diff --git a/builder/extras/nexmon.yml b/builder/extras/nexmon.yml deleted file mode 100644 index d42635f0..00000000 --- a/builder/extras/nexmon.yml +++ /dev/null @@ -1,36 +0,0 @@ -# Install nexmon to fix wireless scanning (takes 2.5G of space) - -- name: make firmware - shell: "source ./setup_env.sh && make" - args: - executable: /bin/bash - chdir: /usr/local/src/nexmon/ - -- name: "make firmware patch ({{ item.name }})" - shell: "source ./setup_env.sh && cd /usr/local/src/nexmon/patches/{{ item.patch }}/nexmon/ && make" - args: - executable: /bin/bash - chdir: /usr/local/src/nexmon/ - environment: - QEMU_UNAME: "{{ item.kernel }}" - ARCHFLAGS: "{{ item.arch_flags }}" - -- name: "install new firmware ({{ item.name }})" - copy: - src: "/usr/local/src/nexmon/patches/{{ item.patch }}/nexmon/{{ item.firmware }}" - dest: "/usr/lib/firmware/brcm/{{ item.firmware }}" - follow: true - environment: - QEMU_UNAME: "{{ item.kernel }}" - ARCHFLAGS: "{{ item.arch_flags }}" - -- name: backup original driver - command: "mv /usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko.xz /usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko.xz.orig" - -- name: copy modified driver - copy: - src: "/usr/local/src/nexmon/patches/driver/brcmfmac_6.1.y-nexmon/brcmfmac.ko" - dest: "/usr/lib/modules/{{ item.kernel }}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko" - -- name : load brcmfmac drivers - command: "/sbin/depmod -a {{ item.kernel }}" diff --git a/builder/orangepi.yml b/builder/orangepi.yml deleted file mode 100644 index d6621b2a..00000000 --- a/builder/orangepi.yml +++ /dev/null @@ -1,516 +0,0 @@ ---- -- hosts: - - 127.0.0.1 - gather_facts: true - become: true - vars: - kernel: - min: "6.1" - full: "6.1.31-sun50iw9" - pwnagotchi: - hostname: "{{ lookup('env', 'PWN_HOSTNAME') | default('pwnagotchi', true) }}" - version: "{{ lookup('env', 'PWN_VERSION') | default('pwnagotchi-torch', true) }}" - system: - boot_options: - - "dtoverlay=dwc2" - - "dtoverlay=spi1-3cs" - - "dtparam=i2c1=on" - - "dtparam=i2c_arm=on" - - "dtparam=spi=on" - - "gpu_mem=16" - modules: - - "i2c-dev" - - "g_ether" - services: - enable: - - bettercap.service - - dphys-swapfile.service - - fstrim.timer - - pwnagotchi.service - - pwngrid-peer.service - disable: - - apt-daily-upgrade.service - - apt-daily-upgrade.timer - - apt-daily.service - - apt-daily.timer - - avahi-daemon.service - - avahi-daemon.socket - - bluetooth.service - - ifup@wlan0.service - - rpi-eeprom-update.service - - triggerhappy.service - - wpa_supplicant.service - packages: - caplets: - source: "https://github.com/jayofelony/caplets.git" - bettercap: - # We will install bettercap from source - source: "https://github.com/jayofelony/bettercap.git" - url: "https://github.com/jayofelony/bettercap/releases/download/2.32.1/bettercap-2.32.1.zip" - ui: "https://github.com/bettercap/ui/releases/download/v1.3.0/ui.zip" - opwngrid: - source: "https://github.com/jayofelony/pwngrid.git" - url: "https://github.com/jayofelony/pwngrid/releases/download/v1.10.5/pwngrid-1.10.5-aarch64.zip" - apt: - downgrade: - - libpcap-dev_1.9.1-4_arm64.deb - - libpcap0.8-dbg_1.9.1-4_arm64.deb - - libpcap0.8-dev_1.9.1-4_arm64.deb - - libpcap0.8_1.9.1-4_arm64.deb - hold: - - firmware-atheros - - firmware-brcm80211 - - firmware-libertas - - firmware-misc-nonfree - - firmware-realtek - - libpcap-dev - - libpcap0.8 - - libpcap0.8-dev - - libpcap0.8-dbg - remove: - - avahi-daemon - - nfs-common - - rpi-eeprom - - triggerhappy - - wpasupplicant - install: - - autoconf - - bc - - bison - - bluez - - build-essential - - curl - - dkms - - dphys-swapfile - - fbi - - flex - - fonts-dejavu - - fonts-dejavu-core - - fonts-dejavu-extra - - fonts-freefont-ttf - - g++ - - gawk - - gcc-arm-none-eabi - - git - - libatlas-base-dev - - libavcodec58 - - libavformat58 - - libblas-dev - - libbluetooth-dev - - libbz2-dev - - libc-ares-dev - - libc6-dev - - libcap-dev - - libdbus-1-dev - - libdbus-glib-1-dev - - libeigen3-dev - - libelf-dev - - libffi-dev - - libfl-dev - - libfuse-dev - - libgdbm-dev - - libgl1-mesa-glx - - libgmp3-dev - - libgstreamer1.0-0 - - libhdf5-dev - - liblapack-dev - - libncursesw5-dev - - libnetfilter-queue-dev - - libopenblas-dev - - libopenjp2-7 - - libopenmpi-dev - - libopenmpi3 - - libpcap-dev - - libraspberrypi-bin - - libraspberrypi-dev - - libraspberrypi-doc - - libraspberrypi0 - - libsqlite3-dev - - libssl-dev - - libswscale5 - - libtiff5 - - libtool - - libusb-1.0-0-dev - - lsof - - make - - python3-yaml - - python3-dbus - - python3-flask - - python3-flask-cors - - python3-flaskext.wtf - - python3-gast - - python3-pil - - python3-pycryptodome - - python3-requests - - python3-scapy - - python3-smbus2 - - python3-spidev - - python3-tweepy - - python3-werkzeug - - firmware-atheros - - firmware-brcm80211 - - firmware-libertas - - firmware-misc-nonfree - - firmware-realtek - - python3-pip - - python3-setuptools - - python3-smbus - - qpdf - - raspberrypi-kernel-headers - - rsync - - screen - - tcpdump - - texinfo - - time - - tk-dev - - unzip - - vim - - wget - - wl - - xxd - - zlib1g-dev - environment: - ARCHFLAGS: "-arch aarch64" - QEMU_UNAME: "{{ kernel.full }}" - - tasks: - - name: Create user=pi, pass=orange - copy: - dest: /boot/userconf - content: | - pi:$6$2f51RQqfvzZaVljt$zNBftBn3LDVjJckR0cA/RdGA3iCshbUvuUUhIOD2uVLnaBazoxHmgiD1a0xAz6gQO4i3rGLzme931bJeNwNyx. - - - name: change hostname - lineinfile: - dest: /etc/hostname - regexp: '^raspberrypi' - line: "{{pwnagotchi.hostname}}" - state: present - when: lookup('file', '/etc/hostname') == "raspberrypi" - register: hostname - - - name: add hostname to /etc/hosts - lineinfile: - dest: /etc/hosts - regexp: '^127\.0\.1\.1[ \t]+raspberrypi' - line: "127.0.1.1\t{{pwnagotchi.hostname}}" - state: present - when: hostname.changed - - - name: disable sap plugin for bluetooth.service - lineinfile: - dest: /lib/systemd/system/bluetooth.service - regexp: '^ExecStart=/usr/lib/bluetooth/bluetoothd$' - line: 'ExecStart=/usr/lib/bluetooth/bluetoothd --noplugin=sap' - state: present - - - name: configure dphys-swapfile - lineinfile: - path: /etc/dphys-swapfile - regexp: "^CONF_SWAPSIZE=.*$" - line: "CONF_SWAPSIZE=2048" - - - name: install packages - apt: - name: "{{ packages.apt.install }}" - state: present - update_cache: yes - install_recommends: false - - ########################################### - # - # libpcap v1.9 - build from source - # - ########################################### - - # check for presence, then it can re-run in later parts if needed - # use the "make" built in - - # install libpcap before bettercap and pwngrid, so they use it - - name: clone libpcap v1.9 from github - git: - repo: 'https://github.com/the-tcpdump-group/libpcap.git' - dest: /usr/local/src/libpcap - version: libpcap-1.9 - - - name: build and install libpcap into /usr/local/lib - shell: "./configure && make && make install" - args: - executable: /bin/bash - chdir: /usr/local/src/libpcap - - - name: remove libpcap build folder - file: - state: absent - path: /usr/local/src/libpcap - - - name: create symlink /usr/local/lib/libpcap.so.1.9.1 - file: - src: /usr/local/lib/libpcap.so.1.9.1 - dest: /usr/local/lib/libpcap.so.0.8 - state: link - - - name: Create custom plugin directory - file: - path: /usr/local/share/pwnagotchi/custom-plugins/ - state: directory - - - name: Create custom config directory - file: - path: /etc/pwnagotchi/conf.d/ - state: directory - - - name: clone pwnagotchi repository - git: - repo: https://github.com/jayofelony/pwnagotchi.git - dest: /usr/local/src/pwnagotchi - register: pwnagotchigit - - - name: build pwnagotchi wheel - command: "python3 setup.py sdist bdist_wheel" - args: - chdir: /usr/local/src/pwnagotchi - when: (pwnagotchigit.changed) or (pip_packages['pwnagotchi'] is undefined) or (pip_packages['pwnagotchi'] != pwnagotchi_version) - - - name: install pwnagotchi wheel and dependencies - pip: - name: "{{ lookup('fileglob', '/usr/local/src/pwnagotchi/dist/pwnagotchi*.whl') }}" - extra_args: "--no-cache-dir" - when: (pwnagotchigit.changed) or (pip_packages['pwnagotchi'] is undefined) or (pip_packages['pwnagotchi'] != pwnagotchi_version) - - - name: remove pwnagotchi folder - file: - state: absent - path: /usr/local/src/pwnagotchi - - - name: Install go-1.21 - unarchive: - src: https://go.dev/dl/go1.21.4.linux-arm64.tar.gz - dest: /usr/local - remote_src: yes - register: golang - - - name: Update .bashrc for go-1.21 - blockinfile: - dest: /home/pi/.bashrc - state: present - block: | - export GOPATH=$HOME/go - export PATH=/usr/local/go/bin:$PATH:$GOPATH/bin - when: golang.changed - - - name: download pwngrid - git: - repo: "{{ packages.opwngrid.source }}" - dest: /usr/local/src/opwngrid - register: pwngrid - - - name: install pwngrid - shell: "export GOPATH=$HOME/go && export PATH=/usr/local/go/bin:$PATH:$GOPATH/bin && go mod tidy && make && make install" - args: - executable: /bin/bash - chdir: /usr/local/src/opwngrid - when: pwngrid.changed - - - name: remove pwngrid folder - file: - state: absent - path: /usr/local/src/opwngrid - - - name: download bettercap - git: - repo: "{{ packages.bettercap.source }}" - dest: /usr/local/src/bettercap - - - name: install bettercap 2.32.1 - shell: "export GOPATH=$HOME/go && export PATH=/usr/local/go/bin:$PATH:$GOPATH/bin && go mod tidy && make && make install" - args: - executable: /bin/bash - chdir: /usr/local/src/bettercap - - - name: remove bettercap folder - file: - state: absent - path: /usr/local/src/bettercap - - #- name: download and install bettercap - # unarchive: - # src: "{{ packages.bettercap.url }}" - # dest: /usr/local/bin - # remote_src: yes - # exclude: - # - README.md - # - LICENSE.md - # mode: 0755 - - - name: clone bettercap caplets - git: - repo: "{{ packages.caplets.source }}" - dest: /tmp/caplets - register: capletsgit - - - name: install bettercap caplets - make: - chdir: /tmp/caplets - target: install - when: capletsgit.changed - - - name: download and install bettercap ui - unarchive: - src: "{{ packages.bettercap.ui }}" - dest: /usr/local/share/bettercap/ - remote_src: yes - mode: 0755 - - # to always have the bettercap webui available (because why not?) - - name: copy pwnagotchi-manual over pwnagotchi-auto caplet - ansible.builtin.copy: - src: /usr/local/share/bettercap/caplets/pwnagotchi-manual.cap - dest: /usr/local/share/bettercap/caplets/pwnagotchi-auto.cap - force: true - ignore_errors: true - - - name: add HDMI powersave to rc.local - blockinfile: - path: /etc/rc.local - insertbefore: "exit 0" - block: | - if ! /usr/bin/tvservice -s | egrep 'HDMI|DVI'; then - /usr/bin/tvservice -o - fi - - - name: create /etc/pwnagotchi folder - file: - path: /etc/pwnagotchi - state: directory - - - name: check if user configuration exists - stat: - path: /etc/pwnagotchi/config.toml - register: user_config - - - name: create /etc/pwnagotchi/config.toml - copy: - dest: /etc/pwnagotchi/config.toml - content: | - # Add your configuration overrides on this file any configuration changes done to default.toml will be lost! - # Example: - # ui.display.enabled = true - # ui.display.type = "waveshare_2" - when: not user_config.stat.exists - - - name: Delete motd - file: - state: absent - path: /etc/motd - - - name: Delete motd 10-uname - file: - state: absent - path: /etc/update-motd.d/10-uname - - - name: enable ssh on boot - file: - path: /boot/ssh - state: touch - - - name: adjust /etc/modules - lineinfile: - dest: /etc/modules - insertafter: EOF - line: '{{ item }}' - with_items: "{{system.modules}}" - - - name: Add pwnlog alias - lineinfile: - dest: /home/pi/.bashrc - line: "\nalias pwnlog='tail -f -n300 /var/log/pwn*.log | sed --unbuffered \"s/,[[:digit:]]\\{3\\}\\]//g\" | cut -d \" \" -f 2-'" - insertafter: EOF - - - name: Add pwnver alias - lineinfile: - dest: /home/pi/.bashrc - line: "\nalias pwnver='python3 -c \"import pwnagotchi as p; print(p.__version__)\"'" - insertafter: EOF - - - name: Add pwnkill alias to restart pwnagotchi with a signal - lineinfile: - dest: /home/pi/.bashrc - line: "\nalias pwnkill='sudo killall -USR1 pwnagotchi'" - insertafter: EOF - - - name: add firmware packages to hold - dpkg_selections: - name: "{{ item }}" - selection: hold - with_items: "{{ packages.apt.hold }}" - - - name: disable unnecessary services - systemd: - name: "{{ item }}" - state: stopped - enabled: no - with_items: "{{ services.disable }}" - - - name: enable services - systemd: - name: "{{ item }}" - enabled: true - state: stopped - with_items: "{{ services.enable }}" - register: enabled - - - name: remove unnecessary apt packages - apt: - name: "{{ packages.apt.remove }}" - state: absent - purge: yes - register: removed - - - name: clean apt cache - apt: - autoclean: true - when: removed.changed - - - name: remove pre-collected packages zip - file: - path: /root/go_pkgs.tgz - state: absent - - - name: remove /root/go folder - file: - state: absent - path: /root/go - - - name: remove /usr/local/go folder - file: - state: absent - path: /usr/local/go - - - name: remove pip cache - file: - state: absent - path: /root/.cache/pip - - - name: remove dependencies that are no longer required - apt: - autoremove: yes - when: removed.changed - - - name: remove ssh keys - file: - state: absent - path: "{{ item }}" - with_fileglob: - - "/etc/ssh/ssh_host*_key*" - - - name: regenerate ssh keys - shell: "dpkg-reconfigure openssh-server" - args: - executable: /bin/bash - - handlers: - - name: reload systemd services - systemd: - daemon_reload: yes - when: enabled.changed \ No newline at end of file diff --git a/builder/pwnagotchi.json.pkr.hcl b/builder/pwnagotchi.json.pkr.hcl index 72d27956..26edc7cf 100644 --- a/builder/pwnagotchi.json.pkr.hcl +++ b/builder/pwnagotchi.json.pkr.hcl @@ -39,7 +39,7 @@ source "arm" "rpi64-pwnagotchi" { start_sector = "8192" filesystem = "fat" size = "256M" - mountpoint = "/boot" + mountpoint = "/boot/firmware" } image_partitions { name = "root" @@ -50,56 +50,6 @@ source "arm" "rpi64-pwnagotchi" { mountpoint = "/" } } -source "arm" "rpi32-pwnagotchi" { - file_checksum_url = "https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2023-12-11/2023-12-11-raspios-bookworm-armhf-lite.img.xz.sha256" - file_urls = ["https://downloads.raspberrypi.org/raspios_lite_armhf/images/raspios_lite_armhf-2023-12-11/2023-12-11-raspios-bookworm-armhf-lite.img.xz"] - file_checksum_type = "sha256" - file_target_extension = "xz" - file_unarchive_cmd = ["unxz", "$ARCHIVE_PATH"] - image_path = "../../../pwnagotchi-rpi-bookworm-${var.pwn_version}-armhf.img" - qemu_binary_source_path = "/usr/bin/qemu-arm-static" - qemu_binary_destination_path = "/usr/bin/qemu-arm-static" - image_build_method = "resize" - image_size = "9G" - image_type = "dos" - image_partitions { - name = "boot" - type = "c" - start_sector = "8192" - filesystem = "fat" - size = "256M" - mountpoint = "/boot" - } - image_partitions { - name = "root" - type = "83" - start_sector = "532480" - filesystem = "ext4" - size = "0" - mountpoint = "/" - } -} -source "arm" "opi-pwnagotchi" { - file_checksum_url = "https://github.com/jayofelony/orangepi/releases/download/v1.0/orangepi-raspios.img.xz.sha256" - file_urls = ["https://github.com/jayofelony/orangepi/releases/download/v1.0/orangepi-raspios.img.xz"] - file_checksum_type = "sha256" - file_target_extension = "xz" - file_unarchive_cmd = ["unxz", "$ARCHIVE_PATH"] - image_path = "../../../pwnagotchi-opi-bullseye-${var.pwn_version}-arm64.img" - qemu_binary_source_path = "/usr/bin/qemu-aarch64-static" - qemu_binary_destination_path = "/usr/bin/qemu-aarch64-static" - image_build_method = "resize" - image_size = "9G" - image_type = "dos" - image_partitions { - name = "root" - type = "83" - start_sector = "8192" - filesystem = "ext4" - size = "0" - mountpoint = "/" - } -} # a build block invokes sources and runs provisioning steps on them. The # documentation for build blocks can be found here: @@ -148,96 +98,4 @@ build { extra_arguments = ["--extra-vars \"ansible_python_interpreter=/usr/bin/python3\""] playbook_file = "raspberrypi64.yml" } -} - -build { - name = "Raspberry Pi 32 Pwnagotchi" - sources = ["source.arm.rpi32-pwnagotchi"] - provisioner "file" { - destination = "/usr/bin/" - sources = [ - "data/usr/bin/bettercap-launcher", - "data/usr/bin/hdmioff", - "data/usr/bin/hdmion", - "data/usr/bin/monstart", - "data/usr/bin/monstop", - "data/usr/bin/pwnagotchi-launcher", - "data/usr/bin/pwnlib", - ] - } - provisioner "shell" { - inline = ["chmod +x /usr/bin/*"] - } - provisioner "file" { - destination = "/etc/systemd/system/" - sources = [ - "data/etc/systemd/system/bettercap.service", - "data/etc/systemd/system/pwnagotchi.service", - "data/etc/systemd/system/pwngrid-peer.service", - ] - } - provisioner "file" { - destination = "/etc/update-motd.d/01-motd" - source = "data/etc/update-motd.d/01-motd" - } - provisioner "shell" { - inline = ["chmod +x /etc/update-motd.d/*"] - } - provisioner "shell" { - inline = [ - "apt-get -y --allow-releaseinfo-change update", "export LC_ALL=en_GB.UTF-8", "apt-get -y dist-upgrade", - "apt-get install -y --no-install-recommends ansible" - ] - } - provisioner "ansible-local" { - command = "ANSIBLE_FORCE_COLOR=1 PYTHONUNBUFFERED=1 PWN_VERSION=${var.pwn_version} PWN_HOSTNAME=${var.pwn_hostname} ansible-playbook" - extra_arguments = ["--extra-vars \"ansible_python_interpreter=/usr/bin/python3\""] - playbook_dir = "extras/" - playbook_file = "raspberrypi32.yml" - } -} - -#build { -# name = "Orange Pi Pwnagotchi" -# sources = ["source.arm.opi-pwnagotchi"] - -# provisioner "file" { -# destination = "/usr/bin/" -# sources = [ -# "data/usr/bin/bettercap-launcher", -# "data/usr/bin/hdmioff", -# "data/usr/bin/hdmion", -# "data/usr/bin/monstart", -# "data/usr/bin/monstop", -# "data/usr/bin/pwnagotchi-launcher", -# "data/usr/bin/pwnlib", -# ] -# } -# provisioner "shell" { -# inline = ["chmod +x /usr/bin/*"] -# } - -# provisioner "file" { -# destination = "/etc/systemd/system/" -# sources = [ -# "data/etc/systemd/system/bettercap.service", -# "data/etc/systemd/system/pwnagotchi.service", -# "data/etc/systemd/system/pwngrid-peer.service", -# ] -# } -# provisioner "file" { -# destination = "/etc/update-motd.d/01-motd" -# source = "data/etc/update-motd.d/01-motd" -# } -# provisioner "shell" { -# inline = ["chmod +x /etc/update-motd.d/*"] -# } -# provisioner "shell" { -# inline = ["apt-get -y --allow-releaseinfo-change update", "apt-get -y dist-upgrade", "apt-get install -y --no-install-recommends ansible"] -# } -# provisioner "ansible-local" { -# command = "ANSIBLE_FORCE_COLOR=1 PYTHONUNBUFFERED=1 PWN_VERSION=${var.pwn_version} PWN_HOSTNAME=${var.pwn_hostname} ansible-playbook" -# extra_arguments = ["--extra-vars \"ansible_python_interpreter=/usr/bin/python3\""] -# playbook_file = "orangepi.yml" -# } -#} \ No newline at end of file +} \ No newline at end of file diff --git a/builder/raspberrypi32.yml b/builder/raspberrypi32.yml deleted file mode 100644 index 4f5260f4..00000000 --- a/builder/raspberrypi32.yml +++ /dev/null @@ -1,595 +0,0 @@ ---- -- hosts: - - 127.0.0.1 - gather_facts: true - become: true - vars: - boards: - - { - kernel: "6.1.0-rpi7-rpi-v6", - name: "PiZeroW", - firmware: "brcmfmac43430-sdio.bin", - patch: "bcm43430a1/7_45_41_46", - cpu: arm1176, - arch_flags: "-arch armv6l" - } - - { - kernel: "6.1.0-rpi7-rpi-v7", - name: "PiZero2W", - firmware: "brcmfmac43436-sdio.bin", - patch: "bcm43436b0/9_88_4_65", - cpu: any, #cortex-a53 - arch_flags: "-arch armv7l" - } - - { - kernel: "6.1.0-rpi7-rpi-v7l", - name: "Pi4b_32", - firmware: "brcmfmac43455-sdio.bin", - patch: "bcm43455c0/7_45_206", - cpu: any, #cortex-a72 - arch_flags: "-arch armv7l" - } - kernel: - min: "6.1" - full: "6.1.0-rpi7-rpi-v6" - full_2w: "6.1.0-rpi7-rpi-v7" - full_4b: "6.1.0-rpi7-rpi-v7" - arch: "v6l" - pwnagotchi: - hostname: "{{ lookup('env', 'PWN_HOSTNAME') | default('pwnagotchi', true) }}" - version: "{{ lookup('env', 'PWN_VERSION') | default('pwnagotchi-torch', true) }}" - custom_plugin_dir: "/usr/local/share/pwnagotchi/custom-plugins" - system: - boot_options: - - "#### pwnagotchi additions" - - "# this pwnagotchi image is 32-bit only no v8+ headers to build nexmon for 64 bit" - - "arm_64bit=0" - - "# dwc2 for RNDIS. comment out, and remove dwc2 and g_ether from cmdline.txt for X306 usb battery hat" - - "dtoverlay=dwc2" - - "dtoverlay=spi1-3cs" - - "dtparam=i2c1=on" - - "dtparam=i2c_arm=on" - - "dtparam=spi=on" - - "gpu_mem=16" - - "#### audio out on pins 18 and 19" - - "#dtoverlay=audremap,pins_18_19" - - "#### touchscreen on waveshare touch e-paper" - - "#dtoverlay=goodix,interrupt=27,reset=22" - - "#### for PWM backlighting on pimoroni displayhatmini" - - "dtoverlay=pwm-2chan,pin=12,func=4,pin2=13,func2=4" - modules: - - "i2c-dev" - services: - enable: - - bettercap.service - - dphys-swapfile.service - - fstrim.timer - - pwnagotchi.service - - pwngrid-peer.service - disable: - - apt-daily-upgrade.service - - apt-daily-upgrade.timer - - apt-daily.service - - apt-daily.timer - - bluetooth.service - - ifup@wlan0.service - - triggerhappy.service - - wpa_supplicant.service - packages: - caplets: - source: "https://github.com/jayofelony/caplets.git" - bettercap: - source: "https://github.com/jayofelony/bettercap.git" - url: "https://github.com/jayofelony/bettercap/releases/download/2.32.2/bettercap-2.32.2-armhf.zip" - ui: "https://github.com/bettercap/ui/releases/download/v1.3.0/ui.zip" - opwngrid: - source: "https://github.com/jayofelony/pwngrid.git" - url: "https://github.com/jayofelony/pwngrid/releases/download/v1.10.5/pwngrid-1.10.5-armhf.zip" - apt: - downgrade: - - libpcap-dev_1.9.1-4_armhf.deb - - libpcap0.8-dbg_1.9.1-4_armhf.deb - - libpcap0.8-dev_1.9.1-4_armhf.deb - - libpcap0.8_1.9.1-4_armhf.deb - hold: - - libpcap-dev - - libpcap0.8 - - libpcap0.8-dev - - libpcap0.8-dbg - remove: - - avahi-daemon - - nfs-common - - triggerhappy - - wpasupplicant - install: - - autoconf - - bc - - bison - - bluez - - build-essential - - curl - - dkms - - dphys-swapfile - - fbi - - flex - - fonts-dejavu - - fonts-dejavu-core - - fonts-dejavu-extra - - fonts-freefont-ttf - - g++ - - gawk - - gcc-arm-none-eabi - - git - - libatlas-base-dev - - libavcodec59 - - libavformat59 - - libblas-dev - - libbluetooth-dev - - libbz2-dev - - libc-ares-dev - - libc6-dev - - libcap-dev - - libdbus-1-dev - - libdbus-glib-1-dev - - libeigen3-dev - - libelf-dev - - libffi-dev - - libfl-dev - - libfuse-dev - - libgdbm-dev - - libgl1-mesa-glx - - libgmp3-dev - - libgstreamer1.0-0 - - libhdf5-dev - - liblapack-dev - - libncursesw5-dev - - libnetfilter-queue-dev - - libopenblas-dev - - libopenjp2-7 - - libopenmpi-dev - - libopenmpi3 - - libpcap-dev - - libraspberrypi-bin - - libraspberrypi-dev - - libraspberrypi-doc - - libraspberrypi0 - - libsqlite3-dev - - libssl-dev - - libswscale5 - - libtiff6 - - libtool - - libusb-1.0-0-dev - - lsof - - make - - python3-yaml - - python3-dbus - - python3-flask - - python3-flask-cors - - python3-flaskext.wtf - - python3-gast - - python3-pil - - python3-pycryptodome - - python3-requests - - python3-scapy - - python3-smbus2 - - python3-spidev - - python3-tweepy - - python3-werkzeug - - firmware-atheros - - firmware-brcm80211 - - firmware-libertas - - firmware-misc-nonfree - - firmware-realtek - - python3-pip - - python3-setuptools - - python3-smbus - - qpdf - - raspberrypi-kernel-headers - - rsync - - screen - - tcpdump - - texinfo - - time - - tk-dev - - unzip - - vim - - wget - - wl - - xxd - - zlib1g-dev - - tasks: - - name: Create pi user - copy: - dest: /boot/userconf - content: | - pi:$6$3jNr0GA9KIyt4hmM$efeVIopdMQ8DGgEPCWWlbx3mJJNAYci1lEXGdlky0xPyjqwKNbwTL5SrCcpb4144C4IvzWjn7Iv.QjqmU7iyT/ - - - name: change hostname - lineinfile: - dest: /etc/hostname - regexp: '^raspberrypi' - line: "{{pwnagotchi.hostname}}" - state: present - when: lookup('file', '/etc/hostname') == "raspberrypi" - register: hostname - - - name: add hostname to /etc/hosts - lineinfile: - dest: /etc/hosts - regexp: '^127\.0\.1\.1[ \t]+raspberrypi' - line: "127.0.1.1\t{{pwnagotchi.hostname}}" - state: present - when: hostname.changed - - - name: disable sap plugin for bluetooth.service - lineinfile: - dest: /lib/systemd/system/bluetooth.service - regexp: '^ExecStart=/usr/libexec/bluetooth/bluetoothd$' - line: 'ExecStart=/usr/libexec/bluetooth/bluetoothd --noplugin=sap' - state: present - - - name: configure dphys-swapfile - lineinfile: - path: /etc/dphys-swapfile - regexp: "^CONF_SWAPSIZE=.*$" - line: "CONF_SWAPSIZE=2048" - - - name: Create custom plugin directory - file: - path: '{{ pwnagotchi.custom_plugin_dir }}' - state: directory - - - name: update apt package cache - apt: - update_cache: yes - - - name: install packages - apt: - name: "{{ packages.apt.install }}" - state: present - - - name: update pip3, setuptools, wheel - shell: "python3 -m pip install --upgrade pip setuptools wheel --break-system-packages" - args: - executable: /bin/bash - chdir: /usr/local/src - - ########################################### - # - # libpcap v1.9 - build from source - # - ########################################### - - # check for presence, then it can re-run in later parts if needed - # use the "make" built in - - # install libpcap before bettercap and pwngrid, so they use it - - name: clone libpcap v1.9 from github - git: - repo: 'https://github.com/the-tcpdump-group/libpcap.git' - dest: /usr/local/src/libpcap - version: libpcap-1.9 - - - name: build and install libpcap into /usr/local/lib - shell: "./configure && make && make install" - args: - executable: /bin/bash - chdir: /usr/local/src/libpcap - - - name: remove libpcap build folder - file: - state: absent - path: /usr/local/src/libpcap - - - name: create symlink /usr/local/lib/libpcap.so.1.9.1 - file: - src: /usr/local/lib/libpcap.so.1.9.1 - dest: /usr/local/lib/libpcap.so.0.8 - state: link - - ############################################################### - # Install nexmon to fix wireless scanning (takes 2.5G of space) - ############################################################### - - name: clone nexmon repository - git: - repo: https://github.com/DrSchottky/nexmon.git - dest: /usr/local/src/nexmon - # Install nexmon for all boards - - name: build and install nexmon as needed - include_tasks: nexmon.yml - loop: "{{ boards }}" - - # some pizero2w have the pizeroW wifi chip - # could this be a link instead of a copy? and force, only if not a link? - - name: copy 43430-sdio as 43436s-sdio for the special 43430/1 /2 - copy: - src: /usr/lib/firmware/brcm/brcmfmac43430-sdio.bin - dest: /usr/lib/firmware/brcm/brcmfmac43436s-sdio.bin - follow: true - - # delete blob files that make nexmon sad - - name: Delete the firmware blob files to avoid some nexmon crashing - file: - state: absent - path: '{{ item }}' - loop: - - /usr/lib/firmware/brcm/brcmfmac43430-sdio.clm_blob - - /usr/lib/firmware/brcm/brcmfmac43430-sdio.raspberrypi,model-zero-w.clm_blob - - /usr/lib/firmware/brcm/brcmfmac43430b0-sdio.raspberrypi,model-zero-2-w.clm_blob - - /usr/lib/firmware/brcm/brcmfmac43436-sdio.raspberrypi,model-zero-2-w.clm_blob - - /usr/lib/firmware/brcm/brcmfmac43430-sdio.raspberrypi,3-model-b.clm_blob - - # To shrink the final image, remove the nexmon directory (takes 2.5G of space) post build and installation - - name: Delete nexmon content & directory - file: - state: absent - path: /usr/local/src/nexmon/ - - - name: clone pwnagotchi repository - git: - repo: https://github.com/jayofelony/pwnagotchi-bookworm.git - dest: /usr/local/src/pwnagotchi - - - name: build pwnagotchi wheel - command: "pip install . --no-cache-dir --break-system-packages" - args: - chdir: /usr/local/src/pwnagotchi - environment: - ARCHFLAGS: "-arch armv6l" - - - name: create /usr/local/share/pwnagotchi/ folder - file: - path: /usr/local/share/pwnagotchi/ - state: directory - - - name: remove pwnagotchi folder - file: - state: absent - path: /usr/local/src/pwnagotchi - - ########################################## - # - # pwngrid, bettercap - # - ########################################## - - - name: Install go-1.21 - unarchive: - src: https://go.dev/dl/go1.21.5.linux-armv6l.tar.gz - dest: /usr/local - remote_src: yes - register: golang - - - name: Update .bashrc for go-1.21 - blockinfile: - dest: /home/pi/.bashrc - state: present - block: | - export GOPATH=$HOME/go - export PATH=/usr/local/go/bin:$PATH:$GOPATH/bin - when: golang.changed - - - name: download opwngrid - unarchive: - remote_src: yes - src: "{{ packages.opwngrid.url }}" - dest: /usr/local/bin/ - mode: 0755 - - - name: download and install bettercap - unarchive: - src: "{{ packages.bettercap.url }}" - dest: /usr/local/bin - remote_src: yes - exclude: - - README.md - - LICENSE.md - mode: 0755 - - - name: clone bettercap caplets - git: - repo: "{{ packages.caplets.source }}" - dest: /tmp/caplets - register: capletsgit - - - name: install bettercap caplets - make: - chdir: /tmp/caplets - target: install - when: capletsgit.changed - - - name: download and install bettercap ui - unarchive: - src: "{{ packages.bettercap.ui }}" - dest: /usr/local/share/bettercap/ - remote_src: yes - mode: 0755 - - # to always have the bettercap webui available (because why not?) - - name: copy pwnagotchi-manual over pwnagotchi-auto caplet - ansible.builtin.copy: - src: /usr/local/share/bettercap/caplets/pwnagotchi-manual.cap - dest: /usr/local/share/bettercap/caplets/pwnagotchi-auto.cap - force: true - ignore_errors: true - - - name: add HDMI powersave to rc.local - blockinfile: - path: /etc/rc.local - insertbefore: "exit 0" - block: | - if ! /usr/bin/tvservice -s | egrep 'HDMI|DVI'; then - /usr/bin/tvservice -o - fi - - - name: create /etc/pwnagotchi folder - file: - path: /etc/pwnagotchi - state: directory - - - name: check if user configuration exists - stat: - path: /etc/pwnagotchi/config.toml - register: user_config - - - name: create /etc/pwnagotchi/config.toml - copy: - dest: /etc/pwnagotchi/config.toml - content: | - # Add your configuration overrides on this file any configuration changes done to default.toml will be lost! - # Example: - # ui.display.enabled = true - # ui.display.type = "waveshare_2" - when: not user_config.stat.exists - - - name: Delete motd 10-uname - file: - state: absent - path: /etc/update-motd.d/10-uname - - - name: enable ssh on boot - file: - path: /boot/ssh - state: touch - - - name: adjust /boot/config.txt - lineinfile: - dest: /boot/config.txt - insertafter: EOF - line: '{{ item }}' - with_items: "{{system.boot_options}}" - - - name: adjust /etc/modules - lineinfile: - dest: /etc/modules - insertafter: EOF - line: '{{ item }}' - with_items: "{{system.modules}}" - - - name: change root partition - replace: - dest: /boot/cmdline.txt - backup: no - regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+" - replace: "root=/dev/mmcblk0p2" - - - name: configure /boot/cmdline.txt - lineinfile: - path: /boot/cmdline.txt - backrefs: True - state: present - backup: no - regexp: '(.*)$' - line: '\1 modules-load=dwc2,g_ether' - - - name: Add pwnlog alias - lineinfile: - dest: /home/pi/.bashrc - line: "\nalias pwnlog='tail -f -n300 /var/log/pwn*.log | sed --unbuffered \"s/,[[:digit:]]\\{3\\}\\]//g\" | cut -d \" \" -f 2-'" - insertafter: EOF - - - name: Add pwnver alias - lineinfile: - dest: /home/pi/.bashrc - line: "\nalias pwnver='python3 -c \"import pwnagotchi as p; print(p.__version__)\"'" - insertafter: EOF - - - name: Add pwnkill alias to restart pwnagotchi with a signal - lineinfile: - dest: /home/pi/.bashrc - line: "\nalias pwnkill='sudo killall -USR1 pwnagotchi'" - insertafter: EOF - - - name: add firmware packages to hold - dpkg_selections: - name: "{{ item }}" - selection: hold - with_items: "{{ packages.apt.hold }}" - - - name: disable unnecessary services - systemd: - name: "{{ item }}" - state: stopped - enabled: no - with_items: "{{ services.disable }}" - - - name: enable services - systemd: - name: "{{ item }}" - enabled: true - state: stopped - with_items: "{{ services.enable }}" - - #- name: remove golang build libraries - # file: - # state: absent - # path: /root/go - - #- name: remove golang - # file: - # state: absent - # path: /usr/local/go - - - name: make /root readable, becauase that's where all the files are - file: - path: /root - mode: '755' - - - name: fix permissions on /home/pi - file: - path: /home/pi - owner: pi - group: pi - recurse: true - - - name: remove unnecessary apt packages - apt: - name: "{{ packages.apt.remove }}" - state: absent - purge: yes - - - name: remove dependencies that are no longer required - apt: - autoremove: yes - - - name: clean apt cache - apt: - autoclean: true - - - name: remove golang build libraries - file: - state: absent - path: /root/go - - - name: remove pre-collected packages zip - file: - path: /root/go_pkgs.tgz - state: absent - - - name: remove golang - file: - state: absent - path: /usr/local/go - - - name: remove /root/.cache (pip cache) - file: - state: absent - path: /root/.cache - - - name: remove ssh keys - file: - state: absent - path: "{{ item }}" - with_fileglob: - - "/etc/ssh/ssh_host*_key*" - - - name: regenerate ssh keys - shell: "dpkg-reconfigure openssh-server" - args: - executable: /bin/bash - - handlers: - - name: reload systemd services - systemd: - daemon_reload: yes \ No newline at end of file