Fix deploy script
This commit is contained in:
parent
179722d50c
commit
1ebadd5a8d
2
app.py
2
app.py
|
|
@ -15,7 +15,7 @@ config_locations = ["./", "~/.", "~/.config/"]
|
||||||
for location in config_locations:
|
for location in config_locations:
|
||||||
# Optional config files, ~ is expanded to $HOME on *nix, %USERPROFILE% on windows
|
# Optional config files, ~ is expanded to $HOME on *nix, %USERPROFILE% on windows
|
||||||
# ~ app.config.from_file("videopi.toml", load=toml.load, silent=True)
|
# ~ app.config.from_file("videopi.toml", load=toml.load, silent=True)
|
||||||
if app.config.from_file(os.path.expanduser( location + "pilpil.toml"), load=toml.load, silent=True):
|
if app.config.from_file(os.path.expanduser( location + "pilpil-server.toml"), load=toml.load, silent=True):
|
||||||
print("Found configuration file in " + os.path.expanduser( location ))
|
print("Found configuration file in " + os.path.expanduser( location ))
|
||||||
# ~ app.config.from_file(os.path.expanduser("~/.config/videopi.toml"), load=toml.load, silent=True)
|
# ~ app.config.from_file(os.path.expanduser("~/.config/videopi.toml"), load=toml.load, silent=True)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -28,11 +28,23 @@ sha256 : 0fe3fe76d0e56e445124fa20646fa8b3d8c59568786b3ebc8a96d83d92f203e3
|
||||||
* Use nginx reverse proxy + SSL between server and clients ( https://medium.com/@antelle/how-to-generate-a-self-signed-ssl-certificate-for-an-ip-address-f0dd8dddf754 )
|
* Use nginx reverse proxy + SSL between server and clients ( https://medium.com/@antelle/how-to-generate-a-self-signed-ssl-certificate-for-an-ip-address-f0dd8dddf754 )
|
||||||
* Webgui beautifying
|
* Webgui beautifying
|
||||||
|
|
||||||
# DOING NEXT :
|
## 0.4 : 2022-10-19-videopi.img.xz
|
||||||
* Install script ; Wifi setup, generate/install SSH keys/ nginx cert/key fore each host
|
md5 :
|
||||||
|
sha256 :
|
||||||
|
|
||||||
|
* Apt upgrade
|
||||||
|
* Switch to user 'pil', pw 'pilpoil'
|
||||||
|
* client config file parsing ( look for 'pilpil-client.toml' in ./, ~/., ~/.config/)
|
||||||
|
* Add media folder sync (scp, rsync, http upload)
|
||||||
|
* General filesystem clean up
|
||||||
|
|
||||||
|
# DOING NEXT :
|
||||||
|
* ~ Test static IP
|
||||||
|
* Test with several rpis
|
||||||
|
|
||||||
# DONE :
|
# DONE :
|
||||||
* media sync (scp, rsync, http)
|
* media sync (scp, rsync, http)
|
||||||
|
* Install script ; Wifi setup, generate/install SSH keys/ nginx SSL cert/key fore each host, change hostname, static IPs
|
||||||
|
|
||||||
# OTHER:
|
# OTHER:
|
||||||
* get_client_rssi.sh on server
|
* get_client_rssi.sh on server
|
||||||
|
|
@ -40,11 +52,10 @@ sha256 : 0fe3fe76d0e56e445124fa20646fa8b3d8c59568786b3ebc8a96d83d92f203e3
|
||||||
# TODO :
|
# TODO :
|
||||||
* FR localisation
|
* FR localisation
|
||||||
* GUI : Btn hover/press ?
|
* GUI : Btn hover/press ?
|
||||||
* ~ Test static IP
|
|
||||||
* Test with several rpis
|
|
||||||
* ? Scripts hotspot linux/win/mac
|
* ? Scripts hotspot linux/win/mac
|
||||||
* ? Config sync
|
* ? Config sync
|
||||||
* ? Change hostname on first start
|
* ?
|
||||||
* ? Linux Minimal Virtualbox image
|
* ? Linux Minimal Virtualbox image
|
||||||
* ! Remove git personal details/resolv.conf, remove authorized_keys, clean home, re-enable ssh pw login
|
* ! Remove git personal details/resolv.conf, remove authorized_keys, ssh config, clean home, re-enable ssh pw login
|
||||||
* ~ Doc
|
* ~ Doc
|
||||||
|
|
|
||||||
|
|
@ -2,8 +2,8 @@
|
||||||
DEBUG = 0
|
DEBUG = 0
|
||||||
useSSL = false
|
useSSL = false
|
||||||
CAfile = "selfCA.crt"
|
CAfile = "selfCA.crt"
|
||||||
# Could be scp, sftp ?
|
# scp, rsync, http
|
||||||
sync_facility = "rsync"
|
sync_facility = "http"
|
||||||
media_folder_local = "~/Videos"
|
media_folder_local = "~/Videos"
|
||||||
media_folder_remote = "~/Videos"
|
media_folder_remote = "~/Videos"
|
||||||
media_exts = []
|
media_exts = []
|
||||||
|
|
|
||||||
|
|
@ -32,15 +32,15 @@ then
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
DD_BS="128K"
|
DD_BS="128K"
|
||||||
DISK_IMAGE="$HOME/niels/2022-10-09-videopi.img.xz"
|
DISK_IMAGE="$HOME/niels/imgs/2022-10-19-pilpil.img.xz"
|
||||||
CONFIG_DIR="$HOME/niels/flasktest"
|
CONFIG_DIR="$HOME/niels/flasktest"
|
||||||
PI_USER="pi"
|
PI_USER="pil"
|
||||||
BOOT_MOUNT="/run/media/$USER/boot"
|
BOOT_MOUNT="/run/media/$USER/boot"
|
||||||
ROOTFS_MOUNT="/run/media/$USER/rootfs"
|
ROOTFS_MOUNT="/run/media/$USER/rootfs"
|
||||||
#~ LOCAL_MEDIA_DIR="$HOME/Videos"
|
#~ LOCAL_MEDIA_DIR="$HOME/Videos"
|
||||||
LOCAL_MEDIA_DIR="$HOME/niels/medias"
|
LOCAL_MEDIA_DIR="$HOME/niels/medias"
|
||||||
REMOTE_MEDIA_DIR="$ROOTFS_MOUNT/home/pi/Videos"
|
REMOTE_MEDIA_DIR="$ROOTFS_MOUNT/home/$PI_USER/Videos"
|
||||||
IP_RANGE="10.42.0.0"
|
IP_RANGE="10.42.0.1"
|
||||||
SSID="omen"
|
SSID="omen"
|
||||||
PASSWD="EpQmSmXH123"
|
PASSWD="EpQmSmXH123"
|
||||||
IFW="wlo1"
|
IFW="wlo1"
|
||||||
|
|
@ -76,14 +76,14 @@ read -n 4 CLIENT_NUMBER
|
||||||
green "Got $CLIENT_NUMBER...\n"
|
green "Got $CLIENT_NUMBER...\n"
|
||||||
# Get first IP in specified range and add 1
|
# Get first IP in specified range and add 1
|
||||||
IP=$(echo $IP_RANGE | awk -F. '{print $4}')
|
IP=$(echo $IP_RANGE | awk -F. '{print $4}')
|
||||||
((IP++))
|
|
||||||
echo -e "First IP is $IP ...\n"
|
echo -e "First IP is $(($IP+1)) ...\n"
|
||||||
# Remove IP's last byte
|
# Remove IP's last byte
|
||||||
IP_RANGE_3B=$(echo $IP_RANGE | awk -F. '{print $1"."$2"."$3"."}')
|
IP_RANGE_3B=$(echo $IP_RANGE | awk -F. '{print $1"."$2"."$3"."}')
|
||||||
# Generate SSL cert with IPs in IP_RANGE
|
# Generate SSL cert with IPs in IP_RANGE
|
||||||
IP_CNT=$IP
|
IP_CNT=$(($IP+1))
|
||||||
IP_ARRAY=()
|
IP_ARRAY=()
|
||||||
while [ $IP_CNT -le $CLIENT_NUMBER ]
|
while [ $IP_CNT -le $(($CLIENT_NUMBER+$IP)) ]
|
||||||
do
|
do
|
||||||
IP_ARRAY+=("IP:$IP_RANGE_3B$IP_CNT")
|
IP_ARRAY+=("IP:$IP_RANGE_3B$IP_CNT")
|
||||||
((IP_CNT++))
|
((IP_CNT++))
|
||||||
|
|
@ -107,7 +107,7 @@ do
|
||||||
HOST_NAME="videopi-$(echo $HOST | awk -F. '{print $4}')"
|
HOST_NAME="videopi-$(echo $HOST | awk -F. '{print $4}')"
|
||||||
# 1. Copy img to sd
|
# 1. Copy img to sd
|
||||||
green "Operation 1/13 : Imaging $SDCARD with the file $DISK_IMAGE ...\n"
|
green "Operation 1/13 : Imaging $SDCARD with the file $DISK_IMAGE ...\n"
|
||||||
red "Are you sure you want to erase the content of $SDCARD ? Type uppercase 'yes' to confirm."
|
red "Are you sure you want to ERASE THE CONTENT of $SDCARD ? Type uppercase 'yes' to confirm."
|
||||||
read -n 4 GO_DD
|
read -n 4 GO_DD
|
||||||
if [ "$GO_DD" != "YES" ]
|
if [ "$GO_DD" != "YES" ]
|
||||||
then
|
then
|
||||||
|
|
@ -123,13 +123,17 @@ do
|
||||||
umount $BOOT_MOUNT
|
umount $BOOT_MOUNT
|
||||||
umount $ROOTFS_MOUNT
|
umount $ROOTFS_MOUNT
|
||||||
green "Operation 3/13 : Remounting $BOOT_MOUNT and $ROOTFS_MOUNT ...\n"
|
green "Operation 3/13 : Remounting $BOOT_MOUNT and $ROOTFS_MOUNT ...\n"
|
||||||
|
echo "Remounting..."
|
||||||
|
sleep 1
|
||||||
systemctl --user restart gvfs-udisks2-volume-monitor
|
systemctl --user restart gvfs-udisks2-volume-monitor
|
||||||
|
sleep 3
|
||||||
green "Operation 4/13 : Changing hostname to $HOST_NAME ...\n"
|
green "Operation 4/13 : Changing hostname to $HOST_NAME ...\n"
|
||||||
# Change hostname
|
# Change hostname
|
||||||
echo "$HOST_NAME" | tee "$ROOTFS_MOUNT/etc/hostname"
|
echo "$HOST_NAME" | sudo tee "$ROOTFS_MOUNT/etc/hostname"
|
||||||
## Enable SSH
|
## Enable SSH
|
||||||
green "Operation 5/13 : Enabling SSH server on boot ...\n"
|
green "Operation 5/13 : Enabling SSH server on boot ...\n"
|
||||||
touch "$BOOT_MOUNT/ssh"
|
touch "$BOOT_MOUNT/ssh"
|
||||||
|
sync
|
||||||
## Generate SSH private/public key and install it - Disable passwd login
|
## Generate SSH private/public key and install it - Disable passwd login
|
||||||
green "Operation 6/13 : Generating private/public SSH key as $HOME/.ssh/$HOST_NAME ...\n"
|
green "Operation 6/13 : Generating private/public SSH key as $HOME/.ssh/$HOST_NAME ...\n"
|
||||||
ssh-keygen -t ed25519 -f "$HOME/.ssh/$HOST_NAME" -N ""
|
ssh-keygen -t ed25519 -f "$HOME/.ssh/$HOST_NAME" -N ""
|
||||||
|
|
@ -141,11 +145,13 @@ do
|
||||||
echo -e "Host $HOST\n\tIdentityFile ~/.ssh/$HOST_NAME\n\tUser $PI_USER" | tee -a "$HOME/.ssh/config"
|
echo -e "Host $HOST\n\tIdentityFile ~/.ssh/$HOST_NAME\n\tUser $PI_USER" | tee -a "$HOME/.ssh/config"
|
||||||
fi
|
fi
|
||||||
# Copy public key to rpi
|
# Copy public key to rpi
|
||||||
green "Operation 7/13 : Installing public SSH key $HOME/.ssh/$HOST.pub in $ROOTFS_MOUNT/home/pi/.ssh/authorized_keys...\n"
|
green "Operation 7/13 : Installing public SSH key $HOME/.ssh/$HOST.pub in $ROOTFS_MOUNT/home/$PI_USER/.ssh/authorized_keys...\n"
|
||||||
sudo cp "$HOME/.ssh/$HOST_NAME.pub" "$ROOTFS_MOUNT/home/pi/.ssh/authorized_keys"
|
sudo cp "$HOME/.ssh/$HOST_NAME.pub" "$ROOTFS_MOUNT/home/$PI_USER/.ssh/authorized_keys"
|
||||||
|
sync
|
||||||
# Disable PW login
|
# Disable PW login
|
||||||
green "Operation 8/13 : Disabling SSH password based login in $ROOTFS_MOUNT/etc/ssh/sshd_config ...\n"
|
green "Operation 8/13 : Disabling SSH password based login in $ROOTFS_MOUNT/etc/ssh/sshd_config ...\n"
|
||||||
echo -e "PasswordAuthentication no\nChallengeResponseAuthentication no\nUsePAM no" | sudo tee -a "$ROOTFS_MOUNT/etc/ssh/sshd_config"
|
echo -e "PasswordAuthentication no\nChallengeResponseAuthentication no\nUsePAM no" | sudo tee -a "$ROOTFS_MOUNT/etc/ssh/sshd_config"
|
||||||
|
sync
|
||||||
# 3. Configure wifi with static IP
|
# 3. Configure wifi with static IP
|
||||||
green "Operation 9/13 : Configuring wireless connection to $SSID with pw $PASSWD : ...\n"
|
green "Operation 9/13 : Configuring wireless connection to $SSID with pw $PASSWD : ...\n"
|
||||||
echo "
|
echo "
|
||||||
|
|
@ -163,17 +169,21 @@ do
|
||||||
# https://fr.wikipedia.org/wiki/Liste_des_canaux_Wi-Fi#Bande_2,4_GHz
|
# https://fr.wikipedia.org/wiki/Liste_des_canaux_Wi-Fi#Bande_2,4_GHz
|
||||||
# scan_freq=2412 2437 2462
|
# scan_freq=2412 2437 2462
|
||||||
}" | sudo tee "$ROOTFS_MOUNT/etc/wpa_supplicant/wpa_supplicant.conf"
|
}" | sudo tee "$ROOTFS_MOUNT/etc/wpa_supplicant/wpa_supplicant.conf"
|
||||||
|
sync
|
||||||
# Request specific IP to dhcp server
|
# Request specific IP to dhcp server
|
||||||
green "Operation 10/13 : Setting static IP $HOST in $ROOTFS_MOUNT/etc/dhcpcd.conf...\n"
|
green "Operation 10/13 : Setting static IP $HOST in $ROOTFS_MOUNT/etc/dhcpcd.conf...\n"
|
||||||
echo -e "interface wlan0\nrequest $HOST" | sudo tee -a "$ROOTFS_MOUNT/etc/dhcpcd.conf"
|
echo -e "interface wlan0\nrequest $HOST" | sudo tee -a "$ROOTFS_MOUNT/etc/dhcpcd.conf"
|
||||||
|
sync
|
||||||
# 5. Install previously generated SSL key/crt
|
# 5. Install previously generated SSL key/crt
|
||||||
#sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout "$ROOTFS_MOUNT/etc/ssl/private/nginx-selfsigned.key" -out "$ROOTFS_MOUNT/etc/ssl/certs/nginx-selfsigned.crt"
|
#sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout "$ROOTFS_MOUNT/etc/ssl/private/nginx-selfsigned.key" -out "$ROOTFS_MOUNT/etc/ssl/certs/nginx-selfsigned.crt"
|
||||||
green "Operation 11/13 : Installing public SSH key $CONFIG_DIR/selfCA.crt in $ROOTFS_MOUNT/etc/ssl/certs/ ...\n"
|
green "Operation 11/13 : Installing public SSH key $CONFIG_DIR/selfCA.crt in $ROOTFS_MOUNT/etc/ssl/certs/ ...\n"
|
||||||
sudo cp "$CONFIG_DIR/selfCA.crt" "$ROOTFS_MOUNT/etc/ssl/certs/nginx-selfsigned.crt"
|
sudo cp "$CONFIG_DIR/selfCA.crt" "$ROOTFS_MOUNT/etc/ssl/certs/nginx-selfsigned.crt"
|
||||||
sudo cp "$CONFIG_DIR/selfCA.key" "$ROOTFS_MOUNT/etc/ssl/private/nginx-selfsigned.key"
|
sudo cp "$CONFIG_DIR/selfCA.key" "$ROOTFS_MOUNT/etc/ssl/private/nginx-selfsigned.key"
|
||||||
|
sync
|
||||||
# 6. Copy medias
|
# 6. Copy medias
|
||||||
green "Operation 12/13 : Syncing media folder $LOCAL_MEDIA_DIR/ with $REMOTE_MEDIA_DIR/ \n"
|
green "Operation 12/13 : Syncing media folder $LOCAL_MEDIA_DIR/ with $REMOTE_MEDIA_DIR/ \n"
|
||||||
rsync -auv "$LOCAL_MEDIA_DIR/" "$REMOTE_MEDIA_DIR/"
|
sudo rsync -auv "$LOCAL_MEDIA_DIR/" "$REMOTE_MEDIA_DIR/"
|
||||||
|
sync
|
||||||
# Unmount FS
|
# Unmount FS
|
||||||
green "Operation 13/13 : Unmounting filesystems"
|
green "Operation 13/13 : Unmounting filesystems"
|
||||||
umount $BOOT_MOUNT
|
umount $BOOT_MOUNT
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
DEBUG = 0
|
DEBUG = 0
|
||||||
useSSL = true
|
useSSL = true
|
||||||
CAfile = "selfCA.crt"
|
CAfile = "selfCA.crt"
|
||||||
# Can be rsync, scp, http
|
# scp, rsync, http
|
||||||
sync_facility = "http"
|
sync_facility = "http"
|
||||||
media_folder_local = "../medias"
|
media_folder_local = "../medias"
|
||||||
media_folder_remote = "/home/pi/Videos/"
|
media_folder_remote = "/home/pi/Videos/"
|
||||||
|
|
@ -116,7 +116,7 @@ Lancer la commande `raspi-config`, puis aller dans "1 System Options", "S5 Boot
|
||||||
```
|
```
|
||||||
sudo apt-get update
|
sudo apt-get update
|
||||||
# min
|
# min
|
||||||
sudo apt-get install vlc va-driver-all va-driver vdpau-driver-all python3-minimal python3-flask python3-waitress
|
sudo apt-get install vlc vlc-plugin-base va-driver-all va-driver vdpau-driver-all python3-minimal python3-flask python3-waitress python3-toml
|
||||||
# build
|
# build
|
||||||
# sudo apt-get install vlc git dkms firmware-realtek firmware-iwlwifi firmware-ipw2x00 firmware-atheros raspberrypi-kernel-headers build-essential va-driver-all va-driver vdpau-driver-all
|
# sudo apt-get install vlc git dkms firmware-realtek firmware-iwlwifi firmware-ipw2x00 firmware-atheros raspberrypi-kernel-headers build-essential va-driver-all va-driver vdpau-driver-all
|
||||||
```
|
```
|
||||||
|
|
|
||||||
31
selfCA.crt
31
selfCA.crt
|
|
@ -1,31 +0,0 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIFPjCCAyagAwIBAgIUeI1nNbqXYM/kIZ0h8dYhtPox5D4wDQYJKoZIhvcNAQEL
|
|
||||||
BQAwJjEPMA0GA1UECAwGRGVuaWFsMRMwEQYDVQQDDAoxMC40Mi4wLjAxMB4XDTIy
|
|
||||||
MTAxODE4MDMxNloXDTI3MTAxNzE4MDMxNlowJjEPMA0GA1UECAwGRGVuaWFsMRMw
|
|
||||||
EQYDVQQDDAoxMC40Mi4wLjAxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
|
|
||||||
AgEAtpxaV4/De4M8mjdNR/78GCrBydfhQwK4SxrRwMdlHByyMT14bJB+3qRGNFqp
|
|
||||||
n5pUr8CORf/WVNDuB4naBP4UPVUPt65P8juQO4+/DFFs0SzNzpQhWEHZD7oJQFGO
|
|
||||||
RftTIKZnGSHLt1qtgtC0VqlVTXOGi2Gsss2u6vIGqagydziFvJRdjc4026Z1Zlzz
|
|
||||||
qfdoUIIhrZoxHepNSyy0JXb6ITJCzW+sFqcQNnwdSu1ddzr315mFa9+Dkayew0Bf
|
|
||||||
WRO+HQJnmznHAEOv5qnkrGqfs/u+Hjpfq98cBzE6feOjPMNcSmhnYViGYOJKaj2i
|
|
||||||
uJq+fMPPexD/NnL9PdpFta6xDGB+2qkc3NOAXLRYd1WoBvt0OVFVnou8bghBOT1I
|
|
||||||
R8Vab3fOj37cCNAWp3hOQ+/Noi2t7ipjDW7aTXGrvciigdGPXSHAfOl32PWNB3UI
|
|
||||||
n5q3IBpuOt0L/+VaOaXZ319AcV/Dx26p6Y26qz/i6lc7xfUJW28Y1W3hn9zVnQjT
|
|
||||||
s6H6lGwS5s3AJSiztmfrCWmi96O1IzKODxaJA23h3/XLpUu/2DsNnY63DMTgyRXZ
|
|
||||||
0QZcxUROGIiogkyvemOu6Bk69bwew8p72DJCUsmb7RgkK6MwLfthQIb8ZFUntnAa
|
|
||||||
Nkzucw8YCFc99us9fR33kCJVlo3rbDSynBadJ7x6wH+/lVkCAwEAAaNkMGIwHQYD
|
|
||||||
VR0OBBYEFMqFFNXp4jpIJDW8AQyAH1e0yGmUMB8GA1UdIwQYMBaAFMqFFNXp4jpI
|
|
||||||
JDW8AQyAH1e0yGmUMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0RBAgwBocECioAATAN
|
|
||||||
BgkqhkiG9w0BAQsFAAOCAgEAoW4Zk8woNFf4D4G1ZdaNwmfcjLMvFFMOwRHDdESQ
|
|
||||||
doJcdKNSaqj62FXDoU95niDig0ObzX+SML+2KS/WZqjPiRzi7U/AEb0i+/GeU5m8
|
|
||||||
8hKqOsJOZ8DwwuDw/Z7pJBg2nh83Zf4WeY9HAvPddDQgev2IEZEHTzL1wvmsXD85
|
|
||||||
arbPbICQ5mTULMoiUjUsf5UmCvt1QvHVVgDeS1uNovKNYHxFM8WLwJYUxSjuSkHo
|
|
||||||
PlLcjE24t1M8AYOHNSSU5FyFVrT+zJ/OvJ/62UgeO5UXlwKqexfNUT3bll5WP9iV
|
|
||||||
taNif3JQ02lgD7qw0Xjg9shXBoLr6xuIEbGXmOJuvVMx4LYoQGEJTv7URzkJnb7x
|
|
||||||
hI4yMSmrOA7HQXyWDuBds1kTpvyiupexZOhHaRSAYPTxuQeRiWc8r3vFJx0ULV6b
|
|
||||||
CLmQDfczGLMFE5HDpMrT81YSzr6ZNQVNprzKAEpRF+VVUs2idouHgLF/O5SSrtoI
|
|
||||||
24voyvf2P6/ffKi9+3XtsoysyRjpxtX3B6qimpFvUv0C2wNrVS2FNO36xWv15I9v
|
|
||||||
AR1LTJzOLE4Jjghi1xxhRe96ydZ1d8IVvykkkvACW3cJqTh3vorwNCEDvhj1D7G+
|
|
||||||
dVUKUowAXR0rtzGr6TB6F0AYrQT4jhm0UFLRna2ihGbqDRECS5GrCP9k+aVid5OB
|
|
||||||
DC8=
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
Loading…
Reference in New Issue