forked from Debian/raspi3-image-spec
-
Notifications
You must be signed in to change notification settings - Fork 1
/
raspi3.yaml
139 lines (112 loc) · 4.18 KB
/
raspi3.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# See https://wiki.debian.org/RaspberryPi3 for known issues and more details.
steps:
- mkimg: "{{ output }}"
size: 1500M
- mklabel: msdos
device: "{{ output }}"
- mkpart: primary
fs-type: 'fat32'
device: "{{ output }}"
start: 0%
end: 20%
tag: /boot
- mkpart: primary
device: "{{ output }}"
start: 20%
end: 100%
tag: /
- kpartx: "{{ output }}"
- mkfs: vfat
partition: /boot
label: RASPIFIRM
- mkfs: ext4
partition: /
label: RASPIROOT
- mount: /
- mount: /boot
mount-on: /
dirname: '/boot/firmware'
- unpack-rootfs: /
# We need to use Debian buster (currently testing) instead of Debian stretch
# (currently stable) for:
#
# linux ≥ 4.14
# Which includes the sdhost driver for faster SD card access and making the
# WiFi chip available, and has the WiFi driver enabled.
#
# raspi3-firmware ≥ 1.20171201-1
# Which includes a recent enough firmware version to correctly pass the MAC
# address to the kernel. This is a regression with Linux ≥ 4.12, see
# https://github.com/raspberrypi/firmware/issues/846
# Also, this package contains a Raspberry Pi 3-specific firmware file
# required by the WiFi driver.
- qemu-debootstrap: buster
mirror: http://deb.debian.org/debian
target: /
arch: arm64
components:
- main
- contrib
- non-free
unless: rootfs_unpacked
# TODO(https://bugs.debian.org/877855): remove this workaround once
# debootstrap is fixed
- chroot: /
shell: |
echo 'deb http://deb.debian.org/debian buster main contrib non-free' > /etc/apt/sources.list
apt-get update
unless: rootfs_unpacked
- apt: install
packages:
- ssh
- parted
- dosfstools
# Contains /lib/firmware/brcm/brcmfmac43430-sdio.bin (required for WiFi).
- firmware-brcm80211
- wireless-tools
- wpasupplicant
- raspi3-firmware
- linux-image-arm64
tag: /
unless: rootfs_unpacked
- cache-rootfs: /
unless: rootfs_unpacked
- shell: |
echo "rpi3" > "${ROOT?}/etc/hostname"
# '..VyaTFxP8kT6' is crypt.crypt('raspberry', '..')
sed -i 's,root:[^:]*,root:..VyaTFxP8kT6,' "${ROOT?}/etc/shadow"
sed -i 's,#PermitRootLogin prohibit-password,PermitRootLogin yes,g' "${ROOT?}/etc/ssh/sshd_config"
install -m 644 -o root -g root fstab "${ROOT?}/etc/fstab"
install -m 644 -o root -g root eth0 "${ROOT?}/etc/network/interfaces.d/eth0"
mkdir -p "${ROOT?}/etc/iptables"
install -m 644 -o root -g root rules.v4 "${ROOT?}/etc/iptables/rules.v4"
install -m 644 -o root -g root rules.v6 "${ROOT?}/etc/iptables/rules.v6"
install -m 755 -o root -g root rpi3-resizerootfs "${ROOT?}/usr/sbin/rpi3-resizerootfs"
install -m 644 -o root -g root rpi3-resizerootfs.service "${ROOT?}/etc/systemd/system"
mkdir -p "${ROOT?}/etc/systemd/system/systemd-remount-fs.service.requires/"
ln -s /etc/systemd/system/rpi3-resizerootfs.service "${ROOT?}/etc/systemd/system/systemd-remount-fs.service.requires/rpi3-resizerootfs.service"
install -m 644 -o root -g root rpi3-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system"
mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/"
ln -s /etc/systemd/system/rpi3-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi3-generate-ssh-host-keys.service"
rm -f ${ROOT?}/etc/ssh/ssh_host_*_key*
cat >> "${ROOT?}/etc/motd" <<'EOT'
Please change the root password by running passwd
EOT
root-fs: /
# Clean up archive cache (likely not useful) and lists (likely outdated) to
# reduce image size by several hundred megabytes.
- chroot: /
shell: |
apt-get clean
rm -rf /var/lib/apt/lists
# Modify the kernel commandline we take from the firmware to boot from
# the partition labeled raspiroot instead of forcing it to mmcblk0p2
- chroot: /
shell: |
ls -aR /boot
sed -i 's/.dev.mmcblk0p2/LABEL=RASPIROOT/' /boot/firmware/cmdline.txt
# TODO(https://github.com/larswirzenius/vmdb2/issues/24): remove once vmdb
# clears /etc/resolv.conf on its own.
- shell: |
rm "${ROOT?}/etc/resolv.conf"
root-fs: /