Compare commits

..

No commits in common. "2c82439dd4812c358e80affa6379ef0465ac2188" and "c41be0072c0f4f6ab441ea6034145b04248a8751" have entirely different histories.

9 changed files with 16 additions and 48 deletions

View File

@ -1,7 +0,0 @@
SPDXVersion: SPDX-2.1
DataLicense: CC0-1.0
PackageName: alpine-linux-headless-bootstrap
PackageOriginator: macmpi
PackageHomePage: https://github.com/macmpi/alpine-linux-headless-bootstrap
PackageLicenseDeclared: MIT

Binary file not shown.

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
#!/bin/sh
chmod 600 overlay/etc/ssh/ssh_host_*_key

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
#!/bin/sh
VERSION="0.6"
@ -13,8 +10,6 @@ logger -st ${0##*/} "Alpine Linux headless bootstrap v$VERSION by macmpi"
mkdir /tmp/.trash
ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name *.apkovl.tar.gz -exec dirname {} \; | head -1 )
# Help randomess for wpa_supplicant and ssh server
rc-service seedrng start
## Setup Network interfaces
if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then
@ -84,19 +79,6 @@ rc-service networking start
## Setup temporary SSH server (root login, no password)
## we use some bundled or optionaly provided keys to avoid generation at boot and save time
apk add openssh
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
cat <<-EOF >> /etc/ssh/sshd_config
AuthenticationMethods none
PermitEmptyPasswords yes
PermitRootLogin yes
Banner /tmp/.trash/banner
EOF
cat <<-EOF >> /etc/conf.d/sshd
sshd_disable_keygen=yes
EOF
# banner file
cat <<-EOF > /tmp/.trash/banner
@ -108,15 +90,26 @@ cat <<-EOF > /tmp/.trash/banner
# bundled temporary keys are moved in RAM /tmp so they won't be stored
# within permanent config later (new ones will then be generated)
mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
cat <<-EOF >> /etc/ssh/sshd_config
AuthenticationMethods none
PermitEmptyPasswords yes
PermitRootLogin yes
Banner /tmp/.trash/banner
EOF
# inject optional custom keys (those might be stored)
if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
logger -st ${0##*/} "Using bundled ssh keys from RAM..."
cat <<-EOF >> /etc/ssh/sshd_config
HostKey /tmp/.trash/ssh_host_ed25519_key
HostKey /tmp/.trash/ssh_host_rsa_key
EOF
echo "HostKey /tmp/.trash/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
echo "HostKey /tmp/.trash/ssh_host_rsa_key" >> /etc/ssh/sshd_config
fi
cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
cat <<-EOF >> /etc/conf.d/sshd
sshd_disable_keygen=yes
EOF
rc-service sshd start
## Prep for final post-cleanup

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
# added to support USB-Ethernet gadget mode at boot for Pi devices
options g_ether dev_addr=ea:64:2f:e8:19:94 host_addr=f6:67:ce:b3:c0:ea

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
# added to support USB-Ethernet gadget mode at boot for Pi devices
# also requires dtoverlay=dwc2 is added to usercfg.txt or config.txt

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
# Sample network interfaces file
auto lo

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
#/bin/sh
## collection of few code snippets as sample unnatteded actions some may find usefull

View File

@ -1,6 +1,3 @@
# Copyright 2022 - 2023, macmpi
# SPDX-License-Identifier: MIT
# Sample wpa_supplicant.conf
country=FR