From bcc7d1fea6c4d1450f7bc3f8972ef5e4692b9fa5 Mon Sep 17 00:00:00 2001 From: Jacen Date: Wed, 25 Sep 2019 23:52:41 +0200 Subject: [PATCH] allows to add a public key to the root authorized_keys file --- README.md | 4 ++++ build.sh | 2 ++ stage2/01-sys-tweaks/01-run.sh | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/README.md b/README.md index 29d8166..053309e 100644 --- a/README.md +++ b/README.md @@ -122,6 +122,10 @@ The following environment variables are supported: Password for the first user + * `ROOT_PUBLIC_KEY` (Default: "") + + If set this public key will be added to the authorized_keys of the root user. + * `WPA_ESSID`, `WPA_PASSWORD` and `WPA_COUNTRY` (Default: unset) If these are set, they are use to configure `wpa_supplicant.conf`, so that the Raspberry Pi can automatically connect to a wifi network on first boot. If `WPA_ESSID` is set and `WPA_PASSWORD` is unset an unprotected wifi network will be configured. If set, `WPA_PASSWORD` must be between 8 and 63 characters. diff --git a/build.sh b/build.sh index a8247ab..3bf2c32 100755 --- a/build.sh +++ b/build.sh @@ -166,7 +166,9 @@ export TARGET_HOSTNAME=${TARGET_HOSTNAME:-raspberrypi} export FIRST_USER_NAME=${FIRST_USER_NAME:-pi} export FIRST_USER_PASS=${FIRST_USER_PASS:-raspberry} +export ROOT_PUBLIC_KEY="${ROOT_PUBLIC_KEY}" export RELEASE=${RELEASE:-buster} + export WPA_ESSID export WPA_PASSWORD export WPA_COUNTRY diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh index 8d28adc..8723ebb 100755 --- a/stage2/01-sys-tweaks/01-run.sh +++ b/stage2/01-sys-tweaks/01-run.sh @@ -21,6 +21,10 @@ else systemctl disable ssh fi systemctl enable regenerate_ssh_host_keys +if [ -n "${ROOT_PUBLIC_KEY}" ]; then + mkdir -p /root/.ssh + echo "${ROOT_PUBLIC_KEY}" >> /root/.ssh/authorized_keys +fi EOF if [ "${USE_QEMU}" = "1" ]; then