├── .github ├── CODEOWNERS ├── FUNDING.yml ├── ISSUE_TEMPLATE │ ├── other.md │ ├── feature_request.md │ └── bug_report.md ├── ISSUE_TEMPLATE.md └── PULL_REQUEST_TEMPLATE.md ├── stage3 ├── 07-patches │ ├── files │ │ ├── client_secrets.json │ │ ├── monstop │ │ ├── monstart │ │ ├── loopback.nmconnection │ │ ├── eth0.nmconnection │ │ ├── modules.conf │ │ ├── usb0.nmconnection │ │ ├── bettercap.service │ │ ├── pwnagotchi-launcher │ │ ├── settings.yaml │ │ ├── pwnagotchi.service │ │ ├── bettercap-launcher │ │ ├── pwngrid-peer.service │ │ ├── dphys-swapfile │ │ ├── pwnagotchi_completion.sh │ │ ├── profile │ │ ├── 01-motd │ │ ├── sudoers │ │ ├── 85-nm-unmanaged.rules │ │ ├── decryption-webserver │ │ └── pwnlib │ ├── 00-patches │ │ ├── series │ │ └── 02-bluetooth.diff │ ├── 01-run-chroot.sh │ └── 00-run.sh ├── prerun.sh ├── EXPORT_IMAGE ├── 01-pwn-packages │ ├── 01-run.sh │ ├── 01-run-chroot.sh │ └── 00-packages-nr ├── 00-pre-pwn │ ├── 00-run.sh │ └── 00-run-chroot.sh ├── 06-hcxtools │ └── 00-run-chroot.sh ├── 05-install-pwnagotchi │ ├── 00-run.sh │ └── 01-run-chroot.sh ├── 02-libpcap │ └── 01-run-chroot.sh ├── 03-bettercap-pwngrid │ ├── 01-run-chroot.sh │ └── 02-run-chroot.sh └── 04-nexmon │ └── 01-run-chroot.sh ├── pi-gen-32bit ├── stage0 │ ├── 01-locale │ │ └── 00-packages │ ├── 00-configure-apt │ │ ├── 01-packages │ │ ├── files │ │ │ ├── 51cache │ │ │ ├── raspberrypi-archive-keyring.pgp │ │ │ ├── raspi.sources │ │ │ ├── raspi.list │ │ │ ├── raspbian.sources │ │ │ ├── sources.list │ │ │ └── raspberrypi.gpg.key │ │ └── 00-run.sh │ ├── files │ │ └── raspberrypi.gpg │ ├── 02-firmware │ │ ├── 01-packages │ │ └── 02-run.sh │ └── prerun.sh ├── stage1 │ ├── 02-net-tweaks │ │ ├── 00-packages │ │ └── 00-run.sh │ ├── 01-sys-tweaks │ │ ├── 00-packages │ │ ├── 00-patches │ │ │ ├── series │ │ │ └── 01-bashrc.diff │ │ ├── files │ │ │ └── fstab │ │ └── 00-run.sh │ ├── 03-install-packages │ │ └── 00-packages │ ├── prerun.sh │ └── 00-boot-files │ │ ├── files │ │ ├── cmdline.txt │ │ └── config.txt │ │ └── 00-run.sh ├── stage2 │ ├── 04-cloud-init │ │ ├── 00-packages │ │ ├── files │ │ │ ├── 00-network-manager-all.yaml │ │ │ ├── 99_raspberry-pi.cfg │ │ │ ├── meta-data │ │ │ ├── network-config │ │ │ └── user-data │ │ ├── README.txt │ │ └── 01-run.sh │ ├── 00-copies-and-fills │ │ ├── 01-packages │ │ └── 02-run.sh │ ├── 01-sys-tweaks │ │ ├── 00-packages-nr │ │ ├── 00-patches │ │ │ ├── series │ │ │ ├── 04-inputrc.diff │ │ │ ├── 07-resize-init.diff │ │ │ ├── 02-swap.diff │ │ │ ├── 01-useradd.diff │ │ │ └── 05-path.diff │ │ ├── files │ │ │ ├── 90-qemu.rules │ │ │ ├── 50raspi │ │ │ ├── console-setup │ │ │ └── resize2fs_once │ │ ├── 00-packages │ │ └── 01-run.sh │ ├── prerun.sh │ ├── 03-accept-mathematica-eula │ │ └── 00-debconf │ ├── 03-set-timezone │ │ └── 02-run.sh │ └── 02-net-tweaks │ │ ├── 00-packages │ │ └── 01-run.sh ├── export-image │ ├── 01-user-rename │ │ ├── 00-packages │ │ └── 01-run.sh │ ├── 03-network │ │ ├── files │ │ │ └── resolv.conf │ │ └── 01-run.sh │ ├── 00-allow-rerun │ │ └── 00-run.sh │ ├── 02-set-sources │ │ └── 01-run.sh │ ├── 04-set-partuuid │ │ └── 00-run.sh │ ├── prerun.sh │ └── 05-finalise │ │ └── 01-run.sh ├── stage3 │ ├── 00-install-packages │ │ ├── 00-packages │ │ └── 00-packages-nr │ ├── prerun.sh │ └── 01-print-support │ │ └── 00-run.sh ├── .dockerignore ├── .gitlab-ci.yml ├── .gitignore ├── stage4 │ ├── prerun.sh │ ├── EXPORT_IMAGE │ ├── 00-install-packages │ │ └── 00-packages │ └── 01-disable-wayvnc │ │ └── 00-run.sh ├── stage5 │ ├── prerun.sh │ ├── 00-install-extras │ │ └── 00-packages │ ├── 00-install-libreoffice │ │ └── 00-packages │ └── EXPORT_IMAGE ├── export-noobs │ ├── 00-release │ │ ├── files │ │ │ ├── OS.png │ │ │ ├── marketing │ │ │ │ └── slides_vga │ │ │ │ │ ├── A.png │ │ │ │ │ ├── B.png │ │ │ │ │ ├── C.png │ │ │ │ │ ├── D.png │ │ │ │ │ ├── E.png │ │ │ │ │ ├── F.png │ │ │ │ │ └── G.png │ │ │ ├── os.json │ │ │ ├── partitions.json │ │ │ └── partition_setup.sh │ │ └── 00-run.sh │ └── prerun.sh ├── depends ├── scripts │ ├── remove-comments.sed │ ├── dependencies_check │ └── common ├── Dockerfile ├── LICENSE └── build-docker.sh ├── pi-gen-64bit ├── stage0 │ ├── 01-locale │ │ └── 00-packages │ ├── 00-configure-apt │ │ ├── 01-packages │ │ ├── files │ │ │ ├── 51cache │ │ │ ├── raspberrypi-archive-keyring.pgp │ │ │ ├── raspi.sources │ │ │ ├── raspi.list │ │ │ ├── debian.sources │ │ │ ├── sources.list │ │ │ └── raspberrypi.gpg.key │ │ └── 00-run.sh │ ├── files │ │ └── raspberrypi.gpg │ ├── 02-firmware │ │ ├── 01-packages │ │ └── 02-run.sh │ └── prerun.sh ├── stage1 │ ├── 02-net-tweaks │ │ ├── 00-packages │ │ └── 00-run.sh │ ├── 01-sys-tweaks │ │ ├── 00-packages │ │ ├── 00-patches │ │ │ ├── series │ │ │ └── 01-bashrc.diff │ │ ├── files │ │ │ └── fstab │ │ └── 00-run.sh │ ├── 03-install-packages │ │ └── 00-packages │ ├── prerun.sh │ └── 00-boot-files │ │ ├── files │ │ ├── cmdline.txt │ │ └── config.txt │ │ └── 00-run.sh ├── stage2 │ ├── 04-cloud-init │ │ ├── 00-packages │ │ ├── files │ │ │ ├── 00-network-manager-all.yaml │ │ │ ├── 99_raspberry-pi.cfg │ │ │ ├── meta-data │ │ │ ├── network-config │ │ │ └── user-data │ │ ├── README.txt │ │ └── 01-run.sh │ ├── 01-sys-tweaks │ │ ├── 00-packages-nr │ │ ├── 00-patches │ │ │ ├── series │ │ │ ├── 04-inputrc.diff │ │ │ ├── 07-resize-init.diff │ │ │ ├── 02-swap.diff │ │ │ ├── 01-useradd.diff │ │ │ └── 05-path.diff │ │ ├── files │ │ │ ├── 90-qemu.rules │ │ │ ├── 50raspi │ │ │ ├── console-setup │ │ │ └── resize2fs_once │ │ ├── 00-packages │ │ └── 01-run.sh │ ├── prerun.sh │ ├── 03-accept-mathematica-eula │ │ └── 00-debconf │ ├── 03-set-timezone │ │ └── 02-run.sh │ └── 02-net-tweaks │ │ ├── 00-packages │ │ └── 01-run.sh ├── export-image │ ├── 01-user-rename │ │ ├── 00-packages │ │ └── 01-run.sh │ ├── 03-network │ │ ├── files │ │ │ └── resolv.conf │ │ └── 01-run.sh │ ├── 00-allow-rerun │ │ └── 00-run.sh │ ├── 02-set-sources │ │ └── 01-run.sh │ ├── 04-set-partuuid │ │ └── 00-run.sh │ ├── prerun.sh │ └── 05-finalise │ │ └── 01-run.sh ├── stage3 │ ├── 00-install-packages │ │ ├── 00-packages │ │ └── 00-packages-nr │ ├── prerun.sh │ └── 01-print-support │ │ └── 00-run.sh ├── .dockerignore ├── .gitlab-ci.yml ├── .gitignore ├── stage4 │ ├── prerun.sh │ ├── EXPORT_IMAGE │ ├── 00-install-packages │ │ └── 00-packages │ └── 01-disable-wayvnc │ │ └── 00-run.sh ├── stage5 │ ├── prerun.sh │ ├── 00-install-extras │ │ └── 00-packages │ ├── 00-install-libreoffice │ │ └── 00-packages │ └── EXPORT_IMAGE ├── export-noobs │ ├── 00-release │ │ ├── files │ │ │ ├── OS.png │ │ │ ├── marketing │ │ │ │ └── slides_vga │ │ │ │ │ ├── A.png │ │ │ │ │ ├── B.png │ │ │ │ │ ├── C.png │ │ │ │ │ ├── D.png │ │ │ │ │ ├── E.png │ │ │ │ │ ├── F.png │ │ │ │ │ └── G.png │ │ │ ├── os.json │ │ │ ├── partitions.json │ │ │ └── partition_setup.sh │ │ └── 00-run.sh │ └── prerun.sh ├── depends ├── scripts │ ├── remove-comments.sed │ ├── dependencies_check │ └── common ├── Dockerfile ├── LICENSE └── build-docker.sh ├── README.md ├── .idea ├── codeStyles │ └── codeStyleConfig.xml ├── vcs.xml ├── .gitignore ├── inspectionProfiles │ └── profiles_settings.xml ├── modules.xml ├── misc.xml └── pwn-gen.iml ├── config-32bit ├── config-64bit ├── scripts ├── macos_connection_share.sh ├── openbsd_connection_share.sh ├── linux_connection_share.sh ├── restore.sh ├── language.sh └── backup.sh ├── Makefile ├── CONTRIBUTING.md └── CODE_OF_CONDUCT.md /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | jayofelony -------------------------------------------------------------------------------- /stage3/07-patches/files/client_secrets.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/01-locale/00-packages: -------------------------------------------------------------------------------- 1 | locales 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/01-locale/00-packages: -------------------------------------------------------------------------------- 1 | locales 2 | -------------------------------------------------------------------------------- /stage3/07-patches/00-patches/series: -------------------------------------------------------------------------------- 1 | 02-bluetooth.diff -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/02-net-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | netbase 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/02-net-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | netbase 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/01-sys-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | raspi-config 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/00-packages: -------------------------------------------------------------------------------- 1 | cloud-init 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/01-sys-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | raspi-config 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/00-packages: -------------------------------------------------------------------------------- 1 | cloud-init 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/01-user-rename/00-packages: -------------------------------------------------------------------------------- 1 | userconf-pi 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/01-user-rename/00-packages: -------------------------------------------------------------------------------- 1 | userconf-pi 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | This is the pwn-gen repo for building images for Pwnagotchi! -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/01-sys-tweaks/00-patches/series: -------------------------------------------------------------------------------- 1 | 01-bashrc.diff 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/03-install-packages/00-packages: -------------------------------------------------------------------------------- 1 | systemd-timesyncd 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/01-sys-tweaks/00-patches/series: -------------------------------------------------------------------------------- 1 | 01-bashrc.diff 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/03-install-packages/00-packages: -------------------------------------------------------------------------------- 1 | systemd-timesyncd 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/03-network/files/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver 8.8.8.8 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/00-copies-and-fills/01-packages: -------------------------------------------------------------------------------- 1 | raspi-copies-and-fills 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/03-network/files/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver 8.8.8.8 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/01-packages: -------------------------------------------------------------------------------- 1 | raspberrypi-archive-keyring 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/01-packages: -------------------------------------------------------------------------------- 1 | raspberrypi-archive-keyring 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage3/00-install-packages/00-packages: -------------------------------------------------------------------------------- 1 | rpd-preferences 2 | rpd-theme 3 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage3/00-install-packages/00-packages: -------------------------------------------------------------------------------- 1 | rpd-preferences 2 | rpd-theme 3 | -------------------------------------------------------------------------------- /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: jayofelony -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/51cache: -------------------------------------------------------------------------------- 1 | Acquire::http { Proxy "APT_PROXY"; }; 2 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage3/00-install-packages/00-packages-nr: -------------------------------------------------------------------------------- 1 | rpd-wayland-core 2 | rpd-x-core 3 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/51cache: -------------------------------------------------------------------------------- 1 | Acquire::http { Proxy "APT_PROXY"; }; 2 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage3/00-install-packages/00-packages-nr: -------------------------------------------------------------------------------- 1 | rpd-wayland-core 2 | rpd-x-core 3 | -------------------------------------------------------------------------------- /pi-gen-32bit/.dockerignore: -------------------------------------------------------------------------------- 1 | output/ 2 | work/ 3 | deploy/ 4 | apt-cacher-ng/ 5 | .git/objects/* 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/.dockerignore: -------------------------------------------------------------------------------- 1 | output/ 2 | work/ 3 | deploy/ 4 | apt-cacher-ng/ 5 | .git/objects/* 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-packages-nr: -------------------------------------------------------------------------------- 1 | cifs-utils 2 | rpicam-apps-lite 3 | mkvtoolnix 4 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-packages-nr: -------------------------------------------------------------------------------- 1 | cifs-utils 2 | rpicam-apps-lite 3 | mkvtoolnix 4 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-patches/series: -------------------------------------------------------------------------------- 1 | 01-useradd.diff 2 | 04-inputrc.diff 3 | 05-path.diff 4 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-patches/series: -------------------------------------------------------------------------------- 1 | 01-useradd.diff 2 | 04-inputrc.diff 3 | 05-path.diff 4 | -------------------------------------------------------------------------------- /stage3/07-patches/files/monstop: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | source /usr/bin/pwnlib 3 | stop_monitor_interface -------------------------------------------------------------------------------- /stage3/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - project: serge/pi-gen 3 | ref: ci 4 | file: 'pi-gen.yml' 5 | -------------------------------------------------------------------------------- /pi-gen-64bit/.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - project: serge/pi-gen 3 | ref: ci 4 | file: 'pi-gen.yml' 5 | -------------------------------------------------------------------------------- /stage3/07-patches/files/monstart: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | source /usr/bin/pwnlib 3 | start_monitor_interface 4 | -------------------------------------------------------------------------------- /pi-gen-32bit/.gitignore: -------------------------------------------------------------------------------- 1 | deploy/* 2 | work/* 3 | config 4 | postrun.sh 5 | SKIP 6 | SKIP_IMAGES 7 | .pc 8 | *-pc 9 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage3/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage4/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage5/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/.gitignore: -------------------------------------------------------------------------------- 1 | deploy/* 2 | work/* 3 | config 4 | postrun.sh 5 | SKIP 6 | SKIP_IMAGES 7 | .pc 8 | *-pc 9 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage3/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage4/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage5/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ ! -d "${ROOTFS_DIR}" ]; then 4 | copy_previous 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/03-network/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | install -m 644 files/resolv.conf "${ROOTFS_DIR}/etc/" 4 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/files/00-network-manager-all.yaml: -------------------------------------------------------------------------------- 1 | network: 2 | version: 2 3 | renderer: NetworkManager 4 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/03-network/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | install -m 644 files/resolv.conf "${ROOTFS_DIR}/etc/" 4 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/files/00-network-manager-all.yaml: -------------------------------------------------------------------------------- 1 | network: 2 | version: 2 3 | renderer: NetworkManager 4 | -------------------------------------------------------------------------------- /stage3/EXPORT_IMAGE: -------------------------------------------------------------------------------- 1 | IMG_SUFFIX="" 2 | if [ "${USE_QEMU}" = "1" ]; then 3 | export IMG_SUFFIX="${IMG_SUFFIX}-qemu" 4 | fi 5 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage5/00-install-extras/00-packages: -------------------------------------------------------------------------------- 1 | scratch3 2 | claws-mail 3 | code-the-classics code-the-classics-2 4 | kicad 5 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/files/raspberrypi.gpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jayofelony/pwn-gen/HEAD/pi-gen-32bit/stage0/files/raspberrypi.gpg -------------------------------------------------------------------------------- /pi-gen-32bit/stage3/01-print-support/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | on_chroot < 2 | 3 | 5 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jayofelony/pwn-gen/HEAD/pi-gen-32bit/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/02-firmware/01-packages: -------------------------------------------------------------------------------- 1 | initramfs-tools 2 | raspi-firmware 3 | linux-image-rpi-v6 4 | linux-image-rpi-v7 5 | linux-image-rpi-v8 6 | linux-headers-rpi-v6 7 | linux-headers-rpi-v7 8 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jayofelony/pwn-gen/HEAD/pi-gen-64bit/stage0/00-configure-apt/files/raspberrypi-archive-keyring.pgp -------------------------------------------------------------------------------- /.idea/vcs.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/00-allow-rerun/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -e "${ROOTFS_DIR}/etc/ld.so.preload" ]; then 4 | mv "${ROOTFS_DIR}/etc/ld.so.preload" "${ROOTFS_DIR}/etc/ld.so.preload.disabled" 5 | fi 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/00-allow-rerun/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -e "${ROOTFS_DIR}/etc/ld.so.preload" ]; then 4 | mv "${ROOTFS_DIR}/etc/ld.so.preload" "${ROOTFS_DIR}/etc/ld.so.preload.disabled" 5 | fi 6 | -------------------------------------------------------------------------------- /.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Editor-based HTTP Client requests 5 | /httpRequests/ 6 | # Datasource local storage ignored files 7 | /dataSources/ 8 | /dataSources.local.xml 9 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/raspi.sources: -------------------------------------------------------------------------------- 1 | Types: deb 2 | URIs: http://archive.raspberrypi.com/debian/ 3 | Suites: RELEASE 4 | Components: main 5 | Signed-By: /usr/share/keyrings/raspberrypi-archive-keyring.pgp 6 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/00-copies-and-fills/02-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -f "${ROOTFS_DIR}/etc/ld.so.preload" ]; then 4 | mv "${ROOTFS_DIR}/etc/ld.so.preload" "${ROOTFS_DIR}/etc/ld.so.preload.disabled" 5 | fi 6 | 7 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/files/50raspi: -------------------------------------------------------------------------------- 1 | # never use pdiffs. Current implementation is very slow on low-powered devices 2 | Acquire::PDiffs "0"; 3 | 4 | # download up to 5 pdiffs: 5 | #Acquire::PDiffs::FileLimit "5"; 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/raspi.sources: -------------------------------------------------------------------------------- 1 | Types: deb 2 | URIs: http://archive.raspberrypi.com/debian/ 3 | Suites: RELEASE 4 | Components: main 5 | Signed-By: /usr/share/keyrings/raspberrypi-archive-keyring.pgp 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/files/50raspi: -------------------------------------------------------------------------------- 1 | # never use pdiffs. Current implementation is very slow on low-powered devices 2 | Acquire::PDiffs "0"; 3 | 4 | # download up to 5 pdiffs: 5 | #Acquire::PDiffs::FileLimit "5"; 6 | -------------------------------------------------------------------------------- /stage3/07-patches/files/loopback.nmconnection: -------------------------------------------------------------------------------- 1 | [connection] 2 | id=loopback 3 | type=loopback 4 | 5 | [loopback] 6 | 7 | [ipv4] 8 | method=auto 9 | 10 | [ipv6] 11 | addr-gen-mode=default 12 | method=auto 13 | 14 | [proxy] 15 | -------------------------------------------------------------------------------- /.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /stage3/00-pre-pwn/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | # Edit this file to make changes to the WORK_DIR prior to installing all Pwnagotchi packages. 4 | # So you don't have to remove the entire WORK_DIR 5 | # remove these commands after it ran -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/01-sys-tweaks/files/fstab: -------------------------------------------------------------------------------- 1 | proc /proc proc defaults 0 0 2 | BOOTDEV /boot/firmware vfat defaults 0 2 3 | ROOTDEV / ext4 defaults,noatime 0 1 4 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/03-set-timezone/02-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo "${TIMEZONE_DEFAULT}" > "${ROOTFS_DIR}/etc/timezone" 4 | rm "${ROOTFS_DIR}/etc/localtime" 5 | 6 | on_chroot << EOF 7 | dpkg-reconfigure -f noninteractive tzdata 8 | EOF 9 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/01-sys-tweaks/files/fstab: -------------------------------------------------------------------------------- 1 | proc /proc proc defaults 0 0 2 | BOOTDEV /boot/firmware vfat defaults 0 2 3 | ROOTDEV / ext4 defaults,noatime 0 1 4 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/03-set-timezone/02-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo "${TIMEZONE_DEFAULT}" > "${ROOTFS_DIR}/etc/timezone" 4 | rm "${ROOTFS_DIR}/etc/localtime" 5 | 6 | on_chroot << EOF 7 | dpkg-reconfigure -f noninteractive tzdata 8 | EOF 9 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/02-net-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | wpasupplicant wireless-tools firmware-atheros firmware-brcm80211 firmware-libertas firmware-realtek firmware-mediatek firmware-marvell-prestera- 2 | raspberrypi-net-mods 3 | network-manager 4 | net-tools 5 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/02-net-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | wpasupplicant wireless-tools firmware-atheros firmware-brcm80211 firmware-libertas firmware-realtek firmware-mediatek firmware-marvell-prestera- 2 | raspberrypi-net-mods 3 | network-manager 4 | net-tools 5 | -------------------------------------------------------------------------------- /stage3/00-pre-pwn/00-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | # Edit this file to make changes to the WORK_DIR prior to installing all Pwnagotchi packages. 4 | # So you don't have to remove the entire WORK_DIR 5 | # remove these commands after it ran 6 | -------------------------------------------------------------------------------- /stage3/07-patches/files/eth0.nmconnection: -------------------------------------------------------------------------------- 1 | [connection] 2 | id=eth0 3 | type=ethernet 4 | interface-name=eth0 5 | autoconnect=true 6 | 7 | [ethernet] 8 | 9 | [ipv4] 10 | method=auto 11 | route-metric=100 12 | [ipv6] 13 | method=ignore 14 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/raspi.list: -------------------------------------------------------------------------------- 1 | deb http://archive.raspberrypi.com/debian/ RELEASE main 2 | # Uncomment line below then 'apt-get update' to enable 'apt-get source' 3 | #deb-src http://archive.raspberrypi.com/debian/ RELEASE main 4 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/raspi.list: -------------------------------------------------------------------------------- 1 | deb http://archive.raspberrypi.com/debian/ RELEASE main 2 | # Uncomment line below then 'apt-get update' to enable 'apt-get source' 3 | #deb-src http://archive.raspberrypi.com/debian/ RELEASE main 4 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/raspbian.sources: -------------------------------------------------------------------------------- 1 | Types: deb 2 | URIs: http://raspbian.raspberrypi.com/raspbian/ 3 | Architectures: armhf 4 | Suites: RELEASE 5 | Components: main contrib non-free rpi 6 | Signed-By: /usr/share/keyrings/raspbian-archive-keyring.gpg 7 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/02-net-tweaks/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo "${TARGET_HOSTNAME}" > "${ROOTFS_DIR}/etc/hostname" 4 | echo "127.0.1.1 ${TARGET_HOSTNAME}" >> "${ROOTFS_DIR}/etc/hosts" 5 | 6 | on_chroot << EOF 7 | SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_net_names 1 8 | EOF 9 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/02-net-tweaks/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo "${TARGET_HOSTNAME}" > "${ROOTFS_DIR}/etc/hostname" 4 | echo "127.0.1.1 ${TARGET_HOSTNAME}" >> "${ROOTFS_DIR}/etc/hosts" 5 | 6 | on_chroot << EOF 7 | SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_net_names 1 8 | EOF 9 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/01-user-rename/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [[ "${DISABLE_FIRST_BOOT_USER_RENAME}" == "0" ]]; then 4 | on_chroot <<- EOF 5 | SUDO_USER="${FIRST_USER_NAME}" rename-user -f -s 6 | EOF 7 | else 8 | rm -f "${ROOTFS_DIR}/etc/xdg/autostart/piwiz.desktop" 9 | fi 10 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/01-user-rename/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [[ "${DISABLE_FIRST_BOOT_USER_RENAME}" == "0" ]]; then 4 | on_chroot <<- EOF 5 | SUDO_USER="${FIRST_USER_NAME}" rename-user -f -s 6 | EOF 7 | else 8 | rm -f "${ROOTFS_DIR}/etc/xdg/autostart/piwiz.desktop" 9 | fi 10 | -------------------------------------------------------------------------------- /.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /stage3/07-patches/files/modules.conf: -------------------------------------------------------------------------------- 1 | # /etc/modules: kernel modules to load at boot time. 2 | # 3 | # This file contains the names of kernel modules that should be loaded 4 | # at boot time, one per line. Lines beginning with "#" are ignored. 5 | # Parameters can be specified after the module name. 6 | i2c-dev -------------------------------------------------------------------------------- /.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/sources.list: -------------------------------------------------------------------------------- 1 | deb [ arch=armhf ] http://raspbian.raspberrypi.com/raspbian/ RELEASE main contrib non-free rpi 2 | # Uncomment line below then 'apt-get update' to enable 'apt-get source' 3 | #deb-src http://raspbian.raspberrypi.com/raspbian/ RELEASE main contrib non-free rpi 4 | -------------------------------------------------------------------------------- /stage3/07-patches/files/usb0.nmconnection: -------------------------------------------------------------------------------- 1 | [connection] 2 | id=usb0 3 | type=ethernet 4 | interface-name=usb0 5 | autoconnect=true 6 | 7 | [ethernet] 8 | 9 | [ipv4] 10 | addresses=10.0.0.2/24 11 | gateway=10.0.0.1 12 | dns=8.8.8.8;1.1.1.1; 13 | method=manual 14 | route-metric=100 15 | 16 | [ipv6] 17 | method=disabled 18 | -------------------------------------------------------------------------------- /stage3/07-patches/files/bettercap.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=bettercap api.rest service. 3 | Documentation=https://bettercap.org 4 | Wants=network.target 5 | 6 | [Service] 7 | Type=simple 8 | ExecStart=/usr/bin/bettercap-launcher 9 | Restart=always 10 | RestartSec=30 11 | 12 | [Install] 13 | WantedBy=multi-user.target 14 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-patches/04-inputrc.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/etc/inputrc 2 | +++ stage2/rootfs/etc/inputrc 3 | @@ -69,3 +69,7 @@ $endif 4 | # "\e[F": end-of-line 5 | 6 | $endif 7 | + 8 | +# mappings for up and down arrows search history 9 | +# "\e[B": history-search-forward 10 | +# "\e[A": history-search-backward 11 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-patches/04-inputrc.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/etc/inputrc 2 | +++ stage2/rootfs/etc/inputrc 3 | @@ -69,3 +69,7 @@ $endif 4 | # "\e[F": end-of-line 5 | 6 | $endif 7 | + 8 | +# mappings for up and down arrows search history 9 | +# "\e[B": history-search-forward 10 | +# "\e[A": history-search-backward 11 | -------------------------------------------------------------------------------- /.idea/pwn-gen.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /stage3/06-hcxtools/00-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | cd /usr/local/src/ 4 | 5 | echo -e "\e[32m=== Installing hcxtools ===\e[0m" 6 | if [ ! -f /usr/bin/hcxpcapngtool ]; then 7 | git clone https://github.com/ZerBea/hcxtools.git hcxtools 8 | cd hcxtools 9 | make 10 | make install 11 | rm -r /usr/local/src/hcxtools 12 | fi 13 | -------------------------------------------------------------------------------- /pi-gen-32bit/depends: -------------------------------------------------------------------------------- 1 | quilt 2 | parted 3 | realpath:coreutils 4 | qemu-arm-static:qemu-user-static 5 | debootstrap 6 | zerofree 7 | zip 8 | mkdosfs:dosfstools 9 | mke2fs:e2fsprogs 10 | capsh:libcap2-bin 11 | bsdtar:libarchive-tools 12 | grep 13 | rsync 14 | xz:xz-utils 15 | curl 16 | xxd 17 | file 18 | git 19 | lsmod:kmod 20 | bc 21 | gpg 22 | pigz 23 | arch-test 24 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/02-set-sources/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" 4 | rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 5 | find "${ROOTFS_DIR}/var/lib/apt/lists/" -type f -delete 6 | on_chroot << EOF 7 | apt-get update 8 | apt-get -y dist-upgrade --auto-remove --purge 9 | apt-get clean 10 | EOF 11 | -------------------------------------------------------------------------------- /pi-gen-64bit/depends: -------------------------------------------------------------------------------- 1 | quilt 2 | parted 3 | realpath:coreutils 4 | qemu-arm-static:qemu-user-static 5 | debootstrap 6 | zerofree 7 | zip 8 | mkdosfs:dosfstools 9 | mke2fs:e2fsprogs 10 | capsh:libcap2-bin 11 | bsdtar:libarchive-tools 12 | grep 13 | rsync 14 | xz:xz-utils 15 | curl 16 | xxd 17 | file 18 | git 19 | lsmod:kmod 20 | bc 21 | gpg 22 | pigz 23 | arch-test 24 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/02-set-sources/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" 4 | rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 5 | find "${ROOTFS_DIR}/var/lib/apt/lists/" -type f -delete 6 | on_chroot << EOF 7 | apt-get update 8 | apt-get -y dist-upgrade --auto-remove --purge 9 | apt-get clean 10 | EOF 11 | -------------------------------------------------------------------------------- /pi-gen-32bit/scripts/remove-comments.sed: -------------------------------------------------------------------------------- 1 | # Deletes comments and collapses whitespace in ##-packages files 2 | 3 | # Append (N)ext line to buffer 4 | # if (!)not ($)buffer is EOF, (b)ranch to (:)label loop 5 | :loop 6 | N 7 | $ !b loop 8 | 9 | # Buffer is "line1\nline2\n...lineN", del comments and collapse whitespace 10 | s/#[^\n]*//g 11 | s/[[:space:]]\{1,\}/ /g 12 | -------------------------------------------------------------------------------- /pi-gen-64bit/scripts/remove-comments.sed: -------------------------------------------------------------------------------- 1 | # Deletes comments and collapses whitespace in ##-packages files 2 | 3 | # Append (N)ext line to buffer 4 | # if (!)not ($)buffer is EOF, (b)ranch to (:)label loop 5 | :loop 6 | N 7 | $ !b loop 8 | 9 | # Buffer is "line1\nline2\n...lineN", del comments and collapse whitespace 10 | s/#[^\n]*//g 11 | s/[[:space:]]\{1,\}/ /g 12 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ "$RELEASE" != "trixie" ]; then 4 | echo "WARNING: RELEASE does not match the intended option for this branch." 5 | echo " Please check the relevant README.md section." 6 | fi 7 | 8 | if [ ! -d "${ROOTFS_DIR}" ]; then 9 | bootstrap ${RELEASE} "${ROOTFS_DIR}" http://deb.debian.org/debian/ 10 | fi 11 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ "$RELEASE" != "trixie" ]; then 4 | echo "WARNING: RELEASE does not match the intended option for this branch." 5 | echo " Please check the relevant README.md section." 6 | fi 7 | 8 | if [ ! -d "${ROOTFS_DIR}" ]; then 9 | bootstrap ${RELEASE} "${ROOTFS_DIR}" http://raspbian.raspberrypi.com/raspbian/ 10 | fi 11 | -------------------------------------------------------------------------------- /stage3/01-pwn-packages/01-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo -e "\e[32m### Upgrading system packages ###\e[0m" 4 | apt-get update 5 | apt-get -y dist-upgrade 6 | 7 | echo -e "\e[32m### Installing rust ###\e[0m" 8 | curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSf | sh -s -- -y 9 | export PATH="/root/.cargo/bin:$PATH" 10 | source /root/.profile 11 | source /root/.cargo/env 12 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/files/console-setup: -------------------------------------------------------------------------------- 1 | # CONFIGURATION FILE FOR SETUPCON 2 | 3 | # Consult the console-setup(5) manual page. 4 | 5 | ACTIVE_CONSOLES="/dev/tty[1-6]" 6 | 7 | CHARMAP="UTF-8" 8 | 9 | CODESET="guess" 10 | FONTFACE="" 11 | FONTSIZE="" 12 | 13 | VIDEOMODE= 14 | 15 | # The following is an example how to use a braille font 16 | # FONT='lat9w-08.psf.gz brl-8x8.psf' 17 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/files/console-setup: -------------------------------------------------------------------------------- 1 | # CONFIGURATION FILE FOR SETUPCON 2 | 3 | # Consult the console-setup(5) manual page. 4 | 5 | ACTIVE_CONSOLES="/dev/tty[1-6]" 6 | 7 | CHARMAP="UTF-8" 8 | 9 | CODESET="guess" 10 | FONTFACE="" 11 | FONTSIZE="" 12 | 13 | VIDEOMODE= 14 | 15 | # The following is an example how to use a braille font 16 | # FONT='lat9w-08.psf.gz brl-8x8.psf' 17 | -------------------------------------------------------------------------------- /config-32bit: -------------------------------------------------------------------------------- 1 | IMG_NAME="pwnagotchi-32bit" 2 | WORK_DIR="/home/jayofelony/work-32bit" 3 | DEPLOY_DIR="/home/jayofelony/images" 4 | DEPLOY_COMPRESSION="xz" 5 | TARGET_HOSTNAME="pwnagotchi" 6 | KEYBOARD_KEYMAP="us" 7 | KEYBOARD_LAYOUT="English (US)" 8 | FIRST_USER_NAME="pi" 9 | FIRST_USER_PASS="raspberry" 10 | ENABLE_SSH="1" 11 | STAGE_LIST="pi-gen-32bit/stage0 pi-gen-32bit/stage1 pi-gen-32bit/stage2 stage3" -------------------------------------------------------------------------------- /stage3/05-install-pwnagotchi/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo -e "\e[32m### Creating Pwnagotchi folders ###\e[0m" 4 | install -v -d "${ROOTFS_DIR}/etc/pwnagotchi" 5 | install -v -d "${ROOTFS_DIR}/etc/pwnagotchi/log" 6 | install -v -d "${ROOTFS_DIR}/etc/pwnagotchi/conf.d/" 7 | install -v -d "${ROOTFS_DIR}/usr/local/share/pwnagotchi" 8 | install -v -d "${ROOTFS_DIR}/usr/local/share/pwnagotchi/custom-plugins/" -------------------------------------------------------------------------------- /config-64bit: -------------------------------------------------------------------------------- 1 | IMG_NAME="pwnagotchi-64bit" 2 | WORK_DIR="/home/jayofelony/work-64bit" 3 | DEPLOY_DIR="/home/jayofelony/images" 4 | DEPLOY_COMPRESSION="xz" 5 | TARGET_HOSTNAME="pwnagotchi" 6 | KEYBOARD_KEYMAP="us" 7 | KEYBOARD_LAYOUT="English (US)" 8 | FIRST_USER_NAME="pi" 9 | FIRST_USER_PASS="raspberry" 10 | ENABLE_SSH="1" 11 | STAGE_LIST="pi-gen-64bit/stage0 pi-gen-64bit/stage1 pi-gen-64bit/stage2 stage3" 12 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-patches/07-resize-init.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/boot/firmware/cmdline.txt 2 | +++ stage2/rootfs/boot/firmware/cmdline.txt 3 | @@ -1 +1 @@ 4 | -console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait 5 | +console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait quiet init=/usr/lib/raspberrypi-sys-mods/firstboot 6 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-patches/07-resize-init.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/boot/firmware/cmdline.txt 2 | +++ stage2/rootfs/boot/firmware/cmdline.txt 3 | @@ -1 +1 @@ 4 | -console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait 5 | +console=serial0,115200 console=tty1 root=ROOTDEV rootfstype=ext4 fsck.repair=yes rootwait quiet init=/usr/lib/raspberrypi-sys-mods/firstboot 6 | -------------------------------------------------------------------------------- /stage3/07-patches/00-patches/02-bluetooth.diff: -------------------------------------------------------------------------------- 1 | --- pwn.orig/rootfs/usr/lib/systemd/system/bluetooth.service 2 | +++ pwn/rootfs/usr/lib/systemd/system/bluetooth.service 3 | @@ -6,7 +6,7 @@ 4 | [Service] 5 | Type=dbus 6 | BusName=org.bluez 7 | -ExecStart=/usr/libexec/bluetooth/bluetoothd 8 | +ExecStart=/usr/libexec/bluetooth/bluetoothd --noplugin=sap,a2dp 9 | NotifyAccess=main 10 | #WatchdogSec=10 11 | #Restart=on-failure -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/01-sys-tweaks/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | install -v -m 644 files/fstab "${ROOTFS_DIR}/etc/fstab" 4 | 5 | on_chroot << EOF 6 | if ! id -u ${FIRST_USER_NAME} >/dev/null 2>&1; then 7 | adduser --disabled-password --gecos "" ${FIRST_USER_NAME} 8 | fi 9 | 10 | if [ -n "${FIRST_USER_PASS}" ]; then 11 | echo "${FIRST_USER_NAME}:${FIRST_USER_PASS}" | chpasswd 12 | fi 13 | echo "root:root" | chpasswd 14 | EOF 15 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/01-sys-tweaks/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | install -v -m 644 files/fstab "${ROOTFS_DIR}/etc/fstab" 4 | 5 | on_chroot << EOF 6 | if ! id -u ${FIRST_USER_NAME} >/dev/null 2>&1; then 7 | adduser --disabled-password --gecos "" ${FIRST_USER_NAME} 8 | fi 9 | 10 | if [ -n "${FIRST_USER_PASS}" ]; then 11 | echo "${FIRST_USER_NAME}:${FIRST_USER_PASS}" | chpasswd 12 | fi 13 | echo "root:root" | chpasswd 14 | EOF 15 | -------------------------------------------------------------------------------- /stage3/07-patches/files/pwnagotchi-launcher: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | source /usr/bin/pwnlib 3 | 4 | # we need to decrypt something 5 | if is_crypted_mode; then 6 | while ! is_decrypted; do 7 | echo "Waiting for decryption..." 8 | sleep 1 9 | done 10 | fi 11 | 12 | if is_auto_mode; then 13 | /home/pi/.pwn/bin/pwnagotchi 14 | systemctl restart bettercap 15 | else 16 | /home/pi/.pwn/bin/pwnagotchi --manual 17 | fi 18 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/02-firmware/02-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then 4 | sed -i 's/^update_initramfs=.*/update_initramfs=no/' "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" 5 | fi 6 | 7 | if [ ! -f "${ROOTFS_DIR}/etc/kernel-img.conf" ]; then 8 | echo "do_symlinks=0" > "${ROOTFS_DIR}/etc/kernel-img.conf" 9 | fi 10 | rm -f "${ROOTFS_DIR}/"{vmlinuz,initrd.img}* 11 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/02-firmware/02-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then 4 | sed -i 's/^update_initramfs=.*/update_initramfs=no/' "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" 5 | fi 6 | 7 | if [ ! -f "${ROOTFS_DIR}/etc/kernel-img.conf" ]; then 8 | echo "do_symlinks=0" > "${ROOTFS_DIR}/etc/kernel-img.conf" 9 | fi 10 | rm -f "${ROOTFS_DIR}/"{vmlinuz,initrd.img}* 11 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/debian.sources: -------------------------------------------------------------------------------- 1 | Types: deb 2 | URIs: http://deb.debian.org/debian/ 3 | Suites: RELEASE RELEASE-updates 4 | Components: main contrib non-free non-free-firmware 5 | Signed-By: /usr/share/keyrings/debian-archive-keyring.pgp 6 | 7 | Types: deb 8 | URIs: http://deb.debian.org/debian-security/ 9 | Suites: RELEASE-security 10 | Components: main contrib non-free non-free-firmware 11 | Signed-By: /usr/share/keyrings/debian-archive-keyring.pgp 12 | -------------------------------------------------------------------------------- /stage3/07-patches/files/settings.yaml: -------------------------------------------------------------------------------- 1 | client_config_backend: file 2 | client_config_file: /root/client_secrets.json 3 | client_config: 4 | client_id: 5 | client_secret: 6 | 7 | save_credentials: True 8 | save_credentials_backend: file 9 | save_credentials_file: /root/credentials.json 10 | 11 | get_refresh_token: True 12 | 13 | oauth_scope: 14 | - https://www.googleapis.com/auth/drive 15 | - https://www.googleapis.com/auth/drive.install -------------------------------------------------------------------------------- /pi-gen-64bit/export-noobs/00-release/files/os.json: -------------------------------------------------------------------------------- 1 | { 2 | "description": "NOOBS_DESCRIPTION", 3 | "kernel": "KERNEL", 4 | "name": "NOOBS_NAME", 5 | "password": "raspberry", 6 | "release_date": "UNRELEASED", 7 | "supported_models": [ 8 | "Pi Zero 2", 9 | "Pi 3", 10 | "Pi 4", 11 | "Pi Compute Module 3", 12 | "Pi Compute Module 4" 13 | ], 14 | "url": "http://www.raspbian.org/", 15 | "username": "pi", 16 | "version": "RELEASE" 17 | } 18 | -------------------------------------------------------------------------------- /stage3/07-patches/files/pwnagotchi.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=pwnagotchi Deep Reinforcement Learning instrumenting bettercap for WiFI pwning. 3 | Documentation=https://pwnagotchi.org 4 | Wants=network.target 5 | After=pwngrid-peer.service 6 | 7 | [Service] 8 | Type=simple 9 | WorkingDirectory=~ 10 | ExecStart=/usr/bin/pwnagotchi-launcher 11 | Restart=always 12 | RestartSec=30 13 | TasksMax=infinity 14 | LimitNPROC=infinity 15 | StandardOutput=null 16 | StandardError=null 17 | 18 | [Install] 19 | WantedBy=multi-user.target 20 | -------------------------------------------------------------------------------- /stage3/07-patches/files/bettercap-launcher: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | source /usr/bin/pwnlib 3 | 4 | # we need to decrypt something 5 | if is_crypted_mode; then 6 | while ! is_decrypted; do 7 | echo "Waiting for decryption..." 8 | sleep 1 9 | done 10 | fi 11 | 12 | reload_brcm 13 | start_monitor_interface 14 | 15 | if is_auto_mode_no_delete; then 16 | /usr/local/bin/bettercap -no-colors -caplet pwnagotchi-auto -iface wlan0mon 17 | else 18 | /usr/local/bin/bettercap -no-colors -caplet pwnagotchi-manual -iface wlan0mon 19 | fi 20 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/04-set-partuuid/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 4 | 5 | IMGID="$(dd if="${IMG_FILE}" skip=440 bs=1 count=4 2>/dev/null | xxd -e | cut -f 2 -d' ')" 6 | 7 | BOOT_PARTUUID="${IMGID}-01" 8 | ROOT_PARTUUID="${IMGID}-02" 9 | 10 | sed -i "s/BOOTDEV/PARTUUID=${BOOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab" 11 | sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab" 12 | 13 | sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/boot/firmware/cmdline.txt" 14 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/04-set-partuuid/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 4 | 5 | IMGID="$(dd if="${IMG_FILE}" skip=440 bs=1 count=4 2>/dev/null | xxd -e | cut -f 2 -d' ')" 6 | 7 | BOOT_PARTUUID="${IMGID}-01" 8 | ROOT_PARTUUID="${IMGID}-02" 9 | 10 | sed -i "s/BOOTDEV/PARTUUID=${BOOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab" 11 | sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab" 12 | 13 | sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/boot/firmware/cmdline.txt" 14 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/00-boot-files/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | mkdir -p "${ROOTFS_DIR}/boot/firmware" 4 | 5 | if ! [ -L "${ROOTFS_DIR}/boot/overlays" ]; then 6 | ln -s firmware/overlays "${ROOTFS_DIR}/boot/overlays" 7 | fi 8 | 9 | install -m 644 files/cmdline.txt "${ROOTFS_DIR}/boot/firmware/" 10 | install -m 644 files/config.txt "${ROOTFS_DIR}/boot/firmware/" 11 | 12 | for file in cmdline.txt config.txt; do 13 | printf "DO NOT EDIT THIS FILE\n\nThe file you are looking for has moved to %s\n" "/boot/firmware/${file}" > "${ROOTFS_DIR}/boot/${file}" 14 | done 15 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/00-boot-files/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | mkdir -p "${ROOTFS_DIR}/boot/firmware" 4 | 5 | if ! [ -L "${ROOTFS_DIR}/boot/overlays" ]; then 6 | ln -s firmware/overlays "${ROOTFS_DIR}/boot/overlays" 7 | fi 8 | 9 | install -m 644 files/cmdline.txt "${ROOTFS_DIR}/boot/firmware/" 10 | install -m 644 files/config.txt "${ROOTFS_DIR}/boot/firmware/" 11 | 12 | for file in cmdline.txt config.txt; do 13 | printf "DO NOT EDIT THIS FILE\n\nThe file you are looking for has moved to %s\n" "/boot/firmware/${file}" > "${ROOTFS_DIR}/boot/${file}" 14 | done 15 | -------------------------------------------------------------------------------- /pi-gen-32bit/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASE_IMAGE=debian:bullseye 2 | FROM ${BASE_IMAGE} 3 | 4 | ENV DEBIAN_FRONTEND=noninteractive 5 | 6 | RUN apt-get -y update && \ 7 | apt-get -y install --no-install-recommends \ 8 | git vim parted \ 9 | quilt coreutils qemu-user-static debootstrap zerofree zip dosfstools e2fsprogs\ 10 | libarchive-tools libcap2-bin rsync grep udev xz-utils curl xxd file kmod bc \ 11 | binfmt-support ca-certificates fdisk gpg pigz arch-test \ 12 | && rm -rf /var/lib/apt/lists/* 13 | 14 | COPY . /pi-gen/ 15 | 16 | VOLUME [ "/pi-gen/work", "/pi-gen/deploy"] 17 | -------------------------------------------------------------------------------- /pi-gen-64bit/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASE_IMAGE=debian:bullseye 2 | FROM ${BASE_IMAGE} 3 | 4 | ENV DEBIAN_FRONTEND=noninteractive 5 | 6 | RUN apt-get -y update && \ 7 | apt-get -y install --no-install-recommends \ 8 | git vim parted \ 9 | quilt coreutils qemu-user-static debootstrap zerofree zip dosfstools e2fsprogs\ 10 | libarchive-tools libcap2-bin rsync grep udev xz-utils curl xxd file kmod bc \ 11 | binfmt-support ca-certificates fdisk gpg pigz arch-test \ 12 | && rm -rf /var/lib/apt/lists/* 13 | 14 | COPY . /pi-gen/ 15 | 16 | VOLUME [ "/pi-gen/work", "/pi-gen/deploy"] 17 | -------------------------------------------------------------------------------- /stage3/07-patches/files/pwngrid-peer.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=pwngrid peer service. 3 | Documentation=https://pwnagotchi.org 4 | Wants=network.target 5 | After=bettercap.service 6 | 7 | [Service] 8 | Environment=LD_PRELOAD=/usr/local/lib/libpcap.so.1 9 | Environment=LD_LIBRARY_PATH=/usr/local/lib 10 | Type=simple 11 | ExecStart=/usr/local/bin/pwngrid -keys /etc/pwnagotchi -peers /root/peers -address 127.0.0.1:8666 -client-token /root/.api-enrollment.json -wait -log /etc/pwnagotchi/log/pwngrid-peer.log -iface wlan0mon 12 | Restart=always 13 | RestartSec=30 14 | 15 | [Install] 16 | WantedBy=multi-user.target 17 | -------------------------------------------------------------------------------- /scripts/macos_connection_share.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | UPSTREAM_IFACE=${1:-en0} 4 | USB_IFACE='' 5 | USB_IP=${2:-10.0.0.1} 6 | 7 | for i in $(ifconfig -lu); do 8 | if ifconfig "$i" | grep -q "${USB_IP}" ; then USB_IFACE=$i; fi; 9 | done 10 | 11 | if [ -z "$USB_IFACE" ] 12 | then 13 | echo "can't find usb interface with ip $USB_IP" 14 | exit 1 15 | fi 16 | 17 | echo "sharing connecting from upstream interface $UPSTREAM_IFACE to usb interface $USB_IFACE ..." 18 | 19 | sysctl -w net.inet.ip.forwarding=1 20 | pfctl -e 21 | echo "nat on ${UPSTREAM_IFACE} from ${USB_IFACE}:network to any -> (${UPSTREAM_IFACE})" | pfctl -f - 22 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-noobs/00-release/files/os.json: -------------------------------------------------------------------------------- 1 | { 2 | "description": "NOOBS_DESCRIPTION", 3 | "feature_level": 35120124, 4 | "kernel": "KERNEL", 5 | "name": "NOOBS_NAME", 6 | "password": "raspberry", 7 | "release_date": "UNRELEASED", 8 | "supported_hex_revisions": "2,3,4,5,6,7,8,9,d,e,f,10,11,12,14,19,1040,1041,0092,0093,2082", 9 | "supported_models": [ 10 | "Pi Model", 11 | "Pi 2", 12 | "Pi Zero", 13 | "Pi 3", 14 | "Pi Compute Module 3", 15 | "Pi 4" 16 | ], 17 | "url": "http://www.raspbian.org/", 18 | "username": "pi", 19 | "version": "RELEASE" 20 | } 21 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-patches/02-swap.diff: -------------------------------------------------------------------------------- 1 | Index: jessie-stage2/rootfs/etc/dphys-swapfile 2 | =================================================================== 3 | --- jessie-stage2.orig/rootfs/etc/dphys-swapfile 4 | +++ jessie-stage2/rootfs/etc/dphys-swapfile 5 | @@ -13,7 +13,7 @@ 6 | 7 | # set size to absolute value, leaving empty (default) then uses computed value 8 | # you most likely don't want this, unless you have an special disk situation 9 | -#CONF_SWAPSIZE= 10 | +CONF_SWAPSIZE=512 11 | 12 | # set size to computed value, this times RAM size, dynamically adapts, 13 | # guarantees that there is enough swap without wasting disk space on excess 14 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-patches/02-swap.diff: -------------------------------------------------------------------------------- 1 | Index: jessie-stage2/rootfs/etc/dphys-swapfile 2 | =================================================================== 3 | --- jessie-stage2.orig/rootfs/etc/dphys-swapfile 4 | +++ jessie-stage2/rootfs/etc/dphys-swapfile 5 | @@ -13,7 +13,7 @@ 6 | 7 | # set size to absolute value, leaving empty (default) then uses computed value 8 | # you most likely don't want this, unless you have an special disk situation 9 | -#CONF_SWAPSIZE= 10 | +CONF_SWAPSIZE=512 11 | 12 | # set size to computed value, this times RAM size, dynamically adapts, 13 | # guarantees that there is enough swap without wasting disk space on excess 14 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/sources.list: -------------------------------------------------------------------------------- 1 | deb http://deb.debian.org/debian RELEASE main contrib non-free non-free-firmware 2 | deb http://deb.debian.org/debian-security/ RELEASE-security main contrib non-free non-free-firmware 3 | deb http://deb.debian.org/debian RELEASE-updates main contrib non-free non-free-firmware 4 | # Uncomment deb-src lines below then 'apt-get update' to enable 'apt-get source' 5 | #deb-src http://deb.debian.org/debian RELEASE main contrib non-free non-free-firmware 6 | #deb-src http://deb.debian.org/debian-security/ RELEASE-security main contrib non-free non-free-firmware 7 | #deb-src http://deb.debian.org/debian RELEASE-updates main contrib non-free non-free-firmware 8 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/files/resize2fs_once: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ### BEGIN INIT INFO 3 | # Provides: resize2fs_once 4 | # Required-Start: 5 | # Required-Stop: 6 | # Default-Start: 3 7 | # Default-Stop: 8 | # Short-Description: Resize the root filesystem to fill partition 9 | # Description: 10 | ### END INIT INFO 11 | . /lib/lsb/init-functions 12 | case "$1" in 13 | start) 14 | log_daemon_msg "Starting resize2fs_once" 15 | ROOT_DEV=$(findmnt / -o source -n) && 16 | resize2fs $ROOT_DEV && 17 | update-rc.d resize2fs_once remove && 18 | rm /etc/init.d/resize2fs_once && 19 | log_end_msg $? 20 | ;; 21 | *) 22 | echo "Usage: $0 start" >&2 23 | exit 3 24 | ;; 25 | esac 26 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/files/resize2fs_once: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | ### BEGIN INIT INFO 3 | # Provides: resize2fs_once 4 | # Required-Start: 5 | # Required-Stop: 6 | # Default-Start: 3 7 | # Default-Stop: 8 | # Short-Description: Resize the root filesystem to fill partition 9 | # Description: 10 | ### END INIT INFO 11 | . /lib/lsb/init-functions 12 | case "$1" in 13 | start) 14 | log_daemon_msg "Starting resize2fs_once" 15 | ROOT_DEV=$(findmnt / -o source -n) && 16 | resize2fs $ROOT_DEV && 17 | update-rc.d resize2fs_once remove && 18 | rm /etc/init.d/resize2fs_once && 19 | log_end_msg $? 20 | ;; 21 | *) 22 | echo "Usage: $0 start" >&2 23 | exit 3 24 | ;; 25 | esac 26 | -------------------------------------------------------------------------------- /stage3/07-patches/01-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo -e "\e[32m### Setting permissions ###\e[0m" 4 | chmod +x /usr/bin/* 5 | chmod +x /usr/local/bin/* 6 | chmod +x /etc/update-motd.d/* 7 | 8 | echo -e "\e[32m### Enabling services ###\e[0m" 9 | systemctl enable bettercap pwngrid-peer pwnagotchi bluetooth.service 10 | systemctl disable wpa_supplicant apt-daily-upgrade.service apt-daily-upgrade.timer apt-daily.service apt-daily.timer 11 | 12 | echo -e "\e[32m### Disable apt packages from upgrading ###\e[0m" 13 | apt-mark hold firmware-atheros firmware-brcm80211 firmware-libertas firmware-misc-nonfree firmware-realtek 14 | 15 | echo -e "\e[32m### Cleaning up ###\e[0m" 16 | apt-get autoremove -y 17 | apt-get clean -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: enhancement 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/README.txt: -------------------------------------------------------------------------------- 1 | Cloud-init support for Raspberry Pi OS 2 | 3 | Reference for Raspberry Pi custom cloud-init config module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#raspberry-pi-configuration 4 | 5 | - files/network-config is required because otherwise imager would fail to create the correct filesystem entry 6 | 7 | - files/user-data same reason and to include some example configurations 8 | 9 | - files/meta-data Cloud-init instance configuration 10 | 11 | - files/99_raspberry-pi.cfg Cloud-init datasource configuration 12 | 13 | - files/00-network-manager-all.yaml Example from netplan docs/ubuntu for handing over control from 14 | netplan to NetworkManager by default. 15 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/README.txt: -------------------------------------------------------------------------------- 1 | Cloud-init support for Raspberry Pi OS 2 | 3 | Reference for Raspberry Pi custom cloud-init config module: https://cloudinit.readthedocs.io/en/latest/reference/modules.html#raspberry-pi-configuration 4 | 5 | - files/network-config is required because otherwise imager would fail to create the correct filesystem entry 6 | 7 | - files/user-data same reason and to include some example configurations 8 | 9 | - files/meta-data Cloud-init instance configuration 10 | 11 | - files/99_raspberry-pi.cfg Cloud-init datasource configuration 12 | 13 | - files/00-network-manager-all.yaml Example from netplan docs/ubuntu for handing over control from 14 | netplan to NetworkManager by default. 15 | -------------------------------------------------------------------------------- /scripts/openbsd_connection_share.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | USB_IFACE=$(ifconfig urndis0 | grep urndis0 | awk '{print $1}' | tr -d ':') 4 | USB_IP=${2:-10.0.0.1} 5 | 6 | # shellcheck disable=SC2046 7 | if test $(whoami) != root; then 8 | doas "$0" "$@" 9 | exit $? 10 | fi 11 | 12 | # shellcheck disable=SC2039 13 | if [ "${USB_IFACE}" == "urndis0" ]; then 14 | ifconfig "${USB_IFACE}" "${USB_IP}" 15 | sysctl -w net.inet.ip.forwarding=1 16 | echo "match out on egress inet from ${USB_IFACE}:network to any nat-to (egress:0)" | pfctl -f - 17 | pfctl -f /etc/pf.conf 18 | echo "sharing connecting from upstream interface to usb interface ${USB_IFACE} ..." 19 | else 20 | echo "can't find usb interface with ip ${USB_IFACE}" 21 | exit 1 22 | fi 23 | -------------------------------------------------------------------------------- /scripts/linux_connection_share.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -e 3 | 4 | # name of the ethernet gadget interface on the host 5 | USB_IFACE=${1:-enx002282ffff20} 6 | USB_IFACE_IP=10.0.0.1 7 | USB_IFACE_NET=10.0.0.0/24 8 | # host interface to use for upstream connection 9 | UPSTREAM_IFACE=${2:-wlp2s0} 10 | 11 | ip addr add "$USB_IFACE_IP/24" dev "$USB_IFACE" 12 | ip link set "$USB_IFACE" up 13 | 14 | iptables -A FORWARD -o "$UPSTREAM_IFACE" -i "$USB_IFACE" -s "$USB_IFACE_NET" -m conntrack --ctstate NEW -j ACCEPT 15 | iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT 16 | iptables -t nat -F POSTROUTING 17 | iptables -t nat -A POSTROUTING -o "$UPSTREAM_IFACE" -j MASQUERADE 18 | 19 | echo 1 > /proc/sys/net/ipv4/ip_forward 20 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-noobs/00-release/files/partitions.json: -------------------------------------------------------------------------------- 1 | { 2 | "partitions": [ 3 | { 4 | "filesystem_type": "FAT", 5 | "label": "boot", 6 | "mkfs_options": "-F 32 -s 4", 7 | "partition_size_nominal": BOOT_NOM, 8 | "uncompressed_tarball_size": BOOT_SIZE, 9 | "want_maximised": false, 10 | "sha256sum": "BOOT_SHASUM" 11 | }, 12 | { 13 | "filesystem_type": "ext4", 14 | "label": "root", 15 | "mkfs_options": "-O ^huge_file", 16 | "partition_size_nominal": ROOT_NOM, 17 | "uncompressed_tarball_size": ROOT_SIZE, 18 | "want_maximised": true, 19 | "sha256sum": "ROOT_SHASUM" 20 | } 21 | ] 22 | } 23 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-noobs/00-release/files/partitions.json: -------------------------------------------------------------------------------- 1 | { 2 | "partitions": [ 3 | { 4 | "filesystem_type": "FAT", 5 | "label": "boot", 6 | "mkfs_options": "-F 32 -s 4", 7 | "partition_size_nominal": BOOT_NOM, 8 | "uncompressed_tarball_size": BOOT_SIZE, 9 | "want_maximised": false, 10 | "sha256sum": "BOOT_SHASUM" 11 | }, 12 | { 13 | "filesystem_type": "ext4", 14 | "label": "root", 15 | "mkfs_options": "-O ^huge_file", 16 | "partition_size_nominal": ROOT_NOM, 17 | "uncompressed_tarball_size": ROOT_SIZE, 18 | "want_maximised": true, 19 | "sha256sum": "ROOT_SHASUM" 20 | } 21 | ] 22 | } 23 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: "[BUG]" 5 | labels: bug 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. ... 16 | 2. ... 17 | 3. ... 18 | 19 | **Expected behavior** 20 | A clear and concise description of what you expected to happen. 21 | 22 | **Screenshots** 23 | If applicable, add screenshots to help explain your problem. 24 | 25 | **Environment (please complete the following information):** 26 | - Pwnagotchi version 27 | - OS version 28 | - Type of hardware 29 | - Any additional hardware used 30 | 31 | **Additional context** 32 | Add any other context about the problem here. 33 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-patches/01-useradd.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/etc/default/useradd 2 | +++ stage2/rootfs/etc/default/useradd 3 | @@ -5,7 +5,7 @@ 4 | # Similar to DSHELL in adduser. However, we use "sh" here because 5 | # useradd is a low level utility and should be as general 6 | # as possible 7 | -SHELL=/bin/sh 8 | +SHELL=/bin/bash 9 | # 10 | # The default group for users 11 | # 100=users on Debian systems 12 | @@ -29,7 +29,7 @@ SHELL=/bin/sh 13 | # The SKEL variable specifies the directory containing "skeletal" user 14 | # files; in other words, files such as a sample .profile that will be 15 | # copied to the new user's home directory when it is created. 16 | -# SKEL=/etc/skel 17 | +SKEL=/etc/skel 18 | # 19 | # Defines whether the mail spool should be created while 20 | # creating the account 21 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-patches/01-useradd.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/etc/default/useradd 2 | +++ stage2/rootfs/etc/default/useradd 3 | @@ -5,7 +5,7 @@ 4 | # Similar to DSHELL in adduser. However, we use "sh" here because 5 | # useradd is a low level utility and should be as general 6 | # as possible 7 | -SHELL=/bin/sh 8 | +SHELL=/bin/bash 9 | # 10 | # The default group for users 11 | # 100=users on Debian systems 12 | @@ -29,7 +29,7 @@ SHELL=/bin/sh 13 | # The SKEL variable specifies the directory containing "skeletal" user 14 | # files; in other words, files such as a sample .profile that will be 15 | # copied to the new user's home directory when it is created. 16 | -# SKEL=/etc/skel 17 | +SKEL=/etc/skel 18 | # 19 | # Defines whether the mail spool should be created while 20 | # creating the account 21 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/files/99_raspberry-pi.cfg: -------------------------------------------------------------------------------- 1 | # configure cloud-init with NoCloud 2 | 3 | datasource_list: [ NoCloud, None ] 4 | datasource: 5 | NoCloud: 6 | seedfrom: file:///boot/firmware 7 | 8 | # Leave SSH key emission to console disabled so that 9 | # users can decide whether to enable it manually. 10 | ssh: 11 | emit_keys_to_console: false 12 | no_ssh_fingerprints: true 13 | 14 | # Disable SSH host key generation 15 | # regenerate_ssh_host_keys.service will take care 16 | # of it on first boot 17 | ssh_deletekeys: false 18 | # Disable generation as it could be that the new keys 19 | # aren't available yet when the service runs. 20 | # also they are really only needed for the ssh service 21 | # which will only run after the keys are already present 22 | # so we don't schedule cloud-init after key generation 23 | # as that would delay first boot too much 24 | ssh_genkeytypes: [] 25 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/files/99_raspberry-pi.cfg: -------------------------------------------------------------------------------- 1 | # configure cloud-init with NoCloud 2 | 3 | datasource_list: [ NoCloud, None ] 4 | datasource: 5 | NoCloud: 6 | seedfrom: file:///boot/firmware 7 | 8 | # Leave SSH key emission to console disabled so that 9 | # users can decide whether to enable it manually. 10 | ssh: 11 | emit_keys_to_console: false 12 | no_ssh_fingerprints: true 13 | 14 | # Disable SSH host key generation 15 | # regenerate_ssh_host_keys.service will take care 16 | # of it on first boot 17 | ssh_deletekeys: false 18 | # Disable generation as it could be that the new keys 19 | # aren't available yet when the service runs. 20 | # also they are really only needed for the ssh service 21 | # which will only run after the keys are already present 22 | # so we don't schedule cloud-init after key generation 23 | # as that would delay first boot too much 24 | ssh_genkeytypes: [] 25 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | ssh less fbset sudo psmisc strace ed ncdu 2 | console-setup keyboard-configuration debconf-utils parted 3 | build-essential manpages-dev bash-completion gdb pkg-config 4 | python-is-python3 5 | v4l-utils 6 | gpiod python3-libgpiod 7 | python3-gpiozero 8 | python3-rpi-lgpio 9 | python3-spidev 10 | python3-smbus2 11 | avahi-daemon 12 | lua5.1 13 | luajit 14 | ca-certificates curl 15 | usbutils 16 | dosfstools 17 | rpi-swap rpi-loop-utils 18 | raspberrypi-sys-mods 19 | apt-listchanges 20 | usb-modeswitch 21 | libpam-chksshpwd 22 | rpi-update 23 | libmtp-runtime 24 | rsync 25 | htop 26 | man-db 27 | ssh-import-id 28 | ethtool 29 | ntfs-3g 30 | pciutils 31 | rpi-eeprom 32 | raspi-utils 33 | udisks2 34 | unzip zip p7zip-full 35 | file 36 | kms++-utils 37 | python3-venv 38 | bluez bluez-firmware 39 | rpi-keyboard-config 40 | rpi-keyboard-fw-update 41 | rpi-usb-gadget 42 | rpi-connect-lite 43 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-packages: -------------------------------------------------------------------------------- 1 | ssh less fbset sudo psmisc strace ed ncdu 2 | console-setup keyboard-configuration debconf-utils parted 3 | build-essential manpages-dev bash-completion gdb pkg-config 4 | python-is-python3 5 | v4l-utils 6 | gpiod python3-libgpiod 7 | python3-gpiozero 8 | python3-rpi-lgpio 9 | python3-spidev 10 | python3-smbus2 11 | avahi-daemon 12 | lua5.1 13 | luajit 14 | ca-certificates curl 15 | usbutils 16 | dosfstools 17 | rpi-swap rpi-loop-utils 18 | raspberrypi-sys-mods 19 | apt-listchanges 20 | usb-modeswitch 21 | libpam-chksshpwd 22 | rpi-update 23 | libmtp-runtime 24 | rsync 25 | htop 26 | man-db 27 | ssh-import-id 28 | ethtool 29 | ntfs-3g 30 | pciutils 31 | rpi-eeprom 32 | raspi-utils 33 | udisks2 34 | unzip zip p7zip-full 35 | file 36 | kms++-utils 37 | python3-venv 38 | bluez bluez-firmware 39 | rpi-keyboard-config 40 | rpi-keyboard-fw-update 41 | rpi-usb-gadget 42 | rpi-connect-lite 43 | -------------------------------------------------------------------------------- /stage3/02-libpcap/01-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # 03-old-libpcap 4 | # 5 | # Install version 1.9 of libpcap for backwards compatibility 6 | 7 | if [ -e /usr/local/lib/libpcap.so.1.9.1 ]; then 8 | echo -e "\e[32m=== Libpcap already installed ===\e[0m" 9 | else 10 | echo -e "\e[32m=== Installing libpcap 1.9 ===\e[0m" 11 | cd /usr/local/src 12 | if [ ! -d libpcap ]; then 13 | git clone -b libpcap-1.9 https://github.com/the-tcpdump-group/libpcap.git 14 | fi 15 | cd libpcap 16 | ./configure && make && make install 17 | LIBPCAPOK=$? 18 | 19 | if [ "$LIBPCAPOK" ]; then 20 | rm -rf libpcap 21 | echo -e "\e[32m=== Linking libpcap-1.9.1 to libpcap.so.0.8 ===\e[0m" 22 | ln -sf /usr/local/lib/libpcap.so.1.9.1 /usr/local/lib/libpcap.so.0.8 23 | else 24 | echo -e "\e[32m=== Not deleting libpcap ===\e[0m" 25 | fi 26 | echo 27 | echo -e "\e[32m=== Libpcap installed ===\e[0m" 28 | fi 29 | -------------------------------------------------------------------------------- /stage3/01-pwn-packages/00-packages-nr: -------------------------------------------------------------------------------- 1 | aircrack-ng 2 | autoconf 3 | automake 4 | bison 5 | bluez 6 | bluez-tools 7 | build-essential 8 | curl 9 | dphys-swapfile 10 | fbi 11 | flex 12 | g++ 13 | gawk 14 | gcc-arm-none-eabi 15 | git 16 | libbluetooth-dev 17 | libc6-dev 18 | libcurl4-openssl-dev 19 | libcurl-ocaml-dev 20 | libdbus-1-dev 21 | libdbus-glib-1-dev 22 | libfl-dev 23 | libfreetype6 24 | libfreetype-dev 25 | libgmp3-dev 26 | libjpeg-dev 27 | liblgpio-dev 28 | libnetfilter-queue-dev 29 | libopenblas-dev 30 | libopenjp2-7 31 | libpcap-dev 32 | libdtovl0 33 | libssl-dev 34 | libssl-ocaml-dev 35 | libtiff6 36 | libtool 37 | libusb-1.0-0-dev 38 | make 39 | pkg-config 40 | python3-dbg 41 | python3-dev 42 | python3-luma.lcd 43 | python3-luma.oled 44 | python3-pil 45 | python3-pip 46 | python3-prctl 47 | python3-setuptools 48 | python3-tomlkit 49 | python3-virtualenv 50 | qpdf 51 | rsync 52 | socat 53 | swig 54 | systemd-timesyncd 55 | tcpdump 56 | texinfo 57 | unzip 58 | wget 59 | wl 60 | xxd 61 | zlib1g-dev -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/00-patches/05-path.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/etc/login.defs 2 | +++ stage2/rootfs/etc/login.defs 3 | @@ -60,7 +60,7 @@ HUSHLOGIN_FILE .hushlogin 4 | # 5 | # (they are minimal, add the rest in the shell startup files) 6 | ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 7 | -ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games 8 | +ENV_PATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games 9 | 10 | # 11 | # Terminal permissions for terminals after login(1). 12 | --- stage2.orig/rootfs/etc/profile 13 | +++ stage2/rootfs/etc/profile 14 | @@ -4,7 +4,7 @@ 15 | if [ "$(id -u)" -eq 0 ]; then 16 | PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 17 | else 18 | - PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games" 19 | + PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" 20 | fi 21 | export PATH 22 | 23 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/00-patches/05-path.diff: -------------------------------------------------------------------------------- 1 | --- stage2.orig/rootfs/etc/login.defs 2 | +++ stage2/rootfs/etc/login.defs 3 | @@ -60,7 +60,7 @@ HUSHLOGIN_FILE .hushlogin 4 | # 5 | # (they are minimal, add the rest in the shell startup files) 6 | ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 7 | -ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games 8 | +ENV_PATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games 9 | 10 | # 11 | # Terminal permissions for terminals after login(1). 12 | --- stage2.orig/rootfs/etc/profile 13 | +++ stage2/rootfs/etc/profile 14 | @@ -4,7 +4,7 @@ 15 | if [ "$(id -u)" -eq 0 ]; then 16 | PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 17 | else 18 | - PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games" 19 | + PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" 20 | fi 21 | export PATH 22 | 23 | -------------------------------------------------------------------------------- /stage3/03-bettercap-pwngrid/01-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export PATH=$PATH:/usr/local/go/bin 4 | 5 | FOUNDARCH="armv6l" 6 | if [ $(uname -m) = "armv6l" -o $(uname -m) = "armv7l" ]; then 7 | export FOUNDARCH=armv6l 8 | elif [ $(uname -m) = "aarch64" ]; then 9 | export FOUNDARCH=arm64 10 | elif [ $(uname -m) = "x86_64" ]; then 11 | export FOUNDARCH=amd64 12 | fi 13 | 14 | export version=1.22.5 15 | 16 | FILE=go${version}.linux-${FOUNDARCH}.tar.gz 17 | 18 | echo -e "\e[32m=== GOlang $FILE ===\e[0m" 19 | 20 | if ! /usr/local/go/bin/go version | grep ${version}; then 21 | echo -e "\e[32m=== Installing ===\e[0m" 22 | 23 | pushd /tmp 24 | if curl -OL "https://go.dev/dl/${FILE}" && rm -rf /usr/local/go && tar -C /usr/local -xzf "${FILE}"; then 25 | echo -e "\e[32m=== Go is installed ===\e[0m" 26 | else 27 | echo -e "\e[32m=== No go. lang. ===\e[0m" 28 | fi 29 | rm ${FILE} 30 | popd 31 | fi 32 | 33 | echo "export PATH=$PATH:/usr/local/go/bin" > /etc/profile -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/files/meta-data: -------------------------------------------------------------------------------- 1 | # This is the meta-data configuration file for cloud-init. Please refer to the 2 | # cloud-init documentation for more information: 3 | # 4 | # https://cloudinit.readthedocs.io/ 5 | 6 | # Set the datasource mode to "local". This ensures that user-data is acted upon 7 | # prior to bringing up the network (because everything about the datasource is 8 | # assumed to be local). If you wish to use an HTTP datasource instead, you can 9 | # change this to "net" or override it on the kernel cmdline (see README). 10 | dsmode: local 11 | 12 | # Specifies the "unique" identifier of the instance. Typically in cloud-init 13 | # this is generated by the owning cloud and is actually unique (to some 14 | # degree). Here our data-source is local, so this is just a fixed string. 15 | # Warning: changing this will cause cloud-init to assume it is running on a 16 | # "new" instance, and to go through first time setup again (the value is 17 | # compared to a cached copy). 18 | instance_id: rpios-image 19 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/files/meta-data: -------------------------------------------------------------------------------- 1 | # This is the meta-data configuration file for cloud-init. Please refer to the 2 | # cloud-init documentation for more information: 3 | # 4 | # https://cloudinit.readthedocs.io/ 5 | 6 | # Set the datasource mode to "local". This ensures that user-data is acted upon 7 | # prior to bringing up the network (because everything about the datasource is 8 | # assumed to be local). If you wish to use an HTTP datasource instead, you can 9 | # change this to "net" or override it on the kernel cmdline (see README). 10 | dsmode: local 11 | 12 | # Specifies the "unique" identifier of the instance. Typically in cloud-init 13 | # this is generated by the owning cloud and is actually unique (to some 14 | # degree). Here our data-source is local, so this is just a fixed string. 15 | # Warning: changing this will cause cloud-init to assume it is running on a 16 | # "new" instance, and to go through first time setup again (the value is 17 | # compared to a cached copy). 18 | instance_id: rpios-image 19 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/02-net-tweaks/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | # Newer versions of raspberrypi-sys-mods set rfkill.default_state=0 to prevent 4 | # radiating on 5GHz bands until the WLAN regulatory domain is set. 5 | # Unfortunately, this also blocks bluetooth, so we whitelist the known 6 | # on-board BT adapters here. 7 | 8 | mkdir -p "${ROOTFS_DIR}/var/lib/systemd/rfkill/" 9 | # 5 miniuart 4 miniuart Zero miniuart other other 10 | for addr in 107d50c000.serial 3f215040.serial 20215040.serial fe215040.serial soc; do 11 | echo 0 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-${addr}:bluetooth" 12 | done 13 | 14 | if [ -v WPA_COUNTRY ]; then 15 | on_chroot <<- EOF 16 | SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_wifi_country "${WPA_COUNTRY}" 17 | EOF 18 | elif [ -d "${ROOTFS_DIR}/var/lib/NetworkManager" ]; then 19 | # NetworkManager unblocks all WLAN devices by default. Prevent that: 20 | cat > "${ROOTFS_DIR}/var/lib/NetworkManager/NetworkManager.state" <<- EOF 21 | [main] 22 | WirelessEnabled=false 23 | EOF 24 | fi 25 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/02-net-tweaks/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | # Newer versions of raspberrypi-sys-mods set rfkill.default_state=0 to prevent 4 | # radiating on 5GHz bands until the WLAN regulatory domain is set. 5 | # Unfortunately, this also blocks bluetooth, so we whitelist the known 6 | # on-board BT adapters here. 7 | 8 | mkdir -p "${ROOTFS_DIR}/var/lib/systemd/rfkill/" 9 | # 5 miniuart 4 miniuart Zero miniuart other other 10 | for addr in 107d50c000.serial 3f215040.serial 20215040.serial fe215040.serial soc; do 11 | echo 0 > "${ROOTFS_DIR}/var/lib/systemd/rfkill/platform-${addr}:bluetooth" 12 | done 13 | 14 | if [ -v WPA_COUNTRY ]; then 15 | on_chroot <<- EOF 16 | SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_wifi_country "${WPA_COUNTRY}" 17 | EOF 18 | elif [ -d "${ROOTFS_DIR}/var/lib/NetworkManager" ]; then 19 | # NetworkManager unblocks all WLAN devices by default. Prevent that: 20 | cat > "${ROOTFS_DIR}/var/lib/NetworkManager/NetworkManager.state" <<- EOF 21 | [main] 22 | WirelessEnabled=false 23 | EOF 24 | fi 25 | -------------------------------------------------------------------------------- /stage3/05-install-pwnagotchi/01-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | cd /home/pi 4 | echo -e "\e[32m### Manually installing lgpio from source ###\e[0m" 5 | wget http://abyz.me.uk/lg/lg.zip 6 | unzip lg.zip 7 | cd lg 8 | make 9 | make install 10 | 11 | cd /home/pi 12 | rm -r lg.zip lg/ 13 | 14 | if [ ! -d pwnagotchi ]; then 15 | git clone https://github.com/jayofelony/pwnagotchi.git 16 | cd pwnagotchi/ 17 | else 18 | cd /home/pi/pwnagotchi/ 19 | git pull 20 | fi 21 | if [ -d /home/pi/.pwn ]; then 22 | rm -r /home/pi/.pwn 23 | fi 24 | if [ "$(uname -m)" = "armv6l" ]; then 25 | export QEMU_CPU=arm1176 26 | fi 27 | 28 | echo -e "\e[32m### Installing python virtual environment ###\e[0m" 29 | python3 -m venv /home/pi/.pwn/ --system-site-packages 30 | echo -e "\e[32m### Activating virtual environment ###\e[0m" 31 | source /home/pi/.pwn/bin/activate 32 | 33 | echo -e "\e[32m### Installing Pwnagotchi ###\e[0m" 34 | export PATH="/root/.cargo/bin:$PATH" 35 | source /root/.profile 36 | source /root/.cargo/env 37 | pip3 cache purge 38 | pip3 install . --no-cache-dir 39 | deactivate 40 | 41 | cd /home/pi 42 | 43 | ln -sf /home/pi/.pwn/bin/pwnagotchi /usr/bin/pwnagotchi 44 | rm -r /home/pi/pwnagotchi -------------------------------------------------------------------------------- /stage3/07-patches/files/dphys-swapfile: -------------------------------------------------------------------------------- 1 | # /etc/dphys-swapfile - user settings for dphys-swapfile package 2 | # author Neil Franklin, last modification 2010.05.05 3 | # copyright ETH Zuerich Physics Departement 4 | # use under either modified/non-advertising BSD or GPL license 5 | 6 | # this file is sourced with . so full normal sh syntax applies 7 | 8 | # the default settings are added as commented out CONF_*=* lines 9 | 10 | 11 | # where we want the swapfile to be, this is the default 12 | #CONF_SWAPFILE=/var/swap 13 | 14 | # set size to absolute value, leaving empty (default) then uses computed value 15 | # you most likely don't want this, unless you have an special disk situation 16 | CONF_SWAPSIZE=2048 17 | 18 | # set size to computed value, this times RAM size, dynamically adapts, 19 | # guarantees that there is enough swap without wasting disk space on excess 20 | #CONF_SWAPFACTOR=2 21 | 22 | # restrict size (computed and absolute!) to maximally this limit 23 | # can be set to empty for no limit, but beware of filled partitions! 24 | # this is/was a (outdated?) 32bit kernel limit (in MBytes), do not overrun it 25 | # but is also sensible on 64bit to prevent filling /var or even / partition 26 | #CONF_MAXSWAP=2048 -------------------------------------------------------------------------------- /pi-gen-32bit/export-noobs/00-release/files/partition_setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #supports_backup in PINN 3 | 4 | set -ex 5 | 6 | # shellcheck disable=SC2154 7 | if [ -z "$part1" ] || [ -z "$part2" ]; then 8 | printf "Error: missing environment variable part1 or part2\n" 1>&2 9 | exit 1 10 | fi 11 | 12 | mkdir -p /tmp/1 /tmp/2 13 | 14 | mount "$part1" /tmp/1 15 | mount "$part2" /tmp/2 16 | 17 | sed /tmp/1/cmdline.txt -i -e "s|root=[^ ]*|root=${part2}|" 18 | sed /tmp/2/etc/fstab -i -e "s|^[^#].* / |${part2} / |" 19 | sed /tmp/2/etc/fstab -i -e "s|^[^#].* /boot |${part1} /boot |" 20 | 21 | # shellcheck disable=SC2154 22 | if [ -z "$restore" ]; then 23 | if [ -f /mnt/ssh ]; then 24 | cp /mnt/ssh /tmp/1/ 25 | fi 26 | 27 | if [ -f /mnt/ssh.txt ]; then 28 | cp /mnt/ssh.txt /tmp/1/ 29 | fi 30 | 31 | if [ -f /settings/wpa_supplicant.conf ]; then 32 | cp /settings/wpa_supplicant.conf /tmp/1/ 33 | fi 34 | 35 | if ! grep -q resize /proc/cmdline; then 36 | if ! grep -q splash /tmp/1/cmdline.txt; then 37 | sed -i "s| quiet||g" /tmp/1/cmdline.txt 38 | fi 39 | sed -i 's| init=/usr/lib/raspi-config/init_resize.sh||' /tmp/1/cmdline.txt 40 | else 41 | sed -i '1 s|.*|& sdhci.debug_quirks2=4|' /tmp/1/cmdline.txt 42 | fi 43 | fi 44 | 45 | umount /tmp/1 46 | umount /tmp/2 47 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-noobs/00-release/files/partition_setup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #supports_backup in PINN 3 | 4 | set -ex 5 | 6 | # shellcheck disable=SC2154 7 | if [ -z "$part1" ] || [ -z "$part2" ]; then 8 | printf "Error: missing environment variable part1 or part2\n" 1>&2 9 | exit 1 10 | fi 11 | 12 | mkdir -p /tmp/1 /tmp/2 13 | 14 | mount "$part1" /tmp/1 15 | mount "$part2" /tmp/2 16 | 17 | sed /tmp/1/cmdline.txt -i -e "s|root=[^ ]*|root=${part2}|" 18 | sed /tmp/2/etc/fstab -i -e "s|^[^#].* / |${part2} / |" 19 | sed /tmp/2/etc/fstab -i -e "s|^[^#].* /boot |${part1} /boot |" 20 | 21 | # shellcheck disable=SC2154 22 | if [ -z "$restore" ]; then 23 | if [ -f /mnt/ssh ]; then 24 | cp /mnt/ssh /tmp/1/ 25 | fi 26 | 27 | if [ -f /mnt/ssh.txt ]; then 28 | cp /mnt/ssh.txt /tmp/1/ 29 | fi 30 | 31 | if [ -f /settings/wpa_supplicant.conf ]; then 32 | cp /settings/wpa_supplicant.conf /tmp/1/ 33 | fi 34 | 35 | if ! grep -q resize /proc/cmdline; then 36 | if ! grep -q splash /tmp/1/cmdline.txt; then 37 | sed -i "s| quiet||g" /tmp/1/cmdline.txt 38 | fi 39 | sed -i 's| init=/usr/lib/raspi-config/init_resize.sh||' /tmp/1/cmdline.txt 40 | else 41 | sed -i '1 s|.*|& sdhci.debug_quirks2=4|' /tmp/1/cmdline.txt 42 | fi 43 | fi 44 | 45 | umount /tmp/1 46 | umount /tmp/2 47 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Expected Behaviour 4 | 5 | 6 | 7 | ## Current Behaviour 8 | 9 | 10 | 11 | ## Possible Solution 12 | 13 | 14 | 15 | ## Steps to Reproduce (for bugs) 16 | 17 | 18 | 1. 19 | 2. 20 | 3. 21 | 4. 22 | 23 | ## Context 24 | 25 | 26 | 27 | ## Your Environment 28 | 29 | - [ ] You're using the official images 30 | 31 | - [ ] You're using a raspberry pi 0 32 | 33 | - [ ] You're using a supported LCD 34 | 35 | 36 | 37 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # Set an absolute path in the config file for WORK_DIR and DEPLOY_DIR 2 | # DEPLOY_DIR is where the final image will be stored 3 | # WORK_DIR is where all the data is stored before merged into an image 4 | # WORK_DIR can use up to 20GB of storage space 5 | # refer to https://github.com/RPi-Distro/pi-gen/blob/master/README.md 6 | 7 | # sudo apt-get install -y make git quilt qemu-user-static debootstrap zerofree libarchive-tools curl pigz arch-test qemu-utils qemu-system-arm qemu-user 8 | # gcc-aarch64-linux-gnu gcc-arm-linux-gnueabihf 9 | 10 | # clone pi-gen into pi-gen-32bit folder 11 | 32bit: 12 | sudo ./pi-gen-32bit/build.sh -c config-32bit 13 | chown jayofelony:jayofelony -R /home/jayofelony/images 14 | 15 | # clone pi-gen arm64 branch into pi-gen-64bit folder 16 | 64bit: 17 | sudo ./pi-gen-64bit/build.sh -c config-64bit 18 | chown jayofelony:jayofelony -R /home/jayofelony/images 19 | 20 | update_langs: 21 | @for lang in stage3/05-install-pwnagotchi/files/pwnagotchi/pwnagotchi/locale/*/; do\ 22 | echo "updating language: $$lang ..."; \ 23 | ./scripts/language.sh update $$(basename $$lang); \ 24 | done 25 | 26 | compile_langs: 27 | @for lang in stage3/05-install-pwnagotchi/files/pwnagotchi/pwnagotchi/locale/*/; do\ 28 | echo "compiling language: $$lang ..."; \ 29 | ./scripts/language.sh compile $$(basename $$lang); \ 30 | done 31 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | true > "${ROOTFS_DIR}/etc/apt/sources.list" 4 | install -m 644 files/raspbian.sources "${ROOTFS_DIR}/etc/apt/sources.list.d/" 5 | install -m 644 files/raspi.sources "${ROOTFS_DIR}/etc/apt/sources.list.d/" 6 | sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspbian.sources" 7 | sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspi.sources" 8 | 9 | if [ -n "$APT_PROXY" ]; then 10 | install -m 644 files/51cache "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" 11 | sed "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" -i -e "s|APT_PROXY|${APT_PROXY}|" 12 | else 13 | rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" 14 | fi 15 | 16 | if [ -n "$TEMP_REPO" ]; then 17 | install -m 644 /dev/null "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 18 | echo "$TEMP_REPO" | sed "s/RELEASE/$RELEASE/g" > "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 19 | else 20 | rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 21 | fi 22 | 23 | install -m 644 files/raspberrypi-archive-keyring.pgp "${ROOTFS_DIR}/usr/share/keyrings/" 24 | on_chroot <<- \EOF 25 | ARCH="$(dpkg --print-architecture)" 26 | if [ "$ARCH" = "armhf" ]; then 27 | dpkg --add-architecture arm64 28 | elif [ "$ARCH" = "arm64" ]; then 29 | dpkg --add-architecture armhf 30 | fi 31 | apt-get update 32 | apt-get dist-upgrade -y 33 | EOF 34 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | true > "${ROOTFS_DIR}/etc/apt/sources.list" 4 | install -m 644 files/debian.sources "${ROOTFS_DIR}/etc/apt/sources.list.d/" 5 | install -m 644 files/raspi.sources "${ROOTFS_DIR}/etc/apt/sources.list.d/" 6 | sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/debian.sources" 7 | sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspi.sources" 8 | 9 | if [ -n "$APT_PROXY" ]; then 10 | install -m 644 files/51cache "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" 11 | sed "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" -i -e "s|APT_PROXY|${APT_PROXY}|" 12 | else 13 | rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" 14 | fi 15 | 16 | if [ -n "$TEMP_REPO" ]; then 17 | install -m 644 /dev/null "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 18 | echo "$TEMP_REPO" | sed "s/RELEASE/$RELEASE/g" > "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 19 | else 20 | rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list" 21 | fi 22 | 23 | install -m 644 files/raspberrypi-archive-keyring.pgp "${ROOTFS_DIR}/usr/share/keyrings/" 24 | on_chroot <<- \EOF 25 | ARCH="$(dpkg --print-architecture)" 26 | if [ "$ARCH" = "armhf" ]; then 27 | dpkg --add-architecture arm64 28 | elif [ "$ARCH" = "arm64" ]; then 29 | dpkg --add-architecture armhf 30 | fi 31 | apt-get update 32 | apt-get dist-upgrade -y 33 | EOF 34 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ "${ENABLE_CLOUD_INIT}" != "1" ]; then 4 | log "Skipping cloud-init stage" 5 | exit 0 6 | fi 7 | 8 | install -v -D -m 644 -t "${ROOTFS_DIR}/etc/cloud/cloud.cfg.d/" files/99_raspberry-pi.cfg 9 | 10 | # some preseeding without any runtime effect yet 11 | # install meta-data file for NoCloud data-source to work 12 | #install -v -m 755 files/meta-data "${ROOTFS_DIR}/boot/firmware/meta-data" 13 | #install -v -m 755 files/user-data "${ROOTFS_DIR}/boot/firmware/user-data" 14 | #install -v -m 755 files/network-config "${ROOTFS_DIR}/boot/firmware/network-config" 15 | 16 | # setup default netplan config which will instruct netplan to pass control over to network-manager 17 | # at boot time. This will make NetworkManager manage all devices and by default. 18 | # Any Ethernet device will come up with DHCP, once carrier is detected 19 | install -v -D -m 600 -t "${ROOTFS_DIR}/lib/netplan/" files/00-network-manager-all.yaml 20 | 21 | if [ -n "${FIRST_USER_NAME}" ]; then 22 | # set the default user name to the one provided via FIRST_USER_NAME 23 | # this will make cloud-init create the user with that name instead of 'pi' 24 | sed -i "s/name: pi/name: ${FIRST_USER_NAME}/" "${ROOTFS_DIR}/etc/cloud/cloud.cfg" 25 | else 26 | # remove the users:\n - default section from cloud.cfg 27 | sed -i "/^users:/,/^- default/d" "${ROOTFS_DIR}/etc/cloud/cloud.cfg" 28 | fi 29 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ "${ENABLE_CLOUD_INIT}" != "1" ]; then 4 | log "Skipping cloud-init stage" 5 | exit 0 6 | fi 7 | 8 | install -v -D -m 644 -t "${ROOTFS_DIR}/etc/cloud/cloud.cfg.d/" files/99_raspberry-pi.cfg 9 | 10 | # some preseeding without any runtime effect yet 11 | # install meta-data file for NoCloud data-source to work 12 | #install -v -m 755 files/meta-data "${ROOTFS_DIR}/boot/firmware/meta-data" 13 | #install -v -m 755 files/user-data "${ROOTFS_DIR}/boot/firmware/user-data" 14 | #install -v -m 755 files/network-config "${ROOTFS_DIR}/boot/firmware/network-config" 15 | 16 | # setup default netplan config which will instruct netplan to pass control over to network-manager 17 | # at boot time. This will make NetworkManager manage all devices and by default. 18 | # Any Ethernet device will come up with DHCP, once carrier is detected 19 | install -v -D -m 600 -t "${ROOTFS_DIR}/lib/netplan/" files/00-network-manager-all.yaml 20 | 21 | if [ -n "${FIRST_USER_NAME}" ]; then 22 | # set the default user name to the one provided via FIRST_USER_NAME 23 | # this will make cloud-init create the user with that name instead of 'pi' 24 | sed -i "s/name: pi/name: ${FIRST_USER_NAME}/" "${ROOTFS_DIR}/etc/cloud/cloud.cfg" 25 | else 26 | # remove the users:\n - default section from cloud.cfg 27 | sed -i "/^users:/,/^- default/d" "${ROOTFS_DIR}/etc/cloud/cloud.cfg" 28 | fi 29 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/01-sys-tweaks/00-patches/01-bashrc.diff: -------------------------------------------------------------------------------- 1 | --- stage1.orig/rootfs/etc/skel/.bashrc 2 | +++ stage1/rootfs/etc/skel/.bashrc 3 | @@ -43,7 +43,7 @@ esac 4 | # uncomment for a colored prompt, if the terminal has the capability; turned 5 | # off by default to not distract the user: the focus in a terminal window 6 | # should be on the output of commands, not on the prompt 7 | -#force_color_prompt=yes 8 | +force_color_prompt=yes 9 | 10 | if [ -n "$force_color_prompt" ]; then 11 | if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then 12 | @@ -57,7 +57,7 @@ if [ -n "$force_color_prompt" ]; then 13 | fi 14 | 15 | if [ "$color_prompt" = yes ]; then 16 | - PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' 17 | + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w \$\[\033[00m\] ' 18 | else 19 | PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' 20 | fi 21 | @@ -79,9 +79,9 @@ if [ -x /usr/bin/dircolors ]; then 22 | #alias dir='dir --color=auto' 23 | #alias vdir='vdir --color=auto' 24 | 25 | - #alias grep='grep --color=auto' 26 | - #alias fgrep='fgrep --color=auto' 27 | - #alias egrep='egrep --color=auto' 28 | + alias grep='grep --color=auto' 29 | + alias fgrep='fgrep --color=auto' 30 | + alias egrep='egrep --color=auto' 31 | fi 32 | 33 | # colored GCC warnings and errors 34 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/01-sys-tweaks/00-patches/01-bashrc.diff: -------------------------------------------------------------------------------- 1 | --- stage1.orig/rootfs/etc/skel/.bashrc 2 | +++ stage1/rootfs/etc/skel/.bashrc 3 | @@ -43,7 +43,7 @@ esac 4 | # uncomment for a colored prompt, if the terminal has the capability; turned 5 | # off by default to not distract the user: the focus in a terminal window 6 | # should be on the output of commands, not on the prompt 7 | -#force_color_prompt=yes 8 | +force_color_prompt=yes 9 | 10 | if [ -n "$force_color_prompt" ]; then 11 | if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then 12 | @@ -57,7 +57,7 @@ if [ -n "$force_color_prompt" ]; then 13 | fi 14 | 15 | if [ "$color_prompt" = yes ]; then 16 | - PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' 17 | + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w \$\[\033[00m\] ' 18 | else 19 | PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' 20 | fi 21 | @@ -79,9 +79,9 @@ if [ -x /usr/bin/dircolors ]; then 22 | #alias dir='dir --color=auto' 23 | #alias vdir='vdir --color=auto' 24 | 25 | - #alias grep='grep --color=auto' 26 | - #alias fgrep='fgrep --color=auto' 27 | - #alias egrep='egrep --color=auto' 28 | + alias grep='grep --color=auto' 29 | + alias fgrep='fgrep --color=auto' 30 | + alias egrep='egrep --color=auto' 31 | fi 32 | 33 | # colored GCC warnings and errors 34 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage1/00-boot-files/files/config.txt: -------------------------------------------------------------------------------- 1 | # For more options and information see 2 | # http://rptl.io/configtxt 3 | # Some settings may impact device functionality. See link above for details 4 | 5 | # Uncomment some or all of these to enable the optional hardware interfaces 6 | #dtparam=i2c_arm=on 7 | #dtparam=i2s=on 8 | #dtparam=spi=on 9 | 10 | # Enable audio (loads snd_bcm2835) 11 | dtparam=audio=on 12 | 13 | # Additional overlays and parameters are documented 14 | # /boot/firmware/overlays/README 15 | 16 | # Automatically load overlays for detected cameras 17 | camera_auto_detect=1 18 | 19 | # Automatically load overlays for detected DSI displays 20 | display_auto_detect=1 21 | 22 | # Automatically load initramfs files, if found 23 | auto_initramfs=1 24 | 25 | # Enable DRM VC4 V3D driver 26 | dtoverlay=vc4-kms-v3d 27 | max_framebuffers=2 28 | 29 | # Don't have the firmware create an initial video= setting in cmdline.txt. 30 | # Use the kernel's default instead. 31 | disable_fw_kms_setup=1 32 | 33 | # Disable compensation for displays with overscan 34 | disable_overscan=1 35 | 36 | # Run as fast as firmware / board allows 37 | arm_boost=1 38 | 39 | [cm4] 40 | # Enable host mode on the 2711 built-in XHCI USB controller. 41 | # This line should be removed if the legacy DWC2 controller is required 42 | # (e.g. for USB device mode) or if USB support is not required. 43 | otg_mode=1 44 | 45 | [cm5] 46 | dtoverlay=dwc2,dr_mode=host 47 | 48 | [all] 49 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage1/00-boot-files/files/config.txt: -------------------------------------------------------------------------------- 1 | # For more options and information see 2 | # http://rptl.io/configtxt 3 | # Some settings may impact device functionality. See link above for details 4 | 5 | # Uncomment some or all of these to enable the optional hardware interfaces 6 | #dtparam=i2c_arm=on 7 | #dtparam=i2s=on 8 | #dtparam=spi=on 9 | 10 | # Enable audio (loads snd_bcm2835) 11 | dtparam=audio=on 12 | 13 | # Additional overlays and parameters are documented 14 | # /boot/firmware/overlays/README 15 | 16 | # Automatically load overlays for detected cameras 17 | camera_auto_detect=1 18 | 19 | # Automatically load overlays for detected DSI displays 20 | display_auto_detect=1 21 | 22 | # Automatically load initramfs files, if found 23 | auto_initramfs=1 24 | 25 | # Enable DRM VC4 V3D driver 26 | dtoverlay=vc4-kms-v3d 27 | max_framebuffers=2 28 | 29 | # Don't have the firmware create an initial video= setting in cmdline.txt. 30 | # Use the kernel's default instead. 31 | disable_fw_kms_setup=1 32 | 33 | # Run in 64-bit mode 34 | arm_64bit=1 35 | 36 | # Disable compensation for displays with overscan 37 | disable_overscan=1 38 | 39 | # Run as fast as firmware / board allows 40 | arm_boost=1 41 | 42 | [cm4] 43 | # Enable host mode on the 2711 built-in XHCI USB controller. 44 | # This line should be removed if the legacy DWC2 controller is required 45 | # (e.g. for USB device mode) or if USB support is not required. 46 | otg_mode=1 47 | 48 | [cm5] 49 | dtoverlay=dwc2,dr_mode=host 50 | 51 | [all] 52 | -------------------------------------------------------------------------------- /pi-gen-32bit/scripts/dependencies_check: -------------------------------------------------------------------------------- 1 | # dependencies_check 2 | # $@ Dependency files to check 3 | # 4 | # Each dependency is in the form of a tool to test for, optionally followed by 5 | # a : and the name of a package if the package on a Debian-ish system is not 6 | # named for the tool (i.e., qemu-user-static). 7 | dependencies_check() 8 | { 9 | local depfile deps missing 10 | 11 | for depfile in "$@"; do 12 | if [[ -e "$depfile" ]]; then 13 | deps="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" < "${BASE_DIR}/depends")" 14 | 15 | fi 16 | for dep in $deps; do 17 | if ! hash "${dep%:*}" 2>/dev/null; then 18 | missing="${missing:+$missing }${dep#*:}" 19 | fi 20 | done 21 | done 22 | 23 | if [[ "$missing" ]]; then 24 | echo "Required dependencies not installed" 25 | echo 26 | echo "This can be resolved on Debian/Raspbian systems by installing:" 27 | echo "$missing" 28 | false 29 | fi 30 | 31 | # If we're building on a native arm platform, we don't need to check for 32 | # binfmt_misc or require it to be loaded. 33 | 34 | binfmt_misc_required=1 35 | 36 | case $(uname -m) in 37 | aarch64) 38 | binfmt_misc_required=0 39 | ;; 40 | arm*) 41 | binfmt_misc_required=0 42 | ;; 43 | esac 44 | 45 | if [[ "${binfmt_misc_required}" == "1" ]]; then 46 | if ! grep -q "/proc/sys/fs/binfmt_misc" /proc/mounts; then 47 | echo "Module binfmt_misc not loaded in host" 48 | echo "Please run:" 49 | echo " sudo modprobe binfmt_misc" 50 | exit 1 51 | fi 52 | fi 53 | } 54 | -------------------------------------------------------------------------------- /pi-gen-64bit/scripts/dependencies_check: -------------------------------------------------------------------------------- 1 | # dependencies_check 2 | # $@ Dependency files to check 3 | # 4 | # Each dependency is in the form of a tool to test for, optionally followed by 5 | # a : and the name of a package if the package on a Debian-ish system is not 6 | # named for the tool (i.e., qemu-user-static). 7 | dependencies_check() 8 | { 9 | local depfile deps missing 10 | 11 | for depfile in "$@"; do 12 | if [[ -e "$depfile" ]]; then 13 | deps="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" < "${BASE_DIR}/depends")" 14 | 15 | fi 16 | for dep in $deps; do 17 | if ! hash "${dep%:*}" 2>/dev/null; then 18 | missing="${missing:+$missing }${dep#*:}" 19 | fi 20 | done 21 | done 22 | 23 | if [[ "$missing" ]]; then 24 | echo "Required dependencies not installed" 25 | echo 26 | echo "This can be resolved on Debian/Raspbian systems by installing:" 27 | echo "$missing" 28 | false 29 | fi 30 | 31 | # If we're building on a native arm platform, we don't need to check for 32 | # binfmt_misc or require it to be loaded. 33 | 34 | binfmt_misc_required=1 35 | 36 | case $(uname -m) in 37 | aarch64) 38 | binfmt_misc_required=0 39 | ;; 40 | arm*) 41 | binfmt_misc_required=0 42 | ;; 43 | esac 44 | 45 | if [[ "${binfmt_misc_required}" == "1" ]]; then 46 | if ! grep -q "/proc/sys/fs/binfmt_misc" /proc/mounts; then 47 | echo "Module binfmt_misc not loaded in host" 48 | echo "Please run:" 49 | echo " sudo modprobe binfmt_misc" 50 | exit 1 51 | fi 52 | fi 53 | } 54 | -------------------------------------------------------------------------------- /pi-gen-32bit/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2015 Raspberry Pi (Trading) Ltd. 2 | 3 | All rights reserved. 4 | 5 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 6 | 7 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 8 | 9 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 10 | 11 | 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 12 | 13 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 14 | -------------------------------------------------------------------------------- /pi-gen-64bit/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2015 Raspberry Pi (Trading) Ltd. 2 | 3 | All rights reserved. 4 | 5 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 6 | 7 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 8 | 9 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 10 | 11 | 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 12 | 13 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 14 | -------------------------------------------------------------------------------- /stage3/03-bettercap-pwngrid/02-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export PATH=$PATH:/usr/local/go/bin 4 | 5 | # install go packages 6 | for pkg in bettercap pwngrid; do 7 | if [ -d "/home/pi/"/$pkg ] ; then 8 | echo -e "\e[32m===> Installing $pkg ===\e[0m" 9 | if [ $pkg = "pwngrid" ]; then 10 | cd "/home/pi/pwngrid" 11 | git pull 12 | go mod tidy 13 | make 14 | make install 15 | elif [ $pkg = "bettercap" ]; then 16 | cd "/home/pi/bettercap" 17 | git pull 18 | go mod tidy 19 | make 20 | make install 21 | fi 22 | else 23 | echo -e "\e[32m===> Installing $pkg ===\e[0m" 24 | if [ $pkg = "pwngrid" ]; then 25 | cd "/home/pi" 26 | git clone https://github.com/jayofelony/pwngrid.git 27 | cd "/home/pi/pwngrid" 28 | go mod tidy 29 | make 30 | make install 31 | elif [ $pkg = "bettercap" ]; then 32 | cd "/home/pi" 33 | git clone --recurse-submodules https://github.com/bettercap/bettercap.git 34 | cd "/home/pi/bettercap" 35 | go mod tidy 36 | make 37 | make install 38 | fi 39 | fi 40 | done 41 | # install bettercap caplets 42 | echo -e "\e[32m=== Installing bettercap caplets ===\e[0m" 43 | cd "/home/pi/" 44 | git clone https://github.com/jayofelony/caplets.git 45 | cd "/home/pi/caplets" 46 | make install 47 | rm -rf "/home/pi/caplets" -------------------------------------------------------------------------------- /stage3/07-patches/files/pwnagotchi_completion.sh: -------------------------------------------------------------------------------- 1 | _show_complete() 2 | { 3 | local cur opts node_names all_options opt_line 4 | all_options=" 5 | pwnagotchi -h --help -C --config -U --user-config --manual --skip-session --clear --debug --version --print-config --wizard --check-update --donate {plugins,google} 6 | pwnagotchi plugins -h --help {list,install,enable,disable,uninstall,update,upgrade} 7 | pwnagotchi plugins list -i --installed -h --help 8 | pwnagotchi plugins install -h --help 9 | pwnagotchi plugins uninstall -h --help 10 | pwnagotchi plugins enable -h --help 11 | pwnagotchi plugins disable -h --help 12 | pwnagotchi plugins update -h --help 13 | pwnagotchi plugins upgrade -h --help 14 | pwnagotchi google -h --help {login,refresh} 15 | pwnagotchi google login -h --help 16 | pwnagotchi google refresh -h --help 17 | " 18 | COMPREPLY=() 19 | cur="${COMP_WORDS[COMP_CWORD]}" 20 | # shellcheck disable=SC2124 21 | cmd="${COMP_WORDS[@]:0:${#COMP_WORDS[@]}-1}" 22 | opt_line="$(grep -m1 "$cmd" <<<"$all_options")" 23 | if [[ ${cur} == -* ]] ; then 24 | opts="$(echo "$opt_line" | tr ' ' '\n' | awk '/^ *-/{gsub("[^a-zA-Z0-9-]","",$1);print $1}')" 25 | # shellcheck disable=SC2207 26 | COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") ) 27 | return 0 28 | fi 29 | 30 | # shellcheck disable=SC2086 31 | opts="$(echo $opt_line | grep -Po '{\K[^}]+' | tr ',' '\n')" 32 | # shellcheck disable=SC2207 33 | COMPREPLY=( $(compgen -W "${opts}" -- "${cur}") ) 34 | } 35 | 36 | complete -F _show_complete pwnagotchi 37 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-noobs/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | NOOBS_DIR="${STAGE_WORK_DIR}/${IMG_NAME}${IMG_SUFFIX}" 4 | mkdir -p "${STAGE_WORK_DIR}" 5 | 6 | IMG_FILE="${WORK_DIR}/export-image/${IMG_FILENAME}${IMG_SUFFIX}.img" 7 | 8 | unmount_image "${IMG_FILE}" 9 | 10 | rm -rf "${NOOBS_DIR}" 11 | 12 | echo "Creating loop device..." 