mirror of
				https://github.com/karl0ss/AnotterKiosk.git
				synced 2025-10-24 20:24:00 +01:00 
			
		
		
		
	Compare commits
	
		
			5 Commits
		
	
	
		
			cdd2bc2d02
			...
			968a171c6f
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 968a171c6f | |||
| 3581873b41 | |||
| 5934a79525 | |||
| 28d7d22cd5 | |||
| 81385f2f0e | 
							
								
								
									
										36
									
								
								.github/workflows/main.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										36
									
								
								.github/workflows/main.yml
									
									
									
									
										vendored
									
									
								
							| @ -1,43 +1,14 @@ | ||||
| name: CI | ||||
| 
 | ||||
| on: | ||||
|   create: { } | ||||
|   pull_request: { } | ||||
|   push: | ||||
|     tags: | ||||
|       - '*'  # Triggers on any tag push | ||||
| 
 | ||||
| permissions: | ||||
|   contents: write | ||||
| 
 | ||||
| jobs: | ||||
|   x86: | ||||
|     runs-on: [ubuntu-latest] | ||||
| 
 | ||||
|     outputs: | ||||
|       pkgfile: ${{ steps.pkgname.outputs.pkgfile }} | ||||
| 
 | ||||
|     steps: | ||||
|       - name: Check out repo | ||||
|         uses: actions/checkout@v2 | ||||
| 
 | ||||
|       - name: Install dependencies | ||||
|         run: | | ||||
|           sudo apt update -qq | ||||
|           sudo apt install -yqq libguestfs-tools qemu-utils qemu-system-x86 ovmf qemu-block-extra qemu-user-static binfmt-support rsync sudo wget xz-utils pigz mount dosfstools libarchive-tools | ||||
|            | ||||
|       - name: Build firmware | ||||
|         run: | | ||||
|           ./build_x86.sh | ||||
| 
 | ||||
|       - name: Release build artifacts | ||||
|         uses: softprops/action-gh-release@v1 | ||||
|         if: startsWith(github.ref, 'refs/tags/') | ||||
|         with: | ||||
|           append_body: true | ||||
|           body_path: ./version-info | ||||
|           files: | | ||||
|             ./anotterkiosk-* | ||||
|         env: | ||||
|           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||||
| 
 | ||||
|   raspberrypi: | ||||
|     runs-on: [self-hosted] | ||||
| 
 | ||||
| @ -59,7 +30,6 @@ jobs: | ||||
| 
 | ||||
|       - name: Release build artifacts | ||||
|         uses: softprops/action-gh-release@v1 | ||||
|         if: startsWith(github.ref, 'refs/tags/') | ||||
|         with: | ||||
|           append_body: true | ||||
|           body_path: ./version-info | ||||
|  | ||||
							
								
								
									
										88
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										88
									
								
								README.md
									
									
									
									
									
