@@ -0,0 +1,12 | |||||
|
1 | [Match] | |||
|
2 | Name=wlan0 | |||
|
3 | ||||
|
4 | [Network] | |||
|
5 | DHCP=no | |||
|
6 | Address= | |||
|
7 | Gateway= | |||
|
8 | DNS= | |||
|
9 | DNS= | |||
|
10 | Domains= | |||
|
11 | NTP= | |||
|
12 | NTP= |
@@ -67,7 +67,7 A comma separated list of additional packages to be installed by apt after boots | |||||
67 |
|
67 | |||
68 | #### General system settings: |
|
68 | #### General system settings: | |
69 | ##### `RPI_MODEL`=2 |
|
69 | ##### `RPI_MODEL`=2 | |
70 | Specifiy the target Raspberry Pi hardware model. The script at this time supports the Raspberry Pi models `2` and `3`. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used. |
|
70 | Specifiy the target Raspberry Pi hardware model. The script at this time supports the Raspberry Pi models `2`,`3` and `3B`. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3B` is used. | |
71 |
|
71 | |||
72 | ##### `RELEASE`="jessie" |
|
72 | ##### `RELEASE`="jessie" | |
73 | Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "jessie", "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used. |
|
73 | Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "jessie", "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used. |
@@ -30,10 +30,16 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces" | |||||
30 | # Install configuration for interface eth0 |
|
30 | # Install configuration for interface eth0 | |
31 | install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network" |
|
31 | install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network" | |
32 |
|
32 | |||
|
33 | # Install configuration for interface wl* | |||
|
34 | install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network" | |||
|
35 | ||||
|
36 | #always with dhcp since wpa_supplicant integration is missing | |||
|
37 | sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network" | |||
|
38 | ||||
33 | if [ "$ENABLE_DHCP" = true ] ; then |
|
39 | if [ "$ENABLE_DHCP" = true ] ; then | |
34 | # Enable DHCP configuration for interface eth0 |
|
40 | # Enable DHCP configuration for interface eth0 | |
35 | sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network" |
|
41 | sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network" | |
36 |
|
42 | |||
37 | # Set DHCP configuration to IPv4 only |
|
43 | # Set DHCP configuration to IPv4 only | |
38 | if [ "$ENABLE_IPV6" = false ] ; then |
|
44 | if [ "$ENABLE_IPV6" = false ] ; then | |
39 | sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network" |
|
45 | sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network" | |
@@ -55,10 +61,15 fi | |||||
55 |
|
61 | |||
56 | # Remove empty settings from network configuration |
|
62 | # Remove empty settings from network configuration | |
57 | sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network" |
|
63 | sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network" | |
|
64 | # Remove empty settings from wlan configuration | |||
|
65 | sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network" | |||
58 |
|
66 | |||
59 | # Move systemd network configuration if required by Debian release |
|
67 | # Move systemd network configuration if required by Debian release | |
60 | if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then |
|
68 | if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then | |
61 | mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network" |
|
69 | mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network" | |
|
70 | if [ "$ENABLE_WIRELESS" = true ] ; then | |||
|
71 | mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network" | |||
|
72 | fi | |||
62 | rm -fr "${ETC_DIR}/systemd/network" |
|
73 | rm -fr "${ETC_DIR}/systemd/network" | |
63 | fi |
|
74 | fi | |
64 |
|
75 | |||
@@ -85,23 +96,39 fi | |||||
85 | # Download the firmware binary blob required to use the RPi3 wireless interface |
|
96 | # Download the firmware binary blob required to use the RPi3 wireless interface | |
86 | if [ "$ENABLE_WIRELESS" = true ] ; then |
|
97 | if [ "$ENABLE_WIRELESS" = true ] ; then | |
87 | if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then |
|
98 | if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then | |
88 |
|
|
99 | mkdir -p ${WLAN_FIRMWARE_DIR} | |
89 | fi |
|
100 | fi | |
90 |
|
101 | |||
91 | # Create temporary directory for firmware binary blob |
|
102 | # Create temporary directory for firmware binary blob | |
92 | temp_dir=$(as_nobody mktemp -d) |
|
103 | temp_dir=$(as_nobody mktemp -d) | |
93 |
|
104 | |||
94 | # Fetch firmware binary blob |
|
105 | # Fetch firmware binary blob for RPI3B+ | |
|
106 | if [ "$RPI_MODEL" = 3B ] ; then | |||
|
107 | as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin" | |||
|
108 | as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt" | |||
|
109 | as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob" | |||
|
110 | else | |||
|
111 | # Fetch firmware binary blob for RPI3 | |||
95 | as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin" |
|
112 | as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin" | |
96 | as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt" |
|
113 | as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt" | |
97 |
|
114 | fi | ||
|
115 | ||||
98 | # Move downloaded firmware binary blob |
|
116 | # Move downloaded firmware binary blob | |
|
117 | if [ "$RPI_MODEL" = 3B ] ; then | |||
|
118 | mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/" | |||
|
119 | else | |||
99 |
|
|
120 | mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/" | |
100 |
|
121 | fi | ||
|
122 | ||||
101 | # Remove temporary directory for firmware binary blob |
|
123 | # Remove temporary directory for firmware binary blob | |
102 | rm -fr "${temp_dir}" |
|
124 | rm -fr "${temp_dir}" | |
103 |
|
125 | |||
104 | # Set permissions of the firmware binary blob |
|
126 | # Set permissions of the firmware binary blob | |
|
127 | if [ "$RPI_MODEL" = 3B ] ; then | |||
|
128 | chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."* | |||
|
129 | chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."* | |||
|
130 | else | |||
105 |
|
|
131 | chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."* | |
106 | chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."* |
|
132 | chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."* | |
|
133 | fi | |||
107 | fi |
|
134 | fi |
@@ -46,6 +46,8 RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb} | |||||
46 | RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig} |
|
46 | RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig} | |
47 | RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb} |
|
47 | RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb} | |
48 | RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig} |
|
48 | RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig} | |
|
49 | RPI3B_DTB_FILE=${RPI3B_DTB_FILE:=bcm2710-rpi-3-b-plus.dtb} | |||
|
50 | RPI3B_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig} | |||
49 |
|
51 | |||
50 | # Debian release |
|
52 | # Debian release | |
51 | RELEASE=${RELEASE:=jessie} |
|
53 | RELEASE=${RELEASE:=jessie} | |
@@ -207,9 +209,6 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"} | |||||
207 | CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"} |
|
209 | CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"} | |
208 | CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512} |
|
210 | CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512} | |
209 |
|
211 | |||
210 | # Stop the Crypto Wars |
|
|||
211 | DISABLE_FBI=${DISABLE_FBI:=false} |
|
|||
212 |
|
||||
213 | # Chroot scripts directory |
|
212 | # Chroot scripts directory | |
214 | CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""} |
|
213 | CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""} | |
215 |
|
214 | |||
@@ -234,16 +233,20 elif [ "$RPI_MODEL" = 3 ] ; then | |||||
234 | DTB_FILE=${RPI3_DTB_FILE} |
|
233 | DTB_FILE=${RPI3_DTB_FILE} | |
235 | UBOOT_CONFIG=${RPI3_UBOOT_CONFIG} |
|
234 | UBOOT_CONFIG=${RPI3_UBOOT_CONFIG} | |
236 | BUILD_KERNEL=true |
|
235 | BUILD_KERNEL=true | |
|
236 | elif [ "$RPI_MODEL" = 3B ] ; then | |||
|
237 | DTB_FILE=${RPI3B_DTB_FILE} | |||
|
238 | UBOOT_CONFIG=${RPI3B_UBOOT_CONFIG} | |||
|
239 | BUILD_KERNEL=true | |||
237 | else |
|
240 | else | |
238 | echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!" |
|
241 | echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!" | |
239 | exit 1 |
|
242 | exit 1 | |
240 | fi |
|
243 | fi | |
241 |
|
244 | |||
242 | # Check if the internal wireless interface is supported by the RPi model |
|
245 | # Check if the internal wireless interface is supported by the RPi model | |
243 |
if [ "$ENABLE_WIRELESS" = true ] && [ "$RPI_MODEL" |
|
246 | if [ "$ENABLE_WIRELESS" = true ] && [ "$RPI_MODEL" = 2 ]; then | |
244 | echo "error: The selected Raspberry Pi model has no internal wireless interface" |
|
247 | echo "error: The selected Raspberry Pi model has no internal wireless interface" | |
245 | exit 1 |
|
248 | exit 1 | |
246 | fi |
|
249 | fi | |
247 |
|
250 | |||
248 | # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported |
|
251 | # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported | |
249 | if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then |
|
252 | if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then | |
@@ -277,15 +280,10 if [ "$KERNEL_CCACHE" = true ] ; then | |||||
277 | REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache" |
|
280 | REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache" | |
278 | fi |
|
281 | fi | |
279 |
|
282 | |||
280 | # Stop the Crypto Wars |
|
|||
281 | if [ "$DISABLE_FBI" = true ] ; then |
|
|||
282 | ENABLE_CRYPTFS=true |
|
|||
283 | fi |
|
|||
284 |
|
||||
285 | # Add cryptsetup package to enable filesystem encryption |
|
283 | # Add cryptsetup package to enable filesystem encryption | |
286 | if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then |
|
284 | if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then | |
287 | REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup" |
|
285 | REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup" | |
288 | APT_INCLUDES="${APT_INCLUDES},cryptsetup" |
|
286 | APT_INCLUDES="${APT_INCLUDES},cryptsetup,console-setup" | |
289 |
|
287 | |||
290 | if [ -z "$CRYPTFS_PASSWORD" ] ; then |
|
288 | if [ -z "$CRYPTFS_PASSWORD" ] ; then | |
291 | echo "error: no password defined (CRYPTFS_PASSWORD)!" |
|
289 | echo "error: no password defined (CRYPTFS_PASSWORD)!" |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant