1094 lines
44 KiB
Bash
Executable File
1094 lines
44 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# .---. . .
|
|
# | | |
|
|
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
|
|
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
|
|
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
|
|
#
|
|
# Freedom in the Cloud
|
|
#
|
|
# Based on bin/freedombox-customize from freedom-maker
|
|
#
|
|
# License
|
|
# =======
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
set -e
|
|
set -x
|
|
|
|
PROJECT_NAME='freedombone'
|
|
INSTALL_DIR=/root/build
|
|
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
|
|
|
|
PROJECT_REPO="https://github.com/bashrc/${PROJECT_NAME}"
|
|
|
|
VARIANT='full'
|
|
|
|
# username created by default within a debian image
|
|
GENERIC_IMAGE_USERNAME='fbone'
|
|
|
|
export TEXTDOMAIN=${PROJECT_NAME}-image-customise
|
|
export TEXTDOMAINDIR="/usr/share/locale"
|
|
|
|
# Whether to minimise the number of decisions during interactive install
|
|
MINIMAL_INSTALL="yes"
|
|
|
|
MY_USERNAME='debian'
|
|
MY_PASSWORD="${PROJECT_NAME}"
|
|
|
|
# Minimum number of characters in a password
|
|
MINIMUM_PASSWORD_LENGTH=10
|
|
|
|
# IP address of the router (gateway)
|
|
ROUTER_IP_ADDRESS="192.168.1.254"
|
|
|
|
# The fixed IP address of the Beaglebone Black on your local network
|
|
BOX_IP_ADDRESS="192.168.1.55"
|
|
|
|
# DNS
|
|
NAMESERVER1='213.73.91.35'
|
|
NAMESERVER2='85.214.20.141'
|
|
|
|
# optional configuration file containing freedombone settings
|
|
CONFIG_FILENAME=
|
|
|
|
# Optional ssh public key to allow
|
|
SSH_PUBKEY="no"
|
|
|
|
# Whether this is a generic image for mass redistribution on the interwebs
|
|
GENERIC_IMAGE="no"
|
|
|
|
# default SSH port
|
|
SSH_PORT=2222
|
|
|
|
# for mesh installs
|
|
TRACKER_PORT=6969
|
|
|
|
# Whether sites are accessible only within a Tor browser
|
|
ONION_ONLY="no"
|
|
|
|
# Whether to only install debian and nothing else
|
|
DEBIAN_INSTALL_ONLY="no"
|
|
|
|
# wifi settings
|
|
WIFI_INTERFACE='wlan0'
|
|
WIFI_SSID=
|
|
WIFI_TYPE='wpa2-psk'
|
|
WIFI_PASSPHRASE=
|
|
WIFI_HOTSPOT='no'
|
|
WIFI_NETWORKS_FILE=~/${PROJECT_NAME}-wifi.cfg
|
|
|
|
# Whether to install non-free wifi drivers for the mesh client
|
|
INSECURE='no'
|
|
|
|
# optional desktop background image for mesh
|
|
MESH_DESKTOP_BACKGROUND_IMAGE=/usr/local/share/${PROJECT_NAME}_mesh_initial_background.png
|
|
|
|
# The browser application to use
|
|
BROWSER=midori
|
|
|
|
MESH_INSTALL_DIR=/var/lib
|
|
|
|
# for mesh installs whether to delete all data and generate
|
|
# a new identity at every shutdown/boot
|
|
AMNESIC='no'
|
|
|
|
# defines the initial keyboard layout
|
|
KEYBOARD_MAP='gb'
|
|
|
|
# Strings used for setting the username
|
|
MESH_TITLE=$"Freedombone Mesh"
|
|
MESH_SET_USERNAME=$"Welcome to the Freedombone mesh.\n\nThe first thing you will need to do is set a username so that other peers can find you."
|
|
|
|
# Whether to enable zeronet on the mesh
|
|
ENABLE_ZERONET=
|
|
|
|
MESH_TEXT_EDITOR='pluma'
|
|
|
|
PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin
|
|
|
|
function configure_backports {
|
|
echo "deb http://${DEBIAN_REPO}/debian/ ${DEBIAN_VERSION}-backports main" >> $rootdir/etc/apt/sources.list
|
|
}
|
|
|
|
function configure_contrib_repo {
|
|
if ! grep -q "contrib" $rootdir/etc/apt/sources.list; then
|
|
chroot "$rootdir" /bin/sed -i "s| main| main contrib|g" /etc/apt/sources.list
|
|
fi
|
|
}
|
|
|
|
enable_eatmydata_override() {
|
|
chroot $rootdir apt-get install -y eatmydata
|
|
if [ -x $rootdir/usr/bin/eatmydata ] && \
|
|
[ ! -f $rootdir/etc/apt/apt.conf.d/95debian-edu-install-dpkg-eatmydata ]; then
|
|
echo $"info: Adding apt config to call dpkg via eatmydata"
|
|
printf "#!/bin/sh\nexec eatmydata dpkg \"\$@\"\n" \
|
|
> $rootdir/var/tmp/dpkg-eatmydata
|
|
chmod 755 $rootdir/var/tmp/dpkg-eatmydata
|
|
cat > $rootdir/etc/apt/apt.conf.d/95debian-edu-install-dpkg-eatmydata <<EOF
|
|
Dir::Bin::dpkg "/var/tmp/dpkg-eatmydata";
|
|
EOF
|
|
else
|
|
echo $"error: unable to find /usr/bin/eatmydata after installing the eatmydata package"
|
|
fi
|
|
}
|
|
|
|
disable_eatmydata_override() {
|
|
for override in \
|
|
/etc/apt/apt.conf.d/95debian-edu-install-dpkg-eatmydata \
|
|
/var/tmp/dpkg-eatmydata ; do
|
|
echo $"info: Removing apt config to call dpkg via eatmydata"
|
|
if [ -f $rootdir$override ] ; then
|
|
rm -f $rootdir$override
|
|
else
|
|
echo $"warning: missing $rootdir$override"
|
|
fi
|
|
done
|
|
sync # Flush file buffers before continuing
|
|
}
|
|
|
|
set_apt_sources() {
|
|
NEW_MIRROR="$1"
|
|
COMPONENTS="main"
|
|
|
|
cat <<EOF > etc/apt/sources.list
|
|
deb $NEW_MIRROR $SUITE $COMPONENTS
|
|
deb-src $NEW_MIRROR $SUITE $COMPONENTS
|
|
|
|
#deb http://security.debian.org/ $SUITE/updates main
|
|
#deb-src http://security.debian.org/ $SUITE/updates main
|
|
EOF
|
|
}
|
|
|
|
configure_networking() {
|
|
if [[ $DEBIAN_INSTALL_ONLY != "no" ]]; then
|
|
return
|
|
fi
|
|
|
|
if [[ $GENERIC_IMAGE == "no" ]]; then
|
|
echo "# This file describes the network interfaces available on your system
|
|
# and how to activate them. For more information, see interfaces(5).
|
|
|
|
# The loopback network interface
|
|
auto lo
|
|
iface lo inet loopback
|
|
|
|
# The primary network interface
|
|
auto eth0
|
|
iface eth0 inet static
|
|
address $BOX_IP_ADDRESS
|
|
netmask 255.255.255.0
|
|
gateway $ROUTER_IP_ADDRESS
|
|
dns-nameservers $NAMESERVER1 $NAMESERVER2
|
|
# Example to keep MAC address between reboots
|
|
#hwaddress ether B5:A2:BE:3F:1A:FE
|
|
|
|
# The secondary network interface
|
|
#auto eth1
|
|
#iface eth1 inet dhcp
|
|
|
|
# WiFi Example
|
|
#auto wlan0
|
|
#iface wlan0 inet dhcp
|
|
# wpa-ssid \"essid\"
|
|
# wpa-psk \"password\"
|
|
|
|
# Ethernet/RNDIS gadget (g_ether)
|
|
# ... or on host side, usbnet and random hwaddr
|
|
# Note on some boards, usb0 is automaticly setup with an init script
|
|
#iface usb0 inet static
|
|
# address 192.168.7.2
|
|
# netmask 255.255.255.0
|
|
# network 192.168.7.0
|
|
# gateway 192.168.7.1" > $rootdir/etc/network/interfaces
|
|
|
|
hexarray=( 1 2 3 4 5 6 7 8 9 0 a b c d e f )
|
|
a=${hexarray[$RANDOM%16]}${hexarray[$RANDOM%16]}
|
|
b=${hexarray[$RANDOM%16]}${hexarray[$RANDOM%16]}
|
|
c=${hexarray[$RANDOM%16]}${hexarray[$RANDOM%16]}
|
|
d=${hexarray[$RANDOM%16]}${hexarray[$RANDOM%16]}
|
|
e=${hexarray[$RANDOM%16]}${hexarray[$RANDOM%16]}
|
|
sed -i "s|#hwaddress ether.*|hwaddress ether de:$a:$b:$c:$d:$e|g" \
|
|
$rootdir/etc/network/interfaces
|
|
fi
|
|
|
|
sed -i "s/nameserver.*/nameserver $NAMESERVER1/g" $rootdir/etc/resolv.conf
|
|
sed -i "/nameserver $NAMESERVER1/a\nameserver $NAMESERVER2" $rootdir/etc/resolv.conf
|
|
|
|
if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" ]]; then
|
|
# change the motd to show further install instructions
|
|
echo $"
|
|
.---. . .
|
|
| | |
|
|
|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
|
|
| | (.-' (.-' ( | ( )| | | | )( )| | (.-'
|
|
' ' --' --' -' - -' ' ' -' -' -' ' - --'
|
|
|
|
Initial base install
|
|
|
|
Your system is not yet installed. To complete the process run the
|
|
following commands, then enter your details.
|
|
|
|
sudo su
|
|
${PROJECT_NAME} menuconfig
|
|
|
|
" > $rootdir/etc/motd
|
|
else
|
|
echo $"
|
|
.---. . .
|
|
| | |
|
|
|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
|
|
| | (.-' (.-' ( | ( )| | | | )( )| | (.-'
|
|
' ' --' --' -' - -' ' ' -' -' -' ' - --'
|
|
|
|
Freedom in the Mesh
|
|
" > $rootdir/etc/motd
|
|
fi
|
|
}
|
|
|
|
configure_ssh() {
|
|
if [[ $VARIANT == "mesh" || $VARIANT == "meshclient" || $VARIANT == "meshusb" ]]; then
|
|
return
|
|
fi
|
|
|
|
sed -i "s/Port .*/Port ${SSH_PORT}/g" $rootdir/etc/ssh/sshd_config
|
|
|
|
if [[ "$SSH_PUBKEY" != "no" ]]; then
|
|
if [ ! -d $rootdir/home/$MY_USERNAME/.ssh ]; then
|
|
mkdir $rootdir/home/$MY_USERNAME/.ssh
|
|
fi
|
|
echo "$SSH_PUBKEY" > $rootdir/home/$MY_USERNAME/.ssh/authorized_keys
|
|
chroot $rootdir /bin/chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
|
|
sed -i 's|PasswordAuthentication.*|PasswordAuthentication no|g' $rootdir/etc/ssh/sshd_config
|
|
echo $"Using ssh public key:"
|
|
echo $SSH_PUBKEY
|
|
echo $'Password ssh authentication turned off'
|
|
fi
|
|
}
|
|
|
|
create_generic_image() {
|
|
if [[ $DEBIAN_INSTALL_ONLY != "no" ]]; then
|
|
return
|
|
fi
|
|
if [[ $GENERIC_IMAGE == "no" ]]; then
|
|
return
|
|
fi
|
|
if [ $CONFIG_FILENAME ]; then
|
|
if [[ "$CONFIG_FILENAME" == *"mesh.cfg"* ]]; then
|
|
VARIANT="mesh"
|
|
fi
|
|
fi
|
|
|
|
# Don't install any configuration. This will be a base system
|
|
if [[ $VARIANT != "mesh" && $VARIANT != "meshclient" && $VARIANT != "meshusb" ]]; then
|
|
CONFIG_FILENAME=
|
|
else
|
|
touch $rootdir/root/.initial_mesh_setup
|
|
fi
|
|
|
|
# Stick with the existing login for mesh clients
|
|
if [[ $VARIANT == "meshclient" || $VARIANT == "meshusb" ]]; then
|
|
return
|
|
fi
|
|
|
|
# The presence of this file indicates that the initial
|
|
# setup has not yet been completed
|
|
touch $rootdir/home/$MY_USERNAME/.initial_setup
|
|
chroot $rootdir /bin/chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.initial_setup
|
|
touch $rootdir/root/.initial_setup
|
|
|
|
cat >> $rootdir/home/$MY_USERNAME/.bashrc <<EOF
|
|
# initial setup of the system
|
|
if [ -f ~/.initial_setup ]; then
|
|
clear
|
|
echo "
|
|
.---. . .
|
|
| | |
|
|
|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
|
|
| | (.-' (.-' ( | ( )| | | | )( )| | (.-'
|
|
' ' --' --' -' - -' ' ' -' -' -' ' - --'
|
|
|
|
Initial setup process
|
|
|
|
Please enter your password a second time.
|
|
"
|
|
sudo su
|
|
fi
|
|
EOF
|
|
|
|
echo "MY_USERNAME=${MY_USERNAME}" >> $rootdir/root/.bashrc
|
|
echo "SSH_PORT=${SSH_PORT}" >> $rootdir/root/.bashrc
|
|
echo '# initial setup of the system' >> $rootdir/root/.bashrc
|
|
echo 'if [ -f ~/.initial_setup ]; then' >> $rootdir/root/.bashrc
|
|
echo ' if [ -f ~/login.txt ]; then' >> $rootdir/root/.bashrc
|
|
echo ' NEW_USER_PASSWORD=$(printf `cat ~/login.txt`)' >> $rootdir/root/.bashrc
|
|
echo ' else' >> $rootdir/root/.bashrc
|
|
echo ' ENTROPY=$(cat /proc/sys/kernel/random/entropy_avail)' >> $rootdir/root/.bashrc
|
|
echo ' if [ $ENTROPY -lt 500 ]; then' >> $rootdir/root/.bashrc
|
|
ENTROPY_MESSAGE1=$'Initial setup process'
|
|
ENTROPY_MESSAGE2=$'Password Generation'
|
|
ENTROPY_MESSAGE3=$'WARNING: The entropy available on this system is too low to generate a password.\n\nThe installation process cannot continue.'
|
|
echo " dialog --backtitle \"${ENTROPY_MESSAGE1}\" --title \"${ENTROPY_MESSAGE2}\" --msgbox \"${ENTROPY_MESSAGE3}\" 8 50" >> $rootdir/root/.bashrc
|
|
echo ' exit' >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo -n ' NEW_USER_PASSWORD="$(openssl rand -base64 30 | cut -c1-' >> $rootdir/root/.bashrc
|
|
echo "${DEFAULT_PASSWORD_LENGTH})\"" >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo ' echo "${NEW_USER_PASSWORD}" > ~/login.txt' >> $rootdir/root/.bashrc
|
|
|
|
echo ' clear' >> $rootdir/root/.bashrc
|
|
echo ' echo ""' >> $rootdir/root/.bashrc
|
|
NEW_LOGIN_PASSWORD_MESSAGE1=$'Your new login password is:'
|
|
NEW_LOGIN_PASSWORD_MESSAGE2=$'Use it whenever you wish to ssh into this system.'
|
|
NEW_LOGIN_PASSWORD_MESSAGE3=$'IMPORTANT: Please take a moment to enter the above password into a\npassword manager or write it down somewhere.'
|
|
PRESS_KEY_MESSAGE=$'Press any key to continue...'
|
|
echo " echo \"${NEW_LOGIN_PASSWORD_MESSAGE1}\"" >> $rootdir/root/.bashrc
|
|
echo ' echo ""' >> $rootdir/root/.bashrc
|
|
echo ' echo " ${NEW_USER_PASSWORD}"' >> $rootdir/root/.bashrc
|
|
echo ' echo ""' >> $rootdir/root/.bashrc
|
|
echo " echo \"${NEW_LOGIN_PASSWORD_MESSAGE2}\"" >> $rootdir/root/.bashrc
|
|
echo ' echo ""' >> $rootdir/root/.bashrc
|
|
echo " echo \"${NEW_LOGIN_PASSWORD_MESSAGE3}\"" >> $rootdir/root/.bashrc
|
|
echo ' echo ""' >> $rootdir/root/.bashrc
|
|
echo " read -n1 -r -p \"${PRESS_KEY_MESSAGE}\" key" >> $rootdir/root/.bashrc
|
|
|
|
# change the password for the admin user
|
|
echo -n " echo \"${MY_USERNAME}:" >> $rootdir/root/.bashrc
|
|
echo '$(printf `cat ~/login.txt`)"|chpasswd' >> $rootdir/root/.bashrc
|
|
|
|
# update before continuing
|
|
echo " cd /root/${PROJECT_NAME}" >> $rootdir/root/.bashrc
|
|
echo " git stash" >> $rootdir/root/.bashrc
|
|
echo " git pull" >> $rootdir/root/.bashrc
|
|
echo " make install" >> $rootdir/root/.bashrc
|
|
|
|
if [[ $VARIANT != "mesh" && $VARIANT != "meshclient" && $VARIANT != "meshusb" && $VARIANT != "usb" ]]; then
|
|
if [[ $ONION_ONLY == "no" ]]; then
|
|
if [[ $MINIMAL_INSTALL == "no" ]]; then
|
|
echo " ${PROJECT_NAME} menuconfig-full" >> $rootdir/root/.bashrc
|
|
else
|
|
echo " ${PROJECT_NAME} menuconfig" >> $rootdir/root/.bashrc
|
|
fi
|
|
else
|
|
echo " ${PROJECT_NAME} menuconfig-onion" >> $rootdir/root/.bashrc
|
|
fi
|
|
else
|
|
echo " echo ''" >> $rootdir/root/.bashrc
|
|
fi
|
|
echo ' if [ "$?" = "0" ]; then' >> $rootdir/root/.bashrc
|
|
echo " if [ -f ~/${PROJECT_NAME}-completed.txt ]; then" >> $rootdir/root/.bashrc
|
|
# Remove the initial setup files
|
|
echo ' rm /root/.initial_setup' >> $rootdir/root/.bashrc
|
|
echo ' rm /home/fbone/.initial_setup' >> $rootdir/root/.bashrc
|
|
echo " touch /root/.remove_${GENERIC_IMAGE_USERNAME}" >> $rootdir/root/.bashrc
|
|
echo ' shred -zu ~/login.txt' >> $rootdir/root/.bashrc
|
|
END_MESSAGE1=$'Congratulations!'
|
|
if [[ $VARIANT != "mesh" && $VARIANT != "meshclient" && $VARIANT != "meshusb" && $VARIANT != "usb" ]]; then
|
|
END_MESSAGE2=$'\nYour system has now installed\n\nThe onion ssh service is at:\n\n ${SSH_ONION_HOSTNAME}\n\nTo copy the above address hold down the shift key and double left click on it, then right click and select "copy".\n\nPress any key to reboot and begin using the system'
|
|
echo ' SSH_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_ssh/hostname)' >> $rootdir/root/.bashrc
|
|
|
|
echo ' if [ ${#SSH_ONION_HOSTNAME} -lt 2 ]; then' >> $rootdir/root/.bashrc
|
|
echo ' exit 62392' >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
END_MESSAGE_HEIGHT=16
|
|
else
|
|
END_MESSAGE2=$'\nYour system has now installed\n\nPress any key to reboot and begin using it'
|
|
END_MESSAGE_HEIGHT=12
|
|
fi
|
|
echo " if [ -f /root/${PROJECT_NAME}-wifi.cfg ]; then" >> $rootdir/root/.bashrc
|
|
echo " echo '[Unit]' > /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'Description=WifiStartup (Start wifi networking)' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'After=syslog.target' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'After=network.target' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'After=remote-fs.target' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo '' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo '[Service]' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'Type=simple' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'User=root' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'Group=root' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'WorkingDirectory=/root' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'ExecStart=/usr/local/bin/freedombone-wifi --wait 5 2> /dev/null' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo '' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo '[Install]' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " echo 'WantedBy=multi-user.target' >> /etc/systemd/system/wifistart.service" >> $rootdir/root/.bashrc
|
|
echo " systemctl enable wifistart" >> $rootdir/root/.bashrc
|
|
echo " systemctl daemon-reload" >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo " dialog --title '$END_MESSAGE1' --msgbox \"$END_MESSAGE2\" ${END_MESSAGE_HEIGHT} 60" >> $rootdir/root/.bashrc
|
|
echo ' reboot' >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo ' else' >> $rootdir/root/.bashrc
|
|
echo ' key=' >> $rootdir/root/.bashrc
|
|
echo ' while [[ $key != "x" ]]; do' >> $rootdir/root/.bashrc
|
|
INSTALL_FAIL_MESSAGE=$"Install failed. Press x to continue..."
|
|
echo " read -n1 -r -p \"${INSTALL_FAIL_MESSAGE}\" key" >> $rootdir/root/.bashrc
|
|
echo ' done' >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo ' exit' >> $rootdir/root/.bashrc
|
|
echo 'else' >> $rootdir/root/.bashrc
|
|
echo ' # Remove default account after install' >> $rootdir/root/.bashrc
|
|
echo " if [ -f /root/.remove_${GENERIC_IMAGE_USERNAME} ]; then" >> $rootdir/root/.bashrc
|
|
echo " if [ -d /home/${GENERIC_IMAGE_USERNAME} ]; then" >> $rootdir/root/.bashrc
|
|
echo " userdel -r ${GENERIC_IMAGE_USERNAME}" >> $rootdir/root/.bashrc
|
|
echo " if [ -d /home/${GENERIC_IMAGE_USERNAME} ]; then" >> $rootdir/root/.bashrc
|
|
echo " rm -rf /home/${GENERIC_IMAGE_USERNAME}" >> $rootdir/root/.bashrc
|
|
echo " rm /root/.remove_${GENERIC_IMAGE_USERNAME}" >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo ' fi' >> $rootdir/root/.bashrc
|
|
echo 'fi' >> $rootdir/root/.bashrc
|
|
}
|
|
|
|
continue_installation() {
|
|
# If a configuration file exists then run with it
|
|
# otherwise the interactive installer can be used
|
|
# This is equivalent to installing freedombox-setup on freedombox
|
|
if [ $CONFIG_FILENAME ]; then
|
|
if [ ${#CONFIG_FILENAME} -gt 2 ]; then
|
|
cp $CONFIG_FILENAME $rootdir/root/$PROJECT_NAME.cfg
|
|
cat $rootdir/root/$PROJECT_NAME.cfg
|
|
chroot "$rootdir" su -c "$PROJECT_NAME -c /root/$PROJECT_NAME.cfg" - root
|
|
fi
|
|
fi
|
|
}
|
|
|
|
atheros_wifi() {
|
|
firmware_filename="open-ath9k-htc-firmware_1.3-1_all.deb"
|
|
firmware_hash='5fea58ffefdf0ef15b504db7fbe3bc078c03e0d927bba64085e4b6f2546102f5'
|
|
|
|
firmware_url="http://us.archive.trisquel.info/trisquel/pool/main/o/open-ath9k-htc-firmware/$firmware_filename"
|
|
firmware_tempfile="/tmp/$firmware_filename"
|
|
wget "$firmware_url" -O "$rootdir$firmware_tempfile"
|
|
downloaded_firmware_hash=$(sha256sum "$rootdir$firmware_tempfile" | awk -F ' ' '{print $1}')
|
|
if [[ "$downloaded_firmware_hash" == "$firmware_hash" ]]; then
|
|
chroot "$rootdir" dpkg -i "$firmware_tempfile"
|
|
else
|
|
echo 'WARNING: Atheros Wifi firmware hash does not match. The driver has not been installed.'
|
|
fi
|
|
}
|
|
|
|
configure_wifi() {
|
|
if [[ $VARIANT == "mesh"* ]]; then
|
|
return
|
|
fi
|
|
|
|
if [ -f $WIFI_NETWORKS_FILE ]; then
|
|
chroot "$rootdir" ${PROJECT_NAME}-wifi --networks $WIFI_NETWORKS_FILE
|
|
return
|
|
fi
|
|
|
|
if [[ $WIFI_TYPE != 'none' ]]; then
|
|
if [ ${#WIFI_PASSPHRASE} -lt 2 ]; then
|
|
return
|
|
fi
|
|
chroot "$rootdir" ${PROJECT_NAME}-wifi -s $WIFI_SSID -t $WIFI_TYPE -p $WIFI_PASSPHRASE --hotspot $WIFI_HOTSPOT
|
|
else
|
|
chroot "$rootdir" ${PROJECT_NAME}-wifi -s $WIFI_SSID -t $WIFI_TYPE --hotspot $WIFI_HOTSPOT
|
|
fi
|
|
}
|
|
|
|
##############################################################################
|
|
# Mesh networking
|
|
##############################################################################
|
|
|
|
# for mesh installs
|
|
TRACKER_PORT=6969
|
|
|
|
WIFI_CHANNEL=2
|
|
|
|
# B.A.T.M.A.N settings
|
|
BATMAN_CELLID='02:BA:00:00:03:01'
|
|
WIFI_SSID='mesh'
|
|
|
|
# To avoid confusions these are obtained from the main project file
|
|
TOXID_REPO=
|
|
TOX_PORT=
|
|
TOXCORE_REPO=
|
|
TOXIC_REPO=
|
|
TOXCORE_COMMIT=
|
|
TOXIC_COMMIT=
|
|
# These are some default nodes, but you can replace them with trusted nodes
|
|
# as you prefer. See https://wiki.tox.im/Nodes
|
|
TOX_NODES=
|
|
#TOX_NODES=(
|
|
# '192.254.75.102,2607:5600:284::2,33445,951C88B7E75C867418ACDB5D273821372BB5BD652740BCDF623A4FA293E75D2F,Tox RELENG,US'
|
|
# '144.76.60.215,2a01:4f8:191:64d6::1,33445,04119E835DF3E78BACF0F84235B300546AF8B936F035185E2A8E9E0A67C8924F,sonOfRa,DE'
|
|
#)
|
|
|
|
# To avoid confusions these are obtained from the main project file
|
|
ZERONET_REPO=
|
|
ZERONET_COMMIT=
|
|
ZERONET_PORT=
|
|
ZERONET_BLOG_REPO=
|
|
ZERONET_BLOG_COMMIT=
|
|
ZERONET_MAIL_REPO=
|
|
ZERONET_MAIL_COMMIT=
|
|
ZERONET_FORUM_REPO=
|
|
ZERONET_FORUM_COMMIT=
|
|
ZERONET_ID_REPO=
|
|
ZERONET_ID_COMMIT=
|
|
|
|
# Directory where source code is downloaded and compiled
|
|
INSTALL_DIR=$HOME/build
|
|
|
|
INSTALLING_MESH=
|
|
|
|
initialise_mesh() {
|
|
if [[ $VARIANT != "mesh" && $VARIANT != "meshclient" && $VARIANT != "meshusb" ]]; then
|
|
return
|
|
fi
|
|
if [[ $DEBIAN_INSTALL_ONLY != "no" ]]; then
|
|
return
|
|
fi
|
|
|
|
if [[ $INSECURE == $'yes' ]]; then
|
|
echo '*********************************************************'
|
|
echo $'WARNING: non-free wifi drivers are being installed.'
|
|
echo $' This may compromise the security of your system.'
|
|
echo '*********************************************************'
|
|
|
|
# enable non-free repo
|
|
if ! grep -q "non-free" $rootdir/etc/apt/sources.list; then
|
|
chroot "$rootdir" /bin/sed -i "s| main| main non-free|g" /etc/apt/sources.list
|
|
fi
|
|
|
|
chroot "$rootdir" apt-get update
|
|
|
|
# install proprietary wifi drivers
|
|
# see https://wiki.debian.org/iwlwifi
|
|
chroot "$rootdir" apt-get -yq install firmware-iwlwifi firmware-b43-installer firmware-brcm80211
|
|
fi
|
|
|
|
INSTALLING_MESH=1
|
|
|
|
configure_firewall
|
|
install_avahi
|
|
install_batman
|
|
install_tomb
|
|
#install_tahoelafs
|
|
#install_librevault
|
|
install_ipfs
|
|
install_tox
|
|
install_web_server
|
|
install_pelican
|
|
if [ $ENABLE_ZERONET ]; then
|
|
install_zeronet
|
|
fi
|
|
|
|
MESH_SERVICE='mesh-setup.service'
|
|
MESH_SETUP_DAEMON=$rootdir/etc/systemd/system/$MESH_SERVICE
|
|
|
|
MESH_STARTUP_PARAMS="${MY_USERNAME}"
|
|
if [[ $AMNESIC != 'no' ]]; then
|
|
MESH_STARTUP_PARAMS="${MY_USERNAME} amnesic"
|
|
fi
|
|
|
|
echo '[Unit]' > $MESH_SETUP_DAEMON
|
|
echo 'Description=Initial mesh router configuration' >> $MESH_SETUP_DAEMON
|
|
echo 'After=syslog.target' >> $MESH_SETUP_DAEMON
|
|
echo 'After=network.target' >> $MESH_SETUP_DAEMON
|
|
echo '' >> $MESH_SETUP_DAEMON
|
|
echo '[Service]' >> $MESH_SETUP_DAEMON
|
|
echo 'Type=simple' >> $MESH_SETUP_DAEMON
|
|
echo 'User=root' >> $MESH_SETUP_DAEMON
|
|
echo 'Group=root' >> $MESH_SETUP_DAEMON
|
|
echo 'WorkingDirectory=/root' >> $MESH_SETUP_DAEMON
|
|
echo "ExecStart=/usr/local/bin/${PROJECT_NAME}-image-mesh ${MESH_STARTUP_PARAMS} > /var/log/mesh-setup.log" >> $MESH_SETUP_DAEMON
|
|
echo '' >> $MESH_SETUP_DAEMON
|
|
echo 'TimeoutSec=99999' >> $MESH_SETUP_DAEMON
|
|
echo '' >> $MESH_SETUP_DAEMON
|
|
echo '[Install]' >> $MESH_SETUP_DAEMON
|
|
echo 'WantedBy=multi-user.target' >> $MESH_SETUP_DAEMON
|
|
chmod +x $MESH_SETUP_DAEMON
|
|
chroot "$rootdir" systemctl enable $MESH_SERVICE
|
|
}
|
|
|
|
# User interface for USB drive installs ######################################
|
|
|
|
function mesh_client_startup_applications {
|
|
if [ ! -d $rootdir/home/$MY_USERNAME/Desktop ]; then
|
|
mkdir -p $rootdir/home/$MY_USERNAME/Desktop
|
|
fi
|
|
|
|
if [ ! -d $rootdir/home/$MY_USERNAME/.config/autostart ]; then
|
|
mkdir -p $rootdir/home/$MY_USERNAME/.config/autostart
|
|
chroot "$rootdir" /bin/chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
|
|
fi
|
|
|
|
START_DESKTOP=$rootdir/home/$MY_USERNAME/mesh-desktop.sh
|
|
FIRST_BOOT=/home/$MY_USERNAME/.first_boot
|
|
TAHOE_COMMAND="cd /var/lib/tahoelafs && venv/bin/tahoe"
|
|
echo '#!/bin/bash' > $START_DESKTOP
|
|
echo "setxkbmap ${KEYBOARD_MAP}" > $START_DESKTOP
|
|
echo 'dconf write /org/mate/caja/desktop/volumes-visible false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/caja/desktop/computer-icon-visible false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/caja/desktop/home-icon-visible false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/caja/desktop/network-icon-visible false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/caja/desktop/trash-icon-visible false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/caja/desktop/volumes-visible false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/desktop/media-handling/automount-open false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/screensaver/lock-enabled false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/power-manager/lock-keyring-suspend false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/power-manager/lock-suspend false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/power-manager/lock-use-screensaver false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/power-manager/lock-blank-screen false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/power-manager/lock-hibernate false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/power-manager/lock-keyring-hibernate false' >> $START_DESKTOP
|
|
echo 'dconf write /org/mate/desktop/peripherals/touchpad/scroll-method 2' >> $START_DESKTOP
|
|
echo "touch /home/$MY_USERNAME/.dbus/Xdbus" >> $START_DESKTOP
|
|
echo "chmod 600 /home/$MY_USERNAME/.dbus/Xdbus" >> $START_DESKTOP
|
|
echo "env | grep DBUS_SESSION_BUS_ADDRESS > /home/$MY_USERNAME/.dbus/Xdbus" >> $START_DESKTOP
|
|
echo "echo 'export DBUS_SESSION_BUS_ADDRESS' >> /home/$MY_USERNAME/.dbus/Xdbus" >> $START_DESKTOP
|
|
|
|
echo '' >> $START_DESKTOP
|
|
echo "amixer set 'Master' unmute" >> $START_DESKTOP
|
|
echo "amixer set 'Master' 50%" >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo "if [ ! -f $FIRST_BOOT ]; then" >> $START_DESKTOP
|
|
echo " $TAHOE_COMMAND start" >> $START_DESKTOP
|
|
echo ' exit 0' >> $START_DESKTOP
|
|
echo 'fi' >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo 'INITIAL_TOX_USERNAME=""' >> $START_DESKTOP
|
|
echo 'while [ ${#INITIAL_TOX_USERNAME} -eq 0 ]; do' >> $START_DESKTOP
|
|
echo ' data=$(tempfile 2>/dev/null)' >> $START_DESKTOP
|
|
echo ' trap "rm -f $data" 0 1 2 5 15' >> $START_DESKTOP
|
|
echo -n " dialog --title \"${MESH_TITLE}\" " >> $START_DESKTOP
|
|
echo -n "--backtitle \"${MESH_TITLE}\" " >> $START_DESKTOP
|
|
echo -n "--inputbox \"${MESH_SET_USERNAME}\" 12 60 Anon " >> $START_DESKTOP
|
|
echo '2>$data' >> $START_DESKTOP
|
|
echo ' sel=$?' >> $START_DESKTOP
|
|
echo ' case $sel in' >> $START_DESKTOP
|
|
echo ' 0)' >> $START_DESKTOP
|
|
echo ' INITIAL_TOX_USERNAME=$(<$data)' >> $START_DESKTOP
|
|
echo ' ;;' >> $START_DESKTOP
|
|
echo ' esac' >> $START_DESKTOP
|
|
echo 'done' >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo 'toxid --setuser "$INITIAL_TOX_USERNAME"' >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo "if [ -f /home/$MY_USERNAME/.tahoe/tahoe.cfg ]; then" >> $START_DESKTOP
|
|
echo " sed -i 's|nickname =.*|nickname = \$INITIAL_TOX_USERNAME|g' /home/$MY_USERNAME/.tahoe/tahoe.cfg" >> $START_DESKTOP
|
|
|
|
echo " $TAHOE_COMMAND restart" >> $START_DESKTOP
|
|
echo 'fi' >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo "rm -f $FIRST_BOOT" >> $START_DESKTOP
|
|
echo '' >> $START_DESKTOP
|
|
echo 'exit 0' >> $START_DESKTOP
|
|
chmod +x $START_DESKTOP
|
|
|
|
START_DESKTOP2=$rootdir/home/$MY_USERNAME/.config/autostart/mesh-start.desktop
|
|
echo '[Desktop Entry]' > $START_DESKTOP2
|
|
echo 'Type=Application' >> $START_DESKTOP2
|
|
echo 'Name=Mesh start desktop script' >> $START_DESKTOP2
|
|
echo "Exec=bash -c '~/mesh-desktop.sh'" >> $START_DESKTOP2
|
|
echo 'X-GNOME-Autostart-enabled=true' >> $START_DESKTOP2
|
|
chmod +x $START_DESKTOP2
|
|
|
|
START_DESKTOP3=$rootdir/home/$MY_USERNAME/.config/autostart/set_username.desktop
|
|
echo '[Desktop Entry]' > $START_DESKTOP3
|
|
echo 'Version=1.0' >> $START_DESKTOP3
|
|
echo 'Name=Set Username' >> $START_DESKTOP3
|
|
echo 'Type=Application' >> $START_DESKTOP3
|
|
echo 'Comment=Set username' >> $START_DESKTOP3
|
|
echo "Exec=mate-terminal -e \"bash -c /home/${MY_USERNAME}/mesh-desktop.sh\"" >> $START_DESKTOP3
|
|
echo 'Icon=user-away' >> $START_DESKTOP3
|
|
echo 'Terminal=false' >> $START_DESKTOP3
|
|
echo 'Categories=Application;' >> $START_DESKTOP3
|
|
chmod +x $START_DESKTOP3
|
|
}
|
|
|
|
function mesh_desktop_icons {
|
|
if [ ! -d $rootdir/home/$MY_USERNAME/Desktop ]; then
|
|
mkdir -p $rootdir/home/$MY_USERNAME/Desktop
|
|
fi
|
|
|
|
# Terminal
|
|
#echo '[Desktop Entry]' > $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'Name=MATE Terminal' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'Type=Application' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'Comment=Use the command line' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'TryExec=mate-terminal' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'Exec=mate-terminal' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'Icon=terminal' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
#echo 'StartupNotify=true' >> $rootdir/home/$MY_USERNAME/Desktop/terminal.desktop
|
|
|
|
chroot "$rootdir" /bin/chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Desktop
|
|
}
|
|
|
|
function configure_user_interface {
|
|
if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" && $VARIANT != "usb" ]]; then
|
|
return
|
|
fi
|
|
|
|
# desktop
|
|
chroot "$rootdir" apt-get -yq install mate-desktop-environment
|
|
|
|
# tool to change desktop settings from command line
|
|
chroot "$rootdir" apt-get -yq install dconf-cli dconf-gsettings-backend dbus dbus-x11
|
|
|
|
# for tomb
|
|
chroot "$rootdir" apt-get -yq install pinentry-gtk2
|
|
|
|
# for tox video
|
|
chroot "$rootdir" apt-get -yq install ffmpeg cheese v4l-utils
|
|
|
|
# to provide notifications
|
|
chroot "$rootdir" apt-get -yq install libnotify-bin
|
|
|
|
# for video/audio
|
|
chroot "$rootdir" apt-get -yq install libtheora-bin libvorbis-dev v4l-utils
|
|
|
|
# a sane editor
|
|
chroot "$rootdir" apt-get -yq install emacs24
|
|
|
|
# for wifi monitoring
|
|
chroot "$rootdir" apt-get -yq install horst
|
|
|
|
# for sound level control
|
|
chroot "$rootdir" apt-get -yq install alsa-utils
|
|
|
|
# to play various media types
|
|
chroot "$rootdir" apt-get -yq install vlc
|
|
|
|
# android adb to allow phones to be connected and for example transfer photos/documents
|
|
chroot "$rootdir" apt-get -yq install android-tools-adb
|
|
|
|
# Produce a text file on the desktop listing users on the mesh
|
|
cat <<EOF > $rootdir/usr/bin/list-tox-users
|
|
#!/bin/bash
|
|
users_list=\$(lstox | awk -F ' ' '{\$1=""; print \$0}' | sed -e 's/^[[:space:]]*//' | sort -d | uniq)
|
|
if [ ! \$users_list ]; then
|
|
no_of_users=0
|
|
else
|
|
no_of_users=\$(echo "\$users_list" | wc -l)
|
|
fi
|
|
if [ \$no_of_users -gt 0 ]; then
|
|
echo "\$users_list" > /tmp/Users.txt
|
|
chown $MY_USERNAME:$MY_USERNAME /tmp/Users.txt
|
|
|
|
echo 'showing_users=\$(ps aux | grep $MESH_TEXT_EDITOR | grep "Users.txt")' > /home/$MY_USERNAME/showusers
|
|
echo 'if [ \${#showing_users} -eq 0 ]; then' >> /home/$MY_USERNAME/showusers
|
|
echo ' $MESH_TEXT_EDITOR /tmp/Users.txt' >> /home/$MY_USERNAME/showusers
|
|
echo 'fi' >> /home/$MY_USERNAME/showusers
|
|
echo 'exit 0' >> /home/$MY_USERNAME/showusers
|
|
chmod +x /home/$MY_USERNAME/showusers
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/showusers
|
|
|
|
echo '[Desktop Entry]' > /home/$MY_USERNAME/Desktop/Users.desktop
|
|
if [ \$no_of_users -lt 2 ]; then
|
|
echo "Name=\$no_of_users Other User" >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
else
|
|
echo "Name=\$no_of_users Other Users" >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
fi
|
|
echo 'Type=Application' >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
echo 'Comment=List of users' >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
echo 'Exec=bash /home/$MY_USERNAME/showusers' >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
echo 'Icon=/usr/share/$PROJECT_NAME/avatars/otheruser.png' >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
echo 'StartupNotify=false' >> /home/$MY_USERNAME/Desktop/Users.desktop
|
|
chmod +x /home/$MY_USERNAME/Desktop/Users.desktop
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Desktop/Users.desktop
|
|
|
|
if [ -f /tmp/.ipfs-users ]; then
|
|
echo '[Desktop Entry]' > /home/$MY_USERNAME/Desktop/sites.desktop
|
|
echo 'Type=Application' >> /home/$MY_USERNAME/Desktop/sites.desktop
|
|
echo "Name=Visit a site" >> /home/$MY_USERNAME/Desktop/sites.desktop
|
|
echo 'Comment=Visit a site' >> /home/$MY_USERNAME/Desktop/sites.desktop
|
|
echo 'Exec=mate-terminal -e /usr/local/bin/${PROJECT_NAME}-mesh-visit-site' >> /home/$MY_USERNAME/Desktop/sites.desktop
|
|
echo 'Icon=/usr/share/${PROJECT_NAME}/avatars/ipfs.jpg' >> /home/$MY_USERNAME/Desktop/sites.desktop
|
|
echo 'StartupNotify=false' >> /home/$MY_USERNAME/Desktop/sites.desktop
|
|
chmod +x /home/$MY_USERNAME/Desktop/sites.desktop
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Desktop/sites.desktop
|
|
|
|
echo '[Desktop Entry]' > /home/$MY_USERNAME/Desktop/blog.desktop
|
|
echo 'Type=Application' >> /home/$MY_USERNAME/Desktop/blog.desktop
|
|
echo "Name=Blog" >> /home/$MY_USERNAME/Desktop/blog.desktop
|
|
echo 'Comment=View or create blog entries' >> /home/$MY_USERNAME/Desktop/blog.desktop
|
|
echo 'Exec=mate-terminal -e /usr/local/bin/${PROJECT_NAME}-mesh-blog' >> /home/$MY_USERNAME/Desktop/blog.desktop
|
|
echo 'Icon=/usr/share/${PROJECT_NAME}/avatars/blog.png' >> /home/$MY_USERNAME/Desktop/blog.desktop
|
|
echo 'StartupNotify=false' >> /home/$MY_USERNAME/Desktop/blog.desktop
|
|
chmod +x /home/$MY_USERNAME/Desktop/blog.desktop
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Desktop/blog.desktop
|
|
fi
|
|
|
|
if [ ! -f /home/$MY_USERNAME/runtox ]; then
|
|
echo 'qtox_running=\$(ps aux | grep qtox | grep data)' > /home/$MY_USERNAME/runtox
|
|
echo 'if [ \${#qtox_running} -eq 0 ]; then' >> /home/$MY_USERNAME/runtox
|
|
echo ' bash -c "qtox -p data"' >> /home/$MY_USERNAME/runtox
|
|
echo 'fi' >> /home/$MY_USERNAME/runtox
|
|
echo 'exit 0' >> /home/$MY_USERNAME/runtox
|
|
chmod +x /home/$MY_USERNAME/runtox
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/runtox
|
|
fi
|
|
|
|
if [ ! -f /home/$MY_USERNAME/Desktop/tox.desktop ]; then
|
|
echo '[Desktop Entry]' > /home/$MY_USERNAME/Desktop/tox.desktop
|
|
echo 'Name=Chat' >> /home/$MY_USERNAME/Desktop/tox.desktop
|
|
echo 'Type=Application' >> /home/$MY_USERNAME/Desktop/tox.desktop
|
|
echo 'Comment=Chat, Voice and Video' >> /home/$MY_USERNAME/Desktop/tox.desktop
|
|
echo 'Exec=bash /home/$MY_USERNAME/runtox' >> /home/$MY_USERNAME/Desktop/tox.desktop
|
|
echo "Icon=/usr/share/$PROJECT_NAME/avatars/chat.png" >> /home/$MY_USERNAME/Desktop/tox.desktop
|
|
echo 'StartupNotify=true' >> /home/$MY_USERNAME/Desktop/tox.desktop
|
|
chmod +x /home/$MY_USERNAME/Desktop/tox.desktop
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Desktop/tox.desktop
|
|
fi
|
|
else
|
|
if [ -f /tmp/Users.txt ]; then
|
|
rm /tmp/Users.txt
|
|
rm /home/$MY_USERNAME/Desktop/Users.desktop
|
|
if [ -f /home/$MY_USERNAME/Desktop/Users.desktop ]; then
|
|
rm /home/$MY_USERNAME/Desktop/Users.desktop
|
|
fi
|
|
if [ -f /home/$MY_USERNAME/Desktop/sites.desktop ]; then
|
|
rm /home/$MY_USERNAME/Desktop/sites.desktop
|
|
fi
|
|
if [ -f /home/$MY_USERNAME/Desktop/blog.desktop ]; then
|
|
rm /home/$MY_USERNAME/Desktop/blog.desktop
|
|
fi
|
|
if [ -f /home/$MY_USERNAME/Desktop/tox.desktop ]; then
|
|
rm /home/$MY_USERNAME/Desktop/tox.desktop
|
|
fi
|
|
pkill qtox
|
|
fi
|
|
fi
|
|
EOF
|
|
chroot "$rootdir" /bin/chown $MY_USERNAME:$MY_USERNAME /usr/bin/list-tox-users
|
|
chroot "$rootdir" /bin/chmod +x /usr/bin/list-tox-users
|
|
echo "* * * * * $MY_USERNAME bash -c /usr/bin/list-tox-users > /dev/null" >> $rootdir/etc/crontab
|
|
|
|
if [[ $VARIANT != "usb" ]]; then
|
|
# log in automatically
|
|
chroot "$rootdir" apt-get -y install nodm xinit
|
|
echo 'NODM_ENABLED=true' > /etc/default/nodm
|
|
echo "NODM_USER=$MY_USERNAME" >> /etc/default/nodm
|
|
|
|
chroot "$rootdir" mkdir /etc/systemd/system/getty@tty1.service.d
|
|
echo '[Service]' > $rootdir/etc/systemd/system/getty@tty1.service.d/override.conf
|
|
echo 'ExecStart=' >> $rootdir/etc/systemd/system/getty@tty1.service.d/override.conf
|
|
echo 'ExecStart=-/sbin/agetty --autologin fbone --noclear %I $TERM' >> $rootdir/etc/systemd/system/getty@tty1.service.d/override.conf
|
|
|
|
echo '[[ -z $DISPLAY && $XDG_VTNR -eq 1 ]] && exec startx' >> $rootdir/home/$MY_USERNAME/.profile
|
|
|
|
chroot "$rootdir" systemctl set-default multi-user.target
|
|
|
|
mesh_client_startup_applications
|
|
mesh_desktop_icons
|
|
|
|
# Different desktop background for amnesic
|
|
if [[ $AMNESIC != 'no' ]]; then
|
|
MESH_DESKTOP_BACKGROUND_IMAGE=/usr/local/share/${PROJECT_NAME}_mesh_amnesic_background.png
|
|
fi
|
|
|
|
# change the desktop background
|
|
if [ $MESH_DESKTOP_BACKGROUND_IMAGE ]; then
|
|
if [ -f $MESH_DESKTOP_BACKGROUND_IMAGE ]; then
|
|
if [ -d $rootdir/usr/share/images/desktop-base ]; then
|
|
cp $MESH_DESKTOP_BACKGROUND_IMAGE $rootdir/usr/share/images/desktop-base/${PROJECT_NAME}_mesh_background.png
|
|
chroot "$rootdir" /bin/rm /usr/share/images/desktop-base/desktop-background
|
|
chroot "$rootdir" ln -s /usr/share/images/desktop-base/${PROJECT_NAME}_mesh_background.png /usr/share/images/desktop-base/desktop-background
|
|
fi
|
|
fi
|
|
fi
|
|
else
|
|
chroot "$rootdir" apt-get -yq install lightdm
|
|
fi
|
|
|
|
# browser
|
|
chroot "$rootdir" apt-get -yq install $BROWSER
|
|
|
|
# help
|
|
mkdir -p $rootdir/home/${MY_USERNAME}/help/images
|
|
cd $rootdir/root/${PROJECT_NAME}/website
|
|
./deploy.sh EN $rootdir/home/${MY_USERNAME}/help
|
|
chroot "$rootdir" /bin/chown -R ${MY_USERNAME}:${MY_USERNAME} /home/${MY_USERNAME}/help
|
|
|
|
# Tox user interface
|
|
enable_tox_repo
|
|
mesh_tox_qtox
|
|
# copy the default qtox ini file
|
|
if [ ! -d ${rootdir}/home/${MY_USERNAME}/.config/tox ]; then
|
|
mkdir ${rootdir}/home/${MY_USERNAME}/.config/tox
|
|
cp /usr/local/bin/${PROJECT_NAME}-config-qtox ${rootdir}/home/${MY_USERNAME}/.config/tox/qtox.ini
|
|
chroot "$rootdir" /bin/chown -R ${MY_USERNAME}:${MY_USERNAME} /home/${MY_USERNAME}/.config
|
|
fi
|
|
|
|
if [[ $VARIANT == "usb" ]]; then
|
|
# tor
|
|
chroot "$rootdir" apt-get -y install tor
|
|
|
|
# xmpp client
|
|
chroot "$rootdir" echo "deb ftp://ftp.gajim.org/debian unstable main" > /etc/apt/sources.list.d/gajim.list
|
|
chroot "$rootdir" apt-get update
|
|
chroot "$rootdir" apt-get -yq install gajim-dev-keyring
|
|
chroot "$rootdir" apt-get -yq install git python-dev python-pip gajim-nightly
|
|
chroot "$rootdir" mkdir /home/$GENERIC_IMAGE_USERNAME/.local/share/gajim/plugins -p
|
|
chroot "$rootdir" git clone https://github.com/omemo/gajim-omemo /home/$GENERIC_IMAGE_USERNAME/.local/share/gajim/plugins/gajim-omemo
|
|
chroot "$rootdir" pip install protobuf==2.6.1, python-axolotl==0.1.35
|
|
chroot "$rootdir" /bin/chown -R $GENERIC_IMAGE_USERNAME:$GENERIC_IMAGE_USERNAME /home/$GENERIC_IMAGE_USERNAME/.local
|
|
|
|
# IRC client
|
|
chroot "$rootdir" apt-get -yq install hexchat profanity
|
|
fi
|
|
}
|
|
|
|
##############################################################################
|
|
|
|
|
|
# Set to true/false to control if eatmydata is used during build
|
|
use_eatmydata=true
|
|
|
|
rootdir="$1"
|
|
fmdir="$(pwd)"
|
|
image="$fmdir"/"$2"
|
|
cd "$rootdir"
|
|
|
|
echo info: building $MACHINE for $ARCHITECTURE
|
|
|
|
export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true
|
|
export LC_ALL=C LANGUAGE=C LANG=C
|
|
|
|
# Override libpam-tmpdir setting during build, as the directories
|
|
# are not created yet.
|
|
export TMP=/tmp/ TMPDIR=/tmp/
|
|
|
|
if [ ! $MY_USERNAME ]; then
|
|
echo $'No username was specified'
|
|
exit 52825
|
|
fi
|
|
username=$MY_USERNAME
|
|
echo $"warning: creating initial user $username with well known password!"
|
|
password=$MY_PASSWORD
|
|
chroot "$rootdir" /usr/bin/env -i \
|
|
HOME=/root \
|
|
PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin
|
|
echo "export PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:" >> $rootdir/root/.bashrc
|
|
chroot "$rootdir" adduser --gecos $username --disabled-password $username
|
|
echo $username:$password | chroot "$rootdir" /usr/sbin/chpasswd
|
|
chroot "$rootdir" adduser $username sudo
|
|
|
|
if [ ! $DEBIAN_REPO ]; then
|
|
DEBIAN_REPO='ftp.de.debian.org'
|
|
fi
|
|
if [ ! $DEBIAN_VERSION ]; then
|
|
DEBIAN_VERSION='jessie'
|
|
fi
|
|
|
|
set_apt_sources $BUILD_MIRROR
|
|
chroot "$rootdir" apt-get clean
|
|
chroot "$rootdir" /bin/rm -rf /var/lib/apt/lists/*
|
|
chroot "$rootdir" apt-get clean
|
|
set_apt_sources $MIRROR
|
|
configure_backports
|
|
configure_contrib_repo
|
|
chroot "$rootdir" apt-get update
|
|
chroot "$rootdir" apt-get install -y apt-utils
|
|
|
|
cat > $rootdir/usr/sbin/policy-rc.d <<EOF
|
|
#!/bin/sh
|
|
exit 101
|
|
EOF
|
|
chmod a+rx $rootdir/usr/sbin/policy-rc.d
|
|
|
|
if $use_eatmydata ; then
|
|
enable_eatmydata_override
|
|
fi
|
|
|
|
if [ -n "$CUSTOM_SETUP" ]; then
|
|
cp "$CUSTOM_SETUP" "$rootdir"/tmp
|
|
chroot "$rootdir" apt-get install -y gdebi-core
|
|
chroot "$rootdir" gdebi -n /tmp/"$(basename $CUSTOM_SETUP)"
|
|
fi
|
|
|
|
if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" && $VARIANT != "mesh" ]]; then
|
|
chroot "$rootdir" apt-get install -y openssh-server
|
|
fi
|
|
chroot "$rootdir" apt-get install -y sudo git dialog build-essential
|
|
chroot "$rootdir" apt-get install -y avahi-daemon avahi-utils avahi-discover avahi-autoipd
|
|
chroot "$rootdir" apt-get install -y iptables dnsutils net-tools network-manager iputils-ping
|
|
chroot "$rootdir" apt-get install -y libnss-mdns libnss-myhostname libnss-gw-name nano man ntp
|
|
chroot "$rootdir" apt-get install -y locales locales-all debconf wireless-tools wpasupplicant usbutils
|
|
if [[ $ARCHITECTURE == 'qemu'* || $ARCHITECTURE == 'i386' || $ARCHITECTURE == 'i686' || $ARCHITECTURE == 'amd64' || $ARCHITECTURE == 'x86_64' ]]; then
|
|
chroot "$rootdir" apt-get install -y cryptsetup zsh pinentry-curses iotop bc
|
|
chroot "$rootdir" apt-get install -y grub2 hostapd
|
|
fi
|
|
|
|
sed -i "s|#host-name=.*|host-name=${PROJECT_NAME}|g" $rootdir/etc/avahi/avahi-daemon.conf
|
|
sed -i "s|host-name=.*|host-name=${PROJECT_NAME}|g" $rootdir/etc/avahi/avahi-daemon.conf
|
|
|
|
chroot "$rootdir" /bin/bash -x <<EOF
|
|
git clone $PROJECT_REPO /root/$PROJECT_NAME
|
|
cd /root/$PROJECT_NAME
|
|
git checkout origin/stockholm -b stockholm
|
|
make install
|
|
EOF
|
|
|
|
chroot "$rootdir" ${PROJECT_NAME}-image-hardware-setup 2>&1 | \
|
|
tee $rootdir/var/log/${PROJECT_NAME}-image-hardware-setup.log
|
|
|
|
rm $rootdir/usr/sbin/policy-rc.d
|
|
|
|
# Set up HRNG for systems known to have one
|
|
# Otherwise install haveged
|
|
if [[ "$MACHINE" != "beaglebone" ]]; then
|
|
chroot $rootdir apt-get -yq install haveged
|
|
else
|
|
chroot $rootdir apt-get -yq install rng-tools
|
|
sed -i 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/hwrng|g' $rootdir/etc/default/rng-tools
|
|
fi
|
|
|
|
# copy u-boot to beginning of image
|
|
case "$MACHINE" in
|
|
beaglebone)
|
|
dd if=$rootdir/usr/lib/u-boot/am335x_boneblack/MLO of="$image" \
|
|
count=1 seek=1 conv=notrunc bs=128k
|
|
dd if=$rootdir/usr/lib/u-boot/am335x_boneblack/u-boot.img of="$image" \
|
|
count=2 seek=1 conv=notrunc bs=384k
|
|
;;
|
|
cubieboard2)
|
|
dd if=$rootdir/usr/lib/u-boot/Cubieboard2/u-boot-sunxi-with-spl.bin of="$image" \
|
|
seek=8 conv=notrunc bs=1k
|
|
;;
|
|
a20-olinuxino-lime)
|
|
dd if=$rootdir/usr/lib/u-boot/A20-OLinuXino-Lime/u-boot-sunxi-with-spl.bin \
|
|
of="$image" seek=8 conv=notrunc bs=1k
|
|
;;
|
|
esac
|
|
|
|
if $use_eatmydata ; then
|
|
disable_eatmydata_override
|
|
fi
|
|
|
|
configure_ssh
|
|
configure_networking
|
|
admin_user_sudo
|
|
create_generic_image
|
|
atheros_wifi
|
|
continue_installation
|
|
initialise_mesh
|
|
configure_wifi
|
|
configure_user_interface
|
|
|
|
# remove downloaded packages
|
|
chroot $rootdir apt-get clean
|
|
|
|
cd /
|
|
echo $"info: killing leftover processes in chroot"
|
|
fuser -mvk $rootdir/. || true
|
|
|
|
exit 0
|