13 | cnt=0 14 | until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do 15 | if [ $cnt -lt 5 ]; then 16 | cnt=$((cnt + 1)) 17 | echo "Error in losetup. Retrying..." 18 | sleep 5 19 | else 20 | echo "ERROR: losetup failed; exiting" 21 | exit 1 22 | fi 23 | done 24 | 25 | ensure_loopdev_partitions "$LOOP_DEV" 26 | BOOT_DEV="${LOOP_DEV}p1" 27 | ROOT_DEV="${LOOP_DEV}p2" 28 | 29 | mkdir -p "${STAGE_WORK_DIR}/rootfs" 30 | mkdir -p "${NOOBS_DIR}" 31 | 32 | mount "$ROOT_DEV" "${STAGE_WORK_DIR}/rootfs" 33 | mount "$BOOT_DEV" "${STAGE_WORK_DIR}/rootfs/boot" 34 | 35 | ln -sv "/lib/systemd/system/apply_noobs_os_config.service" "$ROOTFS_DIR/etc/systemd/system/multi-user.target.wants/apply_noobs_os_config.service" 36 | 37 | KERNEL_VER="$(zgrep -oPm 1 "Linux version \K(.*)$" "${STAGE_WORK_DIR}/rootfs/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" | cut -f-2 -d.)" 38 | echo "$KERNEL_VER" > "${STAGE_WORK_DIR}/kernel_version" 39 | 40 | bsdtar --numeric-owner --format gnutar -C "${STAGE_WORK_DIR}/rootfs/boot" -cpf - . | xz -T0 > "${NOOBS_DIR}/boot.tar.xz" 41 | umount "${STAGE_WORK_DIR}/rootfs/boot" 42 | bsdtar --numeric-owner --format gnutar -C "${STAGE_WORK_DIR}/rootfs" --one-file-system -cpf - . | xz -T0 > "${NOOBS_DIR}/root.tar.xz" 43 | 44 | unmount_image "${IMG_FILE}" 45 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-noobs/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | NOOBS_DIR="${STAGE_WORK_DIR}/${IMG_NAME}${IMG_SUFFIX}" 4 | mkdir -p "${STAGE_WORK_DIR}" 5 | 6 | IMG_FILE="${WORK_DIR}/export-image/${IMG_FILENAME}${IMG_SUFFIX}.img" 7 | 8 | unmount_image "${IMG_FILE}" 9 | 10 | rm -rf "${NOOBS_DIR}" 11 | 12 | echo "Creating loop device..." 13 | cnt=0 14 | until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do 15 | if [ $cnt -lt 5 ]; then 16 | cnt=$((cnt + 1)) 17 | echo "Error in losetup. Retrying..." 18 | sleep 5 19 | else 20 | echo "ERROR: losetup failed; exiting" 21 | exit 1 22 | fi 23 | done 24 | 25 | ensure_loopdev_partitions "$LOOP_DEV" 26 | BOOT_DEV="${LOOP_DEV}p1" 27 | ROOT_DEV="${LOOP_DEV}p2" 28 | 29 | mkdir -p "${STAGE_WORK_DIR}/rootfs" 30 | mkdir -p "${NOOBS_DIR}" 31 | 32 | mount "$ROOT_DEV" "${STAGE_WORK_DIR}/rootfs" 33 | mount "$BOOT_DEV" "${STAGE_WORK_DIR}/rootfs/boot" 34 | 35 | ln -sv "/lib/systemd/system/apply_noobs_os_config.service" "$ROOTFS_DIR/etc/systemd/system/multi-user.target.wants/apply_noobs_os_config.service" 36 | 37 | KERNEL_VER="$(zgrep -oPm 1 "Linux version \K(.*)$" "${STAGE_WORK_DIR}/rootfs/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" | cut -f-2 -d.)" 38 | echo "$KERNEL_VER" > "${STAGE_WORK_DIR}/kernel_version" 39 | 40 | bsdtar --numeric-owner --format gnutar -C "${STAGE_WORK_DIR}/rootfs/boot" -cpf - . | xz -T0 > "${NOOBS_DIR}/boot.tar.xz" 41 | umount "${STAGE_WORK_DIR}/rootfs/boot" 42 | bsdtar --numeric-owner --format gnutar -C "${STAGE_WORK_DIR}/rootfs" --one-file-system -cpf - . | xz -T0 > "${NOOBS_DIR}/root.tar.xz" 43 | 44 | unmount_image "${IMG_FILE}" 45 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Description 4 | 5 | 6 | ## Motivation and Context 7 | 8 | 9 | - [ ] I have raised an issue to propose this change ([required](https://github.com/evilsocket/pwnagotchi/blob/master/CONTRIBUTING.md)) 10 | 11 | 12 | ## How Has This Been Tested? 13 | 14 | 15 | 16 | 17 | ## Types of changes 18 | 19 | - [ ] Bug fix (non-breaking change which fixes an issue) 20 | - [ ] New feature (non-breaking change which adds functionality) 21 | - [ ] Breaking change (fix or feature that would cause existing functionality to change) 22 | 23 | ## Checklist: 24 | 25 | 26 | - [ ] My code follows the code style of this project. 27 | - [ ] My change requires a change to the documentation. 28 | - [ ] I have updated the documentation accordingly. 29 | - [ ] I've read the [CONTRIBUTION](https://github.com/evilsocket/pwnagotchi/blob/master/CONTRIBUTING.md) guide 30 | - [ ] I have signed-off my commits with `git commit -s` 31 | -------------------------------------------------------------------------------- /scripts/restore.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | usage() { 4 | echo "Usage: restore.sh [-bhnu] [-h] [-b backup name] [-n host name] [-u user name]" 5 | } 6 | 7 | while getopts "hb:n:u:" arg; do 8 | case $arg in 9 | b) 10 | BACKUP=$OPTARG 11 | ;; 12 | h) 13 | usage 14 | exit 15 | ;; 16 | n) 17 | UNIT_HOSTNAME=$OPTARG 18 | ;; 19 | u) 20 | UNIT_USERNAME=$OPTARG 21 | ;; 22 | *) 23 | usage 24 | exit 1 25 | esac 26 | done 27 | # name of the ethernet gadget interface on the host 28 | UNIT_HOSTNAME=${UNIT_HOSTNAME:-10.0.0.2} 29 | # output backup tgz file 30 | # shellcheck disable=SC2086 31 | if [ -z $BACKUP ]; then 32 | # shellcheck disable=SC2012 33 | BACKUP=$(ls -rt "${UNIT_HOSTNAME}"-backup-*.tgz 2>/dev/null | tail -n1) 34 | if [ -z "$BACKUP" ]; then 35 | echo "@ Can't find backup file. Please specify one with '-b'" 36 | exit 1 37 | fi 38 | echo "@ Found backup file:" 39 | # shellcheck disable=SC2028 40 | echo "\t${BACKUP}" 41 | # shellcheck disable=SC2039 42 | echo -n "@ continue restroring this file? (y/n) " 43 | # shellcheck disable=SC2162 44 | read CONTINUE 45 | CONTINUE=$(echo "${CONTINUE}" | tr "[:upper:]" "[:lower:]") 46 | if [ "${CONTINUE}" != "y" ]; then 47 | exit 1 48 | fi 49 | fi 50 | # username to use for ssh 51 | UNIT_USERNAME=${UNIT_USERNAME:-pi} 52 | 53 | ping -c 1 "${UNIT_HOSTNAME}" > /dev/null 2>&1 || { 54 | echo "@ unit ${UNIT_HOSTNAME} can't be reached, make sure it's connected and a static IP assigned to the USB interface." 55 | exit 1 56 | } 57 | 58 | echo "@ restoring $BACKUP to $UNIT_HOSTNAME ..." 59 | # shellcheck disable=SC2002 60 | cat "${BACKUP}" | ssh "${UNIT_USERNAME}@${UNIT_HOSTNAME}" "sudo tar xzv -C /" 61 | -------------------------------------------------------------------------------- /stage3/07-patches/files/profile: -------------------------------------------------------------------------------- 1 | # /etc/profile: system-wide .profile file for the Bourne shell (sh(1)) 2 | # and Bourne compatible shells (bash(1), ksh(1), ash(1), ...). 3 | 4 | if [ "$(id -u)" -eq 0 ]; then 5 | PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 6 | else 7 | PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" 8 | fi 9 | export PATH 10 | 11 | if [ "${PS1-}" ]; then 12 | if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then 13 | # The file bash.bashrc already sets the default PS1. 14 | # PS1='\h:\w\$ ' 15 | if [ -f /etc/bash.bashrc ]; then 16 | . /etc/bash.bashrc 17 | fi 18 | else 19 | if [ "$(id -u)" -eq 0 ]; then 20 | PS1='# ' 21 | else 22 | PS1='$ ' 23 | fi 24 | fi 25 | fi 26 | 27 | if [ -d /etc/profile.d ]; then 28 | for i in /etc/profile.d/*.sh; do 29 | if [ -r $i ]; then 30 | . $i 31 | fi 32 | done 33 | unset i 34 | fi 35 | 36 | alias custom='cd /usr/local/share/pwnagotchi/custom-plugins/' 37 | alias config='sudo nano /etc/pwnagotchi/config.toml' 38 | alias pwnlog='tail -f -n300 /etc/pwnagotchi/log/pwnagotchi.log | sed --unbuffered "s/,[[:digit:]]\\{3\\}\\]//g" | cut -d " " -f 2-' 39 | alias pwnkill='sudo systemctl restart pwnagotchi' 40 | alias debug='sudo systemctl stop pwnagotchi && sudo pwnagotchi --debug' 41 | alias restart-manu='sudo touch /root/.pwnagotchi-manual && sudo rm -rf /root/.pwnagotchi-auto && sudo systemctl restart pwnagotchi' 42 | alias restart-auto='sudo touch /root/.pwnagotchi-auto && sudo rm -rf /root/.pwnagotchi-manual && sudo systemctl restart pwnagotchi' 43 | alias status='sudo systemctl status pwnagotchi' 44 | -------------------------------------------------------------------------------- /scripts/language.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu 4 | 5 | DEPENDENCIES=( 'xgettext' 'msgfmt' 'msgmerge' ) 6 | COMMANDS=( 'add' 'update' 'delete' 'compile' ) 7 | 8 | LOCALE_DIR="stage3/05-install-pwnagotchi/files/pwnagotchi/pwnagotchi/locale" 9 | VOICE_FILE="stage3/05-install-pwnagotchi/files/pwnagotchi/pwnagotchi/voice.py" 10 | 11 | function usage() { 12 | cat < [options] 15 | 16 | Commands: 17 | add 18 | delete 19 | compile 20 | update 21 | 22 | EOF 23 | } 24 | 25 | for REQ in "${DEPENDENCIES[@]}"; do 26 | if ! type "$REQ" >/dev/null 2>&1; then 27 | echo "Dependency check failed for ${REQ}" 28 | exit 1 29 | fi 30 | done 31 | 32 | 33 | if [[ ! "${COMMANDS[*]}" =~ $1 ]]; then 34 | usage 35 | fi 36 | 37 | 38 | function add_lang() { 39 | mkdir -p "$LOCALE_DIR/$1/LC_MESSAGES" 40 | cp -n "$LOCALE_DIR/voice.pot" "$LOCALE_DIR/$1/LC_MESSAGES/voice.po" 41 | } 42 | 43 | function del_lang() { 44 | # set -eu is present; so not dangerous 45 | # shellcheck disable=SC2115 46 | rm -rf "$LOCALE_DIR/$1" 47 | } 48 | 49 | function comp_lang() { 50 | msgfmt -o "$LOCALE_DIR/$1/LC_MESSAGES/voice.mo" "$LOCALE_DIR/$1/LC_MESSAGES/voice.po" 51 | } 52 | 53 | function update_lang() { 54 | xgettext --no-location -d voice -o "$LOCALE_DIR/voice.pot" "$VOICE_FILE" 55 | msgmerge --update "$LOCALE_DIR/$1/LC_MESSAGES/voice.po" "$LOCALE_DIR/voice.pot" 56 | } 57 | 58 | 59 | case "$1" in 60 | add) 61 | add_lang "$2" 62 | ;; 63 | delete) 64 | del_lang "$2" 65 | ;; 66 | compile) 67 | comp_lang "$2" 68 | ;; 69 | update) 70 | update_lang "$2" 71 | ;; 72 | esac 73 | -------------------------------------------------------------------------------- /stage3/07-patches/files/01-motd: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | _hostname=$(hostname) 3 | _version=$(cut -d"'" -f2 < /home/pi/.pwn/lib/python3.11/site-packages/pwnagotchi/_version.py) 4 | echo 5 | echo "(◕‿‿◕) $_hostname" 6 | echo 7 | echo " Hi! I'm a pwnagotchi, version $_version, please take good care of me!" 8 | echo " Here are some basic things you need to know to raise me properly!" 9 | echo 10 | echo " If you want to change my configuration, use /etc/pwnagotchi/config.toml" 11 | echo " All plugin config files are located in /etc/pwnagotchi/conf.d/" 12 | echo " Read the readme if you want to use gdrivesync plugin!!" 13 | echo 14 | echo " All the configuration options can be found in /etc/pwnagotchi/default.toml," 15 | echo " but don't change this file because I will recreate it every time I'm restarted!" 16 | echo 17 | echo " I use oPwnGrid as my main API, you can check stats at https://opwngrid.xyz" 18 | echo 19 | echo " I'm managed by systemd. Here are some basic commands." 20 | echo 21 | echo " If you want to know what I'm doing, you can check my logs with the command" 22 | echo " - pwnlog" 23 | echo " - sudo pwnagotchi --wizard, to help set up a config.toml" 24 | echo " - sudo pwnagotchi --version, to check the current version" 25 | echo " - sudo pwnagotchi --donate, to see how you can donate to this project" 26 | echo " - sudo pwnagotchi --check-update, to see if there is a new version available" 27 | echo 28 | echo " If you want to know if I'm running, you can use" 29 | echo " sudo systemctl status pwnagotchi" 30 | echo 31 | echo " You can restart me using" 32 | echo " pwnkill" 33 | echo 34 | echo " You can learn more about me at https://pwnagotchi.org/" 35 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage0/00-configure-apt/files/raspberrypi.gpg.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1.4.12 (GNU/Linux) 3 | 4 | mQENBE/d7o8BCACrwqQacGJfn3tnMzGui6mv2lLxYbsOuy/+U4rqMmGEuo3h9m92 5 | 30E2EtypsoWczkBretzLUCFv+VUOxaA6sV9+puTqYGhhQZFuKUWcG7orf7QbZRuu 6 | TxsEUepW5lg7MExmAu1JJzqM0kMQX8fVyWVDkjchZ/is4q3BPOUCJbUJOsE+kK/6 7 | 8kW6nWdhwSAjfDh06bA5wvoXNjYoDdnSZyVdcYCPEJXEg5jfF/+nmiFKMZBraHwn 8 | eQsepr7rBXxNcEvDlSOPal11fg90KXpy7Umre1UcAZYJdQeWcHu7X5uoJx/MG5J8 9 | ic6CwYmDaShIFa92f8qmFcna05+lppk76fsnABEBAAG0IFJhc3BiZXJyeSBQaSBB 10 | cmNoaXZlIFNpZ25pbmcgS2V5iQE4BBMBAgAiBQJP3e6PAhsDBgsJCAcDAgYVCAIJ 11 | CgsEFgIDAQIeAQIXgAAKCRCCsSmSf6MwPk6vB/9pePB3IukU9WC9Bammh3mpQTvL 12 | OifbkzHkmAYxzjfK6D2I8pT0xMxy949+ThzJ7uL60p6T/32ED9DR3LHIMXZvKtuc 13 | mQnSiNDX03E2p7lIP/htoxW2hDP2n8cdlNdt0M9IjaWBppsbO7IrDppG2B1aRLni 14 | uD7v8bHRL2mKTtIDLX42Enl8aLAkJYgNWpZyPkDyOqamjijarIWjGEPCkaURF7g4 15 | d44HvYhpbLMOrz1m6N5Bzoa5+nq3lmifeiWKxioFXU+Hy5bhtAM6ljVb59hbD2ra 16 | X4+3LXC9oox2flmQnyqwoyfZqVgSQa0B41qEQo8t1bz6Q1Ti7fbMLThmbRHiuQEN 17 | BE/d7o8BCADNlVtBZU63fm79SjHh5AEKFs0C3kwa0mOhp9oas/haDggmhiXdzeD3 18 | 49JWz9ZTx+vlTq0s+I+nIR1a+q+GL+hxYt4HhxoA6vlDMegVfvZKzqTX9Nr2VqQa 19 | S4Kz3W5ULv81tw3WowK6i0L7pqDmvDqgm73mMbbxfHD0SyTt8+fk7qX6Ag2pZ4a9 20 | ZdJGxvASkh0McGpbYJhk1WYD+eh4fqH3IaeJi6xtNoRdc5YXuzILnp+KaJyPE5CR 21 | qUY5JibOD3qR7zDjP0ueP93jLqmoKltCdN5+yYEExtSwz5lXniiYOJp8LWFCgv5h 22 | m8aYXkcJS1xVV9Ltno23YvX5edw9QY4hABEBAAGJAR8EGAECAAkFAk/d7o8CGwwA 23 | CgkQgrEpkn+jMD5Figf/dIC1qtDMTbu5IsI5uZPX63xydaExQNYf98cq5H2fWF6O 24 | yVR7ERzA2w33hI0yZQrqO6pU9SRnHRxCFvGv6y+mXXXMRcmjZG7GiD6tQWeN/3wb 25 | EbAn5cg6CJ/Lk/BI4iRRfBX07LbYULCohlGkwBOkRo10T+Ld4vCCnBftCh5x2OtZ 26 | TOWRULxP36y2PLGVNF+q9pho98qx+RIxvpofQM/842ZycjPJvzgVQsW4LT91KYAE 27 | 4TVf6JjwUM6HZDoiNcX6d7zOhNfQihXTsniZZ6rky287htsWVDNkqOi5T3oTxWUo 28 | m++/7s3K3L0zWopdhMVcgg6Nt9gcjzqN1c0gy55L/g== 29 | =mNSj 30 | -----END PGP PUBLIC KEY BLOCK----- 31 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage0/00-configure-apt/files/raspberrypi.gpg.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1.4.12 (GNU/Linux) 3 | 4 | mQENBE/d7o8BCACrwqQacGJfn3tnMzGui6mv2lLxYbsOuy/+U4rqMmGEuo3h9m92 5 | 30E2EtypsoWczkBretzLUCFv+VUOxaA6sV9+puTqYGhhQZFuKUWcG7orf7QbZRuu 6 | TxsEUepW5lg7MExmAu1JJzqM0kMQX8fVyWVDkjchZ/is4q3BPOUCJbUJOsE+kK/6 7 | 8kW6nWdhwSAjfDh06bA5wvoXNjYoDdnSZyVdcYCPEJXEg5jfF/+nmiFKMZBraHwn 8 | eQsepr7rBXxNcEvDlSOPal11fg90KXpy7Umre1UcAZYJdQeWcHu7X5uoJx/MG5J8 9 | ic6CwYmDaShIFa92f8qmFcna05+lppk76fsnABEBAAG0IFJhc3BiZXJyeSBQaSBB 10 | cmNoaXZlIFNpZ25pbmcgS2V5iQE4BBMBAgAiBQJP3e6PAhsDBgsJCAcDAgYVCAIJ 11 | CgsEFgIDAQIeAQIXgAAKCRCCsSmSf6MwPk6vB/9pePB3IukU9WC9Bammh3mpQTvL 12 | OifbkzHkmAYxzjfK6D2I8pT0xMxy949+ThzJ7uL60p6T/32ED9DR3LHIMXZvKtuc 13 | mQnSiNDX03E2p7lIP/htoxW2hDP2n8cdlNdt0M9IjaWBppsbO7IrDppG2B1aRLni 14 | uD7v8bHRL2mKTtIDLX42Enl8aLAkJYgNWpZyPkDyOqamjijarIWjGEPCkaURF7g4 15 | d44HvYhpbLMOrz1m6N5Bzoa5+nq3lmifeiWKxioFXU+Hy5bhtAM6ljVb59hbD2ra 16 | X4+3LXC9oox2flmQnyqwoyfZqVgSQa0B41qEQo8t1bz6Q1Ti7fbMLThmbRHiuQEN 17 | BE/d7o8BCADNlVtBZU63fm79SjHh5AEKFs0C3kwa0mOhp9oas/haDggmhiXdzeD3 18 | 49JWz9ZTx+vlTq0s+I+nIR1a+q+GL+hxYt4HhxoA6vlDMegVfvZKzqTX9Nr2VqQa 19 | S4Kz3W5ULv81tw3WowK6i0L7pqDmvDqgm73mMbbxfHD0SyTt8+fk7qX6Ag2pZ4a9 20 | ZdJGxvASkh0McGpbYJhk1WYD+eh4fqH3IaeJi6xtNoRdc5YXuzILnp+KaJyPE5CR 21 | qUY5JibOD3qR7zDjP0ueP93jLqmoKltCdN5+yYEExtSwz5lXniiYOJp8LWFCgv5h 22 | m8aYXkcJS1xVV9Ltno23YvX5edw9QY4hABEBAAGJAR8EGAECAAkFAk/d7o8CGwwA 23 | CgkQgrEpkn+jMD5Figf/dIC1qtDMTbu5IsI5uZPX63xydaExQNYf98cq5H2fWF6O 24 | yVR7ERzA2w33hI0yZQrqO6pU9SRnHRxCFvGv6y+mXXXMRcmjZG7GiD6tQWeN/3wb 25 | EbAn5cg6CJ/Lk/BI4iRRfBX07LbYULCohlGkwBOkRo10T+Ld4vCCnBftCh5x2OtZ 26 | TOWRULxP36y2PLGVNF+q9pho98qx+RIxvpofQM/842ZycjPJvzgVQsW4LT91KYAE 27 | 4TVf6JjwUM6HZDoiNcX6d7zOhNfQihXTsniZZ6rky287htsWVDNkqOi5T3oTxWUo 28 | m++/7s3K3L0zWopdhMVcgg6Nt9gcjzqN1c0gy55L/g== 29 | =mNSj 30 | -----END PGP PUBLIC KEY BLOCK----- 31 | -------------------------------------------------------------------------------- /scripts/backup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | usage() { 4 | echo "Usage: backup.sh [-honu] [-h] [-u user] [-n host name or ip] [-o output]" 5 | } 6 | 7 | while getopts "ho:n:u:" arg; do 8 | case $arg in 9 | h) 10 | usage 11 | exit 12 | ;; 13 | n) 14 | UNIT_HOSTNAME=$OPTARG 15 | ;; 16 | o) 17 | OUTPUT=$OPTARG 18 | ;; 19 | u) 20 | UNIT_USERNAME=$OPTARG 21 | ;; 22 | *) 23 | usage 24 | exit 1 25 | esac 26 | done 27 | 28 | # name of the ethernet gadget interface on the host 29 | UNIT_HOSTNAME=${UNIT_HOSTNAME:-10.0.0.2} 30 | # output backup tgz file 31 | OUTPUT=${OUTPUT:-${UNIT_HOSTNAME}-backup-$(date +%s).tgz} 32 | # username to use for ssh 33 | UNIT_USERNAME=${UNIT_USERNAME:-pi} 34 | # what to backup 35 | FILES_TO_BACKUP="/boot/firmware/cmdline.txt \ 36 | /boot/firmware/config.txt \ 37 | /root/settings.yaml \ 38 | /root/client_secrets.json \ 39 | /root/.api-report.json \ 40 | /root/.ssh \ 41 | /root/.bashrc \ 42 | /root/.profile \ 43 | /home/pi/handshakes \ 44 | /root/peers \ 45 | /etc/modprobe.d/g_ether.conf \ 46 | /etc/pwnagotchi/ \ 47 | /etc/ssh/ \ 48 | /etc/pwnagotchi/log/pwnagotchi.log \ 49 | /etc/pwnagotchi/log/pwnagotchi*.gz \ 50 | /home/pi/.ssh \ 51 | /home/pi/.bashrc \ 52 | /home/pi/.profile \ 53 | /root/.api-report.json \ 54 | /root/.auto-update \ 55 | /root/.bt-tether* \ 56 | /root/.ohc_uploads \ 57 | /root/.wigle_uploads \ 58 | /home/pi/.wpa_sec_uploads" 59 | 60 | ping -c 1 "${UNIT_HOSTNAME}" > /dev/null 2>&1 || { 61 | echo "@ unit ${UNIT_HOSTNAME} can't be reached, make sure it's connected and a static IP assigned to the USB interface." 62 | exit 1 63 | } 64 | 65 | echo "@ backing up $UNIT_HOSTNAME to $OUTPUT ..." 66 | # shellcheck disable=SC2029 67 | ssh "${UNIT_USERNAME}@${UNIT_HOSTNAME}" "sudo find ${FILES_TO_BACKUP} -type f -print0 | xargs -0 sudo tar cv" | gzip -9 > "$OUTPUT" 68 | -------------------------------------------------------------------------------- /stage3/07-patches/files/sudoers: -------------------------------------------------------------------------------- 1 | # Please consider adding local content in /etc/sudoers.d/ instead of 2 | # directly modifying this file. 3 | # 4 | # See the man page for details on how to write a sudoers file. 5 | # 6 | Defaults env_reset 7 | Defaults mail_badpass 8 | Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/pi/.pwn/bin/" 9 | 10 | # This fixes CVE-2005-4890 and possibly breaks some versions of kdesu 11 | # (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532) 12 | Defaults use_pty 13 | 14 | # This preserves proxy settings from user environments of root 15 | # equivalent users (group sudo) 16 | #Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy" 17 | 18 | # This allows running arbitrary commands, but so does ALL, and it means 19 | # different sudoers have their choice of editor respected. 20 | #Defaults:%sudo env_keep += "EDITOR" 21 | 22 | # Completely harmless preservation of a user preference. 23 | #Defaults:%sudo env_keep += "GREP_COLOR" 24 | 25 | # While you shouldn't normally run git as root, you need to with etckeeper 26 | #Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*" 27 | 28 | # Per-user preferences; root won't have sensible values for them. 29 | #Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME" 30 | 31 | # "sudo scp" or "sudo rsync" should be able to use your SSH agent. 32 | #Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK" 33 | 34 | # Ditto for GPG agent 35 | #Defaults:%sudo env_keep += "GPG_AGENT_INFO" 36 | 37 | # Host alias specification 38 | 39 | # User alias specification 40 | 41 | # Cmnd alias specification 42 | 43 | # User privilege specification 44 | root ALL=(ALL:ALL) ALL 45 | 46 | # Allow members of group sudo to execute any command 47 | %sudo ALL=(ALL:ALL) ALL 48 | 49 | # See sudoers(5) for more information on "@include" directives: 50 | 51 | @includedir /etc/sudoers.d 52 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/files/network-config: -------------------------------------------------------------------------------- 1 | # This file contains a netplan-compatible configuration which cloud-init will 2 | # apply on first-boot (note: it will *not* update the config after the first 3 | # boot). Please refer to the cloud-init documentation and the netplan reference 4 | # for full details: 5 | # 6 | # https://netplan.io/reference 7 | # https://cloudinit.readthedocs.io/en/latest/topics/network-config.html 8 | # https://cloudinit.readthedocs.io/en/latest/topics/network-config-format-v2.html 9 | # 10 | # Please note that the YAML format employed by this file is sensitive to 11 | # differences in whitespace; if you are editing this file in an editor (like 12 | # Notepad) which uses literal tabs, take care to only use spaces for 13 | # indentation. See the following link for more details: 14 | # 15 | # https://en.wikipedia.org/wiki/YAML 16 | # 17 | # Additionally, please be aware that if your boot sequence depends on active 18 | # networking (e.g. if your cloud-init configuration pulls packages or SSH 19 | # keys from the network), you *must* mark at least one interface as required 20 | # ("optional: false") below. Otherwise, particularly on faster boards, 21 | # cloud-init will start attempting to use the network before it is ready 22 | 23 | # Some additional examples are commented out below 24 | 25 | #network: 26 | # version: 2 27 | # 28 | # ethernets: 29 | # eth0: 30 | # dhcp4: true 31 | # optional: true 32 | 33 | # wifis: 34 | # wlan0: 35 | # dhcp4: true 36 | # optional: true 37 | # access-points: 38 | # myhomewifi: 39 | # password: "S3kr1t" 40 | # myworkwifi: 41 | # password: "correct battery horse staple" 42 | # workssid: 43 | # auth: 44 | # key-management: eap 45 | # method: peap 46 | # identity: "me@example.com" 47 | # password: "passw0rd" 48 | # ca-certificate: /etc/my_ca.pem 49 | 50 | # regulatory-domain: GB 51 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/files/network-config: -------------------------------------------------------------------------------- 1 | # This file contains a netplan-compatible configuration which cloud-init will 2 | # apply on first-boot (note: it will *not* update the config after the first 3 | # boot). Please refer to the cloud-init documentation and the netplan reference 4 | # for full details: 5 | # 6 | # https://netplan.io/reference 7 | # https://cloudinit.readthedocs.io/en/latest/topics/network-config.html 8 | # https://cloudinit.readthedocs.io/en/latest/topics/network-config-format-v2.html 9 | # 10 | # Please note that the YAML format employed by this file is sensitive to 11 | # differences in whitespace; if you are editing this file in an editor (like 12 | # Notepad) which uses literal tabs, take care to only use spaces for 13 | # indentation. See the following link for more details: 14 | # 15 | # https://en.wikipedia.org/wiki/YAML 16 | # 17 | # Additionally, please be aware that if your boot sequence depends on active 18 | # networking (e.g. if your cloud-init configuration pulls packages or SSH 19 | # keys from the network), you *must* mark at least one interface as required 20 | # ("optional: false") below. Otherwise, particularly on faster boards, 21 | # cloud-init will start attempting to use the network before it is ready 22 | 23 | # Some additional examples are commented out below 24 | 25 | #network: 26 | # version: 2 27 | # 28 | # ethernets: 29 | # eth0: 30 | # dhcp4: true 31 | # optional: true 32 | 33 | # wifis: 34 | # wlan0: 35 | # dhcp4: true 36 | # optional: true 37 | # access-points: 38 | # myhomewifi: 39 | # password: "S3kr1t" 40 | # myworkwifi: 41 | # password: "correct battery horse staple" 42 | # workssid: 43 | # auth: 44 | # key-management: eap 45 | # method: peap 46 | # identity: "me@example.com" 47 | # password: "passw0rd" 48 | # ca-certificate: /etc/my_ca.pem 49 | 50 | # regulatory-domain: GB 51 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-noobs/00-release/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | NOOBS_DIR="${STAGE_WORK_DIR}/${IMG_NAME}${IMG_SUFFIX}" 4 | 5 | install -v -m 744 files/partition_setup.sh "${NOOBS_DIR}/" 6 | install -v files/partitions.json "${NOOBS_DIR}/" 7 | install -v files/os.json "${NOOBS_DIR}/" 8 | install -v files/OS.png "${NOOBS_DIR}/" 9 | install -v files/release_notes.txt "${NOOBS_DIR}/" 10 | 11 | tar -v -c -C files/marketing -f "${NOOBS_DIR}/marketing.tar" . 12 | 13 | BOOT_SHASUM="$(sha256sum "${NOOBS_DIR}/boot.tar.xz" | cut -f1 -d' ')" 14 | ROOT_SHASUM="$(sha256sum "${NOOBS_DIR}/root.tar.xz" | cut -f1 -d' ')" 15 | 16 | BOOT_SIZE="$(xz --robot -l "${NOOBS_DIR}/boot.tar.xz" | grep totals | cut -f 5)" 17 | ROOT_SIZE="$(xz --robot -l "${NOOBS_DIR}/root.tar.xz" | grep totals | cut -f 5)" 18 | 19 | BOOT_SIZE="$(( BOOT_SIZE / 1024 / 1024 + 1))" 20 | ROOT_SIZE="$(( ROOT_SIZE / 1024 / 1024 + 1))" 21 | 22 | BOOT_NOM="256" 23 | ROOT_NOM="$(echo "$ROOT_SIZE" | awk '{printf "%.0f", (($1 + 400) * 1.2) + 0.5 }')" 24 | 25 | mv "${NOOBS_DIR}/OS.png" "${NOOBS_DIR}/${NOOBS_NAME// /_}.png" 26 | 27 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|BOOT_SHASUM|${BOOT_SHASUM}|" 28 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|ROOT_SHASUM|${ROOT_SHASUM}|" 29 | 30 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|BOOT_SIZE|${BOOT_SIZE}|" 31 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|ROOT_SIZE|${ROOT_SIZE}|" 32 | 33 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|BOOT_NOM|${BOOT_NOM}|" 34 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|ROOT_NOM|${ROOT_NOM}|" 35 | 36 | sed "${NOOBS_DIR}/os.json" -i -e "s|UNRELEASED|${IMG_DATE}|" 37 | sed "${NOOBS_DIR}/os.json" -i -e "s|NOOBS_NAME|${NOOBS_NAME}|" 38 | sed "${NOOBS_DIR}/os.json" -i -e "s|NOOBS_DESCRIPTION|${NOOBS_DESCRIPTION}|" 39 | sed "${NOOBS_DIR}/os.json" -i -e "s|RELEASE|${RELEASE}|" 40 | sed "${NOOBS_DIR}/os.json" -i -e "s|KERNEL|$(cat "${STAGE_WORK_DIR}/kernel_version")|" 41 | 42 | sed "${NOOBS_DIR}/release_notes.txt" -i -e "s|UNRELEASED|${IMG_DATE}|" 43 | 44 | cp -a "${NOOBS_DIR}" "${DEPLOY_DIR}/" 45 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-noobs/00-release/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | NOOBS_DIR="${STAGE_WORK_DIR}/${IMG_NAME}${IMG_SUFFIX}" 4 | 5 | install -v -m 744 files/partition_setup.sh "${NOOBS_DIR}/" 6 | install -v files/partitions.json "${NOOBS_DIR}/" 7 | install -v files/os.json "${NOOBS_DIR}/" 8 | install -v files/OS.png "${NOOBS_DIR}/" 9 | install -v files/release_notes.txt "${NOOBS_DIR}/" 10 | 11 | tar -v -c -C files/marketing -f "${NOOBS_DIR}/marketing.tar" . 12 | 13 | BOOT_SHASUM="$(sha256sum "${NOOBS_DIR}/boot.tar.xz" | cut -f1 -d' ')" 14 | ROOT_SHASUM="$(sha256sum "${NOOBS_DIR}/root.tar.xz" | cut -f1 -d' ')" 15 | 16 | BOOT_SIZE="$(xz --robot -l "${NOOBS_DIR}/boot.tar.xz" | grep totals | cut -f 5)" 17 | ROOT_SIZE="$(xz --robot -l "${NOOBS_DIR}/root.tar.xz" | grep totals | cut -f 5)" 18 | 19 | BOOT_SIZE="$(( BOOT_SIZE / 1024 / 1024 + 1))" 20 | ROOT_SIZE="$(( ROOT_SIZE / 1024 / 1024 + 1))" 21 | 22 | BOOT_NOM="256" 23 | ROOT_NOM="$(echo "$ROOT_SIZE" | awk '{printf "%.0f", (($1 + 400) * 1.2) + 0.5 }')" 24 | 25 | mv "${NOOBS_DIR}/OS.png" "${NOOBS_DIR}/${NOOBS_NAME// /_}.png" 26 | 27 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|BOOT_SHASUM|${BOOT_SHASUM}|" 28 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|ROOT_SHASUM|${ROOT_SHASUM}|" 29 | 30 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|BOOT_SIZE|${BOOT_SIZE}|" 31 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|ROOT_SIZE|${ROOT_SIZE}|" 32 | 33 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|BOOT_NOM|${BOOT_NOM}|" 34 | sed "${NOOBS_DIR}/partitions.json" -i -e "s|ROOT_NOM|${ROOT_NOM}|" 35 | 36 | sed "${NOOBS_DIR}/os.json" -i -e "s|UNRELEASED|${IMG_DATE}|" 37 | sed "${NOOBS_DIR}/os.json" -i -e "s|NOOBS_NAME|${NOOBS_NAME}|" 38 | sed "${NOOBS_DIR}/os.json" -i -e "s|NOOBS_DESCRIPTION|${NOOBS_DESCRIPTION}|" 39 | sed "${NOOBS_DIR}/os.json" -i -e "s|RELEASE|${RELEASE}|" 40 | sed "${NOOBS_DIR}/os.json" -i -e "s|KERNEL|$(cat "${STAGE_WORK_DIR}/kernel_version")|" 41 | 42 | sed "${NOOBS_DIR}/release_notes.txt" -i -e "s|UNRELEASED|${IMG_DATE}|" 43 | 44 | cp -a "${NOOBS_DIR}" "${DEPLOY_DIR}/" 45 | -------------------------------------------------------------------------------- /stage3/07-patches/files/85-nm-unmanaged.rules: -------------------------------------------------------------------------------- 1 | # Do not modify this file, it will get overwritten on updates. 2 | # To override or extend the rules place a file in /etc/udev/rules.d 3 | 4 | SUBSYSTEM!="net", GOTO="nm_unmanaged_end" 5 | ACTION!="add|change|move", GOTO="nm_unmanaged_end" 6 | 7 | # VirtualBox host networking. Out-of-tree driver that looks like an ordinary 8 | # Ethernet. No parent device (lives in /virtual/), no support for ethtool 9 | # to identify the driver, MAC address defaults to 08:00:27:, but can be 10 | # changed. Interface name will have to do, it's always vboxnet*. 11 | ENV{INTERFACE}=="vboxnet[0-9]*", ENV{NM_UNMANAGED}="1" 12 | 13 | # VMWare host networking. Out-of-tree driver that looks like an ordinary 14 | # Ethernet. No parent device (lives in /virtual/), no support for 15 | # ethtool to identify the driver. They have their own MAC prefix that 16 | # can not be changed. 17 | ATTR{address}=="00:50:56:*", ENV{INTERFACE}=="vmnet[0-9]*", ENV{NM_UNMANAGED}="1" 18 | 19 | # Parallels Workstation host networking. Out-of-tree driver that looks like 20 | # an ordinary Ethernet. No parent device (lives in /virtual/), no support for 21 | # ethtool to identify the driver and the interface name is too generic. 22 | # However, they have their own MAC prefix that can not be changed. 23 | ATTR{address}=="00:1c:42:*", ENV{INTERFACE}=="vnic[0-9]*", ENV{NM_UNMANAGED}="1" 24 | 25 | # Virtual Ethernet device pair. Often used to communicate with a peer interface 26 | # in another net namespace and managed by libvirt, Docker or the like. 27 | # Generally we don't want to mess with those. One exception would be the 28 | # full system containers, like LXC or LXD. LXC containers run via libvirt 29 | # don't use udev, so this doesn't apply. LXD does, though. To deal with the 30 | # LXD situation, let's treat the devices called eth* as regular ethernet. 31 | ENV{ID_NET_DRIVER}=="veth", ENV{INTERFACE}!="eth[0-9]*", ENV{NM_UNMANAGED}="1" 32 | 33 | # USB gadget device. Unmanage by default, since whatever created it 34 | # might want to set it up itself (e.g. activate an ipv4.method=shared 35 | # connection). 36 | ENV{DEVTYPE}=="gadget", ENV{NM_UNMANAGED}="0" 37 | ENV{DEVTYPE}=="loopback", ENV{NM_UNMANAGED}="0" 38 | LABEL="nm_unmanaged_end" 39 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/01-sys-tweaks/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -n "${PUBKEY_SSH_FIRST_USER}" ]; then 4 | install -v -m 0700 -o 1000 -g 1000 -d "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh 5 | echo "${PUBKEY_SSH_FIRST_USER}" >"${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys 6 | chown 1000:1000 "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys 7 | chmod 0600 "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys 8 | fi 9 | 10 | if [ "${PUBKEY_ONLY_SSH}" = "1" ]; then 11 | sed -i -Ee 's/^#?[[:blank:]]*PubkeyAuthentication[[:blank:]]*no[[:blank:]]*$/PubkeyAuthentication yes/ 12 | s/^#?[[:blank:]]*PasswordAuthentication[[:blank:]]*yes[[:blank:]]*$/PasswordAuthentication no/' "${ROOTFS_DIR}"/etc/ssh/sshd_config 13 | fi 14 | 15 | on_chroot << EOF 16 | if [ "${ENABLE_SSH}" == "1" ]; then 17 | systemctl enable ssh 18 | else 19 | systemctl disable ssh 20 | fi 21 | EOF 22 | 23 | if [ "${USE_QEMU}" = "1" ]; then 24 | echo "enter QEMU mode" 25 | install -m 644 files/90-qemu.rules "${ROOTFS_DIR}/etc/udev/rules.d/" 26 | echo "leaving QEMU mode" 27 | fi 28 | 29 | 30 | on_chroot <<- EOF 31 | systemctl enable rpi-resize 32 | 33 | for GRP in input spi i2c gpio; do 34 | groupadd -f -r "\$GRP" 35 | done 36 | for GRP in adm dialout cdrom audio users sudo video games plugdev input gpio spi i2c netdev render; do 37 | adduser $FIRST_USER_NAME \$GRP 38 | done 39 | EOF 40 | 41 | if [ -f "${ROOTFS_DIR}/etc/sudoers.d/010_pi-nopasswd" ]; then 42 | sed -i "s/^pi /$FIRST_USER_NAME /" "${ROOTFS_DIR}/etc/sudoers.d/010_pi-nopasswd" 43 | fi 44 | 45 | on_chroot << EOF 46 | setupcon --force --save-only -v 47 | EOF 48 | 49 | on_chroot << EOF 50 | usermod --pass='*' root 51 | EOF 52 | 53 | rm -f "${ROOTFS_DIR}/etc/ssh/"ssh_host_*_key* 54 | 55 | sed -i 's/^FONTFACE=.*/FONTFACE=""/;s/^FONTSIZE=.*/FONTSIZE=""/' "${ROOTFS_DIR}/etc/default/console-setup" 56 | sed -i "s/PLACEHOLDER//" "${ROOTFS_DIR}/etc/default/keyboard" 57 | on_chroot << EOF 58 | DEBIAN_FRONTEND=noninteractive dpkg-reconfigure keyboard-configuration console-setup 59 | EOF 60 | 61 | if [ -e "${ROOTFS_DIR}/etc/avahi/avahi-daemon.conf" ]; then 62 | sed -i 's/^#\?publish-workstation=.*/publish-workstation=yes/' "${ROOTFS_DIR}/etc/avahi/avahi-daemon.conf" 63 | fi 64 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/01-sys-tweaks/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | if [ -n "${PUBKEY_SSH_FIRST_USER}" ]; then 4 | install -v -m 0700 -o 1000 -g 1000 -d "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh 5 | echo "${PUBKEY_SSH_FIRST_USER}" >"${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys 6 | chown 1000:1000 "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys 7 | chmod 0600 "${ROOTFS_DIR}"/home/"${FIRST_USER_NAME}"/.ssh/authorized_keys 8 | fi 9 | 10 | if [ "${PUBKEY_ONLY_SSH}" = "1" ]; then 11 | sed -i -Ee 's/^#?[[:blank:]]*PubkeyAuthentication[[:blank:]]*no[[:blank:]]*$/PubkeyAuthentication yes/ 12 | s/^#?[[:blank:]]*PasswordAuthentication[[:blank:]]*yes[[:blank:]]*$/PasswordAuthentication no/' "${ROOTFS_DIR}"/etc/ssh/sshd_config 13 | fi 14 | 15 | on_chroot << EOF 16 | if [ "${ENABLE_SSH}" == "1" ]; then 17 | systemctl enable ssh 18 | else 19 | systemctl disable ssh 20 | fi 21 | EOF 22 | 23 | if [ "${USE_QEMU}" = "1" ]; then 24 | echo "enter QEMU mode" 25 | install -m 644 files/90-qemu.rules "${ROOTFS_DIR}/etc/udev/rules.d/" 26 | echo "leaving QEMU mode" 27 | fi 28 | 29 | 30 | on_chroot <<- EOF 31 | systemctl enable rpi-resize 32 | 33 | for GRP in input spi i2c gpio; do 34 | groupadd -f -r "\$GRP" 35 | done 36 | for GRP in adm dialout cdrom audio users sudo video games plugdev input gpio spi i2c netdev render; do 37 | adduser $FIRST_USER_NAME \$GRP 38 | done 39 | EOF 40 | 41 | if [ -f "${ROOTFS_DIR}/etc/sudoers.d/010_pi-nopasswd" ]; then 42 | sed -i "s/^pi /$FIRST_USER_NAME /" "${ROOTFS_DIR}/etc/sudoers.d/010_pi-nopasswd" 43 | fi 44 | 45 | on_chroot << EOF 46 | setupcon --force --save-only -v 47 | EOF 48 | 49 | on_chroot << EOF 50 | usermod --pass='*' root 51 | EOF 52 | 53 | rm -f "${ROOTFS_DIR}/etc/ssh/"ssh_host_*_key* 54 | 55 | sed -i 's/^FONTFACE=.*/FONTFACE=""/;s/^FONTSIZE=.*/FONTSIZE=""/' "${ROOTFS_DIR}/etc/default/console-setup" 56 | sed -i "s/PLACEHOLDER//" "${ROOTFS_DIR}/etc/default/keyboard" 57 | on_chroot << EOF 58 | DEBIAN_FRONTEND=noninteractive dpkg-reconfigure keyboard-configuration console-setup 59 | EOF 60 | 61 | if [ -e "${ROOTFS_DIR}/etc/avahi/avahi-daemon.conf" ]; then 62 | sed -i 's/^#\?publish-workstation=.*/publish-workstation=yes/' "${ROOTFS_DIR}/etc/avahi/avahi-daemon.conf" 63 | fi 64 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 4 | 5 | unmount_image "${IMG_FILE}" 6 | 7 | rm -f "${IMG_FILE}" 8 | 9 | rm -rf "${ROOTFS_DIR}" 10 | mkdir -p "${ROOTFS_DIR}" 11 | 12 | BOOT_SIZE="$((512 * 1024 * 1024))" 13 | ROOT_SIZE=$(du -x --apparent-size -s "${EXPORT_ROOTFS_DIR}" --exclude var/cache/apt/archives --exclude boot/firmware --block-size=1 | cut -f 1) 14 | 15 | # All partition sizes and starts will be aligned to this size 16 | ALIGN="$((8 * 1024 * 1024))" 17 | # Add this much space to the calculated file size. This allows for 18 | # some overhead (since actual space usage is usually rounded up to the 19 | # filesystem block size) and gives some free space on the resulting 20 | # image. 21 | ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 200 * 1024 * 1024) / 1" | bc)" 22 | 23 | BOOT_PART_START=$((ALIGN)) 24 | BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN)) 25 | ROOT_PART_START=$((BOOT_PART_START + BOOT_PART_SIZE)) 26 | ROOT_PART_SIZE=$(((ROOT_SIZE + ROOT_MARGIN + ALIGN - 1) / ALIGN * ALIGN)) 27 | IMG_SIZE=$((BOOT_PART_START + BOOT_PART_SIZE + ROOT_PART_SIZE)) 28 | 29 | truncate -s "${IMG_SIZE}" "${IMG_FILE}" 30 | 31 | parted --script "${IMG_FILE}" mklabel msdos 32 | parted --script "${IMG_FILE}" unit B mkpart primary fat32 "${BOOT_PART_START}" "$((BOOT_PART_START + BOOT_PART_SIZE - 1))" 33 | parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${ROOT_PART_START}" "$((ROOT_PART_START + ROOT_PART_SIZE - 1))" 34 | 35 | echo "Creating loop device..." 36 | cnt=0 37 | until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do 38 | if [ $cnt -lt 5 ]; then 39 | cnt=$((cnt + 1)) 40 | echo "Error in losetup. Retrying..." 41 | sleep 5 42 | else 43 | echo "ERROR: losetup failed; exiting" 44 | exit 1 45 | fi 46 | done 47 | 48 | ensure_loopdev_partitions "$LOOP_DEV" 49 | BOOT_DEV="${LOOP_DEV}p1" 50 | ROOT_DEV="${LOOP_DEV}p2" 51 | 52 | ROOT_FEATURES="^huge_file" 53 | for FEATURE in 64bit; do 54 | if grep -q "$FEATURE" /etc/mke2fs.conf; then 55 | ROOT_FEATURES="^$FEATURE,$ROOT_FEATURES" 56 | fi 57 | done 58 | 59 | if [ "$BOOT_SIZE" -lt 134742016 ]; then 60 | FAT_SIZE=16 61 | else 62 | FAT_SIZE=32 63 | fi 64 | 65 | mkdosfs -n bootfs -F "$FAT_SIZE" -s 4 -v "$BOOT_DEV" > /dev/null 66 | mkfs.ext4 -L rootfs -O "$ROOT_FEATURES" "$ROOT_DEV" > /dev/null 67 | 68 | mount -v "$ROOT_DEV" "${ROOTFS_DIR}" -t ext4 69 | mkdir -p "${ROOTFS_DIR}/boot/firmware" 70 | mount -v "$BOOT_DEV" "${ROOTFS_DIR}/boot/firmware" -t vfat 71 | 72 | rsync -aHAXx --exclude /var/cache/apt/archives --exclude /boot/firmware "${EXPORT_ROOTFS_DIR}/" "${ROOTFS_DIR}/" 73 | rsync -rtx "${EXPORT_ROOTFS_DIR}/boot/firmware/" "${ROOTFS_DIR}/boot/firmware/" 74 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/prerun.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 4 | 5 | unmount_image "${IMG_FILE}" 6 | 7 | rm -f "${IMG_FILE}" 8 | 9 | rm -rf "${ROOTFS_DIR}" 10 | mkdir -p "${ROOTFS_DIR}" 11 | 12 | BOOT_SIZE="$((512 * 1024 * 1024))" 13 | ROOT_SIZE=$(du -x --apparent-size -s "${EXPORT_ROOTFS_DIR}" --exclude var/cache/apt/archives --exclude boot/firmware --block-size=1 | cut -f 1) 14 | 15 | # All partition sizes and starts will be aligned to this size 16 | ALIGN="$((8 * 1024 * 1024))" 17 | # Add this much space to the calculated file size. This allows for 18 | # some overhead (since actual space usage is usually rounded up to the 19 | # filesystem block size) and gives some free space on the resulting 20 | # image. 21 | ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 200 * 1024 * 1024) / 1" | bc)" 22 | 23 | BOOT_PART_START=$((ALIGN)) 24 | BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN)) 25 | ROOT_PART_START=$((BOOT_PART_START + BOOT_PART_SIZE)) 26 | ROOT_PART_SIZE=$(((ROOT_SIZE + ROOT_MARGIN + ALIGN - 1) / ALIGN * ALIGN)) 27 | IMG_SIZE=$((BOOT_PART_START + BOOT_PART_SIZE + ROOT_PART_SIZE)) 28 | 29 | truncate -s "${IMG_SIZE}" "${IMG_FILE}" 30 | 31 | parted --script "${IMG_FILE}" mklabel msdos 32 | parted --script "${IMG_FILE}" unit B mkpart primary fat32 "${BOOT_PART_START}" "$((BOOT_PART_START + BOOT_PART_SIZE - 1))" 33 | parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${ROOT_PART_START}" "$((ROOT_PART_START + ROOT_PART_SIZE - 1))" 34 | 35 | echo "Creating loop device..." 36 | cnt=0 37 | until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do 38 | if [ $cnt -lt 5 ]; then 39 | cnt=$((cnt + 1)) 40 | echo "Error in losetup. Retrying..." 41 | sleep 5 42 | else 43 | echo "ERROR: losetup failed; exiting" 44 | exit 1 45 | fi 46 | done 47 | 48 | ensure_loopdev_partitions "$LOOP_DEV" 49 | BOOT_DEV="${LOOP_DEV}p1" 50 | ROOT_DEV="${LOOP_DEV}p2" 51 | 52 | ROOT_FEATURES="^huge_file" 53 | for FEATURE in 64bit; do 54 | if grep -q "$FEATURE" /etc/mke2fs.conf; then 55 | ROOT_FEATURES="^$FEATURE,$ROOT_FEATURES" 56 | fi 57 | done 58 | 59 | if [ "$BOOT_SIZE" -lt 134742016 ]; then 60 | FAT_SIZE=16 61 | else 62 | FAT_SIZE=32 63 | fi 64 | 65 | mkdosfs -n bootfs -F "$FAT_SIZE" -s 4 -v "$BOOT_DEV" > /dev/null 66 | mkfs.ext4 -L rootfs -O "$ROOT_FEATURES" "$ROOT_DEV" > /dev/null 67 | 68 | mount -v "$ROOT_DEV" "${ROOTFS_DIR}" -t ext4 69 | mkdir -p "${ROOTFS_DIR}/boot/firmware" 70 | mount -v "$BOOT_DEV" "${ROOTFS_DIR}/boot/firmware" -t vfat 71 | 72 | rsync -aHAXx --exclude /var/cache/apt/archives --exclude /boot/firmware "${EXPORT_ROOTFS_DIR}/" "${ROOTFS_DIR}/" 73 | rsync -rtx "${EXPORT_ROOTFS_DIR}/boot/firmware/" "${ROOTFS_DIR}/boot/firmware/" 74 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | ## Contributing 2 | 3 | ### Guidelines 4 | 5 | Here are a few guidelines for contributing: 6 | 7 | * If you would like to contribute to the codebase **please raise an issue to propose the change** 8 | * Do not mix feature changes or fixes with refactoring - it makes the code harder to review and means there is more for the maintainers (with limited time) to test 9 | 10 | * If you have found a bug please raise an issue and fill out the whole template. 11 | * If the documentation can be improved / translated etc please raise an issue to discuss. 12 | * Please always provide a summary of what you changed, how you did it and how it can be tested. 13 | 14 | ### License 15 | 16 | This project is licensed under the GPL3 License. 17 | 18 | #### Sign your work 19 | 20 | The sign-off is a simple line at the end of the explanation for a patch. Your 21 | signature certifies that you wrote the patch or otherwise have the right to pass 22 | it on as an open-source patch. The rules are pretty simple: if you can certify 23 | the below (from [developercertificate.org](http://developercertificate.org/)): 24 | 25 | ``` 26 | Developer Certificate of Origin 27 | Version 1.1 28 | 29 | Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 30 | 1 Letterman Drive 31 | Suite D4700 32 | San Francisco, CA, 94129 33 | 34 | Everyone is permitted to copy and distribute verbatim copies of this 35 | license document, but changing it is not allowed. 36 | 37 | Developer's Certificate of Origin 1.1 38 | 39 | By making a contribution to this project, I certify that: 40 | 41 | (a) The contribution was created in whole or in part by me and I 42 | have the right to submit it under the open source license 43 | indicated in the file; or 44 | 45 | (b) The contribution is based upon previous work that, to the best 46 | of my knowledge, is covered under an appropriate open source 47 | license and I have the right under that license to submit that 48 | work with modifications, whether created in whole or in part 49 | by me, under the same open source license (unless I am 50 | permitted to submit under a different license), as indicated 51 | in the file; or 52 | 53 | (c) The contribution was provided directly to me by some other 54 | person who certified (a), (b) or (c) and I have not modified 55 | it. 56 | 57 | (d) I understand and agree that this project and the contribution 58 | are public and that a record of the contribution (including all 59 | personal information I submit with it, including my sign-off) is 60 | maintained indefinitely and may be redistributed consistent with 61 | this project or the open source license(s) involved. 62 | ``` 63 | 64 | Then you just add a line to every git commit message: 65 | 66 | Signed-off-by: Joe Smith 67 | 68 | If you set your `user.name` and `user.email` git configs, you can sign your 69 | commit automatically with `git commit -s`. 70 | 71 | * Please sign your commits with `git commit -s` so that commits are traceable. 72 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as 6 | contributors and maintainers pledge to making participation in our project and 7 | our community a harassment-free experience for everyone, regardless of age, body 8 | size, disability, ethnicity, sex characteristics, gender identity and expression, 9 | level of experience, education, socio-economic status, nationality, personal 10 | appearance, race, religion, or sexual identity and orientation. 11 | 12 | ## Our Standards 13 | 14 | Examples of behavior that contributes to creating a positive environment 15 | include: 16 | 17 | * Using welcoming and inclusive language 18 | * Being respectful of differing viewpoints and experiences 19 | * Gracefully accepting constructive criticism 20 | * Focusing on what is best for the community 21 | * Showing empathy towards other community members 22 | 23 | Examples of unacceptable behavior by participants include: 24 | 25 | * The use of sexualized language or imagery and unwelcome sexual attention or 26 | advances 27 | * Trolling, insulting/derogatory comments, and personal or political attacks 28 | * Public or private harassment 29 | * Publishing others' private information, such as a physical or electronic 30 | address, without explicit permission 31 | * Other conduct which could reasonably be considered inappropriate in a 32 | professional setting 33 | 34 | ## Our Responsibilities 35 | 36 | Project maintainers are responsible for clarifying the standards of acceptable 37 | behavior and are expected to take appropriate and fair corrective action in 38 | response to any instances of unacceptable behavior. 39 | 40 | Project maintainers have the right and responsibility to remove, edit, or 41 | reject comments, commits, code, wiki edits, issues, and other contributions 42 | that are not aligned to this Code of Conduct, or to ban temporarily or 43 | permanently any contributor for other behaviors that they deem inappropriate, 44 | threatening, offensive, or harmful. 45 | 46 | ## Scope 47 | 48 | This Code of Conduct applies both within project spaces and in public spaces 49 | when an individual is representing the project or its community. Examples of 50 | representing a project or community include using an official project e-mail 51 | address, posting via an official social media account, or acting as an appointed 52 | representative at an online or offline event. Representation of a project may be 53 | further defined and clarified by project maintainers. 54 | 55 | ## Enforcement 56 | 57 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 58 | reported by contacting the project team at pwnagotchi@gmail.com. All 59 | complaints will be reviewed and investigated and will result in a response that 60 | is deemed necessary and appropriate to the circumstances. The project team is 61 | obligated to maintain confidentiality with regard to the reporter of an incident. 62 | Further details of specific enforcement policies may be posted separately. 63 | 64 | Project maintainers who do not follow or enforce the Code of Conduct in good 65 | faith may face temporary or permanent repercussions as determined by other 66 | members of the project's leadership. 67 | 68 | ## Attribution 69 | 70 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, 71 | available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html 72 | 73 | [homepage]: https://www.contributor-covenant.org 74 | 75 | For answers to common questions about this code of conduct, see 76 | https://www.contributor-covenant.org/faq 77 | -------------------------------------------------------------------------------- /pi-gen-32bit/stage2/04-cloud-init/files/user-data: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | 3 | # This is the user-data configuration file for cloud-init. By default this sets 4 | # up an initial user called "ubuntu" with password "ubuntu", which must be 5 | # changed at first login. However, many additional actions can be initiated on 6 | # first boot from this file. The cloud-init documentation has more details: 7 | # 8 | # https://cloudinit.readthedocs.io/ 9 | # 10 | # Please note that the YAML format employed by this file is sensitive to 11 | # differences in whitespace; if you are editing this file in an editor (like 12 | # Notepad) which uses literal tabs, take care to only use spaces for 13 | # indentation. See the following link for more details: 14 | # 15 | # https://en.wikipedia.org/wiki/YAML 16 | # 17 | # Some additional examples are provided in comments below the default 18 | # configuration. 19 | 20 | ## Set the system's hostname. Please note that, unless you have a local DNS 21 | ## setup where the hostname is derived from DHCP requests (as with dnsmasq), 22 | ## setting the hostname here will not make the machine reachable by this name. 23 | ## You may also wish to install avahi-daemon (see the "packages:" key below) 24 | ## to make your machine reachable by the .local domain 25 | #hostname: raspberrypi 26 | 27 | ## Set up the keyboard layout. See localectl(1), in particular the various 28 | ## list-x11-* sub-commands, to determine the available models, layouts, 29 | ## variants, and options 30 | #keyboard: 31 | # model: pc105 32 | # layout: gb 33 | # variant: 34 | # options: ctrl:nocaps 35 | 36 | # Controls password authentication with the SSH daemon; the default here can 37 | # prevent logging into SSH with a password. Changing this is a security risk 38 | # and you should at the very least ensure a different default password is 39 | # specified above 40 | #ssh_pwauth: false 41 | 42 | ## On first boot, use ssh-import-id to give the specific users SSH access to 43 | ## the default user 44 | #ssh_import_id: 45 | #- lp:my_launchpad_username 46 | #- gh:my_github_username 47 | 48 | ## Add users and groups to the system, and import keys with the ssh-import-id 49 | ## utility 50 | #groups: 51 | #- robot: [robot] 52 | #- robotics: [robot] 53 | #- pi 54 | # 55 | #users: 56 | #- default 57 | #- name: robot 58 | # gecos: Mr. Robot 59 | # primary_group: robot 60 | # groups: users 61 | # ssh_import_id: foobar 62 | # lock_passwd: false 63 | # passwd: $5$hkui88$nvZgIle31cNpryjRfO9uArF7DYiBcWEnjqq7L1AQNN3 64 | 65 | ## Update apt database and upgrade packages on first boot 66 | #package_update: true 67 | #package_upgrade: true 68 | 69 | ## Install additional packages on first boot 70 | #packages: 71 | #- avahi-daemon 72 | #- rng-tools 73 | #- python3-gpiozero 74 | #- [python3-serial, 3.5-1] 75 | 76 | ## Write arbitrary files to the file-system (including binaries!) 77 | #write_files: 78 | #- path: /etc/default/console-setup 79 | # content: | 80 | # # Consult the console-setup(5) manual page. 81 | # ACTIVE_CONSOLES="/dev/tty[1-6]" 82 | # CHARMAP="UTF-8" 83 | # VIDEOMODE= 84 | # FONT="Lat15-Terminus18x10.psf.gz" 85 | # FONTFACE= 86 | # FONTSIZE= 87 | # CODESET="Lat15" 88 | # permissions: '0644' 89 | # owner: root:root 90 | #- encoding: gzip 91 | # path: /root/Makefile 92 | # content: !!binary | 93 | # H4sICF2DTWIAA01ha2VmaWxlAFNWCM8syVBILMjPyU/PTC1WKMlXiPB2dlFQNjSx5MpNteLi 94 | # dLDiSoRQxYl5KeWZyRkgXrSCkoqKRmaKgm6pppKCbmqhgoFCrIKamkK1QmpyRr6Ckn92YqWS 95 | # NdC80uQMBZhOa4VahZoaqIrwjMQSewXfxOxUhcwShcr80qLi1Jw0RSUuAIYfEJmVAAAA 96 | # owner: root:root 97 | # permissions: '0644' 98 | 99 | ## Run arbitrary commands at rc.local like time 100 | #runcmd: 101 | #- [ ls, -l, / ] 102 | #- [ sh, -xc, "echo $(date) ': hello world!'" ] 103 | -------------------------------------------------------------------------------- /pi-gen-64bit/stage2/04-cloud-init/files/user-data: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | 3 | # This is the user-data configuration file for cloud-init. By default this sets 4 | # up an initial user called "ubuntu" with password "ubuntu", which must be 5 | # changed at first login. However, many additional actions can be initiated on 6 | # first boot from this file. The cloud-init documentation has more details: 7 | # 8 | # https://cloudinit.readthedocs.io/ 9 | # 10 | # Please note that the YAML format employed by this file is sensitive to 11 | # differences in whitespace; if you are editing this file in an editor (like 12 | # Notepad) which uses literal tabs, take care to only use spaces for 13 | # indentation. See the following link for more details: 14 | # 15 | # https://en.wikipedia.org/wiki/YAML 16 | # 17 | # Some additional examples are provided in comments below the default 18 | # configuration. 19 | 20 | ## Set the system's hostname. Please note that, unless you have a local DNS 21 | ## setup where the hostname is derived from DHCP requests (as with dnsmasq), 22 | ## setting the hostname here will not make the machine reachable by this name. 23 | ## You may also wish to install avahi-daemon (see the "packages:" key below) 24 | ## to make your machine reachable by the .local domain 25 | #hostname: raspberrypi 26 | 27 | ## Set up the keyboard layout. See localectl(1), in particular the various 28 | ## list-x11-* sub-commands, to determine the available models, layouts, 29 | ## variants, and options 30 | #keyboard: 31 | # model: pc105 32 | # layout: gb 33 | # variant: 34 | # options: ctrl:nocaps 35 | 36 | # Controls password authentication with the SSH daemon; the default here can 37 | # prevent logging into SSH with a password. Changing this is a security risk 38 | # and you should at the very least ensure a different default password is 39 | # specified above 40 | #ssh_pwauth: false 41 | 42 | ## On first boot, use ssh-import-id to give the specific users SSH access to 43 | ## the default user 44 | #ssh_import_id: 45 | #- lp:my_launchpad_username 46 | #- gh:my_github_username 47 | 48 | ## Add users and groups to the system, and import keys with the ssh-import-id 49 | ## utility 50 | #groups: 51 | #- robot: [robot] 52 | #- robotics: [robot] 53 | #- pi 54 | # 55 | #users: 56 | #- default 57 | #- name: robot 58 | # gecos: Mr. Robot 59 | # primary_group: robot 60 | # groups: users 61 | # ssh_import_id: foobar 62 | # lock_passwd: false 63 | # passwd: $5$hkui88$nvZgIle31cNpryjRfO9uArF7DYiBcWEnjqq7L1AQNN3 64 | 65 | ## Update apt database and upgrade packages on first boot 66 | #package_update: true 67 | #package_upgrade: true 68 | 69 | ## Install additional packages on first boot 70 | #packages: 71 | #- avahi-daemon 72 | #- rng-tools 73 | #- python3-gpiozero 74 | #- [python3-serial, 3.5-1] 75 | 76 | ## Write arbitrary files to the file-system (including binaries!) 77 | #write_files: 78 | #- path: /etc/default/console-setup 79 | # content: | 80 | # # Consult the console-setup(5) manual page. 81 | # ACTIVE_CONSOLES="/dev/tty[1-6]" 82 | # CHARMAP="UTF-8" 83 | # VIDEOMODE= 84 | # FONT="Lat15-Terminus18x10.psf.gz" 85 | # FONTFACE= 86 | # FONTSIZE= 87 | # CODESET="Lat15" 88 | # permissions: '0644' 89 | # owner: root:root 90 | #- encoding: gzip 91 | # path: /root/Makefile 92 | # content: !!binary | 93 | # H4sICF2DTWIAA01ha2VmaWxlAFNWCM8syVBILMjPyU/PTC1WKMlXiPB2dlFQNjSx5MpNteLi 94 | # dLDiSoRQxYl5KeWZyRkgXrSCkoqKRmaKgm6pppKCbmqhgoFCrIKamkK1QmpyRr6Ckn92YqWS 95 | # NdC80uQMBZhOa4VahZoaqIrwjMQSewXfxOxUhcwShcr80qLi1Jw0RSUuAIYfEJmVAAAA 96 | # owner: root:root 97 | # permissions: '0644' 98 | 99 | ## Run arbitrary commands at rc.local like time 100 | #runcmd: 101 | #- [ ls, -l, / ] 102 | #- [ sh, -xc, "echo $(date) ': hello world!'" ] 103 | -------------------------------------------------------------------------------- /stage3/07-patches/00-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo -e "\e[32m### Installing patched files ###\e[0m" 4 | install -v -m 644 files/profile "${ROOTFS_DIR}/etc/profile" 5 | install -v -m 644 files/sudoers "${ROOTFS_DIR}/etc/sudoers" 6 | 7 | # /usr/bin/ 8 | # must be executable (755) 9 | echo -e "\e[32m### Installing /usr/bin/ files ###\e[0m" 10 | install -v -m 755 files/bettercap-launcher "${ROOTFS_DIR}/usr/bin/bettercap-launcher" 11 | install -v -m 755 files/decryption-webserver "${ROOTFS_DIR}/usr/bin/decryption-webserver" 12 | install -v -m 755 files/monstart "${ROOTFS_DIR}/usr/bin/monstart" 13 | install -v -m 755 files/monstop "${ROOTFS_DIR}/usr/bin/monstop" 14 | install -v -m 755 files/pwnagotchi-launcher "${ROOTFS_DIR}/usr/bin/pwnagotchi-launcher" 15 | install -v -m 755 files/pwnlib "${ROOTFS_DIR}/usr/bin/pwnlib" 16 | 17 | # /etc/ 18 | echo -e "\e[32m### Installing /etc/ files ###\e[0m" 19 | install -v -m 644 files/dphys-swapfile "${ROOTFS_DIR}/etc/dphys-swapfile" 20 | 21 | # /etc/bash_completion.d/ 22 | echo -e "\e[32m### Installing /etc/bash_completion.d/ files ###\e[0m" 23 | install -v -m 644 files/pwnagotchi_completion.sh "${ROOTFS_DIR}/etc/bash_completion.d/pwnagotchi_completion.sh" 24 | 25 | # /etc/modules-load.d/ 26 | echo -e "\e[32m### Installing /etc/modules-load.d/ files ###\e[0m" 27 | install -v -m 644 files/modules.conf "${ROOTFS_DIR}/etc/modules-load.d/modules.conf" 28 | 29 | # /etc/systemd/system/ 30 | echo -e "\e[32m### Installing /etc/systemd/system/ files ###\e[0m" 31 | install -v -m 644 files/bettercap.service "${ROOTFS_DIR}/etc/systemd/system/bettercap.service" 32 | install -v -m 644 files/pwnagotchi.service "${ROOTFS_DIR}/etc/systemd/system/pwnagotchi.service" 33 | install -v -m 644 files/pwngrid-peer.service "${ROOTFS_DIR}/etc/systemd/system/pwngrid-peer.service" 34 | 35 | # /etc/update-motd.d/ 36 | # must be executable (755) 37 | echo -e "\e[32m### Installing /etc/update-motd.d/ files ###\e[0m" 38 | install -v -m 755 files/01-motd "${ROOTFS_DIR}/etc/update-motd.d/01-motd" 39 | 40 | # /etc/NetworkManager/ 41 | echo -e "e[32m### Installing NetworkManager configurations ###\e[0m" 42 | install -v -m 600 files/usb0.nmconnection "${ROOTFS_DIR}/etc/NetworkManager/system-connections/usb0.nmconnection" 43 | install -v -m 600 files/eth0.nmconnection "${ROOTFS_DIR}/etc/NetworkManager/system-connections/eth0.nmconnection" 44 | install -v -m 600 files/loopback.nmconnection "${ROOTFS_DIR}/etc/NetworkManager/system-connections/loopback.nmconnection" 45 | 46 | # /root/ 47 | echo -e "\e[32m### Installing /root/ files ###\e[0m" 48 | install -v -m 644 files/client_secrets.json "${ROOTFS_DIR}/root/client_secrets.json" 49 | install -v -m 644 files/settings.yaml "${ROOTFS_DIR}/root/settings.yaml" 50 | 51 | # Remove unnecessary files, if they exist 52 | echo -e "\e[32m### Removing unnecessary files ###\e[0m" 53 | if [ -f "${ROOTFS_DIR}/etc/motd" ]; then 54 | rm "${ROOTFS_DIR}/etc/motd" 55 | fi 56 | if [ -f "${ROOTFS_DIR}/etc/update-motd.d/10-uname" ]; then 57 | rm "${ROOTFS_DIR}/etc/update-motd.d/10-uname" 58 | fi 59 | if [ -f "${ROOTFS_DIR}/etc/profile.d/sshpwd.sh" ]; then 60 | rm "${ROOTFS_DIR}/etc/profile.d/sshpwd.sh" 61 | fi 62 | 63 | echo -e "\e[32m### Setting NM Unmanaged udev rules to 0 ###\e[0m" 64 | install -v -m 644 files/85-nm-unmanaged.rules "${ROOTFS_DIR}"/etc/udev/rules.d/85-nm-unmanaged.rules 65 | 66 | cp "${PREV_ROOTFS_DIR}"/boot/firmware/config.txt "${ROOTFS_DIR}"/boot/firmware/config.txt 67 | cat << EOF >> "${ROOTFS_DIR}"/boot/firmware/config.txt 68 | dtparam=i2c1=on 69 | dtparam=i2c_arm=on 70 | dtparam=spi=on 71 | gpu_mem=1 72 | dtoverlay=dwc2 73 | enable_uart=1 74 | 75 | [pi0] 76 | dtoverlay=spi0-2cs 77 | #dtoverlay=disable-wifi 78 | 79 | [pi3] 80 | dtoverlay=spi0-2cs 81 | #dtoverlay=disable-wifi 82 | 83 | [pi4] 84 | dtoverlay=spi0-2cs 85 | #dtoverlay=disable-wifi 86 | 87 | [pi5] 88 | dtoverlay=spi0-2cs 89 | #dtoverlay=disable-wifi 90 | EOF 91 | -------------------------------------------------------------------------------- /pi-gen-32bit/scripts/common: -------------------------------------------------------------------------------- 1 | log (){ 2 | date +"[%T] $*" | tee -a "${LOG_FILE}" 3 | } 4 | export -f log 5 | 6 | bootstrap(){ 7 | local BOOTSTRAP_CMD=debootstrap 8 | local BOOTSTRAP_ARGS=() 9 | 10 | export http_proxy=${APT_PROXY} 11 | 12 | BOOTSTRAP_ARGS+=(--arch armhf) 13 | BOOTSTRAP_ARGS+=(--components "main,contrib,non-free") 14 | BOOTSTRAP_ARGS+=(--keyring "${STAGE_DIR}/files/raspberrypi.gpg") 15 | BOOTSTRAP_ARGS+=(--exclude=info,ifupdown) 16 | BOOTSTRAP_ARGS+=(--include=ca-certificates) 17 | BOOTSTRAP_ARGS+=("$@") 18 | printf -v BOOTSTRAP_STR '%q ' "${BOOTSTRAP_ARGS[@]}" 19 | 20 | setarch linux32 capsh $CAPSH_ARG -- -c "'${BOOTSTRAP_CMD}' $BOOTSTRAP_STR" || true 21 | 22 | if [ -d "$2/debootstrap" ] && ! rmdir "$2/debootstrap"; then 23 | cp "$2/debootstrap/debootstrap.log" "${STAGE_WORK_DIR}" 24 | log "bootstrap failed: please check ${STAGE_WORK_DIR}/debootstrap.log" 25 | return 1 26 | fi 27 | } 28 | export -f bootstrap 29 | 30 | copy_previous(){ 31 | if [ ! -d "${PREV_ROOTFS_DIR}" ]; then 32 | echo "Previous stage rootfs not found" 33 | false 34 | fi 35 | mkdir -p "${ROOTFS_DIR}" 36 | rsync -aHAXx --exclude var/cache/apt/archives "${PREV_ROOTFS_DIR}/" "${ROOTFS_DIR}/" 37 | } 38 | export -f copy_previous 39 | 40 | unmount(){ 41 | if [ -z "$1" ]; then 42 | DIR=$PWD 43 | else 44 | DIR=$1 45 | fi 46 | 47 | for i in {1..6}; do 48 | if awk "\$2 ~ /^${DIR//\//\\/}/ {print \$2}" /etc/mtab | sort -r | xargs -r umount; then 49 | break 50 | elif [ "$i" -eq 6 ]; then 51 | log "Failed to unmount ${DIR}. Do not try to delete this directory while it contains mountpoints!" 52 | return 1 53 | fi 54 | log "Retrying ($i/5)..." 55 | sleep 1 56 | done 57 | } 58 | export -f unmount 59 | 60 | unmount_image(){ 61 | if command -v udevadm >/dev/null 2>&1; then 62 | udevadm settle 10 63 | else 64 | sleep 1 65 | fi 66 | LOOP_DEVICE=$(losetup -n -O NAME -j "$1") 67 | if [ -n "$LOOP_DEVICE" ]; then 68 | for part in "$LOOP_DEVICE"p*; do 69 | if DIR=$(findmnt -n -o target -S "$part"); then 70 | unmount "$DIR" 71 | fi 72 | done 73 | losetup -d "$LOOP_DEVICE" 74 | fi 75 | } 76 | export -f unmount_image 77 | 78 | on_chroot() { 79 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/proc)"; then 80 | mount -t proc proc "${ROOTFS_DIR}/proc" 81 | fi 82 | 83 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/dev)"; then 84 | mount --bind /dev "${ROOTFS_DIR}/dev" 85 | fi 86 | 87 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/dev/pts)"; then 88 | mount --bind /dev/pts "${ROOTFS_DIR}/dev/pts" 89 | fi 90 | 91 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/sys)"; then 92 | mount --bind /sys "${ROOTFS_DIR}/sys" 93 | fi 94 | 95 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/run)"; then 96 | mount -t tmpfs tmpfs "${ROOTFS_DIR}/run" 97 | fi 98 | 99 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/tmp)"; then 100 | mount -t tmpfs tmpfs "${ROOTFS_DIR}/tmp" 101 | fi 102 | 103 | setarch linux32 capsh $CAPSH_ARG "--chroot=${ROOTFS_DIR}/" -- -e "$@" 104 | } 105 | export -f on_chroot 106 | 107 | update_issue() { 108 | echo -e "${PI_GEN_RELEASE} ${IMG_DATE}\nGenerated using ${PI_GEN}, ${PI_GEN_REPO}, ${GIT_HASH}, ${1}" > "${ROOTFS_DIR}/etc/rpi-issue" 109 | } 110 | export -f update_issue 111 | 112 | ensure_next_loopdev() { 113 | local loopdev 114 | loopdev="$(losetup -f)" 115 | loopmaj="$(echo "$loopdev" | sed -E 's/.*[^0-9]*?([0-9]+)$/\1/')" 116 | [[ -b "$loopdev" ]] || mknod "$loopdev" b 7 "$loopmaj" 117 | } 118 | export -f ensure_next_loopdev 119 | 120 | ensure_loopdev_partitions() { 121 | local line 122 | local partition 123 | local majmin 124 | lsblk -r -n -o "NAME,MAJ:MIN" "$1" | grep -v "^${1#/dev/} " | while read -r line; do 125 | partition="${line%% *}" 126 | majmin="${line#* }" 127 | if [ ! -b "/dev/$partition" ]; then 128 | mknod "/dev/$partition" b "${majmin%:*}" "${majmin#*:}" 129 | fi 130 | done 131 | command -v udevadm >/dev/null 2>&1 || return 0 132 | udevadm settle 10 133 | } 134 | export -f ensure_loopdev_partitions 135 | -------------------------------------------------------------------------------- /pi-gen-64bit/scripts/common: -------------------------------------------------------------------------------- 1 | log (){ 2 | date +"[%T] $*" | tee -a "${LOG_FILE}" 3 | } 4 | export -f log 5 | 6 | bootstrap(){ 7 | local BOOTSTRAP_CMD=debootstrap 8 | local BOOTSTRAP_ARGS=() 9 | 10 | export http_proxy=${APT_PROXY} 11 | 12 | BOOTSTRAP_ARGS+=(--arch arm64) 13 | BOOTSTRAP_ARGS+=(--include gnupg) 14 | BOOTSTRAP_ARGS+=(--components "main,contrib,non-free") 15 | #BOOTSTRAP_ARGS+=(--keyring "${STAGE_DIR}/files/raspberrypi.gpg") 16 | BOOTSTRAP_ARGS+=(--exclude=info,ifupdown) 17 | BOOTSTRAP_ARGS+=(--include=ca-certificates) 18 | BOOTSTRAP_ARGS+=("$@") 19 | printf -v BOOTSTRAP_STR '%q ' "${BOOTSTRAP_ARGS[@]}" 20 | 21 | capsh $CAPSH_ARG -- -c "'${BOOTSTRAP_CMD}' $BOOTSTRAP_STR" || true 22 | 23 | if [ -d "$2/debootstrap" ] && ! rmdir "$2/debootstrap"; then 24 | cp "$2/debootstrap/debootstrap.log" "${STAGE_WORK_DIR}" 25 | log "bootstrap failed: please check ${STAGE_WORK_DIR}/debootstrap.log" 26 | return 1 27 | fi 28 | } 29 | export -f bootstrap 30 | 31 | copy_previous(){ 32 | if [ ! -d "${PREV_ROOTFS_DIR}" ]; then 33 | echo "Previous stage rootfs not found" 34 | false 35 | fi 36 | mkdir -p "${ROOTFS_DIR}" 37 | rsync -aHAXx --exclude var/cache/apt/archives "${PREV_ROOTFS_DIR}/" "${ROOTFS_DIR}/" 38 | } 39 | export -f copy_previous 40 | 41 | unmount(){ 42 | if [ -z "$1" ]; then 43 | DIR=$PWD 44 | else 45 | DIR=$1 46 | fi 47 | 48 | for i in {1..6}; do 49 | if awk "\$2 ~ /^${DIR//\//\\/}/ {print \$2}" /etc/mtab | sort -r | xargs -r umount; then 50 | break 51 | elif [ "$i" -eq 6 ]; then 52 | log "Failed to unmount ${DIR}. Do not try to delete this directory while it contains mountpoints!" 53 | return 1 54 | fi 55 | log "Retrying ($i/5)..." 56 | sleep 1 57 | done 58 | } 59 | export -f unmount 60 | 61 | unmount_image(){ 62 | if command -v udevadm >/dev/null 2>&1; then 63 | udevadm settle 10 64 | else 65 | sleep 1 66 | fi 67 | LOOP_DEVICE=$(losetup -n -O NAME -j "$1") 68 | if [ -n "$LOOP_DEVICE" ]; then 69 | for part in "$LOOP_DEVICE"p*; do 70 | if DIR=$(findmnt -n -o target -S "$part"); then 71 | unmount "$DIR" 72 | fi 73 | done 74 | losetup -d "$LOOP_DEVICE" 75 | fi 76 | } 77 | export -f unmount_image 78 | 79 | on_chroot() { 80 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/proc)"; then 81 | mount -t proc proc "${ROOTFS_DIR}/proc" 82 | fi 83 | 84 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/dev)"; then 85 | mount --bind /dev "${ROOTFS_DIR}/dev" 86 | fi 87 | 88 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/dev/pts)"; then 89 | mount --bind /dev/pts "${ROOTFS_DIR}/dev/pts" 90 | fi 91 | 92 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/sys)"; then 93 | mount --bind /sys "${ROOTFS_DIR}/sys" 94 | fi 95 | 96 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/run)"; then 97 | mount -t tmpfs tmpfs "${ROOTFS_DIR}/run" 98 | fi 99 | 100 | if ! mount | grep -q "$(realpath "${ROOTFS_DIR}"/tmp)"; then 101 | mount -t tmpfs tmpfs "${ROOTFS_DIR}/tmp" 102 | fi 103 | 104 | capsh $CAPSH_ARG "--chroot=${ROOTFS_DIR}/" -- -e "$@" 105 | } 106 | export -f on_chroot 107 | 108 | update_issue() { 109 | echo -e "${PI_GEN_RELEASE} ${IMG_DATE}\nGenerated using ${PI_GEN}, ${PI_GEN_REPO}, ${GIT_HASH}, ${1}" > "${ROOTFS_DIR}/etc/rpi-issue" 110 | } 111 | export -f update_issue 112 | 113 | ensure_next_loopdev() { 114 | local loopdev 115 | loopdev="$(losetup -f)" 116 | loopmaj="$(echo "$loopdev" | sed -E 's/.*[^0-9]*?([0-9]+)$/\1/')" 117 | [[ -b "$loopdev" ]] || mknod "$loopdev" b 7 "$loopmaj" 118 | } 119 | export -f ensure_next_loopdev 120 | 121 | ensure_loopdev_partitions() { 122 | local line 123 | local partition 124 | local majmin 125 | lsblk -r -n -o "NAME,MAJ:MIN" "$1" | grep -v "^${1#/dev/} " | while read -r line; do 126 | partition="${line%% *}" 127 | majmin="${line#* }" 128 | if [ ! -b "/dev/$partition" ]; then 129 | mknod "/dev/$partition" b "${majmin%:*}" "${majmin#*:}" 130 | fi 131 | done 132 | command -v udevadm >/dev/null 2>&1 || return 0 133 | udevadm settle 10 134 | } 135 | export -f ensure_loopdev_partitions 136 | -------------------------------------------------------------------------------- /stage3/07-patches/files/decryption-webserver: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | 3 | from http.server import HTTPServer, BaseHTTPRequestHandler 4 | from urllib.parse import parse_qsl 5 | 6 | 7 | _HTML_FORM_TEMPLATE = """ 8 | 9 | 10 | 11 | Decryption 12 | 35 | 36 | 37 |
38 |

Decryption

39 |

Some of your files are encrypted.

40 |

Please provide the decryption password.

41 |
42 |
43 | {password_fields} 44 | 45 |
46 |
47 |
48 | 49 | 50 | """ 51 | 52 | POST_RESPONSE = """ 53 | 54 | 55 | 56 | 57 | 91 | 112 | 113 | 114 | 115 |
116 | 117 | 118 | 119 | """ 120 | 121 | HTML_FORM = None 122 | 123 | class SimpleHTTPRequestHandler(BaseHTTPRequestHandler): 124 | 125 | def do_GET(self): 126 | self.send_response(200) 127 | self.end_headers() 128 | self.wfile.write(HTML_FORM.encode()) 129 | 130 | def do_POST(self): 131 | content_length = int(self.headers['Content-Length']) 132 | body = self.rfile.read(content_length) 133 | for mapping, password in parse_qsl(body.decode('UTF-8')): 134 | with open('/tmp/.pwnagotchi-secret-{}'.format(mapping), 'wt') as pwfile: 135 | pwfile.write(password) 136 | self.send_response(200) 137 | self.end_headers() 138 | self.wfile.write(POST_RESPONSE.encode()) 139 | 140 | 141 | with open('/root/.pwnagotchi-crypted') as crypted_file: 142 | mappings = [line.split()[0] for line in crypted_file.readlines()] 143 | fields = ''.join(['\n
'.format(m=m) 144 | for m in mappings]) 145 | HTML_FORM = _HTML_FORM_TEMPLATE.format(password_fields=fields) 146 | 147 | httpd = HTTPServer(('0.0.0.0', 80), SimpleHTTPRequestHandler) 148 | httpd.serve_forever() 149 | -------------------------------------------------------------------------------- /stage3/04-nexmon/01-run-chroot.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | # install nexmon 4 | NEXMON_REPO=https://github.com/jayofelony/nexmon.git 5 | NEXMON_PATCHES="patches/bcm43430a1/7_45_41_46/nexmon patches/bcm43455c0/7_45_206/nexmon patches/bcm43436b0/9_88_4_65/nexmon" 6 | 7 | PHOME=/usr/local/src 8 | 9 | cd /usr/local/src 10 | 11 | # Enable recursive globbing 12 | shopt -s globstar 13 | # Define the destination path using globbing 14 | MOD_DEST="/lib/modules/**/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac" 15 | # Check if the specific file does not exist 16 | if [ ! -f "${MOD_DEST}/brcmfmac.ko.xz.ORIG" ]; then 17 | 18 | if [ ! -d "/usr/local/src/nexmon" ]; then 19 | echo -e "\e[32m=== cloning nexmon repository ===\e[0m" 20 | git clone $NEXMON_REPO 21 | fi 22 | 23 | cd /usr/local/src/nexmon 24 | 25 | source setup_env.sh 26 | make 27 | 28 | 29 | # for each kernel with a build directory 30 | for mod in $(cd /lib/modules ; ls); do 31 | 32 | if [ -d /lib/modules/"$mod"/build ]; then 33 | echo 34 | echo -e "\e[32m=== building Nexmon for $mod ===\e[0m" 35 | 36 | export QEMU_UNAME=$mod 37 | export KERNEL=$(echo "$mod" | cut -d . -f -2) 38 | MOD_DEST=/lib/modules/${mod}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac 39 | 40 | # checking for installed kernel module, and not re-installing 41 | # delete brcmfmac.ko.NEXMON to rebuild for that kernel tree 42 | if [ ! -f "${MOD_DEST}"/brcmfmac.ko.NEXMON ]; then 43 | for p in $NEXMON_PATCHES; do 44 | echo -e "\e[32m=== clean $mod patch $p ===\e[0m" 45 | pushd "$p" 46 | make clean 47 | popd 48 | done 49 | 50 | for p in $NEXMON_PATCHES; do 51 | echo -e "\e[32m=== build $mod patch $p ===\e[0m" 52 | pushd "$p" 53 | make 54 | echo -e "\e[32m=== install $mod patch $p ===\e[0m" 55 | # use invalid kernel number so install-firmware 56 | # skips module unloading and loading 57 | QEMU_UNAME=4.20.69 make install-firmware || true 58 | popd 59 | done 60 | 61 | # built a new driver module while building firmwares above, so copy it into place 62 | echo cp ${PHOME}/nexmon/patches/driver/brcmfmac_"${KERNEL}".y-nexmon/brcmfmac.ko "${MOD_DEST}"/brcmfmac.ko.NEXMON 63 | cp ${PHOME}/nexmon/patches/driver/brcmfmac_"${KERNEL}".y-nexmon/brcmfmac.ko "${MOD_DEST}"/brcmfmac.ko.NEXMON 64 | 65 | pushd "${MOD_DEST}" 66 | if [ -f brcmfmac.ko.xz -o -f brcmfmac.ko.xz.ORIG ]; then 67 | if [ -f brcmfmac.ko.xz.ORIG ]; then 68 | # dont overwrite ORIG (again) 69 | rm -f brcmfmac.ko.xz 70 | else 71 | # save original 72 | echo -e "\e[32m=== Back up original driver ===\e[0m" 73 | mv brcmfmac.ko.xz brcmfmac.ko.xz.ORIG 74 | fi 75 | echo -e "\e[32m=== Compressing driver ===\e[0m" 76 | which xz 77 | xz --verbose -c brcmfmac.ko.NEXMON > brcmfmac.ko.xz 78 | elif [ -f brcmfmac.ko ]; then 79 | if [ -f brcmfmac.ko.ORIG ]; then 80 | rm -f brcmfmac.ko 81 | else 82 | echo -e "\e[32m=== Back up original driver ===\e[0m" 83 | mv brcmfmac.ko brcmfmac.ko.ORIG 84 | fi 85 | echo -e "\e[32m=== Copying new driver ===\e[0m" 86 | ln brcmfmac.ko.NEXMON brcmfmac.ko 87 | fi 88 | 89 | echo -e "\e[32m=== Installed ${mod} kernel driver ===\e[0m" 90 | depmod "${mod}" 91 | popd 92 | else 93 | echo -e "\e[32m=== Already installed ${mod} ===\e[0m" 94 | fi 95 | 96 | else 97 | echo 98 | echo -e "\e[32m=== NO Kernel build tree for $mod ===\e[0m" 99 | echo -e "\e[32m=== Skipping Nexmon ===\e[0m" 100 | fi 101 | done 102 | 103 | 104 | if [ ! -L /usr/lib/firmware/brcm/brcmfmac43436s-sdio.bin ]; then 105 | echo Linking 43430 firmware to 43436s for pizero2w with 43430 chip 106 | ln -sf /usr/lib/firmware/brcm/brcmfmac43430-sdio.bin /usr/lib/firmware/brcm/brcmfmac43436s-sdio.bin 107 | fi 108 | 109 | if [ ! -f /usr/bin/nexutil ]; then 110 | pushd utilities/nexutil 111 | make 112 | make install 113 | popd 114 | fi 115 | 116 | rm -r /usr/local/src/nexmon 117 | fi 118 | -------------------------------------------------------------------------------- /stage3/07-patches/files/pwnlib: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # reload mod 4 | reload_brcm() { 5 | if ! modprobe -r brcmfmac; then 6 | return 1 7 | fi 8 | sleep 1 9 | if ! modprobe brcmfmac; then 10 | return 1 11 | fi 12 | sleep 2 13 | iw dev wlan0 set power_save off 14 | return 0 15 | } 16 | 17 | # starts mon0 18 | start_monitor_interface() { 19 | ifconfig wlan0 up 20 | sleep 3 21 | iw phy "$(iw phy | head -1 | cut -d" " -f2)" interface add wlan0mon type monitor 22 | sleep 2 23 | rfkill unblock all 24 | ifconfig wlan0 down 25 | ifconfig wlan0mon up 26 | iw dev wlan0mon set power_save off 27 | } 28 | 29 | # stops mon0 30 | stop_monitor_interface() { 31 | ifconfig wlan0mon down && iw dev wlan0mon del 32 | reload_brcm 33 | ifconfig wlan0 up 34 | } 35 | 36 | # returns 0 if the specified network interface is up 37 | is_interface_up() { 38 | if grep -qi 'up' /sys/class/net/"$1"/operstate; then 39 | return 0 40 | fi 41 | return 1 42 | } 43 | 44 | # returns 0 if conditions for AUTO mode are met 45 | is_auto_mode() { 46 | # check override file first 47 | if [ -f /root/.pwnagotchi-manual ]; then 48 | # remove the override file if found 49 | rm -rf /root/.pwnagotchi-manual 50 | return 1 51 | fi 52 | 53 | # check override file first 54 | if [ -f /root/.pwnagotchi-auto ]; then 55 | # remove the override file if found 56 | rm -rf /root/.pwnagotchi-auto 57 | return 0 58 | fi 59 | 60 | # if usb0 is up, we're in MANU 61 | if is_interface_up usb0; then 62 | return 1 63 | fi 64 | 65 | # if eth0 is up (for other boards), we're in MANU 66 | if is_interface_up eth0; then 67 | return 0 68 | fi 69 | 70 | # no override, but none of the interfaces is up -> AUTO 71 | return 0 72 | } 73 | 74 | # returns 0 if conditions for AUTO mode are met 75 | is_auto_mode_no_delete() { 76 | # check override file first 77 | if [ -f /root/.pwnagotchi-manual ]; then 78 | return 1 79 | fi 80 | 81 | # check override file first 82 | if [ -f /root/.pwnagotchi-auto ]; then 83 | return 0 84 | fi 85 | 86 | # if usb0 is up, we're in MANU 87 | if is_interface_up usb0; then 88 | return 1 89 | fi 90 | 91 | # if eth0 is up (for other boards), we're in MANU 92 | if is_interface_up eth0; then 93 | return 0 94 | fi 95 | 96 | # no override, but none of the interfaces is up -> AUTO 97 | return 0 98 | } 99 | 100 | # check if we need to decrypt something 101 | is_crypted_mode() { 102 | if [ -f /root/.pwnagotchi-crypted ]; then 103 | return 0 104 | fi 105 | return 1 106 | } 107 | 108 | # decryption loop 109 | is_decrypted() { 110 | while read -r mapping container mount; do 111 | # mapping = name the device or file will be mapped to 112 | # container = the luks encrypted device or file 113 | # mount = the mountpoint 114 | 115 | # fail if not mounted 116 | if ! mountpoint -q "$mount" >/dev/null 2>&1; then 117 | if [ -f /tmp/.pwnagotchi-secret-"$mapping" ]; then 118 | /dev/null 2>&1; then 121 | echo "Container decrypted!" 122 | fi 123 | fi 124 | 125 | if mount /dev/mapper/"$mapping" "$mount" >/dev/null 2>&1; then 126 | echo "Mounted /dev/mapper/$mapping to $mount" 127 | continue 128 | fi 129 | fi 130 | 131 | if ! ip -4 addr show wlan0 | grep inet >/dev/null 2>&1; then 132 | >/dev/null 2>&1 ip addr add 192.168.0.10/24 dev wlan0 133 | fi 134 | 135 | if ! pgrep -f decryption-webserver >/dev/null 2>&1; then 136 | >/dev/null 2>&1 decryption-webserver & 137 | fi 138 | 139 | if ! pgrep wpa_supplicant >/dev/null 2>&1; then 140 | >/tmp/wpa_supplicant.conf cat </dev/null 2>&1 wpa_supplicant -u -s -O -D nl80211 -i wlan0 -c /tmp/wpa_supplicant.conf & 154 | fi 155 | 156 | if ! pgrep dnsmasq >/dev/null 2>&1; then 157 | >/dev/null 2>&1 dnsmasq -k -p 53 -h -O "6,192.168.0.10" -A "/#/192.168.0.10" -i wlan0 -K -F 192.168.0.50,192.168.0.60,255.255.255.0,24h & 158 | fi 159 | 160 | return 1 161 | fi 162 | done /dev/null 166 | # delete 167 | rm /tmp/.pwnagotchi-secret-* 168 | sync # flush 169 | 170 | pkill wpa_supplicant 171 | pkill dnsmasq 172 | pid="$(pgrep -f "decryption-webserver")" 173 | [[ -n "$pid" ]] && kill "$pid" 174 | 175 | return 0 176 | } 177 | -------------------------------------------------------------------------------- /pi-gen-32bit/export-image/05-finalise/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 4 | INFO_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.info" 5 | SBOM_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.sbom" 6 | BMAP_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.bmap" 7 | 8 | on_chroot <<- EOF 9 | update-initramfs -k all -c 10 | if hash hardlink 2>/dev/null; then 11 | hardlink -t /usr/share/doc 12 | fi 13 | if [ -f /usr/lib/systemd/system/apt-listchanges.service ]; then 14 | python3 -m apt_listchanges.populate_database --profile apt 15 | systemctl disable apt-listchanges.timer 16 | fi 17 | install -m 755 -o systemd-timesync -g systemd-timesync -d /var/lib/systemd/timesync 18 | install -m 644 -o systemd-timesync -g systemd-timesync /dev/null /var/lib/systemd/timesync/clock 19 | EOF 20 | 21 | if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then 22 | sed -i 's/^update_initramfs=.*/update_initramfs=yes/' "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" 23 | sed -i 's/^MODULES=.*/MODULES=dep/' "${ROOTFS_DIR}/etc/initramfs-tools/initramfs.conf" 24 | fi 25 | 26 | if [ -d "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" ]; then 27 | chmod 700 "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" 28 | fi 29 | 30 | rm -f "${ROOTFS_DIR}/usr/bin/qemu-arm-static" 31 | 32 | if [ "${USE_QEMU}" != "1" ]; then 33 | if [ -e "${ROOTFS_DIR}/etc/ld.so.preload.disabled" ]; then 34 | mv "${ROOTFS_DIR}/etc/ld.so.preload.disabled" "${ROOTFS_DIR}/etc/ld.so.preload" 35 | fi 36 | fi 37 | 38 | rm -f "${ROOTFS_DIR}/etc/network/interfaces.dpkg-old" 39 | 40 | rm -f "${ROOTFS_DIR}/etc/apt/sources.list~" 41 | rm -f "${ROOTFS_DIR}/etc/apt/trusted.gpg~" 42 | 43 | rm -f "${ROOTFS_DIR}/etc/passwd-" 44 | rm -f "${ROOTFS_DIR}/etc/group-" 45 | rm -f "${ROOTFS_DIR}/etc/shadow-" 46 | rm -f "${ROOTFS_DIR}/etc/gshadow-" 47 | rm -f "${ROOTFS_DIR}/etc/subuid-" 48 | rm -f "${ROOTFS_DIR}/etc/subgid-" 49 | 50 | rm -f "${ROOTFS_DIR}"/var/cache/debconf/*-old 51 | rm -f "${ROOTFS_DIR}"/var/lib/dpkg/*-old 52 | 53 | rm -f "${ROOTFS_DIR}"/usr/share/icons/*/icon-theme.cache 54 | 55 | rm -f "${ROOTFS_DIR}/var/lib/dbus/machine-id" 56 | 57 | echo "uninitialized" > "${ROOTFS_DIR}/etc/machine-id" 58 | 59 | ln -nsf /proc/mounts "${ROOTFS_DIR}/etc/mtab" 60 | 61 | find "${ROOTFS_DIR}/var/log/" -type f -exec cp /dev/null {} \; 62 | 63 | rm -f "${ROOTFS_DIR}/root/.vnc/private.key" 64 | rm -f "${ROOTFS_DIR}/etc/vnc/updateid" 65 | 66 | update_issue "$(basename "${EXPORT_DIR}")" 67 | install -m 644 "${ROOTFS_DIR}/etc/rpi-issue" "${ROOTFS_DIR}/boot/firmware/issue.txt" 68 | if ! [ -L "${ROOTFS_DIR}/boot/issue.txt" ]; then 69 | ln -s firmware/issue.txt "${ROOTFS_DIR}/boot/issue.txt" 70 | fi 71 | 72 | cp "$ROOTFS_DIR/etc/rpi-issue" "$INFO_FILE" 73 | 74 | { 75 | if [ -f "$ROOTFS_DIR/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" ]; then 76 | firmware=$(zgrep "firmware as of" \ 77 | "$ROOTFS_DIR/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" | \ 78 | head -n1 | sed -n 's|.* \([^ ]*\)$|\1|p') 79 | printf "\nFirmware: https://github.com/raspberrypi/firmware/tree/%s\n" "$firmware" 80 | 81 | kernel="$(curl -s -L "https://github.com/raspberrypi/firmware/raw/$firmware/extra/git_hash")" 82 | printf "Kernel: https://github.com/raspberrypi/linux/tree/%s\n" "$kernel" 83 | 84 | uname="$(curl -s -L "https://github.com/raspberrypi/firmware/raw/$firmware/extra/uname_string7")" 85 | printf "Uname string: %s\n" "$uname" 86 | fi 87 | 88 | printf "\nPackages:\n" 89 | dpkg -l --root "$ROOTFS_DIR" 90 | } >> "$INFO_FILE" 91 | 92 | if hash syft 2>/dev/null; then 93 | syft scan dir:"${ROOTFS_DIR}" \ 94 | --base-path="${ROOTFS_DIR}" \ 95 | --source-name="${IMG_NAME}${IMG_SUFFIX}" \ 96 | --source-version="${IMG_DATE}" \ 97 | -o spdx-json="${SBOM_FILE}" 98 | fi 99 | 100 | ROOT_DEV="$(awk "\$2 == \"${ROOTFS_DIR}\" {print \$1}" /etc/mtab)" 101 | 102 | unmount "${ROOTFS_DIR}" 103 | zerofree "${ROOT_DEV}" 104 | 105 | unmount_image "${IMG_FILE}" 106 | 107 | if hash bmaptool 2>/dev/null; then 108 | bmaptool create \ 109 | -o "${BMAP_FILE}" \ 110 | "${IMG_FILE}" 111 | fi 112 | 113 | mkdir -p "${DEPLOY_DIR}" 114 | 115 | rm -f "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.*" 116 | rm -f "${DEPLOY_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 117 | 118 | case "${DEPLOY_COMPRESSION}" in 119 | zip) 120 | pushd "${STAGE_WORK_DIR}" > /dev/null 121 | zip -"${COMPRESSION_LEVEL}" \ 122 | "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.zip" "$(basename "${IMG_FILE}")" 123 | popd > /dev/null 124 | ;; 125 | gz) 126 | pigz --force -"${COMPRESSION_LEVEL}" "$IMG_FILE" --stdout > \ 127 | "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.img.gz" 128 | ;; 129 | xz) 130 | xz --compress --force --threads 0 --memlimit-compress=50% -"${COMPRESSION_LEVEL}" \ 131 | --stdout "$IMG_FILE" > "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.img.xz" 132 | ;; 133 | none | *) 134 | cp "$IMG_FILE" "$DEPLOY_DIR/" 135 | ;; 136 | esac 137 | 138 | if [ -f "${SBOM_FILE}" ]; then 139 | xz -c "${SBOM_FILE}" > "$DEPLOY_DIR/$(basename "${SBOM_FILE}").xz" 140 | fi 141 | if [ -f "${BMAP_FILE}" ]; then 142 | cp "$BMAP_FILE" "$DEPLOY_DIR/" 143 | fi 144 | cp "$INFO_FILE" "$DEPLOY_DIR/" 145 | -------------------------------------------------------------------------------- /pi-gen-64bit/export-image/05-finalise/01-run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 4 | INFO_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.info" 5 | SBOM_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.sbom" 6 | BMAP_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.bmap" 7 | 8 | on_chroot <<- EOF 9 | update-initramfs -k all -c 10 | if hash hardlink 2>/dev/null; then 11 | hardlink -t /usr/share/doc 12 | fi 13 | if [ -f /usr/lib/systemd/system/apt-listchanges.service ]; then 14 | python3 -m apt_listchanges.populate_database --profile apt 15 | systemctl disable apt-listchanges.timer 16 | fi 17 | install -m 755 -o systemd-timesync -g systemd-timesync -d /var/lib/systemd/timesync 18 | install -m 644 -o systemd-timesync -g systemd-timesync /dev/null /var/lib/systemd/timesync/clock 19 | EOF 20 | 21 | if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then 22 | sed -i 's/^update_initramfs=.*/update_initramfs=yes/' "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" 23 | sed -i 's/^MODULES=.*/MODULES=dep/' "${ROOTFS_DIR}/etc/initramfs-tools/initramfs.conf" 24 | fi 25 | 26 | if [ -d "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" ]; then 27 | chmod 700 "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" 28 | fi 29 | 30 | rm -f "${ROOTFS_DIR}/usr/bin/qemu-arm-static" 31 | 32 | if [ "${USE_QEMU}" != "1" ]; then 33 | if [ -e "${ROOTFS_DIR}/etc/ld.so.preload.disabled" ]; then 34 | mv "${ROOTFS_DIR}/etc/ld.so.preload.disabled" "${ROOTFS_DIR}/etc/ld.so.preload" 35 | fi 36 | fi 37 | 38 | rm -f "${ROOTFS_DIR}/etc/network/interfaces.dpkg-old" 39 | 40 | rm -f "${ROOTFS_DIR}/etc/apt/sources.list~" 41 | rm -f "${ROOTFS_DIR}/etc/apt/trusted.gpg~" 42 | 43 | rm -f "${ROOTFS_DIR}/etc/passwd-" 44 | rm -f "${ROOTFS_DIR}/etc/group-" 45 | rm -f "${ROOTFS_DIR}/etc/shadow-" 46 | rm -f "${ROOTFS_DIR}/etc/gshadow-" 47 | rm -f "${ROOTFS_DIR}/etc/subuid-" 48 | rm -f "${ROOTFS_DIR}/etc/subgid-" 49 | 50 | rm -f "${ROOTFS_DIR}"/var/cache/debconf/*-old 51 | rm -f "${ROOTFS_DIR}"/var/lib/dpkg/*-old 52 | 53 | rm -f "${ROOTFS_DIR}"/usr/share/icons/*/icon-theme.cache 54 | 55 | rm -f "${ROOTFS_DIR}/var/lib/dbus/machine-id" 56 | 57 | echo "uninitialized" > "${ROOTFS_DIR}/etc/machine-id" 58 | 59 | ln -nsf /proc/mounts "${ROOTFS_DIR}/etc/mtab" 60 | 61 | find "${ROOTFS_DIR}/var/log/" -type f -exec cp /dev/null {} \; 62 | 63 | rm -f "${ROOTFS_DIR}/root/.vnc/private.key" 64 | rm -f "${ROOTFS_DIR}/etc/vnc/updateid" 65 | 66 | update_issue "$(basename "${EXPORT_DIR}")" 67 | install -m 644 "${ROOTFS_DIR}/etc/rpi-issue" "${ROOTFS_DIR}/boot/firmware/issue.txt" 68 | if ! [ -L "${ROOTFS_DIR}/boot/issue.txt" ]; then 69 | ln -s firmware/issue.txt "${ROOTFS_DIR}/boot/issue.txt" 70 | fi 71 | 72 | cp "$ROOTFS_DIR/etc/rpi-issue" "$INFO_FILE" 73 | 74 | { 75 | if [ -f "$ROOTFS_DIR/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" ]; then 76 | firmware=$(zgrep "firmware as of" \ 77 | "$ROOTFS_DIR/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" | \ 78 | head -n1 | sed -n 's|.* \([^ ]*\)$|\1|p') 79 | printf "\nFirmware: https://github.com/raspberrypi/firmware/tree/%s\n" "$firmware" 80 | 81 | kernel="$(curl -s -L "https://github.com/raspberrypi/firmware/raw/$firmware/extra/git_hash")" 82 | printf "Kernel: https://github.com/raspberrypi/linux/tree/%s\n" "$kernel" 83 | 84 | uname="$(curl -s -L "https://github.com/raspberrypi/firmware/raw/$firmware/extra/uname_string7")" 85 | printf "Uname string: %s\n" "$uname" 86 | fi 87 | 88 | printf "\nPackages:\n" 89 | dpkg -l --root "$ROOTFS_DIR" 90 | } >> "$INFO_FILE" 91 | 92 | if hash syft 2>/dev/null; then 93 | syft scan dir:"${ROOTFS_DIR}" \ 94 | --base-path="${ROOTFS_DIR}" \ 95 | --source-name="${IMG_NAME}${IMG_SUFFIX}" \ 96 | --source-version="${IMG_DATE}" \ 97 | -o spdx-json="${SBOM_FILE}" 98 | fi 99 | 100 | ROOT_DEV="$(awk "\$2 == \"${ROOTFS_DIR}\" {print \$1}" /etc/mtab)" 101 | 102 | unmount "${ROOTFS_DIR}" 103 | zerofree "${ROOT_DEV}" 104 | 105 | unmount_image "${IMG_FILE}" 106 | 107 | if hash bmaptool 2>/dev/null; then 108 | bmaptool create \ 109 | -o "${BMAP_FILE}" \ 110 | "${IMG_FILE}" 111 | fi 112 | 113 | mkdir -p "${DEPLOY_DIR}" 114 | 115 | rm -f "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.*" 116 | rm -f "${DEPLOY_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img" 117 | 118 | case "${DEPLOY_COMPRESSION}" in 119 | zip) 120 | pushd "${STAGE_WORK_DIR}" > /dev/null 121 | zip -"${COMPRESSION_LEVEL}" \ 122 | "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.zip" "$(basename "${IMG_FILE}")" 123 | popd > /dev/null 124 | ;; 125 | gz) 126 | pigz --force -"${COMPRESSION_LEVEL}" "$IMG_FILE" --stdout > \ 127 | "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.img.gz" 128 | ;; 129 | xz) 130 | xz --compress --force --threads 0 --memlimit-compress=50% -"${COMPRESSION_LEVEL}" \ 131 | --stdout "$IMG_FILE" > "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.img.xz" 132 | ;; 133 | none | *) 134 | cp "$IMG_FILE" "$DEPLOY_DIR/" 135 | ;; 136 | esac 137 | 138 | if [ -f "${SBOM_FILE}" ]; then 139 | xz -c "${SBOM_FILE}" > "$DEPLOY_DIR/$(basename "${SBOM_FILE}").xz" 140 | fi 141 | if [ -f "${BMAP_FILE}" ]; then 142 | cp "$BMAP_FILE" "$DEPLOY_DIR/" 143 | fi 144 | cp "$INFO_FILE" "$DEPLOY_DIR/" 145 | -------------------------------------------------------------------------------- /pi-gen-64bit/build-docker.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Note: Avoid usage of arrays as MacOS users have an older version of bash (v3.x) which does not supports arrays 3 | set -eu 4 | 5 | DIR="$(CDPATH='' cd -- "$(dirname -- "$0")" && pwd)" 6 | 7 | BUILD_OPTS="$*" 8 | 9 | # Allow user to override docker command 10 | DOCKER=${DOCKER:-docker} 11 | 12 | # Ensure that default docker command is not set up in rootless mode 13 | if \ 14 | ! ${DOCKER} ps >/dev/null 2>&1 || \ 15 | ${DOCKER} info 2>/dev/null | grep -q rootless \ 16 | ; then 17 | DOCKER="sudo ${DOCKER}" 18 | fi 19 | if ! ${DOCKER} ps >/dev/null; then 20 | echo "error connecting to docker:" 21 | ${DOCKER} ps 22 | exit 1 23 | fi 24 | 25 | CONFIG_FILE="" 26 | if [ -f "${DIR}/config" ]; then 27 | CONFIG_FILE="${DIR}/config" 28 | fi 29 | 30 | while getopts "c:" flag 31 | do 32 | case "${flag}" in 33 | c) 34 | CONFIG_FILE="${OPTARG}" 35 | ;; 36 | *) 37 | ;; 38 | esac 39 | done 40 | 41 | # Ensure that the configuration file is an absolute path 42 | if test -x /usr/bin/realpath; then 43 | CONFIG_FILE=$(realpath -s "$CONFIG_FILE" || realpath "$CONFIG_FILE") 44 | fi 45 | 46 | # Ensure that the confguration file is present 47 | if test -z "${CONFIG_FILE}"; then 48 | echo "Configuration file need to be present in '${DIR}/config' or path passed as parameter" 49 | exit 1 50 | else 51 | # shellcheck disable=SC1090 52 | source ${CONFIG_FILE} 53 | fi 54 | 55 | CONTAINER_NAME=${CONTAINER_NAME:-pigen_work} 56 | CONTINUE=${CONTINUE:-0} 57 | PRESERVE_CONTAINER=${PRESERVE_CONTAINER:-0} 58 | PIGEN_DOCKER_OPTS=${PIGEN_DOCKER_OPTS:-""} 59 | 60 | if [ -z "${IMG_NAME}" ]; then 61 | echo "IMG_NAME not set in 'config'" 1>&2 62 | echo 1>&2 63 | exit 1 64 | fi 65 | 66 | # Ensure the Git Hash is recorded before entering the docker container 67 | GIT_HASH=${GIT_HASH:-"$(git rev-parse HEAD)"} 68 | 69 | CONTAINER_EXISTS=$(${DOCKER} ps -a --filter name="${CONTAINER_NAME}" -q) 70 | CONTAINER_RUNNING=$(${DOCKER} ps --filter name="${CONTAINER_NAME}" -q) 71 | if [ "${CONTAINER_RUNNING}" != "" ]; then 72 | echo "The build is already running in container ${CONTAINER_NAME}. Aborting." 73 | exit 1 74 | fi 75 | if [ "${CONTAINER_EXISTS}" != "" ] && [ "${CONTINUE}" != "1" ]; then 76 | echo "Container ${CONTAINER_NAME} already exists and you did not specify CONTINUE=1. Aborting." 77 | echo "You can delete the existing container like this:" 78 | echo " ${DOCKER} rm -v ${CONTAINER_NAME}" 79 | exit 1 80 | fi 81 | 82 | # Modify original build-options to allow config file to be mounted in the docker container 83 | BUILD_OPTS="$(echo "${BUILD_OPTS:-}" | sed -E 's@\-c\s?([^ ]+)@-c /config@')" 84 | 85 | ${DOCKER} build --build-arg BASE_IMAGE=debian:trixie -t pi-gen "${DIR}" 86 | 87 | if [ "${CONTAINER_EXISTS}" != "" ]; then 88 | DOCKER_CMDLINE_NAME="${CONTAINER_NAME}_cont" 89 | DOCKER_CMDLINE_PRE="--rm" 90 | DOCKER_CMDLINE_POST="--volumes-from=${CONTAINER_NAME}" 91 | else 92 | DOCKER_CMDLINE_NAME="${CONTAINER_NAME}" 93 | DOCKER_CMDLINE_PRE="" 94 | DOCKER_CMDLINE_POST="" 95 | fi 96 | 97 | # Check if binfmt_misc is required 98 | binfmt_misc_required=1 99 | case $(uname -m) in 100 | aarch64) 101 | binfmt_misc_required=0 102 | ;; 103 | arm*) 104 | binfmt_misc_required=0 105 | ;; 106 | esac 107 | 108 | # Check if qemu-aarch64-static and /proc/sys/fs/binfmt_misc are present 109 | if [[ "${binfmt_misc_required}" == "1" ]]; then 110 | if ! qemu_arm=$(which qemu-aarch64-static) ; then 111 | echo "qemu-aarch64-static not found (please install qemu-user-static)" 112 | exit 1 113 | fi 114 | if [ ! -f /proc/sys/fs/binfmt_misc/register ]; then 115 | echo "binfmt_misc required but not mounted, trying to mount it..." 116 | if ! mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc ; then 117 | echo "mounting binfmt_misc failed" 118 | exit 1 119 | fi 120 | echo "binfmt_misc mounted" 121 | fi 122 | if ! grep -q "^interpreter ${qemu_arm}" /proc/sys/fs/binfmt_misc/qemu-aarch64* ; then 123 | # Register qemu-aarch64 for binfmt_misc 124 | reg="echo ':qemu-aarch64-rpi:M::"\ 125 | "\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:"\ 126 | "\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:"\ 127 | "${qemu_arm}:F' > /proc/sys/fs/binfmt_misc/register" 128 | echo "Registering qemu-aarch64 for binfmt_misc..." 129 | sudo bash -c "${reg}" 2>/dev/null || true 130 | fi 131 | fi 132 | 133 | trap 'echo "got CTRL+C... please wait 5s" && ${DOCKER} stop -t 5 ${DOCKER_CMDLINE_NAME}' SIGINT SIGTERM 134 | time ${DOCKER} run \ 135 | $DOCKER_CMDLINE_PRE \ 136 | --name "${DOCKER_CMDLINE_NAME}" \ 137 | --privileged \ 138 | ${PIGEN_DOCKER_OPTS} \ 139 | --volume "${CONFIG_FILE}":/config:ro \ 140 | -e "GIT_HASH=${GIT_HASH}" \ 141 | $DOCKER_CMDLINE_POST \ 142 | pi-gen \ 143 | bash -e -o pipefail -c " 144 | dpkg-reconfigure qemu-user-static && 145 | # binfmt_misc is sometimes not mounted with debian trixie image 146 | (mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc || true) && 147 | cd /pi-gen; ./build.sh ${BUILD_OPTS} && 148 | rsync -av work/*/build.log deploy/ 149 | " & 150 | wait "$!" 151 | 152 | # Ensure that deploy/ is always owned by calling user 153 | echo "copying results from deploy/" 154 | ${DOCKER} cp "${CONTAINER_NAME}":/pi-gen/deploy - | tar -xf - 155 | 156 | echo "copying log from container ${CONTAINER_NAME} to deploy/" 157 | ${DOCKER} logs --timestamps "${CONTAINER_NAME}" &>deploy/build-docker.log 158 | 159 | ls -lah deploy 160 | 161 | # cleanup 162 | if [ "${PRESERVE_CONTAINER}" != "1" ]; then 163 | ${DOCKER} rm -v "${CONTAINER_NAME}" 164 | fi 165 | 166 | echo "Done! Your image(s) should be in deploy/" 167 | -------------------------------------------------------------------------------- /pi-gen-32bit/build-docker.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Note: Avoid usage of arrays as MacOS users have an older version of bash (v3.x) which does not supports arrays 3 | set -eu 4 | 5 | DIR="$(CDPATH='' cd -- "$(dirname -- "$0")" && pwd)" 6 | 7 | BUILD_OPTS="$*" 8 | 9 | # Allow user to override docker command 10 | DOCKER=${DOCKER:-docker} 11 | 12 | # Ensure that default docker command is not set up in rootless mode 13 | if \ 14 | ! ${DOCKER} ps >/dev/null 2>&1 || \ 15 | ${DOCKER} info 2>/dev/null | grep -q rootless \ 16 | ; then 17 | DOCKER="sudo ${DOCKER}" 18 | fi 19 | if ! ${DOCKER} ps >/dev/null; then 20 | echo "error connecting to docker:" 21 | ${DOCKER} ps 22 | exit 1 23 | fi 24 | 25 | CONFIG_FILE="" 26 | if [ -f "${DIR}/config" ]; then 27 | CONFIG_FILE="${DIR}/config" 28 | fi 29 | 30 | while getopts "c:" flag 31 | do 32 | case "${flag}" in 33 | c) 34 | CONFIG_FILE="${OPTARG}" 35 | ;; 36 | *) 37 | ;; 38 | esac 39 | done 40 | 41 | # Ensure that the configuration file is an absolute path 42 | if test -x /usr/bin/realpath; then 43 | CONFIG_FILE=$(realpath -s "$CONFIG_FILE" || realpath "$CONFIG_FILE") 44 | fi 45 | 46 | # Ensure that the confguration file is present 47 | if test -z "${CONFIG_FILE}"; then 48 | echo "Configuration file need to be present in '${DIR}/config' or path passed as parameter" 49 | exit 1 50 | else 51 | # shellcheck disable=SC1090 52 | source ${CONFIG_FILE} 53 | fi 54 | 55 | CONTAINER_NAME=${CONTAINER_NAME:-pigen_work} 56 | CONTINUE=${CONTINUE:-0} 57 | PRESERVE_CONTAINER=${PRESERVE_CONTAINER:-0} 58 | PIGEN_DOCKER_OPTS=${PIGEN_DOCKER_OPTS:-""} 59 | 60 | if [ -z "${IMG_NAME}" ]; then 61 | echo "IMG_NAME not set in 'config'" 1>&2 62 | echo 1>&2 63 | exit 1 64 | fi 65 | 66 | # Ensure the Git Hash is recorded before entering the docker container 67 | GIT_HASH=${GIT_HASH:-"$(git rev-parse HEAD)"} 68 | 69 | CONTAINER_EXISTS=$(${DOCKER} ps -a --filter name="${CONTAINER_NAME}" -q) 70 | CONTAINER_RUNNING=$(${DOCKER} ps --filter name="${CONTAINER_NAME}" -q) 71 | if [ "${CONTAINER_RUNNING}" != "" ]; then 72 | echo "The build is already running in container ${CONTAINER_NAME}. Aborting." 73 | exit 1 74 | fi 75 | if [ "${CONTAINER_EXISTS}" != "" ] && [ "${CONTINUE}" != "1" ]; then 76 | echo "Container ${CONTAINER_NAME} already exists and you did not specify CONTINUE=1. Aborting." 77 | echo "You can delete the existing container like this:" 78 | echo " ${DOCKER} rm -v ${CONTAINER_NAME}" 79 | exit 1 80 | fi 81 | 82 | # Modify original build-options to allow config file to be mounted in the docker container 83 | BUILD_OPTS="$(echo "${BUILD_OPTS:-}" | sed -E 's@\-c\s?([^ ]+)@-c /config@')" 84 | 85 | # Check the arch of the machine we're running on. If it's 64-bit, use a 32-bit base image instead 86 | case "$(uname -m)" in 87 | x86_64|aarch64) 88 | BASE_IMAGE=i386/debian:trixie 89 | ;; 90 | *) 91 | BASE_IMAGE=debian:trixie 92 | ;; 93 | esac 94 | ${DOCKER} build --build-arg BASE_IMAGE=${BASE_IMAGE} -t pi-gen "${DIR}" 95 | 96 | if [ "${CONTAINER_EXISTS}" != "" ]; then 97 | DOCKER_CMDLINE_NAME="${CONTAINER_NAME}_cont" 98 | DOCKER_CMDLINE_PRE="--rm" 99 | DOCKER_CMDLINE_POST="--volumes-from=${CONTAINER_NAME}" 100 | else 101 | DOCKER_CMDLINE_NAME="${CONTAINER_NAME}" 102 | DOCKER_CMDLINE_PRE="" 103 | DOCKER_CMDLINE_POST="" 104 | fi 105 | 106 | # Check if binfmt_misc is required 107 | binfmt_misc_required=1 108 | case $(uname -m) in 109 | aarch64) 110 | binfmt_misc_required=0 111 | ;; 112 | arm*) 113 | binfmt_misc_required=0 114 | ;; 115 | esac 116 | 117 | # Check if qemu-arm-static and /proc/sys/fs/binfmt_misc are present 118 | if [[ "${binfmt_misc_required}" == "1" ]]; then 119 | if ! qemu_arm=$(which qemu-arm-static) ; then 120 | echo "qemu-arm-static not found (please install qemu-user-static)" 121 | exit 1 122 | fi 123 | if [ ! -f /proc/sys/fs/binfmt_misc/register ]; then 124 | echo "binfmt_misc required but not mounted, trying to mount it..." 125 | if ! mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc ; then 126 | echo "mounting binfmt_misc failed" 127 | exit 1 128 | fi 129 | echo "binfmt_misc mounted" 130 | fi 131 | if ! grep -q "^interpreter ${qemu_arm}" /proc/sys/fs/binfmt_misc/qemu-arm* ; then 132 | # Register qemu-arm for binfmt_misc 133 | reg="echo ':qemu-arm-rpi:M::"\ 134 | "\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:"\ 135 | "\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:"\ 136 | "${qemu_arm}:F' > /proc/sys/fs/binfmt_misc/register" 137 | echo "Registering qemu-arm for binfmt_misc..." 138 | sudo bash -c "${reg}" 2>/dev/null || true 139 | fi 140 | fi 141 | 142 | trap 'echo "got CTRL+C... please wait 5s" && ${DOCKER} stop -t 5 ${DOCKER_CMDLINE_NAME}' SIGINT SIGTERM 143 | time ${DOCKER} run \ 144 | $DOCKER_CMDLINE_PRE \ 145 | --name "${DOCKER_CMDLINE_NAME}" \ 146 | --privileged \ 147 | ${PIGEN_DOCKER_OPTS} \ 148 | --volume "${CONFIG_FILE}":/config:ro \ 149 | -e "GIT_HASH=${GIT_HASH}" \ 150 | $DOCKER_CMDLINE_POST \ 151 | pi-gen \ 152 | bash -e -o pipefail -c " 153 | dpkg-reconfigure qemu-user-static && 154 | # binfmt_misc is sometimes not mounted with debian trixie image 155 | (mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc || true) && 156 | cd /pi-gen; ./build.sh ${BUILD_OPTS} && 157 | rsync -av work/*/build.log deploy/ 158 | " & 159 | wait "$!" 160 | 161 | # Ensure that deploy/ is always owned by calling user 162 | echo "copying results from deploy/" 163 | ${DOCKER} cp "${CONTAINER_NAME}":/pi-gen/deploy - | tar -xf - 164 | 165 | echo "copying log from container ${CONTAINER_NAME} to deploy/" 166 | ${DOCKER} logs --timestamps "${CONTAINER_NAME}" &>deploy/build-docker.log 167 | 168 | ls -lah deploy 169 | 170 | # cleanup 171 | if [ "${PRESERVE_CONTAINER}" != "1" ]; then 172 | ${DOCKER} rm -v "${CONTAINER_NAME}" 173 | fi 174 | 175 | echo "Done! Your image(s) should be in deploy/" 176 | --------------------------------------------------------------------------------