##// END OF EJS Templates
vidal -
r727:f068cb7a61b8 Fusion
parent child
Show More
1 NO CONTENT: new file 100644, binary diff hidden
@@ -0,0 +1,22
1 ## Templates used at IFÉ ENS de Lyon for "Tremplin des sciences" project
2
3 These templates have been used to create Raspberry Pi images for the
4 project "Climate and meteorolgy springboard for teaching sciences".
5 These images are tuned andused as explained in the
6 [blog](http://blog.climatetmeteo.fr/GerardVidal/) (mostly in french
7 but under translation).
8
9 The aim is to share with teachers a Raspberry Pi3 binary image providing software resources to use commercial weatherstations or DIY weathersystems made with various sensors. The following images have been built :
10
11 * raspife2-stretch Debian stretch image for raspi 2
12 * raspife3-jessie Debian jessie image for raspi 3
13 * raspife3-stretch Debian stretch image for raspi 3
14 * raspife3W-stretch Debian stretch image for raspi 3 with single IPAddress and weewx service
15 * raspife3-buster Debian buster image for raspi 3
16
17 In these images language ichoosen is french and can easily be changed.
18 Pathes and other variables are the ones that have been used during
19 execution and personnal data are replaced by "*******", change the
20 values according to your needs.
21
22
@@ -0,0 +1,181
1
2 Configuration file raspife2 Stretch IFÉ 2017/02/24
3 #
4 APT_SERVER=ftp.fr.debian.org
5 APT_INCLUDES="gnupg,gnupg2,firmware-realtek,firmware-linux-nonfree,firmware-linux,tightvncserver,build-essentia$
6 bison,libboost-all-dev,automake,autoconf,autogen,libtool,pkg-config,checkinstall,python3,python3-dev,menulibre,$
7 libnotify-bin,python,python-configobj,python-cheetah,python-imaging,python-serial,python-usb,python-dev,\
8 pcre2-utils,libpcre++-dev,libpcre2-dev,libjpeg-dev,jed,i2c-tools,python-smbus,policykit-1,usbutils,\
9 pmount,python-pip,python3-pip,geany,geany-plugin-py,geany-plugin-markdown,firefox-esr,firefox-esr-l10n-fr,\
10 icedtea-8-plugin,openjdk-8-jdk,openjdk-8-jre,openjdk-8-jre-headless,libqtwebkit-dev,libqt5webkit5-dev,\
11 libudev-dev,libzzip-dev,zlib1g-dev,libcanberra-gtk-module,libnss-myhostname,libfreetype6-dev,libpng16-16,\
12 lxsession,openbox-lxde-session,lxde"
13 #----------------------
14 RPI_MODEL=2
15 RELEASE="stretch"
16 HOSTNAME="raspife2"
17 PASSWORD="***********"
18 USER_PASSWORD="**************"
19 DEFLOCAL="fr_FR.UTF-8"
20 TIMEZONE="Europe/Paris"
21 EXPANDROOT=false
22 #-----------------------
23 XKB_MODEL="pc105"
24 XKB_LAYOUT="fr"
25 XKB_VARIANT="latin9"
26 XKB_OPTIONS=""
27 #------------------------
28 ENABLE_DHCP=true
29 #------------------------
30 ENABLE_CONSOLE=true
31 ENABLE_I2C=true
32 ENABLE_SPI=true
33 ENABLE_IPV6=true
34 ENABLE_SSHD=true
35 ENABLE_NONFREE=true
36 ENABLE_WIRELESS=false
37 ENABLE_RSYSLOG=true
38 ENABLE_SOUND=true
39 ENABLE_HWRANDOM=true
40 ENABLE_MINGPU=true
41 ENABLE_DBUS=true
42 ENABLE_XORG=true
43 ENABLE_WM="lxdm"
44 #------------------------
45 ENABLE_MINBASE=false
46 ENABLE_REDUCE=false
47 ENABLE_UBOOT=false
48 ENABLE_FBTURBO=true
49 ENABLE_IPTABLES=false
50 ENABLE_USER=true
51 USER_NAME=ens-ife
52 ENABLE_ROOT=true
53 ENABLE_HARDNET=true
54 ENABLE_INITRAMFS=true
55 ENABLE_IFNAMES=true
56 #------------------------
57 ENABLE_ROOT_SSH=false
58 SSH_LIMIT_USERS=false
59 SSH_ROOT_PUB_KEY="/home/********/.ssh/authorized_keys"
60 SSH_USER_PUB_KEY="/home/********/.ssh/authorized_keys"
61 #------------------------
62 BUILD_KERNEL=true
63 KERNEL_REDUCE=false
64 KERNEL_HEADERS=true
65 KERNEL_REMOVESRC=true
66 KERNELSRC_CLEAN=true
67 KERNELSRC_CONFIG=true
68 #------------------------
69 REDUCE_APT=false
70 REDUCE_DOC=true
71 REDUCE_MAN=false
72 REDUCE_HWDB=true
73 REDUCE_BASH=false
74 REDUCE_SSHD=false
75 REDUCE_LOCALE=false
76 #-------------------------
77 ENABLE_CRYPTFS=false
78 #-------------------------
79 BASEDIR=/media/********/images/${RELEASE}
80 DATE=date
81 +%Y-%m-%d
82 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}
83 =======
84 # Configuration file raspi2 Stretch IFÉ 2017/12/28
85 #
86 APT_SERVER=debian.mirrors.ovh.net
87 APT_INCLUDES=""
88 APT_INCLUDES_LATE="gnupg,firmware-linux-nonfree,firmware-linux,dh-autoreconf,\
89 gettext,build-essential,git,cmake,libjson-c-dev,unzip,usbutils,\
90 bison,libboost-all-dev,automake,autoconf,autogen,libtool,libtool-bin,\
91 pkg-config,checkinstall,menulibre,libnotify-bin,pandoc,\
92 python3,python3-dev,python3-pypandoc,python3-scipy,python3-tk,python3-pandocfilters,\
93 python3-geopy,python3-pip,\
94 python,python-dev,python-pypandoc,python-scipy,python-tk,python-pandocfilters,\
95 python-geopy,python-pip,python-tk,pandoc,\
96 python-configobj,python-cheetah,python-imaging,python-serial,python-usb,\
97 pcre2-utils,libpcre++-dev,libpcre2-dev,libjpeg-dev,i2c-tools,python-smbus,policykit-1,\
98 pmount,ntpdate,ntp,rsync,\
99 texlive,texlive-xetex,nginx-extras,ffmpeg,wicd,wicd-gtk,console-data,keyboard-configuration,\
100 libqtwebkit-dev,libqt5webkit5-dev,\
101 libudev-dev,libzzip-dev,zlib1g-dev,libcanberra-gtk-module,libnss-myhostname,libfreetype6-dev,libpng16-16,\
102 nmap,libltdl-dev,dbus-user-session,debian-archive-keyring,\
103 xutils-dev,lxsession,openbox-lxde-session,lxde,x11proto-randr-dev,lxrandr,\
104 tightvncserver,geany,geany-plugin-py,firefox-esr,firefox-esr-l10n-fr,jed,terminator,automake"
105 #ca-certificates-java,icedtea-plugin,icedtea-netx,\
106 #openjdk-8-jdk,openjdk-8-jre,openjdk-8-jre-headless,\
107 #openjdk-9-jdk,openjdk-9-jre,openjdk-9-jre-headless"
108 #----------------------
109 RPI_MODEL=2
110 RELEASE="stretch"
111 RELEASE_ARCH="armhf"
112 HOSTNAME="raspife2"
113 PASSWORD="*****"
114 USER_PASSWORD="*****"
115 DEFLOCAL="fr_FR.UTF-8"
116 TIMEZONE="Europe/Paris"
117 EXPANDROOT=false
118 #-----------------------
119 XKB_MODEL="pc105"
120 XKB_LAYOUT="fr"
121 XKB_VARIANT="latin9"
122 XKB_OPTIONS=""
123 #------------------------
124 ENABLE_DHCP=true
125 #------------------------
126 ENABLE_CONSOLE=false
127 ENABLE_I2C=true
128 ENABLE_SPI=true
129 ENABLE_IPV6=true
130 ENABLE_SSHD=true
131 ENABLE_NONFREE=true
132 ENABLE_WIRELESS=false
133 ENABLE_RSYSLOG=true
134 ENABLE_SOUND=true
135 ENABLE_HWRANDOM=true
136 ENABLE_MINGPU=true
137 ENABLE_DBUS=true
138 ENABLE_XORG=true
139 ENABLE_WM="lxdm"
140 #------------------------
141 ENABLE_MINBASE=false
142 ENABLE_REDUCE=false
143 ENABLE_UBOOT=false
144 ENABLE_FBTURBO=true
145 ENABLE_IPTABLES=false
146 ENABLE_USER=true
147 USER_NAME=ens-ife
148 ENABLE_ROOT=true
149 ENABLE_HARDNET=true
150 ENABLE_INITRAMFS=true
151 ENABLE_IFNAMES=true
152 #------------------------
153 ENABLE_ROOT_SSH=false
154 SSH_LIMIT_USERS=false
155 SSH_ROOT_PUB_KEY="/home/*****/.ssh/id_rsa.pub"
156 SSH_USER_PUB_KEY="/home/*****/.ssh/id_rsa.pub"
157 #------------------------
158 BUILD_KERNEL=true
159 KERNEL_BRANCH=rpi-4.13.y
160 KERNEL_REDUCE=false
161 KERNEL_HEADERS=true
162 KERNEL_REMOVESRC=true
163 KERNELSRC_CLEAN=true
164 KERNELSRC_CONFIG=true
165 #------------------------
166 REDUCE_APT=false
167 REDUCE_DOC=true
168 REDUCE_MAN=false
169 REDUCE_HWDB=true
170 REDUCE_BASH=false
171 REDUCE_SSHD=false
172 REDUCE_LOCALE=false
173 #-------------------------
174 ENABLE_CRYPTFS=false
175 #-------------------------
176 BASEDIR=/data/RpiGenImage/Images/${RELEASE}
177 #BASEDIR=/media/*******/*********/Nano-Ordinateurs/RaspberryPi/RpiGenImage/Images/${RELEASE}
178 DATE=`date +%Y-%m-%d`
179 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}
180
181
@@ -0,0 +1,122
1 # Configuration file raspi3 buster IFÉ 2020/01/28
2 #
3 APT_SERVER=debian.mirrors.ovh.net
4 #APT_SERVER=debian.proxad.net
5 APT_INCLUDES="gawk,gnupg,firmware-linux,\
6 firmware-linux-nonfree,firmware-misc-nonfree,\
7 firmware-realtek,firmware-brcm80211,dh-autoreconf,\
8 gettext,build-essential,git,systemd-sysv,bc,\
9 cmake,libjson-c-dev,unzip,usbutils,bison,\
10 automake,autoconf,autogen,\
11 libtool,libtool-bin,libltdl-dev,pkg-config,\
12 menulibre,libnotify-bin,pandoc,pm-utils,\
13 acpi-support,python3,python3-dev,python3-pypandoc,\
14 python3-scipy,python3-tk,python3-pandocfilters,\
15 python3-geopy,python3-pip,python,python-dev,\
16 python-tk,python-pip,\
17 python-tk,pandoc,python-configobj,python-cheetah,\
18 python-pil,python-serial,python-usb,pcre2-utils,\
19 libpcre++-dev,libpcre2-dev,libjpeg-dev,i2c-tools,\
20 python3-smbus,policykit-1,pmount,ntpdate,ntp,\
21 rsync,gnome-backgrounds,mate-backgrounds,texlive,\
22 texlive-xetex,nginx-extras,ffmpeg,network-manager,\
23 console-data,keyboard-configuration,\
24 libqt5webkit5-dev,libudev-dev,gfortran-9,\
25 libgfortran-9-dev,\
26 libzzip-dev,zlib1g-dev,libcanberra-gtk-module,\
27 libnss-myhostname,libfreetype6-dev,libpng16-16,\
28 libffi-dev,libltdl-dev,dbus-user-session,\
29 debian-archive-keyring,curl,wget,mousepad,\
30 xutils-dev,\
31 tightvncserver,geany,openbox-menu,\
32 autotools-dev,htop,ca-certificates-java,\
33 icedtea-netx,openjdk-11-jdk,\
34 openjdk-11-jre,openjdk-11-jre-headless,\
35 jed,nmap,terminator,libboost-all-dev"
36 #x11proto-randr-dev,lxrandr,\
37 #APT_INCLUDES_LATE="jed,\
38 #"
39 #----------------------
40 RPI_MODEL=3
41 RELEASE="bullseye"
42 RELEASE_ARCH="armhf"
43 SET_ARCH=32
44 HOSTNAME="raspife3"
45 PASSWORD="AChanger1$"
46 USER_PASSWORD="AChanger1$"
47 DEFLOCAL="fr_FR.UTF-8"
48 TIMEZONE="Europe/Paris"
49 EXPANDROOT=false
50 ENABLE_QEMU=false
51 #-----------------------
52 XKB_MODEL="pc105"
53 XKB_LAYOUT="fr"
54 XKB_VARIANT="latin9"
55 XKB_OPTIONS=""
56 #------------------------
57 ENABLE_DHCP=true
58 #------------------------
59 ENABLE_CONSOLE=false
60 ENABLE_BLUETOOTH=false
61 ENABLE_I2C=true
62 ENABLE_SPI=true
63 ENABLE_IPV6=true
64 ENABLE_SSHD=true
65 ENABLE_NONFREE=true
66 ENABLE_WIRELESS=true
67 ENABLE_RSYSLOG=true
68 ENABLE_SOUND=true
69 ENABLE_HWRANDOM=true
70 ENABLE_MINGPU=true
71 ENABLE_DBUS=true
72 ENABLE_XORG=true
73 ENABLE_WM="openbox"
74 ENABLE_SYSVINIT=true
75 #------------------------
76 ENABLE_MINBASE=false
77 ENABLE_REDUCE=false
78 ENABLE_UBOOT=false
79 ENABLE_FBTURBO=false
80 ENABLE_VIDEOCORE=true
81 ENABLE_IPTABLES=false
82 ENABLE_USER=true
83 USER_NAME=ens-ife
84 ENABLE_ROOT=false
85 ENABLE_HARDNET=true
86 ENABLE_INITRAMFS=true
87 ENABLE_IFNAMES=true
88 #DISABLE_UNDERVOLT_WARNINGS=
89 #------------------------
90 SSH_ENABLE_ROOT=false
91 SSH_LIMIT_USERS=false
92 SSH_ROOT_PUB_KEY="/home/vidal/.ssh/authorized_keys"
93 SSH_USER_PUB_KEY="/home/vidal/.ssh/authorized_keys"
94 #------------------------
95 BUILD_KERNEL=true
96 KERNEL_BRANCH=rpi-5.4.y
97 KERNEL_REDUCE=false
98 KERNEL_HEADERS=true
99 KERNEL_REMOVESRC=true
100 KERNELSRC_CLEAN=true
101 KERNELSRC_CONFIG=true
102 #KERNEL_DEFCONFIG=bcm2835_defconfig
103 #KERNEL_BIN_IMAGE=Image
104 #KERNEL_IMAGE=kernel7.img
105 KERNEL_CCACHE=true
106 #------------------------
107 REDUCE_APT=false
108 REDUCE_DOC=true
109 REDUCE_MAN=true
110 REDUCE_HWDB=false
111 REDUCE_BASH=false
112 REDUCE_SSHD=false
113 REDUCE_LOCALE=false
114 #-------------------------
115 ENABLE_CRYPTFS=false
116 #-------------------------
117 BASEDIR=/storage/RpiGenImage/Images/${RELEASE}
118 #BASEDIR=/media/*******/*********/Nano-Ordinateurs/RaspberryPi/RpiGenImage/Images/${RELEASE}
119 DATE=`date +%Y-%m-%d`
120 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}
121
122
@@ -0,0 +1,100
1
2 # Configuration file raspi3 Buster IFÉ 2017/11/01
3
4 #
5 APT_SERVER=debian.mirrors.ovh.net
6 APT_INCLUDES=""
7 APT_INCLUDES_LATE="gnupg,firmware-linux-nonfree,firmware-linux,dh-autoreconf,\
8 gettext,build-essential,git,cmake,libjson-c-dev,unzip,usbutils,\
9 bison,libboost-all-dev,automake,autoconf,autogen,libtool,libtool-bin,\
10 pkg-config,checkinstall,menulibre,libnotify-bin,pandoc,\
11 python3,python3-dev,python3-pypandoc,python3-scipy,python3-tk,python3-pandocfilters,\
12 python3-geopy,python3-pip,\
13 python,python-dev,python-pypandoc,python-scipy,python-tk,python-pandocfilters,\
14 python-geopy,python-pip,python-tk,pandoc,\
15 python-configobj,python-cheetah,python-imaging,python-serial,python-usb,\
16 pcre2-utils,libpcre++-dev,libpcre2-dev,libjpeg-dev,i2c-tools,python-smbus,policykit-1,\
17 pmount,ntpdate,ntp,rsync,\
18 texlive,texlive-xetex,nginx-extras,ffmpeg,wicd,wicd-gtk,console-data,keyboard-configuration,\
19 libqtwebkit-dev,libqt5webkit5-dev,\
20 libudev-dev,libzzip-dev,zlib1g-dev,libcanberra-gtk-module,libnss-myhostname,libfreetype6-dev,libpng16-16,\
21 nmap,libltdl-dev,dbus-user-session,debian-archive-keyring,\
22 xutils-dev,lxsession,openbox-lxde-session,lxde,x11proto-randr-dev,lxrandr,\
23 tightvncserver,geany,geany-plugin-py,firefox-esr,firefox-esr-l10n-fr,jed,terminator,automake"
24 #ca-certificates-java,icedtea-plugin,icedtea-netx,\
25 #openjdk-8-jdk,openjdk-8-jre,openjdk-8-jre-headless,\
26 #openjdk-9-jdk,openjdk-9-jre,openjdk-9-jre-headless"
27 #----------------------
28 RPI_MODEL=3
29 RELEASE="buster"
30 RELEASE_ARCH="armhf"
31 HOSTNAME="raspife3"
32 PASSWORD="***********"
33 USER_PASSWORD="*************"
34 DEFLOCAL="fr_FR.UTF-8"
35 TIMEZONE="Europe/Paris"
36 EXPANDROOT=false
37 #-----------------------
38 XKB_MODEL="pc105"
39 XKB_LAYOUT="fr"
40 XKB_VARIANT="latin9"
41 XKB_OPTIONS=""
42 #------------------------
43 ENABLE_DHCP=true
44 #------------------------
45 ENABLE_CONSOLE=false
46 ENABLE_I2C=true
47 ENABLE_SPI=true
48 ENABLE_IPV6=true
49 ENABLE_SSHD=true
50 ENABLE_NONFREE=true
51 ENABLE_WIRELESS=true
52 ENABLE_RSYSLOG=true
53 ENABLE_SOUND=true
54 ENABLE_HWRANDOM=true
55 ENABLE_MINGPU=true
56 ENABLE_DBUS=true
57 ENABLE_XORG=true
58 ENABLE_WM="lxdm"
59 #------------------------
60 ENABLE_MINBASE=false
61 ENABLE_REDUCE=false
62 ENABLE_UBOOT=false
63 ENABLE_FBTURBO=true
64 ENABLE_IPTABLES=false
65 ENABLE_USER=true
66 USER_NAME=ens-ife
67 ENABLE_ROOT=true
68 ENABLE_HARDNET=true
69 ENABLE_INITRAMFS=true
70 ENABLE_IFNAMES=true
71 #------------------------
72 ENABLE_ROOT_SSH=false
73 SSH_LIMIT_USERS=false
74 SSH_ROOT_PUB_KEY="/home/*****/.ssh/authorized_keys"
75 SSH_USER_PUB_KEY="/home/*****/.ssh/authorized_keys"
76 #------------------------
77 BUILD_KERNEL=true
78 KERNEL_BRANCH=rpi-4.13.y
79 KERNEL_REDUCE=false
80 KERNEL_HEADERS=true
81 KERNEL_REMOVESRC=true
82 KERNELSRC_CLEAN=true
83 KERNELSRC_CONFIG=true
84 #------------------------
85 REDUCE_APT=false
86 REDUCE_DOC=true
87 REDUCE_MAN=false
88 REDUCE_HWDB=true
89 REDUCE_BASH=false
90 REDUCE_SSHD=false
91 REDUCE_LOCALE=false
92 #-------------------------
93 ENABLE_CRYPTFS=false
94 #-------------------------
95 BASEDIR=/data/RpiGenImage/Images/${RELEASE}
96 #BASEDIR=/media/*******/*********/Nano-Ordinateurs/RaspberryPi/RpiGenImage/Images/${RELEASE}
97 DATE=`date +%Y-%m-%d`
98 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}
99
100
@@ -0,0 +1,106
1 # Configuration file raspi3 Buster IFÉ 2017/11/01
2 #
3 APT_SERVER=debian.mirrors.ovh.net
4 APT_INCLUDES=""
5 APT_INCLUDES_LATE=""
6 APT_INCLUDES_LATE="gnupg,firmware-linux-nonfree,firmware-linux,dh-autoreconf,\
7 gettext,build-essential,git,cmake,libjson-c-dev,unzip,usbutils,\
8 bison,libboost-all-dev,automake,autoconf,autogen,libtool,libtool-bin,\
9 pkg-config,checkinstall,menulibre,libnotify-bin,pandoc,\
10 python3,python3-dev,python3-pypandoc,python3-scipy,python3-tk,python3-pandocfilters,\
11 python3-geopy,python3-pip,\
12 python,python-dev,python-pypandoc,python-scipy,python-tk,python-pandocfilters,\
13 python-geopy,python-pip,python-tk,pandoc,\
14 python-configobj,python-cheetah,python-imaging,python-serial,python-usb,\
15 pcre2-utils,libpcre++-dev,libpcre2-dev,libjpeg-dev,i2c-tools,python-smbus,policykit-1,\
16 pmount,ntpdate,ntp,rsync,\
17 texlive,texlive-xetex,nginx-extras,ffmpeg,wicd,wicd-gtk,console-data,keyboard-configuration,\
18 libqtwebkit-dev,libqt5webkit5-dev,\
19 libudev-dev,libzzip-dev,zlib1g-dev,libcanberra-gtk-module,libnss-myhostname,libfreetype6-dev,libpng16-16,\
20 nmap,libltdl-dev,dbus-user-session,debian-archive-keyring,\
21 xutils-dev,lxsession,openbox-lxde-session,lxde,x11proto-randr-dev,lxrandr,\
22 tightvncserver,geany,geany-plugin-py,firefox-esr,firefox-esr-l10n-fr,jed"
23 #ca-certificates-java,icedtea-plugin,icedtea-netx,\
24 #openjdk-8-jdk,openjdk-8-jre,openjdk-8-jre-headless,\
25 #openjdk-9-jdk,openjdk-9-jre,openjdk-9-jre-headless"
26 #----------------------
27 RPI_MODEL=3
28 RELEASE=buster
29 RELEASE_ARCH="armhf"
30 HOSTNAME="raspife3"
31 PASSWORD="AChanger1$"
32 USER_PASSWORD="AChanger1$"
33 DEFLOCAL="fr_FR.UTF-8"
34 TIMEZONE="Europe/Paris"
35 EXPANDROOT=false
36 #-----------------------
37 XKB_MODEL="pc105"
38 XKB_LAYOUT="fr"
39 XKB_VARIANT="latin9"
40 XKB_OPTIONS=""
41 #------------------------
42 ENABLE_DHCP=true
43 #------------------------
44 ENABLE_CONSOLE=false
45 ENABLE_I2C=true
46 ENABLE_SPI=true
47 ENABLE_IPV6=true
48 ENABLE_SSHD=true
49 ENABLE_NONFREE=true
50 ENABLE_WIRELESS=true
51 ENABLE_RSYSLOG=true
52 ENABLE_SOUND=true
53 ENABLE_HWRANDOM=true
54 ENABLE_MINGPU=true
55 ENABLE_DBUS=true
56 ENABLE_XORG=true
57 ENABLE_WM="lxdm"
58 #------------------------
59 ENABLE_MINBASE=false
60 ENABLE_REDUCE=false
61 ENABLE_UBOOT=false
62 ENABLE_FBTURBO=true
63 ENABLE_IPTABLES=false
64 ENABLE_USER=true
65 USER_NAME=ens-ife
66 ENABLE_ROOT=true
67 ENABLE_HARDNET=true
68 ENABLE_INITRAMFS=true
69 ENABLE_IFNAMES=true
70 #------------------------
71 ENABLE_ROOT_SSH=false
72 SSH_LIMIT_USERS=false
73 SSH_ROOT_PUB_KEY="/home/vidal/.ssh/authorized_keys"
74 SSH_USER_PUB_KEY="/home/vidal/.ssh/authorized_keys"
75 #------------------------
76 BUILD_KERNEL=true
77 KERNEL_ARCH=arm64
78 RELEASE_ARCH=arm64
79 CROSS_COMPILE=aarch64-linux-gnu-
80 QEMU_BINARY=/usr/bin/qemu-aarch64-static
81 KERNEL_DEFCONFIG=bcmrpi3_defconfig
82 KERNEL_BIN_IMAGE=Image
83 KERNEL_IMAGE="kernel10.img"
84 KERNEL_BRANCH=rpi-4.13.y
85 KERNEL_REDUCE=false
86 KERNEL_HEADERS=true
87 KERNEL_REMOVESRC=true
88 KERNELSRC_CLEAN=true
89 KERNELSRC_CONFIG=true
90 #------------------------
91 REDUCE_APT=false
92 REDUCE_DOC=true
93 REDUCE_MAN=false
94 REDUCE_HWDB=true
95 REDUCE_BASH=false
96 REDUCE_SSHD=false
97 REDUCE_LOCALE=false
98 #-------------------------
99 ENABLE_CRYPTFS=false
100 #-------------------------
101 BASEDIR=/data/RpiGenImage/Images/${RELEASE}
102 #BASEDIR=/media/vidal/ExternGV/Nano-Ordinateurs/RaspberryPi/RpiGenImage/Images/${RELEASE}
103 DATE=`date +%Y-%m-%d`
104 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}
105
106
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=3
3 RELEASE=jessie
4 BUILD_KERNEL=true
@@ -0,0 +1,92
1
2 # Configuration file raspi3 Stretch IFÉ 2017/07/26
3 #
4 APT_SERVER=ftp.fr.debian.org
5 APT_INCLUDES="gnupg,gnupg2,firmware-linux-nonfree,firmware-linux,dh-autoreconf,\
6 gettext,build-essential,git,cmake,libjson-c-dev,unzip,usbutils,\
7 bison,libboost-all-dev,automake,autoconf,autogen,libtool,libtool-bin,\
8 pkg-config,checkinstall,menulibre,libnotify-bin,pandoc,\
9 python3,python3-dev,python3-pypandoc,python3-scipy,python3-tk,python3-pandocfilters,\
10 python,python-dev,python-pypandoc,python-scipy,python-tk,python-pandocfilters,\
11 python3-geopy,python3-pip,\
12 python-geopy,python-pip,\
13 python-configobj,python-cheetah,python-imaging,python-serial,python-usb,\
14 pcre2-utils,libpcre++-dev,libpcre2-dev,libjpeg-dev,jed,i2c-tools,python-smbus,policykit-1,\
15 pmount,ntpdate,\
16 texlive,texlive-xetex,nginx-extras,ffmpeg,wicd,wicd-gtk,console-data,keyboard-configuration,\
