diff --git a/.gitignore b/.gitignore index bdb1f96..46b9e5a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ src/.env src/provision.log *.img usbboot/ + +*__pycache__* \ No newline at end of file diff --git a/.python-version b/.python-version new file mode 100644 index 0000000..04e2079 --- /dev/null +++ b/.python-version @@ -0,0 +1 @@ +3.12.8 diff --git a/README.md b/README.md index 2cc5b34..9663547 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ - use base-image that was created with pi-gen_auracaster sudo apt update && sudo apt upgrade -y -git clone https://gitea.pstruebi.xyz/auracaster/bumble-auracast +git clone https://gitea.summitwave.work/auracaster/bumble-auracast sudo apt install -y pipewire wireplumber pipewire-audio-client-libraries rtkit cpufrequtils @@ -65,3 +65,22 @@ git clone https://github.com/raspberrypi/usbboot bash gen-secure-msd-sig.sh bash rpi-boot-secure.sh + + +# Step by step instructions to provision one device + +- bridge flash jumper +- connect cm rpi board +- connect usb to rpi4 USE A USB2 PORT! +- connect the outer network port to switch (BUT WITHOUT POE) with rpi4 and laptop in same network +- access the webinterface with ssh -L 3141:127.0.0.1:3142 pi@192.168.178.52 +- run provision.py from rpi4 (to ensure ssh key) +``` +poetry run python src/provision.py 10.11.0.59 --name +``` + +Give it a new and input in the manufacturing/devices.ods + + +- flash radio firmware +- hci uart repo \ No newline at end of file diff --git a/src/provision.py b/src/provision.py index 2039f41..d5adf06 100644 --- a/src/provision.py +++ b/src/provision.py @@ -234,6 +234,7 @@ def step_git_pull(iot_host: str, branch: str = "main"): remote = ( "set -e\n" "cd ~/bumble-auracast\n" + "git remote set-url origin https://gitea.summitwave.work/auracaster/bumble-auracast\n" f"git fetch origin {shlex.quote(branch)} --tags\n" "LATEST_TAG=$(git tag --sort=-v:refname | head -n 1)\n" "if [ -z \"$LATEST_TAG\" ]; then\n" @@ -356,6 +357,42 @@ def step_start_app(iot_host: str, app: str): "err": stderr[-1000:], } +def step_add_ssh_key(iot_host: str): + """Add Paul's SSH key to the device's authorized_keys. + + Adds the SSH key for user 'paul' to the caster user's authorized_keys. + """ + ssh_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDg4R0lZEGAlaJnMBYi0ZuX9tZ7aJtpeYTY0JcffYZjU3ynY/GEvonvMcQq2pdO1OY1awqZQ4drAhQc195MDZCFS6iof6AsGU17MEIEEmFvIANbLwGFYFv0fDwDAZLdY4HZtEIyNZZkfX32O0v1xSSrueFM8N6PkCYQBjhRFLZpBi5jkwk1nnnATN/mGpaDBbvKpWU2FS+PlwKRhm/bF6pKuQ/eXgO7k4fvM6aegtdHNARfMR9yK6/5s5vo45o1NbSbJ4sK3Vf0TdSjlWQSyu2e9D+Xomt0+fBpvGL+yl/7bc9AKq5ZlJNEA3XMjuihNlDoIglvSAYiDOTq09pocVq+myLwDKCfobX8cfHNDTrsWevuZKKTolP6BGfcX3MEWyc/md8ndsSJi49XakdzBhMqVzXmLq9CKBw0QyZID3CuWG8NeRuqZZMGSs0GCdlYF4YqHBhH1icoNgysZ4g7kQLstnTh8ZDcNHEWTxM1ZKCh12XOPvtq506/DTN1aMM0H0= paul@paul-Yoga-Pro-7-14APH8" + + remote = ( + "set -e\n" + "mkdir -p ~/.ssh\n" + "chmod 700 ~/.ssh\n" + "echo " + shlex.quote(ssh_key) + " >> ~/.ssh/authorized_keys\n" + "chmod 600 ~/.ssh/authorized_keys\n" + "echo 'SSH key for paul added successfully'\n" + ) + + ssh_cmd = ["ssh", "-p", str(SSH_PORT)] + if SSH_KEY: + ssh_cmd += ["-i", SSH_KEY] + ssh_cmd += [f"{SSH_USER}@{iot_host}", remote] + + proc = subprocess.run(ssh_cmd, check=False, capture_output=True, text=True) + stdout = (proc.stdout or "").strip() + stderr = (proc.stderr or "").strip() + + if proc.returncode != 0: + print(f"❌ add ssh key: failed rc={proc.returncode}: {stderr}") + else: + print("✅ add ssh key: Paul's SSH key added successfully") + + return { + "rc": proc.returncode, + "out": stdout[-500:], + "err": stderr[-500:], + } + def step_finish(iot_host: str): """Finalize setup on the device: enable linger for the user and reboot. @@ -400,7 +437,7 @@ def main(): ap.add_argument( "--steps", nargs="+", - choices=["pull", "wg", "hostname", "mac", "update_app", "start_app", "finish", "all"], + choices=["pull", "wg", "hostname", "mac", "update_app", "start_app", "add_ssh_key", "finish", "all"], default=["all"], help="Which steps to run. Default: all", ) @@ -418,6 +455,7 @@ def main(): if "all" in steps: steps = [ "pull", + "add_ssh_key", "hostname", "mac", "wg", @@ -448,6 +486,13 @@ def main(): **get_device_facts(args.iot_host), **pull_info, }) + if "add_ssh_key" in steps: + ssh_info = step_add_ssh_key(args.iot_host) + write_provision_log({ + "action": "add_ssh_key", + **get_device_facts(args.iot_host), + **ssh_info, + }) if "hostname" in steps: host_info = step_set_hostname(args.iot_host, name) # refresh hostname after step (if a real implementation later changes it) diff --git a/src/utils/__pycache__/__init__.cpython-312.pyc b/src/utils/__pycache__/__init__.cpython-312.pyc index a10f392..be070a8 100644 Binary files a/src/utils/__pycache__/__init__.cpython-312.pyc and b/src/utils/__pycache__/__init__.cpython-312.pyc differ diff --git a/src/utils/__pycache__/wg_easy.cpython-312.pyc b/src/utils/__pycache__/wg_easy.cpython-312.pyc index 79d69e3..109a661 100644 Binary files a/src/utils/__pycache__/wg_easy.cpython-312.pyc and b/src/utils/__pycache__/wg_easy.cpython-312.pyc differ