Added sysdweb

inventory.yml

@@ -23,4 +23,6 @@ all:
           sensor_room_name: Küche
   vars:
     ansible_python_interpreter: /usr/bin/python3
-
+    squeezeserver: 192.168.178.80
+    home_assistant_url: https://ha.bauer.tech
+    home_assistant_token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIxNjkxMWIzZmQ4ZWU0NDI0OTg0MjA0ZDllMDhkNGRlMCIsImlhdCI6MTU3ODE3MDU5MSwiZXhwIjoxODkzNTMwNTkxfQ.i7CdXEZy9DV9KPHAl-msK0rOfIUlPYo4zwwJ4UGhXuc

pis/01-download-and-prepare-raspi-image.yml

@@ -1,96 +0,0 @@
-# Run with
-# ansible-playbook 01-download-and-prepare-raspi-image.yml
----
-
-- hosts: 127.0.0.1
-  connection: local
-  gather_facts: false
-  vars:
-    target_folder: "/media/martin/data_linux/tmp/"
-  vars_prompt:
-    - name: "ansible_become_pass"
-      prompt: "Sudo password to mount raspi image"
-    - name: "new_hostname"
-      prompt: "New hostname for the PI"
-      private: no
-  tasks:
-    # --- Preparation ---
-    - name: Download Raspian image
-      get_url:
-        url: "https://downloads.raspberrypi.org/raspbian_lite_latest"
-        dest: "{{target_folder}}/raspian_lite_latest.zip"
-    - name: Unpack Image
-      unarchive:
-        src: "{{target_folder}}/raspian_lite_latest.zip"
-        dest:  "{{target_folder}}"
-        creates: "{{target_folder}}/*raspbian*.img"
-    - name: Make Folders to mount to
-      file:
-        path: "{{item}}"
-        state: directory
-      with_items:
-        - "{{target_folder}}/mounted_raspi_image"
-        - "{{target_folder}}/mounted_raspi_image/boot"
-        - "{{target_folder}}/mounted_raspi_image/system"
-    - name: Setup Loopback
-      become: true
-      shell:
-        cmd: "losetup -P /dev/loop42 {{target_folder}}/*raspbian*.img"
-        creates: "/dev/loop42p1"
-    - name: Mount Boot Partition
-      become: true
-      shell:
-        warn: false
-        cmd: "mount /dev/loop42p1 {{target_folder}}/mounted_raspi_image/boot"
-        creates: "{{target_folder}}/mounted_raspi_image/boot/kernel.img"
-    - name: Mount System Partition
-      become: true
-      shell:
-        warn: false
-        cmd: "mount /dev/loop42p2 {{target_folder}}/mounted_raspi_image/system"
-        creates: "{{target_folder}}/mounted_raspi_image/system/bin"
-    # --- Actual work ---
-    - name: "Add SSH File to boot partition to allow for first remote login"
-      become: true
-      file:
-        path: "{{target_folder}}/mounted_raspi_image/boot/ssh"
-        state: touch
-    - name: "Writing new hostname to /etc/hostname"
-      become: true
-      copy:
-        content: "{{new_hostname}}"
-        dest: "{{target_folder}}/mounted_raspi_image/system/etc/hostname"
-    # --- Wind-down
-    - name: Unmount System Partition
-      become: true
-      shell:
-        warn: false
-        cmd: "umount /dev/loop42p2"
-        removes: "{{target_folder}}/mounted_raspi_image/system/bin"
-    - name: Unmount Boot Partition
-      become: true
-      shell:
-        warn: false
-        cmd: "umount /dev/loop42p1"
-        removes: "{{target_folder}}/mounted_raspi_image/boot/kernel.img"
-    - name: Tear down loop device
-      become: true
-      shell:
-        cmd: "losetup -d /dev/loop42"
-        removes: "/dev/loop42p1"
-    - name: Remove folders
-      file:
-        path: "{{item}}"
-        state: absent
-      with_items:
-        - "{{target_folder}}/mounted_raspi_image"
-        - "{{target_folder}}/mounted_raspi_image/boot"
-        - "{{target_folder}}/mounted_raspi_image/system"
-        - "{{target_folder}}/raspian_lite_latest.zip"
-    - name: Final Image
-      debug:
-        msg: |
-          The prepared image is ready at {{target_folder}}.
-          Copy it to sdcard with
-          dd bs=4M status=progress if=the_image of=/dev/your/sdcard
-          use e.g. /dev/sdb not /dev/sdb1 !

pis/02-provision_new_pi.yml

@@ -1,109 +0,0 @@
-# Run with
-# ansible-playbook -i raspberrypi, 02-provision_new_pi.yml
-# where "raspberrypi" is the hostname of the pi
----
-
-- hosts: kitchenpi
-  gather_facts: false
-  vars:
-    timezone: "Europe/Berlin"
-    wifi_country: "DE"
-    wifi_ssid: "" # put SSID here to configure wifi
-    wifi_pass_url: "bauer_wifi"  # has to be in keepass with url "wifi_pass_url"
-    ansible_ssh_pass: raspberry
-    ansible_become: yes
-    ansible_become_password: raspberry
-    new_hostname: "" # set this to change the hostname
-  vars_prompt:
-    - name: ansible_user
-      prompt: "User to connect with, put in 'pi' here if you connect the first time, else leave empty"
-      default: root
-  tasks:
-    - name: Do apt update/upgrade
-      apt: upgrade=yes update_cache=yes cache_valid_time=7200
-    - name: Detect Raspi Model
-      slurp: src=/sys/firmware/devicetree/base/model
-      register: raspberry_model
-    - name: Show Raspi Model
-      debug: msg={{ raspberry_model.content | b64decode }}
-    - name: Add authorized SSH key to root account
-      authorized_key:
-        user: root
-        key: "{{ lookup('file', '../public_keys/martin_laptop.pub') }}"
-        state: present
-    - name: Activate root login with key
-      lineinfile:
-        path: /etc/ssh/sshd_config
-        regexp: "^#?PermitRootLogin"
-        line: "PermitRootLogin prohibit-password"
-      notify: restart sshd
-    - name: Deactive SSH accepting locale vars (leads to warnings)
-      lineinfile:
-        path: /etc/ssh/sshd_config
-        regexp: "^#?AcceptEnv LANG LC_*"
-        line: "#AcceptEnv LANG LC_*"
-      notify: restart sshd
-    - name: Get hostname
-      command: "raspi-config nonint get_hostname"
-      register: pi_hostname
-      changed_when: False
-    - name: Change hostname to {{ new_hostname }}
-      command: "raspi-config nonint do_hostname {{ new_hostname }}"
-      when: new_hostname | bool and pi_hostname.stdout != new_hostname
-    - name: set boot mode to CLI
-      command: "raspi-config nonint do_boot_behaviour B1"
-    #I2 Change Timezone
-    - name: Change timezone
-      command: "raspi-config nonint do_change_timezone {{ timezone }}"
-    - name: Change locale
-      command: "raspi-config nonint do_change_locale en_US.UTF-8"
-    - name: Change password of default pi account
-      user:
-        name: pi
-        update_password: always
-        password: "{{ lookup('keepass', 'default_rpi_password') | password_hash('sha512')  }}"
-    - name: Install Packages (vim, git, basic python stuff)
-      apt:
-        name:
-          - vim
-          - git
-          - python3
-          - python3-pip
-          - python3-wheel
-        cache_valid_time: 7200
-        state: present
-    - name: Copy vim config
-      copy: src=../configs/vimrc dest=/root/.vimrc
-    - name: Copy git config
-      copy: src=../configs/gitconfig dest=/root/.gitconfig
-    # Wifi
-    - name: Get WiFi country
-      command: "raspi-config nonint get_wifi_country"
-      register: wifi_country
-      changed_when: False
-      ignore_errors: yes #to avoid error when WiFi is not present
-    - name: Change WiFi country
-      command: "raspi-config nonint do_wifi_country {{ wifi_country }}"
-    - name: Set WiFi credentials
-      command: "raspi-config nonint do_wifi_ssid_passphrase {{ wifi_ssid }} {{ lookup('keepass', wifi_pass_url) }}"
-      when: wifi_ssid | bool
-    # Message of the day
-    - name: Set Message of the day
-      copy: src=configs/motd/{{ inventory_hostname }} dest=/etc/motd
-    #- name: Remove motd tail
-    #  copy: dest=/etc/motd.
-    # LED off script
-    - name: Copy led off script
-      copy: src=configs/raspi-leds-off.sh dest=/usr/sbin/raspi-leds-off.sh mode="u+rwx"
-    - name: Copy led off service
-      copy: src=configs/raspi-leds-off.service dest=/lib/systemd/system/
-    - name: Activate led off servic
-      systemd: name=raspi-leds-off state=restarted enabled=yes daemon_reload=yes
-
-  handlers:
-    - name: restart sshd
-      service:
-        name: sshd
-        state: restarted
-
-

pis/03-shairport-install.yml

@@ -1,44 +0,0 @@
-# Install instructions taken from
-#   https://github.com/mikebrady/shairport-sync/blob/master/INSTALL.md
-
----
-
-- hosts: kitchenpi
-  gather_facts: false
-  vars:
-    shairport_sync_version: "3.3.5"
-  remote_user: root
-  tasks:
-    - name: Apt install dependencies
-      apt:
-        cache_valid_time: 7200
-        state: present
-        name:
-          - build-essential
-          - git
-          - xmltoman
-          - autoconf
-          - automake
-          - libtool
-          - libpopt-dev
-          - libconfig-dev
-          - libasound2-dev
-          - avahi-daemon
-          - libavahi-client-dev
-          - libssl-dev
-          - libsoxr-dev
-    - name: Build and Install Shairport sync (may take a while)
-      script: "scripts/build-shairport-sync.sh ${shairport_sync_version}"
-      args:
-        creates: /usr/local/bin/shairport-sync
-    - name: Copy config
-      template: src=configs/shairport-sync.conf dest=/etc/shairport-sync.conf
-    - name: Sync alsa config
-      template: src=configs/asound.conf dest=/etc/asound.conf
-    - name: Modify service file to run as root
-      lineinfile:
-        path: /lib/systemd/system/shairport-sync.service
-        regexp: "^#?User="
-        line: "User=root"
-    - name: Restart shairport-sync
-      systemd: name=shairport-sync state=restarted enabled=yes daemon_reload=yes

pis/04-squeezelite.yml

@@ -1,14 +0,0 @@
----
-
-- hosts: kitchenpi
-  gather_facts: false
-  remote_user: root
-  tasks:
-    - name: Apt install squeezelite package
-      apt: name=squeezelite cache_valid_time=7200 state=present
-    - name: Install config file
-      template: src=configs/squeezelite.cfg dest=/etc/default/squeezelite
-    - name: Sync alsa config
-      template: src=configs/asound.conf dest=/etc/asound.conf
-    - name: Restart squeezelite
-      systemd: name=squeezelite state=restarted enabled=yes daemon_reload=yes

pis/05-lirc.yml

@@ -1,49 +0,0 @@
----
-# lirc needs to be custom compiled on this kernel
-# https://gist.github.com/billpatrianakos/cb72e984d4730043fe79cbe5fc8f7941
-- hosts: kitchenpi
-  gather_facts: false
-  remote_user: root
-  tasks:
-    #- name: Apt install lirc package
-    #  apt: name=lirc cache_valid_time=7200 state=present
-    #  ignore_errors: yes
-    - name: Install config file lirc_options.conf
-      copy: src=configs/lirc/lirc_options.conf dest=/etc/lirc/lirc_options.conf
-    - name: Install config file lircd.conf
-      copy: src=configs/lirc/lircd.conf dest=/etc/lirc/lircd.conf
-    - name: Install remote file
-      copy: src=configs/lirc/hauppauge.conf dest=/etc/lirc/hauppauge.conf
-    - name: create temporary directory
-      tempfile:
-        state: directory
-        suffix: temp
-      register: tempdir
-    - name: Copy over lirc customly compiled lirc packages
-      copy:
-        src: configs/lirc/debs/
-        dest: "{{ tempdir.path }}"
-      when: tempdir.path is defined
-    - name: Install custom lirc package 1
-      apt:
-        deb: "{{ tempdir.path }}/liblirc0_0.10.1-5.2_armhf.deb"
-      when: tempdir.path is defined
-    - name: Install custom lirc package 2
-      apt:
-        deb: "{{ tempdir.path }}/liblircclient0_0.10.1-5.2_armhf.deb"
-      when: tempdir.path is defined
-    - name: Install custom lirc package 3
-      apt:
-        deb: "{{ tempdir.path }}/lirc_0.10.1-5.2_armhf.deb"
-      when: tempdir.path is defined
-    - name: Activate overlay in boot config
-      lineinfile:
-        path: /boot/config.txt
-        regexp: "^#?dtoverlay=gpio-ir"
-        line: "dtoverlay=gpio-ir,gpio_pin=17"
-      register: boot_overlay
-    - name: Restart lircd
-      systemd: name=lircd state=restarted enabled=yes daemon_reload=yes
-    - name: Reboot if boot overlay changed
-      reboot:
-      when: boot_overlay.changed

pis/06-hifiberry.yml

@@ -1,27 +0,0 @@
----
-
-- hosts: newrpi
-  gather_facts: false
-  remote_user: root
-  tasks:
-    - name: Deactivate normal audio
-      lineinfile:
-        path: /boot/config.txt
-        regexp: "^#?dtparam=audio=on"
-        line: "#dtparam=audio=on"
-      register: boot_overlay1
-    - name: Activate Hifiberry
-      lineinfile:
-        path: /boot/config.txt
-        regexp: "^#?dtoverlay=hifiberry-amp"
-        line: "dtoverlay=hifiberry-amp"
-      register: boot_overlay2
-    #- name: Reboot if boot overlay changed
-    #  reboot:
-    #  when: boot_overlay1.changed or boot_overlay2.changed
-
-
-## State in /boot/config.txt
-#  dtoverlay=hifiberry-amp
-#  # remove old:
-#  #dtparam=audio=on

pis/07-dhtsensor.yml

@@ -1,20 +0,0 @@
----
-
-- hosts: kitchenpi
-  gather_facts: false
-  remote_user: root
-  tasks:
-    - name: apt install libgpiod2
-      apt: name=libgpiod2 cache_valid_time=7200 state=present
-    - name: pip install adafruit-circuitpython-dht
-      pip:
-        name: adafruit-circuitpython-dht
-        executable: pip3
-    - name: Install script config
-      template: src=configs/dht22_sensing.json dest=/etc/dht22_sensing.json
-    - name: Install script
-      copy: src=configs/dht22_sensing.py dest=/usr/bin/dht22_sensing owner=root mode=u+rwx
-    - name: Install systemd service file
-      copy: src=configs/dht22_sensing.service dest=/lib/systemd/system/
-    - name: Add script to autostart and start now
-      systemd: name=dht22_sensing state=restarted enabled=yes daemon_reload=yes

pis/notes.md

@@ -1,2 +0,0 @@
-/etc/modules
-    -> bedroompi: snd-bcm2835

pis/sensor.py

@@ -1,24 +0,0 @@
-# -*- coding: utf-8 -*-
-import requests
-
-key = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIxNjkxMWIzZmQ4ZWU0NDI0OTg0MjA0ZDllMDhkNGRlMCIsImlhdCI6MTU3ODE3MDU5MSwiZXhwIjoxODkzNTMwNTkxfQ.i7CdXEZy9DV9KPHAl-msK0rOfIUlPYo4zwwJ4UGhXuc"
-url = "https://ha.bauer.tech"
-
-headers = {
-    'x-ha-access': key,
-    'Authorization': "Bearer {}".format(key)
-}
-
-apiurl = url + "/api/states/sensor.schlafzimmer_temperatur"
-
-data = {
-    "state": "19",
-    "attributes": {
-        "device_class": "temperature",
-        "friendly_name": "Schlafzimmer Temperatur",
-        "unit_of_measurement": "°C"
-    }
-}
-r = requests.post(apiurl, json=data, headers=headers)
-
-print(r)

roles/pi-hifiberry-amp/handlers/main.yml

@@ -0,0 +1,7 @@
+- name: restart sshd
+  service:
+    name: sshd
+    state: restarted
+- name: reboot
+  reboot:
+

roles/pi-shairport/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: pi-alsasetup

roles/pi-squeezelite/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: pi-alsasetup

roles/pi-standard-setup/defaults/main.yml

@@ -0,0 +1,13 @@
+---
+wifi_ssid:    ""      # put SSID here to configure wifi
+ansible_user: "root"  # "User to connect with, put in 'pi' here if you connect the first time, else leave empty"
+new_hostname: ""      # set this to change the hostname
+
+
+timezone:                "Europe/Berlin"
+wifi_country:            "DE"
+wifi_pass_url:           "bauer_wifi"  # has to be in keepass with url "wifi_pass_url"
+ansible_ssh_pass:        "raspberry"
+ansible_become_password: "raspberry"
+ansible_become:          yes
+

roles/pi-standard-setup/handlers/main.yml

@@ -0,0 +1,7 @@
+- name: restart sshd
+  service:
+    name: sshd
+    state: restarted
+- name: reboot
+  reboot:
+

roles/pi-standard-setup/tasks/main.yml

@@ -0,0 +1,86 @@
+---
+- name: Do apt update/upgrade
+  apt: upgrade=yes update_cache=yes cache_valid_time=7200
+- name: Detect Raspi Model
+  slurp: src=/sys/firmware/devicetree/base/model
+  register: raspberry_model
+- name: Show Raspi Model
+  debug: msg={{ raspberry_model.content | b64decode }}
+- name: Add authorized SSH key to root account
+  authorized_key:
+    user: root
+    key: "{{ lookup('file', 'sshkey.pub') }}"
+    state: present
+- name: Activate root login with key
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^#?PermitRootLogin"
+    line: "PermitRootLogin prohibit-password"
+  notify: restart sshd
+- name: Deactive SSH accepting locale vars (leads to warnings)
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^#?AcceptEnv LANG LC_*"
+    line: "#AcceptEnv LANG LC_*"
+  notify: restart sshd
+- name: Get hostname
+  command: "raspi-config nonint get_hostname"
+  register: pi_hostname
+  changed_when: False
+- name: Change hostname to {{ new_hostname }}
+  command: "raspi-config nonint do_hostname {{ new_hostname }}"
+  when: new_hostname | bool and pi_hostname.stdout != new_hostname
+  register: set_hostname
+  notify: reboot
+- name: Get hostname
+  command: "raspi-config nonint get_hostname"
+  when: set_hostname.changed
+  register: pi_hostname
+  changed_when: False
+- name: set boot mode to CLI
+  command: "raspi-config nonint do_boot_behaviour B1"
+#I2 Change Timezone
+- name: Change timezone
+  command: "raspi-config nonint do_change_timezone {{ timezone }}"
+- name: Change locale
+  command: "raspi-config nonint do_change_locale en_US.UTF-8"
+- name: Change password of default pi account
+  user:
+    name: pi
+    update_password: always
+    password: "{{ lookup('keepass', 'default_rpi_password') | password_hash('sha512')  }}"
+- name: Install Packages (vim, git, basic python stuff)
+  apt:
+    name:
+      - vim
+      - git
+      - python3
+      - python3-pip
+      - python3-wheel
+    cache_valid_time: 7200
+    state: present
+- name: Copy vim config
+  copy: src=vimrc dest=/root/.vimrc
+- name: Copy git config
+  copy: src=gitconfig dest=/root/.gitconfig
+# Wifi
+- name: Get WiFi country
+  command: "raspi-config nonint get_wifi_country"
+  register: wifi_country
+  changed_when: False
+  ignore_errors: yes #to avoid error when WiFi is not present
+- name: Change WiFi country
+  command: "raspi-config nonint do_wifi_country {{ wifi_country }}"
+- name: Set WiFi credentials
+  command: "raspi-config nonint do_wifi_ssid_passphrase {{ wifi_ssid }} {{ lookup('keepass', wifi_pass_url) }}"
+  when: wifi_ssid | bool
+# Message of the day
+- name: Set Message of the day
+  copy: src=motd/{{ pi_hostname.stdout }} dest=/etc/motd
+# LED off script
+- name: Copy led off script
+  copy: src=configs/raspi-leds-off.sh dest=/usr/sbin/raspi-leds-off.sh mode="u+rwx"
+- name: Copy led off service
+  copy: src=raspi-leds-off.service dest=/lib/systemd/system/
+- name: Activate led off servic
+  systemd: name=raspi-leds-off state=restarted enabled=yes daemon_reload=yes

roles/pi-sysdweb/files/sysdweb-system.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Control systemd services through Web or REST API
+Documentation=https://github.com/ogarcia/sysdweb
+After=network.target
+Requires=dbus.socket
+
+[Service]
+ExecStart=/usr/local/bin/sysdweb -p 10080 -l 0.0.0.0
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target

roles/pi-sysdweb/tasks/main.yml

@@ -0,0 +1,38 @@
+---
+
+- name: Apt install python3-pip
+  apt: 
+    name: python3-pip 
+    cache_valid_time: 7200
+    state: present
+- name: Install sysdweb
+  pip:
+    name: sysdweb
+    executable: pip3
+- name: sysdweb user
+  user:
+    name: sysdweb
+    shell: /usr/bin/nologin
+    password: "$6$TcTD23xOXln$RxN3Kd0vJRaxffoyKqjoBJM0Q5Va6REBVZ6BOgmGXs3fTAWc7voSW5QcN35t9pfro2do0LeSaeGsrMLbArZ.2."
+    update_password: always
+- name: Configure sysdweb user
+  blockinfile:
+    path: /etc/sysdweb.conf
+    create: true
+    marker: "# {mark} ansible user"
+    block : |
+      [DEFAULT]
+      users = sysdweb
+- name: Configure sysdweb
+  blockinfile:
+    path: /etc/sysdweb.conf
+    create: true
+    marker: "# {mark} ansible managed for {{sysdweb_name}}"
+    block: |
+      [{{sysdweb_name}}]
+      title = {{sysdweb_name}}
+      unit = {{sysdweb_name}}.service
+- name: Install systemd service file
+  copy: src=sysdweb-system.service dest=/lib/systemd/system/
+- name: Enable sysdweb autostart
+  systemd: name=sysdweb-system state=restarted enabled=yes daemon_reload=yes

scripts/create-raspian-image/create-raspian-image.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+
+set -e  # exit on error
+
+TARGET_FOLDER="./rpi_image"
+VERSION="2020-02-13"
+
+echo "This script downloads raspian lite, and modifies the image to  enable SSH and set hostname"
+
+if [[ $EUID -ne 0 ]]; then
+   echo "This script must be run as root"
+   exit 1
+fi
+
+echo -n Hostname of new pi
+read -p "Hostname of new pi [newrpi]: " RPI_HOSTNAME
+RPI_HOSTNAME=${HOSTNAME:-newrpi}
+SCRIPT_DIR=`pwd`
+mkdir -p $TARGET_FOLDER
+cd $TARGET_FOLDER
+
+
+echo "Downloading image"
+IMG_FILE_BASENAME=${VERSION}-raspbian-buster-lite.zip
+wget http://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-${VERSION}/${IMG_FILE_BASENAME}.zip
+wget http://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-${VERSION}/${IMG_FILE_BASENAME}.zip.sha256
+
+
+echo "Checksum verification"
+sha256sum -c ${IMG_FILE_BASENAME}.zip.sha256
+
+
+echo "Unpack image"
+unzip ${IMG_FILE_BASENAME}.zip
+rm ${IMG_FILE_BASENAME}.zip
+
+
+echo "Mounting image"
+mkdir mounted_image
+mkdir mounted_image/boot
+mkdir mounted_image/system
+losetup -P /dev/loop42 ${IMG_FILE_BASENAME}.img
+mount /dev/loop42p1 mounted_image/boot
+mount /dev/loop42p2 mounted_image/system
+
+
+echo "Enabling SSH and writing hostname"
+echo $RPI_HOSTNAME > mounted_image/system/etc/hostname
+touch mounted_image/boot/ssh  # startup ssh
+sed -i "/^#PermitRootLogin/ cPermitRootLogin prohibit-password" mounted_image/system/etc/ssh/sshd_config
+mkdir -p mounted_image/system/root/.ssh
+cat $SCRIPT_DIR/public_keys/*.pub > mounted_image/system/root/.ssh/authorized_keys
+chmod 700 mounted_image/system/root/.ssh
+chmod 600 mounted_image/system/root/.ssh/authorized_keys
+
+echo "Unmounting image"
+umount /dev/loop42p1
+umount /dev/loop42p2
+losetup -d /dev/loop42
+rmdir mounted_image/boot
+rmdir mounted_image/system
+
+
+echo ""
+echo ""
+echo "The image is ready in folder ${TARGET_FOLDER}"
+echo "copy to SD card with"
+echo "  dd bs=4M status=progress if=the_image of=/dev/your/sdcard"
+echo "  use e.g. /dev/sdb not /dev/sdb1"

scripts/create-raspian-image/sshkey.pub

@@ -0,0 +1,2 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu66CgHoF+v1z5ydpu0SJzPuAa0eARLLggMAJY4vWcLfLTTlFjwPpO9kjkr4acUL5uLHZkAFqXQZC91io80bIfyBiM1i1yBq290x8sETgoNHrNzvcCQUBAeCxhcogi68F14BbpwBbejDTPKKybpuuAnVPj9YiHVFEDbqjLwoEY+HH7SkCsrK8qTyp9rHzwPGk0xPBwTnCPXqzvUCr/4H+m/5lamVIOW6XYoqnvAp5jP0mbadrmB0PwvK8cfgwPJWQeLJcqwl87mwHjjlrCinkpQbd2D8mR798bGmW/iTZ7GLCkyBNE34qKg24CzE0scWjqyWICXOrTYUXLORDt99/F martin@Laptop
+