17 icedtea-8-plugin,openjdk-8-jdk,openjdk-8-jre,openjdk-8-jre-headless,libqtwebkit-dev,libqt5webkit5-dev,\
18 libudev-dev,libzzip-dev,zlib1g-dev,libcanberra-gtk-module,libnss-myhostname,libfreetype6-dev,libpng16-16,\
19 nmap,libltdl-dev,dbus-user-session,debian-archive-keyring,\
20 xutils-dev,lxsession,openbox-lxde-session,lxde,x11proto-randr-dev,lxrandr,\
21 tightvncserver,geany,geany-plugin-py,geany-plugin-markdown,firefox-esr,firefox-esr-l10n-fr"
22 #----------------------
23 RPI_MODEL=3
24 RELEASE="stretch"
25 HOSTNAME="raspife3"
26 PASSWORD="**************"
27 USER_PASSWORD="***************
28 DEFLOCAL="fr_FR.UTF-8"
29 TIMEZONE="Europe/Paris"
30 EXPANDROOT=false
31 #-----------------------
32 XKB_MODEL="pc105"
33 XKB_LAYOUT="fr"
34 XKB_VARIANT="latin9"
35 XKB_OPTIONS=""
36 #------------------------
37 ENABLE_DHCP=true
38 #------------------------
39 ENABLE_CONSOLE=false
40 ENABLE_I2C=true
41 ENABLE_SPI=true
42 ENABLE_IPV6=true
43 ENABLE_SSHD=true
44 ENABLE_NONFREE=true
45 ENABLE_WIRELESS=true
46 ENABLE_RSYSLOG=true
47 ENABLE_SOUND=true
48 ENABLE_HWRANDOM=true
49 ENABLE_MINGPU=true
50 ENABLE_DBUS=true
51 ENABLE_XORG=true
52 ENABLE_WM="lxdm"
53 #------------------------
54 ENABLE_MINBASE=false
55 ENABLE_REDUCE=false
56 ENABLE_UBOOT=false
57 ENABLE_FBTURBO=true
58 ENABLE_IPTABLES=false
59 ENABLE_USER=true
60 USER_NAME=ens-ife
61 ENABLE_ROOT=true
62 ENABLE_HARDNET=true
63 ENABLE_INITRAMFS=true
64 ENABLE_IFNAMES=true
65 #------------------------
66 ENABLE_ROOT_SSH=false
67 SSH_LIMIT_USERS=fal
68 SSH_ROOT_PUB_KEY="/home/*******/.ssh/authorized_keys"
69 SSH_USER_PUB_KEY="/home/*******/.ssh/authorized_keys"
70 #------------------------
71 BUILD_KERNEL=true
72 KERNEL_REDUCE=false
73 KERNEL_HEADERS=true
74 KERNEL_REMOVESRC=true
75 KERNELSRC_CLEAN=true
76 KERNELSRC_CONFIG=true
77 #------------------------
78 REDUCE_APT=false
79 REDUCE_DOC=true
80 REDUCE_MAN=false
81 REDUCE_HWDB=true
82 REDUCE_BASH=false
83 REDUCE_SSHD=false
84 REDUCE_LOCALE=false
85 #-------------------------
86 ENABLE_CRYPTFS=false
87 #-------------------------
88 BASEDIR=/data/RpiGenImage/Images/${RELEASE}
89 DATE=`date +%Y-%m-%d`
90 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}
91
92
@@ -0,0 +1,91
1
2 # Configuration file raspi3 Stretch Weewx IFÉ 2017/07/26
3 #
4 APT_SERVER=ftp.fr.debian.org
5 APT_INCLUDES="debian-archive-keyring,debian-keyring,automake,autoconf,autogen,gawk,gnupg,gnupg2,\
6 build-essential,git,cmake,libjson-c-dev,unzip,\
7 bison,libboost-all-dev,libtool,libtool-bin,pkg-config,checkinstall,libnotify-bin,pandoc,\
8 python3,python3-dev,python,python-dev,python-configobj,python-cheetah,python-mysqldb\
9 python-imaging,python-serial,python-usb,python-tk,python3-tk,python3-scipy,\
10 python-pypandoc,python3-pypandoc,python-pandocfilters,python3-pandocfilters,\
11 python-geopy,python3-geopy,python-pip,python3-pip,python-smbus,\
12 libudev-dev,libzzip-dev,zlib1g-dev,libnss-myhostname,libpng16-16,nmap,\
13 libltdl-dev,usbutils,pmount,ntpdate,texlive,texlive-xetex,nginx-extras,policykit-1,\
14 openjdk-8-jdk-headless,openjdk-8-jre-headless,\
15 pcre2-utils,libpcre++-dev,libpcre2-dev,libjpeg-dev,i2c-tools"
16 #----------------------
17 RPI_MODEL=3
18 RELEASE="stretch"
19 HOSTNAME="raspwife3"
20 PASSWORD="************"
21 USER_PASSWORD="************"
22
23 DEFLOCAL="fr_FR.UTF-8"
24 TIMEZONE="Europe/Paris"
25 EXPANDROOT=false
26 #-----------------------
27 XKB_MODEL="pc105"
28 XKB_LAYOUT="fr"
29 XKB_VARIANT="latin9"
30 XKB_OPTIONS=""
31 #------------------------
32 ENABLE_DHCP=false
33 NET_ADDRESS="192.168.***.***/24"
34 NET_GATEWAY="192.168.***.1"
35 NET_DNS_1="192.168.***.1"
36 NET_DNS_2="8.8.8.8"
37 #------------------------
38 ENABLE_CONSOLE=false
39 ENABLE_I2C=true
40 ENABLE_SPI=true
41 ENABLE_IPV6=true
42 ENABLE_SSHD=true
43 ENABLE_NONFREE=true
44 ENABLE_WIRELESS=true
45 ENABLE_RSYSLOG=true
46 ENABLE_SOUND=true
47 ENABLE_HWRANDOM=true
48 ENABLE_MINGPU=true
49 ENABLE_DBUS=true
50 ENABLE_XORG=false
51 ENABLE_WM=""
52 #------------------------
53 ENABLE_MINBASE=false
54 ENABLE_REDUCE=false
55 ENABLE_UBOOT=false
56 ENABLE_FBTURBO=false
57 ENABLE_IPTABLES=false
58 ENABLE_USER=true
59 USER_NAME=ens-ife
60 ENABLE_ROOT=true
61 ENABLE_HARDNET=true
62 ENABLE_INITRAMFS=true
63 ENABLE_IFNAMES=true
64 #------------------------
65 ENABLE_ROOT_SSH=false
66 SSH_LIMIT_USERS=false
67 SSH_ROOT_PUB_KEY="/home/*******/.ssh/authorized_keys"
68 SSH_USER_PUB_KEY="/home/*******/.ssh/authorized_keys"
69 #------------------------
70 BUILD_KERNEL=true
71 KERNEL_REDUCE=false
72 KERNEL_HEADERS=true
73 KERNEL_REMOVESRC=true
74 KERNELSRC_CLEAN=true
75 KERNELSRC_CONFIG=true
76 #------------------------
77 REDUCE_APT=false
78 REDUCE_DOC=true
79 REDUCE_MAN=false
80 REDUCE_HWDB=true
81 REDUCE_BASH=false
82 REDUCE_SSHD=false
83 REDUCE_LOCALE=false
84 #-------------------------
85 ENABLE_CRYPTFS=false
86 #-------------------------
87 BASEDIR=/data/RpiGenImage/Images/${RELEASE}
88 DATE=`date +%Y-%m-%d`
89 IMAGE_NAME=${BASEDIR}/${DATE}-rpiw${RPI_MODEL}-${RELEASE}
90
91
@@ -0,0 +1,122
1 # Configuration file raspi3 buster IFÉ 2020/02/04
2 #
3 APT_SERVER=debian.mirrors.ovh.net
4 #APT_SERVER=debian.proxad.net
5 APT_INCLUDES="gawk,gnupg,firmware-linux,\
6 firmware-linux-nonfree,firmware-misc-nonfree,\
7 firmware-realtek,firmware-brcm80211,dh-autoreconf,\
8 gettext,build-essential,git,systemd-sysv,bc,\
9 cmake,libjson-c-dev,unzip,usbutils,bison,\
10 automake,autoconf,autogen,\
11 libtool,libtool-bin,libltdl-dev,pkg-config,\
12 menulibre,libnotify-bin,pandoc,pm-utils,\
13 acpi-support,python3,python3-dev,python3-pypandoc,\
14 python3-scipy,python3-tk,python3-pandocfilters,\
15 python3-geopy,python3-pip,python,python-dev,\
16 python-tk,python-pip,\
17 python-tk,pandoc,python-configobj,python-cheetah,\
18 python-pil,python-serial,python-usb,pcre2-utils,\
19 libpcre++-dev,libpcre2-dev,libjpeg-dev,i2c-tools,\
20 python3-smbus,policykit-1,pmount,ntpdate,ntp,\
21 rsync,gnome-backgrounds,mate-backgrounds,texlive,\
22 texlive-xetex,nginx-extras,ffmpeg,network-manager,\
23 console-data,keyboard-configuration,\
24 libqt5webkit5-dev,libudev-dev,gfortran-8,\
25 libgfortran-8-dev,\
26 libzzip-dev,zlib1g-dev,libcanberra-gtk-module,\
27 libnss-myhostname,libfreetype6-dev,libpng16-16,\
28 libffi-dev,libltdl-dev,dbus-user-session,\
29 debian-archive-keyring,curl,wget,mousepad,\
30 xutils-dev,\
31 tightvncserver,geany,openbox-menu,\
32 autotools-dev,htop,ca-certificates-java,\
33 icedtea-netx,openjdk-11-jdk,\
34 openjdk-11-jre,openjdk-11-jre-headless,\
35 jed,nmap,terminator,libboost-all-dev"
36 #x11proto-randr-dev,lxrandr,\
37 #APT_INCLUDES_LATE="jed,\
38 #"
39 #----------------------
40 RPI_MODEL=4
41 RELEASE="buster"
42 RELEASE_ARCH="arm64"
43 SET_ARCH=32
44 HOSTNAME="raspife4"
45 PASSWORD="AChanger1$"
46 USER_PASSWORD="AChanger1$"
47 DEFLOCAL="fr_FR.UTF-8"
48 TIMEZONE="Europe/Paris"
49 EXPANDROOT=false
50 ENABLE_QEMU=false
51 #-----------------------
52 XKB_MODEL="pc105"
53 XKB_LAYOUT="fr"
54 XKB_VARIANT="latin9"
55 XKB_OPTIONS=""
56 #------------------------
57 ENABLE_DHCP=true
58 #------------------------
59 ENABLE_CONSOLE=false
60 ENABLE_BLUETOOTH=false
61 ENABLE_I2C=true
62 ENABLE_SPI=true
63 ENABLE_IPV6=true
64 ENABLE_SSHD=true
65 ENABLE_NONFREE=true
66 ENABLE_WIRELESS=true
67 ENABLE_RSYSLOG=true
68 ENABLE_SOUND=true
69 ENABLE_HWRANDOM=true
70 ENABLE_MINGPU=true
71 ENABLE_DBUS=true
72 ENABLE_XORG=true
73 ENABLE_WM="openbox"
74 ENABLE_SYSVINIT=true
75 #------------------------
76 ENABLE_MINBASE=false
77 ENABLE_REDUCE=false
78 ENABLE_UBOOT=false
79 ENABLE_FBTURBO=false
80 ENABLE_VIDEOCORE=true
81 ENABLE_IPTABLES=false
82 ENABLE_USER=true
83 USER_NAME=ens-ife
84 ENABLE_ROOT=false
85 ENABLE_HARDNET=true
86 ENABLE_INITRAMFS=true
87 ENABLE_IFNAMES=true
88 #DISABLE_UNDERVOLT_WARNINGS=
89 #------------------------
90 SSH_ENABLE_ROOT=false
91 SSH_LIMIT_USERS=false
92 SSH_ROOT_PUB_KEY="/home/vidal/.ssh/authorized_keys"
93 SSH_USER_PUB_KEY="/home/vidal/.ssh/authorized_keys"
94 #------------------------
95 BUILD_KERNEL=true
96 KERNEL_BRANCH=rpi-4.19.y
97 KERNEL_REDUCE=false
98 KERNEL_HEADERS=true
99 KERNEL_REMOVESRC=true
100 KERNELSRC_CLEAN=true
101 KERNELSRC_CONFIG=true
102 #KERNEL_DEFCONFIG=bcm2835_defconfig
103 #KERNEL_BIN_IMAGE=Image
104 #KERNEL_IMAGE=kernel7.img
105 KERNEL_CCACHE=true
106 #------------------------
107 REDUCE_APT=false
108 REDUCE_DOC=true
109 REDUCE_MAN=true
110 REDUCE_HWDB=false
111 REDUCE_BASH=false
112 REDUCE_SSHD=false
113 REDUCE_LOCALE=false
114 #-------------------------
115 ENABLE_CRYPTFS=false
116 #-------------------------
117 BASEDIR=/storage/RpiGenImage/Images/${RELEASE}
118 #BASEDIR=/media/*******/*********/Nano-Ordinateurs/RaspberryPi/RpiGenImage/Images/${RELEASE}
119 DATE=`date +%Y-%m-%d`
120 IMAGE_NAME=${BASEDIR}/${DATE}-rpi${RPI_MODEL}-${RELEASE}-${SET_ARCH}
121
122
@@ -1,6 +1,6
1 1 images
2 2 custom.d
3 packages
4 3 *.swp
5 4 *.bak
6 5 *.log
6 *~ No newline at end of file
@@ -1,572 +1,574
1 1 # rpi23-gen-image
2 2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for all Raspberry Pi computers. The script at this time supports the bootstrapping of the Debian (armhf/armel) releases `stretch` and `buster`. Raspberry Pi 0/1/2/3/4 images are generated for 32-bit mode only. Raspberry Pi 3 supports 64-bit images that can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
3
4 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2), Raspberry Pi 3 (RPi3) and Raspberry Pi 4 (RPi4) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `jessie`, `stretch`, `buster` and 'bullseye'. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 and Raspberry Pi 4 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.11.y```).
4 5
5 6 ## Build dependencies
6 7 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7 8
8 9 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9 10
10 11 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the Raspberry 3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf/armel/aarch64) cross-compiler toolchain.
11 12
12 13 The script has been tested using the default `crossbuild-essential-armhf` and `crossbuild-essential-armel` toolchain meta packages on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13 14
14 15 ## Command-line parameters
15 16 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16 17
17 18 ##### Command-line examples:
18 19 ```shell
19 20 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 21 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 22 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 23 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 24 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 25 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 26 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 27 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 28 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 29 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 30 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 31 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 32 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 33 ```
33 34
34 35 ## Configuration template files
35 36 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36 37
37 38 ##### Command-line examples:
38 39 ```shell
39 40 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 41 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 42 ```
42 43
43 44 ## Supported parameters and settings
44 45 #### APT settings:
45 46 ##### `APT_SERVER`="ftp.debian.org"
46 47 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47 48
48 49 ##### `APT_PROXY`=""
49 50 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50 51
51 52 ##### `KEEP_APT_PROXY`=false
52 53 Keep the APT_PROXY settings used in the bootsrapping process in the generated image.
53 54
54 55 ##### `APT_INCLUDES`=""
55 56 A comma-separated list of additional packages to be installed by debootstrap during bootstrapping.
56 57
57 58 ##### `APT_INCLUDES_LATE`=""
58 59 A comma-separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
59 60
60 61 ---
61 62
62 63 #### General system settings:
63 64 ##### `SET_ARCH`=32
65
64 66 Set Architecture to default 32bit. If you want to compile 64-bit (RPI3/RPI3+/RPI4) set it to `64`. This option will set every needed cross-compiler or board specific option for a successful build.
65 67
66 68 ##### `RPI_MODEL`=2
67 69 Specify the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
68 70 - `0` = Raspberry Pi 0 and Raspberry Pi 0 W
69 71 - `1` = Raspberry Pi 1 model A and B
70 72 - `1P` = Raspberry Pi 1 model B+ and A+
71 73 - `2` = Raspberry Pi 2 model B
72 74 - `3` = Raspberry Pi 3 model B
73 75 - `3P` = Raspberry Pi 3 model B+
74 76 - `4` = Raspberry Pi 4 model B
75 77
76 78 ##### `RELEASE`="buster"
77 79 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
78 80
79 81 ##### `RELEASE_ARCH`="armhf"
80 82 Set the desired Debian release architecture.
81 83
82 84 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
83 85 Set system hostname. It's recommended that the hostname is unique in the corresponding subnet.
84 86
85 87 ##### `PASSWORD`="raspberry"
86 88 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
87 89
88 90 ##### `USER_PASSWORD`="raspberry"
89 91 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
90 92
91 93 ##### `DEFLOCAL`="en_US.UTF-8"
92 94 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
93 95
94 96 ##### `TIMEZONE`="Europe/Berlin"
95 97 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
96 98
97 99 ##### `EXPANDROOT`=true
98 100 Expand the root partition and filesystem automatically on first boot.
99 101
100 102 ##### `ENABLE_DPHYSSWAP`=true
101 103 Enable swap. The size of the swapfile is chosen relative to the size of the root partition. It'll use the `dphys-swapfile` package for that.
102 104
103 105 ##### `ENABLE_QEMU`=false
104 106 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
105 107
106 108 ---
107 109
108 110 #### Keyboard settings:
109 111 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
110 112
111 113 ##### `XKB_MODEL`=""
112 114 Set the name of the model of your keyboard type.
113 115
114 116 ##### `XKB_LAYOUT`=""
115 117 Set the supported keyboard layout(s).
116 118
117 119 ##### `XKB_VARIANT`=""
118 120 Set the supported variant(s) of the keyboard layout(s).
119 121
120 122 ##### `XKB_OPTIONS`=""
121 123 Set extra xkb configuration options.
122 124
123 125 ---
124 126
125 127 #### Networking settings (DHCP):
126 128 This parameter is used to set up networking auto-configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
127 129
128 130 ##### `ENABLE_DHCP`=true
129 131 Set the system to use DHCP. This requires an DHCP server.
130 132
131 133 ---
132 134
133 135 #### Networking settings (static):
134 136 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
135 137
136 138 ##### `NET_ADDRESS`=""
137 139 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
138 140
139 141 ##### `NET_GATEWAY`=""
140 142 Set the IP address for the default gateway.
141 143
142 144 ##### `NET_DNS_1`=""
143 145 Set the IP address for the first DNS server.
144 146
145 147 ##### `NET_DNS_2`=""
146 148 Set the IP address for the second DNS server.
147 149
148 150 ##### `NET_DNS_DOMAINS`=""
149 151 Set the default DNS search domains to use for non fully qualified hostnames.
150 152
151 153 ##### `NET_NTP_1`=""
152 154 Set the IP address for the first NTP server.
153 155
154 156 ##### `NET_NTP_2`=""
155 157 Set the IP address for the second NTP server.
156 158
157 159 ---
158 160
159 161 #### Basic system features:
160 162 ##### `ENABLE_CONSOLE`=true
161 163 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
162 164
163 165 ##### `ENABLE_PRINTK`=false
164 166 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
165 167
166 168 ##### `ENABLE_BLUETOOTH`=false
167 169 Enable onboard Bluetooth interface on the RPi0/3/3P. See: [Configuring the GPIO serial port on Raspbian jessie and stretch](https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/).
168 170
169 171 ##### `ENABLE_MINIUART_OVERLAY`=false
170 172 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the CPU frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
171 173
172 174 ##### `ENABLE_TURBO`=false
173 175 Enable Turbo mode. This setting locks cpu at the highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
174 176
175 177 ##### `ENABLE_I2C`=false
176 178 Enable I2C interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
177 179
178 180 ##### `ENABLE_SPI`=false
179 181 Enable SPI interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
180 182
181 183 ##### `ENABLE_IPV6`=true
182 184 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
183 185
184 186 ##### `ENABLE_SSHD`=true
185 187 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
186 188
187 189 ##### `ENABLE_NONFREE`=false
188 190 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
189 191
190 192 ##### `ENABLE_WIRELESS`=false
191 193 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
192 194
193 195 ##### `ENABLE_RSYSLOG`=true
194 196 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
195 197
196 198 ##### `ENABLE_SOUND`=true
197 199 Enable sound hardware and install Advanced Linux Sound Architecture.
198 200
199 201 ##### `ENABLE_HWRANDOM`=true
200 202 Enable Hardware Random Number Generator. Strong random numbers are important for most network-based communications that use encryption. It's recommended to be enabled.
201 203
202 204 ##### `ENABLE_MINGPU`=false
203 205 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
204 206
205 207 ##### `ENABLE_DBUS`=true
206 208 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
207 209
208 210 ##### `ENABLE_XORG`=false
209 211 Install Xorg open-source X Window System.
210 212
211 213 ##### `ENABLE_WM`=""
212 214 Install a user-defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
213 215
214 216 ##### `ENABLE_SYSVINIT`=false
215 217 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
216 218
217 219 ---
218 220
219 221 #### Advanced system features:
220 222 ##### `ENABLE_KEYGEN`=false
221 223 Recover your lost codec license
222 224
223 225 ##### `ENABLE_SYSTEMDSWAP`=false
224 226 Enables [Systemd-swap service](https://github.com/Nefelim4ag/systemd-swap). Usefull if `KERNEL_ZSWAP` is enabled.
225 227
226 228 ##### `ENABLE_MINBASE`=false
227 229 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
228 230
229 231 ##### `ENABLE_REDUCE`=false
230 232 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
231 233
232 234 ##### `ENABLE_UBOOT`=false
233 235 Replace the default RPi 0/1/2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
234 236 RPI4 needs tbd
235 237
236 238 ##### `UBOOTSRC_DIR`=""
237 239 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
238 240
239 241 ##### `ENABLE_FBTURBO`=false
240 242 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
241 243
242 244 ##### `FBTURBOSRC_DIR`=""
243 245 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
244 246
245 247 ##### `ENABLE_VIDEOCORE`=false
246 248 Install and enable the [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
247 249
248 250 ##### `VIDEOCORESRC_DIR`=""
249 251 Path to a directory (`userland`) of [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
250 252
251 253 ##### `ENABLE_NEXMON`=false
252 254 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
253 255
254 256 ##### `NEXMONSRC_DIR`=""
255 257 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
256 258
257 259 ##### `ENABLE_IPTABLES`=false
258 260 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
259 261
260 262 ##### `ENABLE_USER`=true
261 263 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, the username will be `pi`.
262 264
263 265 ##### `USER_NAME`=pi
264 266 Non-root user to create. Ignored if `ENABLE_USER`=false
265 267
266 268 ##### `ENABLE_ROOT`=false
267 269 Set root user password so root login will be enabled
268 270
269 271 ##### `ENABLE_HARDNET`=false
270 272 Enable IPv4/IPv6 network stack hardening settings.
271 273
272 274 ##### `ENABLE_SPLITFS`=false
273 275 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
274 276
275 277 ##### `CHROOT_SCRIPTS`=""
276 278 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
277 279
278 280 ##### `ENABLE_INITRAMFS`=false
279 281 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
280 282
281 283 ##### `ENABLE_IFNAMES`=true
282 284 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
283 285
284 286 ##### `ENABLE_SPLASH`=true
285 287 Enable default Raspberry Pi boot up rainbow splash screen.
286 288
287 289 ##### `ENABLE_LOGO`=true
288 290 Enable default Raspberry Pi console logo (image of four raspberries in the top left corner).
289 291
290 292 ##### `ENABLE_SILENT_BOOT`=false
291 293 Set the verbosity of console messages shown during boot up to a strict minimum.
292 294
293 295 ##### `DISABLE_UNDERVOLT_WARNINGS`=
294 296 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
295 297
296 298 ---
297 299
298 300 #### SSH settings:
299 301 ##### `SSH_ENABLE_ROOT`=false
300 302 Enable password-based root login via SSH. This may be a security risk with the default password set, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
301 303
302 304 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
303 305 Disable password-based SSH authentication. Only public key based SSH (v2) authentication will be supported.
304 306
305 307 ##### `SSH_LIMIT_USERS`=false
306 308 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
307 309
308 310 ##### `SSH_ROOT_PUB_KEY`=""
309 311 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
310 312
311 313 ##### `SSH_USER_PUB_KEY`=""
312 314 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
313 315
314 316 ---
315 317
316 318 #### Kernel compilation:
317 319 ##### `BUILD_KERNEL`=true
318 320 Build and install the latest RPi 0/1/2/3/4 Linux kernel. The default RPi 0/1/2/3/ kernel configuration is used most of the time.
319 321 ENABLE_NEXMON - Changes Kernel Source to [https://github.com/Re4son/](Kali Linux Kernel)
320 322 Precompiled 32bit kernel for RPI0/1/2/3 by [https://github.com/hypriot/](hypriot)
321 323 Precompiled 64bit kernel for RPI3/4 by [https://github.com/sakaki-/](sakaki)
322 324
323 325
324 326 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
325 327 This sets the cross-compile environment for the compiler.
326 328
327 329 ##### `KERNEL_ARCH`="arm"
328 330 This sets the kernel architecture for the compiler.
