#!/bin/bash # OpenWall ISO Builder # Creates a custom Debian ISO with OpenWall Dashboard pre-installed # Uses Docker to build the ISO in a clean environment set -e # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Configuration ISO_NAME="openwall-dashboard" ISO_VERSION="1.0.0" DEBIAN_VERSION="bookworm" BUILD_DIR="$(pwd)/iso-build" OUTPUT_DIR="$(pwd)/dist" DOCKER_IMAGE="openwall-iso-builder" echo -e "${BLUE}OpenWall ISO Builder${NC}" echo -e "${BLUE}===================${NC}" # Check if Docker is installed and running if ! command -v docker &> /dev/null; then echo -e "${RED}Docker is not installed. Please install Docker first.${NC}" exit 1 fi if ! docker info &> /dev/null; then echo -e "${RED}Docker is not running. Please start Docker first.${NC}" exit 1 fi # Clean previous builds echo -e "${YELLOW}Cleaning previous builds...${NC}" rm -rf "$BUILD_DIR" "$OUTPUT_DIR" mkdir -p "$BUILD_DIR" "$OUTPUT_DIR" # Create Dockerfile for ISO building echo -e "${YELLOW}Creating Docker build environment...${NC}" cat > "$BUILD_DIR/Dockerfile" << EOF FROM debian:${DEBIAN_VERSION} # Install required packages for ISO building RUN apt-get update && apt-get install -y \\ debootstrap \\ squashfs-tools \\ xorriso \\ isolinux \\ syslinux-efi \\ grub-pc-bin \\ grub-efi-amd64-bin \\ grub-efi-ia32-bin \\ mtools \\ dosfstools \\ curl \\ wget \\ git \\ rsync \\ && rm -rf /var/lib/apt/lists/* # Set working directory WORKDIR /build # Copy build scripts COPY build-iso.sh /build/ COPY install.sh /build/ COPY . /build/openwall/ RUN chmod +x /build/build-iso.sh # Build the ISO CMD ["/build/build-iso.sh"] EOF # Create the main ISO build script cat > "$BUILD_DIR/build-iso.sh" << 'EOF' #!/bin/bash set -e # Configuration ISO_NAME="openwall-dashboard" ISO_VERSION="1.0.0" DEBIAN_VERSION="bookworm" WORK_DIR="/build" CHROOT_DIR="${WORK_DIR}/chroot" ISO_DIR="${WORK_DIR}/iso" OUTPUT_ISO="${WORK_DIR}/${ISO_NAME}-${ISO_VERSION}.iso" echo "Building OpenWall Dashboard ISO..." # Create directories mkdir -p "${CHROOT_DIR}" "${ISO_DIR}" # Bootstrap Debian base system echo "Bootstrapping Debian base system..." debootstrap --arch=amd64 --variant=minbase "${DEBIAN_VERSION}" "${CHROOT_DIR}" http://deb.debian.org/debian/ # Mount necessary filesystems mount --bind /dev "${CHROOT_DIR}/dev" mount --bind /dev/pts "${CHROOT_DIR}/dev/pts" mount --bind /proc "${CHROOT_DIR}/proc" mount --bind /sys "${CHROOT_DIR}/sys" # Create cleanup function cleanup() { echo "Cleaning up mounts..." umount -lf "${CHROOT_DIR}/dev/pts" 2>/dev/null || true umount -lf "${CHROOT_DIR}/dev" 2>/dev/null || true umount -lf "${CHROOT_DIR}/proc" 2>/dev/null || true umount -lf "${CHROOT_DIR}/sys" 2>/dev/null || true } trap cleanup EXIT # Copy OpenWall files into chroot echo "Copying OpenWall files..." mkdir -p "${CHROOT_DIR}/opt/openwall-installer" cp -r /build/openwall/* "${CHROOT_DIR}/opt/openwall-installer/" cp /build/install.sh "${CHROOT_DIR}/opt/openwall-installer/" # Configure chroot environment cat > "${CHROOT_DIR}/etc/apt/sources.list" << SOURCES deb http://deb.debian.org/debian/ ${DEBIAN_VERSION} main non-free-firmware deb-src http://deb.debian.org/debian/ ${DEBIAN_VERSION} main non-free-firmware deb http://security.debian.org/debian-security ${DEBIAN_VERSION}-security main non-free-firmware deb-src http://security.debian.org/debian-security ${DEBIAN_VERSION}-security main non-free-firmware deb http://deb.debian.org/debian/ ${DEBIAN_VERSION}-updates main non-free-firmware deb-src http://deb.debian.org/debian/ ${DEBIAN_VERSION}-updates main non-free-firmware SOURCES # Configure hostname echo "openwall-dashboard" > "${CHROOT_DIR}/etc/hostname" # Create chroot setup script cat > "${CHROOT_DIR}/setup-system.sh" << 'SETUP' #!/bin/bash set -e export DEBIAN_FRONTEND=noninteractive export LC_ALL=C echo "Setting up OpenWall Dashboard system..." # Update package lists apt-get update # Install essential packages apt-get install -y \ linux-image-amd64 \ live-boot \ systemd-sysv \ locales \ keyboard-configuration \ console-setup \ sudo \ network-manager \ openssh-server \ curl \ wget \ git \ nano \ htop \ firmware-linux-free \ firmware-linux-nonfree # Configure locales echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen locale-gen echo "LANG=en_US.UTF-8" > /etc/default/locale # Create openwall user useradd -m -s /bin/bash -G sudo openwall echo "openwall:openwall" | chpasswd echo "root:openwall" | chpasswd # Configure sudo echo "openwall ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/openwall # Configure automatic login mkdir -p /etc/systemd/system/getty@tty1.service.d cat > /etc/systemd/system/getty@tty1.service.d/override.conf << AUTOLOGIN [Service] ExecStart= ExecStart=-/sbin/agetty --autologin openwall --noclear %I \$TERM AUTOLOGIN # Create OpenWall installation service cat > /etc/systemd/system/openwall-install.service << SERVICE [Unit] Description=OpenWall Dashboard Installation After=network-online.target Wants=network-online.target [Service] Type=oneshot User=root ExecStart=/opt/openwall-installer/install.sh RemainAfterExit=yes [Install] WantedBy=multi-user.target SERVICE # Enable the installation service systemctl enable openwall-install.service # Create post-install script for user mkdir -p /home/openwall cat > /home/openwall/welcome.sh << WELCOME #!/bin/bash echo "==================================================" echo " Welcome to OpenWall Dashboard Live System!" echo "==================================================" echo "" echo "This system will automatically install and configure" echo "the OpenWall Dashboard on first boot." echo "" echo "Default credentials:" echo " Username: openwall" echo " Password: openwall" echo "" echo "The dashboard will start automatically after installation." echo "" echo "To reinstall manually, run:" echo " sudo /opt/openwall-installer/install.sh" echo "" echo "==================================================" echo "" WELCOME chmod +x /home/openwall/welcome.sh chown openwall:openwall /home/openwall/welcome.sh # Add welcome message to bashrc echo "/home/openwall/welcome.sh" >> /home/openwall/.bashrc # Configure network systemctl enable NetworkManager # Clean up apt-get clean rm -rf /var/lib/apt/lists/* rm -f /setup-system.sh echo "System setup completed!" SETUP chmod +x "${CHROOT_DIR}/setup-system.sh" # Run setup in chroot echo "Running system setup in chroot..." chroot "${CHROOT_DIR}" /setup-system.sh # Create live boot configuration echo "Setting up live boot configuration..." mkdir -p "${ISO_DIR}/live" # Create filesystem image echo "Creating filesystem image..." mksquashfs "${CHROOT_DIR}" "${ISO_DIR}/live/filesystem.squashfs" -comp xz -e boot # Copy kernel and initrd cp "${CHROOT_DIR}/boot/vmlinuz-"* "${ISO_DIR}/live/vmlinuz" cp "${CHROOT_DIR}/boot/initrd.img-"* "${ISO_DIR}/live/initrd" # Create GRUB configuration mkdir -p "${ISO_DIR}/boot/grub" cat > "${ISO_DIR}/boot/grub/grub.cfg" << GRUB set timeout=10 set default=0 menuentry "OpenWall Dashboard Live" { linux /live/vmlinuz boot=live components quiet splash initrd /live/initrd } menuentry "OpenWall Dashboard Live (Safe Mode)" { linux /live/vmlinuz boot=live components nomodeset initrd /live/initrd } GRUB # Create isolinux configuration mkdir -p "${ISO_DIR}/isolinux" cp /usr/lib/ISOLINUX/isolinux.bin "${ISO_DIR}/isolinux/" cp /usr/lib/syslinux/modules/bios/menu.c32 "${ISO_DIR}/isolinux/" cp /usr/lib/syslinux/modules/bios/libutil.c32 "${ISO_DIR}/isolinux/" cp /usr/lib/syslinux/modules/bios/ldlinux.c32 "${ISO_DIR}/isolinux/" cat > "${ISO_DIR}/isolinux/isolinux.cfg" << ISOLINUX UI menu.c32 PROMPT 0 TIMEOUT 100 MENU TITLE OpenWall Dashboard Live LABEL live MENU LABEL OpenWall Dashboard Live KERNEL /live/vmlinuz APPEND initrd=/live/initrd boot=live components quiet splash LABEL safe MENU LABEL OpenWall Dashboard Live (Safe Mode) KERNEL /live/vmlinuz APPEND initrd=/live/initrd boot=live components nomodeset