add install scripts for overlayfs including motd

README.md

@@ -5,3 +5,4 @@ Clone of original domoticz-contrib repository with a few changes:
 - fix bug where a mount point would not always be recognized properly as ro/rw due to regex being incomplete
   - e.g. rootro would also see a rw partition as ro if it had the option "remount-ro,..." in it
 - when syncing changes back to disk on restart do not follow links
+- the todo at https://www.domoticz.com/wiki/Setting_up_overlayFS_on_Raspberry_Pi is brilliant, but it's even better if it's automated ;)

install_overlayfs.sh

@@ -0,0 +1,73 @@
+#!/bin/bash
+set -e
+BASEDIR=$(dirname "$0")
+
+showHelp() {
+cat << EOF
+Usage: ./install_overlayfs.sh -r <ro_paths> -o <overlay>
+Note: requires a debian installation, might work on other distributions,
+but it's not tested. Make sure the path arguments is within quotes
+-h, --help              Display help
+-r, --read-only-paths   <arg>  Space separate list of paths to mount
+                               as ro (recommended /)
+-o, --overlay-paths     <arg>  Space separated list of paths to mount as
+                               overlay (recommended "/var /home/root")
+EOF
+}
+
+options=`getopt -l "help,read-only-paths:,overlay-paths:" -o "hr:o:" -- "$@"`
+eval set -- "$options"
+
+while true; do
+  case $1 in
+  -h|--help)              showHelp; exit 0;;
+  -r|--read-only-paths)   PATHS_TO_MOUNT_AS_RO=$2; shift;;
+  -o|--overlay-paths)     PATHS_TO_MOVE_TO_OVERLAY=$2; shift;;
+  --)                     break;;
+  *)                      showHelp; exit 1;
+  esac
+  shift
+done
+
+REMAINING_ARGS=$@
+([ -z "$PATHS_TO_MOUNT_AS_RO" ] || [ -z "$PATHS_TO_MOVE_TO_OVERLAY" ]) && { echo "required argument not set!"; exit 1; }
+[ "$REMAINING_ARGS" == "--" ] || { echo "trailing arguments, are you sure you have put your arguments in quotes?"; exit 1; }
+echo "implement overlayfs creating a read-only root filesystem..."
+
+echo "  disabling rsyslog service"
+systemctl stop syslog.socket rsyslog
+systemctl disable syslog.socket rsyslog
+
+if [ -x "$(command -v dphys-swapfile)" ]; then
+  echo "  turning off swap..."
+  dphys-swapfile swapoff
+  dphys-swapfile uninstall
+  systemctl disable dphys-swapfile
+fi
+
+echo "  setting up overlayfs..."
+apt -qq install fuse lsof
+
+$BASEDIR/overlayfs/setup_files.sh
+$BASEDIR/overlayfs/change_boot.sh
+$BASEDIR/overlayfs/change_fstab.sh ${PATHS_TO_MOVE_TO_OVERLAY}
+$BASEDIR/overlayfs/movefs.sh ${PATHS_TO_MOVE_TO_OVERLAY}
+
+echo "  customising paths on overlayfs scripts"
+sed -i -r "s|(for FS in ).+|\1${PATHS_TO_MOUNT_AS_RO}|" /usr/local/bin/rootro
+sed -i -r "s|(RequiresMountsFor=).*|\1${PATHS_TO_MOVE_TO_OVERLAY}|" /etc/systemd/system/syncoverlayfs.service
+
+echo "  starting overlayfs service..."
+systemctl enable syncoverlayfs
+systemctl start syncoverlayfs
+
+echo "  setup motd script to show whether we're running in ro/row mode"
+install -m 755 $BASEDIR/overlayfs/motd/80-overlayfs /etc/update-motd.d/
+
+echo "  activating all changes..."
+for D in ${PATHS_TO_MOVE_TO_OVERLAY}; do
+  mount ${D}
+done
+
+echo "  done, please reboot to activate changes"
+systemctl is-active --quiet syncoverlayfs

overlayfs/change_boot.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+set -e
+
+BOOT_FILE=/boot/extlinux/extlinux.conf
+ARMBIAN_BOOT_FILE=/boot/armbianEnv.txt
+
+echo -n "  checking if boot needs to be changed... "
+
+RO_KERNEL_OPTIONS="ro noswap fastboot"
+if [[ -f "$ARMBIAN_BOOT_FILE" ]]; then
+  if `grep -q "${RO_KERNEL_OPTIONS}" $ARMBIAN_BOOT_FILE`; then echo "no (already setup)"; exit 0; else echo "yes"; fi
+  echo "extraargs=$RO_KERNEL_OPTIONS" >> $ARMBIAN_BOOT_FILE
+elif [[ -f "$BOOT_FILE" ]]; then
+  if `grep -q "${RO_KERNEL_OPTIONS}" $BOOT_FILE`; then echo "no (already setup)"; exit 0; else echo "yes"; fi
+
+  if `egrep -q "label .+rockchip-ayufan.+" $BOOT_FILE`; then
+    sed -i.orig -r "s/(APPEND=\".+)\"/\1 ${RO_KERNEL_OPTIONS}\"/"  /etc/default/extlinux
+    if [ -x "$(command -v update_extlinux.sh)" ]; then update_extlinux.sh; fi
+    if [ -x "$(command -v update-extlinux.sh)" ]; then update-extlinux.sh; fi
+  else
+    RO_KERNEL_NAME="kernel-ro"
+    echo "  adding additional ${RO_KERNEL_NAME} boot target"
+
+    DEFAULT_KERNEL_NAME=`cat $BOOT_FILE | sed -nr 's/default (.+)/\1/p'`
+
+    # select header and all indented lines belonging to it
+    DEFAULT_KERNEL_OPTIONS=`awk -v dko="label ${DEFAULT_KERNEL_NAME}" '$0 ~ dko && !f{f=1;x=$0;sub(/[^ ].*/,"",x);x=x" ";print;next} f {if (substr($0,1,length(x))==x)print; else f=0}' $BOOT_FILE`
+
+    sed  -i.orig "s/default ${DEFAULT_KERNEL_NAME}/default ${RO_KERNEL_NAME}/" $BOOT_FILE
+    echo "" >> $BOOT_FILE
+    echo "${DEFAULT_KERNEL_OPTIONS}" | sed -e "s/${DEFAULT_KERNEL_NAME}/${RO_KERNEL_NAME}/" -e "s/ rw / ${RO_KERNEL_OPTIONS} /" >> $BOOT_FILE
+  fi
+fi
+
+exit 0

overlayfs/change_fstab.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+set -e
+
+[ $# -eq 0 ] && { echo "change_fstab Usage: whitespace separated list of paths that should be enabled for overlay"; exit 1; }
+
+PATHS_TO_MOVE_TO_OVERLAY=$@
+
+echo -n "  checking if mounts need to be updated to ro... "
+BOOT_FILE=/boot/extlinux/extlinux.conf
+FSTAB_FILE=/etc/fstab
+TMPFS_MARKER="mount_overlay"
+if `grep -q ${TMPFS_MARKER} $FSTAB_FILE`; then echo "no (already setup)"; exit 0; else echo "yes"; fi
+
+BOOT_DEVICE=`cat $BOOT_FILE | sed -rn 's/.+root=([^=]*)=.+/\1/p' | head -n 1`
+# set boot device to ro
+sed -i.orig -r "s|(${BOOT_DEVICE}.*)defaults|\1ro,noatime|" $FSTAB_FILE
+# set root device to ro
+sed -i -r 's|( / \s*\S*).*|\1\tro,noatime\t\t0\t1|' $FSTAB_FILE
+
+echo "" >> $FSTAB_FILE
+for D in $PATHS_TO_MOVE_TO_OVERLAY; do
+  echo "mount_overlay	${D}		fuse	nofail,defaults		0	0" >> $FSTAB_FILE
+done
+
+echo "none		/tmp		tmpfs	size=50M,defaults	0	0" >> $FSTAB_FILE
+
+exit 0

overlayfs/motd/80-overlayfs

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+str=$(mount | grep ' on / ')
+
+if echo $str | grep -q 'ro'; then
+  echo "------ INFO: / MOUNTED WITH \e[1mRO OVERLAY\e[0m ------\n"
+elif echo $str | grep -q 'rw'; then
+  echo "++++++ INFO: / MOUNTED \e[1mREAD-WRITE\e[0m ++++++\n"
+else
+  echo "!!!!!! [\e[31mWARNING\e[0m: / UNKNOWN STATE\e[0m !!!!!!\n"
+fi

overlayfs/movefs.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+[ $# -eq 0 ] && { echo "movefs Usage: whitespace separated list of paths that should be enabled for overlay"; exit 1; }
+
+PATHS_TO_MOVE_TO_OVERLAY=$@
+
+echo "  setting up overlay filesystem (this might take a while)..."
+for D in ${PATHS_TO_MOVE_TO_OVERLAY}; do
+  D_HID=`sed -r "s|/(.+)|/.\1|" <<< $D`
+  if [ ! -d ${D_HID}_org ]; then
+    mv -v ${D} ${D_HID}_org
+    cd ${D_HID}_org
+    find . | cpio -pdum ${D_HID}_stage
+    mkdir -v ${D} ${D_HID}_rw ${D}/.overlaysync ${D_HID}_org/.overlaysync
+  fi
+done

overlayfs/setup_files.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+set -e
+BASEDIR=$(dirname "$0")
+
+RELEASE_INFO=$(lsb_release --codename --short)
+[[ ${RELEASE_INFO} =~ wheezy|stretch|buster ]] || { echo "this script only works on Debian 8-10 (wheezy, stretch, buster)"; exit 1; }
+
+echo "  fetching overlayfs scripts..."
+install  -m 755 $BASEDIR/../init.d/saveoverlays-$RELEASE_INFO /etc/init.d/saveoverlays
+install  -m 755 $BASEDIR/../init.d/syncoverlayfs.service /etc/systemd/system/
+
+install  -m 755 $BASEDIR/../utils/mount_overlay /usr/local/bin/
+install  -m 755 $BASEDIR/../utils/rootro /usr/local/bin/
+ln -s /usr/local/bin/rootro /usr/local/bin/rootrw 2>/dev/null
+
+exit 0