "${ETC_DIR}/rc.firstboot"
Show file before | Show file after | Hide comments
@@ -5,6 +5,28
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$ENABLE_IPV6" = false ] ; then
9 "$LIB_DIR"/xtables/libip6t_ah.so
10 "$LIB_DIR"/xtables/libip6t_dst.so
11 "$LIB_DIR"/xtables/libip6t_eui64.so
12 "$LIB_DIR"/xtables/libip6t_frag.so
13 "$LIB_DIR"/xtables/libip6t_hbh.so
14 "$LIB_DIR"/xtables/libip6t_hl.so
15 "$LIB_DIR"/xtables/libip6t_HL.so
16 "$LIB_DIR"/xtables/libip6t_icmp6.so
17 "$LIB_DIR"/xtables/libip6t_ipv6header.so
18 "$LIB_DIR"/xtables/libip6t_LOG.so
19 "$LIB_DIR"/xtables/libip6t_mh.so
20 "$LIB_DIR"/xtables/libip6t_REJECT.so
21 "$LIB_DIR"/xtables/libip6t_rt.so
22 "$LIB_DIR"/xtables/libip6t_DNAT.so
23 "$LIB_DIR"/xtables/libip6t_DNPT.so
24 "$LIB_DIR"/xtables/libip6t_MASQUERADE.so
25 "$LIB_DIR"/xtables/libip6t_NETMAP.so
26 "$LIB_DIR"/xtables/libip6t_REDIRECT.so
27 "$LIB_DIR"/xtables/libip6t_SNAT.so
28 "$LIB_DIR"/xtables/libip6t_SNPT.so
29 fi
8 # Reduce the image size by various operations
30 # Reduce the image size by various operations
9 if [ "$ENABLE_REDUCE" = true ] ; then
31 if [ "$ENABLE_REDUCE" = true ] ; then
10 if [ "$REDUCE_APT" = true ] ; then
32 if [ "$REDUCE_APT" = true ] ; then
Show file before | Show file after | Hide comments
@@ -1,13 +1,32
1 logger -t "rc.firstboot" "Configuring network interface name"
1 logger -t "rc.firstboot" "Configuring network interface name"
2
2
3 INTERFACE_NAME=$(dmesg | grep "renamed from eth0" | awk -F ":| " '{ print $9 }')
3 INTERFACE_NAME_ETH=$(dmesg | grep "renamed from eth0" | awk -F ":| " '{ print $9 }')
4 INTERFACE_NAME_WIFI=$(dmesg | grep "renamed from wlan0" | awk -F ":| " '{ print $9 }')
4
5
5 if [ ! -z INTERFACE_NAME ] ; then
6 if [ ! -z INTERFACE_NAME_ETH ] ; then
6 if [ -r "/etc/systemd/network/eth.network" ] ; then
7 if [ -r "/etc/systemd/network/eth0.network" ] ; then
7 sed -i "s/eth0/${INTERFACE_NAME}/" /etc/systemd/network/eth.network
8 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /etc/systemd/network/eth0.network
8 fi
9 fi
9
10
10 if [ -r "/lib/systemd/network/10-eth.network" ] ; then
11 if [ -r "/lib/systemd/network/10-eth0.network" ] ; then
11 sed -i "s/eth0/${INTERFACE_NAME}/" /lib/systemd/network/10-eth.network
12 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /lib/systemd/network/10-eth0.network
12 fi
13 fi
14 # Move config to new interface name
15 mv /etc/systemd/network/eth0.network /etc/systemd/network/"${INTERFACE_NAME_ETH}".network
16 fi
17
18 if [ ! -z INTERFACE_NAME_WIFI ] ; then
19 if [ -r "/etc/systemd/network/wlan0.network" ] ; then
20 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /etc/systemd/network/wlan0.network
21 fi
22
23 if [ -r "/lib/systemd/network/11-wlan0.network" ] ; then
24 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /lib/systemd/network/11-wlan0.network
25 fi
26 # Move config to new interface name
27 mv /etc/systemd/network/wlan0.network /etc/systemd/network/"${INTERFACE_NAME_WIFI}".network
28
29 systemctl disable wpa_supplicant@wlan0.service
30 systemctl enable wpa_supplicant@"${INTERFACE_NAME_WIFI}".service
31 systemctl start wpa_supplicant@"${INTERFACE_NAME_WIFI}".service
13 fi
32 fi
Show file before | Show file after | Hide comments
@@ -36,11 +36,11 fi
36
36
37 # Introduce settings
37 # Introduce settings
38 set -e
38 set -e
39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi 0/1/2/3/4 Bootstrap Settings\n#\n"
40 set -x
40 set -x
41
41
42 # Raspberry Pi model configuration
42 # Raspberry Pi model configuration
43 RPI_MODEL=${RPI_MODEL:=2}
43 RPI_MODEL=${RPI_MODEL:=3P}
44
44
45 # Debian release
45 # Debian release
46 RELEASE=${RELEASE:=buster}
46 RELEASE=${RELEASE:=buster}
@@ -66,13 +66,13 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.gi
66 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
66 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
67 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
67 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
68 # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
68 # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.80.20191022/bcmrpi3-kernel-bis-4.19.80.20191022.tar.xz}
69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.102.20200211/bcmrpi3-kernel-bis-4.19.102.20200211.tar.xz}
70 # Default precompiled 64bit kernel
70 # Default precompiled 64bit kernel
71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.80.20191022/bcmrpi3-kernel-4.19.80.20191022.tar.xz}
71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.102.20200211/bcmrpi3-kernel-4.19.102.20200211.tar.xz}
72 # Sakaki BIS Kernel RPI4 - https://github.com/sakaki-/bcm2711-kernel-bis
72 # Sakaki BIS Kernel RPI4 - https://github.com/sakaki-/bcm2711-kernel-bis
73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.102.20200211/bcm2711-kernel-bis-4.19.102.20200211.tar.xz}
74 # Default precompiled 64bit kernel - https://github.com/sakaki-/bcm2711-kernel
74 # Default precompiled 64bit kernel - https://github.com/sakaki-/bcm2711-kernel
75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.102.20200211/bcm2711-kernel-bis-4.19.102.20200211.tar.xz}
76 # Generic
76 # Generic
77 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
77 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
78 RPI4_64_KERNEL_URL=${RPI4_64_KERNEL_URL:=$RPI4_64_DEF_KERNEL_URL}
78 RPI4_64_KERNEL_URL=${RPI4_64_KERNEL_URL:=$RPI4_64_DEF_KERNEL_URL}
@@ -93,18 +93,28 KERNEL_DIR="${R}/usr/src/linux"
93 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
93 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
94 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
94 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
95
95
96 # Firmware directory: Blank if download from github
96 # APT settings
97 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
97 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
98 APT_PROXY=${APT_PROXY:=""}
99 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
100 # Packages required in the chroot build environment
101 APT_INCLUDES=${APT_INCLUDES:=""}
102 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
103 # Packages to exclude from chroot build environment
104 APT_EXCLUDES=${APT_EXCLUDES:=""}
98
105
99 # General settings
106 # General settings
100 SET_ARCH=${SET_ARCH:=32}
107 SET_ARCH=${SET_ARCH:=32}
101 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
108 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
102 PASSWORD=${PASSWORD:=raspberry}
103 USER_PASSWORD=${USER_PASSWORD:=raspberry}
104 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
109 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
105 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
110 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
106 EXPANDROOT=${EXPANDROOT:=true}
111 EXPANDROOT=${EXPANDROOT:=true}
107 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
112
113 ENABLE_ROOT=${ENABLE_ROOT:=false}
114 ROOT_PASSWORD=${ROOT_PASSWORD:=raspberry}
115 ENABLE_USER=${ENABLE_USER:=true}
116 USER_NAME=${USER_NAME:="pi"}
117 USER_PASSWORD=${USER_PASSWORD:=raspberry}
108
118
109 # Keyboard settings
119 # Keyboard settings
110 XKB_MODEL=${XKB_MODEL:=""}
120 XKB_MODEL=${XKB_MODEL:=""}
@@ -112,135 +122,139 XKB_LAYOUT=${XKB_LAYOUT:=""}
112 XKB_VARIANT=${XKB_VARIANT:=""}
122 XKB_VARIANT=${XKB_VARIANT:=""}
113 XKB_OPTIONS=${XKB_OPTIONS:=""}
123 XKB_OPTIONS=${XKB_OPTIONS:=""}
114
124
125 # Networking settings:
126 ENABLE_IPV6=${ENABLE_IPV6:=true}
127 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
128 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
129 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
130 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
131
115 # Network settings (DHCP)
132 # Network settings (DHCP)
116 ENABLE_DHCP=${ENABLE_DHCP:=true}
133 ENABLE_ETH_DHCP=${ENABLE_ETH_DHCP:=true}
134 ENABLE_WIFI_DHCP=${ENABLE_ETH_DHCP:=true}
117
135
118 # Network settings (static)
136 # Network settings (static)
119 NET_ADDRESS=${NET_ADDRESS:=""}
137 NET_ETH_ADDRESS=${NET_ETH_ADDRESS:=""}
120 NET_GATEWAY=${NET_GATEWAY:=""}
138 NET_ETH_GATEWAY=${NET_ETH_GATEWAY:=""}
121 NET_DNS_1=${NET_DNS_1:=""}
139 NET_ETH_DNS_1=${NET_ETH_DNS_1:=""}
122 NET_DNS_2=${NET_DNS_2:=""}
140 NET_ETH_DNS_2=${NET_ETH_DNS_2:=""}
123 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
141 NET_ETH_DNS_DOMAINS=${NET_ETH_DNS_DOMAINS:=""}
124 NET_NTP_1=${NET_NTP_1:=""}
142 NET_ETH_NTP_1=${NET_ETH_NTP_1:=""}
125 NET_NTP_2=${NET_NTP_2:=""}
143 NET_ETH_NTP_2=${NET_ETH_NTP_2:=""}
144
145 # Networking settings (WIFI):
146 NET_WIFI_SSID=${NET_WIFI_SSID:=""}
147 NET_WIFI_PSK=${NET_WIFI_PSK:=""}
126
148
127 # APT settings
149 # Network settings (static)
128 APT_PROXY=${APT_PROXY:=""}
150 NET_WIFI_ADDRESS=${NET_WIFI_ADDRESS:=""}
129 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
151 NET_WIFI_GATEWAY=${NET_WIFI_GATEWAY:=""}
130 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
152 NET_WIFI_DNS_1=${NET_WIFI_DNS_1:=""}
153 NET_WIFI_DNS_2=${NET_WIFI_DNS_2:=""}
154 NET_WIFI_DNS_DOMAINS=${NET_WIFI_DNS_DOMAINS:=""}
155 NET_WIFI_NTP_1=${NET_WIFI_NTP_1:=""}
156 NET_WIFI_NTP_2=${NET_WIFI_NTP_2:=""}
131
157
132 # Feature settings
158 # Feature settings
159 ENABLE_CONSOLE=${ENABLE_CONSOLE:=false}
133 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
160 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
134 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
161 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
135 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
162 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
136 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
163 ENABLE_TURBO=${ENABLE_TURBO:=false}
137 ENABLE_I2C=${ENABLE_I2C:=false}
164 ENABLE_I2C=${ENABLE_I2C:=false}
138 ENABLE_SPI=${ENABLE_SPI:=false}
165 ENABLE_SPI=${ENABLE_SPI:=false}
139 ENABLE_IPV6=${ENABLE_IPV6:=true}
166
140 ENABLE_SSHD=${ENABLE_SSHD:=true}
141 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
167 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
142 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
168 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
143 ENABLE_SOUND=${ENABLE_SOUND:=true}
169 ENABLE_SOUND=${ENABLE_SOUND:=false}
144 ENABLE_DBUS=${ENABLE_DBUS:=true}
145 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
170 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
146 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
171 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
147 ENABLE_XORG=${ENABLE_XORG:=false}
172 ENABLE_XORG=${ENABLE_XORG:=false}
148 ENABLE_WM=${ENABLE_WM:=""}
173 ENABLE_WM=${ENABLE_WM:=""}
149 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
150 ENABLE_USER=${ENABLE_USER:=true}
151 USER_NAME=${USER_NAME:="pi"}
152 ENABLE_ROOT=${ENABLE_ROOT:=false}
153 ENABLE_QEMU=${ENABLE_QEMU:=false}
154 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
174 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
155
175 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
156 # SSH settings
176 ENABLE_LOGO=${ENABLE_LOGO:=true}
157 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
177 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
158 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
178 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
159 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
160 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
161 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
162
179
163 # Advanced settings
180 # Advanced settings
181 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
164 ENABLE_SYSTEMDSWAP=${ENABLE_SYSTEMDSWAP:=false}
182 ENABLE_SYSTEMDSWAP=${ENABLE_SYSTEMDSWAP:=false}
183 ENABLE_QEMU=${ENABLE_QEMU:=false}
184 ENABLE_KEYGEN=${ENABLE_KEYGEN:=false}
165 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
185 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
166 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
186 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
187 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
188 ENABLE_DBUS=${ENABLE_DBUS:=true}
189 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
190 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
167 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
191 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
168 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
192 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
169 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
170 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
193 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
194 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
171 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
195 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
172 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
173 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
196 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
174 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
197 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
175 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
198 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
176 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
199
177 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
200 # SSH settings
178 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
201 SSH_ENABLE=${SSH_ENABLE:=true}
179 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
202 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
180 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
203 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
181 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
204 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
182 ENABLE_LOGO=${ENABLE_LOGO:=true}
205 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
183 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
206 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
184 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
185
207
186 # Kernel compilation settings
208 # Kernel compilation settings
187 BUILD_KERNEL=${BUILD_KERNEL:=true}
209 BUILD_KERNEL=${BUILD_KERNEL:=true}
188 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
189 KERNEL_THREADS=${KERNEL_THREADS:=1}
210 KERNEL_THREADS=${KERNEL_THREADS:=1}
190 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
211 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
191 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
212 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
192 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
193 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
213 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
194 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
214 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
195 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
215 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
216 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
217 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
218 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
219 KERNELSRC_USRCONFIG=${KERNELSRC_USRCONFIG:=""}
220 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
221 # Firmware directory: Blank if download from github
222 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
223 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
224 KERNEL_NF=${KERNEL_NF:=false}
196 KERNEL_VIRT=${KERNEL_VIRT:=false}
225 KERNEL_VIRT=${KERNEL_VIRT:=false}
226 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
197 KERNEL_BPF=${KERNEL_BPF:=false}
227 KERNEL_BPF=${KERNEL_BPF:=false}
198 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
199 KERNEL_SECURITY=${KERNEL_SECURITY:=false}
228 KERNEL_SECURITY=${KERNEL_SECURITY:=false}
200 KERNEL_NF=${KERNEL_NF:=false}
201 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
202 KERNEL_BTRFS=${KERNEL_BTRFS:=false}
229 KERNEL_BTRFS=${KERNEL_BTRFS:=false}
203 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
204 KERNEL_POEHAT=${KERNEL_POEHAT:=false}
230 KERNEL_POEHAT=${KERNEL_POEHAT:=false}
205
231 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
206 # Kernel compilation from source directory settings
232 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
207 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
208 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
209 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
210 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
211
233
212 # Reduce disk usage settings
234 # Reduce disk usage settings
235 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
213 REDUCE_APT=${REDUCE_APT:=true}
236 REDUCE_APT=${REDUCE_APT:=true}
214 REDUCE_DOC=${REDUCE_DOC:=true}
237 REDUCE_DOC=${REDUCE_DOC:=false}
215 REDUCE_MAN=${REDUCE_MAN:=true}
238 REDUCE_MAN=${REDUCE_MAN:=false}
216 REDUCE_VIM=${REDUCE_VIM:=false}
239 REDUCE_VIM=${REDUCE_VIM:=false}
217 REDUCE_BASH=${REDUCE_BASH:=false}
240 REDUCE_BASH=${REDUCE_BASH:=false}
218 REDUCE_HWDB=${REDUCE_HWDB:=true}
241 REDUCE_HWDB=${REDUCE_HWDB:=false}
219 REDUCE_SSHD=${REDUCE_SSHD:=true}
242 REDUCE_SSHD=${REDUCE_SSHD:=false}
220 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
243 REDUCE_LOCALE=${REDUCE_LOCALE:=false}
244 REDUCE_KERNEL=${REDUCE_KERNEL:=false}
221
245
222 # Encrypted filesystem settings
246 # Encrypted filesystem settings
223 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
247 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
224 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
248 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
225 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
249 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
226 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64"}
250 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64"}
227 CRYPTFS_HASH=${CRYPTFS_HASH:="sha512"}
251 CRYPTFS_HASH=${CRYPTFS_HASH:="sha256"}
228 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
252 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=256}
229 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
253 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
230 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
254 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
231 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
255 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
232 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
256 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
233
257
234 # Chroot scripts directory
235 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
236
237 # Packages required in the chroot build environment
238 APT_INCLUDES=${APT_INCLUDES:=""}
239 APT_INCLUDES="${APT_INCLUDES},flex,bison,libssl-dev,apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
240
241 # Packages to exclude from chroot build environment
242 APT_EXCLUDES=${APT_EXCLUDES:=""}
243
244 # Packages required for bootstrapping
258 # Packages required for bootstrapping
245 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus bison flex libssl-dev sudo"
259 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus bison flex libssl-dev sudo"
246 MISSING_PACKAGES=""
260 MISSING_PACKAGES=""
@@ -295,8 +309,17 if [ -n "$SET_ARCH" ] ; then
295 RELEASE_ARCH=${RELEASE_ARCH:=armel}
309 RELEASE_ARCH=${RELEASE_ARCH:=armel}
296 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
310 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
297 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
311 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
312
313 if [ $ENABLE_XORG = true ] ; then
314 if [$RELEASE = "stretch" ] || [$RELEASE = "oldstable" ] ; then
315 printf "\nBest support for armel architecture is provided under Debian stretch/oldstable. Choose yes to change release to Debian stretch[y/n] "
316 read -r confirm
317 if [ "$confirm" = "y" ] ; then
318 $RELEASE = "stretch"
319 fi
320 fi
321 fi
298 fi
322 fi
299
300 # Raspberry Pi model specific settings
323 # Raspberry Pi model specific settings
301 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
324 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
302 if [ "$RPI_MODEL" != 4 ] ; then
325 if [ "$RPI_MODEL" != 4 ] ; then
@@ -361,7 +384,7 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$
361 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
384 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
362 fi
385 fi
363 if [ "$ENABLE_WIRELESS" = true ] ; then
386 if [ "$ENABLE_WIRELESS" = true ] ; then
364 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb"
387 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb,wpasupplicant"
365 fi
388 fi
366 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
389 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
367 # Check if the internal wireless interface is not supported by the RPi model
390 # Check if the internal wireless interface is not supported by the RPi model
@@ -436,7 +459,7 fi
436
459
437 # Add device-tree-compiler required for building the U-Boot bootloader
460 # Add device-tree-compiler required for building the U-Boot bootloader
438 if [ "$ENABLE_UBOOT" = true ] ; then
461 if [ "$ENABLE_UBOOT" = true ] ; then
439 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
462 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bc"
440 fi
463 fi
441
464
442 if [ "$ENABLE_USBBOOT" = true ] ; then
465 if [ "$ENABLE_USBBOOT" = true ] ; then
@@ -591,7 +614,7 if [ "$KERNEL_SECURITY" = true ] ; then
591 fi
614 fi
592
615
593 # Add openssh server package
616 # Add openssh server package
594 if [ "$ENABLE_SSHD" = true ] ; then
617 if [ "$SSH_ENABLE" = true ] ; then
595 APT_INCLUDES="${APT_INCLUDES},openssh-server"
618 APT_INCLUDES="${APT_INCLUDES},openssh-server"
596 fi
619 fi
597
620
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant