Last active
June 11, 2017 08:04
-
-
Save pierinz/1b1315e1c2e615f82094 to your computer and use it in GitHub Desktop.
Minimal Raspbian & SD enhancements for CitofonoWeb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| echo "Choose root password:" | |
| passwd | |
| mkdir -p /root/.ssh/ | |
| #You may want to add some authorized keys | |
| #echo "$key" > /root/.ssh/authorized_keys | |
| echo "Disabling default user" | |
| usermod -L pi | |
| #You may create another regular user if needed | |
| echo "Setting up hostname" | |
| hostname "citofonoweb" | |
| echo "citofonoweb" > /etc/hostname | |
| sed -i "s/raspberrypi/citofonoweb/" /etc/hosts | |
| echo "Setting up DNS" | |
| cat > /etc/resolv.conf <<EOF | |
| nameserver 8.8.8.8 | |
| nameserver 208.67.220.220 | |
| EOF | |
| echo "Setting up NTP" | |
| sed -i '/#server ntp.your-provider.example/ a\ | |
| server ntp1.inrim.it\ | |
| server 0.pool.ntp.org' /etc/ntp.conf | |
| echo "Configuring local settings" | |
| dpkg-reconfigure locales | |
| dpkg-reconfigure tzdata | |
| echo "Disabling useless services" | |
| insserv -r lightdm | |
| insserv -r triggerhappy | |
| echo "Installing dosfstools" | |
| apt-get update | |
| aptitude install dosfstools | |
| #Keeping the apt cache in a NFS share is a good idea to preserve bandwidth/avoid SD wearing | |
| #aptitude install nfs-common | |
| #/etc/init.d/rpcbind start | |
| #insserv rpcbind | |
| #cat >> /etc/fstab <<EOF | |
| # | |
| ##cache server | |
| #cache-server:/cache-path/ /var/cache/apt/archives nfs defaults,vers=3,soft,rsize=8192,wsize=8192,timeo=14,intr 0 0 | |
| #EOF | |
| #rm /var/cache/apt/archives/* -r | |
| #mount /var/cache/apt/archives | |
| echo "Enabling SPI" | |
| sed -i /etc/modprobe.d/raspi-blacklist.conf -e "s/^blacklist[[:space:]]*spi-bcm2708.*/#blacklist spi-bcm2708/" | |
| cat >> /boot/config.txt <<EOF | |
| #Enable SPI | |
| device_tree_overlay=spi-bcm2708-overlay.dtb | |
| EOF | |
| echo "Enabling filesystem checks at startup" | |
| sed -i "s/#FSCKFIX=no/FSCKFIX=yes/" /etc/default/rcS | |
| echo "Enabling TRIM on sd card (if supported)" | |
| sed -i "s/noatime/noatime,discard/" /etc/fstab | |
| echo "Disabling automount of /boot" | |
| sed s:"vfat defaults":"vfat defaults,noauto": /etc/fstab | |
| echo "Removing useless packages" | |
| useless="wolfram-engine lxde lxde-common lxde-core gpicview leafpad lxappearance lxinput \ | |
| lxmusic lxpanel lxsession lxsession-edit lxshortcut lxterminal openbox-themes openbox pcmanfm xarchiver xscreensaver \ | |
| xterm xserver-xorg xserver-xorg-core xserver-common xpdf x11-common x11-utils supercollider squeak-vm sonic-pi \ | |
| penguinspuzzle netsurf-gtk midori gtk2-engines tcl8.4 tk8.4 gnome-accessibility-themes gnome-themes-standard \ | |
| gnome-themes-standard-data libgtk-3-common dphys-swapfile sonic-pi fake-hwclock dhcpcd5 ncdu \ | |
| smartsim python-minecraftpi omxplayer minecraft-pi lxde-icon-theme lxpolkit lxrandr lxtask dillo xauth \ | |
| gconf-service gconf2 gconf2-common gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base libgnome-keyring-common \ | |
