-
Notifications
You must be signed in to change notification settings - Fork 10
/
tweaks.sh
210 lines (174 loc) · 6.46 KB
/
tweaks.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
#!/usr/bin/env bash
usage()
{
echo "Usage: sudo $0 -h HOSTNAME -p PASSWORD"
exit 0
}
# Check we have the privileges we need
if [ `whoami` != root ]; then
echo "Please run this script as root or using sudo"
exit 0
fi
oldHost=NULL
varHost=NULL
varPass=NULL
backupDir=/home/deepracer/backup
if [ ! -d ${backupDir} ]; then
mkdir ${backupDir}
fi
optstring=":h:p:"
while getopts $optstring arg; do
case ${arg} in
h) varHost=${OPTARG};;
p) varPass=${OPTARG};;
?) usage ;;
esac
done
# Stop DeepRacer Stack
systemctl stop deepracer-core
# Disable IPV6 on all interfaces
echo -e -n "\nDisable IPV6\n"
cp /etc/sysctl.conf ${backupDir}/sysctl.conf.bak
printf "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
# Update the DeepRacer console password
if [ $varPass != NULL ]; then
echo -e -n "\n\nUpdating password to: $varPass \n"
tempPass=$(echo -n $varPass | sha224sum)
IFS=' ' read -ra encryptedPass <<< $tempPass
cp /opt/aws/deepracer/password.txt ${backupDir}/password.txt.bak
printf "${encryptedPass[0]}" > /opt/aws/deepracer/password.txt
fi
# Grant deepracer user sudoers rights
echo deepracer ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/deepracer
chmod 0440 /etc/sudoers.d/deepracer
# Check version
. /etc/lsb-release
if [ $DISTRIB_RELEASE = "16.04" ]; then
echo 'Ubuntu 16.04 detected'
echo "Please update your car to 20.04 -> https://docs.aws.amazon.com/deepracer/latest/developerguide/deepracer-ubuntu-update-preparation.html"
exit 1
elif [ $DISTRIB_RELEASE = "20.04" ]; then
echo 'Ubuntu 20.04 detected'
bundlePath=/opt/aws/deepracer/lib/device_console/static
webserverPath=/opt/aws/deepracer/lib/webserver_pkg/lib/python3.8/site-packages/webserver_pkg
systemPath=/opt/aws/deepracer/lib/deepracer_systems_pkg/lib/python3.8/site-packages/deepracer_systems_pkg
else
echo 'Not sure what version of OS, terminating.'
exit 1
fi
echo -e -n "\nUpdating car...\n"
# Get latest key from OpenVINO
curl -o GPG-PUB-KEY-INTEL-SW-PRODUCTS https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB
sudo apt-key add GPG-PUB-KEY-INTEL-SW-PRODUCTS
# Update Ubuntu
echo -e -n "\nUpdating Ubuntu packages\n"
sudo apt-get update
sudo apt-get upgrade -o Dpkg::Options::="--force-overwrite" -o Dpkg::Options::='--force-confold' -y
# Update DeepRacer
echo -e -n "\nUpdate DeepRacer packages\n"
sudo apt-get install aws-deepracer-* -y
# Ensure all packages installed
sudo apt-get update
sudo apt-get upgrade -y
# Remove redundant packages
echo -e -n "\nRemove redundant packages\n"
sudo apt autoremove -y
# If changing hostname need to change the flag in network_config.py
# /opt/aws/deepracer/lib/deepracer_systems_pkg/lib/python3.8/site-packages/deepracer_systems_pkg/network_monitor_module/network_config.py
# SET_HOSTNAME_TO_CHASSIS_SERIAL_NUMBER = False
if [ $DISTRIB_RELEASE = "20.04" ]; then
if [ $varHost != NULL ]; then
echo -e -n "\nSet hostname: ${varHost}\n"
oldHost=$HOSTNAME
hostnamectl set-hostname ${varHost}
cp /etc/hosts ${backupDir}/hosts.bak
rm /etc/hosts
cat ${backupDir}/hosts.bak | sed -e "s/${oldHost}/${varHost}/" > /etc/hosts
cp ${systemPath}/network_monitor_module/network_config.py ${backupDir}/network_config.py.bak
rm ${systemPath}/network_monitor_module/network_config.py
cat ${backupDir}/network_config.py.bak | sed -e "s/SET_HOSTNAME_TO_CHASSIS_SERIAL_NUMBER = True/SET_HOSTNAME_TO_CHASSIS_SERIAL_NUMBER = False/" > ${systemPath}/network_monitor_module/network_config.py
fi
# Disable software_update
echo -e -n "\nDisable software update\n"
cp ${systemPath}/software_update_module/software_update_config.py ${backupDir}/software_update_config.py.bak
rm ${systemPath}/software_update_module/software_update_config.py
cat ${backupDir}/software_update_config.py.bak | sed -e "s/ENABLE_PERIODIC_SOFTWARE_UPDATE = True/ENABLE_PERIODIC_SOFTWARE_UPDATE = False/" > ${systemPath}/software_update_module/software_update_config.py
fi
# Disable video stream by default
echo -e -n "\nDisable video stream\n"
cp $bundlePath/bundle.js ${backupDir}/bundle.js.bak
rm $bundlePath/bundle.js
cat ${backupDir}/bundle.js.bak | sed -e "s/isVideoPlaying\: true/isVideoPlaying\: false/" > $bundlePath/bundle.js
# Disable system suspend
echo -e -n "\nDisable system suspend\n"
systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target
# Disable X on startup
echo -e -n "\nSet console-only at startup\n"
systemctl set-default multi-user.target
# Disable network power saving
echo -e -n "\nDisable network power saving"
echo -e '#!/bin/sh\n/usr/sbin/iw dev mlan0 set power_save off\n' > /etc/network/if-up.d/disable_power_saving
chmod 755 /etc/network/if-up.d/disable_power_saving
# Enable SSH
echo -e -n "\nEnable SSH\n"
service ssh start
ufw allow ssh
# Allow multiple logins on the console
echo -e -n "\nEnable multiple logins to the console\n"
cp /etc/nginx/sites-enabled/default ${backupDir}/default.bak
rm /etc/nginx/sites-enabled/default
cat ${backupDir}/default.bak | sed -e "s/auth_request \/auth;/#auth_request \/auth;/" > /etc/nginx/sites-enabled/default
# Change the cookie duration
echo -e -n "\nUpdate the cookie duration\n"
cp $webserverPath/login.py ${backupDir}/login.py.bak
rm $webserverPath/login.py
cat ${backupDir}/login.py.bak | sed -e "s/datetime.timedelta(hours=1)/datetime.timedelta(hours=12)/" > $webserverPath/login.py
# Disable Gnome and other services
# - to enable gnome - systemctl set-default graphical
# - to start gnome - systemctl start gdm3
systemctl set-default multi-user
systemctl stop bluetooth
systemctl stop cups-browsed
# Default running service list
# service --status-all | grep '\[ + \]'
# [ + ] acpid
# [ + ] alsa-utils
# [ + ] apparmor
# [ + ] apport
# [ + ] avahi-daemon
# [ + ] binfmt-support
# [ + ] bluetooth
# [ + ] console-setup
# [ + ] cron
# [ + ] cups-browsed
# [ + ] dbus
# [ + ] dnsmasq
# [ + ] fail2ban
# [ + ] grub-common
# [ + ] irqbalance
# [ + ] isc-dhcp-server
# [ + ] keyboard-setup
# [ + ] kmod
# [ + ] lightdm
# [ + ] network-manager
# [ + ] networking
# [ + ] nginx
# [ + ] ondemand
# [ + ] procps
# [ + ] rc.local
# [ + ] resolvconf
# [ + ] rsyslog
# [ + ] speech-dispatcher
# [ + ] ssh
# [ + ] thermald
# [ + ] udev
# [ + ] ufw
# [ + ] urandom
# [ + ] uuidd
# [ + ] watchdog
# [ + ] whoopsie
# Restart services
echo 'Restarting services'
systemctl start deepracer-core
service nginx restart
echo "Done!"