Compare commits
11 Commits
Author | SHA1 | Date |
---|---|---|
Michael Hope | 313f228d1b | |
Michael Hope | 2c4707641e | |
Michael Hope | fc08857d30 | |
Michael Hope | 7685e630e6 | |
Michael Hope | 039a8d63f0 | |
Michael Hope | 279fc16300 | |
Michael Hope | cb2f96779e | |
Michael Hope | 14c2a6d1a5 | |
Michael Hope | 524f8d6a8e | |
Michael Hope | b8dfc3f779 | |
Michael Hope | 6508403f43 |
|
@ -0,0 +1,10 @@
|
|||
IMG_URL = https://github.com/hypriot/image-builder-rpi/releases/download/v1.9.0/hypriotos-rpi-v1.9.0.img.zip
|
||||
IMG = $(notdir $(IMG_URL))
|
||||
|
||||
get:
|
||||
mkdir -p build/flash
|
||||
[ -d build/flash/.git ] || git clone https://github.com/hypriot/flash.git build/flash
|
||||
wget -nv -c -O build/$(IMG) $(IMG_URL)
|
||||
|
||||
flash:
|
||||
build/flash/flash -C cloud-init/config.txt -u cloud-init/user-data.yml build/$(IMG)
|
|
@ -0,0 +1,10 @@
|
|||
hdmi_force_hotplug=1
|
||||
enable_uart=0
|
||||
|
||||
# camera settings, see http://elinux.org/RPiconfig#Camera
|
||||
start_x=1
|
||||
disable_camera_led=1
|
||||
gpu_mem=128
|
||||
|
||||
# Enable audio (added by raspberrypi-sys-mods)
|
||||
dtparam=audio=on
|
|
@ -0,0 +1,30 @@
|
|||
#cloud-config
|
||||
|
||||
hostname: rpi-boot-initial
|
||||
manage_etc_hosts: true
|
||||
|
||||
write_files:
|
||||
- content: |
|
||||
allow-hotplug wlan0
|
||||
iface wlan0 inet dhcp
|
||||
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
|
||||
iface default inet dhcp
|
||||
path: /etc/network/interfaces.d/wlan0
|
||||
- content: |
|
||||
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
|
||||
update_config=1
|
||||
network={
|
||||
ssid="Fancy Pants"
|
||||
psk=972fd9f00867515794d35db58cb9140e4a90bc9c693abceed1d71f7f065c5df7
|
||||
key_mgmt=WPA-PSK
|
||||
}
|
||||
path: /etc/wpa_supplicant/wpa_supplicant.conf
|
||||
|
||||
locale: "en_US.UTF-8"
|
||||
|
||||
package_upgrade: true
|
||||
packages:
|
||||
- ansible
|
||||
|
||||
runcmd:
|
||||
- ansible-pull -U https://juju.nz/src/michaelh/rpi-boot.git -C dev --purge
|
|
@ -0,0 +1,10 @@
|
|||
- name: rpi-boot
|
||||
hosts: localhost
|
||||
user: root
|
||||
connection: local
|
||||
vars:
|
||||
- wlan: wlan0
|
||||
- hostid: "{{ansible_ssh_host_key_rsa_public | hash('sha1') | regex_replace('(...).*', '\\1')}}"
|
||||
- user: juju
|
||||
roles:
|
||||
- pi
|
|
@ -0,0 +1,26 @@
|
|||
---
|
||||
- name: fastboot - disable unneded services
|
||||
systemd: state=stopped masked=yes enabled=no name={{ item }}.service
|
||||
with_items:
|
||||
- alsa-restore
|
||||
- fake-hwclock
|
||||
- kmod-static-nodes
|
||||
- networking
|
||||
- ntp
|
||||
- plymouth
|
||||
- plymouth-log
|
||||
- raspi-config
|
||||
- systemd-journal-flush
|
||||
- name: fastboot - copy the wpa_supplicant config
|
||||
template: src=wpa_supplicant@.service dest=/etc/systemd/system/wpa_supplicant@.service
|
||||
- name: fastboot - copy the wlan config
|
||||
template: src=80-wlan.network dest=/etc/systemd/network/80-wlan.network
|
||||
- name: fastboot - copy the timesyncd config
|
||||
template: src=timesyncd.service dest=/etc/systemd/system/timesyncd.service
|
||||
- name: fastboot - enable the systemd based services
|
||||
systemd: enabled=yes name={{ item }}.service
|
||||
with_items:
|
||||
- systemd-networkd
|
||||
- systemd-resolved
|
||||
- timesyncd
|
||||
- wpa_supplicant@wlan0
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
- name: Install i2c-tools
|
||||
apt: name=i2c-tools
|
||||
- name: Enable i2c1 (pt 1)
|
||||
lineinfile: path=/boot/config.txt line=dtparam=i2c_arm=on
|
||||
- name: Enable i2c1 (pt 2)
|
||||
lineinfile: path=/etc/modules line=i2c-dev
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
- name: Set the hostname
|
||||
hostname: name="pi-{{hostid}}"
|
||||
- name: Put the hostname in /etc/hosts
|
||||
lineinfile: dest=/etc/hosts line="127.0.1.1 pi-{{hostid}}"
|
||||
- name: Add the user {{user}}
|
||||
user:
|
||||
name: "{{user}}"
|
||||
# TODO(michaelh): change to a public password
|
||||
password: '$6$3/nNUZfJvg9V9$9OkDm4wO25wyuNJq0Iw3Pw15uCmcUoLBkq/8C0HuRR2vRtrcJVXU6VU6k0d9/gSCWkoEBNDAkHAubZ.wrT43H.'
|
||||
groups: sudo,dialout,video,audio,docker
|
||||
shell: /bin/bash
|
||||
state: present
|
||||
- name: Set authorized keys for {{user}}
|
||||
authorized_key:
|
||||
user: "{{ item }}"
|
||||
state: present
|
||||
# TODO(michaelh): pull the invoking users public key
|
||||
key: https://juju.nz/src/michaelh.keys
|
||||
with_items:
|
||||
- "{{ user }}"
|
||||
- name: Modify config.txt
|
||||
lineinfile: dest=/boot/config.txt line={{ item }}
|
||||
with_items:
|
||||
- "gpu_mem=16"
|
||||
- "hdmi_mode=1"
|
||||
- "boot_delay=0"
|
||||
- "disable_splash=1"
|
||||
- name: Disable docs and man pages
|
||||
template: src=01-nodoc dest=/etc/dpkg/dpkg.cfg.d/01-nodoc
|
||||
- name: Install the basics
|
||||
apt: name=jed,git,psmisc,unzip,f2fs-tools,python3
|
||||
- name: Install node-exporter
|
||||
apt: name=prometheus-node-exporter
|
||||
- include: fastboot.yml
|
|
@ -0,0 +1,9 @@
|
|||
path-exclude /usr/share/doc/*
|
||||
# we need to keep copyright files for legal reasons
|
||||
path-include /usr/share/doc/*/copyright
|
||||
path-exclude /usr/share/man/*
|
||||
path-exclude /usr/share/groff/*
|
||||
path-exclude /usr/share/info/*
|
||||
# lintian stuff is small, but really unnecessary
|
||||
path-exclude /usr/share/lintian/*
|
||||
path-exclude /usr/share/linda/*
|
|
@ -0,0 +1,5 @@
|
|||
[Match]
|
||||
Name=wlan*
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
|
@ -0,0 +1,27 @@
|
|||
# This file is part of systemd.
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
Description=Network Time Synchronization
|
||||
Documentation=man:systemd-timesyncd.service(8)
|
||||
DefaultDependencies=no
|
||||
RequiresMountsFor=/var/lib/systemd/clock
|
||||
After=local-fs.target
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
Restart=always
|
||||
RestartSec=0
|
||||
ExecStart=/lib/systemd/systemd-timesyncd
|
||||
PrivateTmp=yes
|
||||
PrivateDevices=yes
|
||||
ProtectSystem=full
|
||||
ProtectHome=yes
|
||||
WatchdogSec=1min
|
||||
|
||||
[Install]
|
||||
WantedBy=sysinit.target
|
|
@ -0,0 +1,10 @@
|
|||
[Unit]
|
||||
Description=WPA supplicant for %i
|
||||
Requires=sys-subsystem-net-devices-%i.device
|
||||
After=sys-subsystem-net-devices-%i.device
|
||||
|
||||
[Service]
|
||||
ExecStart=/sbin/wpa_supplicant -i%i -c/etc/wpa_supplicant/wpa_supplicant.conf
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue