tuxpeople · October 3, 2020 09:41 · tuxpeople · Aug 3, 2020
diff --git a/raspbian-image-enable-ssh b/raspbian-image-enable-ssh
 #!/bin/bash
 # Andrew Oakley aoakley.com Public Domain 2016
 # Check out cotswoldjam.org for RPi events in Gloucestershire
 # I recommend you place this script in /usr/local/sbin
 #
 # Changes and additions by Thomas Deutsch
 #
 # Thanks to https://raspberrypi.stackexchange.com/a/99531
 #

 # Set this to armhf for 32bit and arm64 for 64bit
 OSTYPE="armhf"

 # If true, WiFi will be configured
 WIFI=true

 # If true, SSH Key will be added to user pi
 KEY=true

 # If true, fsck autorepair on first boot
 FSCK=true

 # SSID of your WiFi
 SSID="mySSID"

 #Key of your WiFi
 PSK="myPSK"

 #Two letter country code
 COUNTRY="CH"

 #SSH Key
 SSHKEY="ssh-rsa abcde...."

 #Output directory
 OUTPUTDIR="/root/seafile/sync"

 RASPIOSVERSION=$(curl http://downloads.raspberrypi.org/raspios_lite_${OSTYPE}/os.json | grep version | cut -d'"' -f4)
 TMP=$(mktemp -d)
 TMP2="${TMP}-work"
 PWD=$(pwd)

 set -e

 function cleanup {
  cd ${PWD}
  sudo umount -f $TMP/boot/ &> /dev/null
  sudo umount -f $TMP &> /dev/null
  sudo losetup -d ${LOOP}
  sudo rm -rf $TMP
  sudo rm -rf ${TMP2}
 }

 trap cleanup EXIT INT TERM

 # Help
 if [[ "$1" == "-h" || "$1" == "/?" || "$1" == "--help" ]]; then
  echo "Enables SSH on a raspios image from Nov 2016 or later"
  echo "Usage:"
  echo "  sudo `basename $0` [imagename]"
  echo "If imagename is not supplied, downloads the latest version of raspios ${RASPIOSVERSION} Lite ${OSTYPE}."
  exit
 fi

 # Need to be root - we'll be mounting loopback device
 if [ "$(id -u)" != 0 ]; then
  echo "You must be root to run this. Try:"
  echo "  sudo `basename $0` $*"
  echo "or"
  echo "  `basename $0` -h"
  echo "for help"
  exit
 fi

  # Make a working directory and download
  mkdir ${TMP2}
  cd ${TMP2}
  curl -L "https://downloads.raspberrypi.org/raspios_lite_${OSTYPE}_latest" -o raspios_lite_latest.zip
  unzip raspios_lite_latest.zip

  # Did we get what we were expecting?
  if [[ `ls -1 *-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img | wc -l` -ne 1 ]]; then
    echo "Can't find \"*-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img\" in raspios_lite_latest"
    exit
  fi
  rm -f raspios_lite_latest.zip

  # If run with sudo , change ownership to real user
  FILEPATH=`ls -1 *-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img`
  CALLER=`who am i | awk '{print $1}'`
  if [ "$CALLER" != "root" ]; then
    chown $CALLER.`groups $CALLER | awk '{print $1}'` "$FILEPATH" 2>/dev/null
  fi

 LOOP=$(losetup --show -fP "${FILEPATH}")
 mount ${LOOP}p2 ${TMP}
 mount ${LOOP}p1 ${TMP}/boot/

 # Make the change
 if [[ -e "${TMP}/boot/ssh" ]]; then
  echo "\"`basename "$FILEPATH"`\" ALREADY had boot/ssh set."
 else
  touch ${TMP}/boot/ssh
  echo "\"`basename "$FILEPATH"`\" now has boot/ssh set."
 fi
 ADDTONAME="ssh"

 if [ "$WIFI" = true ] ; then
 cat <<EOF > ${TMP}/boot/wpa_supplicant.conf
 country=${COUNTRY}
 ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
 network={
     ssid="${SSID}"
     psk="${PSK}"
     key_mgmt=WPA-PSK
 }
 EOF
  echo "\"`basename "$FILEPATH"`\" now has boot/wpa_supplicant.conf configured."
  ADDTONAME="${ADDTONAME}-wifi"
 fi

