mirror of
https://github.com/mofeng-git/One-KVM.git
synced 2025-12-12 01:00:29 +08:00
280 lines
7.6 KiB
Bash
Executable File
280 lines
7.6 KiB
Bash
Executable File
#!/bin/bash
|
|
# ========================================================================== #
|
|
# #
|
|
# KVMD - The main PiKVM daemon. #
|
|
# #
|
|
# Copyright (C) 2018-2024 Maxim Devaev <mdevaev@gmail.com> #
|
|
# #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <https://www.gnu.org/licenses/>. #
|
|
# #
|
|
# ========================================================================== #
|
|
|
|
|
|
set -ex
|
|
|
|
if [ "$(whoami)" != root ]; then
|
|
echo "Only root can do that"
|
|
exit 1
|
|
fi
|
|
|
|
if [ "$1" != --do-the-thing ]; then
|
|
echo "This script will make some firstboot magic. Don't run it manually."
|
|
exit 1
|
|
fi
|
|
|
|
|
|
# ========== Preparing ==========
|
|
|
|
if [ ! -f /boot/pikvm.txt ]; then
|
|
exit 0
|
|
fi
|
|
|
|
if systemctl is-enabled -q kvmd-oled; then
|
|
# Stop regular kvmd-oled service and show first time setup status in oled
|
|
systemctl stop kvmd-oled || true
|
|
kvmd-oled --interval=0 --text="On-boot setup...\nDO NOT INTERRUPT!\nPlease wait" || true
|
|
has_oled=1
|
|
fi
|
|
|
|
# shellcheck disable=SC1090
|
|
source <(dos2unix < /boot/pikvm.txt)
|
|
|
|
rw
|
|
|
|
|
|
# ========== First boot configuration ==========
|
|
|
|
make_avahi_service() {
|
|
local _serial
|
|
_serial=$(tr -d '\0' < /proc/device-tree/serial-number || echo "0000000000000000")
|
|
local _model
|
|
_model=$(tr -d '\0' < /proc/device-tree/model || echo "Unknown model")
|
|
mkdir -p /etc/avahi/services
|
|
cat <<end_of_file > /etc/avahi/services/pikvm.service
|
|
<?xml version="1.0" standalone='no'?>
|
|
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
|
|
<service-group>
|
|
<name replace-wildcards="yes">pikvm-$_serial.local</name>
|
|
<service>
|
|
<type>_pikvm._tcp</type>
|
|
<port>443</port>
|
|
<txt-record>path=/</txt-record>
|
|
<txt-record>protocol=https</txt-record>
|
|
<txt-record>description=PiKVM Web Server</txt-record>
|
|
<txt-record>serial=$_serial</txt-record>
|
|
<txt-record>model=$_model</txt-record>
|
|
</service>
|
|
<service>
|
|
<type>_https._tcp</type>
|
|
<port>443</port>
|
|
<txt-record>path=/</txt-record>
|
|
<txt-record>protocol=https</txt-record>
|
|
<txt-record>description=PiKVM Web Server</txt-record>
|
|
<txt-record>serial=$_serial</txt-record>
|
|
<txt-record>model=$_model</txt-record>
|
|
</service>
|
|
</service-group>
|
|
end_of_file
|
|
}
|
|
|
|
if [ -n "$FIRSTBOOT$FIRST_BOOT" ]; then
|
|
( \
|
|
(umount /etc/machine-id || true) \
|
|
&& echo -n > /etc/machine-id \
|
|
&& systemd-machine-id-setup \
|
|
) || true
|
|
|
|
rm -f /etc/ssh/ssh_host_*
|
|
ssh-keygen -v -A
|
|
|
|
rm -f /etc/kvmd/nginx/ssl/*
|
|
rm -f /etc/kvmd/vnc/ssl/*
|
|
kvmd-gencert --do-the-thing
|
|
kvmd-gencert --do-the-thing --vnc
|
|
|
|
if grep -q 'X-kvmd\.otgmsd' /etc/fstab; then
|
|
part=$(grep 'X-kvmd\.otgmsd' /etc/fstab | awk '{print $1}')
|
|
# shellcheck disable=SC2206
|
|
splitted=(${part//=/ })
|
|
if [ "${splitted[0]}" == LABEL ]; then
|
|
label=${splitted[1]}
|
|
part=$(blkid -c /dev/null -L "$label")
|
|
else
|
|
label=PIMSD
|
|
fi
|
|
unset splitted
|
|
disk=/dev/$(lsblk -no pkname "$part")
|
|
npart=$(cat "/sys/class/block/${part//\/dev\//}/partition")
|
|
umount "$part"
|
|
parted "$disk" -a optimal -s resizepart "$npart" 100%
|
|
yes | mkfs.ext4 -L "$label" -F -m 0 "$part"
|
|
mount "$part"
|
|
unset disk part npart label
|
|
fi
|
|
|
|
make_avahi_service
|
|
|
|
# fc-cache is required for installed X server
|
|
# shellcheck disable=SC2015
|
|
which fc-cache && fc-cache || true
|
|
fi
|
|
|
|
|
|
# ========== Avahi ==========
|
|
|
|
if [ -n "$ENABLE_AVAHI" ]; then
|
|
systemctl enable avahi-daemon || true
|
|
touch /boot/pikvm-reboot.txt
|
|
fi
|
|
|
|
|
|
# ========== OTG serial ==========
|
|
|
|
if [ -n "$ENABLE_OTG_SERIAL" ]; then
|
|
cat <<end_of_file > /etc/kvmd/override.d/0000-vendor-otg-serial.yaml
|
|
# Generated by kvmd-bootconfig. Do not edit this file!
|
|
otg:
|
|
devices:
|
|
serial:
|
|
enabled: true
|
|
end_of_file
|
|
grep '^ttyGS0$' /etc/securetty || echo ttyGS0 >> /etc/securetty
|
|
mkdir -p /etc/systemd/system/getty@ttyGS0.service.d
|
|
cat <<end_of_file > /etc/systemd/system/getty@ttyGS0.service.d/override.conf
|
|
[Service]
|
|
TTYReset=no
|
|
TTYVHangup=no
|
|
TTYVTDisallocate=no
|
|
end_of_file
|
|
systemctl enable getty@ttyGS0.service
|
|
touch /boot/pikvm-reboot.txt
|
|
fi
|
|
|
|
|
|
# ========== SSH ==========
|
|
|
|
if [ -n "$SSH_PORT" ]; then
|
|
sed -i -e "s/^\s*#*\s*Port\s\+.*$/Port $SSH_PORT/g" /etc/ssh/sshd_config
|
|
fi
|
|
|
|
|
|
# ========== Ethernet ==========
|
|
|
|
make_dhcp_iface() {
|
|
local _iface="$1"
|
|
local _metric="$2"
|
|
cat <<end_of_file > "/etc/systemd/network/$_iface.network"
|
|
[Match]
|
|
Name=$_iface
|
|
|
|
[Network]
|
|
DHCP=yes
|
|
DNSSEC=no
|
|
|
|
[DHCP]
|
|
# Use same IP by forcing to use MAC address for clientID
|
|
ClientIdentifier=mac
|
|
# https://github.com/pikvm/pikvm/issues/583
|
|
RouteMetric=$_metric
|
|
end_of_file
|
|
}
|
|
|
|
make_static_iface() {
|
|
local _iface="$1"
|
|
local _addr="$2"
|
|
local _gw="$3"
|
|
local _dns="$4"
|
|
local _metric="$5"
|
|
cat <<end_of_file > "/etc/systemd/network/$_iface.network"
|
|
[Match]
|
|
Name=$_iface
|
|
|
|
[Network]
|
|
Address=$_addr
|
|
DNS=$_dns
|
|
DNSSEC=no
|
|
|
|
[Route]
|
|
Gateway=$_gw
|
|
# https://github.com/pikvm/pikvm/issues/583
|
|
Metric=$_metric
|
|
end_of_file
|
|
}
|
|
|
|
# If the ETH_DHCP is defined, configure eth0 for DHCP
|
|
if [ -n "$ETH_DHCP" ]; then
|
|
ETH_IFACE="${ETH_IFACE:-eth0}"
|
|
make_dhcp_iface "$ETH_IFACE" 10
|
|
fi
|
|
|
|
# If the ETH_ADDR is defined, configure a static address on eth0
|
|
if [ -n "$ETH_ADDR" ]; then
|
|
ETH_IFACE="${ETH_IFACE:-eth0}"
|
|
make_static_iface "$ETH_IFACE" "$ETH_ADDR" "$ETH_GW" "$ETH_DNS" 10
|
|
fi
|
|
|
|
|
|
# ========== Wi-Fi ==========
|
|
|
|
# Set the regulatory domain for wifi, if defined.
|
|
if [ -n "$WIFI_REGDOM" ]; then
|
|
sed -i \
|
|
-e 's/^\(WIRELESS_REGDOM=.*\)$/#\1/' \
|
|
-e 's/^#\(WIRELESS_REGDOM="'"$WIFI_REGDOM"'"\)/\1/' \
|
|
/etc/conf.d/wireless-regdom
|
|
fi
|
|
|
|
# If the WIFI_ESSID is defined, configure wlan0
|
|
if [ -n "$WIFI_ESSID" ]; then
|
|
WIFI_IFACE="${WIFI_IFACE:-wlan0}"
|
|
if [ -n "$WIFI_ADDR" ]; then
|
|
make_static_iface "$WIFI_IFACE" "$WIFI_ADDR" "$WIFI_GW" "$WIFI_DNS" 50
|
|
else
|
|
make_dhcp_iface "$WIFI_IFACE" 50
|
|
fi
|
|
wpa_passphrase "$WIFI_ESSID" "$WIFI_PASSWD" > "/etc/wpa_supplicant/wpa_supplicant-$WIFI_IFACE.conf"
|
|
chmod 640 "/etc/wpa_supplicant/wpa_supplicant-$WIFI_IFACE.conf"
|
|
if [ -n "$WIFI_HIDDEN" ]; then
|
|
sed -i -e 's/^}/\tscan_ssid=1\n}/g' "/etc/wpa_supplicant/wpa_supplicant-$WIFI_IFACE.conf"
|
|
fi
|
|
systemctl enable "wpa_supplicant@$WIFI_IFACE.service" || true
|
|
touch /boot/pikvm-reboot.txt
|
|
fi
|
|
|
|
|
|
# ========== Custom scripts ==========
|
|
|
|
if [ -d /boot/pikvm-scripts.d ]; then
|
|
run-parts --regex='^.+$' /boot/pikvm-scripts.d || true
|
|
fi
|
|
|
|
|
|
# ========== Finish ==========
|
|
rm -f /boot/pikvm.txt
|
|
|
|
if [ -f /boot/pikvm-reboot.txt ]; then
|
|
rm -f /boot/pikvm-reboot.txt
|
|
ro
|
|
echo "kvmd-bootconfig: Reboot after 5 seconds" | tee /dev/kmsg
|
|
sleep 2
|
|
reboot
|
|
sleep 3
|
|
else
|
|
ro
|
|
if [ -n "$has_oled" ]; then
|
|
# Critical tasks have completed so start kvmd-oled service as an indicator that on-boot tasks are complete
|
|
systemctl start kvmd-oled || true
|
|
fi
|
|
fi
|