329 331
330 332 ##### `KERNEL_IMAGE`="kernel7.img"
331 333 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
332 334
333 335 ##### `KERNEL_BRANCH`=""
334 336 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
335 337
336 338 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
337 339 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
338 340
339 341 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
340 342 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
341 343
342 344 ##### `KERNEL_REDUCE`=false
343 345 Reduce the size of the generated kernel by removing unwanted devices, network and filesystem drivers (experimental).
344 346
345 347 ##### `KERNEL_THREADS`=1
346 348 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
347 349
348 350 ##### `KERNEL_HEADERS`=true
349 351 Install kernel headers with the built kernel.
350 352
351 353 ##### `KERNEL_MENUCONFIG`=false
352 354 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
353 355
354 356 ##### `KERNEL_OLDDEFCONFIG`=false
355 357 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
356 358
357 359 ##### `KERNEL_CCACHE`=false
358 360 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
359 361
360 362 ##### `KERNEL_REMOVESRC`=true
361 363 Remove all kernel sources from the generated OS image after it was built and installed.
362 364
363 365 ##### `KERNELSRC_DIR`=""
364 366 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
365 367
366 368 ##### `KERNELSRC_CLEAN`=false
367 369 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
368 370
369 371 ##### `KERNELSRC_CONFIG`=true
370 372 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
371 373
372 374 ##### `KERNELSRC_USRCONFIG`=""
373 375 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
374 376
375 377 ##### `KERNELSRC_PREBUILT`=false
376 378 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
377 379
378 380 ##### `RPI_FIRMWARE_DIR`=""
379 381 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
380 382
381 383 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
382 384 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
383 385
384 386 ##### `KERNEL_NF`=false
385 387 Enable Netfilter modules as kernel modules
386 388
387 389 ##### `KERNEL_VIRT`=false
388 390 Enable Kernel KVM support (/dev/kvm)
389 391
390 392 ##### `KERNEL_ZSWAP`=false
391 393 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
392 394
393 395 ##### `KERNEL_BPF`=true
394 396 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
395 397
396 398 ##### `KERNEL_SECURITY`=false
397 399 Enables Apparmor, integrity subsystem, auditing.
398 400
399 401 ##### `KERNEL_BTRFS`="false"
400 402 enable btrfs kernel support
401 403
402 404 ##### `KERNEL_POEHAT`="false"
403 405 enable Enable RPI POE HAT fan kernel support
404 406
405 407 ##### `KERNEL_NSPAWN`="false"
406 408 Enable per-interface network priority control - for systemd-nspawn
407 409
408 410 ##### `KERNEL_DHKEY`="true"
409 411 Diffie-Hellman operations on retained keys - required for >keyutils-1.6
410 412
411 413 ---
412 414
413 415 #### Reduce disk usage:
414 416 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
415 417
416 418 ##### `REDUCE_APT`=true
417 419 Configure APT to use compressed package repository lists and no package caching files.
418 420
419 421 ##### `REDUCE_DOC`=true
420 422 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
421 423
422 424 ##### `REDUCE_MAN`=true
423 425 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
424 426
425 427 ##### `REDUCE_VIM`=false
426 428 Replace `vim-tiny` package by `levee` a tiny vim clone.
427 429
428 430 ##### `REDUCE_BASH`=false
429 431 Remove `bash` package and switch to `dash` shell (experimental).
430 432
431 433 ##### `REDUCE_HWDB`=true
432 434 Remove PCI related hwdb files (experimental).
433 435
434 436 ##### `REDUCE_SSHD`=true
435 437 Replace `openssh-server` with `dropbear`.
436 438
437 439 ##### `REDUCE_LOCALE`=true
438 440 Remove all `locale` translation files.
439 441
440 442 ---
441 443
442 444 #### Encrypted root partition:
443 445 ##### `ENABLE_CRYPTFS`=false
444 446 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
445 447
446 448 ##### `CRYPTFS_PASSWORD`=""
447 449 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
448 450
449 451 ##### `CRYPTFS_MAPPING`="secure"
450 452 Set name of dm-crypt managed device-mapper mapping.
451 453
452 454 ##### `CRYPTFS_CIPHER`="aes-xts-plain64"
453 455 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
454 456
455 457 ##### `CRYPTFS_HASH`=sha512
456 458 Hash function and size to be used
457 459
458 460 ##### `CRYPTFS_XTSKEYSIZE`=512
459 461 Sets key size in bits. The argument has to be a multiple of 8.
460 462
461 463 ##### `CRYPTFS_DROPBEAR`=false
462 464 Enable Dropbear Initramfs support
463 465
464 466 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
465 467 Provide path to dropbear Public RSA-OpenSSH Key
466 468
467 469 ---
468 470
469 471 #### Build settings:
470 472 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
471 473 Set a path to a working directory used by the script to generate an image.
472 474
473 475 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
474 476 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
475 477
476 478 ## Understanding the script
477 479 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
478 480
479 481 | Script | Description |
480 482 | --- | --- |
481 483 | `10-bootstrap.sh` | Debootstrap basic system |
482 484 | `11-apt.sh` | Setup APT repositories |
483 485 | `12-locale.sh` | Setup Locales and keyboard settings |
484 486 | `13-kernel.sh` | Build and install RPi 0/1/2/3 Kernel |
485 487 | `14-fstab.sh` | Setup fstab and initramfs |
486 488 | `15-rpi-config.sh` | Setup RPi 0/1/2/3 config and cmdline |
487 489 | `20-networking.sh` | Setup Networking |
488 490 | `21-firewall.sh` | Setup Firewall |
489 491 | `30-security.sh` | Setup Users and Security settings |
490 492 | `31-logging.sh` | Setup Logging |
491 493 | `32-sshd.sh` | Setup SSH and public keys |
492 494 | `41-uboot.sh` | Build and Setup U-Boot |
493 495 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
494 496 | `43-videocore.sh` | Build and Setup videocore libraries |
495 497 | `50-firstboot.sh` | First boot actions |
496 498 | `99-reduce.sh` | Reduce the disk space usage |
497 499
498 500 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
499 501
500 502 | Directory | Description |
501 503 | --- | --- |
502 504 | `apt` | APT management configuration files |
503 505 | `boot` | Boot and RPi 0/1/2/3 configuration files |
504 506 | `dpkg` | Package Manager configuration |
505 507 | `etc` | Configuration files and rc scripts |
506 508 | `firstboot` | Scripts that get executed on first boot |
507 509 | `initramfs` | Initramfs scripts |
508 510 | `iptables` | Firewall configuration files |
509 511 | `locales` | Locales configuration |
510 512 | `modules` | Kernel Modules configuration |
511 513 | `mount` | Fstab configuration |
512 514 | `network` | Networking configuration files |
513 515 | `sysctl.d` | Swapping and Network Hardening configuration |
514 516 | `xorg` | fbturbo Xorg driver configuration |
515 517
516 518 ## Custom packages and scripts
517 519 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
518 520
519 521 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
520 522
521 523 ## Logging of the bootstrapping process
522 524 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
523 525
524 526 ```shell
525 527 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
526 528 ```
527 529
528 530 ## Flashing the image file
529 531 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi 0/1/2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
530 532
531 533 ##### Flashing examples:
532 534 ```shell
533 535 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
534 536 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
535 537 ```
536 538 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
537 539 ```shell
538 540 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
539 541 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
540 542 ```
541 543
542 544 ## QEMU emulation
543 545 Start QEMU full system emulation:
544 546 ```shell
545 547 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
546 548 ```
547 549
548 550 Start QEMU full system emulation and output to console:
549 551 ```shell
550 552 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
551 553 ```
552 554
553 555 Start QEMU full system emulation with SMP and output to console:
554 556 ```shell
555 557 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
556 558 ```
557 559
558 560 Start QEMU full system emulation with cryptfs, initramfs and output to console:
559 561 ```shell
560 562 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
561 563 ```
562 564
563 565 ## External links and references
564 566 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
565 567 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
566 568 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
567 569 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
568 570 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
569 571 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
570 572 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
571 573 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm)
572 574 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,41 +1,48
1 1 #
2 2 # Debootstrap basic system
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 VARIANT=""
9 9 COMPONENTS="main"
10 10
11 11 # Use non-free Debian packages if needed
12 12 if [ "$ENABLE_NONFREE" = true ] ; then
13 13 COMPONENTS="main,non-free,contrib"
14 14 fi
15 15
16 16 # Use minbase bootstrap variant which only includes essential packages
17 17 if [ "$ENABLE_MINBASE" = true ] ; then
18 18 VARIANT="--variant=minbase"
19 19 fi
20 20
21
22 # Exclude packages if required by Debian release
23 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
24 EXCLUDES="--exclude=init,systemd-sysv"
25 fi
26
27
21 28 # Base debootstrap (unpack only)
22 29 http_proxy=${APT_PROXY} debootstrap ${APT_EXCLUDES} --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian"
23 30
24 31 # Copy qemu emulator binary to chroot
25 32 install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}"
26 33
27 34 # Copy debian-archive-keyring.pgp
28 35 mkdir -p "${R}/usr/share/keyrings"
29 36 install_readonly /usr/share/keyrings/debian-archive-keyring.gpg "${R}/usr/share/keyrings/debian-archive-keyring.gpg"
30 37
31 38 # Complete the bootstrapping process
32 39 chroot_exec /debootstrap/debootstrap --second-stage
33 40
34 41 # Mount required filesystems
35 42 mount -t proc none "${R}/proc"
36 43 mount -t sysfs none "${R}/sys"
37 44
38 45 # Mount pseudo terminal slave if supported by Debian release
39 46 if [ -d "${R}/dev/pts" ] ; then
40 47 mount --bind /dev/pts "${R}/dev/pts"
41 48 fi
@@ -1,50 +1,69
1 1 #
2 2 # Setup APT repositories
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup APT proxy configuration
9 9 if [ -z "$APT_PROXY" ] ; then
10 10 install_readonly files/apt/10proxy "${ETC_DIR}/apt/apt.conf.d/10proxy"
11 11 sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETC_DIR}/apt/apt.conf.d/10proxy"
12 12 fi
13 13
14 if [ "$BUILD_KERNEL" = false ] ; then
15 # Install APT pinning configuration for flash-kernel package
16 install_readonly files/apt/flash-kernel "${ETC_DIR}/apt/preferences.d/flash-kernel"
17
18 # Install APT sources.list
19 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list"
20 echo "deb ${COLLABORA_URL} ${RELEASE} rpi2" >> "${ETC_DIR}/apt/sources.list"
21
22 # Upgrade collabora package index and install collabora keyring
23 chroot_exec apt-get -qq -y update
24 # Removed --allow-unauthenticated as suggested after modification on _apt privileges
25 chroot_exec apt-get -qq -y install collabora-obs-archive-keyring
26 else # BUILD_KERNEL=true
14 27 # Install APT sources.list
15 28 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list"
16 29
17 30 # Use specified APT server and release
18 31 sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETC_DIR}/apt/sources.list"
32 sed -i "s/ jessie/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list"
33 fi
34
35
36 # Use specified APT server and release
37 sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETC_DIR}/apt/sources.list"
19 38
20 39 #Fix for changing path for security updates in testing/bullseye
21 40 if [ "$RELEASE" = "testing" ] ; then
22 41 sed -i "s,buster\\/updates,testing-security," "${ETC_DIR}/apt/sources.list"
23 42 sed -i "s/ buster/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list"
24 43 fi
25 44
26 45 if [ -z "$RELEASE" ] ; then
27 46 # Change release in sources list
28 47 sed -i "s/ buster/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list"
29 48 fi
30 49
