diff options
author | Christian Pointner <equinox@spreadspace.org> | 2024-04-28 18:46:49 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2024-04-28 18:46:49 +0200 |
commit | 2ccdc4546d38ed0e9d6784668168c4d566311f6f (patch) | |
tree | f7893ea03c648e63a1ace6388b2ab0162b1861a6 /roles/installer/raspios/image/templates | |
parent | update prometheus exporter ssl and chrony (diff) |
move raspios and openwrt folders to installer/
Diffstat (limited to 'roles/installer/raspios/image/templates')
-rw-r--r-- | roles/installer/raspios/image/templates/firstrun.sh.j2 | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/roles/installer/raspios/image/templates/firstrun.sh.j2 b/roles/installer/raspios/image/templates/firstrun.sh.j2 new file mode 100644 index 00000000..bc35b764 --- /dev/null +++ b/roles/installer/raspios/image/templates/firstrun.sh.j2 @@ -0,0 +1,103 @@ +#!/bin/bash +set +e + +if [ -x /usr/lib/raspberrypi-sys-mods/get_fw_loc ]; then + FW_LOC=$(/usr/lib/raspberrypi-sys-mods/get_fw_loc) +else + FW_LOC=/boot +fi + +raspi-config nonint do_hostname "{{ host_name }}" +echo "{{ host_name }}" > /etc/hostname +raspi-config nonint do_change_locale "{{ raspios_locale }}" +raspi-config nonint do_change_timezone "{{ raspios_timezone }}" +raspi-config nonint do_configure_keyboard "{{ raspios_keyboard_layout }}" + +{# 0 -> predictable interface names, 1 -> legacy (eth0...) #} +raspi-config nonint do_net_names 1 + +{% if raspios_codename == 'bullseye' %} +{% if not (install_dhcp | default(false)) %} +cat <<EOF >> /etc/dhcpcd.conf + +# +interface {{ network.primary.name }} +static ip_address={{ network.primary.address }} +static routers={{ network.primary.gateway }} +static domain_name_servers={{ network.nameservers | join(' ') }} +EOF +systemctl restart dhcpcd.service +{% endif %} +systemctl disable hciuart.service +{% if 'wifi' in network.primary %} +raspi-config nonint do_wifi_ssid_passphrase "{{ network.primary.wifi.ssid }}" "{{ network.primary.wifi.key }}" +raspi-config nonint do_wifi_country "AT" +{% else %} +systemctl disable wpa_supplicant.service +{% endif %} +{% else %} +cat <<EOF >> /etc/network/interfaces + +# The loopback network interface +auto lo +iface lo inet loopback + +# The primary network interface +auto {{ network.primary.name }} +{% if (install_dhcp | default(false)) %} +iface {{ network.primary.name }} inet dhcp +{% else %} +iface {{ network.primary.name }} inet static + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + address {{ network.primary.address | ansible.utils.ipaddr('address') }} + netmask {{ network.primary.address | ansible.utils.ipaddr('netmask') }} + gateway {{ network.primary.gateway }} +{% endif %} +{% if 'wifi' in network.primary %} + wpa-ssid {{ network.primary.wifi.ssid }} + wpa-psk {{ network.primary.wifi.key }} +{% endif %} +EOF +{% if not (install_dhcp | default(false)) %} +cat <<EOF > /etc/resolv.conf +# Generated by ansible +search {{ network.domain }} +{% for nameserver in network.nameservers %} +nameserver {{ nameserver }} +{% endfor %} +EOF +{% endif %} +systemctl disable wpa_supplicant.service +rfkill unblock wlan +ifup {{ network.primary.name }} +{% endif %} + +{% if ansible_port != 22 %} +sed -e 's/^\s*#*\s*Port\s\s*[0-9][0-9]*$/Port {{ ansible_port }}/' -i /etc/ssh/sshd_config +{% endif %} +install -m 0700 -d /root/.ssh +install -m 0644 "$FW_LOC/firstrun.authorized_keys" /root/.ssh/authorized_keys +{# 0 -> enable ssh, 1 -> disable ssh #} +raspi-config nonint do_ssh 0 + +export DEBIAN_FRONTEND=noninteractive +export SUDO_FORCE_REMOVE=yes +apt-get purge -q -y userconf-pi avahi-daemon triggerhappy dpkg-dev patch gdb make strace ssh-import-id network-manager udisks2 p7zip p7zip-full sudo dphys-swapfile +apt-get autoremove -q -y +dpkg -l | grep "^rc" | awk "{ print(\$2) }" | xargs -r dpkg -P + +sed 's#systemd.run=/boot/firstrun.sh systemd.run_success_action=reboot systemd.run_failure_action=none systemd.unit=kernel-command-line.target##' -i /boot/cmdline.txt +sed 's#\s*$##' -i /boot/cmdline.txt +rm "$FW_LOC/firstrun.authorized_keys" +rm "$FW_LOC/firstrun.sh" +rm -f /etc/sudoers.d/010_pi-nopasswd +rm -f /etc/apt/sources.list.d/vscode.list +rm -f /etc/apt/trusted.gpg.d/microsoft.gpg + +apt-get update -q +apt-get dist-upgrade -y -q + +{# B1 -> Console, B2 -> console autologin, B3 -> desktop, B4 -> desktop autologin #} +raspi-config nonint do_boot_behaviour B1 +systemctl --quiet enable getty@tty1 |