pierinz/prepare.sh

## prepare.sh
#!/bin/bash
set -e

echo "Choose root password:"
passwd

mkdir -p /root/.ssh/
#You may want to add some authorized keys
#echo "$key" > /root/.ssh/authorized_keys

echo "Disabling default user"
usermod -L pi
#You may create another regular user if needed

echo "Setting up hostname"
hostname "citofonoweb"
echo "citofonoweb" > /etc/hostname
sed -i "s/raspberrypi/citofonoweb/" /etc/hosts

echo "Setting up DNS"
cat > /etc/resolv.conf <<EOF
nameserver 8.8.8.8
nameserver 208.67.220.220
EOF

echo "Setting up NTP"
sed -i '/#server ntp.your-provider.example/ a\
server ntp1.inrim.it\
server 0.pool.ntp.org' /etc/ntp.conf

echo "Configuring local settings"
dpkg-reconfigure locales
dpkg-reconfigure tzdata
echo "Disabling useless services"
insserv -r lightdm
insserv -r triggerhappy

echo "Installing dosfstools"
apt-get update
aptitude install dosfstools

#Keeping the apt cache in a NFS share is a good idea to preserve bandwidth/avoid SD wearing
#aptitude install nfs-common
#/etc/init.d/rpcbind start
#insserv rpcbind
#cat >> /etc/fstab <<EOF
#
##cache server
#cache-server:/cache-path/ /var/cache/apt/archives nfs defaults,vers=3,soft,rsize=8192,wsize=8192,timeo=14,intr 0 0
#EOF
#rm /var/cache/apt/archives/* -r
#mount /var/cache/apt/archives

echo "Enabling SPI"
sed -i /etc/modprobe.d/raspi-blacklist.conf -e "s/^blacklist[[:space:]]*spi-bcm2708.*/#blacklist spi-bcm2708/"
cat >> /boot/config.txt <<EOF

#Enable SPI
device_tree_overlay=spi-bcm2708-overlay.dtb
EOF

echo "Enabling filesystem checks at startup"
sed -i "s/#FSCKFIX=no/FSCKFIX=yes/" /etc/default/rcS

echo "Enabling TRIM on sd card (if supported)"
sed -i "s/noatime/noatime,discard/" /etc/fstab
echo "Disabling automount of /boot"
sed s:"vfat    defaults":"vfat    defaults,noauto": /etc/fstab

