Compare commits
1 Commits
8712662912
...
24588e753f
Author | SHA1 | Date |
---|---|---|
xgpt | 24588e753f |
|
@ -22,8 +22,7 @@ From there, actual system install can be performed as usual with `setup-alpine`
|
||||||
Extra files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (check sample files):
|
Extra files may be added next to `headless.apkovl.tar.gz` to customise boostrapping configuration (check sample files):
|
||||||
- `wpa_supplicant.conf`[^3] (*mandatory for wifi usecase*): define wifi SSID & password.
|
- `wpa_supplicant.conf`[^3] (*mandatory for wifi usecase*): define wifi SSID & password.
|
||||||
- `interfaces`[^3] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
|
- `interfaces`[^3] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable.
|
||||||
- `authorized_keys` (*optional*): provide client's public SSH key to secure `root` ssh login.
|
- `ssh_host_*_key*` (*optional*): provide custom ssh keys to be injected (may be stored), instead of using bundled ones[^2] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start).
|
||||||
- `ssh_host_*_key*` (*optional*): provide server's custom ssh keys to be injected (may be stored), instead of using bundled ones[^2] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start).
|
|
||||||
- `unattended.sh`[^3] (*optional*): create custom automated deployment script to further tune & extend actual setup (backgrounded).
|
- `unattended.sh`[^3] (*optional*): create custom automated deployment script to further tune & extend actual setup (backgrounded).
|
||||||
|
|
||||||
|
|
||||||
|
|
Binary file not shown.
|
@ -3,7 +3,7 @@
|
||||||
# Copyright 2022 - 2023, macmpi
|
# Copyright 2022 - 2023, macmpi
|
||||||
# SPDX-License-Identifier: MIT
|
# SPDX-License-Identifier: MIT
|
||||||
|
|
||||||
VERSION="0.9"
|
VERSION="0.8"
|
||||||
|
|
||||||
|
|
||||||
_apk() {
|
_apk() {
|
||||||
|
@ -47,31 +47,29 @@ exec 1>/dev/console 2>&1
|
||||||
|
|
||||||
logger -st ${0##*/} "Alpine Linux headless bootstrap v$VERSION by macmpi"
|
logger -st ${0##*/} "Alpine Linux headless bootstrap v$VERSION by macmpi"
|
||||||
|
|
||||||
install -dm 0700 /tmp/.trash
|
mkdir /tmp/.trash
|
||||||
|
|
||||||
# grab used ovl filename from dmesg
|
# grab used ovl filename from dmesg
|
||||||
ovl="$( dmesg | grep -o 'Loading user settings from .*:' | awk '{print $5}' | sed 's/:.*$//' )"
|
ovl="$( dmesg | grep -o 'Loading user settings from .*:' | awk '{print $5}' | sed 's/:.*$//' )"
|
||||||
ovl="$( basename "${ovl}" )"
|
ovlpath="$( dirname "$ovl" )"
|
||||||
# search path again as mountpoint may have been changed later in the boot process...
|
|
||||||
ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name "${ovl}" -exec dirname {} \; | head -1 )
|
|
||||||
|
|
||||||
# Help randomness for wpa_supplicant and ssh server
|
# Help randomness for wpa_supplicant and ssh server
|
||||||
rc-service seedrng start
|
rc-service seedrng start
|
||||||
|
|
||||||
## Setup Network interfaces
|
## Setup Network interfaces
|
||||||
if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then
|
if [ -f "${ovlpath}/wpa_supplicant.conf" ]; then
|
||||||
logger -st ${0##*/} "Configuring wifi..."
|
logger -st ${0##*/} "Wifi setup found !"
|
||||||
_apk add wpa_supplicant
|
_apk add wpa_supplicant
|
||||||
_preserve "/etc/wpa_supplicant/wpa_supplicant.conf"
|
_preserve "/etc/wpa_supplicant/wpa_supplicant.conf"
|
||||||
install -m600 "${ovlpath}/wpa_supplicant.conf" /etc/wpa_supplicant/wpa_supplicant.conf
|
install -m600 "${ovlpath}/wpa_supplicant.conf" /etc/wpa_supplicant/wpa_supplicant.conf
|
||||||
else
|
else
|
||||||
logger -st ${0##*/} "No wifi setup supplied !"
|
logger -st ${0##*/} "Wifi setup not found !"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_preserve "/etc/network/interfaces"
|
_preserve "/etc/network/interfaces"
|
||||||
if ! install -m644 "${ovlpath}/interfaces" /etc/network/interfaces; then
|
if ! install -m644 "${ovlpath}/interfaces" /etc/network/interfaces; then
|
||||||
# set default interfaces if not specified by interface file on boot storage
|
# set default interfaces if not specified by interface file on boot storage
|
||||||
logger -st ${0##*/} "No interfaces file supplied, building defaults..."
|
logger -st ${0##*/} "No interfaces file supplied, building default interfaces..."
|
||||||
for dev in $(ls /sys/class/net)
|
for dev in $(ls /sys/class/net)
|
||||||
do
|
do
|
||||||
case ${dev%%[0-9]*} in
|
case ${dev%%[0-9]*} in
|
||||||
|
@ -134,26 +132,12 @@ _apk add openssh
|
||||||
_preserve "/etc/ssh/sshd_config"
|
_preserve "/etc/ssh/sshd_config"
|
||||||
_preserve "/etc/conf.d/sshd"
|
_preserve "/etc/conf.d/sshd"
|
||||||
|
|
||||||
cat <<-EOF > /etc/ssh/sshd_config
|
cat <<-EOF >> /etc/ssh/sshd_config
|
||||||
|
AuthenticationMethods none
|
||||||
|
PermitEmptyPasswords yes
|
||||||
PermitRootLogin yes
|
PermitRootLogin yes
|
||||||
Banner /tmp/.trash/banner
|
Banner /tmp/.trash/banner
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
if install -m600 "${ovlpath}/authorized_keys" /tmp/.trash/authorized_keys; then
|
|
||||||
logger -st ${0##*/} "Enabling public key SSH authentication..."
|
|
||||||
cat <<-EOF >> /etc/ssh/sshd_config
|
|
||||||
AuthenticationMethods publickey
|
|
||||||
AuthorizedKeysFile /tmp/.trash/authorized_keys
|
|
||||||
# relax strict mode as authorized_keys are inside /tmp
|
|
||||||
StrictModes no
|
|
||||||
EOF
|
|
||||||
else
|
|
||||||
logger -st ${0##*/} "No SSH authentication."
|
|
||||||
cat <<-EOF >> /etc/ssh/sshd_config
|
|
||||||
AuthenticationMethods none
|
|
||||||
PermitEmptyPasswords yes
|
|
||||||
EOF
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Banner file
|
# Banner file
|
||||||
warn=""
|
warn=""
|
||||||
|
@ -165,7 +149,7 @@ cat <<-EOF > /tmp/.trash/banner
|
||||||
Alpine Linux headless bootstrap v$VERSION by macmpi
|
Alpine Linux headless bootstrap v$VERSION by macmpi
|
||||||
|
|
||||||
You may want to delete/rename .apkovl file before reboot ${warn}:
|
You may want to delete/rename .apkovl file before reboot ${warn}:
|
||||||
${ovlpath}/${ovl}
|
$ovl
|
||||||
(can be done automatically with unattended script - see sample snippet)
|
(can be done automatically with unattended script - see sample snippet)
|
||||||
|
|
||||||
|
|
||||||
|
@ -205,16 +189,6 @@ sed -n '/^#* End .*alter!)$/q;p' /etc/local.d/headless.start > /tmp/.trash/post-
|
||||||
|
|
||||||
cat <<-EOF >> /tmp/.trash/post-cleanup
|
cat <<-EOF >> /tmp/.trash/post-cleanup
|
||||||
|
|
||||||
_tst_inet() {
|
|
||||||
## Tested URL redirects to github project page: is.gd shortener provides basic analytics.
|
|
||||||
## Analytics are public and can be checked at https://is.gd/stats.php?url=apkovl_run
|
|
||||||
## Privacy policy: https://is.gd/privacy.php
|
|
||||||
INET="failed"
|
|
||||||
wget -q -T 10 --spider https://is.gd/apkovl_run > /dev/null 2>&1 &&
|
|
||||||
INET="success"
|
|
||||||
logger -st ${0##*/} "Internet access: \$INET"
|
|
||||||
}
|
|
||||||
|
|
||||||
logger -st ${0##*/} "Cleaning-up..."
|
logger -st ${0##*/} "Cleaning-up..."
|
||||||
_restore "/etc/ssh/sshd_config"
|
_restore "/etc/ssh/sshd_config"
|
||||||
_restore "/etc/conf.d/sshd"
|
_restore "/etc/conf.d/sshd"
|
||||||
|
@ -228,11 +202,6 @@ cat <<-EOF >> /tmp/.trash/post-cleanup
|
||||||
rc-update del local default
|
rc-update del local default
|
||||||
rm /etc/local.d/headless.start
|
rm /etc/local.d/headless.start
|
||||||
|
|
||||||
# Internet connectivity test
|
|
||||||
# Can be skipped by creating a 'opt-out'-named dummy file aside apkovl file
|
|
||||||
[ -f "${ovlpath}/opt-out" ] || _tst_inet &
|
|
||||||
|
|
||||||
# Run unattended script if available
|
|
||||||
if [ -f "${ovlpath}/unattended.sh" ]; then
|
if [ -f "${ovlpath}/unattended.sh" ]; then
|
||||||
install -m755 "${ovlpath}/unattended.sh" /tmp/unattended.sh
|
install -m755 "${ovlpath}/unattended.sh" /tmp/unattended.sh
|
||||||
/tmp/unattended.sh >/dev/console 2>&1 &
|
/tmp/unattended.sh >/dev/console 2>&1 &
|
||||||
|
|
|
@ -14,16 +14,13 @@ sleep 60
|
||||||
|
|
||||||
|
|
||||||
## This snippet removes apkovl file on volume after initial boot
|
## This snippet removes apkovl file on volume after initial boot
|
||||||
# grab used ovl filename from dmesg
|
|
||||||
ovl="$( dmesg | grep -o 'Loading user settings from .*:' | awk '{print $5}' | sed 's/:.*$//' )"
|
ovl="$( dmesg | grep -o 'Loading user settings from .*:' | awk '{print $5}' | sed 's/:.*$//' )"
|
||||||
ovl="$( basename "${ovl}" )"
|
ovlpath="$( dirname "$ovl" )"
|
||||||
# search path again as mountpoint may have been changed later in the boot process...
|
|
||||||
ovlpath=$( find /media -maxdepth 2 -type d -path '*/.*' -prune -o -type f -name "${ovl}" -exec dirname {} \; | head -1 )
|
|
||||||
|
|
||||||
# also works in case volume is mounted read-only
|
# also works in case volume is mounted read-only
|
||||||
grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; RO=$?
|
grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; RO=$?
|
||||||
[ "$RO" -eq "0" ] && mount -o remount,rw "${ovlpath}"
|
[ "$RO" -eq "0" ] && mount -o remount,rw "${ovlpath}"
|
||||||
rm -f "${ovlpath}/${ovl}"
|
rm -f "${ovl}"
|
||||||
[ "$RO" -eq "0" ] && mount -o remount,ro "${ovlpath}"
|
[ "$RO" -eq "0" ] && mount -o remount,ro "${ovlpath}"
|
||||||
|
|
||||||
########################################################
|
########################################################
|
||||||
|
|
Loading…
Reference in New Issue