diff --git a/Dockerfile b/Dockerfile index cf03b06..f17077c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ ENV DEBIAN_FRONTEND=noninteractive RUN apt-get -y update && \ apt-get -y install --no-install-recommends \ git vim parted \ - quilt coreutils qemu-user-static debootstrap zerofree zip dosfstools \ + quilt coreutils qemu-user-static debootstrap zerofree zip dosfstools e2fsprogs\ libarchive-tools libcap2-bin rsync grep udev xz-utils curl xxd file kmod bc \ binfmt-support ca-certificates fdisk gpg pigz arch-test \ && rm -rf /var/lib/apt/lists/* diff --git a/README.md b/README.md index b640a20..6361199 100644 --- a/README.md +++ b/README.md @@ -20,9 +20,9 @@ below. To install the required dependencies for `pi-gen` you should run: ```bash -apt-get install coreutils quilt parted qemu-user-static debootstrap zerofree zip \ -dosfstools libarchive-tools libcap2-bin grep rsync xz-utils file git curl bc \ -gpg pigz xxd arch-test bmap-tools +apt install coreutils quilt parted qemu-user-static debootstrap zerofree zip \ +dosfstools e2fsprogs libarchive-tools libcap2-bin grep rsync xz-utils file git curl bc \ +gpg pigz xxd arch-test bmap-tools kmod ``` The file `depends` contains a list of tools needed. The format of this @@ -55,7 +55,7 @@ environment variables. The following environment variables are supported: - * `IMG_NAME` (Default: `raspios-$RELEASE-$ARCH`, for example: `raspios-bookworm-armhf`) + * `IMG_NAME` (Default: `raspios-$RELEASE-$ARCH`, for example: `raspios-trixie-armhf`) The name of the image to build with the current stage directories. Use this variable to set the root name of your OS, eg `IMG_NAME=Frobulator`. @@ -66,7 +66,7 @@ The following environment variables are supported: The release name to use in `/etc/issue.txt`. The default should only be used for official Raspberry Pi builds. -* `RELEASE` (Default: `bookworm`) +* `RELEASE` (Default: `trixie`) The release version to build images against. Valid values are any supported Debian release. However, since different releases will have different sets of @@ -174,6 +174,8 @@ The following environment variables are supported: a name chosen by the final user. This security feature is designed to prevent shipping images with a default username and help prevent malicious actors from taking over your devices. + If the FIRST_USER_NAME is set to `pi` and no `FIRST_USER_PASS` is set, the setup wizard will be launched on first boot to allow the user to set the password. + * `FIRST_USER_PASS` (Default: unset) Password for the first user. If unset, the account is locked. @@ -219,6 +221,10 @@ The following environment variables are supported: If set, use this directory path as the location of scripts to run when generating images. An absolute or relative path can be given for a location outside the pi-gen directory. + * `ENABLE_CLOUD_INIT` (Default: `1`) + + If set to `1`, cloud-init and netplan will be installed and configured. This will allow you to configure your Raspberry Pi using cloud-init configuration files. The cloud-init configuration files should be placed in the bootfs or by editing the files in `stage2/04-cloud-init/files`. Cloud-init will be configured to read them on first boot. + A simple example for building Raspberry Pi OS: ```bash diff --git a/build-docker.sh b/build-docker.sh index 92a0dd6..53f8cf7 100755 --- a/build-docker.sh +++ b/build-docker.sh @@ -82,7 +82,7 @@ fi # Modify original build-options to allow config file to be mounted in the docker container BUILD_OPTS="$(echo "${BUILD_OPTS:-}" | sed -E 's@\-c\s?([^ ]+)@-c /config@')" -${DOCKER} build --build-arg BASE_IMAGE=debian:bookworm -t pi-gen "${DIR}" +${DOCKER} build --build-arg BASE_IMAGE=debian:trixie -t pi-gen "${DIR}" if [ "${CONTAINER_EXISTS}" != "" ]; then DOCKER_CMDLINE_NAME="${CONTAINER_NAME}_cont" @@ -142,7 +142,7 @@ time ${DOCKER} run \ pi-gen \ bash -e -o pipefail -c " dpkg-reconfigure qemu-user-static && - # binfmt_misc is sometimes not mounted with debian bookworm image + # binfmt_misc is sometimes not mounted with debian trixie image (mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc || true) && cd /pi-gen; ./build.sh ${BUILD_OPTS} && rsync -av work/*/build.log deploy/ diff --git a/build.sh b/build.sh index 6c3ff24..efd5c4d 100755 --- a/build.sh +++ b/build.sh @@ -68,6 +68,8 @@ EOF log "Begin ${SUB_STAGE_DIR}/${i}-run.sh" ./${i}-run.sh log "End ${SUB_STAGE_DIR}/${i}-run.sh" + elif [ -f ${i}-run.sh ]; then + log "Skip ${SUB_STAGE_DIR}/${i}-run.sh (not executable)" fi if [ -f ${i}-run-chroot.sh ]; then log "Begin ${SUB_STAGE_DIR}/${i}-run-chroot.sh" @@ -176,7 +178,7 @@ export PI_GEN_REPO=${PI_GEN_REPO:-https://github.com/RPi-Distro/pi-gen} export PI_GEN_RELEASE=${PI_GEN_RELEASE:-Raspberry Pi reference} export ARCH=arm64 -export RELEASE=${RELEASE:-bookworm} # Don't forget to update stage0/prerun.sh +export RELEASE=${RELEASE:-trixie} # Don't forget to update stage0/prerun.sh