From aa371a2e0ce597089d3346ac0f4f2c7d7e2d30cf Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Thu, 11 May 2023 15:04:54 +0200
Subject: [PATCH 01/10] limit search depth for apkovl file

---
 headless.apkovl.tar.gz             | Bin 4706 -> 4713 bytes
 overlay/etc/local.d/headless.start |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 5faa7c9a570be9bb9feef0b39ee1967d474bf5b3..cbabc4249389d2a03cd31e9a3469a9b55b26105c 100644
GIT binary patch
delta 4134
zcmV+>5ZUkIB<Uo7ABzY80000000ZngceA5*lKyx26xg2iuFbwj4l1u*hY%nX5CS9w
zd#)*R4k8MC{_ck~GhWA?3*))ls_Clt0Cm&dzs^6vZ(aD4KNyf1Xp(#!XZYpuagGug
zg`p@;QP?L4ir_f*2}u6Yirt}WTDu0pPwKL4{~6u8@c*KJ;LrYl_WZ!^vi6lTuklsm
z*M02z&HIyacQ8c|{|)~W6peoZBJWRy--nO>hnpt)Lu<ez|LJ$-KThB{j$#Nk`yWLy
z@?-vg2zcxN`R`R!Htnmrv0tVB_*`|)`;zgF{6`U*`i1|=`{85$e*l>M{xrKBWM^37
z@?>-9=wkel{|5o*vj+i_0W$;M<Nx36tcnZ&De`SE^P2|vzmDFI@V|v$)qmf^ND^J#
zd%*jW@u>g5uKPdse+tKcQIpLAKL{<{`v$uo?*Ee%13rJJT>qy`fxFUN-epU79|++s
zIn`3!Da9e-(?NFE)dG?aZ5U2*+Y=rkpsVyCGLAB=yl`;}oXd^hL>L52N)<O;qX?~l
zOe7bt$QyCjPgrky2Ul6sxDB>JW;-LwOhav~i#)N%Z@vK@rsd_;@0<OD`2U~f|NEK&
z-?jgn)BS&!^B;i{AM^i1z<vIE<MPK0$i1EcGixQGvd)wD-z4F;ga5Z;|KptSuLZxi
z|9hV@-qHU_gv5T?{|SWtnExLF{=ojf%pU#Udvt2I0OaU_8s?ktgeK1pr)01zQ|5?+
zJPIRZ7T$m}k;Ck)mfWV*O=LBhyAfuc(x@jvydQt0fM6MtbSlLa$rs4zq+udj5`Gx^
zqlyMYG4C}c<EE|3Rcu<kwYQM4OfS1OZ0mkH6gw8qRA>qS*Mvs2cFzvoWxIVA$nIgS
zA=)kuS<W2S`!rpmQy6v-?oiY%3nO97G@V|^(o{}uoP-V6?;RkeOly&KJnt@+W)Q`Y
zIS_xR%Qb3KTHD+-&n!KOjFeHOy5nW-tQ=z3-(+GJ=L=0vlT@5qtsH?>M&WTiaD`n#
z3Lc&`hlV1WtrWs4uWK!{qk^(_;VIGeOgX7H)KrwV^UUnBvLy;@>dbP22q3SX!;Y8b
zzKr%Y?syDrL_C8SSc-bX=@u5%E!po;p=E!H%D@&45+{2IyA*|kpD1zMoNGzA+<>5%
zXm8cEN6lL=PY}ZDIqbV9b$3&^3ukqNy-vBlKG=;KRL7jTlpI%v-4W)F7@3x6we9f*
z4(!ORmqiKFDaMlJy<zV+23HBD(_*(>u*AlZDQSK|-^Zm`R!#%7*3rEZ{rp)3a1Vbr
zamnrli4m{H>e#IkH=1{@8{Cy)$$&Y`@wIB}sv(~o8(-X#hs8xxqIE$ojdRQi+hqu;
zz-F<}NlCipnmjc-g!eAY2ALyBXig!;61k{~y68#UjWE*Y&Ze2E8V7|u1r3gi%3LLI
z!GLI>(x%O2x~w9k<zu2`*?b>On+<>KxrDUqTMX(N%al~NI;9Y-YkO)>n<cSh>q#UJ
zxfobZv|KB|(O45^pYIQXK$VVlKw|e)7~8dWFm)#N>r}X50|s$4qx&3D^{2#=$Yn#H
zuKSSmTjI*F6?O%JWI+gg4#A~AY;{Pqw-Hhqr3K|0AxLv=)luH{jMYRtg|UA*4_JI?
z>n&**IN{rcG3>KJ-%5bKU0`^iprxwFLR-lfSJ;~y$~C8ztUAGlI=8(eOXZ}r8A)Ob
z^bj@i*&df?=0Y+Mex&OYUjXWGR$7)Pd%O^MjnRi}$em7%NVcY?yyh>|Y10c78(yVd
zstl>zSzFoG>ILkLkmXEjET?}^4~V+13wgqw!>ekDwAX0(;5ALZJ=_%kQB(GFeR+fh
zYk0Upq`{i#uv3aLt30sX+hsww5HMahwz#mjkZ+CR$l()b@u&VQU#18Zwbgbh$fMXB
zCdGEClBkVG#7RDdBqt^!QbxD5yfShF&^g}bV&UFalaJEA5b!r7Id*@YY<dzphUpUT
zSW3Z~3kh4KUu1%8Q<>v71$n5hG=*&W$&Mo6z$lAxoYMUkx%7xMAi`mn*V>j9P!uhd
zR+9L(U+&4>aB%gta@{e+h%wiAVv;2xc~EK|y=Vd$ypW3gyepXtdUbR^u_h(IaMbCf
z#9WSy#4$NqyF|x^-EDt;xkv>fD#|{N14BS=LAr<$|AcD*%y)#tu7`TB?1upzaDIg>
zt+Osr%C^O?UcA#<>0IrV5cU-6*x@^}i~3NztZ?2d;OOXVLrVj0MQR+OgDztef@MS*
zcjB%KRlyn<RWik-wicv|uE#~vP0MP%m!-L;T_#Ipxd;j_Lfn6A4Rr-XIif6nSn<nd
zx5`hu%ZN6X10M$)4kjy^ED2rKA${tRW9XZKMXxp&4C=FFwW=UI3^eN=6hM#qxpA%n
z)Wm3h$xDc>#fU_#Zjw7r#a72sZ%rzM?F8;kRRZoha?TlZ;Hc;+iV{S0atT=mR<wA5
zu!1V#dSblY;*@_tYaDZNt;BkMuZ!A3Tb;#qPon1W+9M)CUF~(rC`@BrizPmq#vx8U
zU~{q@$hbKgiP4x`iIVM8ZrNGoN<U<A*Y2WxqsJYx+?}J4Bl28DLfubGJyfMKw-$?J
z&9pwiDoCGuqFIpy?9l7QwPcC&5{~rV4q1j;dK>n(tHOVSo9)xCd^FhOYSFLtqp^(^
zbuAD2Iwt^8D~>_P<8^a(mN|DgpJW-`!$%)#O{s=%kO5UQA89X1%5p(t7v4vS9l7Jx
zuss?P#9lTDNdUBCUjmZ7Nm5=;^mXuk{GiFC+)b-E$j@tZF!9D}Op#_#3Pr}~BpoLD
zw1hW{s&{`R<j9PPSp$WT(F<slS=fw9=|r-9;~ft>N~PC~e<3}1L+Y}*w)KPK1jA0p
zSSGcc<8`y=?*oNL#jJd*09a;Cc8BfjnoYBQ93jZ+CsB~qVJ*A&C)jh>*mL$l?NVDU
zvY4!D*vSZi6vG87PNl(I5*P<U6`h1}!7q}O&#!-`f1#aYL*mz^56Li<SN)=zI6fkM
z$2$jAWm<ED`crB(>OPDX;cdOC3S|$hJ$S0(!JaC;SRYs0(!7=pIW!Eb7t_G#WaF-=
zT!oqhRgVRqr!0$MLroZ5Zb+<gU0p0Dk$`H0ZzMLnNc4$fYIvj06OFc@_4BpaQVXoL
z*8wKItW?wP`Eb!RdvB*O@@332W=%S3H4jFVaKeG($Zw7X72q5AK9gw+GD;8_fg>n|
z5cl`L6oGzx|N9}}r~ZHYxaRq8lJ~gScle(oar8(369{_W|C8v)?>{~WeEuoy#0A_$
z0C472O*+Wme1<$zp8>$<ljI9Jf48vb_wd`huy4OW0bnKz{Th5~TJYuf$mgGb1^)nk
z#y%b%g1flrZs6OP1n=J_HEnHIVE^)srl2!|x$WjvJgb|hv$7!E<`w)rlg$e%`>e9t
z=$n^+0fTr}9nR<V*x*xc-#ou+BM<|h+OhIM4}7{4f`9%Be*Wsu^F`gwfAXKoH|PL-
zD(u_`zk0T-bY}WI2h4LgflrTh%~BuO?|%UQ{cG?)9twj`DEK8XoA7f`^V_ZhWxpND
zItAmR_3L?u;x|AXfPV*{0`Rk!-@j4x2Y9ILS4~${S?t<H`#jq!_ze8+Yp{*{0(kM8
z#xmj{2AhYFpzP*Ve)<{ke`3}Xv^@{}IX~cqTfJKxe6I*U$NUx{;Af5hZk_J2@S|Qq
z4BVIfDfkOL{$Z6j;)~bj`U&E#4L-l~1>bzH_7ii0GvB+crt;lcy6@d%<45%D|2gE!
z;t@o1G?%p<{+{x3`BS!!8(%No_x=hxU7UGyNdJZg&(F`Z<%6=Ge{uc%JNWW1Sp&k&
z*uZXPH_d%fUji?@5_s{#wHtpHITQZrPk%?A7T<mK!+gh#m{t1nez=pg;NSlC#2*Ck
z+i!o*Dz8cHZqCM+Gqcy1@ngj=Uu)stQ?aZZ+f9Mj=$Yf|ldr$NAN@9Z?-ISpt$thD
zklDo>agX5tF9sX<e;xS67vP6buxp(6ZjQOZw6Xgd2hK2OW__<{DDq5T&&V?dW5hqO
zq22m}J^qMAf1>EGHG8et%&yG(*LnFMxmTq7cbs!{V+iw1(a#u${b&2uwwpE(M4$0j
zY}2ZDC;>tmOL=IURIS=ds8!x7MaCYCRpWKnHiW<LnY969f9#M*1c}BYp%CwFc4qd>
z*<Hh*>f$zkN{vF1Wpm&Lq*pN6V=0cVB3=d~>HBiV-+~Q<Gmi|`w90Z>KZTp3qs5f?
zE`rrG7GFg3bD_j=6@{YtR~&IzRYC`c&i#W;+0E=l*aC_QO^%FQc{U_lAuY=Re@v4Q
zXrtzW_f(n9e_t|};1uZvZ-H7O1U#Sz=M}e`kw}0Jk;IgT08SrR_J`&=<yuqeIl`rY
z6haDk2K#DA<IEgcQxdTU!=RT%%hmY04@;4l$SDc{P@F3<4kPPa%w+HaosmXIa<nEM
zr*9FGnpgp0=4>6$6+R*qlL%-ANQHf8p6_dT=H{7le}u^_vXBfZh?rnZrl}9s?welc
zbN0KIVIVo=YdP21uw@ThQhBaXvQ!K8jK+tAHN-m9hWi27lMYiA1a)J88G7;MB#h^S
z%oUNC^Xg7Ze!|4x*<0zuFHrj%OqSQX?D~95&FrGhNLTh^)~qk6IP1RgpmMgkIz~fJ
z+wmf6f9Mkr0FRt&z4bV`xYc815es(@cr|hU0$Bo;3!!7v_Q?v8kc;^%h#yEDVh62!
z4zCb-1*tSj1CZhviy$)A0V+55wLTjw>RFzNKXFBL*i6DSxfbGQEeI;yzGzakVu{^2
zTpjY4;ktZKWKn7&nyM5|bXjGpSd=XRZ24p&f1L#A*Yu_3Kp*!S;YljP^IWA+$sui4
zuwfwwYffvM5%H9ttXh}v@qqVbJTwWcIHtfMrxlHJ478DX9vm9`x!am(udh8r>&=H^
zb5kIm8;$aKC}|$q$_oLdRub6b6xE=qV7lWfO*<LH#Ng|N`2CETF(<I{-Y)<J;tAJD
zf7jy}_7-n$s^eF)|H{%sIW8+i)`N_p_y1ep|Ih#aqtorz@Bi;bZb6ovjiC>D`ql4$
zb&k6mzyIl-)aO6@kf%)1m?%oU&6O$^SHC_sFF6W$^Ws{Li$4evTCz<h2?LM!xt?b7
zGGtB_i7a@y;F>o%=VY1vp4l0h^xix^e>2Z|LNgy-HtL)GQ`07M*fs68N!Fnt=Km!n
z^ke5^+#mnD$GvWi|ND?F^m8X;Y{mc1X~F*|y>9*f|6XJV_>V69ND4)N6Hj3;=)`hL
z%D3j{&dlxzFIo+eVDD*<+*W)O3v`n0-|(Mda9tw{y@O%ThcEj0FbRB`k{><LSPk&q
z?tj<$|4DuSyBAsae|BuJ<2bm#|GP{VYX9#+%KfiTi*`0f%KuL9?*C4^&HS&UPp-Vc
ki@{2EtI|pyx&LdarIuQ1sil@$YI$7p4?D04JOEGt07#NR(EtDd

delta 4126
zcmV+(5aI9XB;q80ABzY80000000Zng`O}+LlKD0K6(sRwCSksh`%q<)T7&?h10g^{
zFq?95--kE_+5GQ|WGCY!&Ug>UyHn+^LJ!nUcfUU01N_#7Kly_JnSmzB$2h~U$HzHJ
zU=)U;I7MNfASi<4*e4+QM=N%Ru4(NW1V5?Evi)at@529oi-JG<|Jm~cyUW^_&OFDL
zjbHb%>o@OD#@)dbLHsxTPf#@e35dKu6@DK+`X6qZ=nt&{kNl_KmH#+_<2Z^T)a-v0
z#mJBO{~_Qf|If$EsBGGobz{Fw{qec#ocAT;9r=$UH1#Y0llS3c{(k_N{r)t&9Asx$
z;__s3=;&gR{Rjc?vjzc^0W%BU<Nx36tcnZ&De`SE^P2|vzmDFI@V|xM)PLW@ND^J#
zd%*jW@u>g5t@}Use+tKcRg=sDKL{td_YHPG+<%i313rIEuK!b}z+GuB@3N)44}|cR
zoN6iVl;V)^=^(r7Y5~cIHVmh@?Fo+%&{cX68AlmbUbr{~&gI5$A`Aj1rHUJ_QG`}N
zCX$O+<c+xNC#*NUgR87*+y>hqvz-xTrlB_0MV{E>x8DK})AI7__s#x6{QuAL|9!0i
z-?jgn)BS(f>pub|KIZ?2fcyIIwaXuCK<?EVFtb(?D(gIX|4$O$9{g{M{g3N}e=YdE
z{onhP@s9paA|&?f{!bwE$Nc{g@CWw)W%lU*-lJ2y1t3Qc)G*(CCp39>I3<H!nKDNl
z<WU$Qv+xF-i5zBUwd6LfZX&D6+>J2nltw)X;{AUh1q92Gq*E!bNWMTuCk+$PlJLXO
zA5}CMig~Xo88>ZJu42>Tt-XbWWqR4QVO#gpq1dr-rb1HyxF$5BwR?8xF5B(1Kz0vn
z4bgUS$a3bm-lypjox-q#aEGF9Sr`dprs?!TmZoxQ<0Ndje(wM&Wm=1@<9T<nG=nIH
z%z=M6U9M4^(%R;xd1mQJWTcEL)g3QuXXOyP{w5Q<IA3UTnxx{?YUK#5G769Dfh+6^
zQt<GkIW!c}Y^4xZd0lIn9Tk+d3r~rzXUa*vp{Am=oo8m3l`T<NQ)iYFL;!j99Co}c
z_hq!NamQm|BjOpvz*5v3PPeeAZpnU+3N3$AR0g(akT}^x*rg~O{6vZ4=3Gm{<pu=B
zM0=~QJ!;;1d4dpD&tcy^sk@uPT{x>F>~+fZ^}%k`pgQKvrR2CW?2a&Z#K^Qnt8I@j
za9~Gfy(~(YPBE4&?+tsuF}O-Foff<8f+aSNOiA+#`o3I>W#u$LYaQJy(J!Ax0QY}j
z6PN5>kQni5td89(aie+Xy1`u;mJFD~9AB%pt{U>mvGK(%d01RDC0ZBc(m2PQuw90b
z3TzhpoRp+nuE|rgLwN7PY>+vEgys}dERl<<sEeMo-3TLX?rfTws&P=rQ_$eJsLWLY
z7Yv97Ds9?arpqcqT0SO9md*FkwAp{Ko=Zr(zQv%fu}n#It5XWWy0)kGv{@26ww^@t
zkc)xkM9Z}T9E~+$_WAxG2vq4<2PAe+g|S_02UBNKzfOf4Hee7(GrG?aRewq>iCi}H
z>ADX|za_2=TVYoqNEU>^=MY@_!&ZkxdmAB@QCd*05rQ<=RvqPC&sa^gQy71n^MJ*N
zw%(G4ffK%67{fjr^sNNw+XaRP3R<d)EVPw;afQ9Pp<HuX$*L1<sB_ypvQ$n=n~@~8
zKo3z9pY3sZW-cTH;YYeY@dcm`XQgF%vd0U7*BE`shTQ4Ih-7PO%4_~Yoi@EdvEfzP
zrOJ@Xowb#1tzN+12wBdg#&UlO^?<1Bx{xQ_IlQWdNPCTj4_?#s+rv%qA2nq^*Oy0F
zu!e^lL>jD#4m+h7v&sY8y<HY`3jyPGV~Y!W3;EV4jvPL57Jur`@@0xpQCn@7f;@`7
zVNz_DDv8>7M4aSPNOEE#B4u<-%PS){0G;D)E*9=>HTfv*3ju#al4F0@$)+cvW0)@S
zj-?c=xsb3$`b8$lHkCPUQ;>)1N>j*|pX?|C4vexG$0^-!kxP$A10o!Dd97_(0Y%YL
zX(fqo`{kb84F^|WE7u)Ej2Lr`Cni}Ek_V;c(TgU4!3(L#&%2VjpjSut6KhiP3rC$!
zO3dZRNF0-+wM%qt*xi5Dmy1*&qN42MI4}g{7Nm<9@lUu0z<ftI?0Ts8%6=Ho0q0l9
z(mLw`rEFXL>cu;)mCn^(31Ls6jvc-uyQmMf%L?bc0*;Q(HncS0R;0!eI_NSsAy`I~
zaVPG&P!+6!Q6*DMYHLBd=z3fv-L$OMds&)m+GVmtmW!a^BE)~a)=*bKlq1UGhZVnU
zcB}lfyNqaKIq-3?;b5|o$&%1z9nz;BIflL&SoCUh!Js}%R;voa!$7m{K>_rrpBv{Y
zKuwJ1m%N17T8v1<>L$74RBUxD_12_9*iPWyR3+f9Bj=nk2abxKq9{Q`Czp_AU`2};
z2rH-(t|!LZElz(4w8k+P*GjDC_qwPpwAEQ$_atf_uRS6X)YV>>jKVb5wOHb#X&mCz
z12!kifsC7@kr<81l_=Rh<(8dQuJl6|ckM39H+tM5%iTE&IU>(hB-H)1)I(J&b8E3k
z)=cXItb+8pCz=&Wzz)4$TuYWXFX2e<?T}@trMF>kyDEP?xY<7K%147et`_}TKN{O;
zQP=XIuX6$rwc;3rJYF|vXPI+{^GTM`J$&?`)|6`K1{qK_^O5$Fq%0RScHw=L*pWM4
z4cns;LF{FdkOV+G_9Y<Mn<VAsL|+Hr#}ArJ%H6bzgZ#Wk2NQ3s#uRA=rBGyyPSRnb
zPfK{SsCs`#LXOOsm^Dxc8NGl;nT5@$lujhuH{S8Eqf~m$_!rWHH>56`Yg<1!PB83r
zjAc^GIbJt={=T5_sF;;+6#&bu$?mXyU9)M{k0S(G{Ui#qI;>^){sepO8hg$@s9kES
zMHZ7)4LcbjkYcz%#i=xyO9JCSsG^fFF8D=~^7((&^e?n?Y)JgN^dT9h@~U4{6URrS
z?|A2+s!VH+P=89TM%{<eBD}3PRiW&GwFggCJlIpE7wh9{TbkFhA%})x^<o+roow6{
zm8(#bpz5*U^OR*VY^Vu?%MFP&uB(g1Boa_<@QuWV7l}SmObu_;c}1fwX#IR`w$uV^
z?R6(WFDuowdp=w=&EDH7jC>ihj9HV8TFnb1N;u)bapX70f(q~rd|#7i3o=RIG=-8V
zf|K|6zZ8jleE<6);7$Mk^tk5vZj$#n*?0J#B2n@U|Ks=l|J*Y_?*BgoeDN9V#0A_$
z0C472O*+WmevUj-p98=blj93Ie|NCw_wY}5Vc&g;0>Dfb`Zf5}wBU;$kT1UY8vYUd
zoP9hz1b1=K-N2t>61;z#)U>r-f&Giunu5*<=C+$x@vLs1&dP#tn^*AjOg2xb?6b;l
zqi<jQ1q|X@bvU2rV}noaSoxp_KHZVvpTCBmzy9-lQFpV<r}8yA0G|pwfA_(!pY1B0
z89mQI@*Ga!(_=2PqzCqgAHjeB2K<kQlHd~xeg({C`vTPbwyQwdZ-=r@!MJGsdft`z
z4G;(5-@&H<{QSiaua)}|9xD4~(^XX#yLQn&&-MvE2fzOYY$Lw_K7Ff!j5vtF<{=~~
zyLo1xeGYs&>j~PP2mX>DfAFbWy;~f7uL8fsyp0g>v&Mh7PIv$RtXB{N_i29y{z{L3
zSmm|&;+47HK>TEbFYbK7*WakUVNP)7dzaNzzB^0zy?Z?TjGlcyhgn%X0%wlkvbMwD
zQ(i9LWc#@B)zp3Oub|V#nKy^=TQqonex5BKl=Y13=l{VMf5{pUe{RMGb~C$a?vwfo
z_|z+bPd|0-#-Bybgn#<e-;t-q_h0`w-!UU*mA<+Ucaj$T+uxq}g8+W_-S1iD6{+3L
z8Tevm_UbZz%=pDCE&O}>m6c<=DewwCb9{C3%{TYaZ=?4v(Tm*b?b3$KE?$d!1pj|A
z*ud|>FTVsogo0h;f4p~d%uS_@-B&nphB-6qdlf^GX99aho-r6B{(%kc)*tNgXDs@L
zqQBMbm0~lyGV5RE<%8s2k?!Aa&e4q_%riwlV;FWnejkn8kGC4dZ*2D-xP|}7VBh`E
z_N{HVO(2Lqo3GfqRqwd*B~F8shqg)8s;y+T%3Gxf!<wK1e@hmy<G=5jWo=^&aUwaE
ztS~Pj>}_^t_RQH`d@We}GNENK5kVkk^b~C%oYgi+(>lxPeoD7P?ZuSn{(;mq77xt)
zS}HL-$zx{Tur`HNEp$-mJUrN>W9pAzODM_|Au<Z(dPuTDURD79l!r0UM$Q@SqqNOm
z6Mvwz=tu8?e_AXCJfH{n4YiwbmH{0SfhmsxoB^=xAD^o<YfpvmGLJ`GBBX$4u&;tN
z%EpO3<t+7K81%Aexf);fVN1?JF+~9Yit;1IA!MDinTTGYGp^8)yGj$EQZ|dZ4DE<x
z=42h;V*w%*lZf~XkP7?G{2);9OwF}&9FtjOArbQ^e<4y4PIDiu-7&o_=IIX|!$5K<
z)^e}(uvITRLi(Oju~bX-jMk@&G{ibohWiEB6E4vc1a)hK8T#o(7^m}*c16PGw7T<>
z-!Sn{@>c%x8`S;*lNI%@x-#EVQ(vwb`O03*n)C(zCfzq))Xuh0$7rc(yMAJi15N|L
zBWFr)e>F}aZq*n%V&U!)ttQG}AV{EZF?2MYfZI_PQ!zb)?19K3cF-!I@QRUFkV=z0
z0C}2X5hTVsKo#b`)@N%)H>)%87pjO3%`DE7Ybk!#f}qCjiza0&R@jZg)#br5T$eA(
zEJ}vVl$CIz%4$=^qHGCZ%QvBLGoYUt2-}4|f8G_slS_@~g-Wp$W4>9zfrVVGIi;;8
z-#I^7wXWXR0q?7LXcpON$|IM%o#eW}KwH}L%nY%IyQ_)v`r13R-h9b6Hv;UX(W;Jz
zisp$U{TNVcXOVNAqZ%}2M0Y%?XeWUf8+|`#e_s$YrUX{q`#GS1J)=7Ldc20c*}L2N
zfB04Gzqa%ckH|_<_9$bh{r}eQ|BJu>==F!q_y2p5J5Xk4W2i%(Vg2`Cy>5Tw_dkQ<
z=KN<L@|@@zkw&4myh5hz^3P}Uf}(&nGM?>v_=6DPOXf+0VdT@E*H^4w#Kf->rh|tH
zu4uz^#%*gjuzC}Vf3&)%*6DyL7Np81e?x0{VmaIz_bunh;`Sk;=iy5Q71{Y156Az0
zchGO}e;=}iitc2Lt@z(NDf$0+&~Lu~-;3-3|ItN|2qyVW=1c4g-Be7u4D9)tJ9B!>
zPgX-@*oQh3uan-U44vq`9R4#5s%z-bJ4hydn4*pnvnb$G9wd)+1AM>x-*x_fP~2_s
ze;=~$e|?0o<2ZP@|NBH28vpM>s{OA{j&?Ri&i_vC@BiM>5%IsCI>quMKLsn<tx79-
c;{I=>kwzM6q>)A%Y2<0ie?CXm0{~C}0L{8eUH||9

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index 49b3fe8..1fbcbca 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -8,7 +8,7 @@ exec 1>/dev/console 2>&1
 logger -st ${0##*/} "Alpine Linux headless bootstrap v$VERSION by macmpi"
 
 mkdir /tmp/.trash
-ovlpath=$( find /media -type d -path '*/.*' -prune -o -type f -name *.apkovl.tar.gz -exec dirname {} \; | head -1 )
+ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name *.apkovl.tar.gz -exec dirname {} \; | head -1 )
 
 
 ## Setup Network interfaces

From 84da591fda29c8843bce2b5a396f7f7cac6b0292 Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Thu, 11 May 2023 17:53:42 +0200
Subject: [PATCH 02/10] allow to inject custom ssh keys

---
 README.md                          |   3 ++-
 headless.apkovl.tar.gz             | Bin 4713 -> 4796 bytes
 overlay/etc/local.d/headless.start |  20 ++++++++++++--------
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 06756d0..b7873ee 100644
--- a/README.md
+++ b/README.md
@@ -22,6 +22,7 @@ From there, system install can be fine-tuned as usual with `setup-alpine` for in
 Add-on files may be added next to `headless.apkovl.tar.gz` to customise setup (sample files are provided):
 - `wpa_supplicant.conf` (*mandatory for wifi usecase*): define wifi SSID & password.
 - `interfaces` (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
+- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (can be stored), instead of bundled ones[^1] (not stored).
 - `unattended.sh` (*optional*): make custom automated deployment script to further tune & extend setup (backgrounded).
 
 *Note:* these files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any other).
@@ -32,7 +33,7 @@ With Computer set-up to share networking with USB interface as 10.42.0.1 gateway
 
 Main execution steps are logged in `/var/log/messages`.
 
-[^1]: About bundled ssh keys: as this package is essentially intended to **quickly bootstrap** system in order to configure it, it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/etc/ssh) so that bootstrapping is as fast as possible. Those (temporary) keys are moved in /tmp, so they will **not be saved/reused** once permanent configuration is set (with or without ssh server voluntarily installed in permanent setup).
+[^1]: About bundled ssh keys: as this package is essentially intended to **quickly bootstrap** system in order to configure it, it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/etc/ssh) so that bootstrapping is as fast as possible. Those (temporary) keys are moved in RAM /tmp, so they will **not be saved/reused** once permanent configuration is set (with or without ssh server voluntarily installed in permanent setup).
 
