-
Notifications
You must be signed in to change notification settings - Fork 157
/
Copy pathconfig
145 lines (116 loc) · 6.54 KB
/
config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
########################################################################################
#
# admin-toolkit helps to harden your pi, install other packages easily, and add files out of the box.
# Some things require a user to be added and others dont. Some things are intended to be used with FullPageOS
# and the scripts that come with it, but there are uses outside of that, if you edit a bit of code.
# This has only been used with FullPageOS, and Raspbian Buster on a pi4
#
# Written by asdfinit
# GPL V3
#########
###########################################################
######### User Required Section ###########################
#
# Adding another user requires at least a username.
# If the user already exists, it will not be recreated,
# but the password and ssh keys will be changed.
# A home folder will be created.
# The default profile will be set to bash.
# Default password is raspberry. PLEASE CHANGE THIS.
# User will be added to the sudo and adm group.
#
# If the user specified is not pi, pi's password will be
# set to a randomly generated string.
#
###########################################################
# add user name, If left "default", no user will be added.
[ -n "$ADMIN_TOOLKIT_NAME" ] || ADMIN_TOOLKIT_NAME=default
# GECOS field of the new account. If Left "default" this is skipped.
# If you need to understand this visit https://en.wikipedia.org/wiki/Gecos_field
[ -n "$ADMIN_TOOLKIT_FULLNAME" ] || ADMIN_TOOLKIT_FULLNAME=default
# override password, otherwise use image default raspberry.
[ -n "$ADMIN_TOOLKIT_PASSWORD" ] || ADMIN_TOOLKIT_PASSWORD=default
# Want to remove pi from the sudoers file? "yes" to configure
[ -n "$ADMIN_TOOLKIT_PI_NO_SUDO" ] || ADMIN_TOOLKIT_PI_NO_SUDO=no
# Hostname change script. Script will be added to the users home directory.
# Run this to change the hostname and it will auto-fix the FullPageOS chromium locked profile on reboot.
# "yes" to include
ADMIN_TOOLKIT_HOSTNAME_CHANGE_SCRIPT=no
######### SSH Section #####################################
#
# If you didn't set a user in the above section SSH Settings won't be applied.
# If you don't set a ssh key, disabling passwords for ssh won't apply.
#
# Add the public ssh key that you wish to use for connections to the pi
# this will add the authorized_keys file in the users .ssh folder.
# Format with quotations: "ssh-rsa SzYtCpyRUU1fvLXvWlezJw...=="
[ -n "$ADMIN_TOOLKIT_SSH" ] || ADMIN_TOOLKIT_SSH=default
# disable passwords for ssh logins(only if you set a key). "yes" to configure
[ -n "$ADMIN_TOOLKIT_SSH_NO_PASS" ] || ADMIN_TOOLKIT_SSH_NO_PASS=no
# this will allow only the newly created user to ssh. "yes" to configure
[ -n "$ADMIN_TOOLKIT_SSH_ALLOW_ONLY_CREATED_USER" ] || ADMIN_TOOLKIT_SSH_ALLOW_ONLY_CREATED_USER=no
###########################################################
######### User Not Required ###############################
#
# Nothing below requires an admin user to be added.
# But it might depend on FullPageOS
##########################################################
######### Raspbian Update #################################
# Updates all packages: apt-get update && apt-get upgrade
# this can take a while. "yes" to configure
[ -n "$ADMIN_TOOLKIT_UPDATE_PACKAGES" ] || ADMIN_TOOLKIT_UPDATE_PACKAGES=no
######### Install Package(s) ##############################
# This might not work for you. Some packages cannot be installed in chroot.
# Keep in mind your image will be bigger and take longer to build.
# Use quotes if listing multiple packages (space Separated list) ex. LIST="fortune cowsay..."
[ -n "$ADMIN_TOOLKIT_INSTALL_LIST" ] || ADMIN_TOOLKIT_INSTALL_LIST=no
######### UFW #############################################
# Set to yes if you want the ufw firewall installed. Unless you
# specify other ports below only ssh port 22 will be open, all
# other ports will be closed by default. "yes" to configure
[ -n "$ADMIN_TOOLKIT_UFW_INSTALL" ] || ADMIN_TOOLKIT_UFW_INSTALL=no
# To allow multiple open ports make a CSV(coma separated list) to configure.
[ -n "$ADMIN_TOOLKIT_UFW_PORTS_TCP" ] || ADMIN_TOOLKIT_UFW_PORTS_TCP=no
[ -n "$ADMIN_TOOLKIT_UFW_PORTS_UDP" ] || ADMIN_TOOLKIT_UFW_PORTS_UDP=no
# Enable ufw logging. "yes" to configure
[ -n "$ADMIN_TOOLKIT_UFW_ENABLE_LOGGING" ] || ADMIN_TOOLKIT_UFW_ENABLE_LOGGING=no
######### Network Manager ##################
# On pi's connected over wifi Network Manager will
# cause you to have a different mac on every boot.
# You can remove it without any issues. "yes" to configure
[ -n "$ADMIN_TOOLKIT_REMOVE_NETWORK_MANAGER" ] || ADMIN_TOOLKIT_REMOVE_NETWORK_MANAGER=no
######### FullPageOS Hdmi Scripts ########################
# These can be used to turn TV's on and off. Use with cron jobs
# for automation. Works on most devices but not all.
# Installs in the /home/pi/scripts dir and makes use of
# pre written scripts in FullPageOS. "yes" to configure
[ -n "$ADMIN_TOOLKIT_HDMI_SCRIPTS" ] || ADMIN_TOOLKIT_HDMI_SCRIPTS=no
######### Install Cron Job #############################
# With great power.... well you know...
# Add a cron file to the /filesystem/tools/cron folder
# cron files will be placed in /var/spool/cron/crontabs/
# CRON_USER and file name must be the same. pi is the most common(default)
# Your cron file must have a new line at the bottom or import won't work.
# "yes" to configure
[ -n "$ADMIN_TOOLKIT_CRON_JOB" ] || ADMIN_TOOLKIT_CRON_JOB=no
# Cron jobs user name. If you're not adding a user leave this at pi
[ -n "$ADMIN_TOOLKIT_CRON_USER" ] || ADMIN_TOOLKIT_CRON_USER=pi
# if you want to install root user jobs... eg. auto reboot. "yes" to configure
[ -n "$ADMIN_TOOLKIT_SYSTEM_CRON" ] || ADMIN_TOOLKIT_SYSTEM_CRON=no
######## User Defined Scripts ############################
#
# Add your own scripts to the /filesystem/tools/scripts folder
# and they will be added to your created users home directory in
# a scripts folder or to /home/pi/scripts. Default is pi.
# "yes" to configure
[ -n "$ADMIN_TOOLKIT_USER_SCRIPTS" ] || ADMIN_TOOLKIT_USER_SCRIPTS=no
# User Scripts User name. If you're not adding a user leave this at pi
[ -n "$ADMIN_TOOLKIT_USER_SCRIPTS_NAME" ] || ADMIN_TOOLKIT_USER_SCRIPTS_NAME=pi
######### Screen Rotation Script #######################
# **** REQUIRES THE GUI MODULE AND pi 4 ****
# Rotates the screen after start up. Since there's some issues
# with rotation on certain displays at boot this section lets you
# add screen rotation after boot up.
# Examples: "normal","inverted","left","right"
# use a value other than normal to add rotation.
[ -n "$ADMIN_TOOLKIT_SCREEN_ROTATION" ] || ADMIN_TOOLKIT_SCREEN_ROTATION=normal