Raspi2-3_GenImage Commit - r748:9bc2dc32b38f · Collaboration Tremplin des Sciences

1

#

1

#

2

# Setup Networking

2

# Setup Networking

3

#

3

#

4

5

# Load utility functions

5

# Load utility functions

6

. ./functions.sh

6

. ./functions.sh

7

8

# Install and setup hostname

8

# Install and setup hostname

9

install_readonly files/network/hostname "${ETC_DIR}/hostname"

9

install_readonly files/network/hostname "${ETC_DIR}/hostname"

10

sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"

10

sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"

11

12

# Install and setup hosts

12

# Install and setup hosts

13

install_readonly files/network/hosts "${ETC_DIR}/hosts"

13

install_readonly files/network/hosts "${ETC_DIR}/hosts"

14

sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"

14

sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"

15

16

# Ensure /etc/systemd/network directory is available

17

mkdir -p "${ETC_DIR}/systemd/network"

18

16

# Setup hostname entry with static IP

19

# Setup hostname entry with static IP

17

if [ "$NET_ETH_ADDRESS" != "" ] ; then

20

if [ "$NET_ETH_ADDRESS" != "" ] ; then

18

NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')

21

NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')

19

sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"

22

sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"

20

fi

23

fi

21

24

22

# Remove IPv6 hosts

25

# Remove IPv6 hosts

23

if [ "$ENABLE_IPV6" = false ] ; then

26

if [ "$ENABLE_IPV6" = false ] ; then

24

sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"

27

sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"

25

fi

28

fi

26

29

27

# Install hint about network configuration

30

# Install hint about network configuration

28

install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"

31

install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"

29

32

30

# Install configuration for interface eth0

33

# Install configuration for interface eth0

31

install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"

34

install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"

32

35

33

if [ "$RPI_MODEL" = 3P ] ; then

36

if [ "$RPI_MODEL" = 3P ] ; then

34

printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"

37

printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"

35

fi

38

fi

36

39

37

# Install configuration for interface wl*

40

# Install configuration for interface wl*

38

install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"

41

install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"

39

42

40

#always with dhcp since wpa_supplicant integration is missing

43

#always with dhcp since wpa_supplicant integration is missing

41

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"

44

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"

42

45

43

if [ "$ENABLE_ETH_DHCP" = true ] ; then

46

if [ "$ENABLE_ETH_DHCP" = true ] ; then

44

# Enable DHCP configuration for interface eth0

47

# Enable DHCP configuration for interface eth0

45

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"

48

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"

46

49

47

# Set DHCP configuration to IPv4 only

50

# Set DHCP configuration to IPv4 only

48

if [ "$ENABLE_IPV6" = false ] ; then

51

if [ "$ENABLE_IPV6" = false ] ; then

49

sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"

52

sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"

50

sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"

53

sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"

51

fi

54

fi

52

55

53

else # ENABLE_ETH_DHCP=false

56

else # ENABLE_ETH_DHCP=false

54

# Set static network configuration for interface eth0

57

# Set static network configuration for interface eth0

55

if [ -n NET_ETH_ADDRESS ] && [ -n NET_ETH_GATEWAY ] && [ -n NET_ETH_DNS_1 ] ; then

58

if [ -n NET_ETH_ADDRESS ] && [ -n NET_ETH_GATEWAY ] && [ -n NET_ETH_DNS_1 ] ; then

56

sed -i\

59

sed -i\

57

-e "s|DHCP=.*|DHCP=no|"\

60

-e "s|DHCP=.*|DHCP=no|"\

58

-e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\

61

-e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\

59

-e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\

62

-e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\

60

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\

63

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\

61

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\

64

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\

62

-e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\

65

-e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\

63

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\

66

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\

64

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\

67

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\

65

"${ETC_DIR}/systemd/network/eth0.network"

68

"${ETC_DIR}/systemd/network/eth0.network"

66

fi

69

fi

67

fi

70

fi

68

71

69

72

70

if [ "$ENABLE_WIRELESS" = true ] ; then

73

if [ "$ENABLE_WIRELESS" = true ] ; then

74

mkdir -p "${ETC_DIR}/wpa_supplicant"

71

if [ "$ENABLE_WIFI_DHCP" = true ] ; then

75

if [ "$ENABLE_WIFI_DHCP" = true ] ; then

72

# Enable DHCP configuration for interface eth0

76

# Enable DHCP configuration for interface eth0

73

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"

77

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"

74

78

75

# Set DHCP configuration to IPv4 only

79

# Set DHCP configuration to IPv4 only

76

if [ "$ENABLE_IPV6" = false ] ; then

80

if [ "$ENABLE_IPV6" = false ] ; then

77

sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"

81

sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"

78

sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"

82

sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"

79

fi

83

fi

80

84

81

else # ENABLE_WIFI_DHCP=false

85

else # ENABLE_WIFI_DHCP=false

82

# Set static network configuration for interface eth0

86

# Set static network configuration for interface eth0

83

if [ -n NET_WIFI_ADDRESS ] && [ -n NET_WIFI_GATEWAY ] && [ -n NET_WIFI_DNS_1 ] ; then

87

if [ -n NET_WIFI_ADDRESS ] && [ -n NET_WIFI_GATEWAY ] && [ -n NET_WIFI_DNS_1 ] ; then

84

sed -i\

88

sed -i\

85

-e "s|DHCP=.*|DHCP=no|"\

89

-e "s|DHCP=.*|DHCP=no|"\

86

-e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\

90

-e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\

87

-e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\

91

-e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\

88

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\

92

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\

89

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\

93

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\

90

-e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\

94

-e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\

91

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\

95

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\

92

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\

96

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\

93

"${ETC_DIR}/systemd/network/wlan0.network"

97

"${ETC_DIR}/systemd/network/wlan0.network"

94

fi

98

fi

95

fi

99

fi

96

100

97

if [ ! -z "$NET_WIFI_SSID" ] && [ ! -z "$NET_WIFI_PSK" ] ; then

101

if [ ! -z "$NET_WIFI_SSID" ] && [ ! -z "$NET_WIFI_PSK" ] ; then

98

chroot_exec printf "

102

chroot_exec printf "

99

ctrl_interface=/run/wpa_supplicant

103

ctrl_interface=/run/wpa_supplicant

100

ctrl_interface_group=wheel

101

update_config=1

104

update_config=1

102

eapol_version=1

105

eapol_version=1

103

ap_scan=1

106

ap_scan=1

104

fast_reauth=1

107

fast_reauth=1

105

108

106

" > ~~/etc~~/wpa_supplicant/wpa_supplicant-wlan0.conf

109

" > "${ETC_DIR}/wpa_supplicant/wpa_supplicant-wlan0.conf"

107

110

108

#Configure WPA_supplicant

111

#Configure WPA_supplicant

109

chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> ~~/etc~~/wpa_supplicant/wpa_supplicant-wlan0.conf

112

chroot_exec wpa_passphrase "$NET_WIFI_SSID" "$NET_WIFI_PSK" >> "${ETC_DIR}/wpa_supplicant/wpa_supplicant-wlan0.conf"

110

113

111

chroot_exec systemctl enable wpa_supplicant.service

114

chroot_exec systemctl enable wpa_supplicant.service

112

chroot_exec systemctl enable wpa_supplicant@wlan0.service

115

chroot_exec systemctl enable wpa_supplicant@wlan0.service

113

fi

116

fi

114

# Remove empty settings from wlan configuration

117

# Remove empty settings from wlan configuration

115

sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"

118

sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"

116

# If WLAN is enabled copy wlan configuration too

119

# If WLAN is enabled copy wlan configuration too

117

mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"

120

mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"

118

fi

121

fi

119

122

120

# Remove empty settings from network configuration

123

# Remove empty settings from network configuration

121

sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"

124

sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"

122

125

123

# Move systemd network configuration if required by Debian release

126

# Move systemd network configuration if required by Debian release

124

mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"

127

mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"

125

128

126

#Clean up

129

#Clean up

127

rm -fr "${ETC_DIR}/systemd/network"

130

rm -fr "${ETC_DIR}/systemd/network"

128

131

129

# Enable systemd-networkd service

132

# Enable systemd-networkd service

130

chroot_exec systemctl enable systemd-networkd

133

chroot_exec systemctl enable systemd-networkd

131

134

132

# Install host.conf resolver configuration

135

# Install host.conf resolver configuration

133

install_readonly files/network/host.conf "${ETC_DIR}/host.conf"

136

install_readonly files/network/host.conf "${ETC_DIR}/host.conf"

134

137

135

# Enable network stack hardening

138

# Enable network stack hardening

136

if [ "$ENABLE_HARDNET" = true ] ; then

139

if [ "$ENABLE_HARDNET" = true ] ; then

137

# Install sysctl.d configuration files

140

# Install sysctl.d configuration files

138

install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"

141

install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"

139

142

140

# Setup resolver warnings about spoofed addresses

143

# Setup resolver warnings about spoofed addresses

141

sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"

144

sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"

142

fi

145

fi

143

146

144

# Enable time sync

147

# Enable time sync

145

if [ "$NET_NTP_1" != "" ] ; then

148

if [ "$NET_NTP_1" != "" ] ; then

146

chroot_exec systemctl enable systemd-timesyncd.service

149

chroot_exec systemctl enable systemd-timesyncd.service

147

fi

150

fi

148

151

149

# Download the firmware binary blob required to use the RPi3 wireless interface

152

# Download the firmware binary blob required to use the RPi3 wireless interface

150

if [ "$ENABLE_WIRELESS" = true ] ; then

153

if [ "$ENABLE_WIRELESS" = true ] ; then

151

if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then

154

if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then

152

mkdir -p "${WLAN_FIRMWARE_DIR}"

155

mkdir -p "${WLAN_FIRMWARE_DIR}"

153

fi

156

fi

154

157

155

# Create temporary directory for firmware binary blob

158

# Create temporary directory for firmware binary blob

156

temp_dir=$(as_nobody mktemp -d)

159

temp_dir=$(as_nobody mktemp -d)

157

160

158

# Fetch firmware binary blob for RPI3B+

161

# Fetch firmware binary blob for RPI3B+

159

if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then

162

if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then

160

# Fetch firmware binary blob for RPi3P

163

# Fetch firmware binary blob for RPi3P

161

as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"

164

as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"

162

as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"

165

as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"

163

as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"

166

as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"

164

167

165

# Move downloaded firmware binary blob

168

# Move downloaded firmware binary blob

166

mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"

169

mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"

167

170

168

# Set permissions of the firmware binary blob

171

# Set permissions of the firmware binary blob

169

chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*

172

chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*

170

chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*

173

chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*

171

elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then

174

elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then

172

# Fetch firmware binary blob for RPi3

175

# Fetch firmware binary blob for RPi3

173

as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"

176

as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"

174

as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"

177

as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"

175

178

176

# Move downloaded firmware binary blob

179

# Move downloaded firmware binary blob

177

mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"

180

mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"

178

181

179

# Set permissions of the firmware binary blob

182

# Set permissions of the firmware binary blob

180

chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*

183

chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*

181

chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*

184

chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*

182

fi

185

fi

183

186

184

# Remove temporary directory for firmware binary blob

187

# Remove temporary directory for firmware binary blob

185

rm -fr "${temp_dir}"

188

rm -fr "${temp_dir}"

186

fi

189

fi

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             #
             # Setup Networking
             #
             # Load utility functions
             . ./functions.sh
             # Install and setup hostname
             install_readonly files/network/hostname "${ETC_DIR}/hostname"
             sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
             # Install and setup hosts
             install_readonly files/network/hosts "${ETC_DIR}/hosts"
             sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
+            # Ensure /etc/systemd/network directory is available
+            mkdir -p "${ETC_DIR}/systemd/network"
             # Setup hostname entry with static IP
             if [ "$NET_ETH_ADDRESS" != "" ] ; then
               NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')
               sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
             fi
             # Remove IPv6 hosts
             if [ "$ENABLE_IPV6" = false ] ; then
               sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
             fi
             # Install hint about network configuration
             install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
             # Install configuration for interface eth0
             install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"
             if [ "$RPI_MODEL" = 3P ] ; then
             printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"
             fi
             # Install configuration for interface wl*
             install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"
             #always with dhcp since wpa_supplicant integration is missing
             sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
             if [ "$ENABLE_ETH_DHCP" = true ] ; then
               # Enable DHCP configuration for interface eth0
               sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"
               # Set DHCP configuration to IPv4 only
               if [ "$ENABLE_IPV6" = false ] ; then
                 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"
             	sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"
               fi
             else # ENABLE_ETH_DHCP=false
               # Set static network configuration for interface eth0
               if [ -n NET_ETH_ADDRESS ] && [ -n NET_ETH_GATEWAY ] && [ -n NET_ETH_DNS_1 ] ; then
                 sed -i\
                 -e "s|DHCP=.*|DHCP=no|"\
                 -e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\
                 -e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\
                 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\
                 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\
                 -e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\
                 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\
                 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\
                 "${ETC_DIR}/systemd/network/eth0.network"
               fi
             fi
             if [ "$ENABLE_WIRELESS" = true ] ; then
+              mkdir -p "${ETC_DIR}/wpa_supplicant"
               if [ "$ENABLE_WIFI_DHCP" = true ] ; then
                 # Enable DHCP configuration for interface eth0
                 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
                 # Set DHCP configuration to IPv4 only
                 if [ "$ENABLE_IPV6" = false ] ; then
                   sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"
             	  sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"
                 fi
               else # ENABLE_WIFI_DHCP=false
                 # Set static network configuration for interface eth0
             	if [ -n NET_WIFI_ADDRESS ] && [ -n NET_WIFI_GATEWAY ] && [ -n NET_WIFI_DNS_1 ] ; then
                   sed -i\
                   -e "s|DHCP=.*|DHCP=no|"\
                   -e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\
                   -e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\
                   -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\
                   -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\
                   -e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\
                   -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\
                   -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\
                   "${ETC_DIR}/systemd/network/wlan0.network"
             	fi
               fi
               if [ ! -z "$NET_WIFI_SSID" ] && [ ! -z "$NET_WIFI_PSK" ] ; then
               chroot_exec printf "
               ctrl_interface=/run/wpa_supplicant
-              ctrl_interface_group=wheel
               update_config=1
               eapol_version=1
               ap_scan=1
               fast_reauth=1
-              " > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
+              " > "${ETC_DIR}/wpa_supplicant/wpa_supplicant-wlan0.conf"
               #Configure WPA_supplicant
-              chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
+              chroot_exec wpa_passphrase "$NET_WIFI_SSID" "$NET_WIFI_PSK" >> "${ETC_DIR}/wpa_supplicant/wpa_supplicant-wlan0.conf"
               chroot_exec systemctl enable wpa_supplicant.service
               chroot_exec systemctl enable wpa_supplicant@wlan0.service
               fi
               # Remove empty settings from wlan configuration
               sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"
               # If WLAN is enabled copy wlan configuration too
               mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"
             fi
             # Remove empty settings from network configuration
             sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"
             # Move systemd network configuration if required by Debian release
             mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"
             #Clean up
             rm -fr "${ETC_DIR}/systemd/network"
             # Enable systemd-networkd service
             chroot_exec systemctl enable systemd-networkd
             # Install host.conf resolver configuration
             install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
             # Enable network stack hardening
             if [ "$ENABLE_HARDNET" = true ] ; then
               # Install sysctl.d configuration files
               install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
               # Setup resolver warnings about spoofed addresses
               sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
             fi
             # Enable time sync
             if [ "$NET_NTP_1" != "" ] ; then
               chroot_exec systemctl enable systemd-timesyncd.service
             fi
             # Download the firmware binary blob required to use the RPi3 wireless interface
             if [ "$ENABLE_WIRELESS" = true ] ; then
               if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
                 mkdir -p "${WLAN_FIRMWARE_DIR}"
               fi
               # Create temporary directory for firmware binary blob
               temp_dir=$(as_nobody mktemp -d)
               # Fetch firmware binary blob for RPI3B+
               if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
                 # Fetch firmware binary blob for RPi3P
                 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
                 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
                 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
             	# Move downloaded firmware binary blob
             	mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
             	# Set permissions of the firmware binary blob
             	chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
                 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
               elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
                 # Fetch firmware binary blob for RPi3
                 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
                 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
             	# Move downloaded firmware binary blob
             	mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
             	# Set permissions of the firmware binary blob
             	chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
                 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
               fi
               # Remove temporary directory for firmware binary blob
               rm -fr "${temp_dir}"
             fi