ISOLINUX # Create EFI boot configuration mkdir -p "${ISO_DIR}/EFI/boot" grub-mkstandalone \ --format=x86_64-efi \ --output="${ISO_DIR}/EFI/boot/bootx64.efi" \ --locales="" \ --fonts="" \ "boot/grub/grub.cfg=${ISO_DIR}/boot/grub/grub.cfg" # Create the ISO echo "Creating ISO image..." xorriso -as mkisofs \ -iso-level 3 \ -full-iso9660-filenames \ -volid "OpenWall Dashboard" \ -eltorito-boot isolinux/isolinux.bin \ -eltorito-catalog isolinux/boot.cat \ -no-emul-boot \ -boot-load-size 4 \ -boot-info-table \ --eltorito-alt-boot \ -e EFI/boot/bootx64.efi \ -no-emul-boot \ -append_partition 2 0xef "${ISO_DIR}/EFI/boot/bootx64.efi" \ -output "${OUTPUT_ISO}" \ -graft-points \ "${ISO_DIR}" echo "ISO created: ${OUTPUT_ISO}" EOF chmod +x "$BUILD_DIR/build-iso.sh" # Copy project files echo -e "${YELLOW}Copying project files...${NC}" cp -r "$(dirname "$0")/../dashboard" "$BUILD_DIR/" cp -r "$(dirname "$0")/../server" "$BUILD_DIR/" cp "$(dirname "$0")/install.sh" "$BUILD_DIR/" # Create README for the ISO cat > "$BUILD_DIR/README.md" << 'EOF' # OpenWall Dashboard Live ISO This ISO contains a complete Debian-based live system with the OpenWall Dashboard pre-configured. ## Features - **Live Boot**: Boots directly from USB/DVD without installation - **Auto-Installation**: Automatically installs and configures OpenWall Dashboard on first boot - **Touch Support**: Optimized for touch displays - **9:16 Display**: Configured for portrait orientation displays - **Wayland Session**: Modern display server with touch support - **Kiosk Mode**: Runs in fullscreen kiosk mode ## Boot Options - **OpenWall Dashboard Live**: Normal boot with all features - **OpenWall Dashboard Live (Safe Mode)**: Boot with minimal graphics drivers ## Default Credentials - **Username**: openwall - **Password**: openwall ## Usage 1. Flash the ISO to a USB drive or burn to DVD 2. Boot from the USB/DVD 3. The system will automatically start and install the dashboard 4. The dashboard will be available in fullscreen mode ## Manual Installation If you need to reinstall or configure manually: ```bash sudo /opt/openwall-installer/install.sh ``` ## Network Configuration The system uses NetworkManager for network configuration. Connect to WiFi or Ethernet as needed. ## System Information - **Base OS**: Debian Bookworm - **Display Server**: Wayland (Sway compositor) - **Application**: Electron-based dashboard - **Backend**: Node.js Express server with SQLite EOF # Build the Docker image and create ISO echo -e "${YELLOW}Building Docker image...${NC}" docker build -t "$DOCKER_IMAGE" "$BUILD_DIR" echo -e "${YELLOW}Creating ISO (this may take a while)...${NC}" docker run --rm --privileged \ -v "$OUTPUT_DIR:/output" \ "$DOCKER_IMAGE" \ bash -c " /build/build-iso.sh && cp /build/*.iso /output/ " # Check if ISO was created successfully if [ -f "$OUTPUT_DIR/${ISO_NAME}-${ISO_VERSION}.iso" ]; then echo -e "${GREEN}ISO created successfully!${NC}" echo -e "${GREEN}========================${NC}" echo "" echo -e "${BLUE}ISO Information:${NC}" echo -e "• File: ${OUTPUT_DIR}/${ISO_NAME}-${ISO_VERSION}.iso" echo -e "• Size: $(du -h "$OUTPUT_DIR/${ISO_NAME}-${ISO_VERSION}.iso" | cut -f1)" echo "" echo -e "${YELLOW}Usage:${NC}" echo -e "1. Flash to USB: ${BLUE}dd if=${OUTPUT_DIR}/${ISO_NAME}-${ISO_VERSION}.iso of=/dev/sdX bs=4M status=progress${NC}" echo -e "2. Or use tools like Balena Etcher, Rufus, etc." echo -e "3. Boot from USB and follow the on-screen instructions" echo "" echo -e "${YELLOW}Features:${NC}" echo -e "• Live boot with auto-installation" echo -e "• Touch display support (9:16 ratio)" echo -e "• Wayland session with Sway compositor" echo -e "• Kiosk mode dashboard" echo -e "• Default user: openwall/openwall" else echo -e "${RED}ISO creation failed!${NC}" exit 1 fi # Clean up Docker image echo -e "${YELLOW}Cleaning up...${NC}" docker rmi "$DOCKER_IMAGE" 2>/dev/null || true echo -e "${GREEN}Build completed successfully!${NC}"