 if [ "$KEY" = true ] ; then
  IDS=$(grep pi ${TMP}/etc/passwd | cut -d':' -f3,4)
  mkdir ${TMP}/home/pi/.ssh
  echo ${SSHKEY} > ${TMP}/home/pi/.ssh/authorized_keys
  chown -R ${IDS} ${TMP}/home/pi/.ssh
  chmod 600 ${TMP}/home/pi/.ssh/authorized_keys
  chmod 700 ${TMP}/home/pi/.ssh
  echo "\"`basename "$FILEPATH"`\" now has a ssh public key for user pi configured."
  ADDTONAME="${ADDTONAME}-sshkey"
 fi

 if [ "$FSCK" = true ]; then
  sed -i 's|rootfstype=ext4|rootfstype=ext4 fsck.repair=yes fsck.mode=force|g' ${TMP}/boot/cmdline.txt
  echo "*************************************************************"
  cat ${TMP}/boot/cmdline.txt
  echo "*************************************************************"
  echo '#!/bin/bash' > ${TMP}/root/runonce.sh
  echo "sed -i 's| fsck.repair=yes fsck.mode=force||g' /boot/cmdline.txt" >> ${TMP}/root/runonce.sh
  echo "sed -i '/runonce.sh/d' /etc/rc.local" >> ${TMP}/root/runonce.sh
  chmod +x ${TMP}/root/runonce.sh
  echo "/root/runonce.sh" >> ${TMP}/etc/rc.local
  ADDTONAME="${ADDTONAME}-fsck"
 fi

 umount ${LOOP}p1
 umount ${LOOP}p2

 filename=$(basename -- "${FILEPATH}")
 filename="${filename%.*}"
 filename="${filename}-${ADDTONAME}.img"

 mv ${FILEPATH} ${filename}

 if command -v zip &> /dev/null; then
  echo "Found zip installed, zipping image"
  zip ${filename}.zip ${filename}
  rm -f ${filename}
  filename="${filename}.zip"
 fi

 echo "Moving new image to ${OUTPUTDIR}/${filename}"
 mv ${filename} ${OUTPUTDIR}/${filename}

 # Unmount and clear up
 cleanup
	#!/bin/bash
	# Andrew Oakley aoakley.com Public Domain 2016
	# Check out cotswoldjam.org for RPi events in Gloucestershire
	# I recommend you place this script in /usr/local/sbin
	#
	# Changes and additions by Thomas Deutsch
	#
	# Thanks to https://raspberrypi.stackexchange.com/a/99531
	#

	# Set this to armhf for 32bit and arm64 for 64bit
	OSTYPE="armhf"

	# If true, WiFi will be configured
	WIFI=true

	# If true, SSH Key will be added to user pi
	KEY=true

	# If true, fsck autorepair on first boot
	FSCK=true

	# SSID of your WiFi
	SSID="mySSID"

	#Key of your WiFi
	PSK="myPSK"

	#Two letter country code
	COUNTRY="CH"

	#SSH Key
	SSHKEY="ssh-rsa abcde...."

	#Output directory
	OUTPUTDIR="/root/seafile/sync"

	RASPIOSVERSION=$(curl http://downloads.raspberrypi.org/raspios_lite_${OSTYPE}/os.json \| grep version \| cut -d'"' -f4)
	TMP=$(mktemp -d)
	TMP2="${TMP}-work"
	PWD=$(pwd)

	set -e

	function cleanup {
	cd ${PWD}
	sudo umount -f $TMP/boot/ &> /dev/null
	sudo umount -f $TMP &> /dev/null
	sudo losetup -d ${LOOP}
	sudo rm -rf $TMP
	sudo rm -rf ${TMP2}
	}

	trap cleanup EXIT INT TERM

	# Help
	if [[ "$1" == "-h" \|\| "$1" == "/?" \|\| "$1" == "--help" ]]; then
	echo "Enables SSH on a raspios image from Nov 2016 or later"
	echo "Usage:"
	echo " sudo `basename $0` [imagename]"
	echo "If imagename is not supplied, downloads the latest version of raspios ${RASPIOSVERSION} Lite ${OSTYPE}."
	exit
	fi

