##// END OF EJS Templates
a
Unknown -
r699:f8c24f115d9a
parent child
Show More
@@ -1,611 +1,611
1 # rpi23-gen-image
1 # rpi23-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for all Raspberry Pi computers. The script at this time supports the bootstrapping of the Debian (armhf/armel) releases `stretch` and `buster`. Raspberry Pi 0/1/2/3/4 images are generated for 32-bit mode only. Raspberry Pi 3 supports 64-bit images that can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for all Raspberry Pi computers. The script at this time supports the bootstrapping of the Debian (armhf/armel) releases `stretch` and `buster`. Raspberry Pi 0/1/2/3/4 images are generated for 32-bit mode only. Raspberry Pi 3 supports 64-bit images that can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9
9
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the Raspberry 3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf/armel/aarch64) cross-compiler toolchain.
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the Raspberry 3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf/armel/aarch64) cross-compiler toolchain.
11
11
12 The script has been tested using the default `crossbuild-essential-armhf` and `crossbuild-essential-armel` toolchain meta packages on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
12 The script has been tested using the default `crossbuild-essential-armhf` and `crossbuild-essential-armel` toolchain meta packages on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13
13
14 ## Command-line parameters
14 ## Command-line parameters
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16
16
17 ##### Command-line examples:
17 ##### Command-line examples:
18 ```shell
18 ```shell
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 ```
32 ```
33
33
34 ## Configuration template files
34 ## Configuration template files
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36
36
37 ##### Command-line examples:
37 ##### Command-line examples:
38 ```shell
38 ```shell
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 ```
41 ```
42
42
43 ## Supported parameters and settings
43 ## Supported parameters and settings
44 #### APT settings:
44 #### APT settings:
45 ##### `APT_SERVER`="ftp.debian.org"
45 ##### `APT_SERVER`="ftp.debian.org"
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47
47
48 ##### `APT_PROXY`=""
48 ##### `APT_PROXY`=""
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50
50
51 ##### `KEEP_APT_PROXY`=false
51 ##### `KEEP_APT_PROXY`=false
52 Keep the APT_PROXY settings used in the bootsrapping process in the generated image.
52 Keep the APT_PROXY settings used in the bootsrapping process in the generated image.
53
53
54 ##### `APT_INCLUDES`=""
54 ##### `APT_INCLUDES`=""
55 A comma-separated list of additional packages to be installed by debootstrap during bootstrapping.
55 A comma-separated list of additional packages to be installed by debootstrap during bootstrapping.
56
56
57 ##### `APT_INCLUDES_LATE`=""
57 ##### `APT_INCLUDES_LATE`=""
58 A comma-separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
58 A comma-separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
59
59
60 ---
60 ---
61
61
62 #### General system settings:
62 #### General system settings:
63 ##### `SET_ARCH`=32
63 ##### `SET_ARCH`=32
64 Set Architecture to default 32bit. If you want to compile 64-bit (RPI3/RPI3+/RPI4) set it to `64`. This option will set every needed cross-compiler or board specific option for a successful build.
64 Set Architecture to default 32bit. If you want to compile 64-bit (RPI3/RPI3+/RPI4) set it to `64`. This option will set every needed cross-compiler or board specific option for a successful build.
65
65
66 ##### `RPI_MODEL`=2
66 ##### `RPI_MODEL`=2
67 Specify the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
67 Specify the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
68 - `0` = Raspberry Pi 0 and Raspberry Pi 0 W
68 - `0` = Raspberry Pi 0 and Raspberry Pi 0 W
69 - `1` = Raspberry Pi 1 model A and B
69 - `1` = Raspberry Pi 1 model A and B
70 - `1P` = Raspberry Pi 1 model B+ and A+
70 - `1P` = Raspberry Pi 1 model B+ and A+
71 - `2` = Raspberry Pi 2 model B
71 - `2` = Raspberry Pi 2 model B
72 - `3` = Raspberry Pi 3 model B
72 - `3` = Raspberry Pi 3 model B
73 - `3P` = Raspberry Pi 3 model B+
73 - `3P` = Raspberry Pi 3 model B+
74 - `4` = Raspberry Pi 4 model B
74 - `4` = Raspberry Pi 4 model B
75
75
76 ##### `RELEASE`="buster"
76 ##### `RELEASE`="buster"
77 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
77 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
78
78
79 ##### `RELEASE_ARCH`="armhf"
79 ##### `RELEASE_ARCH`="armhf"
80 Set the desired Debian release architecture.
80 Set the desired Debian release architecture.
81
81
82 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
82 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
83 Set system hostname. It's recommended that the hostname is unique in the corresponding subnet.
83 Set system hostname. It's recommended that the hostname is unique in the corresponding subnet.
84
84
85 ##### `PASSWORD`="raspberry"
85 ##### `PASSWORD`="raspberry"
86 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
86 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
87
87
88 ##### `USER_PASSWORD`="raspberry"
88 ##### `USER_PASSWORD`="raspberry"
89 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
89 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
90
90
91 ##### `DEFLOCAL`="en_US.UTF-8"
91 ##### `DEFLOCAL`="en_US.UTF-8"
92 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
92 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
93
93
94 ##### `TIMEZONE`="Europe/Berlin"
94 ##### `TIMEZONE`="Europe/Berlin"
95 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
95 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
96
96
97 ##### `EXPANDROOT`=true
97 ##### `EXPANDROOT`=true
98 Expand the root partition and filesystem automatically on first boot.
98 Expand the root partition and filesystem automatically on first boot.
99
99
100 ##### `ENABLE_DPHYSSWAP`=true
100 ##### `ENABLE_DPHYSSWAP`=true
101 Enable swap. The size of the swapfile is chosen relative to the size of the root partition. It'll use the `dphys-swapfile` package for that.
101 Enable swap. The size of the swapfile is chosen relative to the size of the root partition. It'll use the `dphys-swapfile` package for that.
102
102
103 ##### `ENABLE_QEMU`=false
103 ##### `ENABLE_QEMU`=false
104 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
104 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
105
105
106 ---
106 ---
107
107
108 #### Keyboard settings:
108 #### Keyboard settings:
109 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
109 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
110
110
111 ##### `XKB_MODEL`=""
111 ##### `XKB_MODEL`=""
112 Set the name of the model of your keyboard type.
112 Set the name of the model of your keyboard type.
113
113
114 ##### `XKB_LAYOUT`=""
114 ##### `XKB_LAYOUT`=""
115 Set the supported keyboard layout(s).
115 Set the supported keyboard layout(s).
116
116
117 ##### `XKB_VARIANT`=""
117 ##### `XKB_VARIANT`=""
118 Set the supported variant(s) of the keyboard layout(s).
118 Set the supported variant(s) of the keyboard layout(s).
119
119
120 ##### `XKB_OPTIONS`=""
120 ##### `XKB_OPTIONS`=""
121 Set extra xkb configuration options.
121 Set extra xkb configuration options.
122
122
123 ---
123 ---
124
124
125 #### Networking settings (DHCP):
125 #### Networking settings (DHCP):
126 This parameter `ENABLE_ETH_DHCP` is used to set up networking auto-configuration in `/etc/systemd/network/eth0.network`. This parameter `ENABLE_WIFI_DHCP` is used to set up networking auto-configuration in `/etc/systemd/network/wlan0.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
126 This parameter `ENABLE_ETH_DHCP` is used to set up networking auto-configuration in `/etc/systemd/network/eth0.network`. This parameter `ENABLE_WIFI_DHCP` is used to set up networking auto-configuration in `/etc/systemd/network/wlan0.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
127
127
128 ##### `ENABLE_ETH_DHCP`=true
128 ##### `ENABLE_ETH_DHCP`=true
129 Set the system to use DHCP. This requires an DHCP server.
129 Set the system to use DHCP. This requires an DHCP server.
130
130
131 ##### `ENABLE_WIFI_DHCP`=true
131 ##### `ENABLE_WIFI_DHCP`=true
132 Set the system to use DHCP. This requires an DHCP server.
132 Set the system to use DHCP. This requires an DHCP server.
133
133
134 ---
134 ---
135
135
136 #### Networking settings (ethernet static):
136 #### Networking settings (ethernet static):
137 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth0.network`. The following static networking parameters are only supported if `ENABLE_ETH_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
137 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth0.network`. The following static networking parameters are only supported if `ENABLE_ETH_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
138
138
139 ##### `NET_ETH_ADDRESS`=""
139 ##### `NET_ETH_ADDRESS`=""
140 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
140 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
141
141
142 ##### `NET_ETH_GATEWAY`=""
142 ##### `NET_ETH_GATEWAY`=""
143 Set the IP address for the default gateway.
143 Set the IP address for the default gateway.
144
144
145 ##### `NET_ETH_DNS_1`=""
145 ##### `NET_ETH_DNS_1`=""
146 Set the IP address for the first DNS server.
146 Set the IP address for the first DNS server.
147
147
148 ##### `NET_ETH_DNS_2`=""
148 ##### `NET_ETH_DNS_2`=""
149 Set the IP address for the second DNS server.
149 Set the IP address for the second DNS server.
150
150
151 ##### `NET_ETH_DNS_DOMAINS`=""
151 ##### `NET_ETH_DNS_DOMAINS`=""
152 Set the default DNS search domains to use for non fully qualified hostnames.
152 Set the default DNS search domains to use for non fully qualified hostnames.
153
153
154 ##### `NET_ETH_NTP_1`=""
154 ##### `NET_ETH_NTP_1`=""
155 Set the IP address for the first NTP server.
155 Set the IP address for the first NTP server.
156
156
157 ##### `NET_ETH_NTP_2`=""
157 ##### `NET_ETH_NTP_2`=""
158 Set the IP address for the second NTP server.
158 Set the IP address for the second NTP server.
159
159
160 ---
160 ---
161
161
162 #### Networking settings (WIFI):
162 #### Networking settings (WIFI):
163
163
164 ##### `NET_WIFI_SSID`=""
164 ##### `NET_WIFI_SSID`=""
165 Set to your WIFI SSID
165 Set to your WIFI SSID
166
166
167 ##### `NET_WIFI_WPAPSK`=""
167 ##### `NET_WIFI_PSK`=""
168 Set your WPA/WPA2 PSK
168 Set your WPA/WPA2 PSK
169
169
170 ---
170 ---
171
171
172 #### Networking settings (WIFI static):
172 #### Networking settings (WIFI static):
173 These parameters are used to set up a static networking configuration in `/etc/systemd/network/wlan0.network`. The following static networking parameters are only supported if `ENABLE_WIFI_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
173 These parameters are used to set up a static networking configuration in `/etc/systemd/network/wlan0.network`. The following static networking parameters are only supported if `ENABLE_WIFI_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
174
174
175 ##### `NET_WIFI_ADDRESS`=""
175 ##### `NET_WIFI_ADDRESS`=""
176 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
176 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
177
177
178 ##### `NET_WIFI_GATEWAY`=""
178 ##### `NET_WIFI_GATEWAY`=""
179 Set the IP address for the default gateway.
179 Set the IP address for the default gateway.
180
180
181 ##### `NET_WIFI_DNS_1`=""
181 ##### `NET_WIFI_DNS_1`=""
182 Set the IP address for the first DNS server.
182 Set the IP address for the first DNS server.
183
183
184 ##### `NET_WIFI_DNS_2`=""
184 ##### `NET_WIFI_DNS_2`=""
185 Set the IP address for the second DNS server.
185 Set the IP address for the second DNS server.
186
186
187 ##### `NET_WIFI_DNS_DOMAINS`=""
187 ##### `NET_WIFI_DNS_DOMAINS`=""
188 Set the default DNS search domains to use for non fully qualified hostnames.
188 Set the default DNS search domains to use for non fully qualified hostnames.
189
189
190 ##### `NET_WIFI_NTP_1`=""
190 ##### `NET_WIFI_NTP_1`=""
191 Set the IP address for the first NTP server.
191 Set the IP address for the first NTP server.
192
192
193 ##### `NET_WIFI_NTP_2`=""
193 ##### `NET_WIFI_NTP_2`=""
194 Set the IP address for the second NTP server.
194 Set the IP address for the second NTP server.
195
195
196 ---
196 ---
197
197
198 #### Basic system features:
198 #### Basic system features:
199 ##### `ENABLE_CONSOLE`=true
199 ##### `ENABLE_CONSOLE`=true
200 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
200 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
201
201
202 ##### `ENABLE_PRINTK`=false
202 ##### `ENABLE_PRINTK`=false
203 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
203 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
204
204
205 ##### `ENABLE_BLUETOOTH`=false
205 ##### `ENABLE_BLUETOOTH`=false
206 Enable onboard Bluetooth interface on the RPi0/3/3P. See: [Configuring the GPIO serial port on Raspbian jessie and stretch](https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/).
206 Enable onboard Bluetooth interface on the RPi0/3/3P. See: [Configuring the GPIO serial port on Raspbian jessie and stretch](https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/).
207
207
208 ##### `ENABLE_MINIUART_OVERLAY`=false
208 ##### `ENABLE_MINIUART_OVERLAY`=false
209 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the CPU frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
209 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the CPU frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
210
210
211 ##### `ENABLE_TURBO`=false
211 ##### `ENABLE_TURBO`=false
212 Enable Turbo mode. This setting locks cpu at the highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
212 Enable Turbo mode. This setting locks cpu at the highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
213
213
214 ##### `ENABLE_I2C`=false
214 ##### `ENABLE_I2C`=false
215 Enable I2C interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
215 Enable I2C interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
216
216
217 ##### `ENABLE_SPI`=false
217 ##### `ENABLE_SPI`=false
218 Enable SPI interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
218 Enable SPI interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
219
219
220 ##### `ENABLE_IPV6`=true
220 ##### `ENABLE_IPV6`=true
221 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
221 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
222
222
223 ##### `ENABLE_SSHD`=true
223 ##### `ENABLE_SSHD`=true
224 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
224 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
225
225
226 ##### `ENABLE_NONFREE`=false
226 ##### `ENABLE_NONFREE`=false
227 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
227 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
228
228
229 ##### `ENABLE_WIRELESS`=false
229 ##### `ENABLE_WIRELESS`=false
230 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `0`,`3`,`3P`,`4`.
230 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `0`,`3`,`3P`,`4`.
231
231
232 ##### `ENABLE_RSYSLOG`=true
232 ##### `ENABLE_RSYSLOG`=true
233 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
233 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
234
234
235 ##### `ENABLE_SOUND`=true
235 ##### `ENABLE_SOUND`=true
236 Enable sound hardware and install Advanced Linux Sound Architecture.
236 Enable sound hardware and install Advanced Linux Sound Architecture.
237
237
238 ##### `ENABLE_HWRANDOM`=true
238 ##### `ENABLE_HWRANDOM`=true
239 Enable Hardware Random Number Generator. Strong random numbers are important for most network-based communications that use encryption. It's recommended to be enabled.
239 Enable Hardware Random Number Generator. Strong random numbers are important for most network-based communications that use encryption. It's recommended to be enabled.
240
240
241 ##### `ENABLE_MINGPU`=false
241 ##### `ENABLE_MINGPU`=false
242 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
242 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
243
243
244 ##### `ENABLE_DBUS`=true
244 ##### `ENABLE_DBUS`=true
245 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
245 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
246
246
247 ##### `ENABLE_XORG`=false
247 ##### `ENABLE_XORG`=false
248 Install Xorg open-source X Window System.
248 Install Xorg open-source X Window System.
249
249
250 ##### `ENABLE_WM`=""
250 ##### `ENABLE_WM`=""
251 Install a user-defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
251 Install a user-defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
252
252
253 ##### `ENABLE_SYSVINIT`=false
253 ##### `ENABLE_SYSVINIT`=false
254 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
254 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
255
255
256 ---
256 ---
257
257
258 #### Advanced system features:
258 #### Advanced system features:
259 ##### `ENABLE_KEYGEN`=false
259 ##### `ENABLE_KEYGEN`=false
260 Recover your lost codec license
260 Recover your lost codec license
261
261
262 ##### `ENABLE_SYSTEMDSWAP`=false
262 ##### `ENABLE_SYSTEMDSWAP`=false
263 Enables [Systemd-swap service](https://github.com/Nefelim4ag/systemd-swap). Usefull if `KERNEL_ZSWAP` is enabled.
263 Enables [Systemd-swap service](https://github.com/Nefelim4ag/systemd-swap). Usefull if `KERNEL_ZSWAP` is enabled.
264
264
265 ##### `ENABLE_MINBASE`=false
265 ##### `ENABLE_MINBASE`=false
266 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
266 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
267
267
268 ##### `ENABLE_REDUCE`=false
268 ##### `ENABLE_REDUCE`=false
269 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
269 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
270
270
271 ##### `ENABLE_UBOOT`=false
271 ##### `ENABLE_UBOOT`=false
272 Replace the default RPi 0/1/2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
272 Replace the default RPi 0/1/2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
273 RPI4 needs tbd
273 RPI4 needs tbd
274
274
275 ##### `UBOOTSRC_DIR`=""
275 ##### `UBOOTSRC_DIR`=""
276 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
276 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
277
277
278 ##### `ENABLE_FBTURBO`=false
278 ##### `ENABLE_FBTURBO`=false
279 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
279 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
280
280
281 ##### `FBTURBOSRC_DIR`=""
281 ##### `FBTURBOSRC_DIR`=""
282 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
282 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
283
283
284 ##### `ENABLE_VIDEOCORE`=false
284 ##### `ENABLE_VIDEOCORE`=false
285 Install and enable the [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
285 Install and enable the [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
286
286
287 ##### `VIDEOCORESRC_DIR`=""
287 ##### `VIDEOCORESRC_DIR`=""
288 Path to a directory (`userland`) of [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
288 Path to a directory (`userland`) of [ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
289
289
290 ##### `ENABLE_NEXMON`=false
290 ##### `ENABLE_NEXMON`=false
291 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
291 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
292
292
293 ##### `NEXMONSRC_DIR`=""
293 ##### `NEXMONSRC_DIR`=""
294 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
294 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
295
295
296 ##### `ENABLE_IPTABLES`=false
296 ##### `ENABLE_IPTABLES`=false
297 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
297 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
298
298
299 ##### `ENABLE_USER`=true
299 ##### `ENABLE_USER`=true
300 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, the username will be `pi`.
300 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, the username will be `pi`.
301
301
302 ##### `USER_NAME`=pi
302 ##### `USER_NAME`=pi
303 Non-root user to create. Ignored if `ENABLE_USER`=false
303 Non-root user to create. Ignored if `ENABLE_USER`=false
304
304
305 ##### `ENABLE_ROOT`=false
305 ##### `ENABLE_ROOT`=false
306 Set root user password so root login will be enabled
306 Set root user password so root login will be enabled
307
307
308 ##### `ENABLE_HARDNET`=false
308 ##### `ENABLE_HARDNET`=false
309 Enable IPv4/IPv6 network stack hardening settings.
309 Enable IPv4/IPv6 network stack hardening settings.
310
310
311 ##### `ENABLE_SPLITFS`=false
311 ##### `ENABLE_SPLITFS`=false
312 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
312 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
313
313
314 ##### `CHROOT_SCRIPTS`=""
314 ##### `CHROOT_SCRIPTS`=""
315 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
315 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
316
316
317 ##### `ENABLE_INITRAMFS`=false
317 ##### `ENABLE_INITRAMFS`=false
318 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
318 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
319
319
320 ##### `ENABLE_IFNAMES`=true
320 ##### `ENABLE_IFNAMES`=true
321 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
321 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
322
322
323 ##### `ENABLE_SPLASH`=true
323 ##### `ENABLE_SPLASH`=true
324 Enable default Raspberry Pi boot up rainbow splash screen.
324 Enable default Raspberry Pi boot up rainbow splash screen.
325
325
326 ##### `ENABLE_LOGO`=true
326 ##### `ENABLE_LOGO`=true
327 Enable default Raspberry Pi console logo (image of four raspberries in the top left corner).
327 Enable default Raspberry Pi console logo (image of four raspberries in the top left corner).
328
328
329 ##### `ENABLE_SILENT_BOOT`=false
329 ##### `ENABLE_SILENT_BOOT`=false
330 Set the verbosity of console messages shown during boot up to a strict minimum.
330 Set the verbosity of console messages shown during boot up to a strict minimum.
331
331
332 ##### `DISABLE_UNDERVOLT_WARNINGS`=
332 ##### `DISABLE_UNDERVOLT_WARNINGS`=
333 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
333 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
334
334
335 ---
335 ---
336
336
337 #### SSH settings:
337 #### SSH settings:
338 ##### `SSH_ENABLE_ROOT`=false
338 ##### `SSH_ENABLE_ROOT`=false
339 Enable password-based root login via SSH. This may be a security risk with the default password set, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
339 Enable password-based root login via SSH. This may be a security risk with the default password set, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
340
340
341 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
341 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
342 Disable password-based SSH authentication. Only public key based SSH (v2) authentication will be supported.
342 Disable password-based SSH authentication. Only public key based SSH (v2) authentication will be supported.
343
343
344 ##### `SSH_LIMIT_USERS`=false
344 ##### `SSH_LIMIT_USERS`=false
345 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
345 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
346
346
347 ##### `SSH_ROOT_PUB_KEY`=""
347 ##### `SSH_ROOT_PUB_KEY`=""
348 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
348 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
349
349
350 ##### `SSH_USER_PUB_KEY`=""
350 ##### `SSH_USER_PUB_KEY`=""
351 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
351 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
352
352
353 ---
353 ---
354
354
355 #### Kernel compilation:
355 #### Kernel compilation:
356 ##### `BUILD_KERNEL`=true
356 ##### `BUILD_KERNEL`=true
357 Build and install the latest RPi 0/1/2/3/4 Linux kernel. The default RPi 0/1/2/3/ kernel configuration is used most of the time.
357 Build and install the latest RPi 0/1/2/3/4 Linux kernel. The default RPi 0/1/2/3/ kernel configuration is used most of the time.
358 ENABLE_NEXMON - Changes Kernel Source to [https://github.com/Re4son/](Kali Linux Kernel)
358 ENABLE_NEXMON - Changes Kernel Source to [https://github.com/Re4son/](Kali Linux Kernel)
359 Precompiled 32bit kernel for RPI0/1/2/3 by [https://github.com/hypriot/](hypriot)
359 Precompiled 32bit kernel for RPI0/1/2/3 by [https://github.com/hypriot/](hypriot)
360 Precompiled 64bit kernel for RPI3/4 by [https://github.com/sakaki-/](sakaki)
360 Precompiled 64bit kernel for RPI3/4 by [https://github.com/sakaki-/](sakaki)
361
361
362
362
363 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
363 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
364 This sets the cross-compile environment for the compiler.
364 This sets the cross-compile environment for the compiler.
365
365
366 ##### `KERNEL_ARCH`="arm"
366 ##### `KERNEL_ARCH`="arm"
367 This sets the kernel architecture for the compiler.
367 This sets the kernel architecture for the compiler.
368
368
369 ##### `KERNEL_IMAGE`="kernel7.img"
369 ##### `KERNEL_IMAGE`="kernel7.img"
370 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
370 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
371
371
372 ##### `KERNEL_BRANCH`=""
372 ##### `KERNEL_BRANCH`=""
373 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
373 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
374
374
375 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
375 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
376 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
376 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
377
377
378 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
378 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
379 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
379 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
380
380
381 ##### `KERNEL_REDUCE`=false
381 ##### `KERNEL_REDUCE`=false
382 Reduce the size of the generated kernel by removing unwanted devices, network and filesystem drivers (experimental).
382 Reduce the size of the generated kernel by removing unwanted devices, network and filesystem drivers (experimental).
383
383
384 ##### `KERNEL_THREADS`=1
384 ##### `KERNEL_THREADS`=1
385 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
385 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
386
386
387 ##### `KERNEL_HEADERS`=true
387 ##### `KERNEL_HEADERS`=true
388 Install kernel headers with the built kernel.
388 Install kernel headers with the built kernel.
389
389
390 ##### `KERNEL_MENUCONFIG`=false
390 ##### `KERNEL_MENUCONFIG`=false
391 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
391 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
392
392
393 ##### `KERNEL_OLDDEFCONFIG`=false
393 ##### `KERNEL_OLDDEFCONFIG`=false
394 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
394 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
395
395
396 ##### `KERNEL_CCACHE`=false
396 ##### `KERNEL_CCACHE`=false
397 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
397 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
398
398
399 ##### `KERNEL_REMOVESRC`=true
399 ##### `KERNEL_REMOVESRC`=true
400 Remove all kernel sources from the generated OS image after it was built and installed.
400 Remove all kernel sources from the generated OS image after it was built and installed.
401
401
402 ##### `KERNELSRC_DIR`=""
402 ##### `KERNELSRC_DIR`=""
403 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
403 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
404
404
405 ##### `KERNELSRC_CLEAN`=false
405 ##### `KERNELSRC_CLEAN`=false
406 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
406 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
407
407
408 ##### `KERNELSRC_CONFIG`=true
408 ##### `KERNELSRC_CONFIG`=true
409 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
409 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
410
410
411 ##### `KERNELSRC_USRCONFIG`=""
411 ##### `KERNELSRC_USRCONFIG`=""
412 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
412 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
413
413
414 ##### `KERNELSRC_PREBUILT`=false
414 ##### `KERNELSRC_PREBUILT`=false
415 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
415 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
416
416
417 ##### `RPI_FIRMWARE_DIR`=""
417 ##### `RPI_FIRMWARE_DIR`=""
418 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
418 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
419
419
420 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
420 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
421 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
421 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
422
422
423 ##### `KERNEL_NF`=false
423 ##### `KERNEL_NF`=false
424 Enable Netfilter modules as kernel modules
424 Enable Netfilter modules as kernel modules
425
425
426 ##### `KERNEL_VIRT`=false
426 ##### `KERNEL_VIRT`=false
427 Enable Kernel KVM support (/dev/kvm)
427 Enable Kernel KVM support (/dev/kvm)
428
428
429 ##### `KERNEL_ZSWAP`=false
429 ##### `KERNEL_ZSWAP`=false
430 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
430 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
431
431
432 ##### `KERNEL_BPF`=true
432 ##### `KERNEL_BPF`=true
433 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
433 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
434
434
435 ##### `KERNEL_SECURITY`=false
435 ##### `KERNEL_SECURITY`=false
436 Enables Apparmor, integrity subsystem, auditing.
436 Enables Apparmor, integrity subsystem, auditing.
437
437
438 ##### `KERNEL_BTRFS`="false"
438 ##### `KERNEL_BTRFS`="false"
439 enable btrfs kernel support
439 enable btrfs kernel support
440
440
441 ##### `KERNEL_POEHAT`="false"
441 ##### `KERNEL_POEHAT`="false"
442 enable Enable RPI POE HAT fan kernel support
442 enable Enable RPI POE HAT fan kernel support
443
443
444 ##### `KERNEL_NSPAWN`="false"
444 ##### `KERNEL_NSPAWN`="false"
445 Enable per-interface network priority control - for systemd-nspawn
445 Enable per-interface network priority control - for systemd-nspawn
446
446
447 ##### `KERNEL_DHKEY`="true"
447 ##### `KERNEL_DHKEY`="true"
448 Diffie-Hellman operations on retained keys - required for >keyutils-1.6
448 Diffie-Hellman operations on retained keys - required for >keyutils-1.6
449
449
450 ---
450 ---
451
451
452 #### Reduce disk usage:
452 #### Reduce disk usage:
453 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
453 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
454
454
455 ##### `REDUCE_APT`=true
455 ##### `REDUCE_APT`=true
456 Configure APT to use compressed package repository lists and no package caching files.
456 Configure APT to use compressed package repository lists and no package caching files.
457
457
458 ##### `REDUCE_DOC`=true
458 ##### `REDUCE_DOC`=true
459 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
459 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
460
460
461 ##### `REDUCE_MAN`=true
461 ##### `REDUCE_MAN`=true
462 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
462 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
463
463
464 ##### `REDUCE_VIM`=false
464 ##### `REDUCE_VIM`=false
465 Replace `vim-tiny` package by `levee` a tiny vim clone.
465 Replace `vim-tiny` package by `levee` a tiny vim clone.
466
466
467 ##### `REDUCE_BASH`=false
467 ##### `REDUCE_BASH`=false
468 Remove `bash` package and switch to `dash` shell (experimental).
468 Remove `bash` package and switch to `dash` shell (experimental).
469
469
470 ##### `REDUCE_HWDB`=true
470 ##### `REDUCE_HWDB`=true
471 Remove PCI related hwdb files (experimental).
471 Remove PCI related hwdb files (experimental).
472
472
473 ##### `REDUCE_SSHD`=true
473 ##### `REDUCE_SSHD`=true
474 Replace `openssh-server` with `dropbear`.
474 Replace `openssh-server` with `dropbear`.
475
475
476 ##### `REDUCE_LOCALE`=true
476 ##### `REDUCE_LOCALE`=true
477 Remove all `locale` translation files.
477 Remove all `locale` translation files.
478
478
479 ---
479 ---
480
480
481 #### Encrypted root partition:
481 #### Encrypted root partition:
482 ##### `ENABLE_CRYPTFS`=false
482 ##### `ENABLE_CRYPTFS`=false
483 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
483 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
484
484
485 ##### `CRYPTFS_PASSWORD`=""
485 ##### `CRYPTFS_PASSWORD`=""
486 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
486 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
487
487
488 ##### `CRYPTFS_MAPPING`="secure"
488 ##### `CRYPTFS_MAPPING`="secure"
489 Set name of dm-crypt managed device-mapper mapping.
489 Set name of dm-crypt managed device-mapper mapping.
490
490
491 ##### `CRYPTFS_CIPHER`="aes-xts-plain64"
491 ##### `CRYPTFS_CIPHER`="aes-xts-plain64"
492 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
492 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
493
493
494 ##### `CRYPTFS_HASH`=sha512
494 ##### `CRYPTFS_HASH`=sha512
495 Hash function and size to be used
495 Hash function and size to be used
496
496
497 ##### `CRYPTFS_XTSKEYSIZE`=512
497 ##### `CRYPTFS_XTSKEYSIZE`=512
498 Sets key size in bits. The argument has to be a multiple of 8.
498 Sets key size in bits. The argument has to be a multiple of 8.
499
499
500 ##### `CRYPTFS_DROPBEAR`=false
500 ##### `CRYPTFS_DROPBEAR`=false
501 Enable Dropbear Initramfs support
501 Enable Dropbear Initramfs support
502
502
503 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
503 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
504 Provide path to dropbear Public RSA-OpenSSH Key
504 Provide path to dropbear Public RSA-OpenSSH Key
505
505
506 ---
506 ---
507
507
508 #### Build settings:
508 #### Build settings:
509 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
509 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
510 Set a path to a working directory used by the script to generate an image.
510 Set a path to a working directory used by the script to generate an image.
511
511
512 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
512 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
513 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
513 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
514
514
515 ## Understanding the script
515 ## Understanding the script
516 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
516 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
517
517
518 | Script | Description |
518 | Script | Description |
519 | --- | --- |
519 | --- | --- |
520 | `10-bootstrap.sh` | Debootstrap basic system |
520 | `10-bootstrap.sh` | Debootstrap basic system |
521 | `11-apt.sh` | Setup APT repositories |
521 | `11-apt.sh` | Setup APT repositories |
522 | `12-locale.sh` | Setup Locales and keyboard settings |
522 | `12-locale.sh` | Setup Locales and keyboard settings |
523 | `13-kernel.sh` | Build and install RPi 0/1/2/3 Kernel |
523 | `13-kernel.sh` | Build and install RPi 0/1/2/3 Kernel |
524 | `14-fstab.sh` | Setup fstab and initramfs |
524 | `14-fstab.sh` | Setup fstab and initramfs |
525 | `15-rpi-config.sh` | Setup RPi 0/1/2/3 config and cmdline |
525 | `15-rpi-config.sh` | Setup RPi 0/1/2/3 config and cmdline |
526 | `20-networking.sh` | Setup Networking |
526 | `20-networking.sh` | Setup Networking |
527 | `21-firewall.sh` | Setup Firewall |
527 | `21-firewall.sh` | Setup Firewall |
528 | `30-security.sh` | Setup Users and Security settings |
528 | `30-security.sh` | Setup Users and Security settings |
529 | `31-logging.sh` | Setup Logging |
529 | `31-logging.sh` | Setup Logging |
530 | `32-sshd.sh` | Setup SSH and public keys |
530 | `32-sshd.sh` | Setup SSH and public keys |
531 | `41-uboot.sh` | Build and Setup U-Boot |
531 | `41-uboot.sh` | Build and Setup U-Boot |
532 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
532 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
533 | `43-videocore.sh` | Build and Setup videocore libraries |
533 | `43-videocore.sh` | Build and Setup videocore libraries |
534 | `50-firstboot.sh` | First boot actions |
534 | `50-firstboot.sh` | First boot actions |
535 | `99-reduce.sh` | Reduce the disk space usage |
535 | `99-reduce.sh` | Reduce the disk space usage |
536
536
537 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
537 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
538
538
539 | Directory | Description |
539 | Directory | Description |
540 | --- | --- |
540 | --- | --- |
541 | `apt` | APT management configuration files |
541 | `apt` | APT management configuration files |
542 | `boot` | Boot and RPi 0/1/2/3 configuration files |
542 | `boot` | Boot and RPi 0/1/2/3 configuration files |
543 | `dpkg` | Package Manager configuration |
543 | `dpkg` | Package Manager configuration |
544 | `etc` | Configuration files and rc scripts |
544 | `etc` | Configuration files and rc scripts |
545 | `firstboot` | Scripts that get executed on first boot |
545 | `firstboot` | Scripts that get executed on first boot |
546 | `initramfs` | Initramfs scripts |
546 | `initramfs` | Initramfs scripts |
547 | `iptables` | Firewall configuration files |
547 | `iptables` | Firewall configuration files |
548 | `locales` | Locales configuration |
548 | `locales` | Locales configuration |
549 | `modules` | Kernel Modules configuration |
549 | `modules` | Kernel Modules configuration |
550 | `mount` | Fstab configuration |
550 | `mount` | Fstab configuration |
551 | `network` | Networking configuration files |
551 | `network` | Networking configuration files |
552 | `sysctl.d` | Swapping and Network Hardening configuration |
552 | `sysctl.d` | Swapping and Network Hardening configuration |
553 | `xorg` | fbturbo Xorg driver configuration |
553 | `xorg` | fbturbo Xorg driver configuration |
554
554
555 ## Custom packages and scripts
555 ## Custom packages and scripts
556 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
556 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
557
557
558 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
558 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
559
559
560 ## Logging of the bootstrapping process
560 ## Logging of the bootstrapping process
561 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
561 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
562
562
563 ```shell
563 ```shell
564 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
564 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
565 ```
565 ```
566
566
567 ## Flashing the image file
567 ## Flashing the image file
568 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi 0/1/2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
568 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi 0/1/2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
569
569
570 ##### Flashing examples:
570 ##### Flashing examples:
571 ```shell
571 ```shell
572 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
572 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
573 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
573 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
574 ```
574 ```
575 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
575 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
576 ```shell
576 ```shell
577 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
577 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
578 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
578 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
579 ```
579 ```
580
580
581 ## QEMU emulation
581 ## QEMU emulation
582 Start QEMU full system emulation:
582 Start QEMU full system emulation:
583 ```shell
583 ```shell
584 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
584 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
585 ```
585 ```
586
586
587 Start QEMU full system emulation and output to console:
587 Start QEMU full system emulation and output to console:
588 ```shell
588 ```shell
589 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
589 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
590 ```
590 ```
591
591
592 Start QEMU full system emulation with SMP and output to console:
592 Start QEMU full system emulation with SMP and output to console:
593 ```shell
593 ```shell
594 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
594 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
595 ```
595 ```
596
596
597 Start QEMU full system emulation with cryptfs, initramfs and output to console:
597 Start QEMU full system emulation with cryptfs, initramfs and output to console:
598 ```shell
598 ```shell
599 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
599 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
600 ```
600 ```
601
601
602 ## External links and references
602 ## External links and references
603 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
603 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
604 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
604 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
605 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
605 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
606 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
606 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
607 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
607 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
608 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
608 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
609 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
609 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
610 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm)
610 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm)
611 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
611 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,177 +1,179
1 #
1 #
2 # Setup Networking
2 # Setup Networking
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Install and setup hostname
8 # Install and setup hostname
9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
10 sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
10 sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
11
11
12 # Install and setup hosts
12 # Install and setup hosts
13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
15
15
16 # Setup hostname entry with static IP
16 # Setup hostname entry with static IP
17 if [ "$NET_ETH_ADDRESS" != "" ] ; then
17 if [ "$NET_ETH_ADDRESS" != "" ] ; then
18 NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')
18 NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')
19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 fi
20 fi
21
21
22 # Remove IPv6 hosts
22 # Remove IPv6 hosts
23 if [ "$ENABLE_IPV6" = false ] ; then
23 if [ "$ENABLE_IPV6" = false ] ; then
24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
25 fi
25 fi
26
26
27 # Install hint about network configuration
27 # Install hint about network configuration
28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29
29
30 # Install configuration for interface eth0
30 # Install configuration for interface eth0
31 install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"
31 install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"
32
32
33 if [ "$RPI_MODEL" = 3P ] ; then
33 if [ "$RPI_MODEL" = 3P ] ; then
34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"
34 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"
35 fi
35 fi
36
36
37 # Install configuration for interface wl*
37 # Install configuration for interface wl*
38 install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"
38 install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"
39
39
40 #always with dhcp since wpa_supplicant integration is missing
40 #always with dhcp since wpa_supplicant integration is missing
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
42
42
43 if [ "$ENABLE_ETH_DHCP" = true ] ; then
43 if [ "$ENABLE_ETH_DHCP" = true ] ; then
44 # Enable DHCP configuration for interface eth0
44 # Enable DHCP configuration for interface eth0
45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"
45 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"
46
46
47 # Set DHCP configuration to IPv4 only
47 # Set DHCP configuration to IPv4 only
48 if [ "$ENABLE_IPV6" = false ] ; then
48 if [ "$ENABLE_IPV6" = false ] ; then
49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"
49 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"
50 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"
50 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"
51 fi
51 fi
52
52
53 else # ENABLE_ETH_DHCP=false
53 else # ENABLE_ETH_DHCP=false
54 # Set static network configuration for interface eth0
54 # Set static network configuration for interface eth0
55 sed -i\
55 sed -i\
56 -e "s|DHCP=.*|DHCP=no|"\
56 -e "s|DHCP=.*|DHCP=no|"\
57 -e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\
57 -e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\
58 -e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\
58 -e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\
59 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\
59 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\
60 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\
60 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\
61 -e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\
61 -e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\
62 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\
62 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\
63 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\
63 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\
64 "${ETC_DIR}/systemd/network/eth0.network"
64 "${ETC_DIR}/systemd/network/eth0.network"
65 fi
65 fi
66
66
67 if [ "$ENABLE_WIFI_DHCP" = true ] ; then
67 if [ "$ENABLE_WIFI_DHCP" = true ] ; then
68 # Enable DHCP configuration for interface eth0
68 # Enable DHCP configuration for interface eth0
69 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
69 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
70
70
71 # Set DHCP configuration to IPv4 only
71 # Set DHCP configuration to IPv4 only
72 if [ "$ENABLE_IPV6" = false ] ; then
72 if [ "$ENABLE_IPV6" = false ] ; then
73 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"
73 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"
74 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"
74 sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"
75 fi
75 fi
76
76
77 else # ENABLE_ETH_DHCP=false
77 else # ENABLE_ETH_DHCP=false
78 # Set static network configuration for interface eth0
78 # Set static network configuration for interface eth0
79 sed -i\
79 sed -i\
80 -e "s|DHCP=.*|DHCP=no|"\
80 -e "s|DHCP=.*|DHCP=no|"\
81 -e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\
81 -e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\
82 -e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\
82 -e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\
83 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\
83 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\
84 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\
84 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\
85 -e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\
85 -e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\
86 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\
86 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\
87 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\
87 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\
88 "${ETC_DIR}/systemd/network/wlan0.network"
88 "${ETC_DIR}/systemd/network/wlan0.network"
89 fi
89 fi
90
90
91 printf "
91 if [ -z "$NET_WIFI_SSID" ] && [ -z "$NET_WIFI_PSK" ] ; then
92 ctrl_interface=/run/wpa_supplicant
92 printf "
93 ctrl_interface_group=wheel
93 ctrl_interface=/run/wpa_supplicant
94 update_config=1
94 ctrl_interface_group=wheel
95 eapol_version=1
95 update_config=1
96 ap_scan=1
96 eapol_version=1
97 fast_reauth=1
97 ap_scan=1
98
98 fast_reauth=1
99 " > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
99
100
100 " > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
101 #Configure WPA_supplicant
101
102 chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
102 #Configure WPA_supplicant
103
103 chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
104 chroot_exec systemctl enable wpa_supplicant.service
104
105 chroot_exec systemctl enable wpa_supplicant@wlan0.service
105 chroot_exec systemctl enable wpa_supplicant.service
106 chroot_exec systemctl enable wpa_supplicant@wlan0.service
107 fi
106
108
107 # Remove empty settings from network configuration
109 # Remove empty settings from network configuration
108 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"
110 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"
109 # Remove empty settings from wlan configuration
111 # Remove empty settings from wlan configuration
110 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"
112 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"
111
113
112 # Move systemd network configuration if required by Debian release
114 # Move systemd network configuration if required by Debian release
113 mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"
115 mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"
114 # If WLAN is enabled copy wlan configuration too
116 # If WLAN is enabled copy wlan configuration too
115 if [ "$ENABLE_WIRELESS" = true ] ; then
117 if [ "$ENABLE_WIRELESS" = true ] ; then
116 mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"
118 mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"
117 fi
119 fi
118 rm -fr "${ETC_DIR}/systemd/network"
120 rm -fr "${ETC_DIR}/systemd/network"
119
121
120 # Enable systemd-networkd service
122 # Enable systemd-networkd service
121 chroot_exec systemctl enable systemd-networkd
123 chroot_exec systemctl enable systemd-networkd
122
124
123 # Install host.conf resolver configuration
125 # Install host.conf resolver configuration
124 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
126 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
125
127
126 # Enable network stack hardening
128 # Enable network stack hardening
127 if [ "$ENABLE_HARDNET" = true ] ; then
129 if [ "$ENABLE_HARDNET" = true ] ; then
128 # Install sysctl.d configuration files
130 # Install sysctl.d configuration files
129 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
131 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
130
132
131 # Setup resolver warnings about spoofed addresses
133 # Setup resolver warnings about spoofed addresses
132 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
134 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
133 fi
135 fi
134
136
135 # Enable time sync
137 # Enable time sync
136 if [ "$NET_NTP_1" != "" ] ; then
138 if [ "$NET_NTP_1" != "" ] ; then
137 chroot_exec systemctl enable systemd-timesyncd.service
139 chroot_exec systemctl enable systemd-timesyncd.service
138 fi
140 fi
139
141
140 # Download the firmware binary blob required to use the RPi3 wireless interface
142 # Download the firmware binary blob required to use the RPi3 wireless interface
141 if [ "$ENABLE_WIRELESS" = true ] ; then
143 if [ "$ENABLE_WIRELESS" = true ] ; then
142 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
144 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
143 mkdir -p "${WLAN_FIRMWARE_DIR}"
145 mkdir -p "${WLAN_FIRMWARE_DIR}"
144 fi
146 fi
145
147
146 # Create temporary directory for firmware binary blob
148 # Create temporary directory for firmware binary blob
147 temp_dir=$(as_nobody mktemp -d)
149 temp_dir=$(as_nobody mktemp -d)
148
150
149 # Fetch firmware binary blob for RPI3B+
151 # Fetch firmware binary blob for RPI3B+
150 if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
152 if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
151 # Fetch firmware binary blob for RPi3P
153 # Fetch firmware binary blob for RPi3P
152 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
154 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
153 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
155 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
154 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
156 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
155
157
156 # Move downloaded firmware binary blob
158 # Move downloaded firmware binary blob
157 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
159 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
158
160
159 # Set permissions of the firmware binary blob
161 # Set permissions of the firmware binary blob
160 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
162 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
161 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
163 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
162 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
164 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
163 # Fetch firmware binary blob for RPi3
165 # Fetch firmware binary blob for RPi3
164 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
166 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
165 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
167 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
166
168
167 # Move downloaded firmware binary blob
169 # Move downloaded firmware binary blob
168 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
170 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
169
171
170 # Set permissions of the firmware binary blob
172 # Set permissions of the firmware binary blob
171 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
173 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
172 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
174 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
173 fi
175 fi
174
176
175 # Remove temporary directory for firmware binary blob
177 # Remove temporary directory for firmware binary blob
176 rm -fr "${temp_dir}"
178 rm -fr "${temp_dir}"
177 fi
179 fi
@@ -1,28 +1,32
1 logger -t "rc.firstboot" "Configuring network interface name"
1 logger -t "rc.firstboot" "Configuring network interface name"
2
2
3 INTERFACE_NAME_ETH=$(dmesg | grep "renamed from eth0" | awk -F ":| " '{ print $9 }')
3 INTERFACE_NAME_ETH=$(dmesg | grep "renamed from eth0" | awk -F ":| " '{ print $9 }')
4 INTERFACE_NAME_WIFI=$(dmesg | grep "renamed from wlan0" | awk -F ":| " '{ print $9 }')
4 INTERFACE_NAME_WIFI=$(dmesg | grep "renamed from wlan0" | awk -F ":| " '{ print $9 }')
5
5
6 if [ ! -z INTERFACE_NAME_ETH ] ; then
6 if [ ! -z INTERFACE_NAME_ETH ] ; then
7 if [ -r "/etc/systemd/network/eth0.network" ] ; then
7 if [ -r "/etc/systemd/network/eth0.network" ] ; then
8 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /etc/systemd/network/eth0.network
8 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /etc/systemd/network/eth0.network
9 fi
9 fi
10
10
11 if [ -r "/lib/systemd/network/10-eth0.network" ] ; then
11 if [ -r "/lib/systemd/network/10-eth0.network" ] ; then
12 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /lib/systemd/network/10-eth0.network
12 sed -i "s/eth0/${INTERFACE_NAME_ETH}/" /lib/systemd/network/10-eth0.network
13 fi
13 fi
14 # Move config to new interface name
14 # Move config to new interface name
15 mv /etc/systemd/network/eth0.network /etc/systemd/network/"${INTERFACE_NAME_ETH}".network
15 mv /etc/systemd/network/eth0.network /etc/systemd/network/"${INTERFACE_NAME_ETH}".network
16 fi
16 fi
17
17
18 if [ ! -z INTERFACE_NAME_WIFI ] ; then
18 if [ ! -z INTERFACE_NAME_WIFI ] ; then
19 if [ -r "/etc/systemd/network/wlan0.network" ] ; then
19 if [ -r "/etc/systemd/network/wlan0.network" ] ; then
20 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /etc/systemd/network/wlan0.network
20 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /etc/systemd/network/wlan0.network
21 fi
21 fi
22
22
23 if [ -r "/lib/systemd/network/11-wlan0.network" ] ; then
23 if [ -r "/lib/systemd/network/11-wlan0.network" ] ; then
24 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /lib/systemd/network/11-wlan0.network
24 sed -i "s/wlan0/${INTERFACE_NAME_WIFI}/" /lib/systemd/network/11-wlan0.network
25 fi
25 fi
26 # Move config to new interface name
26 # Move config to new interface name
27 mv /etc/systemd/network/wlan0.network /etc/systemd/network/"${INTERFACE_NAME_WIFI}".network
27 mv /etc/systemd/network/wlan0.network /etc/systemd/network/"${INTERFACE_NAME_WIFI}".network
28
29 systemctl disable wpa_supplicant@wlan0.service
30 systemctl enable wpa_supplicant@"${INTERFACE_NAME_WIFI}".service
31 systemctl start wpa_supplicant@"${INTERFACE_NAME_WIFI}".service
28 fi
32 fi
@@ -1,910 +1,910
1 #!/bin/sh
1 #!/bin/sh
2 ########################################################################
2 ########################################################################
3 # rpi23-gen-image.sh 2015-2017
3 # rpi23-gen-image.sh 2015-2017
4 #
4 #
5 # Advanced Debian "stretch" and "buster" bootstrap script for Raspberry Pi
5 # Advanced Debian "stretch" and "buster" bootstrap script for Raspberry Pi
6 #
6 #
7 # This program is free software; you can redistribute it and/or
7 # This program is free software; you can redistribute it and/or
8 # modify it under the terms of the GNU General Public License
8 # modify it under the terms of the GNU General Public License
9 # as published by the Free Software Foundation; either version 2
9 # as published by the Free Software Foundation; either version 2
10 # of the License, or (at your option) any later version.
10 # of the License, or (at your option) any later version.
11 #
11 #
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 #
13 #
14 # Big thanks for patches and enhancements by 20+ github contributors!
14 # Big thanks for patches and enhancements by 20+ github contributors!
15 ########################################################################
15 ########################################################################
16
16
17 # Are we running as root?
17 # Are we running as root?
18 if [ "$(id -u)" -ne "0" ] ; then
18 if [ "$(id -u)" -ne "0" ] ; then
19 echo "error: this script must be executed with root privileges!"
19 echo "error: this script must be executed with root privileges!"
20 exit 1
20 exit 1
21 fi
21 fi
22
22
23 # Check if ./functions.sh script exists
23 # Check if ./functions.sh script exists
24 if [ ! -r "./functions.sh" ] ; then
24 if [ ! -r "./functions.sh" ] ; then
25 echo "error: './functions.sh' required script not found!"
25 echo "error: './functions.sh' required script not found!"
26 exit 1
26 exit 1
27 fi
27 fi
28
28
29 # Load utility functions
29 # Load utility functions
30 . ./functions.sh
30 . ./functions.sh
31
31
32 # Load parameters from configuration template file
32 # Load parameters from configuration template file
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 use_template
34 use_template
35 fi
35 fi
36
36
37 # Introduce settings
37 # Introduce settings
38 set -e
38 set -e
39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
40 set -x
40 set -x
41
41
42 # Raspberry Pi model configuration
42 # Raspberry Pi model configuration
43 RPI_MODEL=${RPI_MODEL:=2}
43 RPI_MODEL=${RPI_MODEL:=2}
44
44
45 # Debian release
45 # Debian release
46 RELEASE=${RELEASE:=buster}
46 RELEASE=${RELEASE:=buster}
47 if [ $RELEASE = "bullseye" ] ; then
47 if [ $RELEASE = "bullseye" ] ; then
48 RELEASE=testing
48 RELEASE=testing
49 fi
49 fi
50
50
51 # Kernel Branch
51 # Kernel Branch
52 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
52 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
53
53
54 # URLs
54 # URLs
55 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
55 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
56 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
56 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
57 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
57 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
58 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
58 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
59 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
59 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
60 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
60 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
61 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
61 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
62 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
62 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
63 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
63 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
64
64
65 # Kernel deb packages for 32bit kernel
65 # Kernel deb packages for 32bit kernel
66 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
66 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
67 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
67 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
68 # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
68 # Kernel has KVM and zswap enabled - use if KERNEL_* parameters and precompiled kernel are used
69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.80.20191022/bcmrpi3-kernel-bis-4.19.80.20191022.tar.xz}
69 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.19.80.20191022/bcmrpi3-kernel-bis-4.19.80.20191022.tar.xz}
70 # Default precompiled 64bit kernel
70 # Default precompiled 64bit kernel
71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.80.20191022/bcmrpi3-kernel-4.19.80.20191022.tar.xz}
71 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.19.80.20191022/bcmrpi3-kernel-4.19.80.20191022.tar.xz}
72 # Sakaki BIS Kernel RPI4 - https://github.com/sakaki-/bcm2711-kernel-bis
72 # Sakaki BIS Kernel RPI4 - https://github.com/sakaki-/bcm2711-kernel-bis
73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
73 RPI4_64_BIS_KERNEL_URL=${RPI4_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
74 # Default precompiled 64bit kernel - https://github.com/sakaki-/bcm2711-kernel
74 # Default precompiled 64bit kernel - https://github.com/sakaki-/bcm2711-kernel
75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
75 RPI4_64_DEF_KERNEL_URL=${RPI4_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcm2711-kernel-bis/releases/download/4.19.59.20190724/bcm2711-kernel-bis-4.19.59.20190724.tar.xz}
76 # Generic
76 # Generic
77 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
77 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
78 RPI4_64_KERNEL_URL=${RPI4_64_KERNEL_URL:=$RPI4_64_DEF_KERNEL_URL}
78 RPI4_64_KERNEL_URL=${RPI4_64_KERNEL_URL:=$RPI4_64_DEF_KERNEL_URL}
79 # Kali kernel src - used if ENABLE_NEXMON=true (they patch the wlan kernel modul)
79 # Kali kernel src - used if ENABLE_NEXMON=true (they patch the wlan kernel modul)
80 KALI_KERNEL_URL=${KALI_KERNEL_URL:=https://github.com/Re4son/re4son-raspberrypi-linux.git}
80 KALI_KERNEL_URL=${KALI_KERNEL_URL:=https://github.com/Re4son/re4son-raspberrypi-linux.git}
81
81
82 # Build directories
82 # Build directories
83 WORKDIR=$(pwd)
83 WORKDIR=$(pwd)
84 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
84 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
85 BUILDDIR="${BASEDIR}/build"
85 BUILDDIR="${BASEDIR}/build"
86
86
87 # Chroot directories
87 # Chroot directories
88 R="${BUILDDIR}/chroot"
88 R="${BUILDDIR}/chroot"
89 ETC_DIR="${R}/etc"
89 ETC_DIR="${R}/etc"
90 LIB_DIR="${R}/lib"
90 LIB_DIR="${R}/lib"
91 BOOT_DIR="${R}/boot/firmware"
91 BOOT_DIR="${R}/boot/firmware"
92 KERNEL_DIR="${R}/usr/src/linux"
92 KERNEL_DIR="${R}/usr/src/linux"
93 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
93 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
94 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
94 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
95
95
96 # Firmware directory: Blank if download from github
96 # Firmware directory: Blank if download from github
97 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
97 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
98
98
99 # General settings
99 # General settings
100 SET_ARCH=${SET_ARCH:=32}
100 SET_ARCH=${SET_ARCH:=32}
101 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
101 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
102 PASSWORD=${PASSWORD:=raspberry}
102 PASSWORD=${PASSWORD:=raspberry}
103 USER_PASSWORD=${USER_PASSWORD:=raspberry}
103 USER_PASSWORD=${USER_PASSWORD:=raspberry}
104 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
104 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
105 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
105 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
106 EXPANDROOT=${EXPANDROOT:=true}
106 EXPANDROOT=${EXPANDROOT:=true}
107 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
107 ENABLE_DPHYSSWAP=${ENABLE_DPHYSSWAP:=true}
108
108
109 # Keyboard settings
109 # Keyboard settings
110 XKB_MODEL=${XKB_MODEL:=""}
110 XKB_MODEL=${XKB_MODEL:=""}
111 XKB_LAYOUT=${XKB_LAYOUT:=""}
111 XKB_LAYOUT=${XKB_LAYOUT:=""}
112 XKB_VARIANT=${XKB_VARIANT:=""}
112 XKB_VARIANT=${XKB_VARIANT:=""}
113 XKB_OPTIONS=${XKB_OPTIONS:=""}
113 XKB_OPTIONS=${XKB_OPTIONS:=""}
114
114
115 # Network settings (DHCP)
115 # Network settings (DHCP)
116 ENABLE_ETH_DHCP=${ENABLE_ETH_DHCP:=true}
116 ENABLE_ETH_DHCP=${ENABLE_ETH_DHCP:=true}
117 ENABLE_WIFI_DHCP=${ENABLE_ETH_DHCP:=true}
117 ENABLE_WIFI_DHCP=${ENABLE_ETH_DHCP:=true}
118
118
119 # Network settings (static)
119 # Network settings (static)
120 NET_ETH_ADDRESS=${NET_ETH_ADDRESS:=""}
120 NET_ETH_ADDRESS=${NET_ETH_ADDRESS:=""}
121 NET_ETH_GATEWAY=${NET_ETH_GATEWAY:=""}
121 NET_ETH_GATEWAY=${NET_ETH_GATEWAY:=""}
122 NET_ETH_DNS_1=${NET_ETH_DNS_1:=""}
122 NET_ETH_DNS_1=${NET_ETH_DNS_1:=""}
123 NET_ETH_DNS_2=${NET_ETH_DNS_2:=""}
123 NET_ETH_DNS_2=${NET_ETH_DNS_2:=""}
124 NET_ETH_DNS_DOMAINS=${NET_ETH_DNS_DOMAINS:=""}
124 NET_ETH_DNS_DOMAINS=${NET_ETH_DNS_DOMAINS:=""}
125 NET_ETH_NTP_1=${NET_ETH_NTP_1:=""}
125 NET_ETH_NTP_1=${NET_ETH_NTP_1:=""}
126 NET_ETH_NTP_2=${NET_ETH_NTP_2:=""}
126 NET_ETH_NTP_2=${NET_ETH_NTP_2:=""}
127
127
128 NET_WIFI_SSID=${NET_SSID:=""}
128 NET_WIFI_SSID=${NET_WIFI_SSID:=""}
129 NET_WIFI_WPAPSK=${NET_WPAPSK:=""}
129 NET_WIFI_PSK=${NET_WIFI_PSK:=""}
130
130
131 # Network settings (static)
131 # Network settings (static)
132 NET_WIFI_ADDRESS=${NET_WIFI_ADDRESS:=""}
132 NET_WIFI_ADDRESS=${NET_WIFI_ADDRESS:=""}
133 NET_WIFI_GATEWAY=${NET_WIFI_GATEWAY:=""}
133 NET_WIFI_GATEWAY=${NET_WIFI_GATEWAY:=""}
134 NET_WIFI_DNS_1=${NET_WIFI_DNS_1:=""}
134 NET_WIFI_DNS_1=${NET_WIFI_DNS_1:=""}
135 NET_WIFI_DNS_2=${NET_WIFI_DNS_2:=""}
135 NET_WIFI_DNS_2=${NET_WIFI_DNS_2:=""}
136 NET_WIFI_DNS_DOMAINS=${NET_WIFI_DNS_DOMAINS:=""}
136 NET_WIFI_DNS_DOMAINS=${NET_WIFI_DNS_DOMAINS:=""}
137 NET_WIFI_NTP_1=${NET_WIFI_NTP_1:=""}
137 NET_WIFI_NTP_1=${NET_WIFI_NTP_1:=""}
138 NET_WIFI_NTP_2=${NET_WIFI_NTP_2:=""}
138 NET_WIFI_NTP_2=${NET_WIFI_NTP_2:=""}
139
139
140 # APT settings
140 # APT settings
141 APT_PROXY=${APT_PROXY:=""}
141 APT_PROXY=${APT_PROXY:=""}
142 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
142 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
143 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
143 KEEP_APT_PROXY=${KEEP_APT_PROXY:=false}
144
144
145 # Feature settings
145 # Feature settings
146 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
146 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
147 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
147 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
148 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
148 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
149 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
149 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
150 ENABLE_I2C=${ENABLE_I2C:=false}
150 ENABLE_I2C=${ENABLE_I2C:=false}
151 ENABLE_SPI=${ENABLE_SPI:=false}
151 ENABLE_SPI=${ENABLE_SPI:=false}
152 ENABLE_IPV6=${ENABLE_IPV6:=true}
152 ENABLE_IPV6=${ENABLE_IPV6:=true}
153 ENABLE_SSHD=${ENABLE_SSHD:=true}
153 ENABLE_SSHD=${ENABLE_SSHD:=true}
154 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
154 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
155 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
155 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
156 ENABLE_SOUND=${ENABLE_SOUND:=true}
156 ENABLE_SOUND=${ENABLE_SOUND:=true}
157 ENABLE_DBUS=${ENABLE_DBUS:=true}
157 ENABLE_DBUS=${ENABLE_DBUS:=true}
158 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
158 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
159 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
159 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
160 ENABLE_XORG=${ENABLE_XORG:=false}
160 ENABLE_XORG=${ENABLE_XORG:=false}
161 ENABLE_WM=${ENABLE_WM:=""}
161 ENABLE_WM=${ENABLE_WM:=""}
162 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
162 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
163 ENABLE_USER=${ENABLE_USER:=true}
163 ENABLE_USER=${ENABLE_USER:=true}
164 USER_NAME=${USER_NAME:="pi"}
164 USER_NAME=${USER_NAME:="pi"}
165 ENABLE_ROOT=${ENABLE_ROOT:=false}
165 ENABLE_ROOT=${ENABLE_ROOT:=false}
166 ENABLE_QEMU=${ENABLE_QEMU:=false}
166 ENABLE_QEMU=${ENABLE_QEMU:=false}
167 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
167 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
168
168
169 # SSH settings
169 # SSH settings
170 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
170 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
171 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
171 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
172 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
172 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
173 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
173 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
174 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
174 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
175
175
176 # Advanced settings
176 # Advanced settings
177 ENABLE_SYSTEMDSWAP=${ENABLE_SYSTEMDSWAP:=false}
177 ENABLE_SYSTEMDSWAP=${ENABLE_SYSTEMDSWAP:=false}
178 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
178 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
179 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
179 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
180 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
180 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
181 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
181 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
182 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
182 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
183 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
183 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
184 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
184 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
185 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
185 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
186 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
186 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
187 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
187 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
188 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
188 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
189 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
189 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
190 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
190 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
191 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
191 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
192 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
192 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
193 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
193 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
194 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
194 ENABLE_SPLASH=${ENABLE_SPLASH:=true}
195 ENABLE_LOGO=${ENABLE_LOGO:=true}
195 ENABLE_LOGO=${ENABLE_LOGO:=true}
196 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
196 ENABLE_SILENT_BOOT=${ENABLE_SILENT_BOOT=false}
197 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
197 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
198
198
199 # Kernel compilation settings
199 # Kernel compilation settings
200 BUILD_KERNEL=${BUILD_KERNEL:=true}
200 BUILD_KERNEL=${BUILD_KERNEL:=true}
201 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
201 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
202 KERNEL_THREADS=${KERNEL_THREADS:=1}
202 KERNEL_THREADS=${KERNEL_THREADS:=1}
203 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
203 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
204 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
204 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
205 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
205 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
206 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
206 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
207 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
207 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
208 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
208 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
209 KERNEL_VIRT=${KERNEL_VIRT:=false}
209 KERNEL_VIRT=${KERNEL_VIRT:=false}
210 KERNEL_BPF=${KERNEL_BPF:=false}
210 KERNEL_BPF=${KERNEL_BPF:=false}
211 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
211 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=ondemand}
212 KERNEL_SECURITY=${KERNEL_SECURITY:=false}
212 KERNEL_SECURITY=${KERNEL_SECURITY:=false}
213 KERNEL_NF=${KERNEL_NF:=false}
213 KERNEL_NF=${KERNEL_NF:=false}
214 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
214 KERNEL_DHKEY=${KERNEL_DHKEY:=true}
215 KERNEL_BTRFS=${KERNEL_BTRFS:=false}
215 KERNEL_BTRFS=${KERNEL_BTRFS:=false}
216 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
216 KERNEL_NSPAN=${KERNEL_NSPAN:=false}
217 KERNEL_POEHAT=${KERNEL_POEHAT:=false}
217 KERNEL_POEHAT=${KERNEL_POEHAT:=false}
218
218
219 # Kernel compilation from source directory settings
219 # Kernel compilation from source directory settings
220 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
220 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
221 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
221 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
222 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
222 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
223 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
223 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
224
224
225 # Reduce disk usage settings
225 # Reduce disk usage settings
226 REDUCE_APT=${REDUCE_APT:=true}
226 REDUCE_APT=${REDUCE_APT:=true}
227 REDUCE_DOC=${REDUCE_DOC:=true}
227 REDUCE_DOC=${REDUCE_DOC:=true}
228 REDUCE_MAN=${REDUCE_MAN:=true}
228 REDUCE_MAN=${REDUCE_MAN:=true}
229 REDUCE_VIM=${REDUCE_VIM:=false}
229 REDUCE_VIM=${REDUCE_VIM:=false}
230 REDUCE_BASH=${REDUCE_BASH:=false}
230 REDUCE_BASH=${REDUCE_BASH:=false}
231 REDUCE_HWDB=${REDUCE_HWDB:=true}
231 REDUCE_HWDB=${REDUCE_HWDB:=true}
232 REDUCE_SSHD=${REDUCE_SSHD:=true}
232 REDUCE_SSHD=${REDUCE_SSHD:=true}
233 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
233 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
234
234
235 # Encrypted filesystem settings
235 # Encrypted filesystem settings
236 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
236 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
237 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
237 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
238 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
238 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
239 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64"}
239 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64"}
240 CRYPTFS_HASH=${CRYPTFS_HASH:="sha512"}
240 CRYPTFS_HASH=${CRYPTFS_HASH:="sha512"}
241 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
241 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
242 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
242 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
243 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
243 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
244 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
244 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
245 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
245 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
246
246
247 # Chroot scripts directory
247 # Chroot scripts directory
248 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
248 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
249
249
250 # Packages required in the chroot build environment
250 # Packages required in the chroot build environment
251 APT_INCLUDES=${APT_INCLUDES:=""}
251 APT_INCLUDES=${APT_INCLUDES:=""}
252 APT_INCLUDES="${APT_INCLUDES},flex,bison,apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
252 APT_INCLUDES="${APT_INCLUDES},flex,bison,apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
253
253
254 # Packages to exclude from chroot build environment
254 # Packages to exclude from chroot build environment
255 APT_EXCLUDES=${APT_EXCLUDES:=""}
255 APT_EXCLUDES=${APT_EXCLUDES:=""}
256
256
257 # Packages required for bootstrapping
257 # Packages required for bootstrapping
258 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
258 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
259 MISSING_PACKAGES=""
259 MISSING_PACKAGES=""
260
260
261 # Packages installed for c/c++ build environment in chroot (keep empty)
261 # Packages installed for c/c++ build environment in chroot (keep empty)
262 COMPILER_PACKAGES=""
262 COMPILER_PACKAGES=""
263
263
264 # Check if apt-cacher-ng has port 3142 open and set APT_PROXY
264 # Check if apt-cacher-ng has port 3142 open and set APT_PROXY
265 APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d')
265 APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d')
266 if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then
266 if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then
267 APT_PROXY=http://127.0.0.1:3142/
267 APT_PROXY=http://127.0.0.1:3142/
268 fi
268 fi
269
269
270 # Setup architecture specific settings
270 # Setup architecture specific settings
271 if [ -n "$SET_ARCH" ] ; then
271 if [ -n "$SET_ARCH" ] ; then
272 # 64-bit configuration
272 # 64-bit configuration
273 if [ "$SET_ARCH" = 64 ] ; then
273 if [ "$SET_ARCH" = 64 ] ; then
274 # General 64-bit depended settings
274 # General 64-bit depended settings
275 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
275 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
276 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
276 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
277 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
277 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
278
278
279 # Raspberry Pi model specific settings
279 # Raspberry Pi model specific settings
280 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
280 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
281 if [ "$RPI_MODEL" != 4 ] ; then
281 if [ "$RPI_MODEL" != 4 ] ; then
282 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
282 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
283 else
283 else
284 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2711_defconfig}
284 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2711_defconfig}
285 fi
285 fi
286
286
287 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
287 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
288 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
288 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
289 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
289 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
290 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
290 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
291 else
291 else
292 echo "error: Only Raspberry PI 3, 3B+ and 4 support 64-bit"
292 echo "error: Only Raspberry PI 3, 3B+ and 4 support 64-bit"
293 exit 1
293 exit 1
294 fi
294 fi
295 fi
295 fi
296
296
297 # 32-bit configuration
297 # 32-bit configuration
298 if [ "$SET_ARCH" = 32 ] ; then
298 if [ "$SET_ARCH" = 32 ] ; then
299 # General 32-bit dependend settings
299 # General 32-bit dependend settings
300 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
300 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
301 KERNEL_ARCH=${KERNEL_ARCH:=arm}
301 KERNEL_ARCH=${KERNEL_ARCH:=arm}
302 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
302 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
303
303
304 # Raspberry Pi model specific settings
304 # Raspberry Pi model specific settings
305 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
305 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
306 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
306 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
307 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
307 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
308 RELEASE_ARCH=${RELEASE_ARCH:=armel}
308 RELEASE_ARCH=${RELEASE_ARCH:=armel}
309 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
309 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
310 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
310 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
311 fi
311 fi
312
312
313 # Raspberry Pi model specific settings
313 # Raspberry Pi model specific settings
314 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
314 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
315 if [ "$RPI_MODEL" != 4 ] ; then
315 if [ "$RPI_MODEL" != 4 ] ; then
316 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
316 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
317 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
317 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
318 else
318 else
319 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2711_defconfig}
319 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2711_defconfig}
320 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7l.img}
320 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7l.img}
321 fi
321 fi
322
322
323 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
323 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
324 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
324 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
325
325
326 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
326 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
327 fi
327 fi
328 fi
328 fi
329 # SET_ARCH not set
329 # SET_ARCH not set
330 else
330 else
331 echo "error: Please set '32' or '64' as value for SET_ARCH"
331 echo "error: Please set '32' or '64' as value for SET_ARCH"
332 exit 1
332 exit 1
333 fi
333 fi
334 # Device specific configuration and U-Boot configuration
334 # Device specific configuration and U-Boot configuration
335 case "$RPI_MODEL" in
335 case "$RPI_MODEL" in
336 0)
336 0)
337 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
337 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
338 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
338 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
339 ;;
339 ;;
340 1)
340 1)
341 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
341 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
342 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
342 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
343 ;;
343 ;;
344 1P)
344 1P)
345 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
345 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
346 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
346 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
347 ;;
347 ;;
348 2)
348 2)
349 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
349 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
350 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
350 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
351 ;;
351 ;;
352 3)
352 3)
353 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
353 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
354 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
354 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
355 ;;
355 ;;
356 3P)
356 3P)
357 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
357 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
358 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
358 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
359 ;;
359 ;;
360 4)
360 4)
361 DTB_FILE=${DTB_FILE:=bcm2711-rpi-4-b.dtb}
361 DTB_FILE=${DTB_FILE:=bcm2711-rpi-4-b.dtb}
362 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_4_defconfig}
362 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_4_defconfig}
363 ;;
363 ;;
364 *)
364 *)
365 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
365 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
366 exit 1
366 exit 1
367 ;;
367 ;;
368 esac
368 esac
369
369
370 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
370 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
371 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
371 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
372 # Include bluetooth packages on supported boards
372 # Include bluetooth packages on supported boards
373 if [ "$ENABLE_BLUETOOTH" = true ] ; then
373 if [ "$ENABLE_BLUETOOTH" = true ] ; then
374 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
374 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
375 fi
375 fi
376 if [ "$ENABLE_WIRELESS" = true ] ; then
376 if [ "$ENABLE_WIRELESS" = true ] ; then
377 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb,wpasupplicant"
377 APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb,wpasupplicant"
378 fi
378 fi
379 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
379 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
380 # Check if the internal wireless interface is not supported by the RPi model
380 # Check if the internal wireless interface is not supported by the RPi model
381 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
381 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
382 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
382 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
383 exit 1
383 exit 1
384 fi
384 fi
385 fi
385 fi
386
386
387 if [ "$BUILD_KERNEL" = false ] && [ "$ENABLE_NEXMON" = true ]; then
387 if [ "$BUILD_KERNEL" = false ] && [ "$ENABLE_NEXMON" = true ]; then
388 echo "error: You have to compile kernel sources, if you want to enable nexmon"
388 echo "error: You have to compile kernel sources, if you want to enable nexmon"
389 exit 1
389 exit 1
390 fi
390 fi
391
391
392 # Prepare date string for default image file name
392 # Prepare date string for default image file name
393 DATE="$(date +%Y-%m-%d)"
393 DATE="$(date +%Y-%m-%d)"
394 if [ -z "$KERNEL_BRANCH" ] ; then
394 if [ -z "$KERNEL_BRANCH" ] ; then
395 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
395 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
396 else
396 else
397 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
397 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
398 fi
398 fi
399
399
400 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
400 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
401 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
401 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
402 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
402 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
403 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
403 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
404 exit 1
404 exit 1
405 fi
405 fi
406 fi
406 fi
407
407
408 # Add cmake to compile videocore sources
408 # Add cmake to compile videocore sources
409 if [ "$ENABLE_VIDEOCORE" = true ] ; then
409 if [ "$ENABLE_VIDEOCORE" = true ] ; then
410 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
410 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
411 fi
411 fi
412
412
413 # Add deps for nexmon
413 # Add deps for nexmon
414 if [ "$ENABLE_NEXMON" = true ] ; then
414 if [ "$ENABLE_NEXMON" = true ] ; then
415 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libgmp3-dev gawk qpdf make autoconf automake build-essential libtool"
415 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libgmp3-dev gawk qpdf make autoconf automake build-essential libtool"
416 fi
416 fi
417
417
418 # Add libncurses5 to enable kernel menuconfig
418 # Add libncurses5 to enable kernel menuconfig
419 if [ "$KERNEL_MENUCONFIG" = true ] ; then
419 if [ "$KERNEL_MENUCONFIG" = true ] ; then
420 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
420 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
421 fi
421 fi
422
422
423 # Add ccache compiler cache for (faster) kernel cross (re)compilation
423 # Add ccache compiler cache for (faster) kernel cross (re)compilation
424 if [ "$KERNEL_CCACHE" = true ] ; then
424 if [ "$KERNEL_CCACHE" = true ] ; then
425 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
425 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
426 fi
426 fi
427
427
428 # Add cryptsetup package to enable filesystem encryption
428 # Add cryptsetup package to enable filesystem encryption
429 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
429 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
430 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
430 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
431 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup,cryptsetup-initramfs"
431 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup,cryptsetup-initramfs"
432
432
433 # If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
433 # If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
434 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
434 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
435 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
435 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
436 fi
436 fi
437
437
438 if [ -z "$CRYPTFS_PASSWORD" ] ; then
438 if [ -z "$CRYPTFS_PASSWORD" ] ; then
439 echo "error: no password defined (CRYPTFS_PASSWORD)!"
439 echo "error: no password defined (CRYPTFS_PASSWORD)!"
440 exit 1
440 exit 1
441 fi
441 fi
442 ENABLE_INITRAMFS=true
442 ENABLE_INITRAMFS=true
443 fi
443 fi
444
444
445 # Add initramfs generation tools
445 # Add initramfs generation tools
446 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
446 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
447 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
447 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
448 fi
448 fi
449
449
450 # Add device-tree-compiler required for building the U-Boot bootloader
450 # Add device-tree-compiler required for building the U-Boot bootloader
451 if [ "$ENABLE_UBOOT" = true ] ; then
451 if [ "$ENABLE_UBOOT" = true ] ; then
452 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bc"
452 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bc"
453 fi
453 fi
454
454
455 if [ "$ENABLE_USBBOOT" = true ] ; then
455 if [ "$ENABLE_USBBOOT" = true ] ; then
456 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 2 ]; then
456 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 2 ]; then
457 echo "error: Booting from USB alone is only supported by Raspberry Pi 3 and 3P"
457 echo "error: Booting from USB alone is only supported by Raspberry Pi 3 and 3P"
458 exit 1
458 exit 1
459 fi
459 fi
460 fi
460 fi
461
461
462 # Check if root SSH (v2) public key file exists
462 # Check if root SSH (v2) public key file exists
463 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
463 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
464 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
464 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
465 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
465 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
466 exit 1
466 exit 1
467 fi
467 fi
468 fi
468 fi
469
469
470 # Check if $USER_NAME SSH (v2) public key file exists
470 # Check if $USER_NAME SSH (v2) public key file exists
471 if [ -n "$SSH_USER_PUB_KEY" ] ; then
471 if [ -n "$SSH_USER_PUB_KEY" ] ; then
472 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
472 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
473 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
473 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
474 exit 1
474 exit 1
475 fi
475 fi
476 fi
476 fi
477
477
478 if [ "$ENABLE_NEXMON" = true ] && [ -n "$KERNEL_BRANCH" ] ; then
478 if [ "$ENABLE_NEXMON" = true ] && [ -n "$KERNEL_BRANCH" ] ; then
479 echo "error: Please unset KERNEL_BRANCH if using ENABLE_NEXMON"
479 echo "error: Please unset KERNEL_BRANCH if using ENABLE_NEXMON"
480 exit 1
480 exit 1
481 fi
481 fi
482
482
483 # Check if all required packages are installed on the build system
483 # Check if all required packages are installed on the build system
484 for package in $REQUIRED_PACKAGES ; do
484 for package in $REQUIRED_PACKAGES ; do
485 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
485 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
486 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
486 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
487 fi
487 fi
488 done
488 done
489
489
490 # If there are missing packages ask confirmation for install, or exit
490 # If there are missing packages ask confirmation for install, or exit
491 if [ -n "$MISSING_PACKAGES" ] ; then
491 if [ -n "$MISSING_PACKAGES" ] ; then
492 echo "the following packages needed by this script are not installed:"
492 echo "the following packages needed by this script are not installed:"
493 echo "$MISSING_PACKAGES"
493 echo "$MISSING_PACKAGES"
494
494
495 printf "\ndo you want to install the missing packages right now? [y/n] "
495 printf "\ndo you want to install the missing packages right now? [y/n] "
496 read -r confirm
496 read -r confirm
497 [ "$confirm" != "y" ] && exit 1
497 [ "$confirm" != "y" ] && exit 1
498
498
499 # Make sure all missing required packages are installed
499 # Make sure all missing required packages are installed
500 apt-get update && apt-get -qq -y install `echo "${MISSING_PACKAGES}" | sed "s/ //"`
500 apt-get update && apt-get -qq -y install `echo "${MISSING_PACKAGES}" | sed "s/ //"`
501 fi
501 fi
502
502
503 # Check if ./bootstrap.d directory exists
503 # Check if ./bootstrap.d directory exists
504 if [ ! -d "./bootstrap.d/" ] ; then
504 if [ ! -d "./bootstrap.d/" ] ; then
505 echo "error: './bootstrap.d' required directory not found!"
505 echo "error: './bootstrap.d' required directory not found!"
506 exit 1
506 exit 1
507 fi
507 fi
508
508
509 # Check if ./files directory exists
509 # Check if ./files directory exists
510 if [ ! -d "./files/" ] ; then
510 if [ ! -d "./files/" ] ; then
511 echo "error: './files' required directory not found!"
511 echo "error: './files' required directory not found!"
512 exit 1
512 exit 1
513 fi
513 fi
514
514
515 # Check if specified KERNELSRC_DIR directory exists
515 # Check if specified KERNELSRC_DIR directory exists
516 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
516 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
517 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
517 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
518 exit 1
518 exit 1
519 fi
519 fi
520
520
521 # Check if specified UBOOTSRC_DIR directory exists
521 # Check if specified UBOOTSRC_DIR directory exists
522 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
522 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
523 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
523 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
524 exit 1
524 exit 1
525 fi
525 fi
526
526
527 # Check if specified VIDEOCORESRC_DIR directory exists
527 # Check if specified VIDEOCORESRC_DIR directory exists
528 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
528 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
529 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
529 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
530 exit 1
530 exit 1
531 fi
531 fi
532
532
533 # Check if specified FBTURBOSRC_DIR directory exists
533 # Check if specified FBTURBOSRC_DIR directory exists
534 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
534 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
535 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
535 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
536 exit 1
536 exit 1
537 fi
537 fi
538
538
539 # Check if specified NEXMONSRC_DIR directory exists
539 # Check if specified NEXMONSRC_DIR directory exists
540 if [ -n "$NEXMONSRC_DIR" ] && [ ! -d "$NEXMONSRC_DIR" ] ; then
540 if [ -n "$NEXMONSRC_DIR" ] && [ ! -d "$NEXMONSRC_DIR" ] ; then
541 echo "error: '${NEXMONSRC_DIR}' specified directory not found (NEXMONSRC_DIR)!"
541 echo "error: '${NEXMONSRC_DIR}' specified directory not found (NEXMONSRC_DIR)!"
542 exit 1
542 exit 1
543 fi
543 fi
544
544
545 # Check if specified CHROOT_SCRIPTS directory exists
545 # Check if specified CHROOT_SCRIPTS directory exists
546 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
546 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
547 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
547 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
548 exit 1
548 exit 1
549 fi
549 fi
550
550
551 # Check if specified device mapping already exists (will be used by cryptsetup)
551 # Check if specified device mapping already exists (will be used by cryptsetup)
552 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
552 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
553 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
553 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
554 exit 1
554 exit 1
555 fi
555 fi
556
556
557 # Don't clobber an old build
557 # Don't clobber an old build
558 if [ -e "$BUILDDIR" ] ; then
558 if [ -e "$BUILDDIR" ] ; then
559 echo "error: directory ${BUILDDIR} already exists, not proceeding"
559 echo "error: directory ${BUILDDIR} already exists, not proceeding"
560 exit 1
560 exit 1
561 fi
561 fi
562
562
563 # Setup chroot directory
563 # Setup chroot directory
564 mkdir -p "${R}"
564 mkdir -p "${R}"
565
565
566 # Check if build directory has enough of free disk space >512MB
566 # Check if build directory has enough of free disk space >512MB
567 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
567 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
568 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
568 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
569 exit 1
569 exit 1
570 fi
570 fi
571
571
572 set -x
572 set -x
573
573
574 # Call "cleanup" function on various signals and errors
574 # Call "cleanup" function on various signals and errors
575 trap cleanup 0 1 2 3 6
575 trap cleanup 0 1 2 3 6
576
576
577 # Add required packages for the minbase installation
577 # Add required packages for the minbase installation
578 if [ "$ENABLE_MINBASE" = true ] ; then
578 if [ "$ENABLE_MINBASE" = true ] ; then
579 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
579 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
580 fi
580 fi
581
581
582 # Add parted package, required to get partprobe utility
582 # Add parted package, required to get partprobe utility
583 if [ "$EXPANDROOT" = true ] ; then
583 if [ "$EXPANDROOT" = true ] ; then
584 APT_INCLUDES="${APT_INCLUDES},parted"
584 APT_INCLUDES="${APT_INCLUDES},parted"
585 fi
585 fi
586
586
587 # Add dphys-swapfile package, required to enable swap
587 # Add dphys-swapfile package, required to enable swap
588 if [ "$ENABLE_DPHYSSWAP" = true ] ; then
588 if [ "$ENABLE_DPHYSSWAP" = true ] ; then
589 APT_INCLUDES="${APT_INCLUDES},dphys-swapfile"
589 APT_INCLUDES="${APT_INCLUDES},dphys-swapfile"
590 fi
590 fi
591
591
592 # Add dbus package, recommended if using systemd
592 # Add dbus package, recommended if using systemd
593 if [ "$ENABLE_DBUS" = true ] ; then
593 if [ "$ENABLE_DBUS" = true ] ; then
594 APT_INCLUDES="${APT_INCLUDES},dbus"
594 APT_INCLUDES="${APT_INCLUDES},dbus"
595 fi
595 fi
596
596
597 # Add iptables IPv4/IPv6 package
597 # Add iptables IPv4/IPv6 package
598 if [ "$ENABLE_IPTABLES" = true ] ; then
598 if [ "$ENABLE_IPTABLES" = true ] ; then
599 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
599 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
600 fi
600 fi
601 # Add apparmor for KERNEL_SECURITY
601 # Add apparmor for KERNEL_SECURITY
602 if [ "$KERNEL_SECURITY" = true ] ; then
602 if [ "$KERNEL_SECURITY" = true ] ; then
603 APT_INCLUDES="${APT_INCLUDES},apparmor,apparmor-utils,apparmor-profiles,apparmor-profiles-extra,libapparmor-perl"
603 APT_INCLUDES="${APT_INCLUDES},apparmor,apparmor-utils,apparmor-profiles,apparmor-profiles-extra,libapparmor-perl"
604 fi
604 fi
605
605
606 # Add openssh server package
606 # Add openssh server package
607 if [ "$ENABLE_SSHD" = true ] ; then
607 if [ "$ENABLE_SSHD" = true ] ; then
608 APT_INCLUDES="${APT_INCLUDES},openssh-server"
608 APT_INCLUDES="${APT_INCLUDES},openssh-server"
609 fi
609 fi
610
610
611 # Add alsa-utils package
611 # Add alsa-utils package
612 if [ "$ENABLE_SOUND" = true ] ; then
612 if [ "$ENABLE_SOUND" = true ] ; then
613 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
613 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
614 fi
614 fi
615
615
616 # Add rng-tools package
616 # Add rng-tools package
617 if [ "$ENABLE_HWRANDOM" = true ] ; then
617 if [ "$ENABLE_HWRANDOM" = true ] ; then
618 APT_INCLUDES="${APT_INCLUDES},rng-tools"
618 APT_INCLUDES="${APT_INCLUDES},rng-tools"
619 fi
619 fi
620
620
621 # Add fbturbo video driver
621 # Add fbturbo video driver
622 if [ "$ENABLE_FBTURBO" = true ] ; then
622 if [ "$ENABLE_FBTURBO" = true ] ; then
623 # Enable xorg package dependencies
623 # Enable xorg package dependencies
624 ENABLE_XORG=true
624 ENABLE_XORG=true
625 fi
625 fi
626
626
627 # Add user defined window manager package
627 # Add user defined window manager package
628 if [ -n "$ENABLE_WM" ] ; then
628 if [ -n "$ENABLE_WM" ] ; then
629 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
629 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
630
630
631 # Enable xorg package dependencies
631 # Enable xorg package dependencies
632 ENABLE_XORG=true
632 ENABLE_XORG=true
633 fi
633 fi
634
634
635 # Add xorg package
635 # Add xorg package
636 if [ "$ENABLE_XORG" = true ] ; then
636 if [ "$ENABLE_XORG" = true ] ; then
637 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
637 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
638 fi
638 fi
639
639
640 # Replace selected packages with smaller clones
640 # Replace selected packages with smaller clones
641 if [ "$ENABLE_REDUCE" = true ] ; then
641 if [ "$ENABLE_REDUCE" = true ] ; then
642 # Add levee package instead of vim-tiny
642 # Add levee package instead of vim-tiny
643 if [ "$REDUCE_VIM" = true ] ; then
643 if [ "$REDUCE_VIM" = true ] ; then
644 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
644 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
645 fi
645 fi
646
646
647 # Add dropbear package instead of openssh-server
647 # Add dropbear package instead of openssh-server
648 if [ "$REDUCE_SSHD" = true ] ; then
648 if [ "$REDUCE_SSHD" = true ] ; then
649 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
649 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
650 fi
650 fi
651 fi
651 fi
652
652
653 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
653 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
654 if [ "$ENABLE_SYSVINIT" = false ] ; then
654 if [ "$ENABLE_SYSVINIT" = false ] ; then
655 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
655 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
656 fi
656 fi
657
657
658 # Configure kernel sources if no KERNELSRC_DIR
658 # Configure kernel sources if no KERNELSRC_DIR
659 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
659 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
660 KERNELSRC_CONFIG=true
660 KERNELSRC_CONFIG=true
661 fi
661 fi
662
662
663 # Configure reduced kernel
663 # Configure reduced kernel
664 if [ "$KERNEL_REDUCE" = true ] ; then
664 if [ "$KERNEL_REDUCE" = true ] ; then
665 KERNELSRC_CONFIG=false
665 KERNELSRC_CONFIG=false
666 fi
666 fi
667
667
668 # Configure qemu compatible kernel
668 # Configure qemu compatible kernel
669 if [ "$ENABLE_QEMU" = true ] ; then
669 if [ "$ENABLE_QEMU" = true ] ; then
670 DTB_FILE=vexpress-v2p-ca15_a7.dtb
670 DTB_FILE=vexpress-v2p-ca15_a7.dtb
671 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
671 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
672 KERNEL_DEFCONFIG="vexpress_defconfig"
672 KERNEL_DEFCONFIG="vexpress_defconfig"
673 if [ "$KERNEL_MENUCONFIG" = false ] ; then
673 if [ "$KERNEL_MENUCONFIG" = false ] ; then
674 KERNEL_OLDDEFCONFIG=true
674 KERNEL_OLDDEFCONFIG=true
675 fi
675 fi
676 fi
676 fi
677
677
678 # Execute bootstrap scripts
678 # Execute bootstrap scripts
679 for SCRIPT in bootstrap.d/*.sh; do
679 for SCRIPT in bootstrap.d/*.sh; do
680 head -n 3 "$SCRIPT"
680 head -n 3 "$SCRIPT"
681 . "$SCRIPT"
681 . "$SCRIPT"
682 done
682 done
683
683
684 ## Execute custom bootstrap scripts
684 ## Execute custom bootstrap scripts
685 if [ -d "custom.d" ] ; then
685 if [ -d "custom.d" ] ; then
686 for SCRIPT in custom.d/*.sh; do
686 for SCRIPT in custom.d/*.sh; do
687 . "$SCRIPT"
687 . "$SCRIPT"
688 done
688 done
689 fi
689 fi
690
690
691 # Execute custom scripts inside the chroot
691 # Execute custom scripts inside the chroot
692 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
692 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
693 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
693 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
694 chroot_exec /bin/bash -x <<'EOF'
694 chroot_exec /bin/bash -x <<'EOF'
695 for SCRIPT in /chroot_scripts/* ; do
695 for SCRIPT in /chroot_scripts/* ; do
696 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
696 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
697 $SCRIPT
697 $SCRIPT
698 fi
698 fi
699 done
699 done
700 EOF
700 EOF
701 rm -rf "${R}/chroot_scripts"
701 rm -rf "${R}/chroot_scripts"
702 fi
702 fi
703
703
704 # Remove c/c++ build environment from the chroot
704 # Remove c/c++ build environment from the chroot
705 chroot_remove_cc
705 chroot_remove_cc
706
706
707 # Generate required machine-id
707 # Generate required machine-id
708 MACHINE_ID=$(dbus-uuidgen)
708 MACHINE_ID=$(dbus-uuidgen)
709 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
709 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
710 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
710 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
711
711
712 # APT Cleanup
712 # APT Cleanup
713 chroot_exec apt-get -y clean
713 chroot_exec apt-get -y clean
714 chroot_exec apt-get -y autoclean
714 chroot_exec apt-get -y autoclean
715 chroot_exec apt-get -y autoremove
715 chroot_exec apt-get -y autoremove
716
716
717 # Unmount mounted filesystems
717 # Unmount mounted filesystems
718 umount -l "${R}/proc"
718 umount -l "${R}/proc"
719 umount -l "${R}/sys"
719 umount -l "${R}/sys"
720
720
721 # Clean up directories
721 # Clean up directories
722 rm -rf "${R}/run/*"
722 rm -rf "${R}/run/*"
723 rm -rf "${R}/tmp/*"
723 rm -rf "${R}/tmp/*"
724
724
725 # Clean up APT proxy settings
725 # Clean up APT proxy settings
726 if [ "$KEEP_APT_PROXY" = false ] ; then
726 if [ "$KEEP_APT_PROXY" = false ] ; then
727 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
727 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
728 fi
728 fi
729
729
730 # Clean up files
730 # Clean up files
731 rm -f "${ETC_DIR}/ssh/ssh_host_*"
731 rm -f "${ETC_DIR}/ssh/ssh_host_*"
732 rm -f "${ETC_DIR}/dropbear/dropbear_*"
732 rm -f "${ETC_DIR}/dropbear/dropbear_*"
733 rm -f "${ETC_DIR}/apt/sources.list.save"
733 rm -f "${ETC_DIR}/apt/sources.list.save"
734 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
734 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
735 rm -f "${ETC_DIR}/*-"
735 rm -f "${ETC_DIR}/*-"
736 rm -f "${ETC_DIR}/resolv.conf"
736 rm -f "${ETC_DIR}/resolv.conf"
737 rm -f "${R}/root/.bash_history"
737 rm -f "${R}/root/.bash_history"
738 rm -f "${R}/var/lib/urandom/random-seed"
738 rm -f "${R}/var/lib/urandom/random-seed"
739 rm -f "${R}/initrd.img"
739 rm -f "${R}/initrd.img"
740 rm -f "${R}/vmlinuz"
740 rm -f "${R}/vmlinuz"
741 rm -f "${R}${QEMU_BINARY}"
741 rm -f "${R}${QEMU_BINARY}"
742
742
743 if [ "$ENABLE_QEMU" = true ] ; then
743 if [ "$ENABLE_QEMU" = true ] ; then
744 # Setup QEMU directory
744 # Setup QEMU directory
745 mkdir "${BASEDIR}/qemu"
745 mkdir "${BASEDIR}/qemu"
746
746
747 # Copy kernel image to QEMU directory
747 # Copy kernel image to QEMU directory
748 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
748 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
749
749
750 # Copy kernel config to QEMU directory
750 # Copy kernel config to QEMU directory
751 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
751 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
752
752
753 # Copy kernel dtbs to QEMU directory
753 # Copy kernel dtbs to QEMU directory
754 for dtb in "${BOOT_DIR}/"*.dtb ; do
754 for dtb in "${BOOT_DIR}/"*.dtb ; do
755 if [ -f "${dtb}" ] ; then
755 if [ -f "${dtb}" ] ; then
756 install_readonly "${dtb}" "${BASEDIR}/qemu/"
756 install_readonly "${dtb}" "${BASEDIR}/qemu/"
757 fi
757 fi
758 done
758 done
759
759
760 # Copy kernel overlays to QEMU directory
760 # Copy kernel overlays to QEMU directory
761 if [ -d "${BOOT_DIR}/overlays" ] ; then
761 if [ -d "${BOOT_DIR}/overlays" ] ; then
762 # Setup overlays dtbs directory
762 # Setup overlays dtbs directory
763 mkdir "${BASEDIR}/qemu/overlays"
763 mkdir "${BASEDIR}/qemu/overlays"
764
764
765 for dtb in "${BOOT_DIR}/overlays/"*.dtbo ; do
765 for dtb in "${BOOT_DIR}/overlays/"*.dtbo ; do
766 if [ -f "${dtb}" ] ; then
766 if [ -f "${dtb}" ] ; then
767 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
767 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
768 fi
768 fi
769 done
769 done
770 fi
770 fi
771
771
772 # Copy u-boot files to QEMU directory
772 # Copy u-boot files to QEMU directory
773 if [ "$ENABLE_UBOOT" = true ] ; then
773 if [ "$ENABLE_UBOOT" = true ] ; then
774 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
774 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
775 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
775 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
776 fi
776 fi
777 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
777 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
778 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
778 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
779 fi
779 fi
780 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
780 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
781 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
781 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
782 fi
782 fi
783 fi
783 fi
784
784
785 # Copy initramfs to QEMU directory
785 # Copy initramfs to QEMU directory
786 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
786 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
787 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
787 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
788 fi
788 fi
789 fi
789 fi
790
790
791 # Calculate size of the chroot directory in KB
791 # Calculate size of the chroot directory in KB
792 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
792 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
793
793
794 # Calculate the amount of needed 512 Byte sectors
794 # Calculate the amount of needed 512 Byte sectors
795 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
795 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
796 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
796 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
797 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
797 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
798
798
799 # The root partition is EXT4
799 # The root partition is EXT4
800 # This means more space than the actual used space of the chroot is used.
800 # This means more space than the actual used space of the chroot is used.
801 # As overhead for journaling and reserved blocks 35% are added.
801 # As overhead for journaling and reserved blocks 35% are added.
802 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
802 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
803
803
804 # Calculate required image size in 512 Byte sectors
804 # Calculate required image size in 512 Byte sectors
805 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
805 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
806
806
807 # Prepare image file
807 # Prepare image file
808 if [ "$ENABLE_SPLITFS" = true ] ; then
808 if [ "$ENABLE_SPLITFS" = true ] ; then
809 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
809 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
810 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
810 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
811 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
811 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
812 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
812 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
813
813
814 # Write firmware/boot partition tables
814 # Write firmware/boot partition tables
815 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
815 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
816 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
816 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
817 EOM
817 EOM
818
818
819 # Write root partition table
819 # Write root partition table
820 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
820 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
821 ${TABLE_SECTORS},${ROOT_SECTORS},83
821 ${TABLE_SECTORS},${ROOT_SECTORS},83
822 EOM
822 EOM
823
823
824 # Setup temporary loop devices
824 # Setup temporary loop devices
825 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
825 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
826 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
826 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
827 else # ENABLE_SPLITFS=false
827 else # ENABLE_SPLITFS=false
828 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
828 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
829 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
829 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
830
830
831 # Write partition table
831 # Write partition table
832 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
832 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
833 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
833 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
834 ${ROOT_OFFSET},${ROOT_SECTORS},83
834 ${ROOT_OFFSET},${ROOT_SECTORS},83
835 EOM
835 EOM
836
836
837 # Setup temporary loop devices
837 # Setup temporary loop devices
838 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
838 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
839 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
839 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
840 fi
840 fi
841
841
842 if [ "$ENABLE_CRYPTFS" = true ] ; then
842 if [ "$ENABLE_CRYPTFS" = true ] ; then
843 # Create dummy ext4 fs
843 # Create dummy ext4 fs
844 mkfs.ext4 "$ROOT_LOOP"
844 mkfs.ext4 "$ROOT_LOOP"
845
845
846 # Setup password keyfile
846 # Setup password keyfile
847 touch .password
847 touch .password
848 chmod 600 .password
848 chmod 600 .password
849 echo -n ${CRYPTFS_PASSWORD} > .password
849 echo -n ${CRYPTFS_PASSWORD} > .password
850
850
851 # Initialize encrypted partition
851 # Initialize encrypted partition
852 cryptsetup --verbose --debug -q luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -h "${CRYPTFS_HASH}" -s "${CRYPTFS_XTSKEYSIZE}" .password
852 cryptsetup --verbose --debug -q luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -h "${CRYPTFS_HASH}" -s "${CRYPTFS_XTSKEYSIZE}" .password
853
853
854 # Open encrypted partition and setup mapping
854 # Open encrypted partition and setup mapping
855 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
855 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
856
856
857 # Secure delete password keyfile
857 # Secure delete password keyfile
858 shred -zu .password
858 shred -zu .password
859
859
860 # Update temporary loop device
860 # Update temporary loop device
861 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
861 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
862
862
863 # Wipe encrypted partition (encryption cipher is used for randomness)
863 # Wipe encrypted partition (encryption cipher is used for randomness)
864 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
864 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
865 fi
865 fi
866
866
867 # Build filesystems
867 # Build filesystems
868 mkfs.vfat "$FRMW_LOOP"
868 mkfs.vfat "$FRMW_LOOP"
869 mkfs.ext4 "$ROOT_LOOP"
869 mkfs.ext4 "$ROOT_LOOP"
870
870
871 # Mount the temporary loop devices
871 # Mount the temporary loop devices
872 mkdir -p "$BUILDDIR/mount"
872 mkdir -p "$BUILDDIR/mount"
873 mount "$ROOT_LOOP" "$BUILDDIR/mount"
873 mount "$ROOT_LOOP" "$BUILDDIR/mount"
874
874
875 mkdir -p "$BUILDDIR/mount/boot/firmware"
875 mkdir -p "$BUILDDIR/mount/boot/firmware"
876 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
876 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
877
877
878 # Copy all files from the chroot to the loop device mount point directory
878 # Copy all files from the chroot to the loop device mount point directory
879 rsync -a "${R}/" "$BUILDDIR/mount/"
879 rsync -a "${R}/" "$BUILDDIR/mount/"
880
880
881 # Unmount all temporary loop devices and mount points
881 # Unmount all temporary loop devices and mount points
882 cleanup
882 cleanup
883
883
884 # Create block map file(s) of image(s)
884 # Create block map file(s) of image(s)
885 if [ "$ENABLE_SPLITFS" = true ] ; then
885 if [ "$ENABLE_SPLITFS" = true ] ; then
886 # Create block map files for "bmaptool"
886 # Create block map files for "bmaptool"
887 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
887 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
888 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
888 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
889
889
890 # Image was successfully created
890 # Image was successfully created
891 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
891 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
892 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
892 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
893 else
893 else
894 # Create block map file for "bmaptool"
894 # Create block map file for "bmaptool"
895 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
895 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
896
896
897 # Image was successfully created
897 # Image was successfully created
898 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
898 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
899
899
900 # Create qemu qcow2 image
900 # Create qemu qcow2 image
901 if [ "$ENABLE_QEMU" = true ] ; then
901 if [ "$ENABLE_QEMU" = true ] ; then
902 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
902 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
903 QEMU_SIZE=16G
903 QEMU_SIZE=16G
904
904
905 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
905 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
906 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
906 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
907
907
908 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
908 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
909 fi
909 fi
910 fi
910 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant