AnotterKiosk/kiosk_skeleton/build.sh

#!/bin/bash
# This script is being run on the target debian platform

apt update
APT_LISTCHANGES_FRONTEND=none DEBIAN_FRONTEND=noninteractive apt dist-upgrade -y
DEBIAN_FRONTEND=noninteractive apt install -y lightdm openbox nginx php-fpm php-cli chromium autossh unclutter x11-xserver-utils xdotool htop nano openssh-server rsync x11vnc lm-sensors ntpdate scrot wireless-regdb fontconfig

rsync -a --chown=root:root "/kiosk_skeleton/." "/"

# Add emoji support
mkdir -p /home/pi/.fonts
wget --directory-prefix /home/pi/.fonts https://github.com/googlefonts/noto-emoji/raw/main/fonts/NotoColorEmoji.ttf
chown -hR pi:pi /home/pi

# Raspberry Pi specific modifications
# raspberrypi-net-mods does things like copying /boot/wpa_supplicant.conf to the root FS
apt remove -y raspberrypi-net-mods || true
# userconf-pi prevents lightdm from starting unless the default "pi" user is changed
apt remove -y userconf-pi || true
# RF emissions are blocked by default
rfkill unblock wlan || true

# fix file system permissions
chown -hR 0:0 /etc/sudoers.d/
chown -hR www-data:www-data /var/www/html/

mkdir -p /home/pi/.config/chromium/
chown -hR 1000:1000 /home/pi/.config/chromium/
mkdir -p /home/pi/.cache
chown -hR 1000:1000 /home/pi/.cache
mkdir -p /home/pi/.pki/
chown -hR 1000:1000 /home/pi/.pki/
mkdir -p /home/pi/.ssh
chown -hR 1000:1000 /home/pi/.ssh
mkdir -p /root/.ssh

mkdir -p /var/lib/lightdm
mkdir -p /var/lib/dhcpcd
mkdir -p /var/lib/nginx
mkdir -p /var/lib/private

echo "tmpfs		/dev/shm	tmpfs	mode=0777	0	0" >> /etc/fstab
echo "tmpfs		/tmp		tmpfs	mode=1777	0	0" >> /etc/fstab
echo "tmpfs		/run		tmpfs	mode=0755,nosuid,nodev	0	0" >> /etc/fstab
echo "tmpfs		/var/log	tmpfs		defaults,noatime,nosuid,mode=0755,size=100m    0 0" >> /etc/fstab
echo "tmpfs		/var/lib/lightdm	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
echo "tmpfs		/var/lib/dhcpcd	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
echo "tmpfs		/var/lib/nginx	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
echo "tmpfs		/var/lib/private	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
echo "tmpfs		/home/pi/.cache tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab
echo "tmpfs		/home/pi/.config/chromium/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab
echo "tmpfs		/home/pi/.pki/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab
echo "tmpfs		/home/pi/.ssh/ tmpfs mode=0700,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab
echo "tmpfs		/root/.ssh/ tmpfs mode=0700,nosuid,nodev,uid=0,gid=0  0       0" >> /etc/fstab

# Create symlinks for configuration files which will later get created at runtime (in /tmp)
rm /etc/hosts
rm /etc/hostname
mkdir -p /etc/wpa_supplicant/
ln -sf /tmp/hosts /etc/hosts
ln -sf /tmp/hostname /etc/hostname
ln -sf /tmp/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant.conf

systemctl daemon-reload

# remove unneccessary clutter
systemctl disable dphys-swapfile || true
systemctl disable ModemManager || true
systemctl disable avahi-daemon || true
systemctl disable bluetooth || true

systemctl enable kiosk-ssh-keys
systemctl enable kiosk-wifi
systemctl enable kiosk-autossh
systemctl enable kiosk-watchdog
systemctl enable kiosk-set-hostname
systemctl enable ntpdate
systemctl enable lightdm
systemctl enable nginx
systemctl enable ssh
systemctl enable kiosk-sechedule-screen.service
systemctl enable schedule-reboot.service
systemctl enable setup-refresh-timer.service
systemctl enable hyperiond

# Install Hyperion
curl -sSL https://apt.hyperion-project.org/hyperion.pub.key | gpg --dearmor -o /usr/share/keyrings/hyperion.pub.gpg
echo "deb [signed-by=/usr/share/keyrings/hyperion.pub.gpg] https://apt.hyperion-project.org/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/hyperion.list
apt update
apt install -y hyperion

# Run Hyperion as the 'pi' user
mkdir -p /etc/systemd/system/hyperiond.service.d
echo -e "[Service]\nUser=pi\nGroup=pi" > /etc/systemd/system/hyperiond.service.d/override.conf
chown -R pi:pi /var/lib/hyperion || true
chown -R pi:pi /etc/hyperion
usermod -a -G video pi

# generate a version info/build info file
echo -n "Chromium version: " >> /version-info
dpkg --list | grep "ii  chromium " >> /version-info

echo -n "Linux kernel version: " >> /version-info
ls /lib/modules/  | sort -r | head -n 1 >> /version-info
echo >> /version-info
Initial commit 2023-06-29 22:14:05 +02:00			`#!/bin/bash`
			`# This script is being run on the target debian platform`

			`apt update`
			`APT_LISTCHANGES_FRONTEND=none DEBIAN_FRONTEND=noninteractive apt dist-upgrade -y`
kiosk: add emoji support (NotoColorEmoji) 2023-07-01 01:14:16 +02:00			`DEBIAN_FRONTEND=noninteractive apt install -y lightdm openbox nginx php-fpm php-cli chromium autossh unclutter x11-xserver-utils xdotool htop nano openssh-server rsync x11vnc lm-sensors ntpdate scrot wireless-regdb fontconfig`
Initial commit 2023-06-29 22:14:05 +02:00
			`rsync -a --chown=root:root "/kiosk_skeleton/." "/"`
kiosk: add emoji support (NotoColorEmoji) 2023-07-01 01:14:16 +02:00
			`# Add emoji support`
			`mkdir -p /home/pi/.fonts`
			`wget --directory-prefix /home/pi/.fonts https://github.com/googlefonts/noto-emoji/raw/main/fonts/NotoColorEmoji.ttf`
Initial commit 2023-06-29 22:14:05 +02:00			`chown -hR pi:pi /home/pi`

			`# Raspberry Pi specific modifications`
			`# raspberrypi-net-mods does things like copying /boot/wpa_supplicant.conf to the root FS`
			`apt remove -y raspberrypi-net-mods \|\| true`
			`# userconf-pi prevents lightdm from starting unless the default "pi" user is changed`
			`apt remove -y userconf-pi \|\| true`
			`# RF emissions are blocked by default`
			`rfkill unblock wlan \|\| true`

			`# fix file system permissions`
			`chown -hR 0:0 /etc/sudoers.d/`
			`chown -hR www-data:www-data /var/www/html/`

			`mkdir -p /home/pi/.config/chromium/`
			`chown -hR 1000:1000 /home/pi/.config/chromium/`
Add x86 version 2023-06-30 13:58:30 +02:00			`mkdir -p /home/pi/.cache`
			`chown -hR 1000:1000 /home/pi/.cache`
Initial commit 2023-06-29 22:14:05 +02:00			`mkdir -p /home/pi/.pki/`
			`chown -hR 1000:1000 /home/pi/.pki/`
Proper SSH key handling (host keys, authorized keys and private keys) 2023-06-30 10:55:10 +02:00			`mkdir -p /home/pi/.ssh`
			`chown -hR 1000:1000 /home/pi/.ssh`
			`mkdir -p /root/.ssh`

Add x86 version 2023-06-30 13:58:30 +02:00			`mkdir -p /var/lib/lightdm`
			`mkdir -p /var/lib/dhcpcd`
			`mkdir -p /var/lib/nginx`
Readme: Fix link to kioskbrowser.ini Readme: Add x86 compatibility kiosk: Add tmpfs for /var/lib/private kiosk: Add custom motd kiosk: Add custom issue string kiosk: Fix systemd-logind and systemd-timesyncd readonly handling ntpdate: Autorestart on failure x86: Change EFI partition type to "Basic Data Partition" (was ESP) x86: Fix wpasupplicant package name x86: Set custom grub OS name CI: Combine workflows for all architectures 2023-06-30 23:52:37 +02:00			`mkdir -p /var/lib/private`
Add x86 version 2023-06-30 13:58:30 +02:00
Initial commit 2023-06-29 22:14:05 +02:00			`echo "tmpfs /dev/shm tmpfs mode=0777 0 0" >> /etc/fstab`
			`echo "tmpfs /tmp tmpfs mode=1777 0 0" >> /etc/fstab`
			`echo "tmpfs /run tmpfs mode=0755,nosuid,nodev 0 0" >> /etc/fstab`
			`echo "tmpfs /var/log tmpfs defaults,noatime,nosuid,mode=0755,size=100m 0 0" >> /etc/fstab`
			`echo "tmpfs /var/lib/lightdm tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab`
add more debug info 2023-06-30 00:22:49 +02:00			`echo "tmpfs /var/lib/dhcpcd tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab`
Add x86 version 2023-06-30 13:58:30 +02:00			`echo "tmpfs /var/lib/nginx tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab`
Readme: Fix link to kioskbrowser.ini Readme: Add x86 compatibility kiosk: Add tmpfs for /var/lib/private kiosk: Add custom motd kiosk: Add custom issue string kiosk: Fix systemd-logind and systemd-timesyncd readonly handling ntpdate: Autorestart on failure x86: Change EFI partition type to "Basic Data Partition" (was ESP) x86: Fix wpasupplicant package name x86: Set custom grub OS name CI: Combine workflows for all architectures 2023-06-30 23:52:37 +02:00			`echo "tmpfs /var/lib/private tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab`
Initial commit 2023-06-29 22:14:05 +02:00			`echo "tmpfs /home/pi/.cache tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab`
			`echo "tmpfs /home/pi/.config/chromium/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab`
			`echo "tmpfs /home/pi/.pki/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab`
Proper SSH key handling (host keys, authorized keys and private keys) 2023-06-30 10:55:10 +02:00			`echo "tmpfs /home/pi/.ssh/ tmpfs mode=0700,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab`
			`echo "tmpfs /root/.ssh/ tmpfs mode=0700,nosuid,nodev,uid=0,gid=0 0 0" >> /etc/fstab`
Initial commit 2023-06-29 22:14:05 +02:00
			`# Create symlinks for configuration files which will later get created at runtime (in /tmp)`
			`rm /etc/hosts`
			`rm /etc/hostname`
			`mkdir -p /etc/wpa_supplicant/`
			`ln -sf /tmp/hosts /etc/hosts`
			`ln -sf /tmp/hostname /etc/hostname`
			`ln -sf /tmp/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant.conf`

			`systemctl daemon-reload`

			`# remove unneccessary clutter`
x86: add wireless-regdb package x86: add firmware-ath9k-htc x86: move grub config to x86 skeleton kiosk: add StateDirectory for systemd-rfkill 2023-07-01 00:54:24 +02:00			`systemctl disable dphys-swapfile \|\| true`
			`systemctl disable ModemManager \|\| true`
			`systemctl disable avahi-daemon \|\| true`
			`systemctl disable bluetooth \|\| true`
Initial commit 2023-06-29 22:14:05 +02:00
Proper SSH key handling (host keys, authorized keys and private keys) 2023-06-30 10:55:10 +02:00			`systemctl enable kiosk-ssh-keys`
Initial commit 2023-06-29 22:14:05 +02:00			`systemctl enable kiosk-wifi`
			`systemctl enable kiosk-autossh`
			`systemctl enable kiosk-watchdog`
			`systemctl enable kiosk-set-hostname`
			`systemctl enable ntpdate`
			`systemctl enable lightdm`
			`systemctl enable nginx`
Readme: Fix link to kioskbrowser.ini Readme: Add x86 compatibility kiosk: Add tmpfs for /var/lib/private kiosk: Add custom motd kiosk: Add custom issue string kiosk: Fix systemd-logind and systemd-timesyncd readonly handling ntpdate: Autorestart on failure x86: Change EFI partition type to "Basic Data Partition" (was ESP) x86: Fix wpasupplicant package name x86: Set custom grub OS name CI: Combine workflows for all architectures 2023-06-30 23:52:37 +02:00			`systemctl enable ssh`
support for turning on and off the screen at certain times 2025-04-21 15:26:59 +00:00			`systemctl enable kiosk-sechedule-screen.service`
logic to schedule reboot based on time in ini file 2025-04-21 14:33:11 +00:00			`systemctl enable schedule-reboot.service`
fixes for all services and reverts 2025-06-04 12:59:05 +01:00			`systemctl enable setup-refresh-timer.service`
run hyperion as pi not root 2025-07-21 12:02:06 +01:00			`systemctl enable hyperiond`
logic to schedule reboot based on time in ini file 2025-04-21 14:33:11 +00:00
Revert to 1.0.8 and add Hyperion 2025-07-19 09:39:17 +01:00			`# Install Hyperion`
			`curl -sSL https://apt.hyperion-project.org/hyperion.pub.key \| gpg --dearmor -o /usr/share/keyrings/hyperion.pub.gpg`
			`echo "deb [signed-by=/usr/share/keyrings/hyperion.pub.gpg] https://apt.hyperion-project.org/ $(lsb_release -cs) main" \| tee /etc/apt/sources.list.d/hyperion.list`
			`apt update`
			`apt install -y hyperion`
Add version info and working CI 2023-06-29 23:47:30 +02:00
run hyperion as pi not root 2025-07-21 12:02:06 +01:00			`# Run Hyperion as the 'pi' user`
			`mkdir -p /etc/systemd/system/hyperiond.service.d`
			`echo -e "[Service]\nUser=pi\nGroup=pi" > /etc/systemd/system/hyperiond.service.d/override.conf`
			`chown -R pi:pi /var/lib/hyperion \|\| true`
			`chown -R pi:pi /etc/hyperion`
			`usermod -a -G video pi`

Add version info and working CI 2023-06-29 23:47:30 +02:00			`# generate a version info/build info file`
			`echo -n "Chromium version: " >> /version-info`
			`dpkg --list \| grep "ii chromium " >> /version-info`

			`echo -n "Linux kernel version: " >> /version-info`
kiosk: better handling of Linux kernel version reporting 2023-07-07 15:04:11 +02:00			`ls /lib/modules/ \| sort -r \| head -n 1 >> /version-info`
Add version info and working CI 2023-06-29 23:47:30 +02:00			`echo >> /version-info`