								
							| @ -1,20 +1,23 @@ | ||||
| N-AnotterKiosk (Not-AnotterKiosk) | ||||
| ============================= | ||||
| ================================= | ||||
| 
 | ||||
| ### I have hacked this about alot from the main branch, mainly Raspberry Pi changes | ||||
|  - Removed the RO filesystem | ||||
|  - Added scheduled screen on/off | ||||
|  - Added scheduled chrome page refresh | ||||
|  - Rpi3 Overclock settings | ||||
|  - Disabled KMS driver for HW screen rotation (screen rotated portrait by default) | ||||
| 
 | ||||
| - Removed x86 support | ||||
| - Added scheduled screen on/off | ||||
| - Added scheduled chrome page refresh | ||||
| - Rpi3 Overclock settings | ||||
| - Disabled KMS driver for HW screen rotation (screen rotated portrait by default) | ||||
| 
 | ||||
| ### Overview | ||||
| Another kiosk browser OS? Yes, this one is a little bit opinionated :)   | ||||
| 
 | ||||
| The author ran several similar setups in production for years and has seen a lot of problems and strange failure modes.   | ||||
| This project aims to solve a lot of those (at least for the author), it might also be useful for others :)   | ||||
| Another kiosk browser OS? Yes, this one is a little bit opinionated :) | ||||
| 
 | ||||
| The author ran several similar setups in production for years and has seen a lot of problems and strange failure modes. | ||||
| This project aims to solve a lot of those (at least for the author), it might also be useful for others :) | ||||
| 
 | ||||
| #### Key features | ||||
| 
 | ||||
| - [Images built via CI](https://github.com/Manawyrm/AnotterKiosk/blob/main/.github/workflows/main.yml) | ||||
| - WiFi connection support | ||||
| - Raspberry Pi (Arm64) compatibility | ||||
| @ -29,39 +32,46 @@ This project aims to solve a lot of those (at least for the author), it might al | ||||
| - SSH support | ||||
| - VNC support | ||||
| - SSH tunneling support (for remote-access without port-forwarding, etc.) | ||||
| - Basic API for Rpi Actions | ||||
| 
 | ||||
| #### Planned features: | ||||
| 
 | ||||
| - Raspberry Pi PXE/network boot support | ||||
| - Network connectivity watchdog (configurable ping, etc. timeout) | ||||
| - Automatic reboot at specified time | ||||
| 
 | ||||
| #### Security considerations: | ||||
| 
 | ||||
| - Autossh does not check SSH host keys. This is okay-ish as long as the target server only allows tunneling, nothing else. | ||||
| - nginx/PHP are allowed to use sudo/NOPASSWD (because it needs to query the VideoCore, manage service, etc.), more priviledge seperation would be nice | ||||
| - due to the skeleton mechanism, the system has some ... creative permissions. some cleanup required. | ||||
| 
 | ||||
| ### How-To Use | ||||
| Like any other Raspberry Pi image: download the current .img file from the [Releases](https://github.com/Manawyrm/AnotterKiosk/releases) page and flash it to a storage device of your choice.   | ||||
| SD cards, USB flash drives, USB SSDs, SATA SSDs, NVMe SSDs are all good options.   | ||||
| You can use a tool like the [Raspberry Pi Imager](https://www.raspberrypi.com/software/), [BalenaEtcher](https://etcher.balena.io/), [Win32DiskImager](https://sourceforge.net/projects/win32diskimager/) or plain "dd" on \*nix-like systems.    | ||||
| When using the latter two, make sure to extract the .gz compression first (using a tool like 7zip).   | ||||
| 
 | ||||
| After flashing, re-plug the storage device and open the FAT32 partition.   | ||||
| Open the [`kioskbrowser.ini`](https://github.com/Manawyrm/AnotterKiosk/blob/main/kiosk_skeleton/boot/kioskbrowser.ini) file in a text editor and change everything to your needs.   | ||||
| More complex WiFi setups (like WPA2-Enterprise) can be configured by creating a wpa_supplicant.conf.   | ||||
| Adding your own SSH keys can be done by creating a authorized_keys file.   | ||||
| Like any other Raspberry Pi image: download the current .img file from the [Releases](https://github.com/Manawyrm/AnotterKiosk/releases) page and flash it to a storage device of your choice. | ||||
| SD cards, USB flash drives, USB SSDs, SATA SSDs, NVMe SSDs are all good options. | ||||
| You can use a tool like the [Raspberry Pi Imager](https://www.raspberrypi.com/software/), [BalenaEtcher](https://etcher.balena.io/), [Win32DiskImager](https://sourceforge.net/projects/win32diskimager/) or plain "dd" on \*nix-like systems. | ||||
| When using the latter two, make sure to extract the .gz compression first (using a tool like 7zip). | ||||
| 
 | ||||
| After flashing, re-plug the storage device and open the FAT32 partition. | ||||
| Open the [`kioskbrowser.ini`](https://github.com/Manawyrm/AnotterKiosk/blob/main/kiosk_skeleton/boot/kioskbrowser.ini) file in a text editor and change everything to your needs. | ||||
| More complex WiFi setups (like WPA2-Enterprise) can be configured by creating a wpa_supplicant.conf. | ||||
| Adding your own SSH keys can be done by creating a authorized_keys file. | ||||
| If you want to use the autossh tunneling features, copy an SSH private key as either "id_rsa" or "id_ed25519". | ||||
| 
 | ||||
| ### HTTP watchdog functionality | ||||
| Browsers are complex, networks are unstable and software can be buggy.    | ||||
| 
 | ||||
| Browsers are complex, networks are unstable and software can be buggy. | ||||
| In order to get the highest reliability possible, self-hosted websites can be modified to include a heartbeat/watchdog functionality. | ||||
| This works by requesting a certain http-endpoint from the website at some interval.    | ||||
| This works by requesting a certain http-endpoint from the website at some interval. | ||||
| If your page is being reloaded often (like with a <meta refresh=-header), you can just load the heartbeat-URL as an image: | ||||
| 
 | ||||
| ```html | ||||
| <img src="http://localhost/heartbeat.php" style="display: none;"> | ||||
| ``` | ||||
| 
 | ||||
| If your page stays on one page for a long time (or is just a single-page application), you might want to use AJAX requests to send a heartbeat: | ||||
| 
 | ||||
| ```html | ||||
| <script> | ||||
| const req = new XMLHttpRequest(); | ||||
| @ -74,6 +84,46 @@ setInterval(function() { | ||||
| 
 | ||||
| Whenever the heartbeat stops (for whatever reason), the device will first restart the X11 environment (browser, window manager, etc.) and later (if it hasn't recovered) the whole system by rebooting. | ||||
| 
 | ||||
| ### API | ||||
| 
 | ||||
| Lightweight HTTP API for controlling and monitoring a Raspberry Pi-based kiosk system. It exposes several endpoints that allow you to query system status, control the display, refresh the screen, and reboot the device — all protected by an API key. | ||||
| 
 | ||||
| API key will be loaded from `/boot/kioskbrowser.ini` | ||||
| 
 | ||||
| ```ini | ||||
| [api] | ||||
| key = "My Key" | ||||
| ``` | ||||
| 
 | ||||
| #### Endpoints | ||||
| 
 | ||||
| All requests must include a key query parameter matching the API key from the INI file. | ||||
| 
 | ||||
| `GET /script.php?action=status&key=YOUR_API_KEY` | ||||
| Returns system status: | ||||
| 
 | ||||
| ```json | ||||
| { | ||||
|   "temperature": "temp=48.0'C", | ||||
|   "voltage": "volt=1.2000V", | ||||
|   "throttled": "throttled=0x0", | ||||
|   "heartbeat": "2025-06-09 14:33:12" | ||||
|  } | ||||
| ``` | ||||
| 
 | ||||
| `GET /script.php?action=screen_off&key=YOUR_API_KEY` | ||||
| Turns off the screen. | ||||
| 
 | ||||
| `GET /script.php?action=screen_on&key=YOUR_API_KEY` | ||||
| Turns on the screen. | ||||
| 
 | ||||
| `GET /script.php?action=screen_refresh&key=YOUR_API_KEY` | ||||
| Starts the screen-refresh.service to refresh the screen. | ||||
| 
 | ||||
| `GET /script.php?action=reboot&key=YOUR_API_KEY` | ||||
| Reboots the Raspberry Pi. | ||||
| 
 | ||||
| ### Inspiration / Other Kiosk-OSes: | ||||
| 
 | ||||
| - https://github.com/jareware/chilipie-kiosk/ | ||||
| - https://github.com/guysoft/FullPageOS | ||||
|  | ||||
| @ -7,10 +7,10 @@ SCRIPT_DIR="$(dirname "$(realpath "$0")")" | ||||
| BUILD_DIR="${SCRIPT_DIR}/work/root/" | ||||
| 
 | ||||
| # cleanup any previous build attempts | ||||
| umount -fl "${BUILD_DIR}" || true | ||||
| losetup -D /dev/loop0 || true | ||||
| rm -rf "${BUILD_DIR}" || true | ||||
| mkdir -p "${BUILD_DIR}" | ||||
| sudo umount -fl "${BUILD_DIR}" || true | ||||
| sudo losetup -D /dev/loop0 || true | ||||
| sudo rm -rf "${BUILD_DIR}" || true | ||||
| sudo mkdir -p "${BUILD_DIR}" | ||||
| 
 | ||||
| # download a modern RaspiOS build | ||||
| if [ ! -f raspios.img.xz ] | ||||
| @ -51,7 +51,7 @@ sed -i 's/vfat    defaults/vfat    ro,defaults/g' "${BUILD_DIR}/etc/fstab" | ||||
| sed -i 's/ext4    defaults/ext4    ro,defaults/g' "${BUILD_DIR}/etc/fstab" | ||||
| 
 | ||||
| # Include git repo version info | ||||
| echo -n "AnotterKiosk Raspberry Pi version: " > "${BUILD_DIR}/version-info" | ||||
| echo -n "N-AnotterKiosk Raspberry Pi version: " > "${BUILD_DIR}/version-info" | ||||
| git describe --abbrev=4 --dirty --always --tags >> "${BUILD_DIR}/version-info" | ||||
| 
 | ||||
| # Mount system partitions (from the build host) | ||||
| @ -84,5 +84,5 @@ sudo umount "${BUILD_DIR}" | ||||
| sudo losetup -D /dev/loop0 | ||||
| 
 | ||||
| tag=$(git describe --abbrev=4 --dirty --always --tags) | ||||
| mv raspikiosk.img anotterkiosk-${tag}-arm64-raspberrypi.img | ||||
| pigz -4 anotterkiosk-${tag}-arm64-raspberrypi.img | ||||
| mv raspikiosk.img n-anotterkiosk-${tag}-arm64-raspberrypi.img | ||||
| pigz -4 n-anotterkiosk-${tag}-arm64-raspberrypi.img | ||||
| @ -20,6 +20,10 @@ reboot_time = 04:00 | ||||
| ; configure chrome to refresh the page every x minutes | ||||
| ;refresh_screen_every_x_min=15 | ||||
| 
 | ||||
| [api] | ||||
| ; apikey to be sent with commands to /api.php | ||||
| key = "MyKey" | ||||
| 
 | ||||
| [wifi] | ||||
| ; If you need more complex WiFi settings (like WPA2-Enterprise, hidden SSIDs, etc.) | ||||
| ; create a file called wpa_supplicant.conf on this partition. | ||||
|  | ||||
							
								
								
									
										60
									
								
								kiosk_skeleton/var/www/html/api.php
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										60
									
								
								kiosk_skeleton/var/www/html/api.php
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,60 @@ | ||||
| <?php | ||||
| header('Content-Type: application/json'); | ||||
| 
 | ||||
| // Load API key from INI file
 | ||||
| $iniFile = '/boot/kioskbrowser.ini'; | ||||
| if (!file_exists($iniFile)) { | ||||
|     http_response_code(500); | ||||
|     echo json_encode(["error" => "INI file not found"]); | ||||
|     exit; | ||||
| } | ||||
| 
 | ||||
| $config = parse_ini_file($iniFile, true); | ||||
| $API_KEY = trim($config['api']['key'], "\"'"); // Remove any surrounding quotes
 | ||||
| 
 | ||||
| // API key check
 | ||||
| if (!isset($_GET['key']) || $_GET['key'] !== $API_KEY) { | ||||
|     http_response_code(403); | ||||
|     echo json_encode(["error" => "Forbidden"]); | ||||
|     exit; | ||||
| } | ||||
| 
 | ||||
| // Get action
 | ||||
| $action = $_GET['action'] ?? ''; | ||||
| 
 | ||||
| switch ($action) { | ||||
|     case 'status': | ||||
|         echo json_encode([ | ||||
|             'temperature' => trim(shell_exec("sudo vcgencmd measure_temp")), | ||||
|             'voltage'     => trim(shell_exec("sudo vcgencmd measure_volts")), | ||||
|             'throttled'   => trim(shell_exec("sudo vcgencmd get_throttled")), | ||||
|             'heartbeat'   => date("Y-m-d H:i:s", filemtime("/dev/shm/heartbeat")), | ||||
|         ]); | ||||
|         break; | ||||
| 
 | ||||
|     case 'screen_off': | ||||
|         shell_exec("sudo vcgencmd display_power 0"); | ||||
|         echo json_encode(["message" => "Screen turned off"]); | ||||
|         break; | ||||
| 
 | ||||
|     case 'screen_on': | ||||
|         shell_exec("sudo vcgencmd display_power 1"); | ||||
|         echo json_encode(["message" => "Screen turned on"]); | ||||
|         break; | ||||
| 
 | ||||
|     case 'screen_refresh': | ||||
|         shell_exec("sudo systemctl start screen-refresh.service"); | ||||
|         echo json_encode(["message" => "Screen refreshed"]); | ||||
|         break; | ||||
| 
 | ||||
|     case 'reboot': | ||||
|         shell_exec("sudo reboot"); | ||||
|         echo json_encode(["message" => "Rebooting"]); | ||||
|         break; | ||||
| 
 | ||||
|     default: | ||||
|         http_response_code(400); | ||||
|         echo json_encode(["error" => "Invalid action"]); | ||||
|         break; | ||||
| } | ||||
| ?>
 | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user