	# Need to be root - we'll be mounting loopback device
	if [ "$(id -u)" != 0 ]; then
	echo "You must be root to run this. Try:"
	echo " sudo `basename $0` $*"
	echo "or"
	echo " `basename $0` -h"
	echo "for help"
	exit
	fi

	# Make a working directory and download
	mkdir ${TMP2}
	cd ${TMP2}
	curl -L "https://downloads.raspberrypi.org/raspios_lite_${OSTYPE}_latest" -o raspios_lite_latest.zip
	unzip raspios_lite_latest.zip

	# Did we get what we were expecting?
	if [[ `ls -1 *-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img \| wc -l` -ne 1 ]]; then
	echo "Can't find \"*-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img\" in raspios_lite_latest"
	exit
	fi
	rm -f raspios_lite_latest.zip

	# If run with sudo , change ownership to real user
	FILEPATH=`ls -1 *-raspios-${RASPIOSVERSION}-${OSTYPE}-lite.img`
	CALLER=`who am i \| awk '{print $1}'`
	if [ "$CALLER" != "root" ]; then
	chown $CALLER.`groups $CALLER \| awk '{print $1}'` "$FILEPATH" 2>/dev/null
	fi

	LOOP=$(losetup --show -fP "${FILEPATH}")
	mount ${LOOP}p2 ${TMP}
	mount ${LOOP}p1 ${TMP}/boot/

	# Make the change
	if [[ -e "${TMP}/boot/ssh" ]]; then
	echo "\"`basename "$FILEPATH"`\" ALREADY had boot/ssh set."
	else
	touch ${TMP}/boot/ssh
	echo "\"`basename "$FILEPATH"`\" now has boot/ssh set."
	fi
	ADDTONAME="ssh"

	if [ "$WIFI" = true ] ; then
	cat <<EOF > ${TMP}/boot/wpa_supplicant.conf
	country=${COUNTRY}
	ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
	network={
	ssid="${SSID}"
	psk="${PSK}"
	key_mgmt=WPA-PSK
	}
	EOF
	echo "\"`basename "$FILEPATH"`\" now has boot/wpa_supplicant.conf configured."
	ADDTONAME="${ADDTONAME}-wifi"
	fi

	if [ "$KEY" = true ] ; then
	IDS=$(grep pi ${TMP}/etc/passwd \| cut -d':' -f3,4)
	mkdir ${TMP}/home/pi/.ssh
	echo ${SSHKEY} > ${TMP}/home/pi/.ssh/authorized_keys
	chown -R ${IDS} ${TMP}/home/pi/.ssh
	chmod 600 ${TMP}/home/pi/.ssh/authorized_keys
	chmod 700 ${TMP}/home/pi/.ssh
	echo "\"`basename "$FILEPATH"`\" now has a ssh public key for user pi configured."
	ADDTONAME="${ADDTONAME}-sshkey"
	fi

	if [ "$FSCK" = true ]; then
	sed -i 's\|rootfstype=ext4\|rootfstype=ext4 fsck.repair=yes fsck.mode=force\|g' ${TMP}/boot/cmdline.txt
	echo "*************************************************************"
	cat ${TMP}/boot/cmdline.txt
	echo "*************************************************************"
	echo '#!/bin/bash' > ${TMP}/root/runonce.sh
	echo "sed -i 's\| fsck.repair=yes fsck.mode=force\|\|g' /boot/cmdline.txt" >> ${TMP}/root/runonce.sh
	echo "sed -i '/runonce.sh/d' /etc/rc.local" >> ${TMP}/root/runonce.sh
	chmod +x ${TMP}/root/runonce.sh
	echo "/root/runonce.sh" >> ${TMP}/etc/rc.local
	ADDTONAME="${ADDTONAME}-fsck"
	fi

	umount ${LOOP}p1
	umount ${LOOP}p2

	filename=$(basename -- "${FILEPATH}")
	filename="${filename%.*}"
	filename="${filename}-${ADDTONAME}.img"

	mv ${FILEPATH} ${filename}

	if command -v zip &> /dev/null; then
	echo "Found zip installed, zipping image"
	zip ${filename}.zip ${filename}
	rm -f ${filename}
	filename="${filename}.zip"
	fi

	echo "Moving new image to ${OUTPUTDIR}/${filename}"
	mv ${filename} ${OUTPUTDIR}/${filename}

	# Unmount and clear up
	cleanup