diff --git a/Dockerfile b/Dockerfile index 706a5fb..35f483a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ RUN apt-get -y update && \ apt-get -y install \ git vim parted \ quilt coreutils qemu-user-static debootstrap zerofree zip dosfstools \ - bsdtar libcap2-bin rsync grep udev xz-utils curl xxd file kmod\ + bsdtar libcap2-bin rsync grep udev xz-utils curl xxd file kmod bc\ && rm -rf /var/lib/apt/lists/* COPY . /pi-gen/ diff --git a/README.md b/README.md index 1f8524b..ec4f65c 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ To install the required dependencies for pi-gen you should run: ```bash apt-get install coreutils quilt parted qemu-user-static debootstrap zerofree zip \ -dosfstools bsdtar libcap2-bin grep rsync xz-utils file git curl +dosfstools bsdtar libcap2-bin grep rsync xz-utils file git curl bc ``` The file `depends` contains a list of tools needed. The format of this @@ -82,7 +82,7 @@ The following environment variables are supported: Default system locale. - * `HOSTNAME` (Default: "raspberrypi" ) + * `TARGET_HOSTNAME` (Default: "raspberrypi" ) Setting the hostname to the specified value. @@ -119,11 +119,11 @@ The following environment variables are supported: * `WPA_ESSID`, `WPA_PASSWORD` and `WPA_COUNTRY` (Default: unset) - If these are set, they are use to configure `wpa_supplicant.conf`, so that the raspberry pi can automatically connect to a wifi network on first boot. If `WPA_ESSID` is set and `WPA_PASSWORD` is unset an unprotected wifi network will be configured. + If these are set, they are use to configure `wpa_supplicant.conf`, so that the Raspberry Pi can automatically connect to a wifi network on first boot. If `WPA_ESSID` is set and `WPA_PASSWORD` is unset an unprotected wifi network will be configured. If set, `WPA_PASSWORD` must be between 8 and 63 characters. * `ENABLE_SSH` (Default: `0`) - Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you RaspberryPi. + Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you Raspberry Pi. * `STAGE_LIST` (Default: `stage*`) diff --git a/build.sh b/build.sh index a396b06..a906e10 100755 --- a/build.sh +++ b/build.sh @@ -162,7 +162,7 @@ export DEPLOY_DIR=${DEPLOY_DIR:-"${BASE_DIR}/deploy"} export DEPLOY_ZIP="${DEPLOY_ZIP:-1}" export LOG_FILE="${WORK_DIR}/build.log" -export HOSTNAME=${HOSTNAME:-raspberrypi} +export TARGET_HOSTNAME=${TARGET_HOSTNAME:-raspberrypi} export FIRST_USER_NAME=${FIRST_USER_NAME:-pi} export FIRST_USER_PASS=${FIRST_USER_PASS:-raspberry} @@ -220,6 +220,11 @@ if [[ -n "${APT_PROXY}" ]] && ! curl --silent "${APT_PROXY}" >/dev/null ; then exit 1 fi +if [[ -n "${WPA_PASSWORD}" && ${#WPA_PASSWORD} -lt 8 || ${#WPA_PASSWORD} -gt 63 ]] ; then + echo "WPA_PASSWORD" must be between 8 and 63 characters + exit 1 +fi + mkdir -p "${WORK_DIR}" log "Begin ${BASE_DIR}" diff --git a/depends b/depends index 6238eb1..a86bc82 100644 --- a/depends +++ b/depends @@ -16,3 +16,4 @@ xxd file git lsmod:kmod +bc diff --git a/export-image/prerun.sh b/export-image/prerun.sh index cecde32..8bbc566 100755 --- a/export-image/prerun.sh +++ b/export-image/prerun.sh @@ -18,7 +18,7 @@ ALIGN="$((4 * 1024 * 1024))" # some overhead (since actual space usage is usually rounded up to the # filesystem block size) and gives some free space on the resulting # image. -ROOT_MARGIN=$((800*1024*1024)) +ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 200 * 1024 * 1024) / 1" | bc)" BOOT_PART_START=$((ALIGN)) BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN)) diff --git a/stage1/02-net-tweaks/00-run.sh b/stage1/02-net-tweaks/00-run.sh index fc9e763..4943cab 100755 --- a/stage1/02-net-tweaks/00-run.sh +++ b/stage1/02-net-tweaks/00-run.sh @@ -1,6 +1,6 @@ #!/bin/bash -e -echo "${HOSTNAME}" > "${ROOTFS_DIR}/etc/hostname" -echo "127.0.1.1 ${HOSTNAME}" >> "${ROOTFS_DIR}/etc/hosts" +echo "${TARGET_HOSTNAME}" > "${ROOTFS_DIR}/etc/hostname" +echo "127.0.1.1 ${TARGET_HOSTNAME}" >> "${ROOTFS_DIR}/etc/hosts" ln -sf /dev/null "${ROOTFS_DIR}/etc/systemd/network/99-default.link" diff --git a/stage2/02-net-tweaks/01-run.sh b/stage2/02-net-tweaks/01-run.sh index 154e515..63fbff7 100755 --- a/stage2/02-net-tweaks/01-run.sh +++ b/stage2/02-net-tweaks/01-run.sh @@ -12,7 +12,8 @@ fi if [ -v WPA_ESSID ] && [ -v WPA_PASSWORD ]; then on_chroot <> "/etc/wpa_supplicant/wpa_supplicant.conf" +set -o pipefail +wpa_passphrase "${WPA_ESSID}" "${WPA_PASSWORD}" | tee -a "/etc/wpa_supplicant/wpa_supplicant.conf" EOF elif [ -v WPA_ESSID ]; then cat >> "${ROOTFS_DIR}/etc/wpa_supplicant/wpa_supplicant.conf" << EOL