 
 ## How to customize further ?
diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index cbabc4249389d2a03cd31e9a3469a9b55b26105c..1f03f6d43cdb4bc17849e3f3a0533089b4f18e4a 100644
GIT binary patch
delta 4634
zcmV+#66NjbB)lbmABzY80000000Zn=d9#~Vme0T8Q;@`+?u34ieNm;88iW9$1tCB}
z(348B?~7OknSA#_vYmDkr#*|~nXdAwdJoV!-1EC<y%+FX7yjfACS)d>Bp=6_etmqL
zqXb4_D2h`Q_6dR_IF5Y+l7BR?J9SNK*C6;wU6$=XlY19`|6i2++5gX;AJ|>i{@~1W
z{GsvdK6d@){pq+nm?DV(hW`nQ#y<g(_Xpwk>7)PQriuR08t}+}`d#^t6F82e7(&hd
zM^TLYnExMwUi*Lk`yncu_J_K$e@OlDx$2zvrQ;p>k0LbnEB}-C!^iyp05tpkX?8it
z&a}kk$>z|1(Z%@t<%&JB%lpsaakbQx<uwbDT}a^4Wk<#yz6wU6AKDyGuUf&IO9|Pn
zqqx)iGm;Q02_4Uw8Ae)YDybIen@;2QR+_jpw^**vFz0O+`^XWbLwMLkshZvjjf+*c
z!#J#i_mtbLp!1rR7q^7o8SU-dchspF&kQ;c-cFT&x-H9Y63HF4<N9*oIGXnQx)u$N
zziiJNrALtDkQ}h>fg85Wt<$ThzzpK3PKXde;*LyKk?LPXOmC$^*r0KQBsmXn)>m@r
zdX3zN9n9llw{=hn(+)@HfNm4%aH;)m&u+bILBRe}-Sj=RZnzYV^0@T2=c^c0X}8p5
z`EXi)sO$APWFU-0<FhN5No|kaIcuSHUZKru<MLz7kG<F8)57NUNp)=fj4ySO^9yl5
zOeX^${mgN&N!#ux+VXv`_w>?{GNTF4fdB<ciySC)xj|e(r;p2nvmkFO-}B7I-Q;vs
z`o}HQkk^|4Wt?;KLungx<cis>oLozc^a=-mxZCFjgP4h>)VCBtZdN&D<~BV?9q#Zg
zvvzj7F==$X`4+s#|G(K;6&L<f<lA26Hx2NA9lamve@nlq|GtNjB)YiwfcK^2QU8Bi
z_kZsH6psI@{u302e60T;f}ZZQ<V8sa4+<}9+8R_;>CEapxaG|U7jW=p<`j?KP+OOO
zwDpole_)p)**p2^e#$%fqO*?dYr6Lhc0b(zx08#7tz`hmQPxkl!(E759?4bIixb1*
zrgC0mD5G+w*EbVo)@;4HIjXmZj%5hB{(X#1yw@t(Pxz}2T*5a;{htmB+(C1Bmo43W
zAcVK%R7-KE6o-UQ2iaX$3rIe+VK~KqZBKZFfUeSm$T-Td^1{U_a4t7~6JZcADOKEX
zjUu!HGLc-oB5%YUpRnHa4z9AMaT{!d%yveUnTFa}7kOfj-+l``Ov}rw-#7aQ@&7-|
z|M#^9eAoVOPWNB0{|J=$nExMw?(4r-E`O{6xtD9e%vwpPtn=jkH%WMV@V_m8_CKx@
z{<Y}$_J8kF$2<BziICW@`#*uuAM^i1&>z_Um)WELdyh`-7JwW*Si^ktUC`v&;gk$^
zWy&0JkVj#J%)%RRCUTga)sow^x{0hNb2q}QQyTRoi1&jO5G+HIPNlda`2rc8G)zQG
z!Vg1#RMB84=Dnt5+_Y7>icO1uxAqnimg!~JhHc$XhhoRVnF>t-;F{2g*6!J%yKJ}5
z0@*#RHALIRA<LQLdY`6CbPB@`!X1jbWnm<YnWobVS(?hJjgzq9`n?0BlxZ!pj_2LQ
z(hQ;)G6&*xxkhbDYnz+qnWZO@kus`Ocf72fl|$_Mn@sHDe4)u{l8RG*tCb_L$|yXp
z2d=OyNWsIC=Fm_?vz0<v<#nxPc2rQ-E<7c=o+&5whMJ1fcAlACR<=Z8O`Taz5CP=X
zbJ+2++?Ub5#vPA=jfiIu14~hFINidcx+VKPDzr>d8Q7vh;$#nDm!fd+6D5wDb1ey%
z8xRx|?X9}@sCnz<2|`$ZJ%@ewr0#ACcj2s#u-7Tq*9W^%gX)+wmy+Ykusg!s5hK$Q
zt+qYBz=0i^^|B~oI>lJByf^Iq#^5T!bXx4T3zpb8G9}F~==*XhmX*^0t#x#-M8A9%
z0o;R4T(WyXV#KSlI(DnXjpm)}26tsxGGGpKe68BLYRD(Y#uvAL<Y95qlxSU$OXD1K
z!gd)#DzI7Xb5fFSxh7A|4&l8Evq9zv5}H#;u|zJaqAq&Ub|Z|mxwC0zs>VSfPeFs@
zqB2(rTreOSsI+NwnJ%jcY5ABaSvKEC(`LhZE+Osu7K6IRG9}fmPALTI+Me3eW=ZVW
zdJ@S)E(VqpE!PTva5UD0+2{L%AW)@a9gx^P6~=b09Za1`{W=wH*nmMC&FDTyRQ)Nj
zBy!o%r|Ui>{g${gY=vEcAXyLspF?oz4_h4)?QMiqMrlF0MhMbeTXmFoJ!3V|PGM}$
z0~R0JdP^DxPWX0V4Et=*w-TUl7Z@HWXsIf)&{p!r753(ThH}kmC96)bq0VjZ$Wl2e
zZAOyV0zE`ce748snYoY*gdgep#20`%oRya4$sR8RUSsqj8*--;Ba*GDDX;kpb=vd-
z#fDdDmnuUlch*+6wR!=2BV;*~8p|ov1EQ|$LY{Ev@TwXj?KK)ccumu94>!es)Rg^P
zUmjt>8Xj(c5NWU`I_#8U%qkCT_jXy(Ed-3$jV&(hE#zCHICA*JS^TL#%a<uaMQycR
z3i2rShDotqsw8UT5pj}FA<2n}h?LPSEw7B+0CbMGxmdWj)#RhJF9iGzNse77o1TP@
zVY<XSmQt|hLc$j57nva2ROYx%K_03rO(9!;vZDxpI55g$9H(@@MJ_!e4Tx~q<+ZkD
z1r$X~rIjSU?U#FUHym7jtz35uF=EU$o|t4wNFJ1$M=zQH1}~%{KkrKBf?gfnPpnDF
zFC29`DKVELBXLZQ)-KVpVRu_!E>eMrin5R6zz~pIkS=1xKj9hx^Bv)^>!IE&`(Z!_
zoL?b-OY5u)l(KE{s~7LIRytREC4@bNI(GPu?4mx@E-Re(3OG7C+tAX0Tag+^=%CBk
zgkTv_#+|t9LRGK^MwLu4sjUU+qU&*ybknk0?`3JOX_v_oSuTQtixBr(LtOz;jwp*C
zR{XNrt@6|EGNO&;z{kOcgUL!JOG1}*NS}It<QV#9V9~411%vu5S*<Dv4+G7*2L;fh
zer}wr05vh1U-A-SYcV1btDEGGQ?b>t)LWAZVLO3)Q<Z?bj+}GG95^a^ilPJ&om@he
zffX%YAgrKDxSkkqw>Txx8pm8*E3uy6>!P;MR%dbDlc;&T_J~MOS9@JD3e#BEVu_D`
zrg4Z<57?Y62QqGsMq)H3SE6M5lv{RIxzZ0=+_k$X-{^6NEO+N9<cK_1kx=*3QV&(B
z%&o;DSu?E<unN-Wo@iDi0Xy`1aV=Tmyo4jYw?mepmfnWF?W*wLX8W`&9}V`nTJ&rE
zXl$cJUCV>M&Iv%&ienJ+c-@?xWzHRc&L>$$_wdn&T2rc_8)QJ$JdU)NBxSjvu?z2`
z#E#tYYS<o)2x2drgd_mku`dD1-Xtk6C;B@0K7P<-QtqZz9OUOUI+%E4HKs^2D1{<p
zbdnAeeOkhsMb$eJa%9HDtbszv=mj*&ENn)lbRyZl@s5WbrP6E0zmOihA$8dkT-*A=
zae`r|V=R+e&hfh0^Y;aldJ4IJD;jM<>*s5;r50FguLF8nsixiY;i75w-cDiU%a~=%
znsn4^UKmlr2?vfNzd06EfN$XYYHO*E4z@s!qR_Zv)>#@_T85B1;(2n1|38l-KGFxK
z`~EL0T|0aB{;+qzkN3at{QiTO%Opb5G=6{oOOe#a_rD*4-t_<L$2HG?cayxw$-cw?
zG>Q;E`=6T6=lws4ef<98gU}bB!A@MjO#}dEUe%<7{O#w+Gxa$Dd;zMy7uUYqf=%m{
zT?^WU2l{ng)(zN}pj#GAnfajIfVKPlh#}A`{RS+`7R<_U79ZOvE<(V+`7Vfl2YY@G
zzrG9m?n@K^X0gz(!KbEw1z-G#eDTHC@K509?Bn4fxQmPK2EL9-@cwO5)7Ewc_Ag!`
z1)UMhZ8xvt8E&4=U_rReEBJX9n<rHES!K7;w=ezz2Js9X&gc2q;8SkjJilrq5Cfmu
zvGPF=e7XyQfBqVN{`$}JMcvK%pUPM40DLO!+y}pYwySg=^mz^*nCEZ;pC0p?wLZ8%
z{sjK}H{gFf0E15`_!Tgl@C%d93>$y*7eBrN`V%}<_76>0RaxxXMf*J4D)=1y{u{83
z`~vv&t;RCqAO@R<lA!G7S$_68@ac>bv^@{}<#@oSaWMybmdz%h5aivO;d^oTCFgB|
zfS)z~yW!o#;%A6K4BRd78TbYyg7^ibf7t33lH#Qi-(bA9%oleR;H$6L-Y|bMIIFm;
zZ7ScLf%x7%Vt!`NQ85Q%Sv*2(j`6a#!{3{ST)sK%<Hna(@V&o+P8Vn19O!RB@cjHd
z`y(jpnb*(1gD?J)H6YxK4eVxi)7&TZ74WH70-t{B+KoS}oCW{%r@tdli|@bwX})7-
z%#gmiAMPS8__x13@dp9??z?~Av&u_RyPI?L#XQ){%lI+l7cWux_XI5~$97ZTC3_z6
z<;geS+>d@6y?2dX<W_IjHe`13O5GzR{)=%3eh+^6CHNr#c8&Ai%`u048@n%g;7oJA
z*7rJxBF_Z&j67p7M*M>t+O0p><Ii054WPe8_7d1UT$%MRQ}iKnuTy{buRG`H#t`N|
z+qb$NH;pLzY<|VmTQwi8-CgYUHc0!BHmO=Qk*rjCi?m|lE}j+`GJqZb`<^?14H&Y!
zlH;ffSF+YSGt3P4<J@xxGhJLwZQJHgfA=|mI+a4H>#^g;WP+Kzl@jCkDTl$G3PZKw
zZ}9={Ib(}=+NZg4p4NZ!qj7ah{DgwHX;oju<o8yO6=+Jt<f9m~TlGQ*yUydCO?#8_
z=dmqp6^1fdwf=HR)<V%&O9vT63D8Dw1y@?7&Yv>F;KV88pMY8-0X$#^{~2GmA&~<e
zQiWT-1%`&eGJuLoGO1!W+=@i2we->YFKtbFcGpV!BA}SG%Y%Oev~GZovv}&RNn{f0
zs#1kYC{CFLobBe{@6ycaY7&uJqXRJZ?&VvPYq2B7;H}uG_z4yugQMhQnvLY_FA~y`
z8xvH-YLtNp;mWw%m^Q#(7-Ay<|BT~&b-7={T}SJ}HjSrK&-vNZ^Lm>9d1_f+(irOB
zluLCrPL-B{)e(Qkt#Q`qWzM@okQ)8H1tuz=*$q5?w8UM>>~)l6+hu8|RBSo)i=KDT
z^cyy1(P+Z-42t`Q=~QJk;emXrs8H`yOb-i3GFa90`0OA{HWT;wP&L)PRLQZ3s6Q~|
zFW9NBxvppa<9>ZSV50KjVgDoy6_vHP2~`JoA2jq@sWyMc8kw1WnYy<j@w)Jy>%G2f
z!D!Yf!w}K5WQgFT3|<H`B-r}I3(1Z1guD4GI4<~WrFb}ff@BGPkQVVnS%%0?ttRT$
zRMMDpv}f7f^x`)jhzTcoQZR;=^EaHg$2`>~Z7p`_jf38&a2NEuhBjf;k(lUCj5K|{
z`LF8Rq4IyOB~pG4NS}nt^|7De24O|IOj5N$z_VLA9N<AiKJdZpwyZe{(zU<3yPQQ5
z>!RFw>}DCoK+b8ps*&v)S4Qdjxl4@I8*RAyuu&Y=KjH^#)a?%)m#3bV3G#!R$KI*{
zVeC{ehYPf!)eN{|`R6O~;d?FuIMljle+38=-|>GK6DQsZ`W8Qa>i1t$==AmuCxicE
zX@%PtS;HLi-247V{rw+%wiw?3IEj1)ZjZKx`TftL|M!3P#q8kyuleP0{&xyFWA@Kv
zUzr09r8DvV?_Vdc*$cQ#4O~CKAGiqZDhOsyOUWl1($s7PpG`&SJlt`^<?J=N&SLJ^
zcMgC3;#|CNUd)AIiKg#v;ViBkkDS|?<DEO?4r%0TNCzi7`WlbN|JlWSHsJp$<Q`6b
zlr`?ffBULs|I7Joc>m)has>Rx6k)1_rjNPQD3JY3tx1RO_S)Zgwvg$5i5vyFcNa{v
zPZ=Lyl|?Q7vn(EKm996G6ekmNP@KmhttnbeztArL9`^jd$^S1e2K+yTH0@uWr5xE0
z9&i5{(}ltQCy;LYn<KQNtx@p5tB2d)K0jyvXPe_Z8Osc;<hWbf%QtTSK?WIQkU<6+
Q<lB?~0PX;gNB~d(0D!4$i~s-t

delta 4573
zcmV<35hCuqCFvx8ABzY80000000ZngceA5*lKyx26xg2iuFbwj4l1u*hY%nX5CS9w
zd#)*R4k8MC{_ck~GhWA?3*))ls_Clt0Cm&dzs^6vZ(aD4KNyf1Xp(#!XZYpuagGug
zg`p@;QP?L4ir_f*2}u6Yirt}WTDu0pPwKL4{~6u8@c*KJ;LrYl_WZ!^vi6lTuklsm
z*M02z&HIyacQ8c|{|)~W6peoZBJWRy--nO>hnpt)Lu<ez|LJ$-KThB{j$#Nk`yWLy
z@?-vg2zcxN`R`R!Htnmrv0tVB_*`|)`;zgF{6`U*`i1|=`{85$e*l>M{xrKBWM^37
z@?>-9=wkeT{c^<~+2#G`@VHuP%JQ0p$Sx#s>9QkZ4_^hN&<|~nr&q1u&839w)=}K)
z{TWFJm4uGx%nTzfG?i2f^i8L6dn-*`np-T_XPEOgi+$t>(jh!-qEt<9g~r9I+hH8m
z!F$SWR?vA(%Zpn=?~L|#?mOz#jAsTN2ydrK-Iis4H;Lqq+Hrk3a2!p0eO-$N$6vPR
zjnX4Xa!3x?_P`BW=GN&|RA2^iR3}7;AaO?~t4Q^)BBr-eA#Bh%LXw<^H|s08biGFI
z!w%;0u-iJQglUJPb3nI=bhy<1wr98AwIE=Bsc!n7S~pw@M|oU&+w)Zns<c~bvV1r#
z)b;v*95N6_qVd_4%cQo)?wqyII<L@XwQ>0|=EvS^@o8c6`lLFxe#V!&$oYl1AEuLm
zkACJj*raXu6K(mv*L!;DNSV=u=Rkl0r9}=Dy4)bHpwq|Y!C8<umG60G<8E>~D*fXY
zYRKzNfHKax`JuFpIda8pR!*)ZMtX$<-0gFJgF(#1QtDfZAUCTVGIN`rqYiiYmRUQy
z-Iz2w-h2bz<Nx36tcnZ&De`SE^P2|vzmDFI@V|v$)qmf^ND^J#d%*jW@u>g5uKPds
ze+tKcQU3`FLq6934*^eiSn{GIg9n9|HEj(ls&r;`9^CTg0}D9#GINSYZ>X(H+Iq=<
zqd%}qk?fuPbU)>te9>7)_AT7|2D=~b|J%vM!qzf?<0$K=+u=^cEsx|X>cxp+aZ@?3
zF_cj`)9agwGHbS8-5k~1L&q|NT>s8v6YsT3_7nc91DEipT>qy`fxFUN-epU79|++s
zIn`3!Da9e-(?NFE)dG?aZ5U2*+Y=stA)u@DATo|Jth{h>3Y^Q0-$WP$OiC3uT%!oB
zfJ`J8ugDv5*H2h)dIwio)3^<`L1sH6%1lFTtcyIc$8Wv?9;W5x)$g1AgZTfS<^TJd
z0pGR%o74T5^B;i{AM^i1z<vIE<MPK0$i1EcGixQGvd)wD-z4F;ga5Z;|Kps0@UI2G
zxBq*eGTzbuNrc3H+5ZWI{+RzC0{+1Mzsw%}-+Odww*chmfg0wU?}R4L4yR<WD^uo(
zgFFf&WES3lGm*pWtd`uS)lFnInY$5Yozkc$LA)QNfM6MtbSlLa$rs4zq+udj5`Gx^
zqlyMYG4C}c<EE|3Rcu<kwYQLeuuLzzHf-yDIutt=&Qxd$0M~>@w06%9-DSId7Rc^l
zts&Yj4q46|*ZVYGqEi@l5bjXaEej)I%ru=|$kJ3!ZJdM+*Y6!5rA%v)bv*AbmSzye
zkU0>i%Qb3KTHD+-&n!KOjFeHOy5nW-tQ=z3-(+GJ=L=0vlT@5qtsH@WRYu`)J#d9x
zK?)w8G>3*FnynPVDz9rTv!jBtcHt?}^-MXbH`G*=w)4#Fva%%#YwFB$f(Rh5p2Lop
z<-UyeHSTx}Y(zYR7+8vW!|4_l)h*fYQK4mu%D@&45+{2IyA*|kpD1zMoNGzA+<>5%
zXm8cEN6lL=PY}ZDIqbWCCv|sIxC>`>guPC=zCPHE8dS%exs)7NhTRe7ju@GiXtnL}
z1rF@Utd~Uz(<#Q1<-K9=HwIS;rqg1#U9iN)ktu0@LEp!vSXNF0wARtR68-#H1aJ>F
zamnrli4m{H>e#IkH=1{@8{Cy)$$&Y`@wIB}sv(~o8(-X#hs8yIQ=)Z2E{$`{3EO1|
zslaBj&q+zT<(fP-JB0Tx%m$ewNN7$W#S*!win{1Y+l?^N=FX;>sTv1`JOvGoi^^Oj
zaKV6RpwgzzWxA{)q~&9xWZ8TlO`8qtxrDUqTMX(N%al~NI;9Y-YkO)>n<cSh>q#UJ
zxfobZv|KB|(O46IW}oj5f<TpybwFbGR2bW}b})4&_3Ko)VFLznG^6_*QT3<9lE`I4
zpRW6m^jqS}uoZR%f@DDmd=9~-KWueKw6_sb8Kni~8X-t?ZPiiU^^Da-JB6`14_JI?
z>n&**IN{rcG3>KJ-%5bKU0`^iprxwFLR-lfSJ;~y$~C8dm8?3!hB~*sBTMC^v>8ca
z3-k~*@!1}iXXZjO5PqcV6JG%8a8_EDCwsgQc#YAAY{;EXj7YYoro84a)M?WT6dPWp
zU8)SJ+*w=M*6Ic9jgaL`YAmNv4~V+13wgqw!>ekDwAX0(;5ALZJ=_%kQB(GFeR+fh
zYk0Upq`{hh=&)0YF{?bV-P>hBw-7L1H@3L2w~%j*;>h6>XYr^0EMKMw6}8oNDafPP
z8z#kesgkITN5n}!g(N2?B2q@Tw7fEM1JF6%=3?RAR+Ep?z7X&?Bsq4SY<dzphUpUT
zSW3Z~3kh4KUu1%8Q<>v71$n5hG=*&W$&Mo6z$lA<ah%fq7P<6@G$6uZm)F{s6;Ko{
zl~$7YwqNea-EeUAwQ}7t#E3E1cw&+zA$d@09=&J+7`%{*{Jblf3wm{QKd~kyzi`y)
zq{Li~jKncHTDwHYhTUy_xkv>fD#|{N14BS=LAr<$|AcD*%y)#tu7`TB?1upzaDIg>
zt+OtFP|CK&uU@><TIpQvl@Rt6>e%5svWxmqyR2~DE8ytpY(q-}ZbfPwp@S}C6M|(#
z8F%8Y3su1y7*#UGq_!5Mi>}8-(oM^1y_coArd=jWWVr|mE<)UE4Rr-XIif6nSn<nd
zx5`hu%ZN6X10M$)4kjy^ED2rKA${tRW9XZIfkm%27YypNWVNawJPb7J9uz>2`nhqg
z0@TE4e#uLSt;L8$tZtG!PQ_NoQg2NvgzW_GO;rN!I&#h#bKt1xDT)$AbaDw<23E9q
zfv|!q;d)}c-Qtu$YaDZNt;BkMuZ!A3Tb;#qPon1W+9M)CUF~(rC`@BrizPmq#vx9B
zJz#UP9LTsi8i~=ET#1tHQ*PN=<w`$fao6sme51!5vfQ1ckR$S3MMB+AOFdMjGPf3s
zWX-fbz$!?ed!kv91nki3#kFLK^Ae8q-VRxYT6!DywyVN}o9)xCd^FhOYSFLtqp^(^
zbuAD2Iwt^8D~>_P<8^a(mN|DgpJW+--NQ#8YE7wzZjb?0GaqR$Ny>6TV;9~>i5<D)
z)v!Gp5yW0L2}uC7V_yQ2y-8ADPV{x~ef*%wq})xbILOaybTIM8YD|%4PzpuH=p-E`
z`m}^Mi>h}d<j9PPSp$WT(F<slS=fw9=|r-9;~ft>N~PC~e<3}1L+Y}*w)KM#;{?M_
z$5<w{oa1$~=kEiPehRsN6OFc@_4BpaQVXoL*8#n(RMYPHaM3h-Z>KQwWy~^WO*(2d
z4@Q)5!hz$+Z;k~O;2ZcpZ7tQ&!4}9-6dG5|I!i-K%MemWJWuZM|L1YUNBF>S-~VN$
zYiG~iANCIT@&5On-+vGofg>n|5cl`L6oGzx|N9}}r~ZHYxaRqPZj$%7*mwA!B60Lb
z{}Tv$-~W^7$L~Kr2z>r2?8F7!L;!H+RZTj`-+YEVQ=b9A=b-9)aqYV;*tA~RwV+*i
zpkLQz-GFTgx@FOnnGf0xSi8@U7y`Z0Z@{8#!K@5t^0AHLA_V-K?}F&Ju;=&i+q<xD
zzd!+CCJX%<d}>;M@a6Z&=bwKC{{Vi*J{}%|ySV6X;M<r4@82dhZEaUz|MHEdpfiHG
z?dDZHtDC2@vLM{%75qGt%?m2~tg_qao0oq9gLqaQ&gb>m;8SkjJilrq5CfmuvGPF=
ze7X~YfBp)7{_4;3McvKvpUOAr0DLO!+y}pUwyShz`aB1J%yT$_PmguYQXkmwe*pje
zYw$lF3WHB5_$4r#@N-b}+pYp-za7dt1>>Ui>v@ObH$WVKe+Qoe@UxfSzftrDc&O}G
zO;=S}?Ak^9JliVx4E*kEu#Nlzc=4OYGU6Zxn}?8~?B-Q|`Wf(I))TZn5Bxbl;DuYg
zTO53^2tUVv{1zeLXN~`Eo$j&lqh3J_+?V|+_zOM$VU;)Hi`VA*3F55{KELw?-+Zt3
z6LW$y-@B})^4(dw@7-hLNA&FfIpoUX5kzw|m$e=Kp7L_}Q?`#AUoYMF{t7x>oOyFd
z|Aq$7&(E{vgR-7+{ro%l@-JBf!p+#gZe};leNkV30x!H0c=5uu8-Er#6aMK>e@C7c
z-+lGNe8-HKRr>ONxRbQt-~RT*9|Z8*Z-37!uSxB0&c>HBv)7mLW5q9DYvJEhv8){1
zO@Y_wnd9q|ufM(@{Wf~<61~W+ep}j**~J@ikKq3=1{?St_{A6ChfuI<ocC^yxxuut
z`x*y-&M;?YeXnRJ@=RdQ$TJ3G#6Pg1-TH$){)k0?qUf(Rd#%{auFU$^dHEo@SET!Q
zoO5(z2=h$Q&lraNXZzN+n>G+cpYd00)2eqU0YVx}d1#wdt=dYcRo*H^#vY7S<8{|I
zgum~ZwE<)7kVpiH#v`E+?`?Kw_RQH`!=LJZ;x>OujY5%SbKnM~S1{RQDUPlpUIruS
z`*OzLf(?W-j||qd%5qshg`1+I#gzCig4Hw@UqthBp~P?%g`)Xa9C27xLI;P={ew-}
z&Fn?k0*VSvj*MJ+HY8giEz1FaOp_33qvnG5RGH0RGMC^K=>>0rS|S8Ipa<s_x0{iF
zNPrHJ#FU2sP9IqIhvquvT2tvc!li%|LJD{W`)Wwz%p6%$60rxvpqE9<)%dy(OOcq!
zDGC5koGUR7BkNquWbgu=kw!;yv?d;>ZxNE3SOH<?Y#q-PJ|Yy82xtaKg?(q9?`wGG
z=9zMY$t<#v3@M11U`(c|57zFRUgvXv_Pds0AUWh~IoH{+We;0Yd9G2iR15Wt#)pJ8
z#5&Z5`vKUK4pS8bbz^`Tdhz8XjOT;Q6_J?p>P}03!o=U%Tj|3uQ2QH9me;%N`g}{x
z?4r#`SN3AotS_iI>%Q@za<;iTMng~A@gi&J6Au87oNK-HIJvmhV`LEvcMo`fHF5p|
zSpt;{p<~nb$qJH?i}@>vA4nZy2d#V#uMl|!sWeIhkm4ANATrhgDmVAFJ{v3QS)PeM
zaYc04Ou{s|7UE|u2rAsZXi~IdiQPC{9rBmqx_nS%QEDQZsuWIiS!JqNlq~^l`D7xU
z1nAfFrR6{$_Zs0zD#P<!rBKO#A#GN$VIc==PHUSH@syveT9@zffcIrQGzqLYrobVm
z6^(NYw2^rp92)z%+nQ*vuRTNS&4*%hQy`ujjq-RXX&%|i3jw8864>Ju)u5?hy5lNM
zI~l~p;Om9>{fwD0C$RF~F8~GN3D-&2;~4f9Z*HpNSF``h(nC2eD@4|RgN&i~|6AYx
z&;S0T)9u&q|L;X^L6)73p$~cb)$f0Gj=LMb|LL97=Rf<9r%ch9C`!G}l`0ljzdklE
zISP35;#!W2KL`<8vP~ul1CRH)o@VkgWKI={EO@x!nm0M;WSRY**%_Ji-aI}t&w4^L
zA6+);oBdPMCUe*|?Y2pO)}bKg|0N~#W9MVsAOE|@y>5;F`;aa4b0=eL#sAJ}!T%?{
zZvFoMUStROk1qU33PpbtPhl_U#Bxf?x8~>0%<c#;S`Cq4?`e<RR(ul+bdv4g@SkCD
zT_X#<gJI8yFZ%c}34EH8A3e|w@ZIiz*ZKcRegC@`S@(Z-Y_Q`*IJm$6yG$2q|L;M{
z{jX1pb~Z-J|4#4j|4zHj{I8==uDrmD!Af?k(n=n=|7)qGmRf45rIuQ1d0g@jJFp2n
H08jt`7RWre

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index 1fbcbca..b0d3d2f 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -15,12 +15,12 @@ ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name
 if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then
 	logger -st ${0##*/} "Wifi setup found !"
 	apk add wpa_supplicant
-	cp "${ovlpath}/wpa_supplicant.conf" /etc/wpa_supplicant/wpa_supplicant.conf
+	install -m600 "${ovlpath}/wpa_supplicant.conf" /etc/wpa_supplicant/wpa_supplicant.conf
 else
 	logger -st ${0##*/} "Wifi setup not found !"
 fi
 
-if ! cp "${ovlpath}/interfaces" /etc/network/interfaces; then
+if ! install -m644 "${ovlpath}/interfaces" /etc/network/interfaces; then
 	# set default interfaces if not specified by interface file on boot storage
 	logger -st ${0##*/} "No interfaces file supplied, building default interfaces..."
 	for dev in $(ls /sys/class/net)
@@ -77,22 +77,26 @@ rc-service networking start
 
 
 ## Setup temporary SSH server (root login, no password)
-## we use some bundled keys to avoid generation at boot and save time
-## bundled temporary keys are moved in /tmp so they won't be stored
-## within permanent config later (new ones will then be generated)
+## we use some bundled or optionaly provided keys to avoid generation at boot and save time
 apk add openssh
 
-mv /etc/ssh/ssh_host_* /tmp/.trash/.
+# bundled temporary keys are moved in RAM /tmp so they won't be stored
+# within permanent config later (new ones will then be generated)
+mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
 
 cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
 cat <<-EOF >> /etc/ssh/sshd_config
 	AuthenticationMethods none
 	PermitEmptyPasswords yes
 	PermitRootLogin yes
-	HostKey /tmp/.trash/ssh_host_ed25519_key
-	HostKey /tmp/.trash/ssh_host_rsa_key
 	EOF
 
+# inject optional custom keys (those might be stored)
+if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
+	echo "HostKey /tmp/.trash/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
+	echo "HostKey /tmp/.trash/ssh_host_rsa_key" >> /etc/ssh/sshd_config
+fi
+
 cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
 cat <<-EOF >> /etc/conf.d/sshd
 	sshd_disable_keygen=yes

From 124f39d1c8649a6177eccf9a8df6ba1188952281 Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Thu, 11 May 2023 19:51:45 +0200
Subject: [PATCH 03/10] add few code snippets for some unattended actions

---
 sample_unattended.sh | 79 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 79 insertions(+)

diff --git a/sample_unattended.sh b/sample_unattended.sh
index 2d8844e..b0cb3bf 100644
--- a/sample_unattended.sh
+++ b/sample_unattended.sh
@@ -1,6 +1,85 @@
 #/bin/sh
 
+## collection of few code snippets as sample unnatteded actions some may find usefull
+
+
+## Obvious one; reminder: is run in the background
 echo hello world !!
 sleep 60
+
+########################################################
+
+
+## This snippet removes apkovl file on volume after initial boot
+ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name *.apkovl.tar.gz -exec dirname {} \; | head -1 )
+
+# also works in case volume is mounted read-only
+grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; RO=$?
+[ "$RO" -eq "0" ] && mount -o remount,rw "${ovlpath}"
+rm "${ovlpath}"/*.apkovl.tar.gz
+[ "$RO" -eq "0" ] && mount -o remount,ro "${ovlpath}"
+
+########################################################
+
+
+## This snippet configures Minimal diskless environment
+# note: with INTERFACESOPTS=none, no networking will be setup so it won't work after reboot!
+# Change it or run setup-interfaces in interractive mode afterwards (and lbu commit -d thenafter)
+
+logger -st ${0##*/} "Setting-up minimal environment"
+
+cat <<-EOF > /tmp/ANSWERFILE
+	# base answer file for setup-alpine script
+
+	# Do not set keyboard layout
+	KEYMAPOPTS=none
+
+	# Keep hostname
+	HOSTNAMEOPTS="$(hostname)"
+
+	# Set device manager to mdev
+	DEVDOPTS=mdev
+
+	# Contents of /etc/network/interfaces
+	INTERFACESOPTS=none
+
+	# Set Public nameserver
+	DNSOPTS="-n 208.67.222.222"
+
+	# Set timezone to UTC
+	TIMEZONEOPTS="UTC"
+
+	# set http/ftp proxy
+	PROXYOPTS=none
+
+	# Add first mirror (CDN)
+	APKREPOSOPTS="-1"
+
+	# Do not create any user
+	USEROPTS=none
+
+	# No Openssh
+	SSHDOPTS=none
+
+	# Use openntpd
+	NTPOPTS="chrony"
+
+	# No disk install (diskless)
+	DISKOPTS=none
+
+	# Setup storage for diskless (find boot directory in /media/xxxx/apk/.boot_repository)
+	LBUOPTS="$( find /media -maxdepth 3 -type d -path '*/.*' -prune -o -type f -name '.boot_repository' -exec dirname {} \; | head -1 | xargs dirname )"
+	APKCACHEOPTS="\$LBUOPTS/cache"
+
+	EOF
+
+# trick setup-alpine to pretend existing SSH connection
+# and therefore keep (do not reset) network interfaces while running in background
+SSH_CONNECTION="FAKE" setup-alpine -ef /tmp/ANSWERFILE
+lbu commit -d
+
+########################################################
+
+
 logger -st ${0##*/} "Finished unattended script"
 

From c41be0072c0f4f6ab441ea6034145b04248a8751 Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Thu, 11 May 2023 20:41:37 +0200
Subject: [PATCH 04/10] Add banner

---
 headless.apkovl.tar.gz             | Bin 4796 -> 4822 bytes
 overlay/etc/local.d/headless.start |   8 ++++++++
 2 files changed, 8 insertions(+)

diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 1f03f6d43cdb4bc17849e3f3a0533089b4f18e4a..4c076e0d2a109934956cc81139c0e478825fc463 100644
GIT binary patch
delta 4769
zcmV;S5?<}RCDtX7DrR!A?~7OknSA#_vYmFe_AHKPy2_{OJwWGh&+ne~Uchf%_>(`F
zkeO(bd>m)`<?(Tj5*US{C{9t>CkTq*IQ9uh{?Wkh)HSVLgWxB1S+@U7?p^$UQSxX1
zKYM;)cUk+=ndkVjk&!xo-uQq1dl{8Y`?7BAm#IHKSDo{|bi5<~QG}*`;eYae_?Z76
zfM&lx%`OMonU=Ub*&I5$7=OQ9u}5}!|2aIamYTA>W+Ac*30%7D$k@YI!6@`Yo8#$K
zD|mA$A-i=HcY1$D5<(@R<2f_KNDECR)dGFfY24mQ6PM-|%k>$5=Df{fA31__2oIYm
zRnuFcak1)l7>9N6o^qQNbY9c);+D`mqrIK`jyg5tnL!7_+o@8wW!X(4xubSmUk)5c
z(_UZKqQUW(?Rlg02$CF<1GYVI!<M;qdKDFzK^)Zy5h6(3k;y7j{i}%StyBmbG>(uY
z=i$xzN-kZmk^8WJgLypcwhk&`+TrLN&}||eF15ey*{ydi2-sh$o4%*k4VS`E9+%$s
zd=-N#?UtG>A5IH(y*`Hwgpp``cI7gu?Xf#&Ews)nv{`LjevJ9C_gZ{f*t|Zej;){Z
zr7m)QA?}CiWZ<KpISw{y+x<jazVG#(UOG}{G~qcApg?JVkpqP;H;60f^l^D`7UWIk
zd!E_2o1BhH|G0%3@_G}XjB{>&C~aeoTrr!KlWU2QUf}?D``lm<GqIHVmLkZ_Du>M6
zrst@`9lmAO&Tcm*jgB|pg7^6UH#@81!hec<+spi>0sgO}_apsp=~wmN_b`$~7xy0U
zzH~h5|F7$R{!jg%!tr0!e}cl0kM;jU(9@lkyeP@wLE&XhTZ4)!omrg+x4ik_0uH{+
zoZ`_NYU`4=Uh?P<>{29qCqLa!c_&|V){%Wf_rAgIhx`9_a<Q<r4B$A*`ssGK3vtUM
zxr%ymVp!Z%&T9;1RL=DJW}?iRtyeck_4d%Q3?bKlzmKtr_gW?U34hgrOZfJv|I<N%
zJ7_NNvZcEZgz%P}YANoN;*jv^AiL{o0m+9p45zs536BuaReBH^M;TULxHtvQ<;HI!
z3<4&liW{y`gjPT%l8aa5jkx0z)|=kJRn|0agKd!6&WJM8P#fzaPwesAZ-Iwtd3p8w
zX8$06{{LtB|Gw6M@7n*(>Hf?0AAu4d^Z!H8ef{^^<&QNW_i7E8St|*Zb)LNcCJDbC
z{J$0ZAJ+;0TJ(GSzxS!*9sQp~NbHyWpFrr3`Trs45A6TT?9u<dN2hiRK#m@)VZQk;
zX!7iEN(Q?!WsW$=qcB2d;SD$wIn2&#$!%JH-9%QCxf@~DDUEs(#QQ-C2$ms9r&3&z
ze1VKk8YZG8;fJ9=s%S72^IlUjZrZ9`#iqqudkYE6^s;Niw(h4xv18#(g{A;-O=v`G
z_w3MJw%ccc>>kz{qV3|4<;-!tPtzqjg<%Kb4n^IvFcQX0)9HmQP36?aN!W1x-T_j7
z%Cr_)$Mf!DX$DaYnFDdUT%$InwarcQ%+iy{NEubCJ6_h#${}|BO(u46zR=_}NyVwv
z$`M#)6du<DSJ)M#;NeMgXegrDN+GQBy4Er~Dky6go)TTpl#_ZxO+{%t&&)0>TcWV0
z&MYU00P^ZN?08x3%V=NYj>o`8#50J0fu*Q7oNi%J-IDzt6<VgK3~bRLak7W7OHnxZ
zi4w=nxt4^>4G4;f_Euec)V%fb1R<=R!@he`cQ=K*a8^gy>y+#3gWae>b<CMd$#G@a
z9bxW>k!gum+a6!wz>ds%S(GrHVk}wS8}@!<aFt*>Eq2=lOKcpOlI9omeYq5W%gSkh
z);hXZqMtvD0PeviF4?^xG2+!&9lKTHM)S^fgS#>;88C-AzE*8rHRO|H<BMDJu()VS
zv@Xb{agI4*y9^-}*ev!rDM`0nlc#2f@ZN>lAaeu>%_*c<A{SLr7d>ga5k}hF*)%g%
z<DihIpuurbnX3dY7!VCq+O)ZUOqW%Jw0umIESvA6X|rKHmymXSi$PsunUd;Orxb#9
zZBOlKvm|zGJ&EKY7X!<QmTLt#8f(Jr^Zh{(sM4_xNbH^pW4qQ4rp}~(oeDQ>z#xuh
zbe|)t{*+h}xoqgubsv&`OI#VY!mdD&EC_+mA-MF1tqzIyHbN?+w4hvnBLr!#tvbrP
zp0S!}r!Y3>0gDf9y(J9;Cw#jwhJ7~ZTM5v&3k(kwv{V&YXe;^R3VU-yx#qNzRVUa`
z=eBobshpHHBS~z59-<~b+vD=gTu27Ok92+F3qT#tO3U(Oj~4>3G5U}VxzmXe$=1}A
z*ZhS#ZF+%X!>hDQl_8aXJ8LW3TD^e15we^~jpY>T0a4d=Ay2q-cvTIN_8JWzyr${5
zhnwO*YRZ1DFORTb4G%YnG*}ZIc1kg3l?S$ayDaDy0><mc78mvw@~u%EIeg+Q{?wo4
z%M_uaw%RTQc@%rYq}VQ161DM&ILW7w<itco%IKDsS4M6CI>+08TrAw%YVuLq7Xto<
zB*(6kO;19{FkRvuODR}$Az_R3i%gJhDs$YXAP?1*rjRW^*--=>7-cbzQ@Y<GmmZM@
zL^$m7THCS$ilU{`N)q4p%RRXp4z9jdt~-VpG3FXiOtK^-4@%9W7fk?z7gCX*cO`Q{
zua52~)}-VYjyj!xl$gtrkvJwtYnSNQu)D1<7pXu*McK!3U<k-9NEb2UpKuL;`Hpbd
z^-%AX{V<>d&aaTAb=Cz+*|zxAi+5TpovXbP!k$7MJA6lWQ6FlT70!DF937o)XlcN$
zNR1<O&}D2wu#70<PTX~&Dp&)fN~W09)`E1=^|(m7X<4m*_p&tCw990PEEhq+MTmQ?
zp{{@^N0h}6D}LGRR{3dn8PUda;NxJ!!DJ<qC85hYq)$C^41F`O=+)+eL4B62RuzPY
zfo9!<0_agcH_lanni$P5c?q$#7?Ft8O>)Pn*y>p7tx1Kjoxr`RO2A!5&N*Wa92Gr9
zQG$q0E+NZ*z={?x5LQqnTu+R*TbvSTjbkpZl~~X3bx~VrtFyT7Nz^=EdqgCttGzB6
zg=ws7vBXEyIK-(3Y)+N~88=5GF&dLAQL=r?Ejz1R>4z-t+Fg`y^teNoyK@wBM4qci
zsQYQDhpJTO)?$&Ynbrqb1?h87G%J#T9eTaEmMn39Uc!;y+ab$POK-#8c2#(Avwhl?
zj|O{OE&8>7G`7*AuH`{r=L8^X#W4tZyl&3UGUpEGlPsfq_~=8eDb>&oGN5W6N7_r0
zvRu&Eh4)cnNA7qvY>!3+v6oFk5&-Skmw;q%l9ZPdeI0xsKWH*3chf2k^79%UOuVrg
zQ=}PxltPg)I!T9#J}u$RqUs$9IWl8n)<7X-^a2`X7B-_&I+1MOc*nzzQt370Uq}z$
zkh*NHZT;Xl!LZXYmPsw=c-`#z`+~xwVphIY04%d6yTkT%&8AsDju2$^lPJjQu$JBX
z6YRNb>^b|OcB!ovSxi<n>|}&Mis1qkr_x}5E(weSp^8qzxZoE_%I8<pztGOHA@S?d
zhh&(_tA0^U93PRs<DG-5GOam6{VBB?bst8H@V4Gmg|Y|M9z0d?U{94^tdFa0X<o~Q
z92$nzi)mnVvT;{bu0l<Ms>g!QQ<lZBp(YG2Hzd}$t}YgnNI<p0Hxe6OB>F@#HM~)O
z=M{~%p!M^$*-{Ivwbuc?tW?wP`Eb!RdvB*O@@332W=%S3H7|@P;e-Rnk>4B(D!@1J
zeYLezM+aLVM^R{8G3zW1EiFSx9q~N5!~dVh5g+LT(|!M!m9CvVdw<wF;K%#lcYgmt
z%w-bC5tO{Y|Ghsh`uP6$1JK+4fAhG1=J{@t_c+;i_@AD4{crq_(G-2(|C9K~_rD*6
zzW5Aw;sS0W066oiCLQE&KS!Ra&jH{IQ1!jI_T3h2TCeO{&@MdCuj{gIz_tY4vS`Z8
z2ki!|-RDOPfnMo1U{SVUR)(|q*hX;?0{+c+LG(M=^LzNsUD$VDq5v?9g?<fxJ~b`)
z;s@l5FTRF<1V3jV4-dgzTy!_^O-zFKZ<Cs~wkxoI@fs=Uj9_lNc@@ua^K=Fa!fjr`
z&$HM(p|Z~^yN$km@fR?NXXtP~&&LLza{K1_RU3gA_|%S-4|?F!T@d{9*YNY#f1WSu
zZr1-)zGesDQ(@;m`1P}0rSqVF&vU>$hZFepnAfcJ!TsS!@ZY}y|KkA|d_uvmfZ2p!
zfSTWS6)5}dP}V6J7p-5<I~2bG;sE?R_!NMjzxd%b&>!KUvR^h`Rb{bj7wz+GtKf6+
z`)|ND@(bY8-!zsH2Qk<@lmulr&+@a+flp_gpzV3!&&LBkjf*+hvurkh0fiv%)(qc^
z!_PUtB?$Og<G&l;JuH5L7{tKc0-u3zK_ZBsLHdWSULz@98SyQ~8_RrgR{_5MitQ~U
zgR_de+NSc|8Hn%QBjzXe92IjQmc=8q<`^$)JN&(Q$mQF^K5l$v1>gHC=yY-B&4K<K
z2%evxXMY4`J@fkcckso3U$O>-o3Vl2%x;?dq`m?^^-AE=PhGq5XO*+ypZ@fB<Z1E!
z*FVm8%#0b*SNFqRqy_)>w<rD}fZu)hdscZRYIk#vzL*Dlbs0Zq{Nfb~|DK>_<=Act
zykgHIzB>8loBPpkqxY`Si`?qBwGEkFyjJ%}iT`5Uf!~8)ehGem2!LJVymxcVVc*8?
zD;_x0oUir0&Y{RNfjuM77>p7B;D&bV5BB&I7kvxpuaUh1HV;>3{i_sxh}`Sc{p-#-
zx-o=#rv9^itLtsshN92Wui%`aYrEM?WXD+r<YE07Hf#lq4t*OC&=MnalSq}4?E2sL
zTuQPfS!$BP^&YB!3j}rf&3iA;J(rTMC$8(#Uw`!l{dFouq}(URRl*)-;jc6sy-(>F
z-03LN8~UXVaL*e#w9-D!mE*LYAC0Ol(Gv<<rc?c3<KJ2}PH05J#vj;-+^QEk$aNm?
zY{nm#ugA8qm08N<)auJANee|?EgWPbPJlLM%P7+-b^erp7zPDSseS@#u>|md5rSvb
zZzEU^bVxO}yaa|uz%qb}PBN(#kG3o^dMyK#{wKCJJoB}d0Sko^hEpR3ty`d@D4z1Q
zV3~xvs!*X5p;BT2=WNLpI$4l&nqIXJu0I!z;2B>Kt<lT+?fGsidxhBLb0b)+*Qfwu
zzWep9of(^dC%E6TjaENkFTz5$2r$e>6479ZFfmsG)*y??kVQB(P^=Ogz&vcek%%-D
zGN^Z{8UY2z>%t8h55k_)W3cCqO-~%hPZ~{w+j6R|!ihFAbUGlT)ecI`X;r`jYpS<^
zUmXyU!r?kwU{^AG6DQerQMyFRwuCZ8%{!?2FY=myqVQ#5y$)MdN|)+iB6XGTFdr0H
z$A#vfVrKYREW=ez#m^36b(21f4z*TovkKA0x&9qZ{)7qZtLu96VAQXw2Mkm`!t5V}
z0IM=26(RSb>Vtw_1J>F&XLjU3rhFL*nir0BV@+Z8U4sNWM+pWv(+dJBq6T26Fhhc+
zkNrr0aFr)iO+Uf3!J;e0<2)n?*<dMYaf(Hj0bkPoQ`#8wY|r((NzN;3hyllWQt+16
zxoG%xk9n#tZ7p`_ji4tG(GGfc1#Q}DVm3CNNNwwSqi|KXiw(PySO+<9Y8+`EU_Ie2
zPMk1hsH`;tsxHN010Na+03CL<W#&^*zkTn2?xY&f*G2qu#j{K(;P)h5)hK_Bu_J;0
zTo-HgMj3h^7P7-Ej6HGAy8WS}d+HmRAWHFE`Ktn-u~J4%GBlRl6Be_@AFtUz-%~0=
zN3DDG*FZP+9ksFN#9u+*?8lG&{%g~%-rC`Q@{6S9=wD?Hd&zU}_aF7|f86PO`2OR6
zB=Q-cJK7xf{hxXN`+x4`^x*ri+0}6WcM3Tt_D>94+Y1eCGWP!Om*Y3&1(c?SJP7d*
zTtw_L2;wXYNjDnO=4=I%Oj+qXRB=n`?2X{weCD}#p7_PPeBr&AG0V?v-QC=qUwgjr
zmQ&Ba@B|+K{Qr;+Hgxnk9*_Ui%h_~)!2eUoJ#6?WbKHyn?sd!lSF`Ex{l`h<2>6d7
zqEs^@KIGCMH4QSo7AE4`n_%O+Os4xOa-_okT{y`;W^{d3rjz)e<4{|tbiIMhpG@pU
zajqh<7E$_@-T-*m^ZzFQzq%ao{}j@+e|d{>WIuSk{ij412K%2ty6tZ-uZ}h_N5TKD
vA8vp5;)3{}YcJBIk{MXZahJ50Z`}Ta3^K?dgA6jrw<n(f6x}wg08jt`c;t+?

delta 4743
zcmV;25_s*_CA=k&DrZWu?~7OknSA#_vYmDkr#*|~nXdAwdJoV!-1EC<y%+FX7yjfA
zCS)d>Bp=6_etmqLqXb4_D2h`Q_6dR_IF5Y+l7BR?J9SNK*C6;wU6$=XlY1BcUzGgW
z|IeNu*j?8C;LLOUp^=a}e_s24{`(;+oA!sgv42SY@ww`p_od?<`Hvzr^(+6A_ru5h
z{{S@m{b_bN$j-FH<;mvI(Z%@t<%&JB%lpsaakbQx<uwbDT}a^4Wk<#yz6wU6AKDyG
zuUf&IO9|Pnqqx)iGm;Q02_4Uw8Ae)YDybIen@;2QR+_jpw^**ve=z557W>E%q(gYv
zM5&tI3XO|Zx5GHBgZGr%tf2FnmKV2#-Wl!f+;`Ne8P5zl5Z+Fex-H9Y63HF4<N9*o
zIGXnQx)u$NziiJNrALtDkQ}h>fg85Wt<$ThzzpK3PKXde;*LyKk?LPXOmC$^*r0KQ
zBsmXn)>m@rdX3zNe;v%@VYhWq3DXWo=YVb#>2Rt2ZO?AKYeB&NQr+}DwQjf+j`Fzl
zw&$xDRB5-=WchGfsO$APWFU-0<FhN5No|kaIcuSHUZKru<MLz7kG<F8)57NUNp)=f
zj4ySO^9yl5OeX^${mgN&N!#ux+VXv`_w>?{GNTF4fdB<ce~TO_bh$xXL8p()gR>xS
zD&O<W#@*y}RQks))R5Pk0A-wW^FwJHbL5KItejj+jPwczxZCFjgP4h>)VCBtZdN&D
z<~BV?9q#Zgvvzj7F==$X`4+s#|G(K;6&L<f<lA26Hx2NA9lamve@nlq|GtNjB)Yiw
zfcK^2QU8BifA@dx{}hh@s{RuchJ395AA+9lwB$ue1`i4^YuXxARO!s>Jh<h}2N!Vg
zW#$x*-cVbYwDpole_)p)**p2^e#$%fqO*?dYr6Lhc0b(zx08#7tz`hmQPxkl!(E75
z9?4bIixb1*rgC0mD5G+w*EbVo)@;4HIjXmZj%5hBfBt=pO}y7C*-!YZ4qU=FNBy4;
z3fw_+d6zBSeISIl<Wx&>rxb^TPY2muR|`l!v|%{KZBKZFfUeSm$T-Td^1{U_a4t7~
z6JZcADOKEXjUu!HGLc-oB5%YUpRnHa4z9AMaT{!d%yveUnTFa}7kOfj-+l``Ov}rw
z-#7aQfARl6%m4Sa27K54Z%+4Lum1>?_?Z76g6`|TS1y070lAlJz|2}nsI2qk{WnQ?
zd+@(4_CKx@{<Y}$_J8kF$2<BziICW@`#*uuAM^i1&>z_Um)WELdyh`-7JwW*Si^kt
zUC`v&;gk$^Wy&0JkVj#J%)%RRCUTga)sow^f4YgRCUZB!tWz5GB#8He6c8*!l1`<#
zBKZOtoit2DOTrIBe^k+6DCWJUWZbk>xr$ATxAqnimg!~JhHc$XhhoRVnF>t-;F{2g
z*6!J%yKJ}50@*#RHALIRA<LQLdY`6CbPB@`!X1jbWnm<YnWobVS(?hJjgzq9`n?0B
zf0Su0vX1B7#nKF-7%~Uqbh$=tN^6^&=9#4@k&!a0RCm0ros~oE`kPGb;(VdWX_AUl
ztCb_L$|yXp2d=OyNWsIC=Fm_?vz0<v<#nxPc2rQ-E<7c=o+&5whMJ1fcAlACR<=Z8
zO`Taz5CP=XbJ+2++?Ub5#vPA=jfiIue*;TVZ#dn;qPivfJu0+JQ5o2xLE>Z&VV9zC
z@DnADn{zD*mm3fi6YZ_K_NaO5<q1MqJ%@ewr0#ACcj2s#u-7Tq*9W^%gX)+wmy+Yk
zusg!s5hK$Qt+qYBz=0i^^|B~oI>lJByf^Iq#^5T!bXx4T3zpb8G9}F~==*Xhf0mWg
z0IhX&uSCCm76IIYO<b~jL1M(Ku{w6E#Es^i>jrmaSTbM^b9}AZx@yQL$Ho`8<Y95q
zlxSU$OXD1K!gd)#DzI7Xb5fFSxh7A|4&l8Evq9zv5}H#;u|zJaqAq&Ub|Z|mxwC0z
zs>VSfPeFs@qB2(rTreOSsI+Nwf0-_;2x<A4C|Ne&N7H7*dM+XD`WAz_#xf<<txhQf
z>)M{$(`HHR*m@GlLoNoE6D`*Ya5UD0+2{L%AW)@a9gx^P6~=b09Za1`{W=wH*nmMC
z&FDTyRQ)NjBy!o%r|Ui>{g${gY=vEcAXyLspF?oz4_h4)?QMiqMrlF0e?|z>Tw8UN
zcRgb@(N1A(&I1-7+ImYG22S{PVGR3h(6<txZx<LIC}^oFvd~uY#TEAEhH}kmC96)b
zq0VjZ$Wl2eZAOyV0zE`ce748snYoY*gdgep#20`%oRya4$sR8RUSsqj8*--;Ba*GD
zDX;kpb=vd-#fDdDmnuUle|OeawzYZzdn05ylN!q@)B~cf>q4Gz=kTf;BJDLAK6p*j
zZx1)cf7F!yTwfkx!5SWJ5NWU`I_#8U%qkCT_jXy(Ed-3$jV&(hE#zCHICA*JS^TL#
z%a<uaMQycR3i2rShDotqsw8UT5pj}FA<2n}h?LPSEw7B+0CbMGf4Nw=x7FmMv@Znw
z4M~n&C!3yxj$yjQJC;(g=0d_2=@*$G+f?SbO+g;2D@`F=ezKzoI55g$9H(@@MJ_!e
z4Tx~q<+ZkD1r$X~rIjSU?U#FUHym7jtz35uF=EU$o|t4wNFJ1$M=zQH1}~%{KkrKB
zf?gfnPpnDFFC29`e<?ASBO`H4j@B;Gv0-;xUoKLCh>Eh0<G>J*TaYed#6RI00P`K;
zu<N1TEBj$U2b^CaOY5u)l(KE{s~7LIRytREC4@bNI(GPu?4mx@E-Re(3OG7C+tAX0
zTag+^=%CBkgkTv_#+|t9LRGK^MwLu4sjUU+qU&*ybknk0fA3{!u4$La5?L;Sf{PIM
zT0>m{QI05!A6ERb*{$-^?lPi{<-o_mhJ(pUCQCw>bx5Cj<QV#9V9~411%vu5S*<Dv
z4+G7*2L;fher}wr05vh1U-A-SYcV1btDEGGQ?b>t)LWAZVLO3)Q<Z?bj+}GG95^a^
zilPJ&om@hee}NS(ULdTXO1PdFZ?`xl&>F{FTr07j-|M2b&{k)0-IJ(!y!MDlP*;0h
zG78gJ*J6o}rg4Z<57?Y62QqGsMq)H3SE6M5lv{RIxzZ0=+_k$X-{^6NEO+N9<cK_1
zkx=*3QV&(B%&o;DSu?E<unN-Wo@iDi0Xy`1aV=Tmf4qbvy|+V_p_bl;z3r;-;AZ=@
zD<2K^xLWjU{b+2XMP18-zRn3i)QV#e@_5~xon_7)&L>$$_wdn&T2rc_8)QJ$JdU)N
zBxSjvu?z2`#E#tYYS<o)2x2drgd_mku`dD1-Xtk6C;B@0K7P<-QtqZz9OUOUI+%E4
zHKs^2e<+0_V|0=Z6Mb63n?=<-5^`k5#H@ir$mj($$}DU~rF0_MzVVKS9i`H1#=npr
zydibjT-*A=ae`r|V=R+e&hfh0^Y;aXN5!mss{mMLO?HRv>zYloejFjl>L*c<)nP5W
z_b1qM*VuFRLG4moEwY%bYS_sLffU09Do&-re_Rq62SOE{gmJ+yl9bP{rhlQGV?*NC
zr4Pw4l~?_unm9fpeaAZoRb^Upg!)rzHR?W$7U6BZsS0HetUY+D;=!IOy;vVt+tR$2
z4LLLns~6M2=w#!rs9c4b1XYg(pQkK~VM9$ATy99Laa~<3CXs+@gKs1@yh!wkVrqD!
zf6gl!Z9(hjYqO;mSZl8XdReKa-Sgq1Y4+YuVdTr0Wz3p%)M{QBQNjrajw8Q07F2+5
z;QMN8sg4e|K#ro&xMJ2>8d_S0kUHXda)<vvk0U<P2d4Y}FDqR;d-ndYcfgPLzwiA1
zgP6-CLeeyTfB#F7)W`R~AA;WW|Ley!f6sT5yvNDD!~Zmj5I_5$n$PF`KZ$+({^Ntt
z7oWjST)<5P0B2s+q=WqJ=g2elIRJbCs=gQ3zT1LL>y=##+Jy)DbzRmC*p{GM7EPJ?
zpxuDA`}~L@&@250EXo$l%5WAR+bAwVz`yw}h<*oqeh<IC3;XU%6aZ$i(67O#f2IXr
z{D^$<#n<pp;OFe);UTz-i|z)#j!E$TZBo<Lb_Mn?ULggY5zK8jui_bQp3Y!FxXmm0
zc@~=|RQ6eAx6!vR{sIQ^3?0tr`Pkr7Zr?n=Y9kN>pW3nVK@WVo3xa?C8h-xz&+|py
z&HA6pSL^_MD(u_`zkar>bRP71e-4=EZ~~tm^P06jxIg{`{`)uJe>?z#Pbl~mFq`lT
zQ1jca0%gA)$~pz(qV?-}hvGLt9DsiZp91jn7eBrN`V%}<_76>0RaxxXMf*J4D)=1y
z{u{83`~vv&t;RCqAO@R<lA!G7S$_68@ac>bv^@{}<#@oSaWMybmdz%he-Px|n&EqK
z_$B9Uf`Fej{=4Db!{TR%K@8k2@EQ09B!c(_q<`4z6_Vnm5#M0Ew#*lI72vC{*xoQQ
zIIFm;Z7ScLf%x7%Vt!`NQ85Q%Sv*2(j`6a#!{3{ST)sK%<Hna(@V&o+P8Vn19O!RB
z@cjHd`y(jpnb*(1gD?J)e>EW7j1BB&cGKJ^^%d}`R|21Y>e`JztDFV@^rycgPmAxr
z{%O8rX3UVjx*zT$E%>*;J@E$t{O-Hov&u_RyPI?L#XQ){%lI+l7cWux_XI5~$97ZT
zC3_z6<;geS+>d@6y?2dX<W_IjHe`13O5GzR{)=%3eh+^6CHNr#e|C-Y-pw(GeH*(k
zdEiWQzSj3Tha%4e_KZAZFh=}?8``Zu*yGP!^bMfDMfMWdJY1ReFH`g(a<5bOuRG`H
z#t`N|+qb$NH;pLzY<|VmTQwi8-CgYUHc0!BHmO=Qk*rjCi?m|lE}j+`GJqZb`<^?1
z4H&Y!lH;ffSF+YSe>2Ps_v74i2Qyt<O>NuePk;A0e>#;ysq3-h#$<w-yp<B;_bG?L
zoeD#>;cxK)?m1(NciN}9a-P=nqj7ah{DgwHX;oju<o8yO6=+Jt<f9m~TlGQ*yUydC
zO?#8_=dmqp6^1fdwf=HR)<V%&O9vT63D8Dw1y@?7&Yv>Ff8fL^<DY<9A^|*L2LBmf
zw;_=O9a4o`z6FMcz%qb}N;0WpH{6OutF`pe`Y&xwdUn@J`XZp1w9A78v~GZovv}&R
zNn{f0s#1kYC{CFLobBe{@6ycaY7&uJqXRJZ?&VvPYq2B7;H}uG_z4yugQMhQnvLY_
zFA~y`8xvH-e`=J02;s`O+n6@MUKnB{0soBSe08~B!d*w}!ZwYkQ_uO?)bo0p|9NUz
zUeXxq-;_&rHBOb5fz=Vmt#Q`qWzM@okQ)8H1tuz=*$q5?w8UM>>~)l6+hu8|RBSo)
zi=KDT^cyy1(P+Z-42t`Q=~QJk;emXrs8H`yOb-i3e==Cr^!V%`OEwet_)s;~y;RAu
zh^Rj><S*E%uDPyf{^NdqJYb^o;bH$I3>B5NxCvDUcONwLTB$b18kw1WnYy<j@w)Jy
z>%G2f!D!Yf!w}K5WQgFT3|<H`B-r}I3(1Z1guD4GI4<~WrFb}ff@BGPkQVVnS%%0?
zttRT$e^k<#bF^pK-Spx&9*7Aic~UTjmh(59x5qryC2cKs=#7Kkr*IeayM{Jl)RCCz
zPK-2tz4@=|+oAHVB~pG4NS}nt^|7De24O|IOj5N$z_VLA9N<AiKJdZpwyZe{(zU<3
zyPQQ5>!RFw>}DCoK+b8ps*&v)S4Qdjxl4@Ie;aMM`mj+P)<5D0Yt-!z9haw`mI?BM
zo5$X&0AcJ@Foz4Yq16nyV)^GQ@!@+e0yxyVXMY6<6W{R|6DQsZ`W8Qa>i1t$==Amu
zCxicEX@%PtS;HLi-247V{rw+%wiw?3IEj1)ZjZKx`TftL|M!3P#q8kyuleP0{&xyF
ze`EH~WM7#B4W%>j{_kHWuh|Q@ObuK=z#q5>?J5XnPD{xr8q(Bk1)oht={($V!{zKX
zxz1wl*mn;7;#|CNUd)AIiKg#v;ViBkkDS|?<DEO?4r%0TNCzi7`WlbN|JlWSHsJp$
z<Q`6blr`?ffBULs|I7Joc>m)has>Rxe-vS=gr<+V)F_bsOsz?W?)KW>c(#z~eu*3f
zxpx;#vricxUzJ5I{<AC|Yn84yloTfub5NYeA+0G)ztArL9`^jd$^S1e2K+yTH0@uW
zr5xE09&i5{(}ltQCy;LYn<KQNtx@p5tB2d)K0jyvXPe_Z8Osc;<hWbf%QtTS6+s3W
VWRO7y8RXlO{{Zd)kVpVf004V^n@<1$

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index b0d3d2f..44e17d8 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -80,6 +80,13 @@ rc-service networking start
 ## we use some bundled or optionaly provided keys to avoid generation at boot and save time
 apk add openssh
 
+# banner file
+cat <<-EOF > /tmp/.trash/banner
+
+	Alpine Linux headless bootstrap v$VERSION by macmpi
+
+	EOF
+
 # bundled temporary keys are moved in RAM /tmp so they won't be stored
 # within permanent config later (new ones will then be generated)
 mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
@@ -89,6 +96,7 @@ cat <<-EOF >> /etc/ssh/sshd_config
 	AuthenticationMethods none
 	PermitEmptyPasswords yes
 	PermitRootLogin yes
+	Banner /tmp/.trash/banner
 	EOF
 
 # inject optional custom keys (those might be stored)

From fa083565409bba7215dfb7249a77559c33ec20ee Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Fri, 12 May 2023 08:41:41 +0200
Subject: [PATCH 05/10] re-order ssh config code

and add log info about temp key use
---
 headless.apkovl.tar.gz             | Bin 4822 -> 4827 bytes
 overlay/etc/local.d/headless.start |  34 +++++++++++++++--------------
 2 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 4c076e0d2a109934956cc81139c0e478825fc463..72fd7185160840783e156183eb46692ca6426bdf 100644
GIT binary patch
delta 4685
zcmV-T60+^qCEF#C9XzXaQiBj6v>*g%fu2-~eP6^X$mF{ZlI^tPB<)!o&vcbf)q8->
z;hx_;>%D;Ay6`7|Fd;M1B>6bb^!AZiGJk_J&+&)Gulv~boA;;V?qG@_{u}-$C>s9+
zMBX2S-=~lMhnpt)Lu<ez|LJ$-KThB{j$#Nk`yWLy@?-vg2zu@R`R|9QY}y~{#{MDo
z$LFeZ-j|Md<Ufkg)LZ^1?}v~1{{d+B`_t@lkeg|NE0fKmql*dm%O!W<7WbdS!+&z2
ztBY$EBHNI_<;#|gJ$xCAVn4Jwo?i7rFc&hiT}5$c^d}@CG!i<TGBb?y&{R`BFxH*U
z@2oU&X`WrIPB8DS*<Iv_@;=<Jqf|?8h0e#C+hIJ`!8^)rme6TME9@<yx99eD>O1P#
zj3)*i2yd&&-G<}ViR_O0VRhN_Jbz7leO*guUbt*dYqdv^WS{J@&7L1N%&jx3sKCy|
zL7NaUf}|~(EF;aoN|@2gg}6rJ2uX4QUazj?!u1-Z4?9@E!*1iCGN$hj&K}()^8Ql$
zo1WWv*Mflkg|_Z{YSr*59OZH8ZBADysM2nsE6V=JYOB>LWFU-0<CCkDNq=pR-6?CK
zRbHXZa_tIZER4O^;uC8N#-us6al#jd#QTM`8>ZtKAN|a6uu0$SCff3SulJ17k+X9X
zo&pgH)E3!O=wgkyqCp=Pdxs@&n$Qc(+Fj>#RQiVv)R5Pk2xYu;^Fw(P^W>6QFP&UZ
z&gm5naJSFT3}PmhTHjIxxqn&ZkeQqG6m_^Gw9LxcZpWlC@a9|a9{>MlXH{JIPmynX
zncp<P|8?|!r2j4bs{Z>PMv^Fd?*Z>i$D{uLy6*qn|0x`QtNs%dhJ395AA+9lv=Ag&
z0r#q)==us&HTlFD0=N;(2N!VgMdlQb-cVbYwDpolf8Z7p**p31et#-BIonwW?ls-}
z2DcmT|J%vM!qz$ihfy((xBXp+UmVC~)Jqe?;ih_8VJM^Vrq?$UW!7B1yg8b;gAQc~
zx&D2Ob-dFn#ZQE*0bIg2NBy4;3fw{Sd6zBRT_A?H<XFpbrxyD}NC(ATRV<|J+c2Es
zwkJG7M3?DaVjOi?dVe8%44lhNSVtHHOllQ3e4~o3h)g6OFUcEm$0x4Vy@P9<dA<$y
znasB5C^OGmV_lSqJAC^s@Gz~QEPvnZAH@IvEdSrv8t`5Fzd7CCUjGp&@iG5D1l`wv
zuU!6E1M)A|fSI+FQN<9*`){)N+rj@^vHx+M@UKO`xBq*eI)C2L|4D?z-tPYdLVwKv
z4?%xm|6gQ}{_j0HwOas6^k5D1&38dl;D%!|*p;d9#9kT25i$#Jz?sNlwpL4S(&{F0
zy29TGvrcK$lOe$mQb4rMvV1J1B`Flh=%isHSu(yK`h$iBLox3)<?~Hnmdn_*1Z!s@
zVVPdGZP?cRw0|$Q9Gq#;6acOXjcDzj9J<T4yDU)L{YpplZ5(pEIj(kTx<IEe>>%8s
zs9P3B;+W|M%_{O#PHmio4d3q^Af-%;%{oDF*@YQIF=P(J@p6sYl-Acb-7`y1CL?v!
zsP1rCIZKDw_BVyt#yP7iX_87)tCu6N%qTpr2fnZ?NPoq{qwdg9M01r&Smkx4XLeLj
z);2sQhLNd9?S`7F+IF6qU6!^?VNIP`P7nd))pNM<ve=c;uErgYfzOe^AZIK^z2SHZ
zi|Ur_cBt4gMRms528oj$gk6fl!H<+Qu1~crUT#28OtiP`+Jo+`7Dou-j2!meqqe=N
z{DrqV!hc?+d|&VFMhmJ#&Rj~KFT?Ht^9PJfOSIbbIEw>YGV2vd#te$F6lHg|ck44>
ziKf$Hw{5V%#*ry$fu--urC3pq1GF;Gof`e}Sp;woHfh1_M46GU=jEYWCT=wET-Ug(
z!15X9F~`@djjM%1a%g;ML+;s&u12eZT%1oaFMn<pA*2Coc9)Z~e9LuZYPN{rU6?g8
zN08VYLy9AENs|o8lQ(N|q|L2OGgCDVDtQbV9GBF&O5oxdqJc`E)|ctBjF47{iIU^;
zT{NxNoaYkqwr?@0Yb;aN-0GM@u%Yj$9c`Axma8X;+~-nYIniRJ0*CX8F#CMB7e%Uc
ztbaWcyT{_ZS?PPzU{b$M#TzzY5Kl9P&l6RDOe~pPH1zSh3rW8vt_)XUS0G4OLKJcc
zF8yI+K$5+Qkm_7oP_7fAJl9qO6<qJUoM@*wuTKLO@7sDqp3gYp+r@d<WrMMi0b|2r
zc%Y)CrYd4vDHm7VnQO{5r=_Af!J0a?y?>*~<)pS5Nn$LzkDB;okBbv?AsGli(DhL$
z0Bty_EhmsYUWkIu7(+JXPA5eqS5s473m59R?nR0Vuktokhg9jTjbiIH3wtAEIg=JE
zDbxd!VHjeb@Tc&qoh909bbRodrr+#us{g1dySctR!h$<{_?bw9713eG6l0coV1K)}
z3rn{UFkaWT#M&Fkw?=8?@rk#DV}DXEQ-n(Ta<dSXQR>eo#dWEgXpKk2Nj`-nFC`LE
zMz^%QGD-u`Io{?{;og>$kJ7#v2sb1-be&>)GCGFo0`E9V#hMEVTclrPqGD5-<2D7k
zudXzOY=p^<B4E#`>^M&8Zi8HUM1LL-alg%LeZz?;ik50C%R<{PcI0;0yT(erZW&_4
zm}@*S$%2qQC^ZjWGyx1=$VGnImdpjcI)<NElbT<6>UdORK1W94kQ}USVqnAewz^#8
z0+Cd87stU_L~cRK#)yB!bpRGR!r@j!y;FC?fDX8@L>AV`5Gi%j;#V);>VK_#s&;A!
zdn$G4@GaRzeW+iSxZo9VbZ|DIr31GjJs+UGp<ok&WkeZw(zXjV(Ha;{Hl?JtSkgsT
zBb#*7qFU_~d9G=f$&xref`W?}_j*HJ0ZEA{OBj~IqS-F<<MuM5jpe|H!G?p$N+wH2
z7j;M<d*l%MW?<3F^#z0aEPq)pD+mt*-MR+_(4&5SK2-r~VzjUjWW?5EL?)Iu*&U~1
zV_>PbB2~h60{5n=0e>BN=Y%<MRP+=@i4r=wgrWdTTDm}3L6vYlG2WIvCeRAUTwE`)
zUf3Cu&g#pPwCYLJJY0K3BB-mqDjAh&tZT8rNAtXoQx8}lEeAT^9Dkj}XiTXj+4d>7
z?5uKW?6bIQw^6<};tpACPf^Gdd9ER$;ish$YI2!dESs#D)(1Eh>2psqE0Ta6dc|H#
zjyNsg$ms2mW2l9<=5E_6+`HK>?aD`kJuKONWgO0%h^=d7FjhGMNP2MyLIJOvle5VA
z{pqME=ng*kP;1IHbbo`+P&JPu?_^nBurziNe3aOdTR{uk!#RSu%Q_(mfOhOlKyo)(
z&dZ6u4!)1?b%j*AX&DFkX@w3Z-dK$((F{tV$QT{v{X`!Z@S3f9M@A0Jn3y$Ch#Ad7
zqr$;vRLVz^>l^Q|-%=XAV*Cr~!E4e`%$05I9VZyJ2F5X|<$oNm>z#04P<T|#DYpuM
z70%?g*siX*H0#F^f~<a$L`54`ihF;8J$H>AZ|}7(wY4IP$*P8(j1WmFWKn4<&&(x(
zaUj&tNgP>$O;RDhn*N1$4h@N47e1uGR9^LLHSt13`i^%Bs>-zH2=%AbYP4M#vEgmC
zt_pPrtUP$C;(x)ODx+8(mYdSNmJK;H3}+P6z!+rXE~#9DngrDjg^;Hlhhalaoca7L
zbLZ>wVljyfRBL=KbKym%j}%kGYi(Z9=qzoVuFZyGvDRJ%^rF&CyB9*XX?EULWt7X9
zWz33nv}#@$QQ{E?4x_L>6jXq(;rnW9p^Xm4A_qxqTz@I+EFCSavzR*4X>y1EKaV3m
z(g&vd{x2(CJA3y2uy??Z_rLG_{)511oSelT?|&)k<NMzaLT~#2_2Zi7yGh>TWZ&U`
z8mG{={7;a?$M?S<gueI;cH#nVA^<oEnlA5^Z$C$#sm}r63sCdDxc1!^Y+A4ETF@>$
z(68&VZj<~AD>C(6*mqx|05FS%ehoe~E%@R`<clx9hJOM-=N=Ca!EIc0H}G{#g7<He
znzptpuz&FilUWQ)e_{vVQ(@;m`1P}0rSqWAbHF@@6ZrI)*R1uy{qZO8-@gI>;{h0a
zLcy<q*@Rz!y5DvcsQB$r)+rbltzXYO6u$xD0Q@`n6o8+<`0*9cpWvage`va@%3{|p
z+UMC;!RO%j-+*o87r>{#X{>V`#9;GK5|rIM%g;UsKAmxbf41j=zZ?(vG%n^~&$8JB
z6oR~4Gkh-&zvTRuAmC?>|898qu=p8b5CeA$d<MP&i6DLf=^wUwg`{|C#5WkPE%U`)
z1^DVKwl|Cn&MNL|o62`*Aij5xn4j5mRLp@`7LU-HW4x^G@b~7Sly46ExbdYGeDANI
z)5V!L2l{Uye|Ua=p8XM&^~~$%-@zAu$r=!D#s+pXyJ_x|`U?2eD}hfxb?wHVRnCHc
z`qST$C-(cVf12-@88f7>?uWZb3;ykIPr_aVzx(d@tnyOS?&chQF%S0gGJeeX#Y+_a
zJweOLvE3AS$(~1idGgIS_oLrN?_Hx8xz%rL8#23if2Hn`692`x1HT8q{1W^S0K3L{
z@8+1pzKz|NJaDEtU+a6FLy>0!dq$oy7$g3{4eiz+?D1zV`UcQnBYO#K9<I##mnr%X
zx!0-t*PU~8V+iw1(a-<czP0VPjRVnV>npf!vAt}aO=Kt83dlpRXweohy69VhK$d8k
zyOO9<f0AAQeb11Rt!plT>poNi7;$*#aOTVzO15pAKK<3F^yyRzPhF1;H|E-zxwn#R
z{3RtfSjsSz8~PTvaL*ZAw9-D!72`CXAC1c`(Gv<<rd57nledi;D^NUPlW%NHX4MNF
zWIFdZHswu<*JB&l$~0xND)q&bqy<w~2?rUEe-faL+A_+t3Y|YDhCzW-#Ls|QECD=V
z1pf*3+i;cx9a4!cFMy#TuneFglT66i4Yw>&axHw6{?E5MJiBWtd=~JSE0-EEXk7yx
zMe)>KbCwCHs|*z~;c<$f=_N)Z#WNxQnl>+j&cYL^M6l~YWgwAM-zqRItq$*L3~7yC
zf8>Pea1FicPe3B+6Q_WkjpkfMB6|}h*>+xNCuLi5I8*Z(`};@=G=(qS7`v}>g1;BK
z$TEJ@v7E}9t&v`rFH(0Aa(X5PWnSrlb?*nv45p)jRd>JkjM&)yX^pj?syOq#<>+&E
z6=#uLqXK*W{Nj_I8CF7ZamzL`euP8ke>%2tAH!?}F*24wTW$<3v*L6^zzZxe<{QLA
zILAgHB-1%i@4|*SEHPTwPR%?qd`h}`THEvq<`VIL#2rf$WgeKejLf<p<5XeJkqB0m
z1wLs}f;vkXx92Pub0bGGs8p&D&CMc~3d@1gOpLyZZI0ey?hnvxb+27-PTbbCe|X4h
z8BitstRRQ>paL`C`g6iFVh|v)P-BAr6EEa$oF`OGUqQ%0woAofj|n0>$V_USoo5*o
zkoMbXZOqX=CFoY?D{6=VCwXF2*RYBjJoIR??9#-D4lg8x@_D#Js9iym-KvO9R41V8
zy53-2*6l*bt|XFv4lkXA()F>Pf8ZKu#8nYdD~$lY3*K(vK|?+qN3XU>kPJiI_wLTU
z;rLzoK_0tV#$&+zNxG_J1{GqD1p1~f`qXP>=-n=4?PQJpX^pz=p`&~1DUl$Uxq0lZ
z3_4+@j0k6-bPhmB#OCi`v#$>+V<8vl9{n`{iTy!s3}&yOZ}!*se*4u~e_3zsaE)1)
zh6VqWIrJsZt-t@M{{F|F4)=e@ksA=~U~}mAe=hpp|Fh4gt>1sm&WHQIW5@$y|3oaM
zzR-{=V_*J#Ie9}?Kxt~=`T_pHMEEX)ATlx+bfY13&SofH$_nG5ifc+|uej@6%p7~^
z@PC}M=g#vP)9gprEiasle@n;X&SL6#rw(@qWd0S>L30j1$NlktdN!L5_<sz!h2|b)
zj$85HzHFTT`D{A;{^KZe0Q|=gVJey8-*TalbNZQFa}~PVD}UqJOr-lMa^$$)GC0Y;
zXLNm4<cavtvZ$?9nBKtBk0$z}IFCcV=3)Ai-T=7U^Zz>kKR+ArOaB;BKmX!-;=p!r
z|MQ;`T^P>)2-1E2`c~>-a~S@2dH3_TPfv;e+4_b|#3BPLIqZ`5@|&OkAcG7t$RL9Z
P^83jT-w5Oj08jt`&u&{k

delta 4631
zcmV+y66o#QCDtX79XwH`lNy8op#>p8LeP_PvG0pm1(|&JL9(58w)QNJXS&L#>ODZ`
zaL@0a^<KblUHFqfn2?!hl6)Lz`sI;XGJn#U=lHVm>pph<=KbloJD4Jf|AzkwipD<y
zk@pAT_vxem;iifH&>HZ_fBIedj}thKqZmTX{zp-a{FwhAg5LOl{(BjfP5ZKL?3bxO
zK3ARdzI41J|51dde&K)ee)yRGAAn}RKg})&*_oEOJlPyNx)^`IT(L)XdH*>)u78%A
zvb<&?vI_}Zy6ni<!&kv5^h2BD=~XLub15Oabrg4ce?}5QC86UvGs8#=O(oR=ebZ^&
z-bxdf<`&EK8RoprVjnqzbO;ZdC{@#2p>eV5b{L0s@Sbv;6?9(H^5T}zJEOgw`;Iy_
z<C#GR!rQ4*w`JK)BDte>Twe|xM}N~^U)Q3+@t5s+qx1-p9FhaJJ#fR8xpjIK6_`OB
z)d>+INZgUhDpLKci0Q3V2pcqxkR<2f&H73%U9XY*u!DI#?6wXnVcOy79MEkd9WJ%M
z?b)q&EeP0Os++#2)(w}!Q687x_IwqCD(#k<EFVq_b-g}^41|$re0JqBsekRUJ7+Dl
z&MUN8ZCrkg`LXv}d|KGNKB<napYf$Ga(*H1hv{VCqn|krHfh`aL|eY^^`2fjQf4&a
zIS`;gX^{hkE;ooP==5=Ua2DiE<$IplxSO1gO8>Zp8uEG*pp0{Fekg5Yj$ARDm6L0U
zkzU~dcl+F65Hqoq`j#Td&3`I~%-p8usKXt;W!BDaHztjaH{XKy`2ROMtK!0cihSG4
z{H6i^ucP-P{cq`4_22g}l0+Bx9`L?&JnH|i>;6yupThB9)PI7)kdO8ML(tQmmb@s*
z;6dSKO<RMCDxF!K2e-WW-~tZ5%$(xU8*1y4wqEk+5A0GTdnZ5LPk(tQUv$=yeM9%Y
z!S09q|8{b*u(b@}ILi9zcDM_1%OkmpdU0Y{+*HnM3}sZ#^!jF^%$luNH%ImM(6J05
z*T0XkiT7G1`w4&5flK)IsQ=SJfjej}@3N)44}|cRoN6iVl;V)^=^(r7Y5~cIHVmh@
z?Fo+%&{cX68AlmbUVpea1<vKhZz2o=CZ&oSu2F<mKqiulSLBVj;}h1K-oaJYG;V`!
zklD_NGSg5S>mpC=@!M~KhiQ3v_4{W3ApZYn`TxGwfbZJ>&FTKj^&f!}AM^i1(0%>)
z+U1WmAopqwm{}_cm35xH|0W5)9sIu)`ybZ{|625W`@i?8<9{9fpF~LPm;IkW=#TmT
zA?Oe6|I6&r|Gh`2b_+m`9;{)$`7UVk>~Km3yE0{tILM<gLT2F&I1@R{&T7eRTHQoe
zlersV)+vp862$vK3J8`VNvBd=k$i!SP8uenCE<smKdNXj6!TtFGH%+cT*aovTYC!$
z%k;8q!?y0HLw~Vj;Y@|50B}ucL~Hl#&|S9MXMyY<)*7Pi;*jOcalKE|B|3#+2jLDy
z-Lfze#!S=cg)B|w)W%8JaQ)r^Qp&UzS;zD4Vrd3Z44DIQx?H0+rM1mX^UTtd$VeGg
zsyklR&dMQn{Y@rzalX*xG)cv&)yffAWfUIQ16SA;q<`SyNpol@qS;Cztn#|nGCL|L
zYZsmpUC)%0dP7Y`X*<u%E-PE2u%^x|Cx`&@>N)IqS?<edU*nF)z(&L~h=HZ3H=J%^
zQQeaL9u-=qs0?h;AaSyXuuD-m_=yt7&AFC@%MA#MiS|}qd(^!3@&qBQp2NO-Qg=6n
zyKq)V*njJk>+6Hvs6lninM=uWW!N2I?ue0TiB{VlU*N!w%z9arFr8v7S>7A=eq(Tz
zU^*>!+XYK(9GQ~l7xaC(6wAtKfYv&?SE8RkivaGyCN9~%ATi?ASRK1n;zsk%b%VPy
zEEzC|IlfkHT{YyBW8;fk^02sQO0+J>rE!iqVSl>}Ar;sx_Bkm@w_KB_W{2?Jh1no;
z1PRS4q*x*sRZ$l`X}b|d+T7VRGgafDkf)%*aZ#D81TGj54OH5+xlET;gtUB2lq{R?
zqiM5YJ(rMneTzX|W0{ibR;Lt#b!|`WX|p7DY(0tOAr}M7iI!^xI2voh?DPFW5UA3z
z4u44Oo(f~T)()o5q<)<WH*CNlj%IY9BdY$CSQ5Ex=+ku{l735E8MeZ%K#(j5fzKhh
z^oOkuiS{-^Dx<WZTq6W&uB|%CyPmO{Xs0kX=K+fkZM`K811EgDFou0L=vxWUw+jpp
z6tq+oS!gTy;tG3nL%HU(l2s?zQ0KOHWPhoglr|$tY=Iu4CO+Ha^2}UF2EvbYec}s1
z9nMP2@??(}0<SUpkPW%hi4n=x)Rfo!g*t6|fnvj}v`dvCl{;%I+giPVy%DmUNsZ+c
z>H$&Lbs<l<b9hw^k@gx5AH1gNw}+eJKWfT;t}l<UU=0s9h%{Ie9d=4FW|arFdw;tu
z=oSLT>&6xr_7?K3Q5-pZ;w=8upXJLGp`y0hE(LiMd&8vIE>#k>@rXFdr;y~tL`2Hy
zmX=pWZU8#R+gvQ%+iLPr+7|-;h9t+XlTA-T$1q*u9ZM-#b0J}i^ovZ8Z7OrzrXUa1
zm8Os_KiN?P92jLWj#IkdB9|VK27g32?DAUMvI2^trP4|g-}cKrxf>3yzE-X~h8QvC
z8c$5JBqR??&7&7h0D~7&k)L-Zb3w0;?kCoy<QI-Qos^i%k&!qiM{Aep*s!~;FBhpm
zL`B)habO6@El3wJ;-7F0fccJa*!58FmHjZF1J19IrFGT?O4+vf)r)spD}SA<y%NHn
zLLEDNM|M#kYL^wxdj%XFoo#4oz^zD)BXrPZY(lV%DC17tb)hO)1EWf&nAFySbkX&=
zNV;iRt@pAt*R;!Ii7XdE!9|FBt)Z@fC`XjV4=aAz>{j_{cNx*fa^T}&!@*=FlO>_c
zI;2lMatwVlu;|t1f<b+jtbbM&golA<-Gc(?Q9n1%Re+ip%`bTgv9%bHh}BJU$En!r
zSn91wg|MB#y{SsTT}RG2V-6e@Jw;K1h)ymc%fN~jFA!ExC0tL8w_BVNXpLhou9aBN
z?{!gIXsffh?n%@<UVB6&sH?p$8HH)AYq7*f(>TPb2W(E30~t3*BY!a(lPgiOeabC6
zt6b@aEbiJ}lyCI7LzcU96mmqKt4OH(X{m>*ROZ%Vk*t~42UrE^b5ArYl7Jn0y||Vv
zabCia-rFI|P)l#a-gZ@ZaI<~dm5&B{TrK*wel)hxqORpZU*`lMYQ-@KdAx4U&NAl?
z=aVd>d-&)>ttr*e4SzDAY92@0OOmo&(Ab6dQDR5#cr|Q~Mg*~!O+pd??bw%qWN(s`
zmlJ&*d>=n(GAVb{Dh~4V8XZi$u^LmP8I(eiF*-?yi9Rji&7$fZ2{|%jV%9(*Wb^_W
zWfnH0QaX`r-+0Hvj#BA0<6lS*-jKR%u5JC`IKi;fF_uX!=YM$J?D_kG!lPnVzEuD$
zvnIR4_I1ssSwD^tWc8CM$m+0`-TM>lxohk>`=EBItrl5KRyFKogg}bn0u`syU@i%a
z1EGpe!noiUNy_I})4$Npu_5v6(uZW2%By}+O&lMQzT=&PsxqxPLj5VV8g(B=i}1GI
zRE4q!)*d`n@qb`Xm0qlmt8Hms%Z3~phSiH{V05x^S5&S-O@gY&g3nWy#jv3!3@$e$
z*0`=N7L!OowZS(M8(t*(L@_nIQRfwnwxIR%wb@b&thLtxy{uHz?)h-hG<$ESF!E*0
zGG<LWYBev6DB*+y$C2M03o5`j@O`zlR7VF}AV*PXTz@g^EDbF!Lr5L*Jh{XFpT`j&
z=>yY!|Cg1nojrSh*gN3I``>qd|3S=U62}pgyubgwKQ8+C{`UjW+x~y^xaRq8lJ_{-
zcle*4cl~etkI@u;-~W^N$M?S<gueI;cH#nVA^<q^swN%eZ$C$#sm}r63sCjFxc1!^
zY+A4ET9fPxGcwIx*mqx|05FS%ehoe~E%@RG<clx9hJOS<XCDs_!ChQ*H}FkNg7<He
znzptpuz&FylTi#y0cMk(3>z8YNATaj0srFx7<@v(uYlQvUx1q5b`>c5lhF(pf8jOI
zAK{_0Up8G;WwC1)?elD_;B)Z%Z@@P43*gh=G?ozuG1xqm1Z6kR^0Uu@PiLH<?RntO
z#{)i%i#gb{Y&HRfAn(=;-;2Y~Ilm<c_*vt>8{R!Eeu5apz}*6$fp0+~h@V0Fhpk>C
zDP9@zEyf$md~sI+zW$2sEhB@oe~P=>rt;kxi0|Da<|p<X6>}h##Ur%l7%yu({JnX|
z<=ewPZhU10-}@`*baCd*f&Lo^o}Zs*e*|Sc^ZNOB@Wo%U285fjf!)k*n){@_0zUOh
z;L}fCyYXk0v*4fp^mpWG@%`67&Ueg=8PZqx!(F5W|Ms^h{vd$gefN7-e|aTpcXN)u
zm<M}x89!$H;uQ-2o}gvr*lr5EV$UPKI{D_C`_XTs_pZ^4-0HWr4VhiMR`*DW|6<&M
z--BO%34REGUE{oWbIf7i#_lT~IMbZ3^}Wua$TNXGBhMI&5&z(ZcIyxJ_!Ad>3+S(r
zy#h85S7!aI6n%)?>(u@0f6h6&F@$-h{<D3n>uuYHqR-K<;GCgryV*-*$5{pBVf`33
zYz2%CeH#$a5+ieyNR^W8`rr3lO0p$cYLdeB9;yojb@|PEFV8)flCCGN>(XC;^#%QP
zDn+E+C&yL79%kXMG#kB7=@{JUDAF7Hr4De<8#%PnKFyWmw4NW0f2u9f6AD_UQ~hA$
z-&!?JXhg!sAJ~Z8suw!Qbsq0*#vhlj$F{JQS<2+p>dPrf3q@Tm9AqL+fHr2!DAOu+
z{*)L71x~4c0&1}Y@PHA5XVh;aSPpbZHMYD2hDN|LfQn8ssTGg5EHQd51C;(Jwl+NT
zwUz-3g%XBSBL=Nof1sl%p7OO|nS{EkP@xl{Qepw;Y{?ZmS&(y@UbPRdKNpSQ8D9{s
z(aZYn`EDzFh1lhDBUr50r~qQV`}M7z8Jj1#-?EKXKVUDyLbeDn%tjK?V2Lm>R|3``
zi^-5hI5kkL5*xrgY`&3*G!!zZcc~fy1;^{c4H^%^p3`Hnf9H)&PaMZj8cl=Sa;mPv
zi8eBHIv}If4ob{vRloyls<(h&9T1Vi;W}GjS2BAOC)svUx<tyhgfd0VJE;0E@|vRX
zWnsMzTUAPz>R%#tmG3Yg6j;ZF=AU9__*pE&RZYdu4q|naK8y~vR&BEi(Z#v`9Zmj(
z3G1utdh=k^f3K<s3{*bC>>q>xt1=`NA@`x`gMwZI*4j8{cH}^&d>ILv7mjsfO=0z2
zg9JNA2?jXR3j!*l24JT!LxQD`{YY??Csa*8!L-4mE5+kHBna7HDQR(vMV0|y(*9H0
z81rn;^}9*VD{6=V$9Yolme#pw_;rtYsxECUcIb_ue<u*p4tjP4ZQ5#LHa49|ZR>iY
za8<X94ZD(92RU$R9BCe4J>e}*oG@jmtTh6vF2!L39~ue(9d@;4=2K9=eedq18qn88
z{By;#Oeo;@Bwf`ge~qytf&N?<YxPDMdLI_D!z_$Fan8E^p`&~18<`+V@m%?<0-v!`
zMocm^f0o=67PG}4uh~D}Qz}A7t$Xy>KsWXswXx^KUqRpO$B+H~YtyaX+Tniki=^e~
zUu6z^$#d`bANB8l-06Jy{^KO_8K67b9QOU6dH?%=?&b90`>)y6aQ}A-IVbi{3|!j_
z4Q(>^{_mILH{=DBriMHS@ef=?>@o=AEDK3De;U%}Yz31{S?N4faZBm!jo{vV=DByC
z_{F<?;k}qK%g=1x-Q1gBd%p0NQ_sKf1RntW|Bwzgbo4nMkN?xl*>u4FQ^-AR_$YJS
zi~sI*%l=oh>G1u>N#qFlk0GK|Gb29a(jYYrGQAci;@g{G<GW0z`zdmy!v0-2$v$Ru
zaeY;$llY(GP+O;Ty@AZ1OzcH*t|GA(QTmnM0C?E*|0e&xx*YKT6w<VRd5dvmKX|<T
zr$iS9`=3C%?Qbuyjy6ZZ|E?cyfA`{o_@8Sp(xj3ZSjlmhw3lz({(}rM$RL9ZGRU_l
Np8yoyHmm?p000^^J3RmZ

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index 44e17d8..b23d4ff 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -79,6 +79,19 @@ rc-service networking start
 ## Setup temporary SSH server (root login, no password)
 ## we use some bundled or optionaly provided keys to avoid generation at boot and save time
 apk add openssh
+cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
+cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
+
+cat <<-EOF >> /etc/ssh/sshd_config
+	AuthenticationMethods none
+	PermitEmptyPasswords yes
+	PermitRootLogin yes
+	Banner /tmp/.trash/banner
+	EOF
+
+cat <<-EOF >> /etc/conf.d/sshd
+	sshd_disable_keygen=yes
+	EOF
 
 # banner file
 cat <<-EOF > /tmp/.trash/banner
@@ -90,26 +103,15 @@ cat <<-EOF > /tmp/.trash/banner
 # bundled temporary keys are moved in RAM /tmp so they won't be stored
 # within permanent config later (new ones will then be generated)
 mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
-
-cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
-cat <<-EOF >> /etc/ssh/sshd_config
-	AuthenticationMethods none
-	PermitEmptyPasswords yes
-	PermitRootLogin yes
-	Banner /tmp/.trash/banner
-	EOF
-
 # inject optional custom keys (those might be stored)
 if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
-	echo "HostKey /tmp/.trash/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
-	echo "HostKey /tmp/.trash/ssh_host_rsa_key" >> /etc/ssh/sshd_config
+	logger -st ${0##*/} "Using bundled ssh keys from RAM..."
+	cat <<-EOF >> /etc/ssh/sshd_config
+		HostKey /tmp/.trash/ssh_host_ed25519_key
+		HostKey /tmp/.trash/ssh_host_rsa_key
+		EOF
 fi
 
-cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
-cat <<-EOF >> /etc/conf.d/sshd
-	sshd_disable_keygen=yes
-	EOF
-
 rc-service sshd start
 
 ## Prep for final post-cleanup

From a518b2d4213e2f2fe1a77513e584887144983d4c Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Fri, 12 May 2023 09:26:50 +0200
Subject: [PATCH 06/10] init random generation

