##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
Unknown -
r732:4551fcf06923
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,14
1 [Match]
2 Name=eth0
3
4 [Network]
5 RouteMetric=10
6 IPv6PrivacyExtensions=true
7 DHCP=no
8 Address=
9 Gateway=
10 DNS=
11 DNS=
12 Domains=
13 NTP=
14 NTP=
Show file before | Show file after | Hide comments
@@ -0,0 +1,14
1 [Match]
2 Name=wlan0
3
4 [Network]
5 RouteMetric=20
6 IPv6PrivacyExtensions=true
7 DHCP=no
8 Address=
9 Gateway=
10 DNS=
11 DNS=
12 Domains=
13 NTP=
14 NTP=
Show file before | Show file after | Hide comments
@@ -0,0 +1,188
1 ############################
2 ########APT settings########
3 ############################
4 APT_SERVER=ftp.debian.org
5 APT_PROXY=
6 KEEP_APT_PROXY=false
7 APT_INCLUDES_LATE=
8 APT_INCLUDES=
9 ############################
10 ##General system settings###
11 ############################
12 SET_ARCH=32
13 RPI_MODEL=3P
14 RELEASE=buster
15 HOSTNAME=
16 DEFLOCAL=en_US.UTF-8
17 TIMEZONE=Europe/Berlin
18 EXPANDROOT=true
19 ############################
20 #######User settings########
21 ############################
22 ENABLE_ROOT=false
23 ROOT_PASSWORD=raspberry
24 ENABLE_USER=true
25 USER_NAME=pi
26 USER_PASSWORD=raspberry
27 ############################
28 ####Keyboard settings#######
29 ############################
30 XKB_MODEL=
31 XKB_LAYOUT=
32 XKB_VARIANT=
33 XKB_OPTIONS=
34 ############################
35 ######Network settings######
36 ############################
37 ENABLE_IPV6=true
38 ENABLE_WIRELESS=false
39 ENABLE_IPTABLES=false
40 ENABLE_HARDNET=false
41 ENABLE_IFNAMES=true
42 ############################
43 # Network settings (DHCP)
44 ENABLE_ETH_DHCP=true
45 ENABLE_WIFI_DHCP=true
46 ############################
47 # Network settings (static)
48 NET_ETH_ADDRESS=
49 NET_ETH_GATEWAY=
50 NET_ETH_DNS_1=
51 NET_ETH_DNS_2=
52 NET_ETH_DNS_DOMAINS=
53 NET_ETH_NTP_1=
54 NET_ETH_NTP_2=
55 ############################
56 NET_WIFI_SSID=
57 NET_WIFI_PSK=
58 ############################
59 # Network settings (static)
60 NET_WIFI_ADDRESS=
61 NET_WIFI_GATEWAY=
62 NET_WIFI_DNS_1=
63 NET_WIFI_DNS_2=
64 NET_WIFI_DNS_DOMAINS=
65 NET_WIFI_NTP_1=
66 NET_WIFI_NTP_2=
67 ############################
68 ###Basic system settings####
69 ############################
70 ENABLE_CONSOLE=false
71 ENABLE_PRINTK=false
72 ENABLE_BLUETOOTH=false
73 ENABLE_MINIUART_OVERLAY=false
74 ENABLE_TURBO=false
75 ENABLE_I2C=true
76 ENABLE_SPI=true
77 ENABLE_NONFREE=false
78 ENABLE_RSYSLOG=false
79 ENABLE_SOUND=false
80 ENABLE_HWRANDOM=true
81 ENABLE_MINGPU=false
82 ENABLE_XORG=false
83 ENABLE_WM=
84 ENABLE_SYSVINIT=false
85 ENABLE_SPLASH=true
86 ENABLE_LOGO=true
87 ENABLE_SILENT_BOOT=false
88 ############################
89 #1=disable overlay,2=turbo+overlay, otherwise leave unset
90 DISABLE_UNDERVOLT_WARNINGS=
91 ############################
92 ##Advanced system settings##
93 ############################
94 ENABLE_DPHYSSWAP=true
95 ENABLE_SYSTEMDSWAP=false
96 ############################
97 ENABLE_QEMU=false
98 QEMU_BINARY=
99 ENABLE_KEYGEN=false
100 ENABLE_MINBASE=false
101 ENABLE_SPLITFS=false
102 ENABLE_INITRAMFS=false
103 ENABLE_DBUS=true
104 ENABLE_USBBOOT=false
105 ############################
106 CHROOT_SCRIPTS=
107 ############################
108 ENABLE_UBOOT=false
109 UBOOTSRC_DIR=
110 ############################
111 ENABLE_FBTURBO=false
112 FBTURBOSRC_DIR=
113 ############################
114 ENABLE_VIDEOCORE=false
115 VIDEOCORESRC_DIR=
116 ############################
117 ENABLE_NEXMON=false
118 NEXMONSRC_DIR=
119 ############################
120 ########SSH settings########
121 ############################
122 SSH_ENABLE=true
123 SSH_ENABLE_ROOT=false
124 SSH_DISABLE_PASSWORD_AUTH=false
125 SSH_LIMIT_USERS=false
126 SSH_ROOT_PUB_KEY=
127 SSH_USER_PUB_KEY=
128 ############################
129 #####Kernel settings########
130 ############################
131 BUILD_KERNEL=true
132 CROSS_COMPILE=
133 KERNEL_ARCH=
134 KERNEL_IMAGE=
135 KERNEL_BRANCH=
136 KERNEL_DEFCONFIG=
137
138 KERNEL_THREADS=1
139 KERNEL_HEADERS=true
140 KERNEL_MENUCONFIG=false
141 KERNEL_OLDDEFCONFIG=false
142 KERNEL_CCACHE=false
143 KERNEL_REMOVESRC=true
144 KERNELSRC_DIR=
145 KERNELSRC_CLEAN=false
146 KERNELSRC_CONFIG=true
147 KERNELSRC_USRCONFIG=
148 KERNELSRC_PREBUILT=false
149 RPI_FIRMWARE_DIR=
150 KERNEL_DEFAULT_GOV=ondemand
151 KERNEL_NF=false
152 KERNEL_VIRT=false
153 KERNEL_ZSWAP=false
154 KERNEL_BPF=true
155 KERNEL_SECURITY=false
156 KERNEL_BTRFS=false
157 KERNEL_POEHAT=false
158 KERNEL_NSPAWN=false
159 KERNEL_DHKEY=true
160 ############################
161 #######Save diskspace#######
162 ############################
163 ENABLE_REDUCE=false
164 REDUCE_APT=true
165 REDUCE_DOC=false
166 REDUCE_MAN=false
167 REDUCE_VIM=false
168 REDUCE_BASH=false
169 REDUCE_HWDB=false
170 REDUCE_SSHD=false
171 REDUCE_LOCALE=false
172 REDUCE_KERNEL=false
173 ############################
174 ######CryptFS Settings######
175 ############################
176 ENABLE_CRYPTFS=false
177 CRYPTFS_PASSWORD=
178 CRYPTFS_MAPPING=secure
179 CRYPTFS_CIPHER=aes-xts-plain64
180 CRYPTFS_HASH=sha256
181 CRYPTFS_XTSKEYSIZE=256
182 CRYPTFS_DROPBEAR=false
183 CRYPTFS_DROPBEAR_PUBKEY=
184 ############################
185 #######Build settings#######
186 ############################
187 BASEDIR=
188 IMAGE_NAME= No newline at end of file
Show file before | Show file after | Hide comments
@@ -9,7 +9,8 VARIANT=""
9 9 COMPONENTS="main"
10 10
11 11 # Use non-free Debian packages if needed
12 if [ "$ENABLE_NONFREE" = true ] ; then
12 # One use variable which is only needed by wifi firmware blob => reworked to use non free in /etc/apt/sources.list - we could just use ENABLE_WIRELESS here
13 if [ "$ENABLE_WIRELESS" = true ] ; then
13 14 COMPONENTS="main,non-free,contrib"
14 15 fi
15 16
Show file before | Show file after | Hide comments
@@ -49,10 +49,16 if [ "$BUILD_KERNEL" = true ] ; then
49 49 fi
50 50
51 51 # Calculate optimal number of kernel building threads
52 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
52 if [ -n "$KERNEL_THREADS" ] && [ -r /proc/cpuinfo ] ; then
53 53 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
54 54 fi
55 55
56 # TODO: Check if defined Threadcount is higher than actual cores
57 # if [ "$KERNEL_THREADS" > grep -c processor /proc/cpuinfo] ; then
58 # echo "Defined more Threads than core assigned to this system"
59 # exit 1
60 # fi
61
56 62 #Copy 32bit config to 64bit
57 63 if [ "$ENABLE_QEMU" = true ] && [ "$KERNEL_ARCH" = arm64 ]; then
58 64 cp "${KERNEL_DIR}"/arch/arm/configs/vexpress_defconfig "${KERNEL_DIR}"/arch/arm64/configs/
@@ -61,7 +67,7 if [ "$BUILD_KERNEL" = true ] ; then
61 67 # Configure and build kernel
62 68 if [ "$KERNELSRC_PREBUILT" = false ] ; then
63 69 # Remove device, network and filesystem drivers from kernel configuration
64 if [ "$KERNEL_REDUCE" = true ] ; then
70 if [ "$REDUCE_KERNEL" = true ] ; then
65 71 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
66 72 sed -i\
67 73 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
@@ -464,7 +470,23 if [ "$BUILD_KERNEL" = true ] ; then
464 470 set_kernel_config CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY n
465 471 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS m
466 472 set_kernel_config CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE 4096
473 fi
467 474
475 if [ "$ENABLE_CRYPTFS" = true ] ; then
476 set_kernel_config CONFIG_EMBEDDED y
477 set_kernel_config CONFIG_EXPERT y
478 set_kernel_config CONFIG_DAX y
479 set_kernel_config CONFIG_MD y
480 set_kernel_config CONFIG_BLK_DEV_MD y
481 set_kernel_config CONFIG_MD_AUTODETECT y
482 set_kernel_config CONFIG_BLK_DEV_DM y
483 set_kernel_config CONFIG_BLK_DEV_DM_BUILTIN y
484 set_kernel_config CONFIG_DM_CRYPT y
485 set_kernel_config CONFIG_CRYPTO_BLKCIPHER y
486 set_kernel_config CONFIG_CRYPTO_CBC y
487 set_kernel_config CONFIG_CRYPTO_XTS y
488 set_kernel_config CONFIG_CRYPTO_SHA512 y
489 set_kernel_config CONFIG_CRYPTO_MANAGER y
468 490 set_kernel_config CONFIG_ARM64_CRYPTO y
469 491 set_kernel_config CONFIG_CRYPTO_SHA256_ARM64 m
470 492 set_kernel_config CONFIG_CRYPTO_SHA512_ARM64 m
@@ -620,8 +642,7 if [ "$BUILD_KERNEL" = true ] ; then
620 642 fi
621 643
622 644 # KERNEL_DEFAULT_GOV was set by user
623 if [ "$KERNEL_DEFAULT_GOV" != powersave ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
624
645 if [ "$KERNEL_DEFAULT_GOV" != ondemand ] && [ -n "$KERNEL_DEFAULT_GOV" ] ; then
625 646 case "$KERNEL_DEFAULT_GOV" in
626 647 performance)
627 648 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
@@ -643,9 +664,8 if [ "$BUILD_KERNEL" = true ] ; then
643 664 exit 1
644 665 ;;
645 666 esac
646
647 667 # unset previous default governor
648 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
668 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND
649 669 fi
650 670
651 671 #Revert to previous directory
@@ -655,25 +675,6 if [ "$BUILD_KERNEL" = true ] ; then
655 675 if [ "$ENABLE_QEMU" = true ] ; then
656 676 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
657 677 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
658
659 if [ "$ENABLE_CRYPTFS" = true ] ; then
660 {
661 echo "CONFIG_EMBEDDED=y"
662 echo "CONFIG_EXPERT=y"
663 echo "CONFIG_DAX=y"
664 echo "CONFIG_MD=y"
665 echo "CONFIG_BLK_DEV_MD=y"
666 echo "CONFIG_MD_AUTODETECT=y"
667 echo "CONFIG_BLK_DEV_DM=y"
668 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
669 echo "CONFIG_DM_CRYPT=y"
670 echo "CONFIG_CRYPTO_BLKCIPHER=y"
671 echo "CONFIG_CRYPTO_CBC=y"
672 echo "CONFIG_CRYPTO_XTS=y"
673 echo "CONFIG_CRYPTO_SHA512=y"
674 echo "CONFIG_CRYPTO_MANAGER=y"
675 } >> "${KERNEL_DIR}"/.config
676 fi
677 678 fi
678 679
679 680 # Copy custom kernel configuration file
@@ -734,7 +735,7 if [ "$BUILD_KERNEL" = true ] ; then
734 735 fi
735 736
736 737 # Install kernel headers
737 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
738 if [ "$KERNEL_HEADERS" = true ] && [ "$REDUCE_KERNEL" = false ] ; then
738 739 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
739 740 fi
740 741
Show file before | Show file after | Hide comments
@@ -39,16 +39,16 if [ "$ENABLE_INITRAMFS" = true ] ; then
39 39 fi
40 40
41 41 if [ "$CRYPTFS_DROPBEAR" = true ]; then
42 if [ "$ENABLE_DHCP" = false ] ; then
42 if [ "$ENABLE_ETH_DHCP" = false ] ; then
43 43 # Get cdir from NET_ADDRESS e.g. 24
44 cdir=$(printf "%s" "${NET_ADDRESS}" | cut -d '/' -f2)
44 cdir=$(printf "%s" "${NET_ETH_ADDRESS}" | cut -d '/' -f2)
45 45
46 46 # Convert cdir ro netmask e.g. 24 to 255.255.255.0
47 47 NET_MASK=$(cdr2mask "$cdir")
48 48
49 49 # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
50 # ip=<client-ip>:<server-ip>:<gw-ip>:<netmask>:<hostname>:<device>:<autoconf>
51 sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
50 # ip=<client-ip>:<server-ip>:<gw-ip>:<netmask>:<HOSTNAME>:<device>:<autoconf>
51 sed -i "\$a\nIP=${NET_ETH_ADDRESS}::${NET_ETH_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
52 52 else
53 53 sed -i "\$a\nIP=::::${HOSTNAME}::dhcp" "${ETC_DIR}"/initramfs-tools/initramfs.conf
54 54 fi
Show file before | Show file after | Hide comments
@@ -177,6 +177,9 fi
177 177 # may need sudo systemctl disable hciuart
178 178 if [ "$ENABLE_CONSOLE" = true ] ; then
179 179 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
180 #More debug output on early but with serial console
181 echo "uart_2ndstage=1" >> "${BOOT_DIR}/config.txt"
182
180 183 # add string to cmdline
181 184 CMDLINE="${CMDLINE} console=serial0,115200"
182 185
Show file before | Show file after | Hide comments
@@ -14,8 +14,8 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
15 15
16 16 # Setup hostname entry with static IP
17 if [ "$NET_ADDRESS" != "" ] ; then
18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
17 if [ "$NET_ETH_ADDRESS" != "" ] ; then
18 NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')
19 19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 20 fi
21 21
@@ -28,52 +28,102 fi
28 28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29 29
30 30 # Install configuration for interface eth0
31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
31 install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"
32 32
33 33 if [ "$RPI_MODEL" = 3P ] ; then
34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth.network"
34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"
35 35 fi
36 36
37 37 # Install configuration for interface wl*
38 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
38 install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"
39 39
40 40 #always with dhcp since wpa_supplicant integration is missing
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
42 42
43 if [ "$ENABLE_DHCP" = true ] ; then
43 if [ "$ENABLE_ETH_DHCP" = true ] ; then
44 44 # Enable DHCP configuration for interface eth0
45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"
46 46
47 47 # Set DHCP configuration to IPv4 only
48 48 if [ "$ENABLE_IPV6" = false ] ; then
49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"
50 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"
50 51 fi
51 52
52 else # ENABLE_DHCP=false
53 else # ENABLE_ETH_DHCP=false
53 54 # Set static network configuration for interface eth0
55 if [ -n NET_ETH_ADDRESS ] && [ -n NET_ETH_GATEWAY ] && [ -n NET_ETH_DNS_1 ] ; then
54 56 sed -i\
55 57 -e "s|DHCP=.*|DHCP=no|"\
56 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
57 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
58 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
59 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
60 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
61 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
62 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
63 "${ETC_DIR}/systemd/network/eth.network"
58 -e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\
59 -e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\
60 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\
61 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\
62 -e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\
63 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\
64 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\
65 "${ETC_DIR}/systemd/network/eth0.network"
66 fi
64 67 fi
65 68
66 # Remove empty settings from network configuration
67 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
68 # Remove empty settings from wlan configuration
69 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
70 69
71 # Move systemd network configuration if required by Debian release
72 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
73 # If WLAN is enabled copy wlan configuration too
74 70 if [ "$ENABLE_WIRELESS" = true ] ; then
75 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
71 if [ "$ENABLE_WIFI_DHCP" = true ] ; then
72 # Enable DHCP configuration for interface eth0
73 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
74
75 # Set DHCP configuration to IPv4 only
76 if [ "$ENABLE_IPV6" = false ] ; then
77 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"
78 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"
79 fi
80
81 else # ENABLE_WIFI_DHCP=false
82 # Set static network configuration for interface eth0
83 if [ -n NET_WIFI_ADDRESS ] && [ -n NET_WIFI_GATEWAY ] && [ -n NET_WIFI_DNS_1 ] ; then
84 sed -i\
85 -e "s|DHCP=.*|DHCP=no|"\
86 -e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\
87 -e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\
88 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\
89 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\
90 -e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\
91 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\
92 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\
93 "${ETC_DIR}/systemd/network/wlan0.network"
76 94 fi
95 fi
96
97 if [ -z "$NET_WIFI_SSID" ] && [ -z "$NET_WIFI_PSK" ] ; then
98 printf "
99 ctrl_interface=/run/wpa_supplicant
100 ctrl_interface_group=wheel
101 update_config=1
102 eapol_version=1
103 ap_scan=1
104 fast_reauth=1
105
106 " > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
107
108 #Configure WPA_supplicant
109 chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
110
111 chroot_exec systemctl enable wpa_supplicant.service
112 chroot_exec systemctl enable wpa_supplicant@wlan0.service
113 fi
114 # Remove empty settings from wlan configuration
115 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"
116 # If WLAN is enabled copy wlan configuration too
117 mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"
118 fi
119
120 # Remove empty settings from network configuration
121 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"
122
123 # Move systemd network configuration if required by Debian release
124 mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"
125
126 #Clean up
77 127 rm -fr "${ETC_DIR}/systemd/network"
78 128
79 129 # Enable systemd-networkd service
Show file before | Show file after | Hide comments
@@ -46,7 +46,7 if [ "$ENABLE_IPTABLES" = true ] ; then
46 46 chroot_exec systemctl enable ip6tables.service
47 47 fi
48 48
49 if [ "$ENABLE_SSHD" = false ] ; then
49 if [ "$SSH_ENABLE" = false ] ; then
50 50 # Remove SSHD related iptables rules
51 51 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
52 52 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
Show file before | Show file after | Hide comments
@@ -6,7 +6,7
6 6 . ./functions.sh
7 7
8 8 # Generate crypt(3) password string
9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${ROOT_PASSWORD}")
10 10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
11 11
12 12 # Setup default user
Show file before | Show file after | Hide comments
@@ -5,7 +5,7
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 if [ "$ENABLE_SSHD" = true ] ; then
8 if [ "$SSH_ENABLE" = true ] ; then
9 9 DROPBEAR_ARGS=""
10 10
11 11 if [ "$SSH_ENABLE_ROOT" = false ] ; then
Show file before | Show file after | Hide comments
@@ -24,12 +24,14 if [ "$EXPANDROOT" = true ] ; then
24 24 fi
25 25
26 26 # Ensure openssh server host keys are regenerated on first boot
27 if [ "$ENABLE_SSHD" = true ] ; then
27 if [ "$SSH_ENABLE" = true ] ; then
28 28 cat files/firstboot/30-generate-ssh-keys.sh >> "${ETC_DIR}/rc.firstboot"
29 29 fi
30 30
31 if [ "$ENABLE_DBUS" = true ] ; then
31 32 # Ensure that dbus machine-id exists
32 33 cat files/firstboot/40-generate-machineid.sh >> "${ETC_DIR}/rc.firstboot"
34 fi
33 35
34 36 # Create /etc/resolv.conf symlink
35 37 cat files/firstboot/41-create-resolv-symlink.sh >> "${ETC_DIR}/rc.firstboot"
Show file before | Show file after | Hide comments
@@ -5,6 +5,28
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 if [ "$ENABLE_IPV6" = false ] ; then
9 "$LIB_DIR"/xtables/libip6t_ah.so
10 "$LIB_DIR"/xtables/libip6t_dst.so
11 "$LIB_DIR"/xtables/libip6t_eui64.so
12 "$LIB_DIR"/xtables/libip6t_frag.so
13 "$LIB_DIR"/xtables/libip6t_hbh.so
14 "$LIB_DIR"/xtables/libip6t_hl.so
15 "$LIB_DIR"/xtables/libip6t_HL.so
16 "$LIB_DIR"/xtables/libip6t_icmp6.so
17 "$LIB_DIR"/xtables/libip6t_ipv6header.so
18 "$LIB_DIR"/xtables/libip6t_LOG.so
19 "$LIB_DIR"/xtables/libip6t_mh.so
20 "$LIB_DIR"/xtables/libip6t_REJECT.so
21 "$LIB_DIR"/xtables/libip6t_rt.so
22 "$LIB_DIR"/xtables/libip6t_DNAT.so
23 "$LIB_DIR"/xtables/libip6t_DNPT.so
24 "$LIB_DIR"/xtables/libip6t_MASQUERADE.so
25 "$LIB_DIR"/xtables/libip6t_NETMAP.so
26 "$LIB_DIR"/xtables/libip6t_REDIRECT.so
27 "$LIB_DIR"/xtables/libip6t_SNAT.so
28 "$LIB_DIR"/xtables/libip6t_SNPT.so
29 fi
8 30 # Reduce the image size by various operations
9 31 if [ "$ENABLE_REDUCE" = true ] ; then
10 32 if [ "$REDUCE_APT" = true ] ; then
Show file before | Show file after | Hide comments
@@ -1,13 +1,32
1 1 logger -t "rc.firstboot" "Configuring network interface name"
2 2
3 INTERFACE_NAME=$(dmesg | grep "renamed from eth0" | awk -F ":| " '{ print $9 }')
3 INTERFACE_NAME_ETH=$(dmesg | grep "renamed from eth0" | awk -F ":| " '{ print $9 }')
4 INTERFACE_NAME_WIFI=$(dmesg | grep "renamed from wlan0" | awk -F ":| " '{ print $9 }')
4 5
5 if [ ! -z INTERFACE_NAME ] ; then
6 if [ -r "/etc/systemd/network/eth.network" ] ; then
7 sed -i "s/eth0/${INTERFACE_NAME}/" /etc/systemd/network/eth.network
6 if [ ! -z INTERFACE_NAME_ETH ] ; then
7 if [ -r "/etc/systemd/network/eth0.network" ] ; then
8 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /etc/systemd/network/eth0.network
8 9 fi
9 10
10 if [ -r "/lib/systemd/network/10-eth.network" ] ; then
11 sed -i "s/eth0/${INTERFACE_NAME}/" /lib/systemd/network/10-eth.network
11 if [ -r "/lib/systemd/network/10-eth0.network" ] ; then
12 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /lib/systemd/network/10-eth0.network
12 13 fi
14 # Move config to new interface name
15 mv /etc/systemd/network/eth0.network /etc/systemd/network/"${INTERFACE_NAME_ETH}".network
16 fi
17
18 if [ ! -z INTERFACE_NAME_WIFI ] ; then
19 if [ -r "/etc/systemd/network/wlan0.network" ] ; then
20 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /etc/systemd/network/wlan0.network
21 fi
22
23 if [ -r "/lib/systemd/network/11-wlan0.network" ] ; then
24 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /lib/systemd/network/11-wlan0.network
25 fi
26 # Move config to new interface name
27 mv /etc/systemd/network/wlan0.network /etc/systemd/network/"${INTERFACE_NAME_WIFI}".network
28
29 systemctl disable wpa_supplicant@wlan0.service
30 systemctl enable wpa_supplicant@"${INTERFACE_NAME_WIFI}".service
31 systemctl start wpa_supplicant@"${INTERFACE_NAME_WIFI}".service
13 32 fi
Show file before | Show file after | Hide comments
@@ -36,11 +36,11 fi
36 36
37 37 # Introduce settings
38 38 set -e
39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi 0/1/2/3/4 Bootstrap Settings\n#\n"
40 40 set -x
41 41
42 42 # Raspberry Pi model configuration
43 RPI_MODEL=${RPI_MODEL:=2}
43 RPI_MODEL=${RPI_MODEL:=3P}
44 44
45 45 # Debian release
46 46 RELEASE=${RELEASE:=buster}
@@ -66,13 +66,13 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.gi
66 66 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
67 67 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
68 68 # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.80.20191022/bcmrpi3-kernel-bis-4.19.80.20191022.tar.xz}
69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.102.20200211/bcmrpi3-kernel-bis-4.19.102.20200211.tar.xz}
70 70 # Default precompiled 64bit kernel
71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.80.20191022/bcmrpi3-kernel-4.19.80.20191022.tar.xz}
71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.102.20200211/bcmrpi3-kernel-4.19.102.20200211.tar.xz}
72 72 # Sakaki BIS Kernel RPI4 - https://github.com/sakaki-/bcm2711-kernel-bis
73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.102.20200211/bcm2711-kernel-bis-4.19.102.20200211.tar.xz}
74 74 # Default precompiled 64bit kernel - https://github.com/sakaki-/bcm2711-kernel
75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.102.20200211/bcm2711-kernel-bis-4.19.102.20200211.tar.xz}
76 76 # Generic
77 77 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
78 78 RPI4_64_KERNEL_URL=${RPI4_64_KERNEL_URL:=$RPI4_64_DEF_KERNEL_URL}
@@ -93,18 +93,28 KERNEL_DIR="${R}/usr/src/linux"
93 93 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
94 94 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
95 95
96 # Firmware directory: Blank if download from github
97 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
96 # APT settings
97 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
98 APT_PROXY=${APT_PROXY:=""}
99 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
100 # Packages required in the chroot build environment
101 APT_INCLUDES=${APT_INCLUDES:=""}
102 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
103 # Packages to exclude from chroot build environment
104 APT_EXCLUDES=${APT_EXCLUDES:=""}
98 105
99 106 # General settings
100 107 SET_ARCH=${SET_ARCH:=32}
101 108 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
102 PASSWORD=${PASSWORD:=raspberry}
103 USER_PASSWORD=${USER_PASSWORD:=raspberry}
104 109 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
105 110 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
106 111 EXPANDROOT=${EXPANDROOT:=true}
107 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
112
113 ENABLE_ROOT=${ENABLE_ROOT:=false}
114 ROOT_PASSWORD=${ROOT_PASSWORD:=raspberry}
115 ENABLE_USER=${ENABLE_USER:=true}
116 USER_NAME=${USER_NAME:="pi"}
117 USER_PASSWORD=${USER_PASSWORD:=raspberry}
108 118
109 119 # Keyboard settings
110 120 XKB_MODEL=${XKB_MODEL:=""}
@@ -112,135 +122,139 XKB_LAYOUT=${XKB_LAYOUT:=""}
112 122 XKB_VARIANT=${XKB_VARIANT:=""}
113 123 XKB_OPTIONS=${XKB_OPTIONS:=""}
114 124
125 # Networking settings:
126 ENABLE_IPV6=${ENABLE_IPV6:=true}
127 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
128 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
129 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
130 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
131
115 132 # Network settings (DHCP)
116 ENABLE_DHCP=${ENABLE_DHCP:=true}
133 ENABLE_ETH_DHCP=${ENABLE_ETH_DHCP:=true}
134 ENABLE_WIFI_DHCP=${ENABLE_ETH_DHCP:=true}
117 135
118 136 # Network settings (static)
119 NET_ADDRESS=${NET_ADDRESS:=""}
120 NET_GATEWAY=${NET_GATEWAY:=""}
121 NET_DNS_1=${NET_DNS_1:=""}
122 NET_DNS_2=${NET_DNS_2:=""}
123 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
124 NET_NTP_1=${NET_NTP_1:=""}
125 NET_NTP_2=${NET_NTP_2:=""}
137 NET_ETH_ADDRESS=${NET_ETH_ADDRESS:=""}
138 NET_ETH_GATEWAY=${NET_ETH_GATEWAY:=""}
139 NET_ETH_DNS_1=${NET_ETH_DNS_1:=""}
140 NET_ETH_DNS_2=${NET_ETH_DNS_2:=""}
141 NET_ETH_DNS_DOMAINS=${NET_ETH_DNS_DOMAINS:=""}
142 NET_ETH_NTP_1=${NET_ETH_NTP_1:=""}
143 NET_ETH_NTP_2=${NET_ETH_NTP_2:=""}
144
145 # Networking settings (WIFI):
146 NET_WIFI_SSID=${NET_WIFI_SSID:=""}
147 NET_WIFI_PSK=${NET_WIFI_PSK:=""}
126 148
127 # APT settings
128 APT_PROXY=${APT_PROXY:=""}
129 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
130 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
149 # Network settings (static)
150 NET_WIFI_ADDRESS=${NET_WIFI_ADDRESS:=""}
151 NET_WIFI_GATEWAY=${NET_WIFI_GATEWAY:=""}
152 NET_WIFI_DNS_1=${NET_WIFI_DNS_1:=""}
153 NET_WIFI_DNS_2=${NET_WIFI_DNS_2:=""}
154 NET_WIFI_DNS_DOMAINS=${NET_WIFI_DNS_DOMAINS:=""}
155 NET_WIFI_NTP_1=${NET_WIFI_NTP_1:=""}
156 NET_WIFI_NTP_2=${NET_WIFI_NTP_2:=""}
131 157
132 158 # Feature settings
159 ENABLE_CONSOLE=${ENABLE_CONSOLE:=false}
133 160 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
134 161 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
135 162 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
136 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
163 ENABLE_TURBO=${ENABLE_TURBO:=false}
137 164 ENABLE_I2C=${ENABLE_I2C:=false}
138 165 ENABLE_SPI=${ENABLE_SPI:=false}
139 ENABLE_IPV6=${ENABLE_IPV6:=true}
140 ENABLE_SSHD=${ENABLE_SSHD:=true}
166
141 167 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
142 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
143 ENABLE_SOUND=${ENABLE_SOUND:=true}
144 ENABLE_DBUS=${ENABLE_DBUS:=true}
168 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
169 ENABLE_SOUND=${ENABLE_SOUND:=false}
145 170 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
146 171 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
147 172 ENABLE_XORG=${ENABLE_XORG:=false}
148 173 ENABLE_WM=${ENABLE_WM:=""}
149 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
150 ENABLE_USER=${ENABLE_USER:=true}
151 USER_NAME=${USER_NAME:="pi"}
152 ENABLE_ROOT=${ENABLE_ROOT:=false}
153 ENABLE_QEMU=${ENABLE_QEMU:=false}
154 174 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
155
156 # SSH settings
157 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
158 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
159 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
160 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
161 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
175 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
176 ENABLE_LOGO=${ENABLE_LOGO:=true}
177 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
178 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
162 179
163 180 # Advanced settings
181 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
164 182 ENABLE_SYSTEMDSWAP=${ENABLE_SYSTEMDSWAP:=false}
183 ENABLE_QEMU=${ENABLE_QEMU:=false}
184 ENABLE_KEYGEN=${ENABLE_KEYGEN:=false}
165 185 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
166 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
186 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
187 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
188 ENABLE_DBUS=${ENABLE_DBUS:=true}
189 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
190 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
167 191 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
168 192 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
169 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
170 193 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
194 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
171 195 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
172 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
173 196 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
174 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
197 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
175 198 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
176 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
177 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
178 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
179 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
180 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
181 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
182 ENABLE_LOGO=${ENABLE_LOGO:=true}
183 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
184 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
199
200 # SSH settings
201 SSH_ENABLE=${SSH_ENABLE:=true}
202 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
203 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
204 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
205 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
206 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
185 207
186 208 # Kernel compilation settings
187 209 BUILD_KERNEL=${BUILD_KERNEL:=true}
188 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
189 210 KERNEL_THREADS=${KERNEL_THREADS:=1}
190 211 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
191 212 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
192 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
193 213 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
194 214 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
195 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
215 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
216 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
217 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
218 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
219 KERNELSRC_USRCONFIG=${KERNELSRC_USRCONFIG:=""}
220 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
221 # Firmware directory: Blank if download from github
222 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
223 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
224 KERNEL_NF=${KERNEL_NF:=false}
196 225 KERNEL_VIRT=${KERNEL_VIRT:=false}
226 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
197 227 KERNEL_BPF=${KERNEL_BPF:=false}
198 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
199 228 KERNEL_SECURITY=${KERNEL_SECURITY:=false}
200 KERNEL_NF=${KERNEL_NF:=false}
201 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
202 229 KERNEL_BTRFS=${KERNEL_BTRFS:=false}
203 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
204 230 KERNEL_POEHAT=${KERNEL_POEHAT:=false}
205
206 # Kernel compilation from source directory settings
207 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
208 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
209 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
210 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
231 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
232 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
211 233
212 234 # Reduce disk usage settings
235 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
213 236 REDUCE_APT=${REDUCE_APT:=true}
214 REDUCE_DOC=${REDUCE_DOC:=true}
215 REDUCE_MAN=${REDUCE_MAN:=true}
237 REDUCE_DOC=${REDUCE_DOC:=false}
238 REDUCE_MAN=${REDUCE_MAN:=false}
216 239 REDUCE_VIM=${REDUCE_VIM:=false}
217 240 REDUCE_BASH=${REDUCE_BASH:=false}
218 REDUCE_HWDB=${REDUCE_HWDB:=true}
219 REDUCE_SSHD=${REDUCE_SSHD:=true}
220 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
241 REDUCE_HWDB=${REDUCE_HWDB:=false}
242 REDUCE_SSHD=${REDUCE_SSHD:=false}
243 REDUCE_LOCALE=${REDUCE_LOCALE:=false}
244 REDUCE_KERNEL=${REDUCE_KERNEL:=false}
221 245
222 246 # Encrypted filesystem settings
223 247 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
224 248 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
225 249 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
226 250 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64"}
227 CRYPTFS_HASH=${CRYPTFS_HASH:="sha512"}
228 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
251 CRYPTFS_HASH=${CRYPTFS_HASH:="sha256"}
252 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=256}
229 253 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
230 254 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
231 255 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
232 256 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
233 257
234 # Chroot scripts directory
235 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
236
237 # Packages required in the chroot build environment
238 APT_INCLUDES=${APT_INCLUDES:=""}
239 APT_INCLUDES="${APT_INCLUDES},flex,bison,libssl-dev,apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
240
241 # Packages to exclude from chroot build environment
242 APT_EXCLUDES=${APT_EXCLUDES:=""}
243
244 258 # Packages required for bootstrapping
245 259 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus bison flex libssl-dev sudo"
246 260 MISSING_PACKAGES=""
@@ -295,8 +309,17 if [ -n "$SET_ARCH" ] ; then
295 309 RELEASE_ARCH=${RELEASE_ARCH:=armel}
296 310 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
297 311 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
298 fi
299 312
313 if [ $ENABLE_XORG = true ] ; then
314 if [$RELEASE = "stretch" ] || [$RELEASE = "oldstable" ] ; then
315 printf "\nBest support for armel architecture is provided under Debian stretch/oldstable. Choose yes to change release to Debian stretch[y/n] "
316 read -r confirm
317 if [ "$confirm" = "y" ] ; then
318 $RELEASE = "stretch"
319 fi
320 fi
321 fi
322 fi
300 323 # Raspberry Pi model specific settings
301 324 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
302 325 if [ "$RPI_MODEL" != 4 ] ; then
@@ -361,7 +384,7 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$
361 384 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
362 385 fi
363 386 if [ "$ENABLE_WIRELESS" = true ] ; then
364 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb"
387 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb,wpasupplicant"
365 388 fi
366 389 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
367 390 # Check if the internal wireless interface is not supported by the RPi model
@@ -436,7 +459,7 fi
436 459
437 460 # Add device-tree-compiler required for building the U-Boot bootloader
438 461 if [ "$ENABLE_UBOOT" = true ] ; then
439 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
462 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bc"
440 463 fi
441 464
442 465 if [ "$ENABLE_USBBOOT" = true ] ; then
@@ -591,7 +614,7 if [ "$KERNEL_SECURITY" = true ] ; then
591 614 fi
592 615
593 616 # Add openssh server package
594 if [ "$ENABLE_SSHD" = true ] ; then
617 if [ "$SSH_ENABLE" = true ] ; then
595 618 APT_INCLUDES="${APT_INCLUDES},openssh-server"
596 619 fi
597 620
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant