feat!: make declarative version
This commit is contained in:
parent
cf3c5ef1f5
commit
f4d95c595e
13 changed files with 493 additions and 95 deletions
98
scripts/configure-pios-sd.sh
Executable file
98
scripts/configure-pios-sd.sh
Executable file
|
|
@ -0,0 +1,98 @@
|
|||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
BOOTFS=${1:-/run/media/jet/bootfs}
|
||||
ROOTFS=${2:-/run/media/jet/rootfs}
|
||||
HOSTNAME=noisebridge-pi
|
||||
WIFI_SSID=Noisebridge
|
||||
WIFI_PASSWORD=noisebridge
|
||||
PI_USERNAME=pi
|
||||
PI_PASSWORD=noisebridge
|
||||
SSH_KEY='ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu'
|
||||
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "Run with sudo: sudo $0 [bootfs] [rootfs]" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ ! -d "$BOOTFS" || ! -d "$ROOTFS" ]]; then
|
||||
echo "Expected mounted boot and root partitions." >&2
|
||||
echo "Boot: $BOOTFS" >&2
|
||||
echo "Root: $ROOTFS" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PASSWORD_HASH=$(mkpasswd -m sha-512 "$PI_PASSWORD")
|
||||
|
||||
cat > "$BOOTFS/network-config" <<EOF
|
||||
network:
|
||||
version: 2
|
||||
|
||||
wifis:
|
||||
wlan0:
|
||||
dhcp4: true
|
||||
optional: true
|
||||
access-points:
|
||||
${WIFI_SSID}:
|
||||
password: "${WIFI_PASSWORD}"
|
||||
regulatory-domain: US
|
||||
EOF
|
||||
|
||||
cat > "$BOOTFS/user-data" <<EOF
|
||||
#cloud-config
|
||||
hostname: ${HOSTNAME}
|
||||
manage_etc_hosts: true
|
||||
ssh_pwauth: false
|
||||
package_update: false
|
||||
packages:
|
||||
- avahi-daemon
|
||||
users:
|
||||
- name: pi
|
||||
ssh_authorized_keys:
|
||||
- ${SSH_KEY}
|
||||
runcmd:
|
||||
- [ systemctl, enable, --now, avahi-daemon ]
|
||||
EOF
|
||||
|
||||
cat > "$BOOTFS/meta-data" <<EOF
|
||||
dsmode: local
|
||||
instance_id: ${HOSTNAME}-bootstrap-1
|
||||
EOF
|
||||
|
||||
grep -q '^enable_uart=1$' "$BOOTFS/config.txt" || printf '\nenable_uart=1\n' >> "$BOOTFS/config.txt"
|
||||
: > "$BOOTFS/ssh"
|
||||
cat > "$BOOTFS/userconf.txt" <<EOF
|
||||
${PI_USERNAME}:${PASSWORD_HASH}
|
||||
EOF
|
||||
|
||||
cat > "$ROOTFS/etc/hostname" <<EOF
|
||||
${HOSTNAME}
|
||||
EOF
|
||||
|
||||
cat > "$ROOTFS/etc/hosts" <<EOF
|
||||
127.0.0.1 localhost
|
||||
::1 localhost ip6-localhost ip6-loopback
|
||||
ff02::1 ip6-allnodes
|
||||
ff02::2 ip6-allrouters
|
||||
|
||||
127.0.1.1 ${HOSTNAME}
|
||||
EOF
|
||||
|
||||
mkdir -p "$ROOTFS/home/pi/.ssh"
|
||||
cat > "$ROOTFS/home/pi/.ssh/authorized_keys" <<EOF
|
||||
${SSH_KEY}
|
||||
EOF
|
||||
chown -R 1000:1000 "$ROOTFS/home/pi/.ssh"
|
||||
chmod 700 "$ROOTFS/home/pi/.ssh"
|
||||
chmod 600 "$ROOTFS/home/pi/.ssh/authorized_keys"
|
||||
|
||||
sync
|
||||
|
||||
echo "Configured Raspberry Pi OS SD card."
|
||||
echo "- Hostname: ${HOSTNAME}"
|
||||
echo "- Wi-Fi: ${WIFI_SSID}"
|
||||
echo "- SSH enabled on first boot"
|
||||
echo "- Serial UART enabled"
|
||||
echo "- Username: ${PI_USERNAME}"
|
||||
echo "- Password: ${PI_PASSWORD}"
|
||||
echo "- Pi user authorized key installed"
|
||||
Loading…
Add table
Add a link
Reference in a new issue