Skip to content

Instantly share code, notes, and snippets.

@ivan-c
Last active July 28, 2020 05:56
Show Gist options
  • Save ivan-c/bfdc54a150730a0c7fa1de53ed86af5d to your computer and use it in GitHub Desktop.
Save ivan-c/bfdc54a150730a0c7fa1de53ed86af5d to your computer and use it in GitHub Desktop.
debootstrap script for rpi4
#! /bin/sh
umount /mnt/sd/boot
umount /mnt/sd
losetup -d /dev/loop0
# rm ~/images/rpi4.img
rm rpi4.img
[debootstrap-rpi4]
description=debian buster arm64 rpi4
directory=/mnt/sd
root-users=ivanc
users=ivanc
type=directory
# use tmpfs overlap
union-type=overlay
#! /bin/sh -e
set -x
if [ ! -f rpi4.img ]; then
fallocate --length 3GiB rpi4.img
fi
loopback_devices=$(losetup -l --noheading)
if [ -z "$loopback_devices" ]; then
losetup -f -P rpi4.img
fi
loopback_device=$(losetup -l | grep rpi4 | awk '{print $1}')
parted --script --align optimal "$loopback_device" -- \
mklabel msdos \
mkpart primary fat32 1 128MiB \
mkpart primary ext4 128MiB 100% set 1 boot
mkfs.vfat -F 32 /dev/loop0p1
mkfs.ext4 /dev/loop0p2
test -d /mnt/sd || mkdir -p /mnt/sd
mount /dev/loop0p2 /mnt/sd
test -d /mnt/sd/boot || mkdir /mnt/sd/boot
mount /dev/loop0p1 /mnt/sd/boot
# debootstrap --arch arm64 buster /mnt/sd
qemu-debootstrap --arch=arm64 --keyring /usr/share/keyrings/debian-archive-keyring.gpg --variant=buildd --exclude=debfoster buster /mnt/sd http://ftp.debian.org/debian
echo done running debootstrap
cat << EOF > /mnt/sd/etc/apt/sources.list
# deb http://http.us.debian.org/debian buster main
deb http://http.us.debian.org/debian buster main non-free
deb-src http://http.us.debian.org/debian buster main non-free
deb http://security.debian.org/debian-security buster/updates main non-free
deb-src http://security.debian.org/debian-security buster/updates main non-free
# buster-updates, previously known as 'volatile'
deb http://http.us.debian.org/debian buster-updates main non-free
deb-src http://http.us.debian.org/debian buster-updates main non-free
EOF
# mount -t devpts -o gid=5,mode=620 devpts /mnt/sd/dev/pts
mkdir -p /mnt/sd/tmp/
cp provision.sh /mnt/sd/usr/bin/
cp provision-ansible.sh /mnt/sd/usr/bin/
# pass proxy to chroot
if [ -n "$http_proxy" ]; then
proxy_vars="http_proxy=${http_proxy}"
fi
# reuse given http proxy
schroot --chroot debootstrap-rpi4 -u root -- sh -c "${proxy_vars} provision.sh"
schroot --chroot debootstrap-rpi4 -u root -- sh -c "${proxy_vars} provision-ansible.sh"
cp provision-boot.sh /mnt/sd/usr/bin/
chroot /mnt/sd/ /usr/bin/provision-boot.sh
# remove file identifying as chroot
rm /mnt/sd/etc/debian_chroot
#! /bin/sh -eu
wget \
https://gist.githubusercontent.com/ivan-c/35768f1ee268ce0a581f412bffa8a3dc/raw/bootstrap-ansible.sh \
--output-document /tmp/bootstrap-ansible.sh
chmod +x /tmp/bootstrap-ansible.sh
/tmp/bootstrap-ansible.sh
# wget \
# https://raw.githubusercontent.com/ivan-c/ansible-role-ansible-pull/master/files/ansible_pull_wrapper.sh \
# --output-document /usr/bin/ansible_pull_wrapper.sh
# chmod +x /usr/bin/ansible_pull_wrapper.sh
# /usr/bin/ansible_pull_wrapper.sh --tags boot --url https://github.com/ivan-c/ansible-bootstrap/
#! /bin/sh -e
set -x
# chroot
yes | WANT_PI4=1 rpi-update
echo 'dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait net.ifnames=0' > /boot/cmdline.txt
echo $'kernel=kernel8.img\ngpu_mem=16\narm_64bit=1\ndtoverlay=vc4-fkms-v3d' > /boot/config.txt
#! /bin/sh -e
set -x
DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get upgrade -y
apt-get install -y apt-utils dialog locales
# set locale without interaction (ie dpkg-reconfigure locales)
sed -i '/^#.* en_US\.UTF-8.* /s/^#//' /etc/locale.gen
locale-gen
mkdir -p /etc/network
echo \
'auto lo
iface lo inet loopback
auto eth0
allow-hotplug eth0
iface eth0 inet dhcp
allow-hotplug wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf' \
> /etc/network/interfaces
echo \
'nameserver 1.1.1.1
nameserver 1.0.0.1' \
> /etc/resolv.conf
echo \
'127.0.0.1 localhost
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts' \
> /etc/hosts
# todo: fixup for NFS mounts
cat << EOF > /etc/fstab
# <file system> <dir> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/mmcblk0p1 /boot vfat defaults 0 2
/dev/mmcblk0p2 / ext4 defaults,noatime 0 1
EOF
apt-get install -y software-properties-common
apt-add-repository non-free
apt-get update
apt-get install -y -o Dpkg::Options::=--force-confnew \
ca-certificates \
crda \
fake-hwclock \
firmware-brcm80211 \
net-tools \
ntp \
usb-modeswitch \
ssh \
sudo \
wget \
wpasupplicant \
xz-utils
useradd -s /bin/bash -d /home/debian -G sudo debian
yes linuxpassword | passwd
yes linuxpassword | passwd debian
mkdir /root/.ssh
wget https://github.com/ivan-c.keys -O /root/.ssh/authorized_keys
cd /usr/local/bin
wget https://raw.githubusercontent.com/Hexxeh/rpi-update/master/rpi-update -O /usr/bin/rpi-update
chmod +x /usr/bin/rpi-update
apt install -y curl binutils kmod
# important packages
apt install -y isc-dhcp-client iputils-ping nano less
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment