#!/bin/bash # ========================================================================== # # # # KVMD - The main PiKVM daemon. # # # # Copyright (C) 2018-2023 Maxim Devaev # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # # ========================================================================== # set -ex if [ "$(whoami)" != root ]; then echo "Only root can do that" exit 1 fi if [ "$1" != --do-the-thing ]; then echo "This script will make some firstboot magic. Don't run it manually." exit 1 fi # ========== Preparing ========== if [ ! -f /boot/pikvm.txt ]; then exit 0 fi if systemctl is-enabled -q kvmd-oled; then # Stop regular kvmd-oled service and show first time setup status in oled systemctl stop kvmd-oled || true kvmd-oled --interval=0 --text="On-boot setup...\nDO NOT INTERRUPT!\nPlease wait" || true has_oled=1 fi # shellcheck disable=SC1090 source <(dos2unix < /boot/pikvm.txt) rw # ========== First boot configuration ========== if [ -n "$FIRSTBOOT$FIRST_BOOT" ]; then ( \ (umount /etc/machine-id || true) \ && echo -n > /etc/machine-id \ && systemd-machine-id-setup \ ) || true rm -f /etc/ssh/ssh_host_* ssh-keygen -v -A rm -f /etc/kvmd/nginx/ssl/* rm -f /etc/kvmd/vnc/ssl/* kvmd-gencert --do-the-thing kvmd-gencert --do-the-thing --vnc if grep -q 'X-kvmd\.otgmsd' /etc/fstab; then part=$(grep 'X-kvmd\.otgmsd' /etc/fstab | awk '{print $1}') # shellcheck disable=SC2206 splitted=(${part//=/ }) if [ "${splitted[0]}" == LABEL ]; then label=${splitted[1]} part=$(blkid -c /dev/null -L "$label") else label=PIMSD fi unset splitted disk=/dev/$(lsblk -no pkname "$part") npart=$(cat "/sys/class/block/${part//\/dev\//}/partition") umount "$part" parted "$disk" -a optimal -s resizepart "$npart" 100% yes | mkfs.ext4 -L "$label" -F -m 0 "$part" mount "$part" unset disk part npart label fi # fc-cache is required for installed X server # shellcheck disable=SC2015 which fc-cache && fc-cache || true fi # ========== OTG serial ========== if [ -n "$ENABLE_OTG_SERIAL" ]; then cat < /etc/kvmd/override.d/0000-vendor-otg-serial.yaml # Generated by kvmd-bootconfig. Do not edit this file! otg: devices: serial: enabled: true end_of_file grep '^ttyGS0$' /etc/securetty || echo ttyGS0 >> /etc/securetty mkdir -p /etc/systemd/system/getty@ttyGS0.service.d cat < /etc/systemd/system/getty@ttyGS0.service.d/override.conf [Service] TTYReset=no TTYVHangup=no TTYVTDisallocate=no end_of_file systemctl enable getty@ttyGS0.service touch /boot/pikvm-reboot.txt fi # ========== SSH ========== if [ -n "$SSH_PORT" ]; then sed -i -e "s/^\s*#*\s*Port\s\+.*$/Port $SSH_PORT/g" /etc/ssh/sshd_config fi # ========== Ethernet ========== make_dhcp_iface() { local _iface="$1" local _metric="$2" cat < "/etc/systemd/network/$_iface.network" [Match] Name=$_iface [Network] DHCP=yes DNSSEC=no [DHCP] # Use same IP by forcing to use MAC address for clientID ClientIdentifier=mac # https://github.com/pikvm/pikvm/issues/583 RouteMetric=$_metric end_of_file } make_static_iface() { local _iface="$1" local _addr="$2" local _gw="$3" local _dns="$4" local _metric="$5" cat < "/etc/systemd/network/$_iface.network" [Match] Name=$_iface [Network] Address=$_addr DNS=$_dns DNSSEC=no [Route] Gateway=$_gw # https://github.com/pikvm/pikvm/issues/583 Metric=$_metric end_of_file } # If the ETH_DHCP is defined, configure eth0 for DHCP if [ -n "$ETH_DHCP" ]; then ETH_IFACE="${ETH_IFACE:-eth0}" make_dhcp_iface "$ETH_IFACE" 10 fi # If the ETH_ADDR is defined, configure a static address on eth0 if [ -n "$ETH_ADDR" ]; then ETH_IFACE="${ETH_IFACE:-eth0}" make_static_iface "$ETH_IFACE" "$ETH_ADDR" "$ETH_GW" "$ETH_DNS" 10 fi # ========== Wi-Fi ========== # Set the regulatory domain for wifi, if defined. if [ -n "$WIFI_REGDOM" ]; then sed -i \ -e 's/^\(WIRELESS_REGDOM=.*\)$/#\1/' \ -e 's/^#\(WIRELESS_REGDOM="'"$WIFI_REGDOM"'"\)/\1/' \ /etc/conf.d/wireless-regdom fi # If the WIFI_ESSID is defined, configure wlan0 if [ -n "$WIFI_ESSID" ]; then WIFI_IFACE="${WIFI_IFACE:-wlan0}" if [ -n "$WIFI_ADDR" ]; then make_static_iface "$WIFI_IFACE" "$WIFI_ADDR" "$WIFI_GW" "$WIFI_DNS" 50 else make_dhcp_iface "$WIFI_IFACE" 50 fi wpa_passphrase "$WIFI_ESSID" "$WIFI_PASSWD" > "/etc/wpa_supplicant/wpa_supplicant-$WIFI_IFACE.conf" chmod 640 "/etc/wpa_supplicant/wpa_supplicant-$WIFI_IFACE.conf" systemctl enable "wpa_supplicant@$WIFI_IFACE.service" || true touch /boot/pikvm-reboot.txt fi # ========== Custom scripts ========== if [ -d /boot/pikvm-scripts.d ]; then run-parts --regex='^.+$' /boot/pikvm-scripts.d || true fi # ========== Finish ========== rm -f /boot/pikvm.txt if [ -f /boot/pikvm-reboot.txt ]; then rm -f /boot/pikvm-reboot.txt ro echo "kvmd-bootconfig: Reboot after 5 seconds" | tee /dev/kmsg sleep 2 reboot sleep 3 else ro if [ -n "$has_oled" ]; then # Critical tasks have completed so start kvmd-oled service as an indicator that on-boot tasks are complete systemctl start kvmd-oled || true fi fi