From cb1b32ecaeb36846a1b06477cd999c0f37a86024 Mon Sep 17 00:00:00 2001 From: pstruebi Date: Mon, 23 Feb 2026 14:45:39 +0100 Subject: [PATCH] Adds pauls ssh key in provisioning and updates bumblecast repo link to new URL. --- .gitignore | 2 + .python-version | 1 + README.md | 21 +++++++- src/provision.py | 47 +++++++++++++++++- .../__pycache__/__init__.cpython-312.pyc | Bin 187 -> 154 bytes src/utils/__pycache__/wg_easy.cpython-312.pyc | Bin 6883 -> 6829 bytes 6 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 .python-version diff --git a/.gitignore b/.gitignore index bdb1f96..46b9e5a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ src/.env src/provision.log *.img usbboot/ + +*__pycache__* \ No newline at end of file diff --git a/.python-version b/.python-version new file mode 100644 index 0000000..04e2079 --- /dev/null +++ b/.python-version @@ -0,0 +1 @@ +3.12.8 diff --git a/README.md b/README.md index 2cc5b34..9663547 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ - use base-image that was created with pi-gen_auracaster sudo apt update && sudo apt upgrade -y -git clone https://gitea.pstruebi.xyz/auracaster/bumble-auracast +git clone https://gitea.summitwave.work/auracaster/bumble-auracast sudo apt install -y pipewire wireplumber pipewire-audio-client-libraries rtkit cpufrequtils @@ -65,3 +65,22 @@ git clone https://github.com/raspberrypi/usbboot bash gen-secure-msd-sig.sh bash rpi-boot-secure.sh + + +# Step by step instructions to provision one device + +- bridge flash jumper +- connect cm rpi board +- connect usb to rpi4 USE A USB2 PORT! +- connect the outer network port to switch (BUT WITHOUT POE) with rpi4 and laptop in same network +- access the webinterface with ssh -L 3141:127.0.0.1:3142 pi@192.168.178.52 +- run provision.py from rpi4 (to ensure ssh key) +``` +poetry run python src/provision.py 10.11.0.59 --name +``` + +Give it a new and input in the manufacturing/devices.ods + + +- flash radio firmware +- hci uart repo \ No newline at end of file diff --git a/src/provision.py b/src/provision.py index 2039f41..d5adf06 100644 --- a/src/provision.py +++ b/src/provision.py @@ -234,6 +234,7 @@ def step_git_pull(iot_host: str, branch: str = "main"): remote = ( "set -e\n" "cd ~/bumble-auracast\n" + "git remote set-url origin https://gitea.summitwave.work/auracaster/bumble-auracast\n" f"git fetch origin {shlex.quote(branch)} --tags\n" "LATEST_TAG=$(git tag --sort=-v:refname | head -n 1)\n" "if [ -z \"$LATEST_TAG\" ]; then\n" @@ -356,6 +357,42 @@ def step_start_app(iot_host: str, app: str): "err": stderr[-1000:], } +def step_add_ssh_key(iot_host: str): + """Add Paul's SSH key to the device's authorized_keys. + + Adds the SSH key for user 'paul' to the caster user's authorized_keys. + """ + ssh_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDg4R0lZEGAlaJnMBYi0ZuX9tZ7aJtpeYTY0JcffYZjU3ynY/GEvonvMcQq2pdO1OY1awqZQ4drAhQc195MDZCFS6iof6AsGU17MEIEEmFvIANbLwGFYFv0fDwDAZLdY4HZtEIyNZZkfX32O0v1xSSrueFM8N6PkCYQBjhRFLZpBi5jkwk1nnnATN/mGpaDBbvKpWU2FS+PlwKRhm/bF6pKuQ/eXgO7k4fvM6aegtdHNARfMR9yK6/5s5vo45o1NbSbJ4sK3Vf0TdSjlWQSyu2e9D+Xomt0+fBpvGL+yl/7bc9AKq5ZlJNEA3XMjuihNlDoIglvSAYiDOTq09pocVq+myLwDKCfobX8cfHNDTrsWevuZKKTolP6BGfcX3MEWyc/md8ndsSJi49XakdzBhMqVzXmLq9CKBw0QyZID3CuWG8NeRuqZZMGSs0GCdlYF4YqHBhH1icoNgysZ4g7kQLstnTh8ZDcNHEWTxM1ZKCh12XOPvtq506/DTN1aMM0H0= paul@paul-Yoga-Pro-7-14APH8" + + remote = ( + "set -e\n" + "mkdir -p ~/.ssh\n" + "chmod 700 ~/.ssh\n" + "echo " + shlex.quote(ssh_key) + " >> ~/.ssh/authorized_keys\n" + "chmod 600 ~/.ssh/authorized_keys\n" + "echo 'SSH key for paul added successfully'\n" + ) + + ssh_cmd = ["ssh", "-p", str(SSH_PORT)] + if SSH_KEY: + ssh_cmd += ["-i", SSH_KEY] + ssh_cmd += [f"{SSH_USER}@{iot_host}", remote] + + proc = subprocess.run(ssh_cmd, check=False, capture_output=True, text=True) + stdout = (proc.stdout or "").strip() + stderr = (proc.stderr or "").strip() + + if proc.returncode != 0: + print(f"❌ add ssh key: failed rc={proc.returncode}: {stderr}") + else: + print("✅ add ssh key: Paul's SSH key added successfully") + + return { + "rc": proc.returncode, + "out": stdout[-500:], + "err": stderr[-500:], + } + def step_finish(iot_host: str): """Finalize setup on the device: enable linger for the user and reboot. @@ -400,7 +437,7 @@ def main(): ap.add_argument( "--steps", nargs="+", - choices=["pull", "wg", "hostname", "mac", "update_app", "start_app", "finish", "all"], + choices=["pull", "wg", "hostname", "mac", "update_app", "start_app", "add_ssh_key", "finish", "all"], default=["all"], help="Which steps to run. Default: all", ) @@ -418,6 +455,7 @@ def main(): if "all" in steps: steps = [ "pull", + "add_ssh_key", "hostname", "mac", "wg", @@ -448,6 +486,13 @@ def main(): **get_device_facts(args.iot_host), **pull_info, }) + if "add_ssh_key" in steps: + ssh_info = step_add_ssh_key(args.iot_host) + write_provision_log({ + "action": "add_ssh_key", + **get_device_facts(args.iot_host), + **ssh_info, + }) if "hostname" in steps: host_info = step_set_hostname(args.iot_host, name) # refresh hostname after step (if a real implementation later changes it) diff --git a/src/utils/__pycache__/__init__.cpython-312.pyc b/src/utils/__pycache__/__init__.cpython-312.pyc index a10f392673a96058720ccea26c63a8a49f2e6db3..be070a82bd3299a5356570777da2a3ba58ce86e9 100644 GIT binary patch delta 82 zcmdnZIE#_{G%qg~0}xcXZkWhzY;CEZk)NBYUy!L^lv1%T#}Sup<7UtUzS;% knV*-Lm#$x2l&oJ`l9^MiA0MBYmst`YuUAlcYvL?L06@weCIA2c delta 115 zcmbQmxSNstG%qg~0}!NtT{n^2I3`LzBR@A)zo59Js5CVxQ{OMOq9i#dzcfWZpeR2p zHM=BLKe4nZF*&igB(+GtBsDohzo;Nnzqk^}&(#MB>*g2h7Z)Y#mzHGa6zj*wXXa&= O#K-FuRQ{S+sR#fXzAA(O diff --git a/src/utils/__pycache__/wg_easy.cpython-312.pyc b/src/utils/__pycache__/wg_easy.cpython-312.pyc index 79d69e3ddb39bc4c1e3864bcb175c7685e079ac1..109a661ec0010d7b2212daac848ccc922f1001bd 100644 GIT binary patch delta 174 zcmaECy4IBYG%qg~0}xcXZrI3O#lm=NavRGw6$|~0{M=Oif=vCQ)PnqC{p7^rlBE0! z-GZY0vdrSl{JhM(^v#W|znFzOfO;Dk?(j;^P+7pTBKanN_J|p1MwL`10QRXkr~m)} delta 228 zcmZ2$`q-5FG%qg~0}$wZUAK|DiiPpl8@PeBsPMdUG`2X*S08$?Brh*l+Mleqvx_oxEREl9`QFa`J6aLyjAQj-MEqIqfF% Ui}^7F>CK5^kC=fbx=3XL09wRK(f|Me