| libgnome-keyring0 libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-base1.0-0 libgconf-2-4 gksu gstreamer1.0-omx \ | |
| gstreamer1.0-plugins-good libgksu2-0 gstreamer1.0-x aspell-en libaspell15 libltdl7 epiphany-browser-data jackd2 \ | |
| libjack-jackd2-0 consolekit cups-bsd desktop-base dictionaries-common esound-common fontconfig \ | |
| fonts-droid freepats fuse galculator gconf2 gconf2-common gksu gsfonts gstreamer1.0-omx libass4:armhf \ | |
| libasyncns0:armhf libaudiofile1:armhf libaudit0 libavahi-glib1:armhf libavahi-gobject0:armhf \ | |
| libbluetooth3:armhf libbluray1:armhf libcdio-cdda1 libcdio-paranoia1 libcdio13 libchromaprint0:armhf \ | |
| libck-connector0:armhf libcupsimage2:armhf libcwiid1 libdatrie1:armhf libdc1394-22:armhf libdca0 \ | |
| libdirac-encoder0:armhf libdirectfb-1.2-9:armhf libdvdnav4 libdvdread4 libenca0 libesd0:armhf libfaad2:armhf libffi5:armhf \ | |
| libfftw3-3:armhf libflite1:armhf libfltk1.3:armhf libfm-data libfm-extra4:armhf libfm-gtk4:armhf libfm4:armhf \ | |
| libfontenc1:armhf libfuse2:armhf libgconf-2-4:armhf libgdk-pixbuf2.0-0:armhf libgdu0 libgeoclue0 \ | |
| libgif4 libgirepository-1.0-1 libgksu2-0 libglade2-0 libgme0 libgnome-keyring0:armhf \ | |
| libgs9 libgstreamer-plugins-bad1.0-0:armhf libgstreamer-plugins-base0.10-0:armhf \ | |
| libgstreamer-plugins-base1.0-0:armhf libgstreamer0.10-0:armhf libgtk2.0-0:armhf libgtk2.0-common libharfbuzz-icu0:armhf \ | |
| libharfbuzz0a:armhf libhunspell-1.3-0:armhf libid3tag0 libijs-0.35 libilmbase6 libimlib2 \ | |
| libjasper1:armhf libjavascriptcoregtk-3.0-0:armhf libjbig2dec0 libkate1 liblcms1:armhf libmad0 libmenu-cache1 \ | |
| libmimic0 libmms0:armhf libmng1:armhf libmodplug1 libmpg123-0:armhf libnotify4:armhf libnss3:armhf \ | |
| libofa0 libopenal-data libopenal1:armhf libopencv-calib3d2.4 libopencv-contrib2.4 libopencv-core2.4 libopencv-features2d2.4 \ | |
| libopencv-flann2.4 libopencv-highgui2.4 libopencv-imgproc2.4 libopencv-legacy2.4 libopencv-ml2.4 libopencv-objdetect2.4 \ | |
| libopencv-photo2.4 libopencv-stitching2.4 libopencv-ts2.4 libopencv-video2.4 libopencv-videostab2.4 libopenexr6 \ | |
| libpango-1.0-0:armhf libpangocairo-1.0-0:armhf libpangoft2-1.0-0:armhf libpangox-1.0-0:armhf libpangoxft-1.0-0:armhf \ | |
| libpaper1:armhf libpciaccess0:armhf libportmidi0 libqt4-network:armhf libqt4-xml:armhf \ | |
| libqtcore4:armhf libqtdbus4:armhf librsvg2-2:armhf libruby1.9.1 libsbc1:armhf libscsynth1 libsecret-1-0:armhf \ | |
| libsndfile1:armhf libsoundtouch0:armhf libspandsp2 libsrtp0 libssh-4:armhf libstartup-notification0:armhf \ | |
| libthai0:armhf libts-0.0-0:armhf libvorbisfile3:armhf libvte9 libwayland0:armhf libwildmidi-config \ | |
| libwildmidi1:armhf libwnck22 libxcb-util0:armhf libxcomposite1:armhf libxcursor1:armhf libxdamage1:armhf \ | |
| libxfont1 libxft2:armhf libxinerama1:armhf libxkbcommon0:armhf libxkbfile1:armhf libxp6:armhf libxrandr2:armhf libxres1:armhf \ | |
| libxslt1.1:armhf libxxf86dga1:armhf libyaml-0-2:armhf lxmenu-data poppler-data python-gi python3.2 python3.2-minimal \ | |
| ruby1.9.1 tcl8.5 tsconf weston x11-common xauth libatspi2.0-0 alsa-base g++-4.6 libclass-isa-perl libcroco3 \ | |
| libgraphite2-2.0.0 libgssglue1 libgtop2-7 libgtop2-common libjpeg8 libmpc2 \ | |
| libpci3 librtmp0 libstdc++6-4.6-dev libswitch-perl pciutils fonts-freefont-ttf fonts-roboto gnome-desktop3-data \ | |
| gvfs-common hicolor-icon-theme libfm-gtk-data libgdk-pixbuf2.0-common libgs9-common libsecret-common libthai-data \ | |
| libvte-common libwebkitgtk-3.0-common libwnck-3-common libwnck-common libxmuu1 lxpanel-data \ | |
| gstreamer1.0-alsa gstreamer1.0-libav gstreamer1.0-plugins-base gstreamer1.0-plugins-good libasound2 libvisual-0.4-0 \ | |
| \ | |
| libobt0 libusbmuxd1 libarchive12 libavcodec53 libavutil51 libcolord1 libgd2-xpm libgphoto2-port0 libicu48 \ | |
| libimobiledevice2 libmikmod2 libplist1 libpoppler19 libsclang1 libswscale2 libwebp2 \ | |
| libx264-123 libmysqlclient16 libparted0debian1" | |
| # and many more | |
| for i in $useless; do | |
| aptitude remove --purge -y $i | |
| done | |
| # and many more | |
| apt-get autoremove | |
| echo "Upgrading system" | |
| apt-get upgrade | |
| ##READ ONLY ROOT | |
| #https://wiki.debian.org/ReadonlyRoot | |
| echo "Preparing read-only rootfs" | |
| echo "If something goes wrong, the system won't boot up. Press ENTER to continue or CTRL-C to exit" | |
| read | |
| echo BLKID_FILE="/var/local/blkid.tab" >> /etc/environment | |
| sed s:#RAMTMP=no:RAMTMP=yes: -i /etc/default/tmpfs | |
| rm /etc/mtab | |
| ln -s /proc/self/mounts /etc/mtab | |
| sed -i "s/noatime,discard/noatime,discard,ro/" /etc/fstab | |
| #edit /etc/init.d/hwclock.sh | |
| echo "Now you should change '-f' to '-L' at line 60 (the first of start case)" | |
| echo "Maybe one day I'll write a sed one-liner for this. Press enter to continue" | |
| read | |
| nano /etc/init.d/hwclock.sh | |
| #This seems to be a good idea... but it never worked for me | |
| #cat > /etc/apt/apt.conf.d/99readonly <<EOF | |
| #DPkg { | |
| # // Auto re-mounting of a readonly / | |
| # Pre-Invoke { "mount -o remount,rw / || true "; }; | |
| # Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || mount -o remount,ro / || true"; }; | |
| #}; | |
| #EOF | |
| #cat > /etc/apt/apt.conf.d/99bootnoauto <<EOF | |
| #DPkg { | |
| # // Auto re-mounting of a readonly / | |
| # Pre-Invoke { "mount /boot || true"; }; | |
| # Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || umount /boot || true"; }; | |
| #}; | |
| #EOF | |
| echo "Now you should make a separate partition for /var and migrate the actual /var to the new partition" | |
| echo "Do you want to add a fstab entry for the separated /var?" | |
| echo "Press ENTER to continue, CTRL-C to exit" | |
| echo "/dev/mmcblk0p3 /var ext4 defaults,nodev,noatime,discard,data=journal 0 1" >> /etc/fstab | |
| ## | |
| echo "THE END" | |
| echo "REMEMBER: you must make a separate partition for /var and migrate the actual /var to the new partition!" | |
| echo "Then, reboot to see the result" | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment