Refactor build-cloudinit-image.sh and deploy-to-proxmox.sh to improve image management: streamline image download process, enhance error handling for checksum verification, and ensure proper directory creation for cloud-init images. Update deployment scripts for better user feedback and reliability.

chromium-setup/emmc-provisioning/cloud-init/first-boot.md

@@ -0,0 +1,105 @@
+# first-boot.sh — Documentation
+
+This script runs once on first boot via cloud-init (see `user-data-remote-gnss.example`). It installs packages, configures a Chromium kiosk with KDE Plasma and touch support, and installs the reTerminal DM display/touch drivers. It must run as **root**.
+
+---
+
+## Script header and environment
+
+- **`set -e`** — Exit immediately if any command fails.
+- **`DEBIAN_FRONTEND=noninteractive`** — Prevents apt from asking questions (assumes default or automatic answers).
+
+---
+
+## Packages
+
+Installs the software needed for the rest of the script and for the kiosk:
+
+| Package | Purpose |
+|--------|---------|
+| **git** | Clone the Seeed Linux DTOverlays repo for reTerminal DM drivers. |
+| **chromium-browser** | Full-screen kiosk browser. |
+| **wmctrl** | Window control; used to force Chromium into fullscreen. |
+| **openssh-server** | SSH access (often also enabled in user-data). |
+| **kde-plasma-desktop** | KDE Plasma desktop (X11 session used for Chromium). |
+| **maliit-keyboard** | On-screen keyboard for touch input. |
+| **xinput-calibrator** | Touchscreen calibration (optional; run manually if needed). |
+
+---
+
+## Autostart directory
+
+Creates `/home/pi/.config/autostart` so that `.desktop` files placed there are started when user `pi` logs into the graphical session.
+
+---
+
+## Chromium kiosk files (from file server)
+
+Does **not** create the kiosk files locally; it downloads them from your file server:
+
+- **`FILE_SERVER`** — Base URL (default: `http://10.130.60.141:5000/files`). Change this if your server is elsewhere.
+- **`start-chromium.sh`** — Downloaded to `/home/pi/start-chromium.sh`, made executable (755), owned by `pi`. This script waits for the desktop, starts Chromium in kiosk mode (e.g. `--app=...`), and uses `wmctrl` to force fullscreen.
+- **`chromium-kiosk.desktop`** — Downloaded to `/home/pi/.config/autostart/chromium-kiosk.desktop`, mode 644, owned by `pi`. This autostart entry runs `start-chromium.sh` when `pi` logs in.
+
+Ensure the `.desktop` file on the server has `Exec=/home/pi/start-chromium.sh` (or the path you use on the device).
+
+---
+
+## KDE Plasma: default session (X11)
+
+Writes `/etc/lightdm/lightdm.conf.d/99-default-session.conf` so the display manager (LightDM) uses the **Plasma X11** session (`plasmax11`) instead of Wayland. Chromium kiosk is configured for X11, so this is required for it to run correctly.
+
+---
+
+## KDE touch-friendly settings
+
+Two config files for user `pi` to improve touch and window behaviour:
+
+- **`/home/pi/.config/kdeglobals`** — `ForceFontDPI=120` for larger, more readable UI on the small screen.
+- **`/home/pi/.config/kwinrc`** — `BorderlessMaximizedWindows=true` and `touchpointsEnabled=true` for better touch and fullscreen behaviour.
+
+Both are owned by `pi:pi` with mode 644.
+
+---
+
+## On-screen keyboard (Maliit)
+
+Creates `/home/pi/.config/autostart/maliit-keyboard.desktop` so that **Maliit** (`maliit-keyboard -r`) starts when `pi` logs in. This gives an on-screen keyboard for touch-only use.
+
+---
+
+## Ownership for pi’s config
+
+Runs `chown -R pi:pi /home/pi/.config` so all files under `pi`’s config directory are owned by `pi`. Ensures the desktop session runs as `pi` without permission issues.
+
+---
+
+## Default X session manager
+
+Runs `update-alternatives --set x-session-manager /usr/bin/startplasma-x11` so the default graphical session is KDE Plasma on X11. Matches the LightDM setting above and ensures the kiosk and Maliit run in the same X11 session.
+
+---
+
+## reTerminal DM: Seeed display/touch drivers
+
+Installs the official Seeed drivers for the reTerminal DM so the display and touch work:
+
+1. Clones **https://github.com/Seeed-Studio/seeed-linux-dtoverlays** into `/tmp/seeed-linux-dtoverlays` (`--depth 1` for a shallow clone).
+2. Runs **`scripts/reTerminal.sh --device reTerminal-DM`** to install device-tree overlays and any required firmware/config for the reTerminal DM.
+3. Removes the clone from `/tmp`.
+
+These changes take effect after a reboot.
+
+---
+
+## Reboot
+
+Runs **`reboot`** so the kernel and display stack load the new Seeed drivers. After reboot, the screen and touch should work, and the next login as `pi` will start the Chromium kiosk and Maliit via the autostart entries.
+
+---
+
+## Customisation
+
+- **File server** — Edit `FILE_SERVER` if your `start-chromium.sh` and `chromium-kiosk.desktop` are served from another host/port.
+- **Kiosk URL** — The URL Chromium opens is defined in `start-chromium.sh` on your file server (e.g. `--app=http://127.0.0.1:8080`); change it there.
+- **User** — If you use a user other than `pi`, replace `pi` in this script and in the files on the file server (paths and ownership).

