forked from Debian/raspi3-image-spec
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathraspi3.yaml
148 lines (121 loc) · 4.83 KB
/
raspi3.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# See https://wiki.debian.org/RaspberryPi3 for known issues and more details.
steps:
- mkimg: "{{ output }}"
size: 1500M
- mklabel: msdos
device: "{{ output }}"
- mkpart: primary
fs-type: 'fat32'
device: "{{ output }}"
start: 0%
end: 20%
part-tag: boot-part
- mkpart: primary
device: "{{ output }}"
start: 20%
end: 100%
part-tag: root-part
- mkfs: vfat
partition: boot-part
label: boot
- mkfs: ext4
partition: root-part
label: root
- mount: root-part
fs-tag: root-fs
- mount: boot-part
mount-on: root-fs
dirname: '/boot/firmware'
fs-tag: boot-fs
# We need to use Debian buster (currently testing) instead of Debian stretch
# (currently stable) for:
#
# linux ≥ 4.14
# Which includes the sdhost driver for faster SD card access and making the
# WiFi chip available, and has the WiFi driver enabled.
#
# raspi3-firmware ≥ 1.20171201-1
# Which includes a recent enough firmware version to correctly pass the MAC
# address to the kernel. This is a regression with Linux ≥ 4.12, see
# https://github.com/raspberrypi/firmware/issues/846
# Also, this package contains a Raspberry Pi 3-specific firmware file
# required by the WiFi driver.
- qemu-debootstrap: buster
mirror: http://deb.debian.org/debian
target: root-fs
arch: arm64
components:
- main
- contrib
- non-free
# TODO(https://bugs.debian.org/877855): remove this workaround once
# debootstrap is fixed
- chroot: root-fs
shell: |
echo 'deb http://deb.debian.org/debian buster main contrib non-free' > /etc/apt/sources.list
apt-get update
- apt: install
packages:
- ssh
- parted
- dosfstools
- raspi3-firmware
# Contains /lib/firmware/brcm/brcmfmac43430-sdio.bin (required for WiFi).
- firmware-brcm80211
- wireless-tools
- wpasupplicant
- nftables
fs-tag: root-fs
# TODO: install linux-image-arm64 from buster once it migrated in a
# sufficiently recent version.
- chroot: root-fs
shell: |
echo 'deb http://deb.debian.org/debian experimental main contrib non-free' >> /etc/apt/sources.list
echo 'APT::Default-Release "buster";' > /etc/apt/apt.conf.d/08default-release
apt-get update
apt-get -y --no-show-progress -t experimental install linux-image-4.18.0-rc5-arm64-unsigned
- shell: |
echo "rpi3" > "${ROOT?}/etc/hostname"
# '..VyaTFxP8kT6' is crypt.crypt('raspberry', '..')
sed -i 's,root:[^:]*,root:..VyaTFxP8kT6,' "${ROOT?}/etc/shadow"
sed -i 's,#PermitRootLogin prohibit-password,PermitRootLogin yes,g' "${ROOT?}/etc/ssh/sshd_config"
install -m 644 -o root -g root fstab "${ROOT?}/etc/fstab"
install -m 644 -o root -g root eth0 "${ROOT?}/etc/network/interfaces.d/eth0"
install -m 644 -o root -g root -b nftables.conf "${ROOT?}/etc/nftables.conf"
install -m 755 -o root -g root rpi3-resizerootfs "${ROOT?}/usr/sbin/rpi3-resizerootfs"
install -m 644 -o root -g root rpi3-resizerootfs.service "${ROOT?}/etc/systemd/system"
mkdir -p "${ROOT?}/etc/systemd/system/systemd-remount-fs.service.requires/"
ln -s /etc/systemd/system/rpi3-resizerootfs.service "${ROOT?}/etc/systemd/system/systemd-remount-fs.service.requires/rpi3-resizerootfs.service"
install -m 644 -o root -g root rpi3-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system"
mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/"
ln -s /etc/systemd/system/rpi3-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi3-generate-ssh-host-keys.service"
rm -f ${ROOT?}/etc/ssh/ssh_host_*_key*
cat >> "${ROOT?}/etc/motd" <<'EOT'
Please change the root password by running passwd
EOT
# Copy RPi 3B+ DTB from linux-4.16
install -m 644 -o root -g root bcm2837-rpi-3-b-plus.4.16.dtb "${ROOT?}/boot/firmware"
install -m 755 -o root -g root 60wifi-fix "${ROOT?}/etc/kernel/postinst.d"
# Copy patched raspi3-firmware
install -m 644 -o root -g root raspi3-firmware_1.20180619-1.1_arm64.deb "${ROOT?}/root"
root-fs: root-fs
# Install patched raspi3-firmware and old DTB
- chroot: root-fs
shell: |
dpkg -i /root/raspi3-firmware_1.20180619-1.1_arm64.deb
cp /boot/firmware/bcm2837-rpi-3-b-plus.4.16.dtb /boot/firmware/bcm2710-rpi-3-b-plus.dtb
# Enable nftables.service
- chroot: root-fs
shell: |
systemctl enable nftables
# Clean up archive cache (likely not useful) and lists (likely outdated) to
# reduce image size by several hundred megabytes.
- chroot: root-fs
shell: |
apt-get clean
rm -rf /var/lib/apt/lists
# TODO(https://github.com/larswirzenius/vmdb2/issues/24): remove once vmdb
# clears /etc/resolv.conf on its own.
- shell: |
rm "${ROOT?}/etc/resolv.conf"
root-fs: root-fs