This repository has been archived by the owner on Jul 11, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathtRackIT.Pifile
195 lines (154 loc) · 5.63 KB
/
tRackIT.Pifile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
FROM Base.img
PUMP 300M
# Install custom folders
INSTALL boot /boot
INSTALL etc /etc
INSTALL home /home
INSTALL var /var
INSTALL usr /usr
# Install git folders for history
RUN rm /home/pi/sysdweb/.git
INSTALL .git/modules/Base/home/pi/sysdweb /home/pi/sysdweb/.git
RUN rm /home/pi/pyradiotracking/.git
INSTALL .git/modules/RadioTracking/home/pi/pyradiotracking /home/pi/pyradiotracking/.git
RUN rm /home/pi/pymqttutil/.git
INSTALL .git/modules/RadioTracking/home/pi/pymqttutil /home/pi/pymqttutil/.git
# Fix permissions for pi user
RUN chown -R pi:pi /home/pi/
# Mount boot writable for users
RUN sed -i 's/\(boot.*vfat.*defaults\)/\1,user,umask=000/g' /etc/fstab
#################################################
### basic configuration
# Fix permissions on host ssh files
RUN bash -c 'chown root:root /etc/ssh/ssh_host_*'
RUN bash -c 'chmod 600 /etc/ssh/ssh_host_*_key'
RUN bash -c 'chmod 644 /etc/ssh/ssh_host_*_key.pub'
RUN systemctl disable regenerate_ssh_host_keys
# Install user ssh files and fix permissions
INSTALL home/pi/.ssh /home/pi/.ssh
RUN chown pi:pi /home/pi
RUN chown pi:pi /home/pi/.ssh
RUN chown pi:pi /home/pi/.ssh/id_ed25519
RUN chown pi:pi /home/pi/.ssh/id_ed25519.pub
RUN chown pi:pi /home/pi/.ssh/authorized_keys
RUN chmod 755 /home/pi
RUN chmod 700 /home/pi/.ssh
RUN chmod 600 /home/pi/.ssh/id_ed25519
RUN chmod 644 /home/pi/.ssh/id_ed25519.pub
RUN chmod 644 /home/pi/.ssh/authorized_keys
# Install root ssh files and fix permissions
INSTALL home/pi/.ssh /root/.ssh
RUN chown root:root /root
RUN chown root:root /root/.ssh
RUN chown root:root /root/.ssh/id_ed25519
RUN chown root:root /root/.ssh/id_ed25519.pub
RUN chown root:root /root/.ssh/authorized_keys
RUN chmod 755 /root
RUN chmod 700 /root/.ssh
RUN chmod 600 /root/.ssh/id_ed25519
RUN chmod 644 /root/.ssh/id_ed25519.pub
RUN chmod 644 /root/.ssh/authorized_keys
# Set default password
RUN bash -c 'echo -n "pi:" > /boot/userconf.txt'
RUN bash -c 'echo "natur" | openssl passwd -6 -stdin >> /boot/userconf.txt'
# Allow basic connectivity (0 == success status code - enable)
RUN raspi-config nonint do_ssh 0
RUN raspi-config nonint do_i2c 0
RUN tee -a /boot/config.txt <<<dtoverlay=i2c-rtc,ds3231
# Set Europe/Berlin timezone
RUN ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
# set git config for possible local commits
RUN git config --global user.email "pi@tRackIT"
RUN git config --global user.name "tRackIT User"
# enable hostname-config script and set default hostname
RUN bash -c 'CMDLINE=$(cat /boot/cmdline.txt); echo "${CMDLINE} -- systemd.hostname=umr-test-00001" > /boot/cmdline.txt'
RUN systemctl enable hostname-config.service
# Enabling wait for time-sync.target (depending services will not start before the clock is synced)
RUN systemctl enable systemd-time-wait-sync.service
# Reboot on kernel panic
RUN bash -c "echo kernel.panic=10 | tee -a /etc/sysctl.conf"
#################################################
### network configuration
# enable hostapd-config script (WiFi AP)
RUN systemctl enable hostapd-config.service
RUN systemctl enable hostapd.service
# enable wifi-config script
RUN systemctl enable [email protected]
# Modify default network settings
RUN bash -c "echo net.ipv4.ip_forward=1 | tee -a /etc/sysctl.conf"
RUN bash -c "echo net.ipv4.icmp_echo_ignore_broadcasts=0 | tee -a /etc/sysctl.conf"
# enable wireguard
RUN ln -s /boot/wireguard.conf /etc/wireguard/wireguard.conf
RUN systemctl enable wg-quick@wireguard
RUN tee -a /etc/sysdweb.conf <<EOF
[wg-quick@wireguard]
title = Wireguard (/boot/wireguard.conf)
unit = wg-quick@wireguard
EOF
#################################################
### services configuration
# install and enable enable sysdweb
RUN python3 -m pip install -e /home/pi/sysdweb
RUN systemctl enable sysdweb
# Create symlinks for other webserver targets
RUN mkdir /data
RUN chown pi:pi /data
RUN ln -s /boot/ /data/boot
# enable caddy
RUN systemctl enable caddy
# enable filebrowser
RUN systemctl enable filebrowser
# enable mosquitto
RUN systemctl enable mosquitto.service
RUN tee -a /etc/sysdweb.conf <<EOF
[Mosquitto]
title = Mosquitto MQTT Broker
unit = mosquitto
EOF
# List chrony
RUN tee -a /etc/sysdweb.conf <<EOF
[chrony]
title = Chrony Time Synchronization
unit = chrony
EOF
RUN systemctl enable chrony-waitsync
# Install and enable pysmartsolar
RUN python3 -m pip install -e /home/pi/pysmartsolar
# Install and enable pymqttutil
RUN python3 -m pip install -e /home/pi/pymqttutil
RUN python3 -m pip install psutil
RUN systemctl enable mqttutil.service
RUN tee -a /etc/sysdweb.conf <<EOF
[mqttutil]
title = MQTTUtil
unit = mqttutil
EOF
# Enable dmesgdump
RUN systemctl enable dmesgdump
# Install uhubctl (dependency) and enable huaweicheck
RUN bash -c 'cd /home/pi/uhubctl; make; make install'
# Blacklist DVB-T driver
RUN tee -a /etc/modprobe.d/raspi-blacklist.conf <<<'blacklist dvb_usb_rtl28xxu'
# Install radiotracking
RUN python3 -m pip install -e /home/pi/pyradiotracking
RUN systemctl enable radiotracking.service
RUN systemctl enable radiotracking-config.service
RUN tee -a /etc/sysdweb.conf <<EOF
[radiotracking]
title = RadioTracking
unit = radiotracking
[radiotracking-config]
title = RadioTracking Configuration
unit = radiotracking-config
EOF
# Enable hardware connectivity
RUN raspi-config nonint do_spi 0
RUN raspi-config nonint do_serial 2
RUN systemctl disable [email protected]
# Disable freq scaling to fix miniuart issues, i.e., https://wiki.dragino.com/index.php?title=Getting_GPS_to_work_on_Raspberry_Pi_3_Model_B
RUN tee -a /boot/config.txt <<EOF
core_freq=250
force_turbo=1
EOF
# Install docs folder (if HTML available)
if [ -d docs/_site22/ ]; then INSTALL docs/_site /data/docs; fi