---
 headless.apkovl.tar.gz             | Bin 4827 -> 4865 bytes
 overlay/etc/local.d/headless.start |   2 ++
 2 files changed, 2 insertions(+)

diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 72fd7185160840783e156183eb46692ca6426bdf..9fbe5503e2b0333f03f36e2de6f3241acd28ba5c 100644
GIT binary patch
literal 4865
zcmV+c6aMTUiwFP!000001ME8a)1%gr{?+^ycxK|nCf~<>m1EZ;1PC1n0TP02%Eb-h
z6sN%J|9z2W?AViWW{>ggrfRxM;^^jezrG*5p!ML-erG^tph@y^oZ;=`;~XV03PVwx
zqOi{p6v1)qGm!kf1-nDnv`!6zpVejA{xiDw;r~S;nC<`U2cgqt?f33H$M2h<?h`L)
zJ{*s`fhmIcZ`hxpX#6t}`EVlqHhi)_+%)m;ngbs3PronzaRSG26ho-l{wRu(pW^>x
zz)$v{f8WPt(|%t!&i83BK3ARlp?JI}{!xUc-m*V=KYWV+j{vjXpJtPT+zbm`nH(M+
zJxsV?F1Z7@xZjQr%Z08ku33a^BLbJtTQc$SWjKoc(B^o0)eFH|$jEjTC!NuskPD%a
z(BYI>QLIOnn(Cpk?sR@<rx%ar*~RJv^ZuIM#jYstqy0Kgwe(i#e4=?B#$z44qr7Gb
zomRBM-Y)dkY;UK&qmIpZV$gx`x0>8-IBtEBy-`1`&U>DxX}_;)$>fFe=CoFO1i9=l
zdu+4khYfS<j4CcLlQ?J-BF2!kB`?cZ3$7Aov~nS?(IiGLxd5+MS90O`jnYRQEZ|YM
zaZwr5_Xl^6ZZ7ivTnC$;+xXXlfP;m$?t5z0@F^VUN$GD+S1GL0ZlNp6{>W;p)hS{i
zj6{=@r<9l48M{-~LaV$&o8{UQ#zYu<zr`ok5sXQ59pi*A42cg4X*Wzq6CZ=jb+Jj`
z>?Ya{0>Af-(v>r_iB6#ig=&lJDRi+$Jkg*Ji@nQ|H%;gTX6>zWIxd6525QLbO@uPu
zy#<lHNqBO}te0-CU(EChhq%}0CWBZPTdi*?g52zK$gE9ziaXpDT4v>Lx8tQT@a9|a
z?*IShWK~iGPjTS*S<p1V|F!pig8wc2L;eqZj3iO^UIRW9k4OIh$Grb@{iksJt^7|=
z81gCqe++oK!$Oc`1>CEGqU$SA)#MXr2;fGr9$3J|7nxf;YC~<G)7HN{>I1is$llG5
z_fx^m+0H(2Kf%3jaJ%9D-%cJDwYCWyM#VVZ_IDzFaUhp*FHH=GTk2_rp^U~`e&0-#
zRde<7=4$>9I+PLQ1@|%5$xg47;38ZN;2iyO)c@(Az+GrQ@3Mur3&rSmIo5L0sm1;x
zq=VwEDi%`qZ4^yO+Y>$^qRVtIF|Il+{fIq=?)fIHV+;Z&wMrVkQN>n7CX!E<<c+w?
zC$84Li))-^-Ui1cv#l9tmZ>%NS(&)Qx8DK})e6e;x7Gep?ElZ=|3meF?_2-P;r@32
zN1()~`2QGi@BiMI{LusQuY17EUdpIq2;}{qEWX?M-{t$C`h<Ti_^tKdhve~|`cEPx
z_ICXz5c*U6e+>8?>;EEq)PMg`sl5VF;s<J&AHEY>0yi8lgHu@wPwbUZ93iXl2b_sr
zW^1?PCarD~rz`x8u<DdXeHjvhFa<>0l;vY7ElHt3MmLQvk}c!=p+9J7I27|*Q#Nn<
zvRo#XE!aC7iOTf6ZKJmCr+u;I;7o(25b!K$L~HNl(p|RQWufBjS306^lZfN3akWd+
z1v*7h2jMP7-Lfba$4ob9R*|Q2YLiRU@cqsOQp&Q~tP=!}U07k9K-NGU&)2w3X?=au
zeXI0kGFC^8>JI0XyL5?de^ZEUlC!#!UQ%gl^>PH38HFeHz!y#hsd#kMT^fpMu2KoR
zysq@ji3`f!M#qa`Wa?47p_Zz)oo{95r6W^VQ)jjt#sGQsU2Z%tc4fS)ao1;HGZq-c
z#8T8Bj<=|&ZkOE-6<emLOpI-i<g$aXb5XeXk&?#ssg}j_4G4>g_Lp6I(EZio2qB!2
z!-03ywl|eO^L9r#tCa8Sz0+u6b;y}>$@68@9bo=|k!gumn;vIzU`uAbBFUIRF}9-Y
zOlP+?`AW3h7Q1c31vZXMNee7}Z<i89Jr2;yKzC~V>vs{r-PxoCw-aSXx|+*Fx4d}q
zymDRRo&w7z%wuk#R~t`@gv+4`qz$=e&$=3~3UXnd5?<UaB1i+)>@Fu|`IhU-)NB#K
zKQn7&_8_r2MifWnk|r6FFK^c3NLyQnW~OQ!RPq=$I4-GkmcT_5qJc`E*5~QGjFDDI
zh?3*-T|BMVobM6xwr?@0Yivu_yy}=ju%Yj$9c`7wma8X;+~-ngyYXVB0ta(NSbe_R
ziy~FJ_8v*RV_|Mq`ra~_G^kVYh7B0R(~J@DMAaWJwoEP>`gq+%WY7{<hO4kE5MEe9
z6mkeIgJEMplCz1C$}DXt*9lRcbE|<0o^LKE+AYlWX~2?wTW?6y#EHNu%wd-e#zqE=
z4U6HSik6zHh;5~uJ#lBPDbJdgispuE>eTkGBA1ieW+aKR=ss?elQS+(%$Z~${6N=7
zp#Zeuq_&(u_IM!*I%5pkkh`4}lUz+rc`cl&<GL3qF1pIwR2@>Kvp0&P*DUOhknK)d
zqNGp{NQPmE`Gr44SIv}YztQo*Z<>Cyzp23^r|jnZ@^A~z^l_6&!xhnC#}s3hdFXhz
zGfTG+FkaV=#5x-&ut#a+@rk#EV}DZ4Q;bUba<dSXQR+>L;<{A5XpK)KmwbvyUb;v~
z8Q;?K$|wy$=Xje-g?C#{0ZIpADBO_Cq3aaOm(ejw7kI}}D%PAy*d~J_6BUQbT(2p}
zeRZWNWFt&Y90PksWyf(!cN^r~Bl3WV`)yw98%{(~v{YMJ7TSKXBe%oeGgj(#%Mc^R
zT$72pEC|_$QtRNy6TskwT;!*1$(+%vYXld2Qu8xU9gk|l=g3GLE(d#iF|c8KTb<8x
zfk>*lOOntOkz1Iu2@)J}9e{<7aJkh`@6_EepaU)}k%fISL`vPX_|;FgdMlr*of^Tu
zN*y|UOLlP|>E|Ub_yrsv+)ZTbz^zEl1GG03Y(lV%D3eawc9AC91Ea~7bg6BY^w8DF
zUb<;ft#*n$=d|-=OB^3V;aN<2y`ipvq{Ngh3`=3rY?t|QdmhoocHzU|z~N+HCR;`q
zbwnR~<PZf`Xw%E}8H4)lvRqaW9)-GncM70KgWNn-A!=c?un=U#(Gx@_mN(fOr($DZ
zslOss!f`|Irl}!+9eMYJxo}+c6h(;=I(dYm083grLs&tTa6K{pmOWme6^?nhUShql
zGbEkWmnUh}lc;sL_J~AKS7%i+D%054Vu6pAxld9bSRZW{GH<R<Vl<{ylI#SOS9W%}
zH1=82wc9vf8%c*Owx>Aai9FYk$OzKXh%~v(ZI->Pm^J`773p(dvMQ2*U3$e{OO7}#
z;MnM$h-0XQzvgb+D%yM5F73)kfjunQeq|iYP0ZG{G8n6z03^LQgpq*P&B<Nl{Qh)Q
z6m$n40;sj*8oEIyRL$eaJ6Tp2ERCIo0428MR?wpMV8#%4USCK8pk3!2lH5&}^KzoE
zLlEG5T_KfjS|(wBTA_o5H+Ex5G=owoGR8-FKhehpyk@K3m5~E8UaT4@#EfR4QQ=@K
zF6AT1^^JenZz+vlF~OPi;WcR}*2*#Vt{V<p1LK&~b`RI}PPjJ|K9z9FtpZ?$v$!p`
zt7|UJ`f-FHyPqUc(T0`c-QQr(Rb$6Hd#y_yt;iCxs$n-HL{f@aRGLbYIbUELh%|H(
zM^<1jsgPf-;7q%RhQzOn08(HouX?tccp)YO*FS|-W!bZb22*M`+AfOO=(bu{g}MV)
zK0H;);7pZKtPaafX<f^P92$l*ifLdBvhkKwu0hQO)eeP_ryPf2Lrs``Zpxf_U7l^`
zA_LVLU&~x{mgytK)bLuHI~tv(jnlQ+P%PFutB_t)n&tFD#5T>&->Qsq9<z*Dk*-$F
zjS(dtao{it>q9|>_!_=<TMKP;F%~&UV&h3!XX|Kbn_}upr^y@s|GbX)1Rojh>%Xk@
zob1{E-M#@ozW=^={|AB5IE9fodjI}Qk)QT|d=&Vl{eOC0^L$sy2b}DC>`xOk`FHzc
zkM%!Eke}B79|K-~0lP^7H!%R51WlLs%C|3&XX*t2yacttPwK#H!KU@gt_7XK2ZOpU
z>jrE~&?}3k%mUD9z}kC$_z>uqK?4?L3ua|BlaFnj6cG^I0uMyLgZ-d~e|if0?n@K^
zX0j-#!KbDLU;Ti*eEBu}Blv=QygUTANzvWFpL`O$?@emj+Nr?))f-7ccLa0C%d2D-
zH&16_LAcE;_<1IqCsg)X<+Sm)ul@vv$t*gY&+~D>r`);uLDj|}20pc86@WhYbSDJ=
z_%;0e^&jVpx|{hwm2c1?_*6J~0Dk@KROvkE^XxFs(F8s{<~4JDV1M`#{P%Cb|9A)t
zKB3@OcMYzBtODy<Z)JX;Ls-_}P&wZ>T~%d?=M=AX+B7kE-*pw#K<z!f*?%?P3H-W<
zz(+97gS`axpzSJ93EH8oQ!pvopq^JdK?5Wq_*d{L1Yf-R;mxFfgn!NFdDeUQ0{q)I
zU>gSo@cBCxZzf?fv%ND3%Wf9zix<G>^PEA)_urBm_&h0Q!Ln>tCxsyI=M3Ky&95=<
zA_Ri03EnT>-Nk+uF-(BF2EG7)Are9SN~FK*>Ww7DYbE{y@snm=-dTWecEtTc$>7Z5
z&bFxnZx$r*@80(_diJo{smtQwrnAY)+KGN^9!mMkVIL2^)<WR_8FafO^XH&>hXl{h
z&$B)5J~Ri?d>?%Er>p_tW^7<DbDHKpsjq;~{Sx^6bI)mlndMCQhd=xkd1C+e^^fxt
zGh!C$tNY<j(t>~a%agDd!SBBNEv>vJb-Fp;U(JKPzDyo7e)U?4;2!K{<vLypyhhI>
zzCQWpoBJ_n;}6c!kG<;M+=k34-mrUw#DCH6z`ucCehGdI0lUWi;Ody&zD>N>IB<qJ
zUh8|lL6K(yd;ZV%t!>9`8;CwzU%@&>o20d4%Z@h@un)Nv4blKcio6wAa3xx1D~XCO
zcKr7}LrRuxNqYet1KDT*W4*i%hr=^xC~GpdpV{-O*5{en^4-36T2r*CnNbYGsbFJ{
zsBS`-XE2M|lNaN~#n`rO`gB)M=+kNxk#d(DHxl|V3wN#9@N-JXV5NdUZRuOoz&&SZ
zk)~aiE5<o`7BwuFL{B?NO{@IEMt>aDSbid6Hu}Pb<W`-~L9TOuXRAT|QA{w1U#l;s
zlvOmS!a*j&7-*C17-emR%^wq6p&%@y-+@{z20UN{?+NwW3YG&MQp6;{O$4iW44|Uo
zOsa?nI~FHuBR!P<Cw4m2^No@o^F<^QPK_9>u7OTRFTN2hlQ35qDpV{Y#5Bu|jYW#*
zOWqYNUiz(tW0gpM--F6PNU6S2U|L!&r{`!$Yw#*3OvlmCT7Lu*DUbLG{A{okNhq^-
zVVv!jg>_Q4qXTDZK4E=-kpWHNYaU_sb$;>eS{GU7+_b1u)7ctmy*!!n>p;-+H5l_!
z53GAXVrDQM4XnfC*PIaxyFW#;s;P=SuRKTZGfxBy)dm$<^QTuI^~~@Rii<n8Rnf25
zbfIIL@G#6)61!tDti>Z(nH9Sm0AApMk=P<0;&5ywLNe_G^)7r!z!SsG!LFI7k59=q
zPY)J7##}P`mw0IDqRa(rSE14SF?JR197=y(Q}9WH5*)IWVROz>nHxEhL8a1!#N4zJ
zs|4!6XeLJA#Wx3kV(t&HY<;b5zrwh!Y4O0;GN4NMStpTnf+_~NBs?Pq0YVHj#^^tC
z1Hq#_rfT{Mau4EO8V+lW5!pdzQghfvmcamNw~ro-IjGW$c5}X=h8S>^$HsI=UU2{q
z9hNM+9AiYwDI|pQM6gGweZeuiO+q$GS^-_xbq4FQZXZJSC86?ioYGOCxCedwE1;1`
ziilck1n|8U%?2(k<l*3GZHr{fFvO~NdmfL2-<BWb5zjIa0p`c)x|SK#h&^)lo4V*-
zKPW@*W+7`Pe(V=((C!Z{-BUM_F@hP-BX@1k37Rq@oPMHn074?ReE*jH^D|{EbOhQ*
ze+xijKT#Wl*=yLF{r0une|3h}S^E&KM321go6Mmvd2W6GqyGMnJzMnef1E{bK%JA#
zp@09g=>GkmJ)Je)|LX7m&LfYAu@f0o`VvAV8T<VA>(M*%0!l4??)mrw7ZH2bPXuBq
z=@vrjJj>9sloifH6<3skUJC9k=8nB`#0zKo(s?;&nz87*)xud^IIeK6XO25@1b+x<
z`u#}@H97el_s9R)bUy3x{~U4)H9g53x8lEjakT%>=d=F(kF&@L@E=12sbY!vlFI~n
zqL-<SNCLjQ^tP_eWLiy;BQJGV{y6)Z(Unt?+u=XUqPAAydJlqGe;=YRck?I^8xf@6
z=obKYd;WjO|DR8L{6B{r?tgKmaAH5W|NhU2F7*3<25H}aeUo&uISl{1xcmOwlL_%Z
nTi<HQNM>Lqr&XzvAAJ9N>7|!mdg-N?A5Z=VxLkSe08jt`wnwQ@

literal 4827
zcmV<15+v;(iwFP!000001MFIPvzu0y&%fbQki?ztgno~Gt8`L>5FoT51ZaVtREm9H
z#45<-yAP7>wBsc0Ssc%Fl~2`sfX?Bb-#zQSfZw|CCx0*@GtngZIL`F;@o|n47=@uI
zPEpt=2#Vl1_6bP-(ZKH1HLYEP;3suiw*O4-UHpGh@@M})dwyVdS^I-C&+&)Gulv~b
zoA;;V?qG@_{u}-$C>s9+MBX2S-=~lMhnpt)Lu<ez|LJ$-KThB{j$#Nk`yWLy@?-vg
z2zu@R`R|9QY}y~{#{MDo$LFeZ-j|Md<Ufkg)LZ^1?}v~1{{d+B`_t@lkeg|NE0fKm
zql*dm%O!W<7WbdS!*Zdki)$7l+mOKJ%a)8id>M>lKeRcXUiCsS7c#P4MR8~JCnO;>
z5;~kRGmP}mR8u`L)}7AptTb_Ho?Wa?Fz>C|UF3-JKHRUPR7-D#&c~YDVLaBsJIZaA
z&}l_0>@A_U=k|8$JL=esCk7n|Z>!1OhU3<W?2h_jb=mVgO?!P^OJ`oVY))&nN04Nn
z?6J+BA2!UbGpeY-&cs2R5HW(JEtxDM&A&>R(aMFmM&k%casghiuH?e?8l?|ASir+>
z<DfF8?+?x%-6Zn<Qu~{p+j!T4fc=HG?t5z0@F^VSap`SNS1G8{ZlNp6{>W;p)hT2k
zj6~y;tCUG?kKHM2p;ca?&2sGuV=Rol*Wwdv3&x~5wsFE2hQ#}Yv>T@586W-3aj;3>
z>?YdseXsY7(vh=s6P^MQ3e*<aQ|MxixS~NH7JG*!Z<^2x%-UV&bX59>4b+g=n+RpR
zbMr%a6Z7PfSudSjPtNHT4sf^6&kSNFmRjFZ1i4w|keQqG6m_^Gw9LxcZpWlC@a9|a
z9{>MlXH{JIPmynXncp<P|8?|!r2j4bs{Z>PMv^Fd?*Z>i$D{uLy6*qn|0x`QtNs%d
zhJ395AA+9lv=Ag&0r#q)==us&HTlFD0=N;(2N!VgMdlQb-cVbYwDpolf8Z7p**p31
zekwRQ+gS(hHQoCLw;S&N+sVbk);a@+Q8A9U{auJ(9LQzVOB2K4rg~aoD5LSF*EbVo
z)?B^3IhwbF4rK_r{(X#fywfYiPlT%hT*5a;{htmB+(Gksmo3~~AcnW(Sj%yz7W+g<
z2gO}gETrt)Fr4DHCp<z#m+4+&9CcWFA$ts*%S~8E7z9je6*qjNimixDBp)xy8*#@c
zuGYPSYn*w$4fdJLw&y4_&st+$l!-fh`z`P=t)MJ_-|Qd6|Nkui-`5)OUHiW|-QQmS
z5h(F7|33uX*MF~E{#XO@FV}#XwUklC5Xk#)viRG<|68&Dah>q5MZdTId!IVq(f>(=
z#NO`z1VVqz{|`ZbVE<oakN)pHI<;E>O7vh2^UZfbQ{aYUGT4==@Wfsj#St<KZ@`(z
zVYXIFZqn)|ak|3a2(wOU)RQ5>4^lw1&a!+gr6nm8$mpbDB3UxNANqra217CLHRbb7
zUzW?*v;=EsAz_(bwr$wf{j@K(9Gq#;6acOXjcDzj9J<T4yDU)L{YpplZ5(pEIj(kT
zx<IEe>>%8ss9P3B;+W|M%_{O#PHmio4d3q^Af-%;%{oDF*@YQIF=P(J@p6sYl-Acb
z-7`y1CL?v!sP1rCIZKDw_BVyt#yP7iX_87)tCu6N%qTpr2fnZ?NX5gW?$A&~bCpV1
z<#nZJc2rQ-HasSVk*P=RhMKC{cAlACmbOe`O`Taz5CP=XbGY%c*p<<)#vPA=&ym0&
zXDmg%;dl#+>Xz(wsMs<^b;j5RiIW|KU5diNkCZg7Pqi#wZa`2>w72ZqgYK;sM+o7J
z9QNI#w!NwRg||AwUZs3r@9jnlszc6PN}eyn?f~-#j7&?k+VnV!16wld6-mYnim?=B
zceZ!yGhd0O(_*)6u)xNVDQSVF@5`lFQI7+(GSHnG{qk7^a1S<V!R<tuk*??Ep<5<y
zH1Ay3xU0bO8Rjv^*Q<@Ig+g*@d}%}O*^915tAbpdPcbiU79peoYj&5DvV6;RWoovF
z;9ZzCGDncu97BpDa!Hd6$&)v0aiq<yO*2z94k~#J8XT9@xk}*T8KQwopVpV@vW$>c
zh>4Qp@?A8o*PQ1P^0sd=sB0`!*4*ltLa?Fls2y#V#FnckiQMN>U^&rZr2>cZiZJ_p
zw--gKbgVrRyT{_ZS?PPzU{b$M#TzzY5Kl9P&l6RDOe~pPH1zSh3rW8vt_)XUS0G4O
zLKJccF8yI+K$5+Qkm_7oP_7fAJl9qO6<qJUoM@*wuTKLO@7sDqp3gYp+r@d<WrMMi
z0b|2rc%Y)CrYd4vDHm7VnQO{5r=_Af!J0a?y`#wGq_!DJVl29kn)qaoixYDp83;en
z^-(AQZ8)hdCy+f}h=R@-LpJ12Cq*PzQ&V0G7wWj~MT!fr@-|h6ROzgZV(T>vdn05y
zlNKu})B}=X7-F9Ar|_zsCE9CreDIp4-|TOy|EMXuxxPHYf;)TonMi{b(P76FW0rYf
zySEEVw-7L1*S5sk8_2gtY2@*Vw}fMVQZ7@3O8RoM5S3Bt&nCrnshVhwN5n}!g(NQ}
z5>iIDw7fD(1JF6%=2GF_mXnXtz8DBMBsp}QVtO(<hUo(DI7-Eu3kh4KUu2?UQ<>v7
z1-Y-TG=*%0$&Mmm&#3G;PU&ugTzW(v5OKfFYkk9sD2kS9E6YOLFLva1*t^C`y>1y|
z#F%S5G0B3EJt#E~UNiv=UdTm$+Lp`(y*h@USd*Gxc<OjmV?IYl;*cDyZDL@<_O`lQ
z<N}dYbr;9MSwwC@%EpL)#B~4`I>O;rL%maX!+;LButXNt$q*@Z)8bbz-s-J<s&;A!
zdn$G4@GaRzeW+iSxZo9VbZ|DIr31GjJs+UGp<ok&WkeZw(zXjV(Ha;{Hl?JtSkgsT
zBb#*7qFU_~d9G=f$&xref`W?}_j*HJ0ZEA{OBj~IqS-F<<MuM5jpe|H!G?p$N+wH2
z7j;M<d*l%MW?<3F^#z0aELkoq2oD3@x(5Z&qkeuqRRL;Zw6G9l#MWa(CYCqZ9j9Vr
zV5zqvRl;@x_ok@<e;s+}ggJ0j^b|#j5<0nrq5w-;x<FV#m2f>V-j+Qk&<e*~TraU+
z*cp<}>dTX~>Pgf*Tzf<!sH?py8I@_QYq7vb^SqB!4_F^92Rh#zoy2HNsU+F<DYxvb
za%t?dxNEmjzBb|xS!_>H$P;<4A)(=?r4ed!nOiKIteDmZI2Gx0Pckc#fE{|pUQ3QR
zE#S!L?T}-rg}3Hz+bZ0<*)HwMM}s{q*?wgl&YOs>Yh^H2IRQv|aR@>IubY#z$oc*0
zs3_<TKKM{;$~AO@&QLXvBkyEcU9dEE5qy-`l3PIw+rv46xXU^r34nI&OF(irS<cIe
zz7D>R?{$S#x@j2)`Duj?Cf-<$DbWl{p~x5=<^4n-7x0>`dPhbM%$S%pP>31LLZiaL
zW>m^YlIt7qu-{S|y<+?e>A`E#P|THW>>Vc<wg$#AspTB5>z#04P<T|#DYpuM70%?g
z*siX*H0#F^f~<a$L`54`ihF;8J$H>AZ|}7(wY4IP$*P8(j1WmFWKn4<&&(x(aUj&t
zNgP>$O;RDhn*N1$4h@N47e1uGR9^LLHSt13`i^%Bs>-zH2=%AbYP4M#vEgmCt_pPr
ztUP$C;=!IOqgWl5o6@|N4LLLnXB5-G7-Zuvsa%7a1l10Okf$7nVM9%v`TQ(%=j-xf
zF^LRRYkVzp;YFs86jQ@%ZC=snENz^w&4yyJ)?NklqS8#e7ecmacHUNHl*^c9%!+ih
zYF-#o;t>Z9qp&^{RDiGH`)X^UjSj{l2T5#PDeEj9Ev>VdI?`!!hyOp1BR<jxru+Uc
zD_uK#_WrPUz>oL8@BIFQz-XMD#UAf}DeB|<-w#4>`v3Lgn&-Po-s5E7;eQ&Z(6{_g
zki^ILzaNCY_zZU90&XGzI0>3A@0D*qN1mzA0pJTz^S!wC-4<+Guk2dTE<Dh$>#}aZ
zwgla>Xv)k7?FOvf=SK{IUg<YrQMO=KhO_wCMsX1W{>^tm^gGz|d-(NT*mqx|05FS%
zehoe~E%@R`<clx9hJOM-=N=Ca!EIc0H}G{#g7<Henzptpuz&FiDd>z~Zo7FE&v5f}
z1`EP%Uct|^*gT=K&nml(zJ2i*Fo<X9a6Zq+2A^{K=J{0{ff)GIj+GC3;L}|Y{PWlF
z^Vff#FY0dA|5UzW2jEj-=RWxLvt6b0pwDx_Jckqb^qAMI^}+q|C-C3D0srFx7<@v(
zuYlQvUx2#bb`_}j?NHV!7#FQy&pQ;q0pbAsJNOiUpTGF=70{pHp|XEyx~j@z*Dl)U
z*;c{l;P>BvZR8igr@v{ea~#BA^H36$-8{?BJ_kOXae}tzfxjFN_%tr&V9&DI1Qde2
zTQhtw4!`95mLT9~jsI?V_ptaGVh{s&3w#E?0f``f0qGyMdWEETX~Z`euPyV%T?P2+
zE4DX`49+U<YMaV;XCS_JkC>m?b5zWMSQd}anq$1I?eO>Jp_Fe9`?&F?6@2fnpwq>f
zHwXG}Ab5U$p8XM&^~~$%-@zAu$r=!D#s+pXyJ_x|`U?2eD}hfxb?wHVRnCHc`qST$
zC-(cVf12-@88f7>?uWZb3;ykIPr_aVzx(d@tnyOS?&chQF%S0gGJeeX#Y+_aJweOL
zvE3AS$(~1idGgIS_oLrN?_Hx8xz%rL8#23irS6du|HZfizX!kk68sPVyT*C%=9t62
zjop_#aHct5>wBF;k!J#XMxHSkBmTh+?baXc@n<gj2GCz4dkJhFuFU$EDf$q(*Qxv0
zopW?!2=h$Q&;QxJwe7Zz1JP&eE4Xg4y=<LLWGC4Q$V0Da(H1be=v#q6mS~x~lBiOW
zUH^U0kdm!yE`aMkR09}sc;|5D%o$3yZJR#*)u;67R0>aBj|?~F+L^hxl5G4XB{x{g
zFq9km7PoNE8C$f{KFt;5G@c)g%Pr9p3R<RBeqochjT$RZJYkb>Y)od=3ms%S_cu1>
zO^VlJ8`#P;WwI*u#gwE4Q&$NG8IKa6joLEGv<jU+CWb+QQ^e1JS}XxPU<CgO_1kck
z107O{EiZtfA+QXfB9lzW*bTQVQF1MOl>X1RIy}2;DSQ_2m@AhWF=$-_9YyifU2~QR
zsH+SWGU0KGpy?$>BgHcz|C%;0g3iJdsYI~rL1iG3RNpEvEv*jkX$)zNUgU)7a1Fic
zPe3B+6Q_WkjpkfMB6|}h*>+xNCuLi5I8*Z(`};@=G=(qS7`v}>g1;BK$TEJ@v7E}9
zt&v`rFH(0Aa(X5PWnSrlb?*nv45p)jRd>JkjM&)yX^pj?syOq#<>+&E6=#uLqXK*W
z{Nj_I8CF7ZamzL`euP8kI<|2i!)ydGGL}GFZVWB6;&em63oJ0^8^l96$3`F|(>YM@
z!iG33F<RG7%{(!DO1gPk+w=+M67he;9ZM5s9+<X_%(@@rRAJ7M2v(H^K50>cI!hV1
z=PVa<BS$i*RH_io%_5cx%Yo8NjJ}I)j^1JJ572CNuU&6W+}5;s$Z8o-CH$-)hxVWX
zGvNAj!ZTtJAhA$mg8maP<ZhfNR83z&$U(MC#bJ*LB0I=TYMh;C85EHA+h}df(LN>U
zR_7~fhyf>gVpP|#iW)rhXtM0m#E1?rB!u#LxI?I2L6hC8h)q-{pzFHcU|rVjLddQp
zl70>^orKc$v7X=>Xv9?!Q7erAz6;)N;6Xz^97nIVNRSLe-1qLzz2W#>`9U7LS;k|)
z{7Jg1WCj&tj|BRrF8b7KW$4{5WbI^){b`N5?V+Q4>M4;Rn7MiEtqeM0rHlw?pmYvE
zNW|vvU$d_dDPtiQ=pOww0EzuUZ473wpl|lq_kR1;Sy^xGaE)1)h6VqWIrJsZt-t@M
z{{F|F4)=e@ksA=~U~}mAe=hpp|Fh4gt>1sm&WHQIW5@$y|3oaMzR-{=V_*J#Ie9}?
zKxt~=`T_pHMEEX)ATlx+bfY13&SofH$_nG5ifc+|uej@6%p7~^@PC}M=g#vP)9gpr
zEiaslOUL8RV(NIO4tED+{uR<ea}GYo{qcW#Hk%Ike+;>W<{o5@Tk+q%Y@Gl3Y&!h@
z<0x_f{KpVsDw*Qna-ooO`k7pF6}sCif8*Iqr28py<hb54ILW?ebbVFiiTKa5sI66)
z-oVn2Ci<c{k3+uZVfvHa0Jz)p|2qFaKO6A>7*ap~;(Fr1c5wgmpAuad&i@F~eg67Z
z>R@vi{&#uz^S4h=iT~O9hD^jF11mY~lJ@eOpZ_3(3^K?dgADTf$q(NM<O={$005*k
BtQ`OV

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index b23d4ff..3959f5e 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -10,6 +10,8 @@ logger -st ${0##*/} "Alpine Linux headless bootstrap v$VERSION by macmpi"
 mkdir /tmp/.trash
 ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name *.apkovl.tar.gz -exec dirname {} \; | head -1 )
 
+# Help randomess for wpa_supplicant and ssh server
+rc-service seedrng start
 
 ## Setup Network interfaces
 if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then

From 5193a9296b3cfb980ca8fa62bfa409e0e7351452 Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Fri, 12 May 2023 14:04:05 +0200
Subject: [PATCH 07/10] SPDX stuff

---
 LICENSE.spdx                            |   7 +++++++
 headless.apkovl.tar.gz                  | Bin 4865 -> 4923 bytes
 make.sh                                 |   3 +++
 overlay/etc/local.d/headless.start      |   3 +++
 overlay/etc/modprobe.d/g_ether.conf     |   3 +++
 overlay/etc/modules-load.d/g_ether.conf |   3 +++
 sample_interfaces                       |   3 +++
 sample_unattended.sh                    |   3 +++
 sample_wpa_supplicant.conf              |   3 +++
 9 files changed, 28 insertions(+)
 create mode 100644 LICENSE.spdx

diff --git a/LICENSE.spdx b/LICENSE.spdx
new file mode 100644
index 0000000..37c5475
--- /dev/null
+++ b/LICENSE.spdx
@@ -0,0 +1,7 @@
+SPDXVersion: SPDX-2.1
+DataLicense: CC0-1.0
+PackageName: alpine-linux-headless-bootstrap
+PackageOriginator: macmpi
+PackageHomePage: https://github.com/macmpi/alpine-linux-headless-bootstrap
+PackageLicenseDeclared: MIT
+
diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 9fbe5503e2b0333f03f36e2de6f3241acd28ba5c..802c8a823e0bb149568c55d08124d8a270b3dfe3 100644
GIT binary patch
literal 4923
zcmV-B6U6KviwFP!000001ME6!v!hma{@VNs-0sPY&Ai9HC?30l5St_r0<^$ns*4@O
zDprBx{~o07cI+N|x{|aznW{cj?_I<>+;i^P?}ecC;4gk>KxUvx@-fcv{`j~?35>!}
z6sIWc3j{@Q9Qy(!e{aF=&^4`7gWwl+S+@U(?nC&0QV3@IKl?%GbXoh_o!9uf3F<!a
zg68A#xEq)vi2sKD35v$Q0FjR;!f(T8`@>BW|E@XU5&!gu;vXk)97i#Pn(dFG82LH=
zKLxzA|NQqlE}Qms-8iq)V0^AR_ha$+K>VW!O}%G-@;-cy|4#t3-JfQYgX|1TT%8;a
z9X*V{|6H+qc6q-Y?N>`fTVAsW*+v8|pSNV<<EwBK`k~G7^lB8mwUm*q6epe8ACU{8
zlhFQ{Sy606mX;c!x$X>3vD1r3bBm>PggJk`P-0h*chPPgr+RuT3@*{V4&$&6Rw%Do
zK}U&J7q<(&J+-%E-%*EVJTmA&_*-4>HY~fo$lhq|rSp#CXxi`VT0C+5d2?KAJ%U_z
zmmRj*al?kWb!HV8*ooNd6C%WrxFs*ESP!luX0~!6tkEP!E;$dcr7OAg{6_7g4(9Qw
z+qkHV8N0o^LpK+Bcdmm?&u;u{LBPRMU-vyFHCzhEc~bhD<5di+v|Adgx;rd%NjgRh
zgpp`+^wjcFJ7aguT1d((v{|h^eoXkW_gj2gIJ`OOu45kYr73bjAu7XkIN@WExh^&t
z8)c&HAn<$NEL}M}HPJB?pipa(9fdB}h$oozez|iO<W1*$o>_bAoQ}(2zkwR^dJ~|G
zb8kT;ZxW7NG3%9^8<$ghg+tuy^Am$u7h9`uDT3VWa>%SrdW<{V<y%H_x7+d3n0WIY
zc=!K*bFwNaf~Poe{48i1;Q!itKg0hP{x1IqK1P!0;$8zj7LP~%|NFfEQ~jrK{Js27
zP#E$#|9=X2y2FweWfk0MylNN{sOj>NHF<EuTMsPY;>*k}9<`yi&uQyl9`%7;ie&HR
zhx;Y(=8MkWv+v+uH&|u3|8FM`i(2~x>_^o++;(>&Zn-B{aW75`i(A@J!ca!%EWd9i
z%BtCVb#rxJf%attdBJ^-b)p!R8eI6R37n&!&-y=|6u1k`<z2S)lu(FnmqRTlomT8F
zd^)I}R4pKN*GAElv_0Vy0=i0fBI9bq%8wR@&^_Pyb&Ns4q*Y17HJZ>0$V76<io6kb
z`2=a*ySUC;r`zD1$ZUIxGwY-`_F0|S{deC157qMO>bKSYN$mfR;{RjyfFIib&Efuj
z|3{$2=lK5=aPR-#n*7lNa&LOT%wEZ;YVzd$o-F*j^Z%Off9@0hx!||<e;<>_2kJkG
zkl6e6pFrr(@&75{cdY-*>{0*yN2T@(K#d=$VSe~dXz}cDxC~BZsT{FWM`47l!XI!Z
zcA2f+lAE-;iL9Y=H^Qn@8uev}55g1>?2{}XN^wQ<1v0v6bP;VC-wpj<N5i3*_nPwQ
zW~|CpV%fZ{*ho~S=WQFcbwBNjEemHlG=+d?K_gmwN0;uht&)YRx04LS*d`InS)-(+
z=@OlysDp5qqHb9f3u9)O^g@-Va%z)H)NsAx0x4zLi>%{$Z?Uw(IDxEzIGnF>o6^Sm
zX82a=%VeyLI@RsZlDl$=ZGTgVZIUkxHNB+b)EeaotTGBu>VYeq3excCV7N3C(`=;?
zc6pVI%!v!i-bROuX=d6%zoC|<wViKe=anN<SW{=V8^!>6^<8#6FO@P@YTWf1_!RRD
za>7#79}c&usBRZUL4}qnsuQ+okmRC3*tsZN{6LB0`dG`t`38i=MEk3*-5b8NJU|F*
z=5XL0^zBXK&Yay5j+AnJy>l8ptoAu`E;+7@x;@P8F)}UDYSZHj9N3asuZl8eQjD#t
z%E?jIC$17Kx5aMTaEXm0Q_}o`zPC$>svQPMGEqf~e|Z)G+?`EavWg%x;`OxJcdLsR
z&pX#O?y0bRf;r3$jB4ZQ5r5e?fw&=ei?gA{Qb8_H$Al9$%Lvke^+L%>S-$0lIyGB_
z_s`54nLS8o4iUu?xu}b#=*ye6Fw)l6p_!=~2aP<04UUW2oF#DK1kpfcOzZP>Ud2eu
zCq&7zxe`z7HS2qXyzN^I>KfaUb+0<45NsL>rO;MMY}tAe$z3jnwi_=c4cMO~!s>Hn
zCkRyO+B+oi4#jCB89U2l(x6U-8#Z7NM>A%?5mkS<*fP0n=)+Zs$e<;z3|nDWAiOLH
zfzKhh42F#fiOwcQs#9r0xj_i>oLfzl_x#gpqTS-OJ`Py2YwHbpI^jg%6sJMS26H0=
z=4OH6p@x>arV4GPo;^Xa)|6*WD^+*HHFa!zSCz|2YcrC>7U(W+lA|*&kIb25Abd~P
z2fhIG;i$DNPxg2r@CIWJ*^s-P7?W&GO?l0qsl&P#C^ovv+f*A;wX-*>W7G@SA0gYF
z^h8ae9uQ5_6!HsqjIR1gr2WRg2fu0h&F-cJkDQ{+`Q_mj?8(PZL>fv&haFOkS>>VQ
z-OdZTg@Ez8cEp9VfdYFJM-HDjn?LkN^*qI>Xsk9%K^?{ZWKnFFY8SoniR6+`5y^=c
z5h>$aT3#8o0q7iWbFuJlt0_R~KnVF8a@lvCYWXrcM(GmoSW3g1GYQ*dP-KGYP?_sB
z1-YxPG=*&V$%$iN$7qXjoKj_joO?tb5Mj5?Yh%L-D2kR^E6aS_FBNh->^xJ_u3Lr}
zG3J^~%w<W)K9pK}Kb`;vFXSRWZcFBjUR^V|*prr@IqGoG5-vwZVt?7&+lz?}+naPg
z%LO88nvx{pNkDF4x=4`VfExhJcZADIL#=4aFrWj@uaKpEGzCiAwD{Fewni%-D@BW7
zU!(RNz9qZ3kBsvQ=lueX_wFXL4d7O!r#-YYRcu1Aj3|>%+;)*J*aM@>mUyY{1?i#E
zxVUuFvXT^4o^#rHvPG7Qq3|puz0putKvZMO=7$x(Y__ZXusx4xW4rKvaNuyVFOw~!
z%Q~VDJ+hAiE41m=`iwz+c3G_|2#-R;zB>ibqd|T;Rv~I(G{59!#4!>?CRR7u8>eDp
zVyQ2Y8sWI1chj|yyN;ZD#9TNodWxb15uH3jRe=>Po*}HDO1PdFf4ewbAPL7j+$gc0
zS4`1Z7^|Zw^(1QTuRS6X)YXwnMq?WLS}gI=I_;9w2i6DMg-$ouATb(KD^Yd=$}2m&
zT$#Hp>Dq0aug#=GmfK?-aYUZ$NMr_SX-2wS=JsN7k(f3BSPkiOU$iQcfL&TzTuYWX
zF5%ehorq<qrN3rx+bY_5nUZ$pqrmQ0i(WGKr%k-5YjrTCoB%|l*oP61*Uiyg=G^Xh
zP*qfc_W{&eat+;}6I9Lf$cij$%LR>{`2Z!h<d)Z?c7KW?_PoB31VFpaIV9PeEa&A!
zUxy&TcZN!;-Ly)={3xM=g*SF%i8O;!C^E(ec{kCACA?l#y(=SoX1rK6PzV{lfJT*t
zt+<pAB-=Osez&D`T4I7T>BDQ%R4vIdcdi=_TN7iM)OPpRwZh*U3ZF_?^;Q9}%3ACe
zQ|g*cvwj>Q$nGamQ1wAlz55CFTs0KV+38*C=tY*0RSmltA&_FUK*gy%G3N`61CfqS
z!noiUmz2-1R&b`>eM92cWdNx#l~?_unm9ft1J^%>Rb|<;hXzw>H@XtVi|8h;t3p!%
z$%m&Z8Jwvy3u(XFl-9Lu$f03avzP|PBpYu<<vP?{P<>zUdCIaFHq^w4%TF?Ux~|SP
zbCH2+jjv@kI?MEdVrqD;&mE1ipv~j8*-#6tb)=A9R=VZ%e6(m9#oua-dLFZkkw{ms
z=EjH;4mhwM`Sre_LVOM1yRD@@y4V8Qi$ddxS!Ww)X`h7D6_1lQ{Qo(Q_za&I?)$&2
z^qlP3|J~jJKi>a-@cRz}qX~?}vB&#giX=Y2|NRv3bNjzLu6e$z<RdQj1NNs$ntadx
z1W9~8|NA8H)t9iF6mSy*z*itwR%4w+aSLJyhJjD_0sk|YJ6>KTGv3fv=cjGr1w|7)
z$$n6@Ntgunzk-Tv0>F{i4SA=2_Y!%gUf!qE13#$)uLYadFS{0W3LgyWx~v<pEkUm=
znlcMOrvYp4`Qd}0Uj_|Wlr5N*(M&$JaZ*G;a0@&T{T}v%9)9-}_Wi%005Fq9K@C1N
zE%@pO<g2f~fqw*FvX8?@aGMm}4SeU*;QiaCrmdX{>|ec=6m-Y8Yn#Q*(^*&$Zu1I$
zp2=o~lzmn?ZT#J<KY?K~iw@`WdK~a6cW!=AwJ|trs2!^S^ueb)A^68{;OB4tIRB`-
zng3Jy79E05g_8&1H_uL$&XYdR4)+{Q;L~GWGuH?9habUz{}%j@hrr+y3VwappcG^k
zSkHPZ^ZOdYvId9BdEInXl_j22ywPdX#Nhp_t)K>K@9FLLTl1a3uZswL1oJ%EY`&oF
zDo_pDp{!FdDcYc(cS}J7Bq8`$@F@gezWU+qqJM;c$>(|2d-xLk+qYmF2L<rrR~3Jn
zy<uj1XA+j(EZCPXffw_dLC5#slN)%E6tiGiHmj3DkPmZ)?}_S{m|r6Vf~*NXEZ*J4
zeiAWEfV&311b-$HLHt6b|I*c4Ns2d0{2Ah%X1=<!0N;L5_cJAfGmAUhrV6}!)cAMr
z`w2aJ*zDA0@o>}GWM%C{zqJmv{Q0zx2j6HR@c#_DU6T28(EN%7&(F`ZJ?=g<2hw~W
zeD$ZS0pVtBU@vo;=Dw(}ffs%Wym;X`O)#^Z3IFhizameIzkT!L{KSlyMf&<a+(}yS
zFMoOBcLMnR_rIl;H>6HC$NQ^!vNu1I$BJLQks`PUds(@TmjZ9l^NepUzWw$-2JL^g
zZ*4tl8&SBg_*YCxwN29EfXzZ;X&-W{Qnis#s=T#Y4fbHBH6F(o2>(9cnK9Ua*^5fh
zM)8r*vU5Fi=A7?*GdA;+&lt@8q<OYg#N%>09TIo+JN6H|xM1f{u*jw-HwWB4m%gcE
z5X5Urcr)nRL&xsh&NF9N)rLG5E56>=4r+=XYGxF}a4K4w5Y<fx^9*Jo$vn45W7}~Y
z`W&zB)2GoWBI7<eZY*>#3xBRy_hUw3FjG;aR`e}Cz&)>Pk*3EiSB|syEUUX&5<M*;
zHLcAT*86R*#tKuBu-+%uCAT^X9ppOqceWbT@8tx8__g|SN?B!tDjnovkpOMdHKS8s
zY4gX#b|?wU_*bA7O8^fTA$UUlR)Q5khYUFha1+BS0RyP0B$q1Y(V8WxTFL;W|B1Cu
z^?a#hz(Ns=lv5)Ht81Xs*^4g)%O%XUNfjyq!9W7`6JwF``BZRCi<e<zp{+n%wmql}
zgqG?L3QS9@A$s<Pv^p;f!gPd&*7`k=NCm`C;AfqQNEb4HyGZi&q_j@P))a82<^$IE
zCmGNbzTz=fU*{Lkrn<;7anqnqO=qj4^$KLhr;(uNb1>$W9$5E&#LQqi8(6#HcQ_*!
zc7KXwRa2FFUU`n*XPyeSP)k%`%^zOA*E7RQC@-$rO2t28(}m7$BET>!N$id#uojPD
zWmfKP1bBf5#$tthh~QXBq-5F$>RtMffF~}NJG*9{UOpw;Jl$Eejk#p}FY(Zgi!vXq
zUoDK@kFl$8=Y{6ITLqsSP=Z~S(mkAWqs)yQ$)M84gv8vm60;QQz-T5%-^DjO?=bft
zuxx#;O>c4B*0g-!YZ*`_{H&8milB-?P6*G4L4Xj$j0yVp{7CS)NT`~=g4~0+Zw!Yu
zCdlj{Gnol?k>@Z#cHBpI#_UwblV)?iriK`>S0u)CdtR{v4@WGy>9UUz4N*u46^Lky
zP}_oicAG9(FKq;LU3WBDZ|b%wWLvUOL4hdkMT!T|C%gt4iL}h9wMGEnsW@!l!$JW9
zM{8RiwhTk8dN<z#An=>c2Sv>DT*QERJDb-|1~p=jGyhFp^seueq4!}SJ3RQY3#-%Y
z4-MTjKa~lR882dgZqNyuG9sK|s?Pv~L~Qc=8}|24bYh_pXde9y0EzubZ4745VQ==!
z=i~mXPk2XbAHtRDp4WVpIrJsZt-t>mI%9V{9QDy|;JD*ad;fP1xdAm!Hiv%yXLS7i
zKX>5P_TSa-|6X3U_kZV*|9k28h!{JOL8UJtRGPDof4%CxB`>0*WypgNf8b(b%le5x
zOeEbxNPW&Sv@Bz#^HIe$9YL=I_eMj{nR(*5H+bQ_7&6URblq&^jmDlYys7K?eNXU*
zfTrJ`G*F9^&v7sOcThfX2bY5u|IZ<}P|K6daV!2i<7)p0=Kb&X`OkUe0pLG|h%&`e
z@u`q0&WS;;mLiS#`YKrY4wG3mMS*jvKMU>rb52)I<=GDZSr)amO4of5%=+69eK}ji
zkywf-`$}&B-0k^){rCTl+v5LuWOx6|D}fXH!TtB&CA!e={~4rt|MgAK$>uQpZ+!Rt
tcl!OI`vY_It(1&q4pwqnl`8qp_rH}^T4|+~R$BS~<O>TcL^=Ra000nD&d~q>

literal 4865
zcmV+c6aMTUiwFP!000001ME8a)1%gr{?+^ycxK|nCf~<>m1EZ;1PC1n0TP02%Eb-h
z6sN%J|9z2W?AViWW{>ggrfRxM;^^jezrG*5p!ML-erG^tph@y^oZ;=`;~XV03PVwx
zqOi{p6v1)qGm!kf1-nDnv`!6zpVejA{xiDw;r~S;nC<`U2cgqt?f33H$M2h<?h`L)
zJ{*s`fhmIcZ`hxpX#6t}`EVlqHhi)_+%)m;ngbs3PronzaRSG26ho-l{wRu(pW^>x
zz)$v{f8WPt(|%t!&i83BK3ARlp?JI}{!xUc-m*V=KYWV+j{vjXpJtPT+zbm`nH(M+
zJxsV?F1Z7@xZjQr%Z08ku33a^BLbJtTQc$SWjKoc(B^o0)eFH|$jEjTC!NuskPD%a
z(BYI>QLIOnn(Cpk?sR@<rx%ar*~RJv^ZuIM#jYstqy0Kgwe(i#e4=?B#$z44qr7Gb
zomRBM-Y)dkY;UK&qmIpZV$gx`x0>8-IBtEBy-`1`&U>DxX}_;)$>fFe=CoFO1i9=l
zdu+4khYfS<j4CcLlQ?J-BF2!kB`?cZ3$7Aov~nS?(IiGLxd5+MS90O`jnYRQEZ|YM
zaZwr5_Xl^6ZZ7ivTnC$;+xXXlfP;m$?t5z0@F^VUN$GD+S1GL0ZlNp6{>W;p)hS{i
zj6{=@r<9l48M{-~LaV$&o8{UQ#zYu<zr`ok5sXQ59pi*A42cg4X*Wzq6CZ=jb+Jj`
z>?Ya{0>Af-(v>r_iB6#ig=&lJDRi+$Jkg*Ji@nQ|H%;gTX6>zWIxd6525QLbO@uPu
zy#<lHNqBO}te0-CU(EChhq%}0CWBZPTdi*?g52zK$gE9ziaXpDT4v>Lx8tQT@a9|a
z?*IShWK~iGPjTS*S<p1V|F!pig8wc2L;eqZj3iO^UIRW9k4OIh$Grb@{iksJt^7|=
z81gCqe++oK!$Oc`1>CEGqU$SA)#MXr2;fGr9$3J|7nxf;YC~<G)7HN{>I1is$llG5
z_fx^m+0H(2Kf%3jaJ%9D-%cJDwYCWyM#VVZ_IDzFaUhp*FHH=GTk2_rp^U~`e&0-#
zRde<7=4$>9I+PLQ1@|%5$xg47;38ZN;2iyO)c@(Az+GrQ@3Mur3&rSmIo5L0sm1;x
zq=VwEDi%`qZ4^yO+Y>$^qRVtIF|Il+{fIq=?)fIHV+;Z&wMrVkQN>n7CX!E<<c+w?
zC$84Li))-^-Ui1cv#l9tmZ>%NS(&)Qx8DK})e6e;x7Gep?ElZ=|3meF?_2-P;r@32
zN1()~`2QGi@BiMI{LusQuY17EUdpIq2;}{qEWX?M-{t$C`h<Ti_^tKdhve~|`cEPx
z_ICXz5c*U6e+>8?>;EEq)PMg`sl5VF;s<J&AHEY>0yi8lgHu@wPwbUZ93iXl2b_sr
zW^1?PCarD~rz`x8u<DdXeHjvhFa<>0l;vY7ElHt3MmLQvk}c!=p+9J7I27|*Q#Nn<
zvRo#XE!aC7iOTf6ZKJmCr+u;I;7o(25b!K$L~HNl(p|RQWufBjS306^lZfN3akWd+
z1v*7h2jMP7-Lfba$4ob9R*|Q2YLiRU@cqsOQp&Q~tP=!}U07k9K-NGU&)2w3X?=au
zeXI0kGFC^8>JI0XyL5?de^ZEUlC!#!UQ%gl^>PH38HFeHz!y#hsd#kMT^fpMu2KoR
zysq@ji3`f!M#qa`Wa?47p_Zz)oo{95r6W^VQ)jjt#sGQsU2Z%tc4fS)ao1;HGZq-c
z#8T8Bj<=|&ZkOE-6<emLOpI-i<g$aXb5XeXk&?#ssg}j_4G4>g_Lp6I(EZio2qB!2
z!-03ywl|eO^L9r#tCa8Sz0+u6b;y}>$@68@9bo=|k!gumn;vIzU`uAbBFUIRF}9-Y
zOlP+?`AW3h7Q1c31vZXMNee7}Z<i89Jr2;yKzC~V>vs{r-PxoCw-aSXx|+*Fx4d}q
zymDRRo&w7z%wuk#R~t`@gv+4`qz$=e&$=3~3UXnd5?<UaB1i+)>@Fu|`IhU-)NB#K
zKQn7&_8_r2MifWnk|r6FFK^c3NLyQnW~OQ!RPq=$I4-GkmcT_5qJc`E*5~QGjFDDI
zh?3*-T|BMVobM6xwr?@0Yivu_yy}=ju%Yj$9c`7wma8X;+~-ngyYXVB0ta(NSbe_R
ziy~FJ_8v*RV_|Mq`ra~_G^kVYh7B0R(~J@DMAaWJwoEP>`gq+%WY7{<hO4kE5MEe9
z6mkeIgJEMplCz1C$}DXt*9lRcbE|<0o^LKE+AYlWX~2?wTW?6y#EHNu%wd-e#zqE=
z4U6HSik6zHh;5~uJ#lBPDbJdgispuE>eTkGBA1ieW+aKR=ss?elQS+(%$Z~${6N=7
zp#Zeuq_&(u_IM!*I%5pkkh`4}lUz+rc`cl&<GL3qF1pIwR2@>Kvp0&P*DUOhknK)d
zqNGp{NQPmE`Gr44SIv}YztQo*Z<>Cyzp23^r|jnZ@^A~z^l_6&!xhnC#}s3hdFXhz
zGfTG+FkaV=#5x-&ut#a+@rk#EV}DZ4Q;bUba<dSXQR+>L;<{A5XpK)KmwbvyUb;v~
z8Q;?K$|wy$=Xje-g?C#{0ZIpADBO_Cq3aaOm(ejw7kI}}D%PAy*d~J_6BUQbT(2p}
zeRZWNWFt&Y90PksWyf(!cN^r~Bl3WV`)yw98%{(~v{YMJ7TSKXBe%oeGgj(#%Mc^R
zT$72pEC|_$QtRNy6TskwT;!*1$(+%vYXld2Qu8xU9gk|l=g3GLE(d#iF|c8KTb<8x
zfk>*lOOntOkz1Iu2@)J}9e{<7aJkh`@6_EepaU)}k%fISL`vPX_|;FgdMlr*of^Tu
zN*y|UOLlP|>E|Ub_yrsv+)ZTbz^zEl1GG03Y(lV%D3eawc9AC91Ea~7bg6BY^w8DF
zUb<;ft#*n$=d|-=OB^3V;aN<2y`ipvq{Ngh3`=3rY?t|QdmhoocHzU|z~N+HCR;`q
zbwnR~<PZf`Xw%E}8H4)lvRqaW9)-GncM70KgWNn-A!=c?un=U#(Gx@_mN(fOr($DZ
zslOss!f`|Irl}!+9eMYJxo}+c6h(;=I(dYm083grLs&tTa6K{pmOWme6^?nhUShql
zGbEkWmnUh}lc;sL_J~AKS7%i+D%054Vu6pAxld9bSRZW{GH<R<Vl<{ylI#SOS9W%}
zH1=82wc9vf8%c*Owx>Aai9FYk$OzKXh%~v(ZI->Pm^J`773p(dvMQ2*U3$e{OO7}#
z;MnM$h-0XQzvgb+D%yM5F73)kfjunQeq|iYP0ZG{G8n6z03^LQgpq*P&B<Nl{Qh)Q
z6m$n40;sj*8oEIyRL$eaJ6Tp2ERCIo0428MR?wpMV8#%4USCK8pk3!2lH5&}^KzoE
zLlEG5T_KfjS|(wBTA_o5H+Ex5G=owoGR8-FKhehpyk@K3m5~E8UaT4@#EfR4QQ=@K
zF6AT1^^JenZz+vlF~OPi;WcR}*2*#Vt{V<p1LK&~b`RI}PPjJ|K9z9FtpZ?$v$!p`
zt7|UJ`f-FHyPqUc(T0`c-QQr(Rb$6Hd#y_yt;iCxs$n-HL{f@aRGLbYIbUELh%|H(
zM^<1jsgPf-;7q%RhQzOn08(HouX?tccp)YO*FS|-W!bZb22*M`+AfOO=(bu{g}MV)
zK0H;);7pZKtPaafX<f^P92$l*ifLdBvhkKwu0hQO)eeP_ryPf2Lrs``Zpxf_U7l^`
zA_LVLU&~x{mgytK)bLuHI~tv(jnlQ+P%PFutB_t)n&tFD#5T>&->Qsq9<z*Dk*-$F
zjS(dtao{it>q9|>_!_=<TMKP;F%~&UV&h3!XX|Kbn_}upr^y@s|GbX)1Rojh>%Xk@
zob1{E-M#@ozW=^={|AB5IE9fodjI}Qk)QT|d=&Vl{eOC0^L$sy2b}DC>`xOk`FHzc
zkM%!Eke}B79|K-~0lP^7H!%R51WlLs%C|3&XX*t2yacttPwK#H!KU@gt_7XK2ZOpU
z>jrE~&?}3k%mUD9z}kC$_z>uqK?4?L3ua|BlaFnj6cG^I0uMyLgZ-d~e|if0?n@K^
zX0j-#!KbDLU;Ti*eEBu}Blv=QygUTANzvWFpL`O$?@emj+Nr?))f-7ccLa0C%d2D-
zH&16_LAcE;_<1IqCsg)X<+Sm)ul@vv$t*gY&+~D>r`);uLDj|}20pc86@WhYbSDJ=
z_%;0e^&jVpx|{hwm2c1?_*6J~0Dk@KROvkE^XxFs(F8s{<~4JDV1M`#{P%Cb|9A)t
zKB3@OcMYzBtODy<Z)JX;Ls-_}P&wZ>T~%d?=M=AX+B7kE-*pw#K<z!f*?%?P3H-W<
zz(+97gS`axpzSJ93EH8oQ!pvopq^JdK?5Wq_*d{L1Yf-R;mxFfgn!NFdDeUQ0{q)I
zU>gSo@cBCxZzf?fv%ND3%Wf9zix<G>^PEA)_urBm_&h0Q!Ln>tCxsyI=M3Ky&95=<
zA_Ri03EnT>-Nk+uF-(BF2EG7)Are9SN~FK*>Ww7DYbE{y@snm=-dTWecEtTc$>7Z5
z&bFxnZx$r*@80(_diJo{smtQwrnAY)+KGN^9!mMkVIL2^)<WR_8FafO^XH&>hXl{h
z&$B)5J~Ri?d>?%Er>p_tW^7<DbDHKpsjq;~{Sx^6bI)mlndMCQhd=xkd1C+e^^fxt
zGh!C$tNY<j(t>~a%agDd!SBBNEv>vJb-Fp;U(JKPzDyo7e)U?4;2!K{<vLypyhhI>
zzCQWpoBJ_n;}6c!kG<;M+=k34-mrUw#DCH6z`ucCehGdI0lUWi;Ody&zD>N>IB<qJ
zUh8|lL6K(yd;ZV%t!>9`8;CwzU%@&>o20d4%Z@h@un)Nv4blKcio6wAa3xx1D~XCO
zcKr7}LrRuxNqYet1KDT*W4*i%hr=^xC~GpdpV{-O*5{en^4-36T2r*CnNbYGsbFJ{
zsBS`-XE2M|lNaN~#n`rO`gB)M=+kNxk#d(DHxl|V3wN#9@N-JXV5NdUZRuOoz&&SZ
zk)~aiE5<o`7BwuFL{B?NO{@IEMt>aDSbid6Hu}Pb<W`-~L9TOuXRAT|QA{w1U#l;s
zlvOmS!a*j&7-*C17-emR%^wq6p&%@y-+@{z20UN{?+NwW3YG&MQp6;{O$4iW44|Uo
zOsa?nI~FHuBR!P<Cw4m2^No@o^F<^QPK_9>u7OTRFTN2hlQ35qDpV{Y#5Bu|jYW#*
zOWqYNUiz(tW0gpM--F6PNU6S2U|L!&r{`!$Yw#*3OvlmCT7Lu*DUbLG{A{okNhq^-
zVVv!jg>_Q4qXTDZK4E=-kpWHNYaU_sb$;>eS{GU7+_b1u)7ctmy*!!n>p;-+H5l_!
z53GAXVrDQM4XnfC*PIaxyFW#;s;P=SuRKTZGfxBy)dm$<^QTuI^~~@Rii<n8Rnf25
zbfIIL@G#6)61!tDti>Z(nH9Sm0AApMk=P<0;&5ywLNe_G^)7r!z!SsG!LFI7k59=q
zPY)J7##}P`mw0IDqRa(rSE14SF?JR197=y(Q}9WH5*)IWVROz>nHxEhL8a1!#N4zJ
zs|4!6XeLJA#Wx3kV(t&HY<;b5zrwh!Y4O0;GN4NMStpTnf+_~NBs?Pq0YVHj#^^tC
z1Hq#_rfT{Mau4EO8V+lW5!pdzQghfvmcamNw~ro-IjGW$c5}X=h8S>^$HsI=UU2{q
z9hNM+9AiYwDI|pQM6gGweZeuiO+q$GS^-_xbq4FQZXZJSC86?ioYGOCxCedwE1;1`
ziilck1n|8U%?2(k<l*3GZHr{fFvO~NdmfL2-<BWb5zjIa0p`c)x|SK#h&^)lo4V*-
zKPW@*W+7`Pe(V=((C!Z{-BUM_F@hP-BX@1k37Rq@oPMHn074?ReE*jH^D|{EbOhQ*
ze+xijKT#Wl*=yLF{r0une|3h}S^E&KM321go6Mmvd2W6GqyGMnJzMnef1E{bK%JA#
zp@09g=>GkmJ)Je)|LX7m&LfYAu@f0o`VvAV8T<VA>(M*%0!l4??)mrw7ZH2bPXuBq
z=@vrjJj>9sloifH6<3skUJC9k=8nB`#0zKo(s?;&nz87*)xud^IIeK6XO25@1b+x<
z`u#}@H97el_s9R)bUy3x{~U4)H9g53x8lEjakT%>=d=F(kF&@L@E=12sbY!vlFI~n
zqL-<SNCLjQ^tP_eWLiy;BQJGV{y6)Z(Unt?+u=XUqPAAydJlqGe;=YRck?I^8xf@6
z=obKYd;WjO|DR8L{6B{r?tgKmaAH5W|NhU2F7*3<25H}aeUo&uISl{1xcmOwlL_%Z
nTi<HQNM>Lqr&XzvAAJ9N>7|!mdg-N?A5Z=VxLkSe08jt`wnwQ@

diff --git a/make.sh b/make.sh
index 53963d4..db2052c 100755
--- a/make.sh
+++ b/make.sh
@@ -1,5 +1,8 @@
 #!/bin/sh
 
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 chmod 600 overlay/etc/ssh/ssh_host_*_key
 chmod +x overlay/etc/local.d/headless.start
 tar czvf headless.apkovl.tar.gz -C overlay etc --owner=0 --group=0
diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index 3959f5e..e7c783e 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -1,5 +1,8 @@
 #!/bin/sh
 
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 VERSION="0.6"
 
 # Redirect stdout and errors to console as rc.local does not log anything
diff --git a/overlay/etc/modprobe.d/g_ether.conf b/overlay/etc/modprobe.d/g_ether.conf
index b161bba..a3fa924 100644
--- a/overlay/etc/modprobe.d/g_ether.conf
+++ b/overlay/etc/modprobe.d/g_ether.conf
@@ -1,3 +1,6 @@
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 # added to support USB-Ethernet gadget mode at boot for Pi devices
 
 options g_ether dev_addr=ea:64:2f:e8:19:94 host_addr=f6:67:ce:b3:c0:ea
diff --git a/overlay/etc/modules-load.d/g_ether.conf b/overlay/etc/modules-load.d/g_ether.conf
index e5456e0..a9b7ea2 100644
--- a/overlay/etc/modules-load.d/g_ether.conf
+++ b/overlay/etc/modules-load.d/g_ether.conf
@@ -1,3 +1,6 @@
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 # added to support USB-Ethernet gadget mode at boot for Pi devices
 # also requires dtoverlay=dwc2 is added to usercfg.txt or config.txt
 
diff --git a/sample_interfaces b/sample_interfaces
index eefd4ef..e3f9acc 100644
--- a/sample_interfaces
+++ b/sample_interfaces
@@ -1,3 +1,6 @@
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 # Sample network interfaces file
 
 auto lo
diff --git a/sample_unattended.sh b/sample_unattended.sh
index b0cb3bf..58fab1b 100644
--- a/sample_unattended.sh
+++ b/sample_unattended.sh
@@ -1,5 +1,8 @@
 #/bin/sh
 
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 ## collection of few code snippets as sample unnatteded actions some may find usefull
 
 
diff --git a/sample_wpa_supplicant.conf b/sample_wpa_supplicant.conf
index 021f3e4..ba349e1 100644
--- a/sample_wpa_supplicant.conf
+++ b/sample_wpa_supplicant.conf
@@ -1,3 +1,6 @@
+# Copyright 2022 - 2023, macmpi
+# SPDX-License-Identifier: MIT
+
 # Sample wpa_supplicant.conf
 country=FR
 

From c8de3f87c2c7fae6cec68c9e0ff578d5def6e7aa Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Fri, 12 May 2023 15:57:37 +0200
Subject: [PATCH 08/10] README polishing

---
 README.md | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index b7873ee..23476e0 100644
--- a/README.md
+++ b/README.md
@@ -3,40 +3,42 @@
 [Alpine Linux documentation](https://docs.alpinelinux.org/user-handbook/0.1a/Installing/setup_alpine.html) assumes **initial setup** is carried-out on a system with a keyboard & display to interract with.\
 However, there are many cases where one might want to deploy a headless system, only available through a network connection (ethernet, wifi or as USB ethernet gadget).
 
-This repo provides an **overlay file** to initially boot such headless system (leveraging Alpine distro's `initramfs` feature): it enables a basic ssh server to log-into from another Computer, in order to finalize system setup.
+This repo provides an **overlay file** to initially boot such headless system (leveraging Alpine distro's `initramfs` feature): it starts a basic ssh server to log-into from another Computer, in order to then perform actual system setup.
 
 
 ## Install procedure:
 Please follow [Alpine Linux Wiki](https://wiki.alpinelinux.org/wiki/Installation#Installation_Overview) to download & create installation media for the target platform.\
 Tools provided here can be used on any plaform for any install modes (diskless, data disk, system disk).
 
-Just add [**headless.apkovl.tar.gz**](https://github.com/macmpi/alpine-linux-headless-bootstrap/raw/main/headless.apkovl.tar.gz)[^1] overlay file at the root of Alpine Linux boot media (or onto any custom side-media) and boot the system.
-
-With default network interface definitions (and SSID/pass file if using wifi), one may then access the system under `ssh` with: `ssh root@<IP>`\
+Just add [**headless.apkovl.tar.gz**](https://github.com/macmpi/alpine-linux-headless-bootstrap/raw/main/headless.apkovl.tar.gz)[^1] overlay file at the root of Alpine Linux boot media (or onto any custom side-media) and boot-up the system.\
+With default network interface definitions (and SSID/pass file if using wifi), system can then be accessed under `ssh` with: \
+`ssh root@<IP>`\
 (system IP address may be determined with any IP scanning tools such as `nmap`).
 
-As with Alpine Linux initial bring-up, `root` account has no password initially (change that after setup!).\
-From there, system install can be fine-tuned as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details).
+As with Alpine Linux initial bring-up, `root` account has no password initially (change that during setup!).\
+From there, system install can be performed as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details).
 
 
-Add-on files may be added next to `headless.apkovl.tar.gz` to customise setup (sample files are provided):
-- `wpa_supplicant.conf` (*mandatory for wifi usecase*): define wifi SSID & password.
-- `interfaces` (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
-- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (can be stored), instead of bundled ones[^1] (not stored).
-- `unattended.sh` (*optional*): make custom automated deployment script to further tune & extend setup (backgrounded).
+Add-on files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (sample files are provided):
+- `wpa_supplicant.conf`[^2] (*mandatory for wifi usecase*): define wifi SSID & password.
+- `interfaces`[^2] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
+- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^1] (not stored).
+- `unattended.sh`[^2] (*optional*): create custom automated deployment script to further tune & extend actual setup (backgrounded).
 
-*Note:* these files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any other).
 
-**Goody:** seamless USB bootstrapping for PiZero devices (or similar which can support USB ethernet gadget networking):\
-Just add `dtoverlay=dwc2` in `usercfg.txt` (or `config.txt`), and plug-in USB to Computer port.\
-With Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from Computer with `ssh root@10.42.0.2` !...
+**Goody:** seamless USB bootstrapping for PiZero devices (or similar supporting USB ethernet gadget networking):\
+Just add `dtoverlay=dwc2` in `usercfg.txt` (or `config.txt`), and plug-in USB cable to Computer port.\
+With Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from Computer with:\
+`ssh root@10.42.0.2`
 
 Main execution steps are logged in `/var/log/messages`.
 
 [^1]: About bundled ssh keys: as this package is essentially intended to **quickly bootstrap** system in order to configure it, it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/etc/ssh) so that bootstrapping is as fast as possible. Those (temporary) keys are moved in RAM /tmp, so they will **not be saved/reused** once permanent configuration is set (with or without ssh server voluntarily installed in permanent setup).
 
+[^2]: These files are linux text files: Windows/macOS users need to use text editors supporting linux text line-ending (such as [notepad++](https://notepad-plus-plus.org/), BBEdit or any similar).
 
-## How to customize further ?
+
+## How to customize ?
 This repository may be forked/cloned/downloaded.\
 Main script file is [`headless.start`](https://github.com/macmpi/alpine-linux-headless-bootstrap/blob/main/overlay/etc/local.d/headless.start).\
 Execute `./make.sh` to rebuild `headless.apkovl.tar.gz` after changes.

From 7e9185918015efe9dfd3f2cd9dc74c5a9e36a22d Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Sat, 13 May 2023 08:30:34 +0200
Subject: [PATCH 09/10] trigger new keys generation if supplied key file is
 empty

---
 README.md                          |  16 +++++++---------
 headless.apkovl.tar.gz             | Bin 4923 -> 5059 bytes
 overlay/etc/local.d/headless.start |  27 ++++++++++++++++++---------
 3 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 23476e0..ff87050 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 # Deploy Alpine Linux on a headless system
 
 [Alpine Linux documentation](https://docs.alpinelinux.org/user-handbook/0.1a/Installing/setup_alpine.html) assumes **initial setup** is carried-out on a system with a keyboard & display to interract with.\
-However, there are many cases where one might want to deploy a headless system, only available through a network connection (ethernet, wifi or as USB ethernet gadget).
+However, in many cases one might want to deploy a headless system that is only available through a network connection (ethernet, wifi or as USB ethernet gadget).
 
 This repo provides an **overlay file** to initially boot such headless system (leveraging Alpine distro's `initramfs` feature): it starts a basic ssh server to log-into from another Computer, in order to then perform actual system setup.
 
@@ -11,25 +11,23 @@ Please follow [Alpine Linux Wiki](https://wiki.alpinelinux.org/wiki/Installation
 Tools provided here can be used on any plaform for any install modes (diskless, data disk, system disk).
 
 Just add [**headless.apkovl.tar.gz**](https://github.com/macmpi/alpine-linux-headless-bootstrap/raw/main/headless.apkovl.tar.gz)[^1] overlay file at the root of Alpine Linux boot media (or onto any custom side-media) and boot-up the system.\
-With default network interface definitions (and SSID/pass file if using wifi), system can then be accessed under `ssh` with: \
-`ssh root@<IP>`\
+With default network interface definitions (and SSID/pass file if using wifi), system can then be remotely accessed with: `ssh root@<IP>`\
 (system IP address may be determined with any IP scanning tools such as `nmap`).
 
 As with Alpine Linux initial bring-up, `root` account has no password initially (change that during setup!).\
-From there, system install can be performed as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details).
+From there, actual system install can be performed as usual with `setup-alpine` for instance (check [wiki](https://wiki.alpinelinux.org/wiki/Alpine_setup_scripts#setup-alpine) for details).
 
 
-Add-on files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (sample files are provided):
+Extra files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (check sample files):
 - `wpa_supplicant.conf`[^2] (*mandatory for wifi usecase*): define wifi SSID & password.
 - `interfaces`[^2] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
-- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^1] (not stored).
+- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^1] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start).
 - `unattended.sh`[^2] (*optional*): create custom automated deployment script to further tune & extend actual setup (backgrounded).
 
 
 **Goody:** seamless USB bootstrapping for PiZero devices (or similar supporting USB ethernet gadget networking):\
-Just add `dtoverlay=dwc2` in `usercfg.txt` (or `config.txt`), and plug-in USB cable to Computer port.\
-With Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from Computer with:\
-`ssh root@10.42.0.2`
+Just add `dtoverlay=dwc2` in `usercfg.txt` (or `config.txt`), and plug USB cable into Computer port.\
+With Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from Computer with: `ssh root@10.42.0.2`
 
 Main execution steps are logged in `/var/log/messages`.
 
diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 802c8a823e0bb149568c55d08124d8a270b3dfe3..8d78f9fb8cb746f5136b2362b172d6e36312b075 100644
GIT binary patch
delta 3800
zcmV;}4kz)uCc`IxABzY80000000Zng`O~A;k^a^E6?i<^#3tXzeP|uKf)JM^5CU{S
zHs#_5af(ym_5Z#|GvkaWwx@P?JiDoyu97&qdEKw?2QO$n__N;`kQr!_d>m(Z_xLzR
z35>!}6sIWcGXzC&9QzC;e{aF=&^4`7gWzX%S+>7L_dfi8zbFK={h$3Hbh@nl-ks<8
zeG}Au;swoz<8e1IMG*fD`x6w6e+D8SPJ~~FPxgnKCjMP>z$5<Y_r*U>;5d$A2sPUu
zMKSVI{C^C1WB>X0eOxx}_jTiZp9bS|)wv&v$9v)*MQG|B`;+&>r}+N}Fx&lUHaW=7
zu*B8L;n2~4!}$B<irurz`|W7IS{mB&nnlPqB5?V<B@-WCg`?09ZH}i`qu{NjjBKSi
z>CFC!TnL?n_Q%YMVk5G&)CkRWXK;$0UObvxETtpN`Rj!eyMnxncI!CR(_3M1iSBh6
zhjp+*dCdwsO0>GTUFhwpy&e0GIyB>vK?lO$>T<V#VcGRX_C{kbop&5Z(|%vq;)&zW
zo8wyR5#+MF?6A#_8#c_XGpo43PQ+fH5Fv)dEqPhRdT<pnvy}^BjV3X2$$5A!UCE{A
zH)<bsFpo#w#zke!*zMgNy1B@^a~*7YcH>_Q0uGk?y6-8e;ZiuxlhWTDuVPrG-O^Ci
z-C?1BOVTl7AdEzlqo<aa+8MiJ)<RNVq0MUT@ngb|z2D-~!r{$HcOCPHFHMmP3Q-xR
z!wDaQ%yqHJ*eDZi2Z7)FX6ee=sfmuE0EJqM>?m}(Mm)i!_sgBTAa6R~^UT^?=X6{K
z`wi5P*P8%koO=r*d6RJDidnDR+_;?5D;(l~UZ0;B#Jbp8eM=GKW|u=|ZPH`h;V$1Y
zlDplGm&U}KZ^66&|JBK=qzInk!11%7X@LK0@BIY-TllB^ANUwaqKkVC_)t6^`Tw8u
z{!jIv!tr<VKS5#0r~Lmh;OP!aUX)dEr}3&`NT8<6N7m%Q4R1ZLfQv6Pw|LZs+CHaV
zt$%sc2X-lvy_+BIr@WglI(yH)fqUIxmEr#1P97Gu_6gXJs(HBW?nK;jPp;x#oER3j
zw4;QfjLunp-%ONMv-Rrc>b?T)%Lwv<`xxs)F)B5<@K+N!M{ke%KOK`<17Ux+-vSTS
z^6Ki>)&5cJ|6B3@p?bjgt^ek5f4Bc5P~ubke+;<yf3Hpc=mEJ`Jz!?9WK=bI@_tVi
ze%bkd$@f3?3IAH~YwN!c$>TlspF~LP-TF@;^r!g$81OsR|7G^5|Nf&=dj+7z57aO}
zd?&Pcb~s!Hr?OOz*r}s1LRNp_4>%LM%+_wnO<LVV)=;?{Vbv*(`ZB}^VG0QLNtO?#
zxFY!i8QnCxh_;OHhJLT3;ZV$LP5E>)R^=+OY~EIEBr4PMwvF1lpLWHTg)<$RLcp`2
z5v{$WOLy5;$wJlJNd{tUlZfT4QBu-$iB3_}LAXm%w=9Z<F*8hhp~`<#Ikm|pYPeo;
zft0fBMb`1Ww^&+XoIut<9M0FcO=)9&GkmM`Wir-Ao$B^y$z8d`w!f*wHpv%;nqE?I
zYK?LPRvCpS^}rQQ1!;J6FkBjnX|~b`ySz$9=EMbMZ==J-G&Aj>-%v}_+RnGK^U9Ga
ztf@2G4P$`3`Yt=3mr8#bD>d%=419`t2039V>JNuoR8+T%qM$;{6x9h^G)Qt$AnaTe
zE`FfIaeb_1;d}$aVxs+3*X|8pS{@*THFG%d4*K?{ac9o%2uDh}zTP>F9#;FDIhPz)
zM%^Cf_86I#Xtn9_1rBV<tXD-DGbzSaRpsO;>l0TAmfK>tZMZ4K#*ry$enH>cr9{;Z
z10<QKqQyUd7XjRzO<b~yAT#3iwAy#8ix<x;v)=_B1Oeld{Ry6b8|=AiD4es?yVTK(
zEFr5Jb~8dC#b|+wQ+Z;}7Z?X39i4=6!7nZ;pI@!uOuPGr#IMT$Qei5u`b9Nyd`t$e
ze+;Y2vS$wsrqph9C5ji(O<GrlrT~%;PgOEFQ)L#?ezhsBYuS)P!?0#C4U9=P-ipd~
zsJWo}zToqeWif1jsEHGopJeuQU7c;_A_LVLU(0NCmgxh<)bLuLI~rp_o5yRjp%z%{
zNFlwfbj#`aXwfu^zttG^JZ2dqk*;3NjS(dra9}_3>wQ6m_!_=<TT6X(u?4ahg~k)J
z&Nk4}J_)HS9w%@3|MNQH6MSU2um7^rbFyducl!qX`2PEU-u)j0MpGC?(e(ZMFGVAt
zzW;s<c-#JOUe`R|Rq_ER``h+M5dtCpVSnVY|AV}L|Npf9|NY_1FJLz*;3fuuFF~%X
z#yW}O7Q_$?1E1~({Lf(SczKn~ctcyApSFn?6ix6X`$5qrVG`8;4l1$<07qUo<emEM
z3*?!4aUV{95B#JKycTR)zwBDjDSR-f>#}aZwgkPhXv!=Aod&GE=Z6o1ei<}iQMO=K
zMl<=?#z_$Y!7cDW^gGxOdic##*mwVi0>Dfb1vU88wBXAhkT1Xd8vYS{!9HF-g4?9%
zZr~fA2Jd^DnznW-uz&elQqUb=&utbrPiJ94xXmkn_<1Iq6;k$D<+Sm)FaHFF$t*gY
z&+~D>r`);uLDk0Ktf6+S0?-Ga?u6hUzlNW`{^NX6cQgN|@-;dHp9&`rz^|X3DxC*?
zo*nKvn!u;Wyk@Qs><>SJ|M3m@pAUh-ClvhZu0bitDzKjQR_6CPgk=p5mGgbmRaKUF
zPVq{Ar%e-s_gz~-4b<M#>-}5voxrb)2z&(dJlJf$pzSJ94ceisQ!pvopq^JtK?5Wq
z_&4w=1Yf-T;q|0{gn!QGdDeUQ0{r_oU>gSo@cAz){xo~T%=XSCEW25-FJ1tj&vOPH
z-+xDL;Pa%I1<SHoofLw+pEG<<R6oc35+M+OWKHmX@$N46lZasg+%@n8_?Acn@iUSB
zp{v)D6t9%{7UGR&zPz&lU+<`UOUdBO;?B0I0`DF*{@we2LeCyHJ9Sw++;lcsSv%3M
z%|k8U9`^CzD=h^6pFy`vGJg)5Uy$JW`FXa--G}Btn(u=z|CBW#+>8zEWlq!FC-oJ7
z@VQ?CpMUN-O)#^Z3IFhizadYHzkmJX{KSlyMf&P~xRbQtU;gsM?*#C>?|w}yuSlJ4
zj`x@IV6QHd$BbXTk|MYVds(@TmjbWQ^N6obzWL_A+PSjcwv8a%SMgVDl)yP!DH0`1
z2?0MiiP8o+VB~lx(85@eD~Sz7GCZVz2<VURH@mz=`e+rQfVqHRc@NHTX7-zJmbB@o
zh*k%eXst}YUfR~-ZX!-@i5tcp`;(oVuwy6~hx3D*17RQ8rW#{t*slTM&2Z2k>-|Ar
zf2xo3(It<>mhZCBVL{P-&6Hxeoab!R7L`*7^Au(w$vo>%rhQ%4>C-$spiixTQAEg1
z3S3vn%`D87$GTra+6D{Hal9>kbN6u1=xU^CljV}@RGwvZ(_5maC8Va7eqp`Wl@V<j
z2%q)7u`Y#GBXm&c+&<U}P+!Rj3h@i$iAX!o26;M&#M%ei1Up7mUt;q|#C9kN+wLzw
zE#?Cra0Tlzt=kF~106!-B*2Y-3#(WRpyK(F?YZ39F+cD&wuRoWVkc8Q-*~pgmckVQ
zr%8+_N<zL&V0<H3WW!=<w(xv#4CG+bS4K%5QCXLC|Ms%Bv+sesWGko-oR-G-I@C<9
zW&>3&sddg{f_3Z;srY+<k!KM_L8x^uM6kA_+1ihG7m0yFwxd0#Mn1xSi0{aTs`CYR
zVSpmVcsiF|n%X+|Su%qlT`TXQ{WVbS_B=<+MJ0~Q-7lTR1Hsnb1_RLg<N13j8Lp<}
zwqsk*eHgL1kO@jyxXjijipG50FLz-lmiWg3Mj(t_u|-ltgl}!+Rk9?lP69z7oZilU
z|8@4^^3&(@4=-nDU1@rM%MSV65%d%iGtXeVuD0Hk{G%RKKA|a3O2+Bay}fb&BG#D(
zBs0PBy|uc*M{pp5cP&|Nb|;UC05md^?!L%Wmptp6D`9?>3{6l#khIh~w$z7q2~1&R
zx6jBrQYi?RYy_-mk#NmaK!I)!D}3@{MJq5*CHilc;!Z!+uM@0)8x4rjiW@)^nkW?P
zQ_`P6gYH3*3&p-V=4$O(j7U_2OnS4VNruAh%w}Z)fcGmHo?4n>647F5-bDcKBbe1C
zZnEn;zd_Zv@L(~v>Ryq#Zff#0T~iq=Pfia?7Vl=76hNxP<q5@dB7Z^drBFkxAijM_
z>Y0w<ZtT-AeMOCbh59LtX;{Mt!2+iY72t{}f~mr0lqp@alUIrLhJQ&Dalu~fD<fC-
zYYCzoY@RNu;`F{@WKCfSC(9C9N43a6)c1ngysBk8qK-4AV_7E8dJxz#aJJ`o+=4#K
zOJoEQB*dmL2{~{s_9vLIkVSikv`uPWMbz`v^~W)q1c$wUGA(v_6bTpEwjZtv1zMrL
znx39swM2To)Q8pkoov7UW+zR1xMq212DT4Q!DAOtDf0_7WyJfJfh@%cE!oAJSL}}m
z_taKzh_+Y2QFf2!$YiF_=I8It@hc1M#?d={vRw(+A0p#sfB!Sqr=#h3GQhl{KAKM2
z^WS5%E8yyXU^3+UUz6tdKS#q+!T%%q{`YBn{(F@6Uk`onQ@KWUgeMQ7ydYv<KE3G8
zD2nK4Vacr}ejvmIRekb!i<rxWO{Y+{tg{tS4_Oj?G;m2r5NCoLld+*M4DrkuJ~y6^
znIu(mY%wt=Q^OR-d}NpdL-0Ed<NvzVaGHb5xE20?>*ybjhNr_8|BunG;j{;laV`Gq
z)7<|<_5T03egFR`?SFv(xP%jWED+yfJ3xVIMczgP4&R+wTT^Ftn2U%}5Sxo-Kl&cg
zkz-O+;x|pBxmpsscbn4Rs>#Fo*mcB4IN=X^1LS7!e-!`!gFb5U|2VDe|Ku#<z;SSU
z|Br|}F0}qXLaX<`Jc2ry48{MZH}}6j7>q|hF<l;q*{&Udl^j;3yxnpCx2<h$Yg^my
OX8Q*Uw)^)0PyhfDys}3C

delta 3663
zcmV-V4zTgVC%YzpABzY80000000ZngX|tnNcK+J@3f%6=jLp2qz9=5Mf)JY|5CXKo
zWU7lD#41*S<NqF{?sn`Rd%BXeJDI9JRqtKIIoxyZ+3$s*_24glXFz74N%Aqy@c#I?
zMhT3<P!y*q><a`%a2)#rB!6$g?$9-@Q-k0aby>Fmi0(sw_<vFeX8S+;LFjZ@``Vq?
z___(|KJkL)<MFr~m?DV(hW!bO#=iiOk0-)!!)N=$O%wmFIp7ih^oQafCvY4`F@&1!
zkD?g)IsQKdytDuO_c|_{_I2GjuhU?Bt~&Q)@%TXeqX<pCXMgfOe2)K50JGhnW|M>L
z3`<;{91b0SJ&eEqT(Nt0dA}X)S4%@%Ub6_<Mg%UOw`Ahut8f(hq0RC1Y81S+l##6z
zC!N_Jkqe=d(EgZNQEWt(mKveC?hH<`(~C!Qi=}jgIe)!SVpouN(QX~5dU`7iF44UX
z<FF1^D6d&TM~PM!w+p>JwYOv6QHN$cGU!0~TV3vdHY~fo$lhq|rSp#CXxi`VT0C+5
zd2?KAJ%U_zmmRj*al?kWb!HV8*ooNd6C%WrxFs*ESP!luX0~!6tkEP!E;$dcr7OAg
z{6_7g4(9Qw+qkHV8N0o^LpK+Bcdmm?&u;u{LBPRMU-vyFHCzhEc~bhD<5di+v|Adg
zx;rd?bV)i!41|$ra`e>lQafXJ%vwmwE3{dyJ$_91vG-eiS~$Ep>8@iQ@uewpK_M!`
zbU5K-khv~485?Dy?I7@b-z;4@J2lZU6rfORksXCD*N7*W^nST>7vxRnd!AW)>zt0u
zV84MH@_G}XjB{^6BySRqTrumFn;Vx?dWA!O-0SlbgIE_^t8XcS-0X75tWA21JKW`4
zMsl~?@zR)h^Bs8i|9^9`Dk*}eIB@(dXd2-E+Iv64{}%o({|7!slIY@I13ngyNB;l&
zy#G`Er*Qne{7+CA@;U#13V6E1k{4wa+-baO7!s)I@{u)paKl><Ea2kH%q<?Zp|;Oo
zY3pAe^?_ZAWbfvO`z7z@i_YG&@8DiHSY^2XZzm6nTKfd-N7X#sc6TCfxhGd~FHQ`L
zTiQ{=P)6r0zi%eWs@ZyVb9G;V_GJWl!F`T(q8ODLT==UAoTH!5`ahkMSOZ~yci#aI
z)$;1<x7Geh?EjDA|6}!lAKL%T;r@RAN1(*#`2Q4e@BiMK{Luq)Z+gJYUdgCx^5p%V
zEd09j|C;ZA?i2pG;J5aFACt!i>OYB)*!%ULK<Ll$|0&>itpCgGQUCo%rS=LyjUT9C
ze)vvk@$7K83{GXK9I;bJVT7!I!XI!ZcA2f+lAE-;iL9Y=H^Qn@8uev}55g1>?2{}X
zN^wQ<1v0v6bP;VC-wpj<N5i3*_nPwQW~|CpV%fZ{*ho~S=WQFcbwBNjEemHlG=+d?
zK_gmwN0;uht&)YRx04LS*d`InS)-(+=@OlysDp5qqHb9f3u9)O^g@+?r*dkOOVn_^
z;sPmU*^8{>d2g|_!Z?AffjFG6ahuY{`eyi6>C0rSjXKrs&yu@xiEV#ViEWZE3^l!^
z;?x@D2&^&+PwIgyoC?zL=wP@s6w_>_5q5c%jLeA(%HBqYi)m)sLBFAvrnQ}KW#^S6
zQ&>}Hwj0I(dG%d(JTH}hGFEEb^%?jS^9*vrQq&&~x2ULY7ezsZmMN+ewrG&#qCnWW
zC|vwNiR1cM%fk5vgvCVrtFGM}zO+0*2y5nW;2resP2<j--4TwIa(%sX8a=G`Idd*K
zu8g`p%<VBUEzxSz;|m<vl3A~cGG<bYt*Xk&QPwA}5-hjHZrgAviH##u()@zHw@Znt
z9R^4;QALY?c@_cOolRV_iXb!M^|ab|tBV)UJG0&e9RvaMll%#ue+l+nH5AU->0RpR
zMV63N4Z9g3kYcnz#i=|o=L?Jjk&aHnxZoF;l+UkLaHidTL*mzE0I4vQSN)=zI6fu=
z*FT0;W!bZb22*M`x)Q~U=q9bJLQ??Aho>qToT)MkX}{W(*0pTNp<!6Fm<Glq8*fGB
zI@DZHeP8f-%CZ<Xf7HZ@%TF?Ux~|SPbCH2+jjv@kI?MEdVrqD;&mE1ipv~j8*-#6t
zb)=A9R=VZ%e6(m9#oua-dLFZkkw{ms=EjH;4mhwM`Sre_LVOM1yRD@@y4V8Qi$ddx
zS!Ww)X`h7D6_1lQ{Qo(Q_za&I?)$&2^qlP3|J~jJKi>a-fAISc0;36x#IeWwUy39?
zzyJLd@N@gWJFa=YtK=gt_5=2(Nt%4m{sc*UKL7h9@YR>Fn-p*p1He}xS5{-4L~#pZ
z2!?@A_W}Pim^)rxB{Sa8R_CW};sr$$Jjs4gv`Lr*^}m9OYy!ZM*A026e)kf2re5Bs
z(*r-L1Fr>}f7UO%7IX?94C=b98?Y@wuPmA}3qYp<Yw!8tgP>mq4Oo;dn3d5?KDKdE
zL_ly0JP`dJ_JbaN_Z0U1zn}mxlSM%dJ~b`)>IdYjufBnQ1Yfd`!$)wN6x|Jc=hNW*
z+oq<ioeJz<y_FPn$G2;n#m&=MSP*XW3Vxo+W`&e}e^xnd{N1ZRfnhR>4(IcF9PlZ3
zZhla;F*s|e9jgHJ!KXVR_{VSH=WqTv|ERl}|5N!E9fD7VlLz28&rX%jlRnQ5_Z&^&
z(_>vT*9Z28AHjeB7W|Kgz~B=Ketp-V6l4`x&w4BK`x?Ts28YUd-E>uzC7x5f(P`7f
z;Qgzuf1n0x@9FLLTl1a3uZswL1oJ%EY`&oFDo_pDp{!FdDcYc(cS}J7Bq8`$@F@ge
zzWU+qqJM;c$>(|2d-xLk+qYmF2L<rrR~3Jny<uj1XA+j(EZCPXffw_dLC5#slN)%E
z6tiGiHmj3DkPmZ)?}_S{m|r6Vf~*NXEZ*J4e|{1%On|!vz65_J5<&bzr2o>@TS<yH
zO8gn(oo2qevjE?IQTH<?gENae+olS<d(`-M@B0Zod)VyMW$|#+*<@wyM8CBTwfy<C
zj|bmqA@KhUx?Pg_bI|;X1kcaUvpw!UGzZdrAAI$vtO4O>Y+x^Qn&!T!uYnhS3A}jW
ze>qJsvz!V4@Q1%5Pm8~O^W*%)jF?6G`aaxATJSG_dE$2h`2F|4rIk0NPB+K<t9i0F
zKa<CbU%incxCeV#xsI0tZ_x9MZ!W(5_C5yff3|OJJ!%_KxUcwEOi8s((&B*4LSktj
za;s9ckx;6<wOS4KV5T)5#}^3yKHr%!f7pQ8i%QT&@sZH7b3JqBobP-yHuICu7|i{o
zdA3!=<8nG35_j}F_7A(bVCPV<$fhSZ2i!iFzNupn#A`};Gw9nx$L`zCGiO-UhCCN5
zzTVajYKk6eW)#D4Dq5Nl)lCTV3}zw8Jhw+<+i@KF9Ix)vr_m@P<32fVEOamne}Ar6
z_hUw3FjG;aR`e}Cz&)>Pk*3EiSB|syEUUX&5<M*;HLcAT*86R*#tKuBu-+%uCAT^X
z9ppOqceWbT@8tx8__g|SN?B!tDjnovkpOMdHKS8sY4gX#b|?wU_*bA7O8^fTA$UUl
zR)Q5khYUFha1+BS0RyP0B$q1Yf6<yHsanbarT>YwPW61LWWYiZi<DC%2CHkJ)7gtJ
z1<NJOwMi8!0l`25_7h`~^7&M7O^cUdW1+1;T(&)^41|{I4+>06t08*!hO{~_3&M1S
zhSvH$kVpl@PvB>riAWbRf4fNX^`x{;#?};Yrsf0I_a_<96u#myR$u2Af6u16$TD%$
zpiWI^tE2S_WX7kFpyzWi=9L~;_kP68U^*LEyWw{@BNldlieyz&m3v-!j^1aU3bs&7
zRA9{?UcT2e!%HYHuGvb(KV#E{&TS&VFe^#yjwP@bk6~q2?rsElfd|H7g?xzMSV^R0
z+6U@g`jCJpE|xpHW}aR?e<j;I-C4Aaxn%q=@z9NnG9Rp8EsWlev8!<Bh336m1)m&H
zf?bx<J)Co+%#9q$pwh;K#N4zJvlQyUXeLMB#Wy?eF!vv@Y<;awZ*kn#w0z)e8Bits
ztdmHJpo&3G2+xQ?fDprs3HtZ^NbtBwsG7cl+=IAp42Lx)$m}39f0+q(k>@Z#cHBpI
z#_UwblV)?iriK`>S0u)CdtR{v4@WGy>9UUz4N*u46^LkyP}_oicAG9(FKq;LU3WBD
zZ|b%wWLvUOL4hdkMT!T|C%gt4iL}h9wMGEnsW@!l!$JW9M{8RiwhTk8dN<z#An=>c
z2Sv>DT*QERJDb-|e+D&Tk2C*GUG%Q+l%e-wAv-+yu?wry><<myGe4CHk{K^ze{RqT
znld7sVXDsnghXue`y2N6Pjq6T5NIC#4FHM#NNo&e&tY%&%je_%t50}GYahau>Ymqp
zl{xe!&#k}z7&>EjJRJ4WZs54%QG5S)4!Hp}PBw>r|7UdkfBipq;MVrv)$jjaUbgpt
z=aBz<>Gy~jJCQ-9FCkQ#vyXqh>b)f|qN8QVgAjk<Vq(ksi9k#w-9kux&N8$tW2N&^
z#Wfv4uLSo-L(iFc;<-0?;k_6#%~*8ZY~+o`o-e$q>-l|8@P~k=-<~v3i<8fBFZ_2<
zK5z$@gBJhKe<8O}%ahD;EB-s<YX1l3{qOeq&w1nl;6H|lGR0EysgNnoi9xQGB8~X^
zDp>grlUX%Ifpe)p3+?=KPFGIl*$)3%7PYlX*L@Jo`r8nFIa|b$Sc)k7N^bz%?fHNG
z_y3OD;{SPMcmK;PffM_|{rBG`y3p?b8Kimt^-a*pG3GG*Z+!Rtcl!OI`vY_It(1&q
h4pwqnl`8qp_rH}^T4|+~R$BS~<O>TcL^=Ra007x@VuSzy

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index e7c783e..ba671c6 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -82,7 +82,7 @@ rc-service networking start
 
 
 ## Setup temporary SSH server (root login, no password)
-## we use some bundled or optionaly provided keys to avoid generation at boot and save time
+## we use some bundled or optionaly provided keys to avoid generation at startup and save time
 apk add openssh
 cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
 cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
@@ -94,22 +94,30 @@ cat <<-EOF >> /etc/ssh/sshd_config
 	Banner /tmp/.trash/banner
 	EOF
 
-cat <<-EOF >> /etc/conf.d/sshd
-	sshd_disable_keygen=yes
-	EOF
-
-# banner file
+# Banner file
 cat <<-EOF > /tmp/.trash/banner
 
 	Alpine Linux headless bootstrap v$VERSION by macmpi
 
 	EOF
 
-# bundled temporary keys are moved in RAM /tmp so they won't be stored
+# Bundled temporary keys are moved in RAM /tmp so they won't be stored
 # within permanent config later (new ones will then be generated)
+KEYGEN_STANCE="sshd_disable_keygen=yes"
 mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
-# inject optional custom keys (those might be stored)
-if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
+
+# Inject optional custom keys (those might be stored)
+if install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
+	# check for empty key within injected ones: generate new keys if found
+	if find /etc/ssh/ -maxdepth 1 -type f -name 'ssh_host_*_key*' -empty | grep -q .; then
+		rm /etc/ssh/ssh_host_*_key*
+		KEYGEN_STANCE=""
+		logger -st ${0##*/} "Will generate new SSH keys..."
+	else
+		chmod 644 /etc/ssh/ssh_host_*_key.pub
+		logger -st ${0##*/} "Using injected SSH keys..."
+	fi
+else
 	logger -st ${0##*/} "Using bundled ssh keys from RAM..."
 	cat <<-EOF >> /etc/ssh/sshd_config
 		HostKey /tmp/.trash/ssh_host_ed25519_key
@@ -117,6 +125,7 @@ if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
 		EOF
 fi
 
+echo "$KEYGEN_STANCE" >> /etc/conf.d/sshd
 rc-service sshd start
 
 ## Prep for final post-cleanup

From 6718b1c311d0c4e389e924a330f20c8502a5319d Mon Sep 17 00:00:00 2001
From: macmpi <spam@ipik.org>
Date: Sat, 13 May 2023 09:03:08 +0200
Subject: [PATCH 10/10] bump version to 0.7

---
 headless.apkovl.tar.gz             | Bin 5059 -> 5058 bytes
 overlay/etc/local.d/headless.start |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz
index 8d78f9fb8cb746f5136b2362b172d6e36312b075..97fe05d22b0cf2ee668d43883f4984adec4866da 100644
GIT binary patch
literal 5058
zcmV;z6Fux7iwFP!000001ME6!v!hma{@VNs-0sPY&Ai9HC?30l5FoT51V{)bQ(f%)
zB36Op{~o07cG@0$x{|aznW{cj?_I<>+;i^PFI>NM;V*t?KxUvx@-fcv%kgoI5*US{
zC{9t>7YK^rIQ9id{@#M!p=(;Z2Ei}tvTXkm-G}i1q~Oo?fA;*q?y~l^Gq3S=<JW!c
z`pw7VaW^nU5dRJP6BLbq0U{qygx`kG_J^A$`dxFtBmU_R#XnBqIF4cnHQOIWG4gZ#
ze+qbK|M~BAR5tDFy0KrU{`g#V&d1{Mf%r!en)-$P$@}m*{yzcCc7K{p4ze>Wae1;i
zbaXNP{&U41+2#Fqcw8+tWqHj)WET>+blH)yhp&QB=!Z7P)2mkS=2Aj->nQH@{){Aq
zN<znTW`>a#no6n#`li#ky_F^|%`KMeGt7CL#XfQb=@1?^QL3i5LgQl9?Jy4O;63Fw
zE9ktY<;5+bcSd_V_Z@X=#xsKsgtt?rZp*TpL~=*%xV{`Xj;6i7u0@06FWd7*=@BG3
zBnNDJ;D#-8>+~urFoQU%6Cy;AxFeHQr21D8(_5(!HfS6nNzTKY^_5(@UL*Hm2lIH?
zZ5>p?w8POkpxZ<`Txx&Yvs>?45U{^gH+@g78!m;TJTATM`6>og+ATF%KAaZndVLNV
z2qV$>?8;?Q+hcdmT4<eDXtUb5{223N@3r`}uz7t_9a}%+OI_srLfjA2$-qZHa~y2a
zw)=^;eBbLmy>z6^Xu@+KK!MUC2MS$o5LeLY<MQAv$eYUdJhO2(IUSY$aSJu%^(H_W
z=iK~I+QuBYVm2!$*AgSW!U68~xxpZ2Vkz}4MUb0S4w<=4&rydve9Nqz-EK@89dEt^
z@BaU9c2>oO{}lPQm-$Tt{9k+TXZYX3-{pVb!$=Zc+-tzc;_=A;f1me%s{a&@|04er
z6o!1x|DOV$?y%%VNd^xJFKgNwR8;BA>O8pR%?B26@MY!{kJ?aMm$dbgM}1(IBH26n
z>3+#O`J%Iq>^r#E4R$}=|F@Hig{@@($5GZ#x5J%?TOP?()Qc0t;-+$5V<@9?rq?$U
zW!7xHx;d)1hmK_kx&D2QO}y7C*-!YZ4qU?bXZ@c}3fzU}@-ADt`#=b9$*Gp&PALuv
zpANFSt`?AdXv1)d+n(?U0bQjBk#Uq^<%Nq=;9PF}Cc+?KQmVM&8bxRYWFonEMc#<J
ze8PIuJGjc4#%-_-GTRwZW*TZ^UF3;9e)k>lP%SU7ep~II#Qy&%{y$a^_@VvZ9PYpD
z{|J=$9RHsJ?)~3elRtVu?oAJvSt|*Zb)LN6lZ0P){$KO`&wau_7yQ=#?_=`#K>a5X
z68mNSClLB`{C^7g9qa!xd(?mLQK{VmkfR4`m><3qnmjw4lEJP_nIjJJD2$L<cmvKv
z4zsgba+_8+k=11GMwoR<qn-ruevkr!Wk}Mg6jvl)AfuCpiD*gqVd#%48Vtp}*OZK#
zwklV#Y4O(HLc%h=?Aoxc`{_{ZSU6LmDF9p(8qwN4J9L-r_E{jihqZ=iyEtSyb6oG!
zbcs%3*g?2MQMW9NgfY`}dLc_wIkj;THeA1VfRr+=Mb`1WyI7h*6hr1foG#a>O=)d&
z(>$~EBr;M)mFkX{wX<@FU4N5_U7Rm8IZaY=YPE6%RvCrI^}rQ&1u1xV(i|F!Xtq)a
ztGuqY%#I4m+J&b?*E8j$-cVCf+Rihx%gUB0tf@202_k^JdJa2Ymisc=*SO;`uo3YL
zVqhui4X0aJRJUZmM}?LtDg#?INSy2;>{1jCexk&2bFL-fasz^5qP<nu9yM>hJV6Mn
z=dkad)ZI<tE}Yd7_B!SI`d~L|P#tsTQgU1wc1M^yVq{vP)wahMIIttLUKS-xrx;6?
z_lCXS7+fWoPK(`k!4exsrlk1=eQ%dySvd{RT1WRv^z(NSz}?xzCA$|SM!XuUW4B7&
zXx_PQa94&U1LiQt*Q%|nhJ12td~r)278gy4)&;pV&M_x!mm#DAo5emSCFz!H^3?1Q
z-n%dxWcDDTIfWEU<f1C-q9<)P!bqDtn`WkJ92D{tG&n9QbC$pb1EPUSn>Lr}vWk$F
zkBO3H^L;dJHmv6o(ynhYsB0`!Qr+s5La?swsXc9$#Ez{ekv!yLU^&rptpG=3O_+VY
zKL`R<I@SS+-BV#~*V@6<nbfaS;f4(u#L<lIb41mj5=$bN4Sl-qL(*@FE5laU6$p|A
zA@Df_m;SKTA<^DONM)23lxu__&AC-adDk;m6YUhn<~(5Wp{=*1Vc>*s7sjy927N05
z`gVcgfr6H*A`5LLUtD2tZYbBBR<h~@8|vKljx3dv(q<%yEzm>M#Akb4o|y~DK=_fa
zPkaHW!&zxrp6u~L;59}cvLSamF(TQTn(~^zP^V2VP;7XWcBwL?a%XL2TdNnaH$s*(
zsj-|wJs|43F60S!4zH>q(q5zCgV!|u_Ha}DM^4$#`Q_mjtl{AXkp^p`!%iv2tn$Ei
zZ<ht#Lcn<4*y6(8LcTSMBZp6%#h?1Ke3>Ft)K=T2Adg~im=xQkN}@I%5hwW+lAM@`
zNEzMI^2*2!K<9Xyi-mhzO+HHdLcrgU<k)qx=}G7qrc1nIDFtgTBy5p>kqNR*Wschv
z<e|FK6td+fJBok<qb$a8O7~mj(j(G<2!~x>Yg<-8QM6QAN#fgnxhHqS!PVEwb;l4R
z#$4lxNtT4<L8*E4q6uK|LMrm}u4FFg)zSULnw0#)QKyp<b2%~+$K+`35*-_MxAo;B
z6^N)P`#25^0l5X~B1ZfZt^qLL5e~Z^>b<fb26Vvr6|%I>x<D!07QcG&PHUxewO2ye
zQ>bHy@5nCdL+!G{d9Q$@qq7Yy4Y(DlafA-Kj7<oZ5oO$oyDn4(YhYB#6qDLokS@9&
z7fClQtMy)%=A3q!ERp3RD7Xl5uQk*a5ao!n_+iB_o82lu?JgtQSPpy~Y&e*#WU?f5
zS%>tgM~<Oy1{S^ATrjB5lGUn$@G#J<yHfx?>gUF}3Q!ZH`6VwQwiY82vARj_I2BtR
zOT9Iz5VjMzH&qF^>&Q80%z>k#rzlDg(a9xb8CcQc1;PrdgzJg%c8gO2t#Qo7wG!+3
zy)J4CZFLscJ&BsfYmbNob+y+eqcDwiEtdFb8izRbfX&HrAmip}Bt~O$B}%qWxn*aS
zEB%ngUAv3&jUIQ%a(9kGj>vNr33Wd$^-z_{+*&M>HPiY4s~~;uiDpF-utTpG*ODd9
zOE}VdJ7gJZ>228Ct_lxswokkAQDBd&MZeaM#x`2iwLIwSoB%|vI0hk)*Ui~k=G@_Y
zl4W!cAAP7br5d_H22{=SNP9_AmJ1rY@IFfH$Q`eS?a_!J_OeMx0-zoH5|HdolJat*
zuY>R72TdmBZd%1beqN)4i8oebiZp{#C^AMT=`hi!CA?Wwy(1w<W=zZ)D1?k&K%>mU
zW>iWilI<Jsc-T=Yy=MFi>A@RPm(8`U9~>tbb~?r~spTB6n>~MTC_E}=<y!^7GHbFs
zY+u)Gn)TxdK~_JBf~*c}*}cEPo~y>5vkz*Q+G>%-WL3jXMhK)BE>LkQ4d#--I1sAn
zB#aAwk)(WnHT?_i92*k9E`3Obsl4hJ)x_};={w#zs4CN%J=C94t5Nr1v<PqOO;sp+
zVC}(E6%Y1Q>BaiE+Lq?EY{;QuSiP7AMkgD0Mdd2gB&d2U_&jA<3>#{~;BrG^jqB=S
zF^L3J8+;?N;YFfP6jQ?+b?#`i1+Aa2&6ZkVt-TKDWu=;S&xebq*?T*MkuPJGF>BIM
ztGO|vgcA-NM}BiGr~u!<_ik&cjt;g!j-t@GV%Aw2T3UvXI^ub9hyOpXBR<0?hWq|6
zD_uK#_I|f-z>n|0A3Xm-U^InekMG1NN>Rk;@4ue{-naj|*EP>~m3+j-{$u;22!Rmq
z*&n~}|4IDw`HxQmUwsKXaRE0G0DJ{<Wi{4u7_}gVU>NvxAMihex$WjvJmWQGb$Qyw
zu3t3%ljQkD8wasp|0}qcbO1Q>swN%e?_MI$^vnBns_(_M@3vsmdS%ywcHx13U6*wO
zwk7D6MN?)zXg6T(K0kaA^h&=0i?Ri?GMvfBHj0Z7@Nd2gqTj=w-^1^o!oL3(6aZ$j
z(67O#rUhU9fPD4UH}H?(OZM^d5!}T^cLU$~G<ZMT)U>r-f&Htul7i0oc5Sn`c{&RV
z!fjr`&okMqkh0GzyN$kk^(QchXVKw&UXKkv<@U|<t2P2>4YgzCgC6*FCj|fa4gCDg
zALk!+H}iig-=YKXsjzb&{N~xN(s|P7+2NkU34D62Yv%gE{_rFC@85#|@emk%Lcy=^
z8eIEX1=h3P%KW~Dpsc~6vR^k{Rb{bj7jJahG!b||wdL19?LNIdzct_Sy}Ag&M=;Nm
z&F1slt^#Gh9m+Zd<D&KJdAH;@KpcR71)l=&<*OgwF8W9K=X{=Ly$3JBzkLg~kzW8W
zepT_t><u&9JCmU7X2HIE3A~us4BDRe3%P+8aWM;)WwSad1o<#$_@1bKj`=l0z|R{0
z!{Xgt>?aX}7`SWTOYl9B2;yfV{g<xZN>aR0;(Lg9n)&L^0(^U-?mZ=gGmAUhrt;l;
z)OdIA`w2aJ*zDA0@o>}GWMyrKzqJmze1F=<gKxCpdw&L<F3!9;XnsY4=jZ3y9(Ny_
z18KewzWP(vfN(Q5u$$RUb6?cgzzeSgUc7Ma#-CZvgn#(MUy-N9-@f^Aequ(<B7J=y
z?j$Yvm%lvm2Lb&4``^;a8&bQQ<Neh<*_)s7W5uuDNa5duy{sJDO@TM)dB!&v-+p@^
z|FfMd>uuWz!hIEg#YPF7qm?32vXl_;gOez2kOM}JhXO5(6}ghwP$a`cih%z3ezVJ4
zq>ok+3YZHBmiOQcXJ)_oW=UH_tAk6lR;FJsZR>D15hu6A4dage$xcq#F%*o$`N7SB
zu#aq0jWIOr*MRV5IOvb{{-Ccv)yMhhl1F08ciHH$py<A4N-<o{b2e&=$|;0-3bT-8
zp7kfwzOL)^X&xTXr`9MU<R%5KE97Pt=E`H;FClG%h37clmcF@rxMy@V(zMBP$#p8v
zvbyOl(bE!AQ%k?F-s{SUwhV;Ndf!-=!m1HED0FTgYz3&V<OGHIh4DnBoo9nQ9YkX7
z18ssGqpB~l`6FUGl!R^f7oZmN0S~x>^_bRe1&e_WA#xJn#)VZZ22k<*$o5?B?3f>T
z8{0zfSFw|+o^L$cVoTwQfYT(#6D1*ECNRDcEV5y-G+TH+I0kaC=_{iokEpCmx_^6F
z+u8TPU9uI_2Tn`ldmU<~R<nUBm()7vF~K@^hgAGMz{s<Rq9D{d7a~~O(QNHUyNkp?
zA=}ZOQzIW?#CK#v)%k+EFhG%FJe|ufO>Ld~ESW)&u9f%D{u-!ud!D1^q7ujD?w8Ku
zfnaNIg8^v$@%+7%3|CWf+p(?ZK8)C0$OI)UTxM$%MPokhm%FeNOZ?*iBM?Te*dnPR
z!nZc^Dp`_NCxIXkPH$(w|2q3{`RVidhnKUnt~9-6hkWh`dJ2h|XRuvYTW?DKQI9I0
z(3B@7<Mip?-nf4e>r4ZZnc(=|THW9yI1s_RmMk~BlgC5=8W~A<Uu3FFp7qU@FuzKM
zCMY0CT526z>O;E(rZBSGXJj3z6ogAQ0#>w0xMnJ#KsSdKKKZbs6_}?I{WnW-r=RNA
z3D%7U#AwA0pb1SB3ic`KPoP2fpvZ+{UmbI`_AEvuszD~bS<)m!;dW-TvH-yQ6%0=;
zO)-gRu{7@@fcFv1>Jm5E^_}0K>RWiQ7+ZC($Xquyd77@NjFl&+2PKPlGffI0RpRo5
zVmXn&Aoo(JAyyFIJ|y)_M{qaxX_&sE#zOs+#x$(qgJ6MEh6->+6v0$sGs={%*~zQK
zdc(h@iMU`d_LY$<`?Uno4K`1gRB?LWFtVnwgp*~7tfN|FAnJQTZC=%~9Z|=b(y=U)
zXFUk)7&zN=JZ?ds<s~wL2ohpbn1mcS7yA=TSjeKiL)s=auOjOC>iXjtO@hN-nHIY|
ziiC@7+YeWT0<BPAO;1m+S|Yt(>ci^&PPSivvy-MhT(dkh1KS6u;IRv+l=%gkGUENq
zK$c>Jmh9rqEB42OduppUMB6LiD7!~<WHM7|^Yi!S_?3lr<LI3}*{+1^50P=RzyBHQ
z)6sN18PNH!KAKM2^WS5%E8yy2GUWSTljiq7N5fIU|ML8Ia(ddH{~n|L*F)d?RIX7S
z;mJcNFNoNePcM2iiXu8%SaNHL9|$o)Ri8ZGBIa^o(<ziK>ug2TLzV;|4P4R@#F^m6
zWNhdQLp(Ev&yD9}CP|eXTTG0})G&oH9~tJr5d2QV_`hy7oaW#%ZiW9k`iG<8>9EEB
zW3+2H?LlN*i~ssG_y176|37Zu|36CmAK*VO;e;Lw#JAWEP@r0ow-JHEcW2ht)R`UT
zB4QN8=3?28zDIQAm=u-xP19(umW1xzru4UJ@^C(O9kCHk_=Da6x!L<4#sB}Hk6Qdc
zPAmIAIg2=O9NgajBccnf|Buk>{V$K84kknKzv<2WuMY;}(N9d5$6>Z>M_?s~RVi<G
Y-2ZKBTie>!w!7K>0Y5+dO8`&+0C80wvH$=8

literal 5059
zcmV;!6Flr6iwFP!000001ME8a)1%gr{?+^ycs$v}Cf~<>XdSzP5SJtn0(3w&<>Cf$
zic{eA|Gr2w<BTV^r*?NdyQ!M4k~q3~-LLNlFK9jZv)>tz8EBGx9A|j<_&7%ijKWY9
zrzq?*1VwNh`wS$1Z^7=+HLX*F;AeGNw!cO9KK#EZ1hf60{UCI@to`1d=lFdS)P3Rw
z&4=T0H!wvI{|);S6peodA|FnKUx!cjhnpt;U30)A{^|F{KThB{j$#Nk+aE<S@>BeO
z40vPz`S*QXHtqLy<9we6<8#%yABx9&;vYq5>K*%&_rs_7{|GSK{b@Ei$j-3D)yd(|
z(Zl%r<%-?2%lqwUzgimF@|s1+HX?BOyd@JKUxlO44{eU8SEJyqrHpK)IO)v(h+GJr
zg!aeGiee+OwA2XAb!TvjonAbeTP&p`%=znu61#%Di+1Zc)ze#HaEb197>9MRLV3*!
zI!d&<xLxS&sl6Thjyg2skwFK--|BL=VcGRX_C{kbop&5Z(|%vq;)&zWo8wyR5#+MF
z?6A#_8#c_XGpo43PQ+fH5Fv)dEqPhRdT<pnvy}^BjV3X2$$5A!UCE{AH)<bsFpo#w
z#zke!*zMgNy1B@^a~*7YcH>_Q0uGk?y6-8e;ZiuxlhWTDuVPrG-O^Ci-C?0i(lKHn
zj6{>8r<Rx68M|ZFLQ-C#&1&uOW5SQU-{RB4;mt{R9rK7UO_2)<Q5mMg2_J*Zb+O6V
zC=+c5f#3UP>B`xuiH@NFg<6a3D0I0-Ji(;*%bmL*Z#v)e%-UP$bX*4e4b+g=n*e2;
zdkZ3YlW^pUS+CsOxSY}}9O7P|pBTit*jjx{5#(l<LuPH#W8C2`-!hWB-Hw;W#G7xy
zyZ`^y$*QCXp5nmqv!H2!|7-941piz3r~DuI7)hdwdky$dJRbS~pY#4t^`FA=ck(|$
zVaTWa|1sd{4ohB?RdA>As$oc=rprgx<iQPZJ+Od_FEh7z)P~wVr>%c^)CYDclD(TB
z?x(z)FFJeAzJYt)V3pzi-%cJDwe|_vkE(gN?e0X}a!;<}UYr;fx3r^#p^VO1e&0-#
zRkQW#=IXuz?aK)Ag8LZjL@_EgxbRmKI7e@f`ac~MxC_nYUAFX;P>61qLoFwrR_rc(
zI;fshEg*H*M$weCJ>e4qx=ME<<7&goj~0i}J>U3sj6uMpRY}7&n$QZ!L~_ZByb*W#
z1Zmy7xXxOq+u)qYY<r3`>!dgKS)JJZx8DK})$;1<*VX<}?EhQw|Dk%o_pSftaDTV|
zBT(W~{C^C%_kXWV{^$X@S3O{6uVhp;dGdZw7Jk|Jf64bh^$Gu4@N4V856R;_^`AsY
z?A`iLAoQpB{}}K)*8gSpsQ><>QhNoU#t+mmKYS;&cy>5k2B)%Aj@YTAFhW-04>%LM
z%+_wnO<LVV)=;?{Vbv*(`ZB}^VG0QLNtO?#xFY!i8QnCxh_;OHhJLT3;ZV$LP5E>)
zR^=+OY~EIEBr4PMwvF1lpLWHTg)<$RLcp`25v{$WOLy5;$wJlJNd{tUlZfT4QBu-$
ziB3_}LAXm%w=9Z<F*8hhp~_P^waF!FxL$FAl(Ota*73ZzSXyD6K-NGU&eyn2X=8me
ze5>?jGS)_&>h@>JUAe@zzp2DF$rpy2UQ%&tjdBE58HFeHz!gpfX?S!nTpEgLw$cc@
zyh=vq#06z<qr=5CGwq<?P)pO=&bPAj%8@CosWaORV}QK+E<2u=N*OCP?)nUTig^Y(
zVJYelhg(!sw~L~nLdz7@30pKsa#0}cTof*Tpu}-~tYzVR1HxjW{Z-fQ4PROwAcQq@
zIPebo_NH-X&h7|DO1Zw?IgK7x`<ywK99Kr&9_IEKnU-j^>G1^)Y{{%wMHw?G##UA3
z<S6SCR|%HeVz+I$#Kw^+X?{W9+oeR+4g(~asG`L`e-{DVolRV_iXb!M^|ab|tBV)U
zE7vvdsjz&4Im``=YUAk<f7v&IxFL6ov!TUOK`u|ngcCN)2-1P|Ldi*4zU78GHCu%D
z&&(Q`JxFK{5ycX@sEelP%bT?@($?0YnW-8FjXZ=6j*HryC2-*c(LiNP>+^J8#YoF1
zM9H$b5>M+j>wAQ}?OP1$8rza}uR5d<Y#Ius&{j!o*?JPmT`q>U8!sgd*q<cA>T_i$
z2vq6XJ0$TA#c3lMJIiF!piYGwHee7(GiJaMRe!kHGP!K%!&QmMpe3#hTVYoqyetTT
z&mp)BhK&h{&L&2xQ)xrFK?w4kTTPVr{L^Zp-Qu)94p_2l>kWB2;Y8pRr$NaEb0Y)h
zW`W_MhL*af3T>sHJwdV7lxIyVRd>TRb!>ZAmCH$MGm^v>=q_%Oqcbj#%$Z~$d{5U0
zz5w*$sI@Fl_IM%i24fD{kh`52lWa{*dCi}x!@3tJHoD5&R2x#Yvp1?^)C<@jA={nw
zL`|U{5KYq*@(Xv2uKG!&{l>rtziIl-?xqEgoTAM6<>40W$;VGb8cIZm9a4;0<)P!<
z&I`JQfbqI^#D%kg0(%rk4xc!iKlDfSJjJMJtTszQ9mW1+QEZoL7rpU`<dRPj$%z*c
zDdSsOUKzCk=p1izvG8uIDM0B!2>Baw*>|04`7%02=@Rc)O2e8n3EN~)WP<8Ynd>zL
zxvQ=;g>3lAiDO{LXp3>2Qe}gjdqf@(VYkg|W5Wt4ik4a{%Y54}6>>Z5JX6xHTZR}h
z=9)~*Wl6|Blv;Z~o&W|f<RU+AOXiGTT{F1Yla`-3>Tu8!E=NXUf7#pHi-`@}n{+<Q
z1tMyik|g0tKyG2WNRZ%w8vx9Agv&}pt!T<HpaagYkfnVz1xnkr_|;FgMk^mHMT=lx
zqxK!XCA+wfjPnZT{Q{2n?k2Jg;8vukJ+w1bY(lV%D3eayc9AaF1Eb59c&Y6L>7mlN
zxOCI9k`z^*bJ}^bMV5=9@GK;~(NI@FRAb8KhZVnUwyXTGJ&$N(yYPN+;Bc}plP#mm
zI-(CfvX25QwCUCQj6r>NS*<Dvk3z$~I|b0AL4G<`A!=bXzvN}aF%m>3RyWxjr($Db
zsV|Wl;kco9)3uPhj+}eMTsSUzilPJ&ojgKSffX&DA*`TExSkk)yEt4R3CBF#D6yVb
zOwm{vtD`9OBx>!iJt7j+)sad@V;cKfEb-Ag?UK|7)(6{#PB+&eF&a}VQFa2#D?7Vf
znY%3M+HIV#&7?z?+hZJYM4szNWCm$zM!H<)_F{37m^J`d4e4`Vv?`K-U0PaPOO`k;
z;n?h*h-Ijyzh-aSD%yFOl6K{z!0uOzUNZNmO}waUbuguz07RqMhY^q0&Cy-v-0pZ#
zRaAlZ0n}P@4c(v<RL$eaiY#l(1&y8g0428Mme-?pe~KaYyuOeGK)cR4B-xuR=jB9S
zhakXrhDxg4v`WJKD4~OeH+Ex*G=owoGR6maH_?YByk1njD<gYmyjV3*2pPSAMwNxF
zxRehh+c*Axx21GiVuCa2!)wx1Ey*!=t{V<p6JwdwcK6q{!rvPTpGsKuRspceTI?26
z>Y7cnejFjl?k7=D^+8g-`y1@JYABqu)4SBsi!33l8g?^6AjN2bic@)F&KDR5A|0KC
zaltPxDW6}h;7q&whQzPS08(KpulhwbaePb$u73=x%Cct<4W`s?bR~)x(M?)cg{A<K
z4^LGxI8$X7(tfomt!vqkL&LCUF%67KHr|TLb*Q<Z`o7@vlw~n&sEHGopJeuQU7c;_
zA_LVLU(0NCmgxh<)bLuLI~rp_o5yRjp%z%{NFlwfbj#`aXwfu^zttG^JZ2dqk*;3N
zjS(dra9}_3>wQ6m_!_=<TT6X(u?4ahg~k)J&Nk4}J_)HS9w%@3|MNQH6MSU2um7^r
zbFyducl!qX`2PFe{T~EIQy4|j^!@uUMI)cS|9%X3+x~A}*F4`<@&PCN+xABh0wMlk
zf8??MgS>zL|Fr)9{o%_mU^gk?CI)~nL9VREI*H;I#1ISvpY8|z&tUF&d6mp~LtCAn
zwuu)MP4Fc9LD42*64d_=DzXUxM_xDNo%-zy<e7SLA5IVaqz=3mY+AqUTF@zcFsSRY
zZosw#y|QS^EC8Jbti9)l4}yLfG+<G-U{*#m`Pjxu5dpz1@IdrC*bjR6%~RNS|Aqp<
zOcn(-_|&xE%O8+0zx*2h5q!ZuUOs}`r08zo8=nU6dz+fJb}F!c`C3xY9beCF7B^34
zVL`afEBJXPn-x;_S>?3xw=e$$hRG~CoX_)dz^B}~`9amj;H;r`tOC#npYDX<AHRm5
zzy9NVQFk-{r}8yA1fL2g55TXVohqFNeV!feIhw$y$Gm2)59|*=g8%Ui_@57f!6y{_
z>aIa4$SSa&^;YKhIfP{m4wdtL(^XZLcuw(3r%e-s_gz~-4b<M#>-}5voxrb)2z&(d
zJlJf$pzSJ94ceisQ!pvopq^JtK?5Wq_&4w=1Yf-T;q|0{gn!QGdDeUQ0{r_oU>gSo
z@cAz){xo~T%=XSCEW25-FJ1tj&vOPH-+xDL;Pa%I1<SHoofLw+pEG<<R6oc35+M*|
zP4Is4?k@I|h+zWUHSh)amPiEgGm-wGtJjhguax)};*Dm$yt4pb@2GoA$>7Z5&bFxn
z?;bV&-TQt*&mJ~Aby+;zbT(O8JJGMrLoMGP_VM5=Ed>6bLAOgXe-4^okl^|GdA7&h
zhvq<<?}IP@lr<pSj1BB%PSe~c^%d~BUjm<h?m0~`vz!V4@Q1%4Pm8~Q{p0+^jF?6G
z>VCMBwBTR<^2F~1@VoDRO)IZRoo<fzm-Aq+E|bTMU%rwexCeV#xsI0tuh8>|uTH-C
z=D*sxvfj3hAlz5+S8SBPIa(<aB})kbKRAif2038lcqq`qSdlA<4Mj3MqzLGb?>D==
zMfzwJp@6x7V0jPDaAx+KZ<e&_r-)VumuRg_zh2tb;cg;MZiySl9s84=oUmgk7>DzN
zn*(7V*`^v}XxOg-;mvT+AM5==Uw^8P^U)=b#Fp=}(P2T+ea)0&xSZ!~)E1Rf2=f$X
zA;~=JPo{lc*Xh$dJfKglQAEg13S3vn%`D87$GTra+6D{Hal9>kbN6u1=xU^CljV}@
zRGwvZ(_5maC8Va7eqp`Wl@V<j2%q)7u`Y#GBXm&c+&<U}P+!Rj3h@i$iAX!o26;M&
z#M%ei1Up7mUt;q|#C9kN+wLzwE#?Cra0Tlzt=kF~106!-B*2Xet5^)6;`x#7x!l<?
zKkzoTh2F1XCsRG&c(%os!W99hNsK2-LcUC3d?Q$7!(wT+@O*F#<Y3cRMoAt~S(kMG
z_OiCK?}58yE2s~gmd5uw)J&~r163}mb<Sggb?gqQ_<MknXAwm~sC6zxu(qSw+K+Y@
ziGf14qdliaKEjCa$cC!(1$SY9BE@(*mtC6LI`>&JgCJci@1gxQQ0?|SN6SSej?3LI
zoy7ye*4_pK(E8)~dnp;NrsTF`ThDzMvAK{5N?5qe)+UO^eB3X0VJDXO#{otlj9jrr
zQbUAqZRAz5B&|*YK_Hyo&VK)O_Tlo==kpIQXJ=h$ddm*^+!6E?5;M<WyRNq0l>DO}
zRX(99PfEt=)4jcM|033z1|&1V@x8UW!AEc)f_E)hZgwY+i2yV*lJ369RF^#Kn=4^{
zl?+W#K#;W5I=0k@b_q;jWVg@AI#MYJmuv*AXpwNuR6v1l4l8`}VMQx2PbK<qmf}u7
z)vpt*8x4rjiW@)^nkW?PQ_`P6gYH3*3&p-V=4$O(j7U_2OnS4VNruAh%w}Z)fcGmH
zo?4n>647F5-bDcKBbe1CZnEn;zd_Zv@L(~v>Ryq#Zff#0T~iq=Pfia?7Vl=76hNxP
z<q5@dB7Z^drBFkxAijM_>Y0w<ZtT-AeMOCh`YDZRSi=Xw0;dcW;EE`MslsNIDP6OZ
zSBdq8e@PQ@!CveuBUkoo38EWpo-V24^uA$aO<@Tq%Mw{fwa7r!_k!BIs%1N(jx(iW
zStieV5ZEzrw&!@<f<DVjWCRf;#HKI_IdCraCz!C1MSF*|O=@06)brK#$1$1&hrKc_
zc6k&D7umKSt_lTOp}v})o?f*?dcD+#)%%@nzy4+?O?$Xzd1wZ<4^F{j7f>nl3p8cK
z`<H<%#Rx6g#hX{`j|cbER&R*5SHMwrkLJi^rqJf+@6GWm3+=|yJAJZU3D+MY<7R*V
zGuEf0>3A~0yrDjtPTKR|W3(&a>R>YD`(Kmh_diF&QNjNs`TqB5d;WWr_FoTu?^C%(
zb%ZAmp}ZhsUp~F)%_xfKXkp2%C4L~p1XX?Vc#D|Jg-xeWwyd)iQ4d)Xd^B)LM-XR%
z8<Vl2FAVX_7(O?ikC`M@a%?d%CR4){#(ZR$14HmT4deg1)o_}F%eWQ(>*ybjhNr_8
z|BunG;j{;laV`Gq)7<|<_5T03egFR`?SFv(xP%jWED+yfJ3xVIMczgP4&R+wTT^Ft
zn2U%}5Sxo-Kl&cgkz-O+;x|pBxmpsscbn4Rs>#Fo*mcB4IN=X^1LS7!e-!`!gFb5U
z|2VDe|Ku#<z;SSU|Br|+wEjOrtM|V=f;yNC#s8)^_rE?Ej7L8)T^@(ot{s7u99E^g
Z-Esf7t!-^<Tifnt`v(fP`}Y7)000(d9vA=s

diff --git a/overlay/etc/local.d/headless.start b/overlay/etc/local.d/headless.start
index ba671c6..8eec0c6 100755
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@@ -3,7 +3,7 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 
-VERSION="0.6"
+VERSION="0.7"
 
 # Redirect stdout and errors to console as rc.local does not log anything
 exec 1>/dev/console 2>&1