echo "Removing useless packages"
useless="wolfram-engine lxde lxde-common lxde-core gpicview leafpad lxappearance lxinput \
lxmusic lxpanel lxsession lxsession-edit lxshortcut lxterminal openbox-themes openbox pcmanfm xarchiver xscreensaver \
xterm xserver-xorg xserver-xorg-core xserver-common xpdf x11-common x11-utils supercollider squeak-vm sonic-pi \
penguinspuzzle netsurf-gtk midori gtk2-engines tcl8.4 tk8.4 gnome-accessibility-themes gnome-themes-standard \
gnome-themes-standard-data libgtk-3-common dphys-swapfile sonic-pi fake-hwclock dhcpcd5 ncdu \
smartsim python-minecraftpi omxplayer minecraft-pi lxde-icon-theme lxpolkit lxrandr lxtask dillo xauth \
gconf-service gconf2 gconf2-common gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base libgnome-keyring-common \
libgnome-keyring0 libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-base1.0-0 libgconf-2-4 gksu gstreamer1.0-omx \
gstreamer1.0-plugins-good libgksu2-0 gstreamer1.0-x aspell-en libaspell15 libltdl7 epiphany-browser-data jackd2 \
libjack-jackd2-0  consolekit cups-bsd desktop-base dictionaries-common esound-common fontconfig \
fonts-droid freepats fuse galculator gconf2 gconf2-common gksu gsfonts gstreamer1.0-omx libass4:armhf \
libasyncns0:armhf libaudiofile1:armhf libaudit0 libavahi-glib1:armhf libavahi-gobject0:armhf \
libbluetooth3:armhf libbluray1:armhf libcdio-cdda1 libcdio-paranoia1 libcdio13 libchromaprint0:armhf \
libck-connector0:armhf libcupsimage2:armhf libcwiid1 libdatrie1:armhf libdc1394-22:armhf libdca0 \
libdirac-encoder0:armhf libdirectfb-1.2-9:armhf libdvdnav4 libdvdread4 libenca0 libesd0:armhf libfaad2:armhf libffi5:armhf \
libfftw3-3:armhf libflite1:armhf libfltk1.3:armhf libfm-data libfm-extra4:armhf libfm-gtk4:armhf libfm4:armhf \
libfontenc1:armhf libfuse2:armhf libgconf-2-4:armhf libgdk-pixbuf2.0-0:armhf libgdu0 libgeoclue0 \
libgif4 libgirepository-1.0-1 libgksu2-0 libglade2-0 libgme0 libgnome-keyring0:armhf \
libgs9 libgstreamer-plugins-bad1.0-0:armhf libgstreamer-plugins-base0.10-0:armhf \
libgstreamer-plugins-base1.0-0:armhf libgstreamer0.10-0:armhf libgtk2.0-0:armhf libgtk2.0-common libharfbuzz-icu0:armhf \
libharfbuzz0a:armhf libhunspell-1.3-0:armhf libid3tag0 libijs-0.35 libilmbase6 libimlib2 \
libjasper1:armhf libjavascriptcoregtk-3.0-0:armhf libjbig2dec0 libkate1 liblcms1:armhf libmad0 libmenu-cache1 \
libmimic0 libmms0:armhf libmng1:armhf libmodplug1 libmpg123-0:armhf libnotify4:armhf libnss3:armhf \
libofa0 libopenal-data libopenal1:armhf libopencv-calib3d2.4 libopencv-contrib2.4 libopencv-core2.4 libopencv-features2d2.4 \
libopencv-flann2.4 libopencv-highgui2.4 libopencv-imgproc2.4 libopencv-legacy2.4 libopencv-ml2.4 libopencv-objdetect2.4 \
libopencv-photo2.4 libopencv-stitching2.4 libopencv-ts2.4 libopencv-video2.4 libopencv-videostab2.4 libopenexr6 \
libpango-1.0-0:armhf libpangocairo-1.0-0:armhf libpangoft2-1.0-0:armhf libpangox-1.0-0:armhf libpangoxft-1.0-0:armhf \
libpaper1:armhf libpciaccess0:armhf libportmidi0 libqt4-network:armhf libqt4-xml:armhf \
libqtcore4:armhf libqtdbus4:armhf librsvg2-2:armhf libruby1.9.1 libsbc1:armhf libscsynth1 libsecret-1-0:armhf \
libsndfile1:armhf libsoundtouch0:armhf libspandsp2 libsrtp0 libssh-4:armhf libstartup-notification0:armhf \
libthai0:armhf libts-0.0-0:armhf libvorbisfile3:armhf libvte9 libwayland0:armhf libwildmidi-config \
libwildmidi1:armhf libwnck22 libxcb-util0:armhf libxcomposite1:armhf libxcursor1:armhf libxdamage1:armhf \
libxfont1 libxft2:armhf libxinerama1:armhf libxkbcommon0:armhf libxkbfile1:armhf libxp6:armhf libxrandr2:armhf libxres1:armhf \
libxslt1.1:armhf libxxf86dga1:armhf libyaml-0-2:armhf lxmenu-data poppler-data python-gi python3.2 python3.2-minimal \
ruby1.9.1 tcl8.5 tsconf weston x11-common xauth libatspi2.0-0 alsa-base g++-4.6 libclass-isa-perl libcroco3 \
libgraphite2-2.0.0 libgssglue1 libgtop2-7 libgtop2-common libjpeg8 libmpc2 \
libpci3 librtmp0 libstdc++6-4.6-dev libswitch-perl pciutils fonts-freefont-ttf fonts-roboto gnome-desktop3-data \
gvfs-common hicolor-icon-theme libfm-gtk-data libgdk-pixbuf2.0-common libgs9-common libsecret-common libthai-data \
libvte-common libwebkitgtk-3.0-common libwnck-3-common libwnck-common libxmuu1 lxpanel-data \
gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base gstreamer1.0-plugins-good libasound2 libvisual-0.4-0 \
\
libobt0 libusbmuxd1 libarchive12 libavcodec53 libavutil51 libcolord1 libgd2-xpm libgphoto2-port0 libicu48 \
libimobiledevice2 libmikmod2 libplist1 libpoppler19 libsclang1 libswscale2 libwebp2 \
libx264-123 libmysqlclient16 libparted0debian1"
# and many more
for i in $useless; do
    aptitude remove --purge -y $i
done
# and many more
apt-get autoremove

echo "Upgrading system"
apt-get upgrade


##READ ONLY ROOT
#https://wiki.debian.org/ReadonlyRoot

echo "Preparing read-only rootfs"
echo "If something goes wrong, the system won't boot up. Press ENTER to continue or CTRL-C to exit"
read
echo BLKID_FILE="/var/local/blkid.tab" >> /etc/environment
sed s:#RAMTMP=no:RAMTMP=yes: -i /etc/default/tmpfs
rm /etc/mtab
ln -s /proc/self/mounts /etc/mtab
sed -i "s/noatime,discard/noatime,discard,ro/" /etc/fstab
#edit /etc/init.d/hwclock.sh
echo "Now you should change '-f' to '-L' at line 60 (the first of start case)"
echo "Maybe one day I'll write a sed one-liner for this. Press enter to continue"
read
nano /etc/init.d/hwclock.sh
#This seems to be a good idea... but it never worked for me
#cat > /etc/apt/apt.conf.d/99readonly <<EOF
#DPkg {
#        // Auto re-mounting of a readonly /
#        Pre-Invoke { "mount -o remount,rw / || true "; };
#        Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || mount -o remount,ro / || true"; };
#};
#EOF
#cat > /etc/apt/apt.conf.d/99bootnoauto <<EOF
#DPkg {
#        // Auto re-mounting of a readonly /
#        Pre-Invoke { "mount /boot || true"; };
#        Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || umount /boot || true"; };
#};
#EOF

echo "Now you should make a separate partition for /var and migrate the actual /var to the new partition"
echo "Do you want to add a fstab entry for the separated /var?"
echo "Press ENTER to continue, CTRL-C to exit"
echo "/dev/mmcblk0p3  /var            ext4    defaults,nodev,noatime,discard,data=journal  0       1" >> /etc/fstab
##

echo "THE END"
echo "REMEMBER: you must make a separate partition for /var and migrate the actual /var to the new partition!"
echo "Then, reboot to see the result"

exit 0
	#!/bin/bash
	set -e

	echo "Choose root password:"
	passwd

	mkdir -p /root/.ssh/
	#You may want to add some authorized keys
	#echo "$key" > /root/.ssh/authorized_keys

	echo "Disabling default user"
	usermod -L pi
	#You may create another regular user if needed

	echo "Setting up hostname"
	hostname "citofonoweb"
	echo "citofonoweb" > /etc/hostname
	sed -i "s/raspberrypi/citofonoweb/" /etc/hosts

	echo "Setting up DNS"
	cat > /etc/resolv.conf <<EOF
	nameserver 8.8.8.8
	nameserver 208.67.220.220
	EOF

	echo "Setting up NTP"
	sed -i '/#server ntp.your-provider.example/ a\
	server ntp1.inrim.it\
	server 0.pool.ntp.org' /etc/ntp.conf

	echo "Configuring local settings"
	dpkg-reconfigure locales
	dpkg-reconfigure tzdata
	echo "Disabling useless services"
	insserv -r lightdm
	insserv -r triggerhappy

	echo "Installing dosfstools"
	apt-get update
	aptitude install dosfstools

	#Keeping the apt cache in a NFS share is a good idea to preserve bandwidth/avoid SD wearing
	#aptitude install nfs-common
	#/etc/init.d/rpcbind start
	#insserv rpcbind
	#cat >> /etc/fstab <<EOF
	#
	##cache server
	#cache-server:/cache-path/ /var/cache/apt/archives nfs defaults,vers=3,soft,rsize=8192,wsize=8192,timeo=14,intr 0 0
	#EOF
	#rm /var/cache/apt/archives/* -r
	#mount /var/cache/apt/archives

	echo "Enabling SPI"
	sed -i /etc/modprobe.d/raspi-blacklist.conf -e "s/^blacklist[[:space:]]spi-bcm2708./#blacklist spi-bcm2708/"
	cat >> /boot/config.txt <<EOF

	#Enable SPI
	device_tree_overlay=spi-bcm2708-overlay.dtb
	EOF

	echo "Enabling filesystem checks at startup"
	sed -i "s/#FSCKFIX=no/FSCKFIX=yes/" /etc/default/rcS

	echo "Enabling TRIM on sd card (if supported)"
	sed -i "s/noatime/noatime,discard/" /etc/fstab
	echo "Disabling automount of /boot"
	sed s:"vfat defaults":"vfat defaults,noauto": /etc/fstab

	echo "Removing useless packages"
	useless="wolfram-engine lxde lxde-common lxde-core gpicview leafpad lxappearance lxinput \
	lxmusic lxpanel lxsession lxsession-edit lxshortcut lxterminal openbox-themes openbox pcmanfm xarchiver xscreensaver \
	xterm xserver-xorg xserver-xorg-core xserver-common xpdf x11-common x11-utils supercollider squeak-vm sonic-pi \
	penguinspuzzle netsurf-gtk midori gtk2-engines tcl8.4 tk8.4 gnome-accessibility-themes gnome-themes-standard \
	gnome-themes-standard-data libgtk-3-common dphys-swapfile sonic-pi fake-hwclock dhcpcd5 ncdu \
	smartsim python-minecraftpi omxplayer minecraft-pi lxde-icon-theme lxpolkit lxrandr lxtask dillo xauth \
	gconf-service gconf2 gconf2-common gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base libgnome-keyring-common \
	libgnome-keyring0 libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-base1.0-0 libgconf-2-4 gksu gstreamer1.0-omx \
	gstreamer1.0-plugins-good libgksu2-0 gstreamer1.0-x aspell-en libaspell15 libltdl7 epiphany-browser-data jackd2 \
	libjack-jackd2-0 consolekit cups-bsd desktop-base dictionaries-common esound-common fontconfig \
	fonts-droid freepats fuse galculator gconf2 gconf2-common gksu gsfonts gstreamer1.0-omx libass4:armhf \
	libasyncns0:armhf libaudiofile1:armhf libaudit0 libavahi-glib1:armhf libavahi-gobject0:armhf \
	libbluetooth3:armhf libbluray1:armhf libcdio-cdda1 libcdio-paranoia1 libcdio13 libchromaprint0:armhf \
	libck-connector0:armhf libcupsimage2:armhf libcwiid1 libdatrie1:armhf libdc1394-22:armhf libdca0 \
	libdirac-encoder0:armhf libdirectfb-1.2-9:armhf libdvdnav4 libdvdread4 libenca0 libesd0:armhf libfaad2:armhf libffi5:armhf \
	libfftw3-3:armhf libflite1:armhf libfltk1.3:armhf libfm-data libfm-extra4:armhf libfm-gtk4:armhf libfm4:armhf \
	libfontenc1:armhf libfuse2:armhf libgconf-2-4:armhf libgdk-pixbuf2.0-0:armhf libgdu0 libgeoclue0 \
	libgif4 libgirepository-1.0-1 libgksu2-0 libglade2-0 libgme0 libgnome-keyring0:armhf \
	libgs9 libgstreamer-plugins-bad1.0-0:armhf libgstreamer-plugins-base0.10-0:armhf \
	libgstreamer-plugins-base1.0-0:armhf libgstreamer0.10-0:armhf libgtk2.0-0:armhf libgtk2.0-common libharfbuzz-icu0:armhf \
	libharfbuzz0a:armhf libhunspell-1.3-0:armhf libid3tag0 libijs-0.35 libilmbase6 libimlib2 \
	libjasper1:armhf libjavascriptcoregtk-3.0-0:armhf libjbig2dec0 libkate1 liblcms1:armhf libmad0 libmenu-cache1 \
	libmimic0 libmms0:armhf libmng1:armhf libmodplug1 libmpg123-0:armhf libnotify4:armhf libnss3:armhf \
	libofa0 libopenal-data libopenal1:armhf libopencv-calib3d2.4 libopencv-contrib2.4 libopencv-core2.4 libopencv-features2d2.4 \
	libopencv-flann2.4 libopencv-highgui2.4 libopencv-imgproc2.4 libopencv-legacy2.4 libopencv-ml2.4 libopencv-objdetect2.4 \
	libopencv-photo2.4 libopencv-stitching2.4 libopencv-ts2.4 libopencv-video2.4 libopencv-videostab2.4 libopenexr6 \
	libpango-1.0-0:armhf libpangocairo-1.0-0:armhf libpangoft2-1.0-0:armhf libpangox-1.0-0:armhf libpangoxft-1.0-0:armhf \
	libpaper1:armhf libpciaccess0:armhf libportmidi0 libqt4-network:armhf libqt4-xml:armhf \
	libqtcore4:armhf libqtdbus4:armhf librsvg2-2:armhf libruby1.9.1 libsbc1:armhf libscsynth1 libsecret-1-0:armhf \
	libsndfile1:armhf libsoundtouch0:armhf libspandsp2 libsrtp0 libssh-4:armhf libstartup-notification0:armhf \
	libthai0:armhf libts-0.0-0:armhf libvorbisfile3:armhf libvte9 libwayland0:armhf libwildmidi-config \
	libwildmidi1:armhf libwnck22 libxcb-util0:armhf libxcomposite1:armhf libxcursor1:armhf libxdamage1:armhf \
	libxfont1 libxft2:armhf libxinerama1:armhf libxkbcommon0:armhf libxkbfile1:armhf libxp6:armhf libxrandr2:armhf libxres1:armhf \
	libxslt1.1:armhf libxxf86dga1:armhf libyaml-0-2:armhf lxmenu-data poppler-data python-gi python3.2 python3.2-minimal \
	ruby1.9.1 tcl8.5 tsconf weston x11-common xauth libatspi2.0-0 alsa-base g++-4.6 libclass-isa-perl libcroco3 \
	libgraphite2-2.0.0 libgssglue1 libgtop2-7 libgtop2-common libjpeg8 libmpc2 \
	libpci3 librtmp0 libstdc++6-4.6-dev libswitch-perl pciutils fonts-freefont-ttf fonts-roboto gnome-desktop3-data \
	gvfs-common hicolor-icon-theme libfm-gtk-data libgdk-pixbuf2.0-common libgs9-common libsecret-common libthai-data \
	libvte-common libwebkitgtk-3.0-common libwnck-3-common libwnck-common libxmuu1 lxpanel-data \
	gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base gstreamer1.0-plugins-good libasound2 libvisual-0.4-0 \
	\
	libobt0 libusbmuxd1 libarchive12 libavcodec53 libavutil51 libcolord1 libgd2-xpm libgphoto2-port0 libicu48 \
	libimobiledevice2 libmikmod2 libplist1 libpoppler19 libsclang1 libswscale2 libwebp2 \
	libx264-123 libmysqlclient16 libparted0debian1"
	# and many more
	for i in $useless; do
	aptitude remove --purge -y $i
	done
	# and many more
	apt-get autoremove

	echo "Upgrading system"
	apt-get upgrade


	##READ ONLY ROOT
	#https://wiki.debian.org/ReadonlyRoot

	echo "Preparing read-only rootfs"
	echo "If something goes wrong, the system won't boot up. Press ENTER to continue or CTRL-C to exit"
	read
	echo BLKID_FILE="/var/local/blkid.tab" >> /etc/environment
	sed s:#RAMTMP=no:RAMTMP=yes: -i /etc/default/tmpfs
	rm /etc/mtab
	ln -s /proc/self/mounts /etc/mtab
	sed -i "s/noatime,discard/noatime,discard,ro/" /etc/fstab
	#edit /etc/init.d/hwclock.sh
	echo "Now you should change '-f' to '-L' at line 60 (the first of start case)"
	echo "Maybe one day I'll write a sed one-liner for this. Press enter to continue"
	read
	nano /etc/init.d/hwclock.sh
	#This seems to be a good idea... but it never worked for me
	#cat > /etc/apt/apt.conf.d/99readonly <<EOF
	#DPkg {
	# // Auto re-mounting of a readonly /
	# Pre-Invoke { "mount -o remount,rw / \|\| true "; };
	# Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes \|\| mount -o remount,ro / \|\| true"; };
	#};
	#EOF
	#cat > /etc/apt/apt.conf.d/99bootnoauto <<EOF
	#DPkg {
	# // Auto re-mounting of a readonly /
	# Pre-Invoke { "mount /boot \|\| true"; };
	# Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes \|\| umount /boot \|\| true"; };
	#};
	#EOF

	echo "Now you should make a separate partition for /var and migrate the actual /var to the new partition"
	echo "Do you want to add a fstab entry for the separated /var?"
	echo "Press ENTER to continue, CTRL-C to exit"
	echo "/dev/mmcblk0p3 /var ext4 defaults,nodev,noatime,discard,data=journal 0 1" >> /etc/fstab
	##

	echo "THE END"
	echo "REMEMBER: you must make a separate partition for /var and migrate the actual /var to the new partition!"
	echo "Then, reboot to see the result"

	exit 0