provision: simplify boot with quick_boot flag, auto-update from git

- on_start.sh: always enables WiFi, waits 30s for connectivity if no /data/quick_boot, then runs provision.sh - New provision.sh: sets up SSH keys, installs openvpn, pulls latest code from remote (hard reset, remote wins), runs build_only.sh, touches /data/quick_boot on success - Delete old dev/on_start.sh, dev/provision.sh, dev/on_start_brian.sh.cpt (encrypted key decryption no longer needed) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-14 18:41:06 -05:00
parent 4d0e4efd6f
commit 2b481b6656
5 changed files with 69 additions and 69 deletions
--- a/system/clearpilot/dev/on_start.sh
+++ b/system/clearpilot/dev/on_start.sh
@@ -1,17 +0,0 @@
 #!/bin/bash
 # tmp for debugging
 date >> /tmp/dongles
 echo check dongle >> /tmp/dongles
 cat /data/params/d/DongleId >> /tmp/dongles
 echo done >> /tmp/dongles
 dongle_id=$(cat /data/params/d/DongleId)
 if [[ ! $dongle_id == 90bb71* ]]; then
    exit 1
 fi
 echo Bringing up brian dev environment
 bash /data/openpilot/system/clearpilot/dev/provision.sh
 bash /data/openpilot/system/clearpilot/dev/on_start_brian.sh
--- a/system/clearpilot/dev/on_start_brian.sh.cpt
+++ b/system/clearpilot/dev/on_start_brian.sh.cpt
@@ -1,2 +0,0 @@
 •Í’T4üoŠd¿á¹³€å–³!qús^§‘1E<31>Œ½—ðÓÉQ¯Åe|0b.7ša|Þ¶$Âï)x‰ ÷9‘Sü8BÌQÛ÷øÃ;TÝ`~?Q!hj2ÔŒwqô/[´ Xðt¬Ç5‡ü,«Ë<C2AB>ñm¾^v<>¯$vf‚ÇH°)J½A
 ²W°n`<@’‹.¬ç&><>&}m8˜‰àÃ;½\$^`Aª›Œ
--- a/system/clearpilot/dev/provision.sh
+++ b/system/clearpilot/dev/provision.sh
@@ -1,48 +0,0 @@
 #!/bin/bash
 # Provision script for BrianBot
 # These actions only occur on BrianBot's comma device.
 # 1. Check the string in /data/params/d/DongleId
 dongle_id=$(cat /data/params/d/DongleId)
 if [[ ! $dongle_id == 90bb71* ]]; then
    exit 1
 fi
 echo "BrianBot dongle ID detected."
 # 2. Check if ccrypt is installed, install if not
 if ! command -v ccrypt >/dev/null 2>&1; then
    echo "Installing ccrypt..."
    sudo apt-get update
    sudo apt-get install -y ccrypt
 fi
 # 3. Decrypt SSH keys if they have not been decrypted yet
 if [ ! -f /data/openpilot/system/clearpilot/dev/id_rsa.pub ]; then
   echo "Decrypting SSH keys..."
   bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/id_rsa.pub.cpt /data/openpilot/system/clearpilot/dev/id_rsa.pub
   bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/id_rsa.cpt /data/openpilot/system/clearpilot/dev/id_rsa
   bash /data/openpilot/system/clearpilot/tools/decrypt /data/openpilot/system/clearpilot/dev/on_start_brian.sh.cpt /data/openpilot/system/clearpilot/dev/on_start_brian.sh
 fi
 # 4. Ensure .ssh directory and keys exist
 ssh_dir="/data/ssh/.ssh"
 if [[ ! -f "$ssh_dir/id_rsa" || ! -f "$ssh_dir/id_rsa.pub" ]]; then
    echo "Setting up SSH directory and keys..."
    mkdir -p "$ssh_dir"
    cp /data/openpilot/system/clearpilot/dev/id_rsa /data/openpilot/system/clearpilot/dev/id_rsa.pub "$ssh_dir"
    chmod 700 "$ssh_dir"
    chmod 600 "$ssh_dir/id_rsa" "$ssh_dir/id_rsa.pub"
    echo hansonxyz > /data/params/d/GithubUsername
    cat /data/openpilot/system/clearpilot/dev/GithubSshKeys > /data/params/d/GithubSshKeys
    echo 1 > /data/params/d/SshEnabled
    sudo systemctl restart ssh
    cd /data/openpilot
    git remote remove origin
    git remote add origin git@privategit.hanson.xyz:brianhansonxyz/clearpilot.git
 fi
 echo "Script execution complete."
--- a/system/clearpilot/on_start.sh
+++ b/system/clearpilot/on_start.sh
@@ -3,5 +3,24 @@
 # Install logo
 bash /data/openpilot/system/clearpilot/startup_logo/set_logo.sh
-# Reverse ssh disabled — using VPN for remote access instead
+# Always ensure WiFi radio is on
-# bash /data/openpilot/system/clearpilot/dev/on_start.sh
+nmcli radio wifi on 2>/dev/null
 if [ ! -f /data/quick_boot ]; then
    # No quick_boot flag — wait for internet connectivity (up to 30s)
    echo "Waiting for internet connectivity (up to 30s)..."
    for i in $(seq 1 30); do
        if nmcli networking connectivity check 2>/dev/null | grep -q "full"; then
            echo "Internet connectivity detected after ${i}s"
            break
        fi
        sleep 1
    done
    # If online, run provision
    if nmcli networking connectivity check 2>/dev/null | grep -q "full"; then
        bash /data/openpilot/system/clearpilot/provision.sh
    else
        echo "No internet connectivity after 30s, skipping provision"
    fi
 fi
--- a/system/clearpilot/provision.sh
+++ b/system/clearpilot/provision.sh
@@ -0,0 +1,48 @@
 #!/bin/bash
 # ClearPilot provision script
 # Runs on first boot (no /data/quick_boot) when internet is available.
 # Sets up SSH, installs packages, pulls latest code, and builds.
 # Dongle gate
 dongle_id=$(cat /data/params/d/DongleId 2>/dev/null)
 if [[ ! $dongle_id == 90bb71* ]]; then
    echo "provision: dongle ID not recognized, skipping"
    exit 0
 fi
 echo "provision: starting"
 # 1. SSH authorized keys and service
 cat /data/openpilot/system/clearpilot/dev/GithubSshKeys > /data/params/d/GithubSshKeys
 echo -n 1 > /data/params/d/SshEnabled
 sudo systemctl enable ssh 2>/dev/null
 sudo systemctl start ssh
 # 2. Remount / read-write and install packages
 sudo mount -o remount,rw /
 sudo apt-get update -qq
 sudo apt-get install -y openvpn
 # 3. Pull latest from remote (remote always wins)
 cd /data/openpilot
 git fetch origin clearpilot
 LOCAL=$(git rev-parse HEAD)
 REMOTE=$(git rev-parse origin/clearpilot)
 if [ "$LOCAL" != "$REMOTE" ]; then
    echo "provision: updating from $LOCAL to $REMOTE"
    git reset --hard origin/clearpilot
    sudo chown -R comma:comma /data/openpilot
 fi
 # 4. Build
 echo "provision: running build"
 su - comma -c "bash /data/openpilot/build_only.sh"
 if [ $? -eq 0 ]; then
    echo "provision: build succeeded"
    touch /data/quick_boot
 else
    echo "provision: build failed"
 fi
 echo "provision: complete"
		`@@ -1,2 +0,0 @@`
			•Í’T4üoŠd¿á¹³€å–³!qús^§‘1E<31>Œ½—ðÓÉQ¯Åe\|0b.7ša\|Þ¶$Âï)x‰ ÷9‘Sü8BÌQÛ÷øÃ;TÝ`~?Q!hj2ÔŒwqô/[´ Xðt¬Ç5‡ü,«Ë<C2AB>ñm¾^v<>¯$vf‚ÇH°)J½A
			²W°n`<@’‹.¬ç&><>&}m8˜‰àÃ;½\$^`Aª›Œ