export IMG_NAME="${IMG_NAME:-raspios-$RELEASE-$ARCH}" export USE_QEMU="${USE_QEMU:-0}" @@ -242,6 +244,8 @@ export QUILT_NO_DIFF_INDEX=1 export QUILT_NO_DIFF_TIMESTAMPS=1 export QUILT_REFRESH_ARGS="-p ab" +export ENABLE_CLOUD_INIT=${ENABLE_CLOUD_INIT:-1} + # shellcheck source=scripts/common source "${SCRIPT_DIR}/common" # shellcheck source=scripts/dependencies_check diff --git a/depends b/depends index acbb5cd..752ba79 100644 --- a/depends +++ b/depends @@ -6,6 +6,7 @@ debootstrap zerofree zip mkdosfs:dosfstools +mke2fs:e2fsprogs capsh:libcap2-bin bsdtar:libarchive-tools grep diff --git a/export-image/05-finalise/01-run.sh b/export-image/05-finalise/01-run.sh index 860b97f..304b716 100755 --- a/export-image/05-finalise/01-run.sh +++ b/export-image/05-finalise/01-run.sh @@ -5,14 +5,17 @@ INFO_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.info" SBOM_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.sbom" BMAP_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.bmap" -on_chroot << EOF -update-initramfs -k all -c -if [ -x /etc/init.d/fake-hwclock ]; then - /etc/init.d/fake-hwclock stop -fi -if hash hardlink 2>/dev/null; then - hardlink -t /usr/share/doc -fi +on_chroot <<- EOF + update-initramfs -k all -c + if hash hardlink 2>/dev/null; then + hardlink -t /usr/share/doc + fi + if [ -f /usr/lib/systemd/system/apt-listchanges.service ]; then + python3 -m apt_listchanges.populate_database --profile apt + systemctl disable apt-listchanges.timer + fi + install -m 755 -o systemd-timesync -g systemd-timesync -d /var/lib/systemd/timesync + install -m 644 -o systemd-timesync -g systemd-timesync /dev/null /var/lib/systemd/timesync/clock EOF if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then @@ -51,7 +54,7 @@ rm -f "${ROOTFS_DIR}"/usr/share/icons/*/icon-theme.cache rm -f "${ROOTFS_DIR}/var/lib/dbus/machine-id" -true > "${ROOTFS_DIR}/etc/machine-id" +echo "uninitialized" > "${ROOTFS_DIR}/etc/machine-id" ln -nsf /proc/mounts "${ROOTFS_DIR}/etc/mtab" diff --git a/export-noobs/00-release/files/release_notes.txt b/export-noobs/00-release/files/release_notes.txt index 3223355..155c719 100644 --- a/export-noobs/00-release/files/release_notes.txt +++ b/export-noobs/00-release/files/release_notes.txt @@ -1,5 +1,39 @@ UNRELEASED: - * + * Based on Debian Trixie release + * New plugin-based Control Centre application + * Plugins for same built from existing Raspberry Pi Configuration, Appearance + Settings, Mouse and Keyboard Settings, Screen Configuration and Printer + Settings applications; code and functionality identical + * New icon theme, PiXtrix + * New GTK themes, PiXtrix (standard) and PiXonyx (dark) + * New desktop wallpapers + * New system font, Nunito Sans Light + * lxpanel replaced with forked lxpanel-pi; unsupported plugins removed + * lxpanelctl replaced with lxpanelctl-pi command-line application + * New System Monitor plugin added to taskbar for power and other warnings + * New shared Clock plugin added for wf-panel-pi and lxpanel-pi taskbars + * Main menu shortcuts to Raspberry Pi website removed and replaced with + pre-loaded bookmarks in Chromium and Firefox + * Main menu shortcut to Raspberry Pi Beginner's Guide added + * Bookshelf application now displays contributor-only titles and includes + option to contribute to unlock them + * SenseHAT Emulator reinstated in Recommended Software + * labwc updated to version 0.8.4 + * General keyboard control improvements in GTK applications + * International translations of user guides installed by startup wizard as + appropriate + * raspberrypi-ui-mods package removed - replaced with structured metapackage, + rpd-metas + * Shutdown helper does not offer lock screen option when invoked by a user + who has no password set + * Chromium updated to version 140.0.7339.185 + * Firefox updated to version 142.0.1 + * Debian Reference no longer included + * Alacarte menu editor no longer included + * Remote GPIO option removed from Control Centre + * Added rpi-keyboard-config and rpi-keyboard-fw-update + * Raspberry Pi firmware 676efed1194de38975889a34276091da1f5aadd3 + * Linux kernel 6.12.47 - 359f37f0faefb712add32a39f98751aea67d5c1f 2025-05-13: * Setting touchscreen in Screen Configuration does not delete default associations for greeter * Bug fix - wizard keyboard setting correctly transferred into desktop diff --git a/scripts/common b/scripts/common index fbc1d89..e79b9ab 100644 --- a/scripts/common +++ b/scripts/common @@ -20,6 +20,9 @@ bootstrap(){ capsh $CAPSH_ARG -- -c "'${BOOTSTRAP_CMD}' $BOOTSTRAP_STR" || true + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050719 + rm -f wget-log* + if [ -d "$2/debootstrap" ] && ! rmdir "$2/debootstrap"; then cp "$2/debootstrap/debootstrap.log" "${STAGE_WORK_DIR}" log "bootstrap failed: please check ${STAGE_WORK_DIR}/debootstrap.log" diff --git a/stage0/00-configure-apt/00-run.sh b/stage0/00-configure-apt/00-run.sh index 1b7e03f..f3e95b0 100755 --- a/stage0/00-configure-apt/00-run.sh +++ b/stage0/00-configure-apt/00-run.sh @@ -1,9 +1,10 @@ #!/bin/bash -e -install -m 644 files/sources.list "${ROOTFS_DIR}/etc/apt/" -install -m 644 files/raspi.list "${ROOTFS_DIR}/etc/apt/sources.list.d/" -sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list" -sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspi.list" +true > "${ROOTFS_DIR}/etc/apt/sources.list" +install -m 644 files/debian.sources "${ROOTFS_DIR}/etc/apt/sources.list.d/" +install -m 644 files/raspi.sources "${ROOTFS_DIR}/etc/apt/sources.list.d/" +sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/debian.sources" +sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspi.sources" if [ -n "$APT_PROXY" ]; then install -m 644 files/51cache "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" @@ -19,8 +20,7 @@ else rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" fi -cat files/raspberrypi.gpg.key | gpg --dearmor > "${STAGE_WORK_DIR}/raspberrypi-archive-stable.gpg" -install -m 644 "${STAGE_WORK_DIR}/raspberrypi-archive-stable.gpg" "${ROOTFS_DIR}/etc/apt/trusted.gpg.d/" +install -m 644 files/raspberrypi-archive-keyring.pgp "${ROOTFS_DIR}/usr/share/keyrings/" on_chroot <<- \EOF ARCH="$(dpkg --print-architecture)" if [ "$ARCH" = "armhf" ]; then diff --git a/stage0/00-configure-apt/files/debian.sources b/stage0/00-configure-apt/files/debian.sources new file mode 100644 index 0000000..cabf3b5 --- /dev/null +++ b/stage0/00-configure-apt/files/debian.sources @@ -0,0 +1,11 @@ +Types: deb +URIs: http://deb.debian.org/debian/ +Suites: RELEASE RELEASE-updates +Components: main contrib non-free non-free-firmware +Signed-By: /usr/share/keyrings/debian-archive-keyring.pgp + +Types: deb +URIs: http://deb.debian.org/debian-security/ +Suites: RELEASE-security +Components: main contrib non-free non-free-firmware +Signed-By: /usr/share/keyrings/debian-archive-keyring.pgp diff --git a/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp b/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp new file mode 100644 index 0000000..e0ada06 Binary files /dev/null and b/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp differ diff --git a/stage0/00-configure-apt/files/raspberrypi.gpg.key b/stage0/00-configure-apt/files/raspberrypi.gpg.key deleted file mode 100644 index 60b5f65..0000000 --- a/stage0/00-configure-apt/files/raspberrypi.gpg.key +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.12 (GNU/Linux) - -mQENBE/d7o8BCACrwqQacGJfn3tnMzGui6mv2lLxYbsOuy/+U4rqMmGEuo3h9m92 -30E2EtypsoWczkBretzLUCFv+VUOxaA6sV9+puTqYGhhQZFuKUWcG7orf7QbZRuu -TxsEUepW5lg7MExmAu1JJzqM0kMQX8fVyWVDkjchZ/is4q3BPOUCJbUJOsE+kK/6 -8kW6nWdhwSAjfDh06bA5wvoXNjYoDdnSZyVdcYCPEJXEg5jfF/+nmiFKMZBraHwn -eQsepr7rBXxNcEvDlSOPal11fg90KXpy7Umre1UcAZYJdQeWcHu7X5uoJx/MG5J8 -ic6CwYmDaShIFa92f8qmFcna05+lppk76fsnABEBAAG0IFJhc3BiZXJyeSBQaSBB -cmNoaXZlIFNpZ25pbmcgS2V5iQE4BBMBAgAiBQJP3e6PAhsDBgsJCAcDAgYVCAIJ -CgsEFgIDAQIeAQIXgAAKCRCCsSmSf6MwPk6vB/9pePB3IukU9WC9Bammh3mpQTvL -OifbkzHkmAYxzjfK6D2I8pT0xMxy949+ThzJ7uL60p6T/32ED9DR3LHIMXZvKtuc -mQnSiNDX03E2p7lIP/htoxW2hDP2n8cdlNdt0M9IjaWBppsbO7IrDppG2B1aRLni -uD7v8bHRL2mKTtIDLX42Enl8aLAkJYgNWpZyPkDyOqamjijarIWjGEPCkaURF7g4 -d44HvYhpbLMOrz1m6N5Bzoa5+nq3lmifeiWKxioFXU+Hy5bhtAM6ljVb59hbD2ra -X4+3LXC9oox2flmQnyqwoyfZqVgSQa0B41qEQo8t1bz6Q1Ti7fbMLThmbRHiuQEN -BE/d7o8BCADNlVtBZU63fm79SjHh5AEKFs0C3kwa0mOhp9oas/haDggmhiXdzeD3 -49JWz9ZTx+vlTq0s+I+nIR1a+q+GL+hxYt4HhxoA6vlDMegVfvZKzqTX9Nr2VqQa -S4Kz3W5ULv81tw3WowK6i0L7pqDmvDqgm73mMbbxfHD0SyTt8+fk7qX6Ag2pZ4a9 -ZdJGxvASkh0McGpbYJhk1WYD+eh4fqH3IaeJi6xtNoRdc5YXuzILnp+KaJyPE5CR -qUY5JibOD3qR7zDjP0ueP93jLqmoKltCdN5+yYEExtSwz5lXniiYOJp8LWFCgv5h -m8aYXkcJS1xVV9Ltno23YvX5edw9QY4hABEBAAGJAR8EGAECAAkFAk/d7o8CGwwA -CgkQgrEpkn+jMD5Figf/dIC1qtDMTbu5IsI5uZPX63xydaExQNYf98cq5H2fWF6O -yVR7ERzA2w33hI0yZQrqO6pU9SRnHRxCFvGv6y+mXXXMRcmjZG7GiD6tQWeN/3wb -EbAn5cg6CJ/Lk/BI4iRRfBX07LbYULCohlGkwBOkRo10T+Ld4vCCnBftCh5x2OtZ -TOWRULxP36y2PLGVNF+q9pho98qx+RIxvpofQM/842ZycjPJvzgVQsW4LT91KYAE -4TVf6JjwUM6HZDoiNcX6d7zOhNfQihXTsniZZ6rky287htsWVDNkqOi5T3oTxWUo -m++/7s3K3L0zWopdhMVcgg6Nt9gcjzqN1c0gy55L/g== -=mNSj ------END PGP PUBLIC KEY BLOCK----- diff --git a/stage0/00-configure-apt/files/raspi.list b/stage0/00-configure-apt/files/raspi.list deleted file mode 100644 index 5f889b1..0000000 --- a/stage0/00-configure-apt/files/raspi.list +++ /dev/null @@ -1,3 +0,0 @@ -deb http://archive.raspberrypi.com/debian/ RELEASE main -# Uncomment line below then 'apt-get update' to enable 'apt-get source' -#deb-src http://archive.raspberrypi.com/debian/ RELEASE main diff --git a/stage0/00-configure-apt/files/raspi.sources b/stage0/00-configure-apt/files/raspi.sources new file mode 100644 index 0000000..1ec8b97 --- /dev/null +++ b/stage0/00-configure-apt/files/raspi.sources @@ -0,0 +1,5 @@ +Types: deb +URIs: http://archive.raspberrypi.com/debian/ +Suites: RELEASE +Components: main +Signed-By: /usr/share/keyrings/raspberrypi-archive-keyring.pgp diff --git a/stage0/00-configure-apt/files/sources.list b/stage0/00-configure-apt/files/sources.list deleted file mode 100644 index 13697ce..0000000 --- a/stage0/00-configure-apt/files/sources.list +++ /dev/null @@ -1,7 +0,0 @@ -deb http://deb.debian.org/debian RELEASE main contrib non-free non-free-firmware -deb http://deb.debian.org/debian-security/ RELEASE-security main contrib non-free non-free-firmware -deb http://deb.debian.org/debian RELEASE-updates main contrib non-free non-free-firmware -# Uncomment deb-src lines below then 'apt-get update' to enable 'apt-get source' -#deb-src http://deb.debian.org/debian RELEASE main contrib non-free non-free-firmware -#deb-src http://deb.debian.org/debian-security/ RELEASE-security main contrib non-free non-free-firmware -#deb-src http://deb.debian.org/debian RELEASE-updates main contrib non-free non-free-firmware diff --git a/stage0/files/raspberrypi.gpg b/stage0/files/raspberrypi.gpg index fe1d207..25990a4 100644 Binary files a/stage0/files/raspberrypi.gpg and b/stage0/files/raspberrypi.gpg differ diff --git a/stage0/prerun.sh b/stage0/prerun.sh index 4920b9b..2af712d 100755 --- a/stage0/prerun.sh +++ b/stage0/prerun.sh @@ -1,6 +1,6 @@ #!/bin/bash -e -if [ "$RELEASE" != "bookworm" ]; then +if [ "$RELEASE" != "trixie" ]; then echo "WARNING: RELEASE does not match the intended option for this branch." echo " Please check the relevant README.md section." fi diff --git a/stage1/00-boot-files/files/cmdline.txt b/stage1/00-boot-files/files/cmdline.txt index 03cde68..71b90ff 100644 --- a/stage1/00-boot-files/files/cmdline.txt +++ b/stage1/00-boot-files/files/cmdline.txt @@ -1 +1 @@ -console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait +console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait resize diff --git a/stage1/01-sys-tweaks/00-patches/01-bashrc.diff b/stage1/01-sys-tweaks/00-patches/01-bashrc.diff index efa2104..86d351f 100644 --- a/stage1/01-sys-tweaks/00-patches/01-bashrc.diff +++ b/stage1/01-sys-tweaks/00-patches/01-bashrc.diff @@ -1,6 +1,6 @@ ---- a/rootfs/etc/skel/.bashrc -+++ b/rootfs/etc/skel/.bashrc -@@ -43,7 +43,7 @@ +--- stage1.orig/rootfs/etc/skel/.bashrc ++++ stage1/rootfs/etc/skel/.bashrc +@@ -43,7 +43,7 @@ esac # uncomment for a colored prompt, if the terminal has the capability; turned # off by default to not distract the user: the focus in a terminal window # should be on the output of commands, not on the prompt @@ -9,7 +9,7 @@ if [ -n "$force_color_prompt" ]; then if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then -@@ -57,7 +57,7 @@ +@@ -57,7 +57,7 @@ if [ -n "$force_color_prompt" ]; then fi if [ "$color_prompt" = yes ]; then @@ -18,7 +18,7 @@ else PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' fi -@@ -79,9 +79,9 @@ +@@ -79,9 +79,9 @@ if [ -x /usr/bin/dircolors ]; then #alias dir='dir --color=auto' #alias vdir='vdir --color=auto' diff --git a/stage1/01-sys-tweaks/00-run.sh b/stage1/01-sys-tweaks/00-run.sh index e024701..b7e5b5e 100755 --- a/stage1/01-sys-tweaks/00-run.sh +++ b/stage1/01-sys-tweaks/00-run.sh @@ -12,5 +12,3 @@ if [ -n "${FIRST_USER_PASS}" ]; then fi echo "root:root" | chpasswd EOF - - diff --git a/stage2/01-sys-tweaks/00-debconf b/stage2/01-sys-tweaks/00-debconf index 884db93..724f839 100644 --- a/stage2/01-sys-tweaks/00-debconf +++ b/stage2/01-sys-tweaks/00-debconf @@ -4,9 +4,6 @@ console-setup console-setup/charmap47 select UTF-8 # Character set to support: # Choices: . Arabic, # Armenian, # Cyrillic - KOI8-R and KOI8-U, # Cyrillic - non-Slavic languages, # Cyrillic - Slavic languages (also Bosnian and Serbian Latin), . Ethiopic, # Georgian, # Greek, # Hebrew, # Lao, # Latin1 and Latin5 - western Europe and Turkic languages, # Latin2 - central Europe and Romanian, # Latin3 and Latin8 - Chichewa; Esperanto; Irish; Maltese and Welsh, # Latin7 - Lithuanian; Latvian; Maori and Marshallese, . Latin - Vietnamese, # Thai, . Combined - Latin; Slavic Cyrillic; Hebrew; basic Arabic, . Combined - Latin; Slavic Cyrillic; Greek, . Combined - Latin; Slavic and non-Slavic Cyrillic, Guess optimal character set console-setup console-setup/codeset47 select Guess optimal character set -# Font for the console: -# Choices: Fixed, Goha, GohaClassic, Terminus, TerminusBold, TerminusBoldVGA, VGA, Do not change the boot/kernel font, Let the system select a suitable font -console-setup console-setup/fontface47 select Do not change the boot/kernel font # Key to function as AltGr: # Choices: The default for the keyboard layout, No AltGr key, Right Alt (AltGr), Right Control, Right Logo key, Menu key, Left Alt, Left Logo key, Keypad Enter key, Both Logo keys, Both Alt keys keyboard-configuration keyboard-configuration/altgr select The default for the keyboard layout diff --git a/stage2/01-sys-tweaks/00-packages b/stage2/01-sys-tweaks/00-packages index f06f7d0..e8d9594 100644 --- a/stage2/01-sys-tweaks/00-packages +++ b/stage2/01-sys-tweaks/00-packages @@ -5,18 +5,17 @@ python-is-python3 v4l-utils gpiod python3-libgpiod python3-gpiozero -pigpio python3-pigpio raspi-gpio python3-rpi-lgpio +python3-rpi-lgpio python3-spidev python3-smbus2 avahi-daemon lua5.1 luajit ca-certificates curl -fake-hwclock nfs-common usbutils +usbutils dosfstools -dphys-swapfile +rpi-swap rpi-loop-utils raspberrypi-sys-mods -pi-bluetooth apt-listchanges usb-modeswitch libpam-chksshpwd @@ -25,7 +24,6 @@ libmtp-runtime rsync htop man-db -policykit-1 ssh-import-id ethtool ntfs-3g @@ -37,3 +35,8 @@ unzip zip p7zip-full file kms++-utils python3-venv +bluez bluez-firmware +rpi-keyboard-config +rpi-keyboard-fw-update +rpi-usb-gadget +rpi-connect-lite diff --git a/stage2/01-sys-tweaks/00-patches/01-useradd.diff b/stage2/01-sys-tweaks/00-patches/01-useradd.diff index e81ad5a..cc3476b 100644 --- a/stage2/01-sys-tweaks/00-patches/01-useradd.diff +++ b/stage2/01-sys-tweaks/00-patches/01-useradd.diff @@ -1,9 +1,7 @@ -Index: jessie-stage2/rootfs/etc/default/useradd -=================================================================== ---- jessie-stage2.orig/rootfs/etc/default/useradd -+++ jessie-stage2/rootfs/etc/default/useradd +--- stage2.orig/rootfs/etc/default/useradd ++++ stage2/rootfs/etc/default/useradd @@ -5,7 +5,7 @@ - # Similar to DHSELL in adduser. However, we use "sh" here because + # Similar to DSHELL in adduser. However, we use "sh" here because # useradd is a low level utility and should be as general # as possible -SHELL=/bin/sh diff --git a/stage2/01-sys-tweaks/00-patches/02-swap.diff b/stage2/01-sys-tweaks/00-patches/02-swap.diff deleted file mode 100644 index 52cdda4..0000000 --- a/stage2/01-sys-tweaks/00-patches/02-swap.diff +++ /dev/null @@ -1,13 +0,0 @@ -Index: jessie-stage2/rootfs/etc/dphys-swapfile -=================================================================== ---- jessie-stage2.orig/rootfs/etc/dphys-swapfile -+++ jessie-stage2/rootfs/etc/dphys-swapfile -@@ -13,7 +13,7 @@ - - # set size to absolute value, leaving empty (default) then uses computed value - # you most likely don't want this, unless you have an special disk situation --#CONF_SWAPSIZE= -+CONF_SWAPSIZE=512 - - # set size to computed value, this times RAM size, dynamically adapts, - # guarantees that there is enough swap without wasting disk space on excess diff --git a/stage2/01-sys-tweaks/00-patches/04-inputrc.diff b/stage2/01-sys-tweaks/00-patches/04-inputrc.diff index c81fa62..1da12c5 100644 --- a/stage2/01-sys-tweaks/00-patches/04-inputrc.diff +++ b/stage2/01-sys-tweaks/00-patches/04-inputrc.diff @@ -1,8 +1,6 @@ -Index: jessie-stage2/rootfs/etc/inputrc -=================================================================== ---- jessie-stage2.orig/rootfs/etc/inputrc -+++ jessie-stage2/rootfs/etc/inputrc -@@ -65,3 +65,7 @@ $endif +--- stage2.orig/rootfs/etc/inputrc ++++ stage2/rootfs/etc/inputrc +@@ -69,3 +69,7 @@ $endif # "\e[F": end-of-line $endif diff --git a/stage2/01-sys-tweaks/00-patches/05-path.diff b/stage2/01-sys-tweaks/00-patches/05-path.diff index 25b80a1..38d7fc3 100644 --- a/stage2/01-sys-tweaks/00-patches/05-path.diff +++ b/stage2/01-sys-tweaks/00-patches/05-path.diff @@ -1,8 +1,6 @@ -Index: jessie-stage2/rootfs/etc/login.defs -=================================================================== ---- jessie-stage2.orig/rootfs/etc/login.defs -+++ jessie-stage2/rootfs/etc/login.defs -@@ -100,7 +100,7 @@ HUSHLOGIN_FILE .hushlogin +--- stage2.orig/rootfs/etc/login.defs ++++ stage2/rootfs/etc/login.defs +@@ -60,7 +60,7 @@ HUSHLOGIN_FILE .hushlogin # # (they are minimal, add the rest in the shell startup files) ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin @@ -10,13 +8,11 @@ Index: jessie-stage2/rootfs/etc/login.defs +ENV_PATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games # - # Terminal permissions -Index: jessie-stage2/rootfs/etc/profile -=================================================================== ---- jessie-stage2.orig/rootfs/etc/profile -+++ jessie-stage2/rootfs/etc/profile + # Terminal permissions for terminals after login(1). +--- stage2.orig/rootfs/etc/profile ++++ stage2/rootfs/etc/profile @@ -4,7 +4,7 @@ - if [ "`id -u`" -eq 0 ]; then + if [ "$(id -u)" -eq 0 ]; then PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" else - PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games" diff --git a/stage2/01-sys-tweaks/00-patches/07-resize-init.diff b/stage2/01-sys-tweaks/00-patches/07-resize-init.diff deleted file mode 100644 index e508a9f..0000000 --- a/stage2/01-sys-tweaks/00-patches/07-resize-init.diff +++ /dev/null @@ -1,5 +0,0 @@ ---- stage2.orig/rootfs/boot/firmware/cmdline.txt -+++ stage2/rootfs/boot/firmware/cmdline.txt -@@ -1 +1 @@ --console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait -+console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait quiet init=/usr/lib/raspberrypi-sys-mods/firstboot diff --git a/stage2/01-sys-tweaks/00-patches/series b/stage2/01-sys-tweaks/00-patches/series index aee0402..cbd0fd4 100644 --- a/stage2/01-sys-tweaks/00-patches/series +++ b/stage2/01-sys-tweaks/00-patches/series @@ -1,5 +1,3 @@ 01-useradd.diff -02-swap.diff 04-inputrc.diff 05-path.diff -07-resize-init.diff diff --git a/stage2/01-sys-tweaks/01-run.sh b/stage2/01-sys-tweaks/01-run.sh index aca8074..6da2876 100755 --- a/stage2/01-sys-tweaks/01-run.sh +++ b/stage2/01-sys-tweaks/01-run.sh @@ -1,11 +1,5 @@ #!/bin/bash -e -install -m 755 files/resize2fs_once "${ROOTFS_DIR}/etc/init.d/" - -install -m 644 files/50raspi "${ROOTFS_DIR}/etc/apt/apt.conf.d/" - -install -m 644 files/console-setup "${ROOTFS_DIR}/etc/default/" - if [ -n "${PUBKEY_SSH_FIRST_USER}" ]; then install -v -m 0700 -o 1000 -g 1000 -d "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh echo "${PUBKEY_SSH_FIRST_USER}" >"${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys @@ -19,37 +13,29 @@ s/^#?[[:blank:]]*PasswordAuthentication[[:blank:]]*yes[[:blank:]]*$/PasswordAuth fi on_chroot << EOF -systemctl disable hwclock.sh -systemctl disable nfs-common -systemctl disable rpcbind if [ "${ENABLE_SSH}" == "1" ]; then systemctl enable ssh else systemctl disable ssh fi -systemctl enable regenerate_ssh_host_keys EOF if [ "${USE_QEMU}" = "1" ]; then echo "enter QEMU mode" install -m 644 files/90-qemu.rules "${ROOTFS_DIR}/etc/udev/rules.d/" - on_chroot << EOF -systemctl disable resize2fs_once -EOF echo "leaving QEMU mode" -else - on_chroot << EOF -systemctl enable resize2fs_once -EOF fi -on_chroot <&2 - exit 3 - ;; -esac diff --git a/stage2/04-cloud-init/00-packages b/stage2/04-cloud-init/00-packages new file mode 100644 index 0000000..4892d37 --- /dev/null +++ b/stage2/04-cloud-init/00-packages @@ -0,0 +1,2 @@ +cloud-init +rpi-cloud-init-mods diff --git a/stage2/04-cloud-init/01-run.sh b/stage2/04-cloud-init/01-run.sh new file mode 100755 index 0000000..9a4622e --- /dev/null +++ b/stage2/04-cloud-init/01-run.sh @@ -0,0 +1,12 @@ +#!/bin/bash -e + +if [ "${ENABLE_CLOUD_INIT}" != "1" ]; then + log "Skipping cloud-init stage" + exit 0 +fi + +# some preseeding without any runtime effect if not modified +# install meta-data file for NoCloud data-source to work +install -v -m 755 files/meta-data "${ROOTFS_DIR}/boot/firmware/meta-data" +install -v -m 755 files/user-data "${ROOTFS_DIR}/boot/firmware/user-data" +install -v -m 755 files/network-config "${ROOTFS_DIR}/boot/firmware/network-config" diff --git a/stage2/04-cloud-init/README.txt b/stage2/04-cloud-init/README.txt new file mode 100644 index 0000000..00da52e --- /dev/null +++ b/stage2/04-cloud-init/README.txt @@ -0,0 +1,10 @@ +Cloud-Init support for Raspberry Pi OS + +Reference for Raspberry Pi custom cloud-init config module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#raspberry-pi-configuration + +- files/network-config is required because otherwise imager would fail to create the correct filesystem entry + +- files/user-data same reason and to include some example configurations + +- files/meta-data Cloud-init instance configuration + diff --git a/stage2/04-cloud-init/files/meta-data b/stage2/04-cloud-init/files/meta-data new file mode 100644 index 0000000..ac36efd --- /dev/null +++ b/stage2/04-cloud-init/files/meta-data @@ -0,0 +1,18 @@ +# This is the meta-data configuration file for cloud-init. Please refer to the +# cloud-init documentation for more information: +# +# https://cloudinit.readthedocs.io/ + +# Set the datasource mode to "local". This ensures that user-data is acted upon +# prior to bringing up the network (because everything about the datasource is +# assumed to be local). If you wish to use an HTTP datasource instead, you can +# change this to "net" or override it on the kernel cmdline (see README). +dsmode: local + +# Specifies the "unique" identifier of the instance. Typically in cloud-init +# this is generated by the owning cloud and is actually unique (to some +# degree). Here our data-source is local, so this is just a fixed string. +# Warning: changing this will cause cloud-init to assume it is running on a +# "new" instance, and to go through first time setup again (the value is +# compared to a cached copy). +instance_id: rpios-image diff --git a/stage2/04-cloud-init/files/network-config b/stage2/04-cloud-init/files/network-config new file mode 100644 index 0000000..2bfc7ad --- /dev/null +++ b/stage2/04-cloud-init/files/network-config @@ -0,0 +1,50 @@ +# This file contains a netplan-compatible configuration which cloud-init will +# apply on first-boot (note: it will *not* update the config after the first +# boot). Please refer to the cloud-init documentation and the netplan reference +# for full details: +# +# https://netplan.io/reference +# https://cloudinit.readthedocs.io/en/latest/topics/network-config.html +# https://cloudinit.readthedocs.io/en/latest/topics/network-config-format-v2.html +# +# Please note that the YAML format employed by this file is sensitive to +# differences in whitespace; if you are editing this file in an editor (like +# Notepad) which uses literal tabs, take care to only use spaces for +# indentation. See the following link for more details: +# +# https://en.wikipedia.org/wiki/YAML +# +# Additionally, please be aware that if your boot sequence depends on active +# networking (e.g. if your cloud-init configuration pulls packages or SSH +# keys from the network), you *must* mark at least one interface as required +# ("optional: false") below. Otherwise, particularly on faster boards, +# cloud-init will start attempting to use the network before it is ready + +# Some additional examples are commented out below + +#network: +# version: 2 +# +# ethernets: +# eth0: +# dhcp4: true +# optional: true + +# wifis: +# wlan0: +# dhcp4: true +# optional: true +# access-points: +# myhomewifi: +# password: "S3kr1t" +# myworkwifi: +# password: "correct battery horse staple" +# workssid: +# auth: +# key-management: eap +# method: peap +# identity: "me@example.com" +# password: "passw0rd" +# ca-certificate: /etc/my_ca.pem + +# regulatory-domain: GB diff --git a/stage2/04-cloud-init/files/user-data b/stage2/04-cloud-init/files/user-data new file mode 100644 index 0000000..ce34257 --- /dev/null +++ b/stage2/04-cloud-init/files/user-data @@ -0,0 +1,102 @@ +#cloud-config + +# This is the user-data configuration file for cloud-init. By default this sets +# up an initial user called "ubuntu" with password "ubuntu", which must be +# changed at first login. However, many additional actions can be initiated on +# first boot from this file. The cloud-init documentation has more details: +# +# https://cloudinit.readthedocs.io/ +# +# Please note that the YAML format employed by this file is sensitive to +# differences in whitespace; if you are editing this file in an editor (like +# Notepad) which uses literal tabs, take care to only use spaces for +# indentation. See the following link for more details: +# +# https://en.wikipedia.org/wiki/YAML +# +# Some additional examples are provided in comments below the default +# configuration. + +## Set the system's hostname. Please note that, unless you have a local DNS +## setup where the hostname is derived from DHCP requests (as with dnsmasq), +## setting the hostname here will not make the machine reachable by this name. +## You may also wish to install avahi-daemon (see the "packages:" key below) +## to make your machine reachable by the .local domain +#hostname: raspberrypi + +## Set up the keyboard layout. See localectl(1), in particular the various +## list-x11-* sub-commands, to determine the available models, layouts, +## variants, and options +#keyboard: +# model: pc105 +# layout: gb +# variant: +# options: ctrl:nocaps + +# Controls password authentication with the SSH daemon; the default here can +# prevent logging into SSH with a password. Changing this is a security risk +# and you should at the very least ensure a different default password is +# specified above +#ssh_pwauth: false + +## On first boot, use ssh-import-id to give the specific users SSH access to +## the default user +#ssh_import_id: +#- lp:my_launchpad_username +#- gh:my_github_username + +## Add users and groups to the system, and import keys with the ssh-import-id +## utility +#groups: +#- robot: [robot] +#- robotics: [robot] +#- pi +# +#users: +#- default +#- name: robot +# gecos: Mr. Robot +# primary_group: robot +# groups: users +# ssh_import_id: foobar +# lock_passwd: false +# passwd: $5$hkui88$nvZgIle31cNpryjRfO9uArF7DYiBcWEnjqq7L1AQNN3 + +## Update apt database and upgrade packages on first boot +#package_update: true +#package_upgrade: true + +## Install additional packages on first boot +#packages: +#- avahi-daemon +#- rng-tools +#- python3-gpiozero +#- [python3-serial, 3.5-1] + +## Write arbitrary files to the file-system (including binaries!) +#write_files: +#- path: /etc/default/console-setup +# content: | +# # Consult the console-setup(5) manual page. +# ACTIVE_CONSOLES="/dev/tty[1-6]" +# CHARMAP="UTF-8" +# VIDEOMODE= +# FONT="Lat15-Terminus18x10.psf.gz" +# FONTFACE= +# FONTSIZE= +# CODESET="Lat15" +# permissions: '0644' +# owner: root:root +#- encoding: gzip +# path: /root/Makefile +# content: !!binary | +# H4sICF2DTWIAA01ha2VmaWxlAFNWCM8syVBILMjPyU/PTC1WKMlXiPB2dlFQNjSx5MpNteLi +# dLDiSoRQxYl5KeWZyRkgXrSCkoqKRmaKgm6pppKCbmqhgoFCrIKamkK1QmpyRr6Ckn92YqWS +# NdC80uQMBZhOa4VahZoaqIrwjMQSewXfxOxUhcwShcr80qLi1Jw0RSUuAIYfEJmVAAAA +# owner: root:root +# permissions: '0644' + +## Run arbitrary commands at rc.local like time +#runcmd: +#- [ ls, -l, / ] +#- [ sh, -xc, "echo $(date) ': hello world!'" ] diff --git a/stage3/00-install-packages/00-packages b/stage3/00-install-packages/00-packages index 2e68512..48f0eb6 100644 --- a/stage3/00-install-packages/00-packages +++ b/stage3/00-install-packages/00-packages @@ -1,22 +1,4 @@ -gstreamer1.0-x gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-alsa gstreamer1.0-libav -evince gtk2-engines alsa-utils -desktop-base -git -policykit-1 -gvfs -rfkill -chromium rpi-chromium-mods libwidevinecdm0 -firefox rpi-firefox-mods -gldriver-test -fonts-droid-fallback -fonts-liberation2 +rpd-preferences +rpd-theme fonts-noto fonts-noto-color-emoji -obconf -raindrop -libcamera-tools -rpicam-apps -python3-picamera2 -python3-pyqt5 -python3-opengl -vulkan-tools mesa-vulkan-drivers diff --git a/stage3/00-install-packages/00-packages-nr b/stage3/00-install-packages/00-packages-nr index e0111c1..3073832 100644 --- a/stage3/00-install-packages/00-packages-nr +++ b/stage3/00-install-packages/00-packages-nr @@ -1,10 +1,3 @@ -xserver-xorg xinit -x11-xserver-utils -mousepad -eom +rpd-wayland-core +rpd-x-core vim -lxde lxtask menu-xdg -zenity xdg-utils -gvfs-backends gvfs-fuse -lightdm gnome-themes-extra-data gnome-icon-theme -gnome-keyring diff --git a/stage3/00-install-packages/01-run.sh b/stage3/00-install-packages/01-run.sh deleted file mode 100755 index 7fb0f4b..0000000 --- a/stage3/00-install-packages/01-run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -e - -on_chroot <<- EOF - apt-mark auto python3-pyqt5 python3-opengl -EOF diff --git a/stage4/05-print-support/01-run.sh b/stage3/01-print-support/00-run.sh similarity index 100% rename from stage4/05-print-support/01-run.sh rename to stage3/01-print-support/00-run.sh diff --git a/stage4/00-install-packages/00-debconf b/stage4/00-install-packages/00-debconf deleted file mode 100644 index 87932e2..0000000 --- a/stage4/00-install-packages/00-debconf +++ /dev/null @@ -1,2 +0,0 @@ -# Enable realtime process priority? -jackd2 jackd/tweak_rt_limits boolean true diff --git a/stage4/00-install-packages/00-packages b/stage4/00-install-packages/00-packages index 453a2fd..85311f8 100644 --- a/stage4/00-install-packages/00-packages +++ b/stage4/00-install-packages/00-packages @@ -1,27 +1,6 @@ -python3-pygame -python3-tk thonny -python3-pgzero -python3-serial -debian-reference-en dillo -raspberrypi-net-mods raspberrypi-ui-mods -python3-pip -python3-numpy -rc-gui sense-hat -tree -libgl1-mesa-dri libgles1 libgles2-mesa xcompmgr -geany -piclone -python3-twython -python3-flask -pprompt -piwiz -rp-prefapps -ffmpeg -vlc -rpi-connect -rpi-imager -labwc -squeekboard - -# ninja-build and openocd needed for vscode pico extension -meson openocd +rpd-applications +rpd-developer +rpd-graphics +rpd-utilities +rpd-wayland-extras +rpd-x-extras diff --git a/stage4/00-install-packages/00-packages-nr b/stage4/00-install-packages/00-packages-nr deleted file mode 100644 index b904b80..0000000 --- a/stage4/00-install-packages/00-packages-nr +++ /dev/null @@ -1,2 +0,0 @@ -pi-package -realvnc-vnc-server diff --git a/stage4/00-install-packages/02-packages b/stage4/00-install-packages/02-packages deleted file mode 100644 index fc43d17..0000000 --- a/stage4/00-install-packages/02-packages +++ /dev/null @@ -1,4 +0,0 @@ -hunspell-en-gb -hyphen-en-gb -wamerican -wbritish diff --git a/stage4/01-console-autologin/00-run.sh b/stage4/01-console-autologin/00-run.sh deleted file mode 100755 index 665dcdb..0000000 --- a/stage4/01-console-autologin/00-run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -e - -on_chroot << EOF - SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_boot_behaviour B4 -EOF diff --git a/stage4/01-disable-wayvnc/00-run.sh b/stage4/01-disable-wayvnc/00-run.sh new file mode 100755 index 0000000..059efca --- /dev/null +++ b/stage4/01-disable-wayvnc/00-run.sh @@ -0,0 +1,5 @@ +#!/bin/bash -e + +on_chroot <<- EOF + SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_vnc 1 +EOF diff --git a/stage4/04-enable-xcompmgr/00-run.sh b/stage4/04-enable-xcompmgr/00-run.sh deleted file mode 100755 index ad6298d..0000000 --- a/stage4/04-enable-xcompmgr/00-run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -e - -on_chroot << EOF - raspi-config nonint do_xcompmgr 0 -EOF diff --git a/stage4/05-print-support/00-packages b/stage4/05-print-support/00-packages deleted file mode 100644 index 462d36c..0000000 --- a/stage4/05-print-support/00-packages +++ /dev/null @@ -1 +0,0 @@ -cups diff --git a/stage4/06-enable-wayland/00-run.sh b/stage4/06-enable-wayland/00-run.sh deleted file mode 100755 index d1f240d..0000000 --- a/stage4/06-enable-wayland/00-run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -e - -on_chroot << EOF - SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_wayland W3 -EOF diff --git a/stage5/00-install-extras/00-packages b/stage5/00-install-extras/00-packages index c871e09..0316539 100644 --- a/stage5/00-install-extras/00-packages +++ b/stage5/00-install-extras/00-packages @@ -1,7 +1,4 @@ -mu-editor -scratch nuscratch scratch3 -wolfram-engine +scratch3 claws-mail -realvnc-vnc-viewer code-the-classics code-the-classics-2 kicad