chromium-setup/emmc-provisioning/cloud-init/first-boot.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+# First-boot script: install packages, Chromium kiosk, KDE Plasma + touch.
+# Intended to be downloaded and run by cloud-init (see user-data-remote-gnss.example).
+# Run as root.
+
+set -e
+
+export DEBIAN_FRONTEND=noninteractive
+
+# Packages
+apt-get update -qq
+apt-get install -y -qq \
+  git \
+  chromium-browser \
+  wmctrl \
+  openssh-server \
+  kde-plasma-desktop \
+  maliit-keyboard \
+  xinput-calibrator
+
+# Autostart dir for user pi
+mkdir -p /home/pi/.config/autostart
+
+# Chromium kiosk files from file server
+FILE_SERVER="http://10.130.60.141:5000/files"
+curl -fsSL "${FILE_SERVER}/start-chromium.sh" -o /home/pi/start-chromium.sh
+chmod 755 /home/pi/start-chromium.sh
+chown pi:pi /home/pi/start-chromium.sh
+curl -fsSL "${FILE_SERVER}/chromium-kiosk.desktop" -o /home/pi/.config/autostart/chromium-kiosk.desktop
+chmod 644 /home/pi/.config/autostart/chromium-kiosk.desktop
+chown pi:pi /home/pi/.config/autostart/chromium-kiosk.desktop
+
+# KDE Plasma: default session (X11 for Chromium)
+mkdir -p /etc/lightdm/lightdm.conf.d
+cat > /etc/lightdm/lightdm.conf.d/99-default-session.conf << 'LIGHTDM'
+[Seat:*]
+user-session=plasmax11
+LIGHTDM
+
+# KDE touch-friendly
+cat > /home/pi/.config/kdeglobals << 'KDE'
+[General]
+ForceFontDPI=120
+KDE
+chown pi:pi /home/pi/.config/kdeglobals
+chmod 644 /home/pi/.config/kdeglobals
+
+cat > /home/pi/.config/kwinrc << 'KWIN'
+[Windows]
+BorderlessMaximizedWindows=true
+[Plugins]
+touchpointsEnabled=true
+KWIN
+chown pi:pi /home/pi/.config/kwinrc
+chmod 644 /home/pi/.config/kwinrc
+
+# On-screen keyboard (maliit)
+cat > /home/pi/.config/autostart/maliit-keyboard.desktop << 'MALIIT'
+[Desktop Entry]
+Type=Application
+Name=Maliit Keyboard
+Exec=maliit-keyboard -r
+X-GNOME-Autostart-enabled=true
+MALIIT
+chown pi:pi /home/pi/.config/autostart/maliit-keyboard.desktop
+chmod 644 /home/pi/.config/autostart/maliit-keyboard.desktop
+
+# Ownership for all of pi's config
+chown -R pi:pi /home/pi/.config
+
+# Set KDE Plasma (X11) as default session
+update-alternatives --set x-session-manager /usr/bin/startplasma-x11 2>/dev/null || true
+
+# reTerminal DM: install Seeed display/touch drivers (screen will work after reboot)
+REPO_DIR="/tmp/seeed-linux-dtoverlays"
+git clone --depth 1 https://github.com/Seeed-Studio/seeed-linux-dtoverlays "$REPO_DIR"
+"$REPO_DIR/scripts/reTerminal.sh" --device reTerminal-DM
+rm -rf "$REPO_DIR"
+
+# Reboot so display and touch work
+reboot

chromium-setup/emmc-provisioning/cloud-init/user-data-remote-gnss.example

@@ -0,0 +1,37 @@
+#cloud-config
+# Example: create user (pi), enable SSH, then download and run first-boot.sh to install
+# Chromium kiosk, KDE Plasma, and touch options. Edit FIRST_BOOT_URL to point to your
+# hosted first-boot.sh (e.g. file server or raw GitHub).
+#
+# 1. Generate a password hash: mkpasswd -m sha-512 'YourPassword' or openssl passwd -6 'YourPassword'
+#    Paste the full output into the passwd: line below.
+# 2. Host first-boot.sh (same dir as this repo: cloud-init/first-boot.sh) at FIRST_BOOT_URL.
+# 3. To use a different username than "pi", replace every "pi" in this file and in first-boot.sh.
+
+package_update: true
+package_upgrade: false
+
+packages:
+  - curl
+
+users:
+  - name: pi
+    groups: [adm, sudo, video]
+    lock_passwd: false
+    passwd: "$6$7xWGhGc6d1lJx1dU$4E8r1mkzVj51bjEbfzdP8wPxso..C36LbXkqU/X4oBGq94aGFMSrZb0PVI8zs/Om1Jm97/D..Apy2HTdCn3FV1"
+    shell: /bin/bash
+
+write_files:
+  - path: /etc/ssh/sshd_config.d/99-cloud-init.conf
+    content: |
+      PasswordAuthentication yes
+      PermitRootLogin no
+
+runcmd:
+  - systemctl enable ssh
+  - systemctl start ssh
+  - curl -fsSL "http://10.130.60.141:5000/files/first-boot.sh" -o /tmp/first-boot.sh
+  - chmod +x /tmp/first-boot.sh
+  - /tmp/first-boot.sh
+  # - rm -f /tmp/first-boot.sh
+  - cloud-init single --name cc_final_message