31 50 # Upgrade package index and update all installed packages and changed dependencies
32 51 chroot_exec apt-get -qq -y update
33 52 chroot_exec apt-get -qq -y -u dist-upgrade
34 53
35 54 # Install additional packages
36 55 if [ "$APT_INCLUDES_LATE" ] ; then
37 56 chroot_exec apt-get -qq -y install $(echo "$APT_INCLUDES_LATE" |tr , ' ')
38 57 fi
39 58
40 59 # Install Debian custom packages
41 60 if [ -d packages ] ; then
42 61 for package in packages/*.deb ; do
43 62 cp "$package" "${R}"/tmp
44 63 chroot_exec dpkg --unpack /tmp/"$(basename "$package")"
45 64 done
46 65 fi
47 66
48 67 chroot_exec apt-get -qq -y -f install
49 68
50 69 chroot_exec apt-get -qq -y check
@@ -1,136 +1,136
1 1 #
2 2 # Setup Networking
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup hostname
9 9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
10 10 sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
11 11
12 12 # Install and setup hosts
13 13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
15 15
16 16 # Setup hostname entry with static IP
17 17 if [ "$NET_ADDRESS" != "" ] ; then
18 18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
19 19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 20 fi
21 21
22 22 # Remove IPv6 hosts
23 23 if [ "$ENABLE_IPV6" = false ] ; then
24 24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
25 25 fi
26 26
27 27 # Install hint about network configuration
28 28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29 29
30 30 # Install configuration for interface eth0
31 31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
32 32
33 33 if [ "$RPI_MODEL" = 3P ] ; then
34 34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth.network"
35 35 fi
36 36
37 37 # Install configuration for interface wl*
38 38 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
39 39
40 40 #always with dhcp since wpa_supplicant integration is missing
41 41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
42 42
43 43 if [ "$ENABLE_DHCP" = true ] ; then
44 44 # Enable DHCP configuration for interface eth0
45 45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
46 46
47 47 # Set DHCP configuration to IPv4 only
48 48 if [ "$ENABLE_IPV6" = false ] ; then
49 49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
50 50 fi
51 51
52 52 else # ENABLE_DHCP=false
53 53 # Set static network configuration for interface eth0
54 54 sed -i\
55 55 -e "s|DHCP=.*|DHCP=no|"\
56 56 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
57 57 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
58 58 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
59 59 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
60 60 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
61 61 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
62 62 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
63 63 "${ETC_DIR}/systemd/network/eth.network"
64 64 fi
65 65
66 66 # Remove empty settings from network configuration
67 67 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
68 68 # Remove empty settings from wlan configuration
69 69 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
70 70
71 71 # Move systemd network configuration if required by Debian release
72 72 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
73 73 # If WLAN is enabled copy wlan configuration too
74 74 if [ "$ENABLE_WIRELESS" = true ] ; then
75 75 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
76 76 fi
77 77 rm -fr "${ETC_DIR}/systemd/network"
78 78
79 79 # Enable systemd-networkd service
80 80 chroot_exec systemctl enable systemd-networkd
81 81
82 82 # Install host.conf resolver configuration
83 83 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
84 84
85 85 # Enable network stack hardening
86 86 if [ "$ENABLE_HARDNET" = true ] ; then
87 87 # Install sysctl.d configuration files
88 88 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
89 89
90 90 # Setup resolver warnings about spoofed addresses
91 91 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
92 92 fi
93 93
94 94 # Enable time sync
95 95 if [ "$NET_NTP_1" != "" ] ; then
96 96 chroot_exec systemctl enable systemd-timesyncd.service
97 97 fi
98 98
99 99 # Download the firmware binary blob required to use the RPi3 wireless interface
100 100 if [ "$ENABLE_WIRELESS" = true ] ; then
101 101 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
102 102 mkdir -p "${WLAN_FIRMWARE_DIR}"
103 103 fi
104 104
105 105 # Create temporary directory for firmware binary blob
106 106 temp_dir=$(as_nobody mktemp -d)
107 107
108 # Fetch firmware binary blob for RPI3B+
108 # Fetch firmware binary blob for RPI3B+ or Pi4
109 109 if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
110 110 # Fetch firmware binary blob for RPi3P
111 111 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
112 112 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
113 113 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
114 114
115 115 # Move downloaded firmware binary blob
116 116 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
117 117
118 118 # Set permissions of the firmware binary blob
119 119 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
120 120 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
121 121 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
122 122 # Fetch firmware binary blob for RPi3
123 123 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
124 124 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
125 125
126 126 # Move downloaded firmware binary blob
127 127 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
128 128
129 129 # Set permissions of the firmware binary blob
130 130 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
131 131 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
132 132 fi
133 133
134 134 # Remove temporary directory for firmware binary blob
135 135 rm -fr "${temp_dir}"
136 136 fi
@@ -1,47 +1,53
1 1 #
2 2 # Build and Setup fbturbo Xorg driver
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 if [ "$ENABLE_FBTURBO" = true ] ; then
9 9 # Install c/c++ build environment inside the chroot
10 10 chroot_install_cc
11 11
12 12 # Copy existing fbturbo sources into chroot directory
13 13 if [ -n "$FBTURBOSRC_DIR" ] && [ -d "$FBTURBOSRC_DIR" ] ; then
14 14 # Copy local fbturbo sources
15 15 cp -r "${FBTURBOSRC_DIR}" "${R}/tmp"
16 16 else
17 17 # Create temporary directory for fbturbo sources
18 18 temp_dir=$(as_nobody mktemp -d)
19 19
20 20 # Fetch fbturbo sources
21 21 as_nobody git -C "${temp_dir}" clone "${FBTURBO_URL}"
22 22
23 23 # Move downloaded fbturbo sources
24 24 mv "${temp_dir}/xf86-video-fbturbo" "${R}/tmp/"
25 25
26 26 # Remove temporary directory for fbturbo sources
27 27 rm -fr "${temp_dir}"
28 28 fi
29 29
30 30 # Install Xorg build dependencies
31
32 if [ "$RELEASE" = "jessie" ] || [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
33 chroot_exec apt-get -q -y --no-install-recommends install xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
34 elif [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
31 35 chroot_exec apt-get -q -y --no-install-recommends --allow-unauthenticated install xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
36 fi
37
32 38
33 39 # Build and install fbturbo driver inside chroot
34 40 chroot_exec /bin/bash -x <<'EOF'
35 41 cd /tmp/xf86-video-fbturbo
36 42 autoreconf -vi
37 43 ./configure --prefix=/usr
38 44 make
39 45 make install
40 46 EOF
41 47
42 48 # Install fbturbo driver Xorg configuration
43 49 install_readonly files/xorg/99-fbturbo.conf "${R}/usr/share/X11/xorg.conf.d/99-fbturbo.conf"
44 50
45 51 # Remove Xorg build dependencies
46 52 chroot_exec apt-get -qq -y --auto-remove purge xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
47 53 fi
@@ -1,116 +1,122
1 1 # This file contains utility functions used by rpi23-gen-image.sh
2 2
3 3 cleanup (){
4 4 set +x
5 5 set +e
6 6
7 7 # Remove exports from nexmon
8 8 unset KERNEL
9 9 unset ARCH
10 10 unset SUBARCH
11 11 unset CCPLUGIN
12 12 unset ZLIBFLATE
13 13 unset Q
14 14 unset NEXMON_SETUP_ENV
15 15 unset HOSTUNAME
16 16 unset PLATFORMUNAME
17 17
18 18 # Identify and kill all processes still using files
19 19 echo "killing processes using mount point ..."
20 20 fuser -k "${R}"
21 21 sleep 3
22 22 fuser -9 -k -v "${R}"
23 23
24 24 # Clean up temporary .password file
25 25 if [ -r ".password" ] ; then
26 26 shred -zu .password
27 27 fi
28 28
29 29 # Clean up all temporary mount points
30 30 echo "removing temporary mount points ..."
31 31 umount -l "${R}/proc" 2> /dev/null
32 32 umount -l "${R}/sys" 2> /dev/null
33 33 umount -l "${R}/dev/pts" 2> /dev/null
34 34 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
35 35 umount "$BUILDDIR/mount" 2> /dev/null
36 36 cryptsetup close "${CRYPTFS_MAPPING}" 2> /dev/null
37 37 losetup -d "$ROOT_LOOP" 2> /dev/null
38 38 losetup -d "$FRMW_LOOP" 2> /dev/null
39 39 trap - 0 1 2 3 6
40 40 }
41 41
42 42 chroot_exec() {
43 43 # Exec command in chroot
44 44 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot "${R}" "$@"
45 45 }
46 46
47 47 as_nobody() {
48 48 # Exec command as user nobody
49 49 sudo -E -u nobody LANG=C LC_ALL=C "$@"
50 50 }
51 51
52 52 install_readonly() {
53 53 # Install file with user read-only permissions
54 54 install -o root -g root -m 644 "$@"
55 55 }
56 56
57 57 install_exec() {
58 58 # Install file with root exec permissions
59 59 install -o root -g root -m 744 "$@"
60 60 }
61 61
62 62 use_template () {
63 63 # Test if configuration template file exists
64 64 if [ ! -r "./templates/${CONFIG_TEMPLATE}" ] ; then
65 65 echo "error: configuration template ${CONFIG_TEMPLATE} not found"
66 66 exit 1
67 67 fi
68 68
69 69 # Load template configuration parameters
70 70 . "./templates/${CONFIG_TEMPLATE}"
71 71 }
72 72
73 73 chroot_install_cc() {
74 74 # Install c/c++ build environment inside the chroot
75 75 if [ -z "${COMPILER_PACKAGES}" ] ; then
76 76 COMPILER_PACKAGES=$(chroot_exec apt-get -s install g++ make bc | grep "^Inst " | awk -v ORS=" " '{ print $2 }')
77 # Install COMPILER_PACKAGES in chroot - NEVER do "${COMPILER_PACKAGES}" -> breaks uboot
77
78
79 if [ "$RELEASE" = "jessie" ] || [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
80 chroot_exec apt-get -q -y --no-install-recommends install ${COMPILER_PACKAGES}
81 elif [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
78 82 chroot_exec apt-get -q -y --allow-unauthenticated --no-install-recommends install ${COMPILER_PACKAGES}
79 83 fi
84
85 fi
80 86 }
81 87
82 88 chroot_remove_cc() {
83 89 # Remove c/c++ build environment from the chroot
84 90 if [ -n "${COMPILER_PACKAGES}" ] ; then
85 91 chroot_exec apt-get -qq -y --auto-remove purge ${COMPILER_PACKAGES}
86 92 COMPILER_PACKAGES=""
87 93 fi
88 94 }
89 95
90 96 # https://serverfault.com/a/682849 - converts e.g. /24 to 255.255.255.0
91 97 cdr2mask ()
92 98 {
93 99 # Number of args to shift, 255..255, first non-255 byte, zeroes
94 100 set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
95 101 [ $1 -gt 1 ] && shift $1 || shift
96 102 echo ${1-0}.${2-0}.${3-0}.${4-0}
97 103 }
98 104
99 105 # GPL v2.0 - #https://github.com/sakaki-/bcmrpi3-kernel-bis/blob/master/conform_config.sh
100 106 set_kernel_config() {
101 107 # flag as $1, value to set as $2, config must exist at "./.config"
102 108 TGT="CONFIG_${1#CONFIG_}"
103 109 REP="${2}"
104 110 if grep -q "^${TGT}[^_]" .config; then
105 111 sed -i "s/^\(${TGT}=.*\|# ${TGT} is not set\)/${TGT}=${REP}/" .config
106 112 else
107 113 echo "${TGT}"="${2}" >> .config
108 114 fi
109 115 }
110 116
111 117 # unset kernel config parameter
112 118 unset_kernel_config() {
113 119 # unsets flag with the value of $1, config must exist at "./.config"
114 120 TGT="CONFIG_${1#CONFIG_}"
115 121 sed -i "s/^${TGT}=.*/# ${TGT} is not set/" .config
116 122 } No newline at end of file
@@ -1,897 +1,897
1 1 #!/bin/sh
2 2 ########################################################################
3 3 # rpi23-gen-image.sh 2015-2017
4 4 #
5 5 # Advanced Debian "stretch" and "buster" bootstrap script for Raspberry Pi
6 6 #
7 7 # This program is free software; you can redistribute it and/or
8 8 # modify it under the terms of the GNU General Public License
9 9 # as published by the Free Software Foundation; either version 2
10 10 # of the License, or (at your option) any later version.
11 11 #
12 12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 13 #
14 14 # Big thanks for patches and enhancements by 20+ github contributors!
15 15 ########################################################################
16 16
17 17 # Are we running as root?
18 18 if [ "$(id -u)" -ne "0" ] ; then
19 19 echo "error: this script must be executed with root privileges!"
20 20 exit 1
21 21 fi
22 22
23 23 # Check if ./functions.sh script exists
24 24 if [ ! -r "./functions.sh" ] ; then
25 25 echo "error: './functions.sh' required script not found!"
26 26 exit 1
27 27 fi
28 28
29 29 # Load utility functions
30 30 . ./functions.sh
31 31
32 32 # Load parameters from configuration template file
33 33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 34 use_template
35 35 fi
36 36
37 37 # Introduce settings
38 38 set -e
39 echo -n -e "\n#\n# RPi 0/1/2/3/4 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
40 40 set -x
41 41
42 42 # Raspberry Pi model configuration
43 43 RPI_MODEL=${RPI_MODEL:=2}
44 44
45 45 # Debian release
46 46 RELEASE=${RELEASE:=buster}
47 47 if [ $RELEASE = "bullseye" ] ; then
48 48 RELEASE=testing
49 49 fi
50 50
51 51 # Kernel Branch
52 52 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
53 53
54 54 # URLs
55 55 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
56 56 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
57 57 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
58 58 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
59 59 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
60 60 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
61 61 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
62 62 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
63 63 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
64 64
65 65 # Kernel deb packages for 32bit kernel
66 66 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
67 67 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
68 68 # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
69 69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.80.20191022/bcmrpi3-kernel-bis-4.19.80.20191022.tar.xz}
70 70 # Default precompiled 64bit kernel
71 71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.80.20191022/bcmrpi3-kernel-4.19.80.20191022.tar.xz}
72 72 # Sakaki BIS Kernel RPI4 - https://github.com/sakaki-/bcm2711-kernel-bis
73 73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
74 74 # Default precompiled 64bit kernel - https://github.com/sakaki-/bcm2711-kernel
75 75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
76 76 # Generic
77 77 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
78 78 RPI4_64_KERNEL_URL=${RPI4_64_KERNEL_URL:=$RPI4_64_DEF_KERNEL_URL}
79 79 # Kali kernel src - used if ENABLE_NEXMON=true (they patch the wlan kernel modul)
80 80 KALI_KERNEL_URL=${KALI_KERNEL_URL:=https://github.com/Re4son/re4son-raspberrypi-linux.git}
81 81
82 82 # Build directories
83 83 WORKDIR=$(pwd)
84 84 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
85 85 BUILDDIR="${BASEDIR}/build"
86 86
87 87 # Chroot directories
88 88 R="${BUILDDIR}/chroot"
89 89 ETC_DIR="${R}/etc"
90 90 LIB_DIR="${R}/lib"
91 91 BOOT_DIR="${R}/boot/firmware"
92 92 KERNEL_DIR="${R}/usr/src/linux"
93 93 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
94 94 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
95 95
96 96 # Firmware directory: Blank if download from github
97 97 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
98 98
99 99 # General settings
100 100 SET_ARCH=${SET_ARCH:=32}
101 101 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
102 102 PASSWORD=${PASSWORD:=raspberry}
103 103 USER_PASSWORD=${USER_PASSWORD:=raspberry}
104 104 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
105 105 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
106 106 EXPANDROOT=${EXPANDROOT:=true}
107 107 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
108 108
109 109 # Keyboard settings
110 110 XKB_MODEL=${XKB_MODEL:=""}
111 111 XKB_LAYOUT=${XKB_LAYOUT:=""}
112 112 XKB_VARIANT=${XKB_VARIANT:=""}
113 113 XKB_OPTIONS=${XKB_OPTIONS:=""}
114 114
115 115 # Network settings (DHCP)
116 116 ENABLE_DHCP=${ENABLE_DHCP:=true}
117 117
118 118 # Network settings (static)
119 119 NET_ADDRESS=${NET_ADDRESS:=""}
120 120 NET_GATEWAY=${NET_GATEWAY:=""}
121 121 NET_DNS_1=${NET_DNS_1:=""}
122 122 NET_DNS_2=${NET_DNS_2:=""}
123 123 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
124 124 NET_NTP_1=${NET_NTP_1:=""}
125 125 NET_NTP_2=${NET_NTP_2:=""}
126 126
127 127 # APT settings
128 128 APT_PROXY=${APT_PROXY:=""}
129 129 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
130 130 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
131 131
132 132 # Feature settings
133 133 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
134 134 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
135 135 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
136 136 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
137 137 ENABLE_I2C=${ENABLE_I2C:=false}
138 138 ENABLE_SPI=${ENABLE_SPI:=false}
139 139 ENABLE_IPV6=${ENABLE_IPV6:=true}
140 140 ENABLE_SSHD=${ENABLE_SSHD:=true}
141 141 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
142 142 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
143 143 ENABLE_SOUND=${ENABLE_SOUND:=true}
144 144 ENABLE_DBUS=${ENABLE_DBUS:=true}
145 145 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
146 146 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
147 147 ENABLE_XORG=${ENABLE_XORG:=false}
148 148 ENABLE_WM=${ENABLE_WM:=""}
149 149 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
150 150 ENABLE_USER=${ENABLE_USER:=true}
151 151 USER_NAME=${USER_NAME:="pi"}
152 152 ENABLE_ROOT=${ENABLE_ROOT:=false}
153 153 ENABLE_QEMU=${ENABLE_QEMU:=false}
154 154 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
155 155
156 156 # SSH settings
157 157 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
158 158 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
159 159 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
160 160 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
161 161 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
162 162
163 163 # Advanced settings
164 164 ENABLE_SYSTEMDSWAP=${ENABLE_SYSTEMDSWAP:=false}
165 165 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
166 166 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
167 167 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
168 168 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
169 169 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
170 170 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
171 171 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
172 172 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
173 173 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
174 174 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
175 175 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
176 176 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
177 177 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
178 178 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
179 179 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
180 180 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
181 181 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
182 182 ENABLE_LOGO=${ENABLE_LOGO:=true}
183 183 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
184 184 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
185 185
186 186 # Kernel compilation settings
187 187 BUILD_KERNEL=${BUILD_KERNEL:=true}
188 188 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
189 189 KERNEL_THREADS=${KERNEL_THREADS:=1}
190 190 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
191 191 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
192 192 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
193 193 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
194 194 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
195 195 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
196 196 KERNEL_VIRT=${KERNEL_VIRT:=false}
197 197 KERNEL_BPF=${KERNEL_BPF:=false}
198 198 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
199 199 KERNEL_SECURITY=${KERNEL_SECURITY:=false}
200 200 KERNEL_NF=${KERNEL_NF:=false}
201 201 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
202 202 KERNEL_BTRFS=${KERNEL_BTRFS:=false}
203 203 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
204 204 KERNEL_POEHAT=${KERNEL_POEHAT:=false}
205 205
206 206 # Kernel compilation from source directory settings
207 207 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
208 208 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
209 209 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
210 210 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
211 211
212 212 # Reduce disk usage settings
213 213 REDUCE_APT=${REDUCE_APT:=true}
214 214 REDUCE_DOC=${REDUCE_DOC:=true}
215 215 REDUCE_MAN=${REDUCE_MAN:=true}
216 216 REDUCE_VIM=${REDUCE_VIM:=false}
217 217 REDUCE_BASH=${REDUCE_BASH:=false}
218 218 REDUCE_HWDB=${REDUCE_HWDB:=true}
219 219 REDUCE_SSHD=${REDUCE_SSHD:=true}
220 220 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
221 221
222 222 # Encrypted filesystem settings
223 223 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
224 224 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
225 225 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
226 226 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64"}
227 227 CRYPTFS_HASH=${CRYPTFS_HASH:="sha512"}
228 228 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
229 229 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
230 230 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
231 231 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
232 232 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
233 233
234 234 # Chroot scripts directory
235 235 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
236 236
237 237 # Packages required in the chroot build environment
238 238 APT_INCLUDES=${APT_INCLUDES:=""}
239 239 APT_INCLUDES="${APT_INCLUDES},flex,bison,libssl-dev,apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
240 240
241 241 # Packages to exclude from chroot build environment
242 242 APT_EXCLUDES=${APT_EXCLUDES:=""}
243 243
244 244 # Packages required for bootstrapping
245 245 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus bison flex libssl-dev sudo"
246 246 MISSING_PACKAGES=""
247 247
248 248 # Packages installed for c/c++ build environment in chroot (keep empty)
249 249 COMPILER_PACKAGES=""
250 250
251 251 # Check if apt-cacher-ng has port 3142 open and set APT_PROXY
252 252 APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d')
253 253 if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then
254 254 APT_PROXY=http://127.0.0.1:3142/
255 255 fi
256 256
257 257 # Setup architecture specific settings
258 258 if [ -n "$SET_ARCH" ] ; then
259 259 # 64-bit configuration
260 260 if [ "$SET_ARCH" = 64 ] ; then
261 261 # General 64-bit depended settings
262 262 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
263 263 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
264 264 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
265 265
266 266 # Raspberry Pi model specific settings
267 267 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
268 268 if [ "$RPI_MODEL" != 4 ] ; then
269 269 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
270 270 else
271 271 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2711_defconfig}
272 272 fi
273 273
274 274 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
275 275 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
276 276 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
277 277 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
278 278 else
279 279 echo "error: Only Raspberry PI 3, 3B+ and 4 support 64-bit"
280 280 exit 1
281 281 fi
282 282 fi
283 283
284 284 # 32-bit configuration
285 285 if [ "$SET_ARCH" = 32 ] ; then
286 286 # General 32-bit dependend settings
287 287 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
288 288 KERNEL_ARCH=${KERNEL_ARCH:=arm}
289 289 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
290 290
291 291 # Raspberry Pi model specific settings
292 292 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
293 293 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
294 294 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
295 295 RELEASE_ARCH=${RELEASE_ARCH:=armel}
296 296 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
297 297 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
298 298 fi
299 299
300 300 # Raspberry Pi model specific settings
301 301 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
302 302 if [ "$RPI_MODEL" != 4 ] ; then
303 303 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
304 304 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
305 305 else
306 306 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2711_defconfig}
307 307 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7l.img}
308 308 fi
309 309
310 310 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
311 311 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
312 312
313 313 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
314 314 fi
315 315 fi
316 316 # SET_ARCH not set
317 317 else
318 318 echo "error: Please set '32' or '64' as value for SET_ARCH"
319 319 exit 1
320 320 fi
321 321 # Device specific configuration and U-Boot configuration
322 322 case "$RPI_MODEL" in
323 323 0)
324 324 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
325 325 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
326 326 ;;
327 327 1)
328 328 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
329 329 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
330 330 ;;
331 331 1P)
332 332 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
333 333 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
334 334 ;;
335 335 2)
336 336 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
337 337 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
338 338 ;;
339 339 3)
340 340 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
341 341 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
342 342 ;;
343 343 3P)
344 344 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
345 345 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
346 346 ;;
347 347 4)
348 348 DTB_FILE=${DTB_FILE:=bcm2711-rpi-4-b.dtb}
349 349 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_4_defconfig}
350 350 ;;
351 351 *)
352 352 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
353 353 exit 1
354 354 ;;
355 355 esac
356 356
357 357 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
358 358 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
359 359 # Include bluetooth packages on supported boards
360 360 if [ "$ENABLE_BLUETOOTH" = true ] ; then
361 361 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
362 362 fi
363 363 if [ "$ENABLE_WIRELESS" = true ] ; then
364 364 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb"
365 365 fi
366 366 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
367 367 # Check if the internal wireless interface is not supported by the RPi model
368 368 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
369 369 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
370 370 exit 1
371 371 fi
372 372 fi
373 373
374 374 if [ "$BUILD_KERNEL" = false ] && [ "$ENABLE_NEXMON" = true ]; then
375 375 echo "error: You have to compile kernel sources, if you want to enable nexmon"
376 376 exit 1
377 377 fi
378 378
379 379 # Prepare date string for default image file name
380 380 DATE="$(date +%Y-%m-%d)"
381 381 if [ -z "$KERNEL_BRANCH" ] ; then
382 382 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
383 383 else
384 384 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
385 385 fi
386 386
387 387 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
388 388 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
389 389 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
390 390 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
391 391 exit 1
392 392 fi
393 393 fi
394 394
395 395 # Add cmake to compile videocore sources
396 396 if [ "$ENABLE_VIDEOCORE" = true ] ; then
397 397 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
398 398 fi
399 399
400 400 # Add deps for nexmon
401 401 if [ "$ENABLE_NEXMON" = true ] ; then
402 402 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libgmp3-dev gawk qpdf make autoconf automake build-essential libtool"
403 403 fi
404 404
405 405 # Add libncurses5 to enable kernel menuconfig
406 406 if [ "$KERNEL_MENUCONFIG" = true ] ; then
407 407 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
408 408 fi
409 409
410 410 # Add ccache compiler cache for (faster) kernel cross (re)compilation
411 411 if [ "$KERNEL_CCACHE" = true ] ; then
412 412 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
413 413 fi
414 414
415 415 # Add cryptsetup package to enable filesystem encryption
416 416 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
417 417 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
418 418 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup,cryptsetup-initramfs"
419 419
420 420 # If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
421 421 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
422 422 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
423 423 fi
424 424
425 425 if [ -z "$CRYPTFS_PASSWORD" ] ; then
426 426 echo "error: no password defined (CRYPTFS_PASSWORD)!"
427 427 exit 1
428 428 fi
429 429 ENABLE_INITRAMFS=true
430 430 fi
431 431
432 432 # Add initramfs generation tools
433 433 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
434 434 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
435 435 fi
436 436
437 437 # Add device-tree-compiler required for building the U-Boot bootloader
438 438 if [ "$ENABLE_UBOOT" = true ] ; then
439 439 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
440 440 fi
441 441
442 442 if [ "$ENABLE_USBBOOT" = true ] ; then
443 443 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 2 ]; then
444 444 echo "error: Booting from USB alone is only supported by Raspberry Pi 3 and 3P"
445 445 exit 1
446 446 fi
447 447 fi
448 448
449 449 # Check if root SSH (v2) public key file exists
450 450 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
451 451 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
452 452 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
453 453 exit 1
454 454 fi
455 455 fi
456 456
457 457 # Check if $USER_NAME SSH (v2) public key file exists
458 458 if [ -n "$SSH_USER_PUB_KEY" ] ; then
459 459 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
460 460 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
461 461 exit 1
462 462 fi
463 463 fi
464 464
465 465 if [ "$ENABLE_NEXMON" = true ] && [ -n "$KERNEL_BRANCH" ] ; then
466 466 echo "error: Please unset KERNEL_BRANCH if using ENABLE_NEXMON"
467 467 exit 1
468 468 fi
469 469
470 470 # Check if all required packages are installed on the build system
471 471 for package in $REQUIRED_PACKAGES ; do
472 472 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
473 473 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
474 474 fi
475 475 done
476 476
477 477 # If there are missing packages ask confirmation for install, or exit
478 478 if [ -n "$MISSING_PACKAGES" ] ; then
479 479 echo "the following packages needed by this script are not installed:"
480 480 echo "$MISSING_PACKAGES"
481 481
482 482 printf "\ndo you want to install the missing packages right now? [y/n] "
483 483 read -r confirm
484 484 [ "$confirm" != "y" ] && exit 1
485 485
486 486 # Make sure all missing required packages are installed
487 487 apt-get update && apt-get -qq -y install `echo "${MISSING_PACKAGES}" | sed "s/ //"`
488 488 fi
489 489
490 490 # Check if ./bootstrap.d directory exists
491 491 if [ ! -d "./bootstrap.d/" ] ; then
492 492 echo "error: './bootstrap.d' required directory not found!"
493 493 exit 1
494 494 fi
495 495
496 496 # Check if ./files directory exists
497 497 if [ ! -d "./files/" ] ; then
498 498 echo "error: './files' required directory not found!"
499 499 exit 1
500 500 fi
501 501
502 502 # Check if specified KERNELSRC_DIR directory exists
503 503 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
504 504 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
505 505 exit 1
506 506 fi
507 507
508 508 # Check if specified UBOOTSRC_DIR directory exists
509 509 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
510 510 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
511 511 exit 1
512 512 fi
513 513
514 514 # Check if specified VIDEOCORESRC_DIR directory exists
515 515 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
516 516 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
517 517 exit 1
518 518 fi
519 519
520 520 # Check if specified FBTURBOSRC_DIR directory exists
521 521 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
522 522 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
523 523 exit 1
524 524 fi
525 525
526 526 # Check if specified NEXMONSRC_DIR directory exists
527 527 if [ -n "$NEXMONSRC_DIR" ] && [ ! -d "$NEXMONSRC_DIR" ] ; then
528 528 echo "error: '${NEXMONSRC_DIR}' specified directory not found (NEXMONSRC_DIR)!"
529 529 exit 1
530 530 fi
531 531
532 532 # Check if specified CHROOT_SCRIPTS directory exists
533 533 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
534 534 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
535 535 exit 1
536 536 fi
537 537
538 538 # Check if specified device mapping already exists (will be used by cryptsetup)
539 539 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
540 540 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
541 541 exit 1
542 542 fi
543 543
544 544 # Don't clobber an old build
545 545 if [ -e "$BUILDDIR" ] ; then
546 546 echo "error: directory ${BUILDDIR} already exists, not proceeding"
547 547 exit 1
548 548 fi
549 549
550 550 # Setup chroot directory
551 551 mkdir -p "${R}"
552 552
553 553 # Check if build directory has enough of free disk space >512MB
554 554 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
555 555 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
556 556 exit 1
557 557 fi
558 558
559 559 set -x
560 560
561 561 # Call "cleanup" function on various signals and errors
562 562 trap cleanup 0 1 2 3 6
563 563
564 564 # Add required packages for the minbase installation
565 565 if [ "$ENABLE_MINBASE" = true ] ; then
566 566 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
567 567 fi
568 568
569 569 # Add parted package, required to get partprobe utility
570 570 if [ "$EXPANDROOT" = true ] ; then
571 571 APT_INCLUDES="${APT_INCLUDES},parted"
572 572 fi
573 573
574 574 # Add dphys-swapfile package, required to enable swap
575 575 if [ "$ENABLE_DPHYSSWAP" = true ] ; then
576 576 APT_INCLUDES="${APT_INCLUDES},dphys-swapfile"
577 577 fi
578 578
579 579 # Add dbus package, recommended if using systemd
580 580 if [ "$ENABLE_DBUS" = true ] ; then
581 581 APT_INCLUDES="${APT_INCLUDES},dbus"
582 582 fi
583 583
584 584 # Add iptables IPv4/IPv6 package
585 585 if [ "$ENABLE_IPTABLES" = true ] ; then
586 586 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
587 587 fi
588 588 # Add apparmor for KERNEL_SECURITY
589 589 if [ "$KERNEL_SECURITY" = true ] ; then
590 590 APT_INCLUDES="${APT_INCLUDES},apparmor,apparmor-utils,apparmor-profiles,apparmor-profiles-extra,libapparmor-perl"
591 591 fi
592 592
593 593 # Add openssh server package
594 594 if [ "$ENABLE_SSHD" = true ] ; then
595 595 APT_INCLUDES="${APT_INCLUDES},openssh-server"
596 596 fi
597 597
598 598 # Add alsa-utils package
599 599 if [ "$ENABLE_SOUND" = true ] ; then
600 600 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
601 601 fi
602 602
603 603 # Add rng-tools package
604 604 if [ "$ENABLE_HWRANDOM" = true ] ; then
605 605 APT_INCLUDES="${APT_INCLUDES},rng-tools"
606 606 fi
607 607
608 608 # Add fbturbo video driver
609 609 if [ "$ENABLE_FBTURBO" = true ] ; then
610 610 # Enable xorg package dependencies
611 611 ENABLE_XORG=true
612 612 fi
613 613
614 614 # Add user defined window manager package
615 615 if [ -n "$ENABLE_WM" ] ; then
616 616 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
617 617
618 618 # Enable xorg package dependencies
619 619 ENABLE_XORG=true
620 620 fi
621 621
622 622 # Add xorg package
623 623 if [ "$ENABLE_XORG" = true ] ; then
624 624 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
625 625 fi
626 626
627 627 # Replace selected packages with smaller clones
628 628 if [ "$ENABLE_REDUCE" = true ] ; then
629 629 # Add levee package instead of vim-tiny
630 630 if [ "$REDUCE_VIM" = true ] ; then
631 631 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
632 632 fi
633 633
634 634 # Add dropbear package instead of openssh-server
635 635 if [ "$REDUCE_SSHD" = true ] ; then
636 636 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
637 637 fi
638 638 fi
639 639
640 640 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
641 641 if [ "$ENABLE_SYSVINIT" = false ] ; then
642 642 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
643 643 fi
644 644
645 645 # Configure kernel sources if no KERNELSRC_DIR
646 646 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
647 647 KERNELSRC_CONFIG=true
648 648 fi
649 649
650 650 # Configure reduced kernel
651 651 if [ "$KERNEL_REDUCE" = true ] ; then
652 652 KERNELSRC_CONFIG=false
653 653 fi
654 654
655 655 # Configure qemu compatible kernel
656 656 if [ "$ENABLE_QEMU" = true ] ; then
657 657 DTB_FILE=vexpress-v2p-ca15_a7.dtb
658 658 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
659 659 KERNEL_DEFCONFIG="vexpress_defconfig"
660 660 if [ "$KERNEL_MENUCONFIG" = false ] ; then
661 661 KERNEL_OLDDEFCONFIG=true
662 662 fi
663 663 fi
664 664
665 665 # Execute bootstrap scripts
666 666 for SCRIPT in bootstrap.d/*.sh; do
667 667 head -n 3 "$SCRIPT"
668 668 . "$SCRIPT"
669 669 done
670 670
671 671 ## Execute custom bootstrap scripts
672 672 if [ -d "custom.d" ] ; then
673 673 for SCRIPT in custom.d/*.sh; do
674 674 . "$SCRIPT"
675 675 done
676 676 fi
677 677
678 678 # Execute custom scripts inside the chroot
679 679 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
680 680 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
681 681 chroot_exec /bin/bash -x <<'EOF'
682 682 for SCRIPT in /chroot_scripts/* ; do
683 683 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
684 684 $SCRIPT
685 685 fi
686 686 done
687 687 EOF
688 688 rm -rf "${R}/chroot_scripts"
689 689 fi
690 690
691 691 # Remove c/c++ build environment from the chroot
692 692 chroot_remove_cc
693 693
694 694 # Generate required machine-id
695 695 MACHINE_ID=$(dbus-uuidgen)
696 696 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
697 697 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
698 698
699 699 # APT Cleanup
700 700 chroot_exec apt-get -y clean
701 701 chroot_exec apt-get -y autoclean
702 702 chroot_exec apt-get -y autoremove
703 703
704 704 # Unmount mounted filesystems
705 705 umount -l "${R}/proc"
706 706 umount -l "${R}/sys"
707 707
708 708 # Clean up directories
709 709 rm -rf "${R}/run/*"
710 710 rm -rf "${R}/tmp/*"
711 711
712 712 # Clean up APT proxy settings
713 713 if [ "$KEEP_APT_PROXY" = false ] ; then
714 714 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
715 715 fi
716 716
717 717 # Clean up files
718 718 rm -f "${ETC_DIR}/ssh/ssh_host_*"
719 719 rm -f "${ETC_DIR}/dropbear/dropbear_*"
720 720 rm -f "${ETC_DIR}/apt/sources.list.save"
721 721 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
722 722 rm -f "${ETC_DIR}/*-"
723 723 rm -f "${ETC_DIR}/resolv.conf"
724 724 rm -f "${R}/root/.bash_history"
725 725 rm -f "${R}/var/lib/urandom/random-seed"
726 726 rm -f "${R}/initrd.img"
727 727 rm -f "${R}/vmlinuz"
728 728 rm -f "${R}${QEMU_BINARY}"
729 729
730 730 if [ "$ENABLE_QEMU" = true ] ; then
731 731 # Setup QEMU directory
732 732 mkdir "${BASEDIR}/qemu"
733 733
734 734 # Copy kernel image to QEMU directory
735 735 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
736 736
737 737 # Copy kernel config to QEMU directory
738 738 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
739 739
740 740 # Copy kernel dtbs to QEMU directory
741 741 for dtb in "${BOOT_DIR}/"*.dtb ; do
742 742 if [ -f "${dtb}" ] ; then
743 743 install_readonly "${dtb}" "${BASEDIR}/qemu/"
744 744 fi
745 745 done
746 746
747 747 # Copy kernel overlays to QEMU directory
748 748 if [ -d "${BOOT_DIR}/overlays" ] ; then
749 749 # Setup overlays dtbs directory
750 750 mkdir "${BASEDIR}/qemu/overlays"
751 751
752 752 for dtb in "${BOOT_DIR}/overlays/"*.dtbo ; do
753 753 if [ -f "${dtb}" ] ; then
754 754 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
755 755 fi
756 756 done
757 757 fi
758 758
759 759 # Copy u-boot files to QEMU directory
760 760 if [ "$ENABLE_UBOOT" = true ] ; then
761 761 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
762 762 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
763 763 fi
764 764 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
765 765 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
766 766 fi
767 767 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
768 768 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
769 769 fi
770 770 fi
771 771
772 772 # Copy initramfs to QEMU directory
773 773 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
774 774 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
775 775 fi
776 776 fi
777 777
778 778 # Calculate size of the chroot directory in KB
779 779 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
780 780
781 781 # Calculate the amount of needed 512 Byte sectors
782 782 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
783 783 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
784 784 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
785 785
786 786 # The root partition is EXT4
787 787 # This means more space than the actual used space of the chroot is used.
788 788 # As overhead for journaling and reserved blocks 35% are added.
789 789 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
790 790
791 791 # Calculate required image size in 512 Byte sectors
792 792 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
793 793
794 794 # Prepare image file
795 795 if [ "$ENABLE_SPLITFS" = true ] ; then
796 796 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
797 797 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
798 798 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
799 799 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
800 800
801 801 # Write firmware/boot partition tables
802 802 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
803 803 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
804 804 EOM
805 805
806 806 # Write root partition table
807 807 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
808 808 ${TABLE_SECTORS},${ROOT_SECTORS},83
809 809 EOM
810 810
811 811 # Setup temporary loop devices
812 812 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
813 813 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
814 814 else # ENABLE_SPLITFS=false
815 815 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
816 816 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
817 817
818 818 # Write partition table
819 819 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
820 820 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
821 821 ${ROOT_OFFSET},${ROOT_SECTORS},83
822 822 EOM
823 823
824 824 # Setup temporary loop devices
825 825 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
826 826 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
827 827 fi
828 828
829 829 if [ "$ENABLE_CRYPTFS" = true ] ; then
830 830 # Create dummy ext4 fs
831 831 mkfs.ext4 "$ROOT_LOOP"
832 832
833 833 # Setup password keyfile
834 834 touch .password
835 835 chmod 600 .password
836 836 echo -n ${CRYPTFS_PASSWORD} > .password
837 837
838 838 # Initialize encrypted partition
839 839 cryptsetup --verbose --debug -q luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -h "${CRYPTFS_HASH}" -s "${CRYPTFS_XTSKEYSIZE}" .password
840 840
841 841 # Open encrypted partition and setup mapping
842 842 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
843 843
844 844 # Secure delete password keyfile
845 845 shred -zu .password
846 846
847 847 # Update temporary loop device
848 848 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
849 849
850 850 # Wipe encrypted partition (encryption cipher is used for randomness)
851 851 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
852 852 fi
853 853
854 854 # Build filesystems
855 855 mkfs.vfat "$FRMW_LOOP"
856 856 mkfs.ext4 "$ROOT_LOOP"
857 857
858 858 # Mount the temporary loop devices
859 859 mkdir -p "$BUILDDIR/mount"
860 860 mount "$ROOT_LOOP" "$BUILDDIR/mount"
861 861
862 862 mkdir -p "$BUILDDIR/mount/boot/firmware"
863 863 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
864 864
865 865 # Copy all files from the chroot to the loop device mount point directory
866 866 rsync -a "${R}/" "$BUILDDIR/mount/"
867 867
868 868 # Unmount all temporary loop devices and mount points
869 869 cleanup
870 870
871 871 # Create block map file(s) of image(s)
872 872 if [ "$ENABLE_SPLITFS" = true ] ; then
873 873 # Create block map files for "bmaptool"
874 874 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
875 875 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
876 876
877 877 # Image was successfully created
878 878 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
879 879 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
880 880 else
881 881 # Create block map file for "bmaptool"
882 882 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
883 883
884 884 # Image was successfully created
885 885 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
886 886
887 887 # Create qemu qcow2 image
888 888 if [ "$ENABLE_QEMU" = true ] ; then
889 889 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
890 890 QEMU_SIZE=16G
891 891
892 892 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
893 893 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
894 894
895 895 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
896 896 fi
897 897 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant