##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

rebase master testing
Unknown -
r574:5a07e0ab6bd8
parent child
Show More
Show file before | Show file after | Hide comments
@@ -42,12 +42,15 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
42
42
43 ## Supported parameters and settings
43 ## Supported parameters and settings
44 #### APT settings:
44 #### APT settings:
45 ##### `APT_SERVER`="ftp.debian.org/debian"
45 ##### `APT_SERVER`="ftp.debian.org"
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47
47
48 ##### `APT_PROXY`=""
48 ##### `APT_PROXY`=""
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50
50
51 ##### `KEEP_APT_PROXY`=false
52 Keep the APT_PROXY settings used in the bootsrapping process in the generated image.
53
51 ##### `APT_INCLUDES`=""
54 ##### `APT_INCLUDES`=""
52 A comma-separated list of additional packages to be installed by debootstrap during bootstrapping.
55 A comma-separated list of additional packages to be installed by debootstrap during bootstrapping.
53
56
@@ -270,6 +273,15 Create an initramfs that that will be loaded during the Linux startup process. `
270 ##### `ENABLE_IFNAMES`=true
273 ##### `ENABLE_IFNAMES`=true
271 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
274 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
272
275
276 ##### `ENABLE_SPLASH`=true
277 Enable default Raspberry Pi boot up rainbow splash screen.
278
279 ##### `ENABLE_LOGO`=true
280 Enable default Raspberry Pi console logo (image of four raspberries in the top left corner).
281
282 ##### `ENABLE_SILENT_BOOT`=false
283 Set the verbosity of console messages shown during boot up to a strict minimum.
284
273 ##### `DISABLE_UNDERVOLT_WARNINGS`=
285 ##### `DISABLE_UNDERVOLT_WARNINGS`=
274 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
286 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
275
287
Show file before | Show file after | Hide comments
@@ -99,8 +99,8 if [ "$BUILD_KERNEL" = true ] ; then
99 cd "${KERNEL_DIR}" || exit
99 cd "${KERNEL_DIR}" || exit
100
100
101 if [ "$KERNEL_ARCH" = arm64 ] ; then
101 if [ "$KERNEL_ARCH" = arm64 ] ; then
102 #Fix SD_DRIVER mess in 64bit config
102 #Fix SD_DRIVER upstream and downstream mess in 64bit RPIdeb_config
103 # use correct driver MMC_BCM2835_MMC instead of MMC_BCM2835_SDHOST - variable naming is bs
103 # use correct driver MMC_BCM2835_MMC instead of MMC_BCM2835_SDHOST - see https://www.raspberrypi.org/forums/viewtopic.php?t=210225
104 set_kernel_config CONFIG_MMC_BCM2835 n
104 set_kernel_config CONFIG_MMC_BCM2835 n
105 set_kernel_config CONFIG_MMC_SDHCI_IPROC n
105 set_kernel_config CONFIG_MMC_SDHCI_IPROC n
106 set_kernel_config CONFIG_USB_DWC2 n
106 set_kernel_config CONFIG_USB_DWC2 n
@@ -198,7 +198,6 if [ "$BUILD_KERNEL" = true ] ; then
198 set_kernel_config CONFIG_INTEGRITY_AUDIT y
198 set_kernel_config CONFIG_INTEGRITY_AUDIT y
199 set_kernel_config CONFIG_INTEGRITY_SIGNATURE y
199 set_kernel_config CONFIG_INTEGRITY_SIGNATURE y
200 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING y
200 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING y
201 set_kernel_config CONFIG_SYSTEM_TRUSTED_KEYS ""
202
201
203 # This option provides support for retaining authentication tokens and access keys in the kernel.
202 # This option provides support for retaining authentication tokens and access keys in the kernel.
204 set_kernel_config CONFIG_KEYS y
203 set_kernel_config CONFIG_KEYS y
Show file before | Show file after | Hide comments
@@ -22,11 +22,6 if [ "$ENABLE_CRYPTFS" = true ] ; then
22 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
22 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
23 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
23 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
24
24
25 if [ "$ENABLE_USBBOOT" = true ] ; then
26 # Add usb/sda2 disk to crypttab
27 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"
28 fi
29
30 if [ "$ENABLE_SPLITFS" = true ] ; then
25 if [ "$ENABLE_SPLITFS" = true ] ; then
31 # Add usb/sda1 disk to crypttab
26 # Add usb/sda1 disk to crypttab
32 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
27 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
@@ -36,6 +31,9 fi
36 if [ "$ENABLE_USBBOOT" = true ] ; then
31 if [ "$ENABLE_USBBOOT" = true ] ; then
37 sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
32 sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
38 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
33 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
34
35 # Add usb/sda2 disk to crypttab
36 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"
39 fi
37 fi
40
38
41 # Generate initramfs file
39 # Generate initramfs file
Show file before | Show file after | Hide comments
@@ -102,9 +102,24 else
102 CMDLINE="${CMDLINE} net.ifnames=1"
102 CMDLINE="${CMDLINE} net.ifnames=1"
103 fi
103 fi
104
104
105 # Disable Raspberry Pi console logo
106 if [ "$ENABLE_LOGO" = false ] ; then
107 CMDLINE="${CMDLINE} logo.nologo"
108 fi
109
110 # Strictly limit verbosity of boot up console messages
111 if [ "$ENABLE_SILENT_BOOT" = true ] ; then
112 CMDLINE="${CMDLINE} quiet loglevel=0 rd.systemd.show_status=auto rd.udev.log_priority=0"
113 fi
114
105 # Install firmware config
115 # Install firmware config
106 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
116 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
107
117
118 # Disable Raspberry Pi console logo
119 if [ "$ENABLE_SLASH" = false ] ; then
120 echo "disable_splash=1" >> "${BOOT_DIR}/config.txt"
121 fi
122
108 # Locks CPU frequency at maximum
123 # Locks CPU frequency at maximum
109 if [ "$ENABLE_TURBO" = true ] ; then
124 if [ "$ENABLE_TURBO" = true ] ; then
110 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
125 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
Show file before | Show file after | Hide comments
@@ -32,6 +32,7 if [ "$ENABLE_IPTABLES" = true ] ; then
32 # iptables-save and -restore are slaves of iptables and thus are set accordingly
32 # iptables-save and -restore are slaves of iptables and thus are set accordingly
33 chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy
33 chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy
34 fi
34 fi
35
35 # Install ip6tables systemd service
36 # Install ip6tables systemd service
36 install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
37 install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
37
38
Show file before | Show file after | Hide comments
@@ -1,4 +1,3
1 #!/bin/sh
2 # This file contains utility functions used by rpi23-gen-image.sh
1 # This file contains utility functions used by rpi23-gen-image.sh
3
2
4 cleanup (){
3 cleanup (){
@@ -87,6 +86,16 chroot_remove_cc() {
87 COMPILER_PACKAGES=""
86 COMPILER_PACKAGES=""
88 fi
87 fi
89 }
88 }
89
90 # https://serverfault.com/a/682849 - converts e.g. /24 to 255.255.255.0
91 cdr2mask ()
92 {
93 # Number of args to shift, 255..255, first non-255 byte, zeroes
94 set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
95 [ $1 -gt 1 ] && shift $1 || shift
96 echo ${1-0}.${2-0}.${3-0}.${4-0}
97 }
98
90 # GPL v2.0 - #https://github.com/sakaki-/bcmrpi3-kernel-bis/blob/master/conform_config.sh
99 # GPL v2.0 - #https://github.com/sakaki-/bcmrpi3-kernel-bis/blob/master/conform_config.sh
91 set_kernel_config() {
100 set_kernel_config() {
92 # flag as $1, value to set as $2, config must exist at "./.config"
101 # flag as $1, value to set as $2, config must exist at "./.config"
@@ -98,18 +107,10 set_kernel_config() {
98 echo "${TGT}"="${2}" >> .config
107 echo "${TGT}"="${2}" >> .config
99 fi
108 fi
100 }
109 }
110
101 # unset kernel config parameter
111 # unset kernel config parameter
102 unset_kernel_config() {
112 unset_kernel_config() {
103 # unsets flag with the value of $1, config must exist at "./.config"
113 # unsets flag with the value of $1, config must exist at "./.config"
104 TGT="CONFIG_${1#CONFIG_}"
114 TGT="CONFIG_${1#CONFIG_}"
105 sed -i "s/^${TGT}=.*/# ${TGT} is not set/" .config
115 sed -i "s/^${TGT}=.*/# ${TGT} is not set/" .config
106 }
116 }
No newline at end of file
107
108 # https://serverfault.com/a/682849 - converts e.g. /24 to 255.255.255.0
109 cdr2mask ()
110 {
111 # Number of args to shift, 255..255, first non-255 byte, zeroes
112 set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
113 [ $1 -gt 1 ] && shift $1 || shift
114 echo ${1-0}.${2-0}.${3-0}.${4-0}
115 } No newline at end of file
Show file before | Show file after | Hide comments
@@ -60,7 +60,6 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
60 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
60 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
61 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
61 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
62
62
63
64 # Kernel deb packages for 32bit kernel
63 # Kernel deb packages for 32bit kernel
65 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
64 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
66 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
65 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
@@ -120,6 +119,7 NET_NTP_2=${NET_NTP_2:=""}
120 # APT settings
119 # APT settings
121 APT_PROXY=${APT_PROXY:=""}
120 APT_PROXY=${APT_PROXY:=""}
122 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
121 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
122 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
123
123
124 # Feature settings
124 # Feature settings
125 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
125 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
@@ -171,6 +171,9 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
171 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
171 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
172 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
172 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
173 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
173 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
174 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
175 ENABLE_LOGO=${ENABLE_LOGO:=true}
176 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
174 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
177 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
175
178
176 # Kernel compilation settings
179 # Kernel compilation settings
@@ -227,7 +230,8 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debi
227 APT_EXCLUDES=${APT_EXCLUDES:=""}
230 APT_EXCLUDES=${APT_EXCLUDES:=""}
228
231
229 # Packages required for bootstrapping
232 # Packages required for bootstrapping
230 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
233 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
234 #Requierd=netselect-apt
231 MISSING_PACKAGES=""
235 MISSING_PACKAGES=""
232
236
233 # Packages installed for c/c++ build environment in chroot (keep empty)
237 # Packages installed for c/c++ build environment in chroot (keep empty)
@@ -700,13 +704,17 umount -l "${R}/sys"
700 rm -rf "${R}/run/*"
704 rm -rf "${R}/run/*"
701 rm -rf "${R}/tmp/*"
705 rm -rf "${R}/tmp/*"
702
706
707 # Clean up APT proxy settings
708 if [ "$KEEP_APT_PROXY" = false ] ; then
709 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
710 fi
711
703 # Clean up files
712 # Clean up files
704 rm -f "${ETC_DIR}/ssh/ssh_host_*"
713 rm -f "${ETC_DIR}/ssh/ssh_host_*"
705 rm -f "${ETC_DIR}/dropbear/dropbear_*"
714 rm -f "${ETC_DIR}/dropbear/dropbear_*"
706 rm -f "${ETC_DIR}/apt/sources.list.save"
715 rm -f "${ETC_DIR}/apt/sources.list.save"
707 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
716 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
708 rm -f "${ETC_DIR}/*-"
717 rm -f "${ETC_DIR}/*-"
709 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
710 rm -f "${ETC_DIR}/resolv.conf"
718 rm -f "${ETC_DIR}/resolv.conf"
711 rm -f "${R}/root/.bash_history"
719 rm -f "${R}/root/.bash_history"
712 rm -f "${R}/var/lib/urandom/random-seed"
720 rm -f "${R}/var/lib/urandom/random-seed"
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant