Skip to content

Instantly share code, notes, and snippets.

@pierinz
Last active June 11, 2017 08:04
Show Gist options
  • Save pierinz/1b1315e1c2e615f82094 to your computer and use it in GitHub Desktop.
Save pierinz/1b1315e1c2e615f82094 to your computer and use it in GitHub Desktop.
Minimal Raspbian & SD enhancements for CitofonoWeb
#!/bin/bash
set -e
echo "Choose root password:"
passwd
mkdir -p /root/.ssh/
#You may want to add some authorized keys
#echo "$key" > /root/.ssh/authorized_keys
echo "Disabling default user"
usermod -L pi
#You may create another regular user if needed
echo "Setting up hostname"
hostname "citofonoweb"
echo "citofonoweb" > /etc/hostname
sed -i "s/raspberrypi/citofonoweb/" /etc/hosts
echo "Setting up DNS"
cat > /etc/resolv.conf <<EOF
nameserver 8.8.8.8
nameserver 208.67.220.220
EOF
echo "Setting up NTP"
sed -i '/#server ntp.your-provider.example/ a\
server ntp1.inrim.it\
server 0.pool.ntp.org' /etc/ntp.conf
echo "Configuring local settings"
dpkg-reconfigure locales
dpkg-reconfigure tzdata
echo "Disabling useless services"
insserv -r lightdm
insserv -r triggerhappy
echo "Installing dosfstools"
apt-get update
aptitude install dosfstools
#Keeping the apt cache in a NFS share is a good idea to preserve bandwidth/avoid SD wearing
#aptitude install nfs-common
#/etc/init.d/rpcbind start
#insserv rpcbind
#cat >> /etc/fstab <<EOF
#
##cache server
#cache-server:/cache-path/ /var/cache/apt/archives nfs defaults,vers=3,soft,rsize=8192,wsize=8192,timeo=14,intr 0 0
#EOF
#rm /var/cache/apt/archives/* -r
#mount /var/cache/apt/archives
echo "Enabling SPI"
sed -i /etc/modprobe.d/raspi-blacklist.conf -e "s/^blacklist[[:space:]]*spi-bcm2708.*/#blacklist spi-bcm2708/"
cat >> /boot/config.txt <<EOF
#Enable SPI
device_tree_overlay=spi-bcm2708-overlay.dtb
EOF
echo "Enabling filesystem checks at startup"
sed -i "s/#FSCKFIX=no/FSCKFIX=yes/" /etc/default/rcS
echo "Enabling TRIM on sd card (if supported)"
sed -i "s/noatime/noatime,discard/" /etc/fstab
echo "Disabling automount of /boot"
sed s:"vfat defaults":"vfat defaults,noauto": /etc/fstab
echo "Removing useless packages"
useless="wolfram-engine lxde lxde-common lxde-core gpicview leafpad lxappearance lxinput \
lxmusic lxpanel lxsession lxsession-edit lxshortcut lxterminal openbox-themes openbox pcmanfm xarchiver xscreensaver \
xterm xserver-xorg xserver-xorg-core xserver-common xpdf x11-common x11-utils supercollider squeak-vm sonic-pi \
penguinspuzzle netsurf-gtk midori gtk2-engines tcl8.4 tk8.4 gnome-accessibility-themes gnome-themes-standard \
gnome-themes-standard-data libgtk-3-common dphys-swapfile sonic-pi fake-hwclock dhcpcd5 ncdu \
smartsim python-minecraftpi omxplayer minecraft-pi lxde-icon-theme lxpolkit lxrandr lxtask dillo xauth \
gconf-service gconf2 gconf2-common gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base libgnome-keyring-common \
libgnome-keyring0 libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-base1.0-0 libgconf-2-4 gksu gstreamer1.0-omx \
gstreamer1.0-plugins-good libgksu2-0 gstreamer1.0-x aspell-en libaspell15 libltdl7 epiphany-browser-data jackd2 \
libjack-jackd2-0 consolekit cups-bsd desktop-base dictionaries-common esound-common fontconfig \
fonts-droid freepats fuse galculator gconf2 gconf2-common gksu gsfonts gstreamer1.0-omx libass4:armhf \
libasyncns0:armhf libaudiofile1:armhf libaudit0 libavahi-glib1:armhf libavahi-gobject0:armhf \
libbluetooth3:armhf libbluray1:armhf libcdio-cdda1 libcdio-paranoia1 libcdio13 libchromaprint0:armhf \
libck-connector0:armhf libcupsimage2:armhf libcwiid1 libdatrie1:armhf libdc1394-22:armhf libdca0 \
libdirac-encoder0:armhf libdirectfb-1.2-9:armhf libdvdnav4 libdvdread4 libenca0 libesd0:armhf libfaad2:armhf libffi5:armhf \
libfftw3-3:armhf libflite1:armhf libfltk1.3:armhf libfm-data libfm-extra4:armhf libfm-gtk4:armhf libfm4:armhf \
libfontenc1:armhf libfuse2:armhf libgconf-2-4:armhf libgdk-pixbuf2.0-0:armhf libgdu0 libgeoclue0 \
libgif4 libgirepository-1.0-1 libgksu2-0 libglade2-0 libgme0 libgnome-keyring0:armhf \
libgs9 libgstreamer-plugins-bad1.0-0:armhf libgstreamer-plugins-base0.10-0:armhf \
libgstreamer-plugins-base1.0-0:armhf libgstreamer0.10-0:armhf libgtk2.0-0:armhf libgtk2.0-common libharfbuzz-icu0:armhf \
libharfbuzz0a:armhf libhunspell-1.3-0:armhf libid3tag0 libijs-0.35 libilmbase6 libimlib2 \
libjasper1:armhf libjavascriptcoregtk-3.0-0:armhf libjbig2dec0 libkate1 liblcms1:armhf libmad0 libmenu-cache1 \
libmimic0 libmms0:armhf libmng1:armhf libmodplug1 libmpg123-0:armhf libnotify4:armhf libnss3:armhf \
libofa0 libopenal-data libopenal1:armhf libopencv-calib3d2.4 libopencv-contrib2.4 libopencv-core2.4 libopencv-features2d2.4 \
libopencv-flann2.4 libopencv-highgui2.4 libopencv-imgproc2.4 libopencv-legacy2.4 libopencv-ml2.4 libopencv-objdetect2.4 \
libopencv-photo2.4 libopencv-stitching2.4 libopencv-ts2.4 libopencv-video2.4 libopencv-videostab2.4 libopenexr6 \
libpango-1.0-0:armhf libpangocairo-1.0-0:armhf libpangoft2-1.0-0:armhf libpangox-1.0-0:armhf libpangoxft-1.0-0:armhf \
libpaper1:armhf libpciaccess0:armhf libportmidi0 libqt4-network:armhf libqt4-xml:armhf \
libqtcore4:armhf libqtdbus4:armhf librsvg2-2:armhf libruby1.9.1 libsbc1:armhf libscsynth1 libsecret-1-0:armhf \
libsndfile1:armhf libsoundtouch0:armhf libspandsp2 libsrtp0 libssh-4:armhf libstartup-notification0:armhf \
libthai0:armhf libts-0.0-0:armhf libvorbisfile3:armhf libvte9 libwayland0:armhf libwildmidi-config \
libwildmidi1:armhf libwnck22 libxcb-util0:armhf libxcomposite1:armhf libxcursor1:armhf libxdamage1:armhf \
libxfont1 libxft2:armhf libxinerama1:armhf libxkbcommon0:armhf libxkbfile1:armhf libxp6:armhf libxrandr2:armhf libxres1:armhf \
libxslt1.1:armhf libxxf86dga1:armhf libyaml-0-2:armhf lxmenu-data poppler-data python-gi python3.2 python3.2-minimal \
ruby1.9.1 tcl8.5 tsconf weston x11-common xauth libatspi2.0-0 alsa-base g++-4.6 libclass-isa-perl libcroco3 \
libgraphite2-2.0.0 libgssglue1 libgtop2-7 libgtop2-common libjpeg8 libmpc2 \
libpci3 librtmp0 libstdc++6-4.6-dev libswitch-perl pciutils fonts-freefont-ttf fonts-roboto gnome-desktop3-data \
gvfs-common hicolor-icon-theme libfm-gtk-data libgdk-pixbuf2.0-common libgs9-common libsecret-common libthai-data \
libvte-common libwebkitgtk-3.0-common libwnck-3-common libwnck-common libxmuu1 lxpanel-data \
gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base gstreamer1.0-plugins-good libasound2 libvisual-0.4-0 \
\
libobt0 libusbmuxd1 libarchive12 libavcodec53 libavutil51 libcolord1 libgd2-xpm libgphoto2-port0 libicu48 \
libimobiledevice2 libmikmod2 libplist1 libpoppler19 libsclang1 libswscale2 libwebp2 \
libx264-123 libmysqlclient16 libparted0debian1"
# and many more
for i in $useless; do
aptitude remove --purge -y $i
done
# and many more
apt-get autoremove
echo "Upgrading system"
apt-get upgrade
##READ ONLY ROOT
#https://wiki.debian.org/ReadonlyRoot
echo "Preparing read-only rootfs"
echo "If something goes wrong, the system won't boot up. Press ENTER to continue or CTRL-C to exit"
read
echo BLKID_FILE="/var/local/blkid.tab" >> /etc/environment
sed s:#RAMTMP=no:RAMTMP=yes: -i /etc/default/tmpfs
rm /etc/mtab
ln -s /proc/self/mounts /etc/mtab
sed -i "s/noatime,discard/noatime,discard,ro/" /etc/fstab
#edit /etc/init.d/hwclock.sh
echo "Now you should change '-f' to '-L' at line 60 (the first of start case)"
echo "Maybe one day I'll write a sed one-liner for this. Press enter to continue"
read
nano /etc/init.d/hwclock.sh
#This seems to be a good idea... but it never worked for me
#cat > /etc/apt/apt.conf.d/99readonly <<EOF
#DPkg {
# // Auto re-mounting of a readonly /
# Pre-Invoke { "mount -o remount,rw / || true "; };
# Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || mount -o remount,ro / || true"; };
#};
#EOF
#cat > /etc/apt/apt.conf.d/99bootnoauto <<EOF
#DPkg {
# // Auto re-mounting of a readonly /
# Pre-Invoke { "mount /boot || true"; };
# Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || umount /boot || true"; };
#};
#EOF
echo "Now you should make a separate partition for /var and migrate the actual /var to the new partition"
echo "Do you want to add a fstab entry for the separated /var?"
echo "Press ENTER to continue, CTRL-C to exit"
echo "/dev/mmcblk0p3 /var ext4 defaults,nodev,noatime,discard,data=journal 0 1" >> /etc/fstab
##
echo "THE END"
echo "REMEMBER: you must make a separate partition for /var and migrate the actual /var to the new partition!"
echo "Then, reboot to see the result"
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment