Refactor build-cloudinit-image.sh and deploy-to-proxmox.sh to improve image management: streamline image download process, enhance error handling for checksum verification, and ensure proper directory creation for cloud-init images. Update deployment scripts for better user feedback and reliability.

2026-02-20 07:47:01 +02:00
parent d3c4e4b7f1
commit 9c533e95f9
3 changed files with 223 additions and 0 deletions
--- a/chromium-setup/emmc-provisioning/cloud-init/first-boot.md
+++ b/chromium-setup/emmc-provisioning/cloud-init/first-boot.md
@@ -0,0 +1,105 @@
 # first-boot.sh — Documentation
 This script runs once on first boot via cloud-init (see `user-data-remote-gnss.example`). It installs packages, configures a Chromium kiosk with KDE Plasma and touch support, and installs the reTerminal DM display/touch drivers. It must run as **root**.
 ---
 ## Script header and environment
 - **`set -e`** — Exit immediately if any command fails.
 - **`DEBIAN_FRONTEND=noninteractive`** — Prevents apt from asking questions (assumes default or automatic answers).
 ---
 ## Packages
 Installs the software needed for the rest of the script and for the kiosk:
 | Package | Purpose |
 |--------|---------|
 | **git** | Clone the Seeed Linux DTOverlays repo for reTerminal DM drivers. |
 | **chromium-browser** | Full-screen kiosk browser. |
 | **wmctrl** | Window control; used to force Chromium into fullscreen. |
 | **openssh-server** | SSH access (often also enabled in user-data). |
 | **kde-plasma-desktop** | KDE Plasma desktop (X11 session used for Chromium). |
 | **maliit-keyboard** | On-screen keyboard for touch input. |
 | **xinput-calibrator** | Touchscreen calibration (optional; run manually if needed). |
 ---
 ## Autostart directory
 Creates `/home/pi/.config/autostart` so that `.desktop` files placed there are started when user `pi` logs into the graphical session.
 ---
 ## Chromium kiosk files (from file server)
 Does **not** create the kiosk files locally; it downloads them from your file server:
 - **`FILE_SERVER`** — Base URL (default: `http://10.130.60.141:5000/files`). Change this if your server is elsewhere.
 - **`start-chromium.sh`** — Downloaded to `/home/pi/start-chromium.sh`, made executable (755), owned by `pi`. This script waits for the desktop, starts Chromium in kiosk mode (e.g. `--app=...`), and uses `wmctrl` to force fullscreen.
 - **`chromium-kiosk.desktop`** — Downloaded to `/home/pi/.config/autostart/chromium-kiosk.desktop`, mode 644, owned by `pi`. This autostart entry runs `start-chromium.sh` when `pi` logs in.
 Ensure the `.desktop` file on the server has `Exec=/home/pi/start-chromium.sh` (or the path you use on the device).
 ---
 ## KDE Plasma: default session (X11)
 Writes `/etc/lightdm/lightdm.conf.d/99-default-session.conf` so the display manager (LightDM) uses the **Plasma X11** session (`plasmax11`) instead of Wayland. Chromium kiosk is configured for X11, so this is required for it to run correctly.
 ---
 ## KDE touch-friendly settings
 Two config files for user `pi` to improve touch and window behaviour:
 - **`/home/pi/.config/kdeglobals`** — `ForceFontDPI=120` for larger, more readable UI on the small screen.
 - **`/home/pi/.config/kwinrc`** — `BorderlessMaximizedWindows=true` and `touchpointsEnabled=true` for better touch and fullscreen behaviour.
 Both are owned by `pi:pi` with mode 644.
 ---
 ## On-screen keyboard (Maliit)
 Creates `/home/pi/.config/autostart/maliit-keyboard.desktop` so that **Maliit** (`maliit-keyboard -r`) starts when `pi` logs in. This gives an on-screen keyboard for touch-only use.
 ---
 ## Ownership for pi’s config
 Runs `chown -R pi:pi /home/pi/.config` so all files under `pi`’s config directory are owned by `pi`. Ensures the desktop session runs as `pi` without permission issues.
 ---
 ## Default X session manager
 Runs `update-alternatives --set x-session-manager /usr/bin/startplasma-x11` so the default graphical session is KDE Plasma on X11. Matches the LightDM setting above and ensures the kiosk and Maliit run in the same X11 session.
 ---
 ## reTerminal DM: Seeed display/touch drivers
 Installs the official Seeed drivers for the reTerminal DM so the display and touch work:
 1. Clones **https://github.com/Seeed-Studio/seeed-linux-dtoverlays** into `/tmp/seeed-linux-dtoverlays` (`--depth 1` for a shallow clone).
 2. Runs **`scripts/reTerminal.sh --device reTerminal-DM`** to install device-tree overlays and any required firmware/config for the reTerminal DM.
 3. Removes the clone from `/tmp`.
 These changes take effect after a reboot.
 ---
 ## Reboot
 Runs **`reboot`** so the kernel and display stack load the new Seeed drivers. After reboot, the screen and touch should work, and the next login as `pi` will start the Chromium kiosk and Maliit via the autostart entries.
 ---
 ## Customisation
 - **File server** — Edit `FILE_SERVER` if your `start-chromium.sh` and `chromium-kiosk.desktop` are served from another host/port.
 - **Kiosk URL** — The URL Chromium opens is defined in `start-chromium.sh` on your file server (e.g. `--app=http://127.0.0.1:8080`); change it there.
 - **User** — If you use a user other than `pi`, replace `pi` in this script and in the files on the file server (paths and ownership).
--- a/chromium-setup/emmc-provisioning/cloud-init/first-boot.sh
+++ b/chromium-setup/emmc-provisioning/cloud-init/first-boot.sh
@@ -0,0 +1,81 @@
 #!/bin/bash
 # First-boot script: install packages, Chromium kiosk, KDE Plasma + touch.
 # Intended to be downloaded and run by cloud-init (see user-data-remote-gnss.example).
 # Run as root.
 set -e
 export DEBIAN_FRONTEND=noninteractive
 # Packages
 apt-get update -qq
 apt-get install -y -qq \
  git \
  chromium-browser \
  wmctrl \
  openssh-server \
  kde-plasma-desktop \
  maliit-keyboard \
  xinput-calibrator
 # Autostart dir for user pi
 mkdir -p /home/pi/.config/autostart
 # Chromium kiosk files from file server
 FILE_SERVER="http://10.130.60.141:5000/files"
 curl -fsSL "${FILE_SERVER}/start-chromium.sh" -o /home/pi/start-chromium.sh
 chmod 755 /home/pi/start-chromium.sh
 chown pi:pi /home/pi/start-chromium.sh
 curl -fsSL "${FILE_SERVER}/chromium-kiosk.desktop" -o /home/pi/.config/autostart/chromium-kiosk.desktop
 chmod 644 /home/pi/.config/autostart/chromium-kiosk.desktop
 chown pi:pi /home/pi/.config/autostart/chromium-kiosk.desktop
 # KDE Plasma: default session (X11 for Chromium)
 mkdir -p /etc/lightdm/lightdm.conf.d
 cat > /etc/lightdm/lightdm.conf.d/99-default-session.conf << 'LIGHTDM'
 [Seat:*]
 user-session=plasmax11
 LIGHTDM
 # KDE touch-friendly
 cat > /home/pi/.config/kdeglobals << 'KDE'
 [General]
 ForceFontDPI=120
 KDE
 chown pi:pi /home/pi/.config/kdeglobals
 chmod 644 /home/pi/.config/kdeglobals
 cat > /home/pi/.config/kwinrc << 'KWIN'
 [Windows]
 BorderlessMaximizedWindows=true
 [Plugins]
 touchpointsEnabled=true
 KWIN
 chown pi:pi /home/pi/.config/kwinrc
 chmod 644 /home/pi/.config/kwinrc
 # On-screen keyboard (maliit)
 cat > /home/pi/.config/autostart/maliit-keyboard.desktop << 'MALIIT'
 [Desktop Entry]
 Type=Application
 Name=Maliit Keyboard
 Exec=maliit-keyboard -r
 X-GNOME-Autostart-enabled=true
 MALIIT
 chown pi:pi /home/pi/.config/autostart/maliit-keyboard.desktop
 chmod 644 /home/pi/.config/autostart/maliit-keyboard.desktop
 # Ownership for all of pi's config
 chown -R pi:pi /home/pi/.config
 # Set KDE Plasma (X11) as default session
 update-alternatives --set x-session-manager /usr/bin/startplasma-x11 2>/dev/null || true
 # reTerminal DM: install Seeed display/touch drivers (screen will work after reboot)
 REPO_DIR="/tmp/seeed-linux-dtoverlays"
 git clone --depth 1 https://github.com/Seeed-Studio/seeed-linux-dtoverlays "$REPO_DIR"
 "$REPO_DIR/scripts/reTerminal.sh" --device reTerminal-DM
 rm -rf "$REPO_DIR"
 # Reboot so display and touch work
 reboot
--- a/chromium-setup/emmc-provisioning/cloud-init/user-data-remote-gnss.example
+++ b/chromium-setup/emmc-provisioning/cloud-init/user-data-remote-gnss.example
@@ -0,0 +1,37 @@
 #cloud-config
 # Example: create user (pi), enable SSH, then download and run first-boot.sh to install
 # Chromium kiosk, KDE Plasma, and touch options. Edit FIRST_BOOT_URL to point to your
 # hosted first-boot.sh (e.g. file server or raw GitHub).
 #
 # 1. Generate a password hash: mkpasswd -m sha-512 'YourPassword' or openssl passwd -6 'YourPassword'
 #    Paste the full output into the passwd: line below.
 # 2. Host first-boot.sh (same dir as this repo: cloud-init/first-boot.sh) at FIRST_BOOT_URL.
 # 3. To use a different username than "pi", replace every "pi" in this file and in first-boot.sh.
 package_update: true
 package_upgrade: false
 packages:
  - curl
 users:
  - name: pi
    groups: [adm, sudo, video]
    lock_passwd: false
    passwd: "$6$7xWGhGc6d1lJx1dU$4E8r1mkzVj51bjEbfzdP8wPxso..C36LbXkqU/X4oBGq94aGFMSrZb0PVI8zs/Om1Jm97/D..Apy2HTdCn3FV1"
    shell: /bin/bash
 write_files:
  - path: /etc/ssh/sshd_config.d/99-cloud-init.conf
    content: |
      PasswordAuthentication yes
      PermitRootLogin no
 runcmd:
  - systemctl enable ssh
  - systemctl start ssh
  - curl -fsSL "http://10.130.60.141:5000/files/first-boot.sh" -o /tmp/first-boot.sh
  - chmod +x /tmp/first-boot.sh
  - /tmp/first-boot.sh
  # - rm -f /tmp/first-boot.sh
  - cloud-init single --name cc_final_message