9 changed files with 16 additions and 48 deletions
--- a/LICENSE.spdx
+++ b/LICENSE.spdx
@ -1,7 +0,0 @@
 SPDXVersion: SPDX-2.1
 DataLicense: CC0-1.0
 PackageName: alpine-linux-headless-bootstrap
 PackageOriginator: macmpi
 PackageHomePage: https://github.com/macmpi/alpine-linux-headless-bootstrap
 PackageLicenseDeclared: MIT
--- a/headless.apkovl.tar.gz
+++ b/headless.apkovl.tar.gz
--- a/make.sh
+++ b/make.sh
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 #!/bin/sh
 chmod 600 overlay/etc/ssh/ssh_host_*_key
--- a/overlay/etc/local.d/headless.start
+++ b/overlay/etc/local.d/headless.start
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 #!/bin/sh
 VERSION="0.6"
@ -13,8 +10,6 @@ logger -st ${0##*/} "Alpine Linux headless bootstrap v$VERSION by macmpi"
 mkdir /tmp/.trash
 ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name *.apkovl.tar.gz -exec dirname {} \; | head -1 )
 # Help randomess for wpa_supplicant and ssh server
 rc-service seedrng start
 ## Setup Network interfaces
 if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then
@ -84,19 +79,6 @@ rc-service networking start
 ## Setup temporary SSH server (root login, no password)
 ## we use some bundled or optionaly provided keys to avoid generation at boot and save time
 apk add openssh
 cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
 cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
 cat <<-EOF >> /etc/ssh/sshd_config
 	AuthenticationMethods none
 	PermitEmptyPasswords yes
 	PermitRootLogin yes
 	Banner /tmp/.trash/banner
 	EOF
 cat <<-EOF >> /etc/conf.d/sshd
 	sshd_disable_keygen=yes
 	EOF
 # banner file
 cat <<-EOF > /tmp/.trash/banner
@ -108,15 +90,26 @@ cat <<-EOF > /tmp/.trash/banner
 # bundled temporary keys are moved in RAM /tmp so they won't be stored
 # within permanent config later (new ones will then be generated)
 mv /etc/ssh/ssh_host_*_key* /tmp/.trash/.
 cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
 cat <<-EOF >> /etc/ssh/sshd_config
 	AuthenticationMethods none
 	PermitEmptyPasswords yes
 	PermitRootLogin yes
 	Banner /tmp/.trash/banner
 	EOF
 # inject optional custom keys (those might be stored)
 if ! install -m600 "${ovlpath}"/ssh_host_*_key* /etc/ssh/; then
-	logger -st ${0##*/} "Using bundled ssh keys from RAM..."
+	echo "HostKey /tmp/.trash/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
-	cat <<-EOF >> /etc/ssh/sshd_config
+	echo "HostKey /tmp/.trash/ssh_host_rsa_key" >> /etc/ssh/sshd_config
 		HostKey /tmp/.trash/ssh_host_ed25519_key
 		HostKey /tmp/.trash/ssh_host_rsa_key
 		EOF
 fi
 cp /etc/conf.d/sshd /etc/conf.d/sshd.orig
 cat <<-EOF >> /etc/conf.d/sshd
 	sshd_disable_keygen=yes
 	EOF
 rc-service sshd start
 ## Prep for final post-cleanup
--- a/overlay/etc/modprobe.d/g_ether.conf
+++ b/overlay/etc/modprobe.d/g_ether.conf
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 # added to support USB-Ethernet gadget mode at boot for Pi devices
 options g_ether dev_addr=ea:64:2f:e8:19:94 host_addr=f6:67:ce:b3:c0:ea
--- a/overlay/etc/modules-load.d/g_ether.conf
+++ b/overlay/etc/modules-load.d/g_ether.conf
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 # added to support USB-Ethernet gadget mode at boot for Pi devices
 # also requires dtoverlay=dwc2 is added to usercfg.txt or config.txt
--- a/3
+++ b/3
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 # Sample network interfaces file
 auto lo
--- a/sample_unattended.sh
+++ b/sample_unattended.sh
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 #/bin/sh
 ## collection of few code snippets as sample unnatteded actions some may find usefull
--- a/sample_wpa_supplicant.conf
+++ b/sample_wpa_supplicant.conf
@ -1,6 +1,3 @@
 # Copyright 2022 - 2023, macmpi
 # SPDX-License-Identifier: MIT
 # Sample wpa_supplicant.conf
 country=FR