Dantes

Alright here is a "proof of concept" script I can't modify the installer, I'm not that savvy. But I took your tutorial and scripted it to my needs. Its been tested (on jammy) and it works. nanopi6_fdeBasically it comes down to this 1. Download the script 2. Copy it to the jammy sdcard 3. Boot with the sdcard and fill out Armbian questionnaire 4. chmod +x nanopi6_fde 5 ./nanopi6_fde 6. In the armbian-installer choose boot from emmc filesystem is ext4 (change the script if you want something else) exit after installation 7. At the end it prompts you for a passphrase 8. Reboot #!/bin/sh -vxe WORKDIR=$(mktemp -d -p /dev/shm) #faster running from memory #WORKDIR=/mmt #slower running from storage # 1. boot from sdcard (ubuntu/jammy), then update and install: apt update && apt upgrade apt install cryptsetup-bin gdisk # 2. run armbian-install and install to emmc/ext4, when done choose: exit armbian-install || true # 3. backup data mkdir -p ${WORKDIR}/emmcdata mount /dev/mmcblk2p1 ${WORKDIR}/emmcdata rsync -a --info=progress2 ${WORKDIR}/emmcdata/. ${WORKDIR}/backup sync umount /dev/mmcblk2p1 rmdir ${WORKDIR}/emmcdata # 4. create new partition layout sgdisk -og /dev/mmcblk2 sgdisk -n 1:32768:+512M -t 0:8300 /dev/mmcblk2 sgdisk -n 0:0:0 -t 0:8300 /dev/mmcblk2 # 5. create partitions mkfs.ext4 -F -L bootfs /dev/mmcblk2p1 dd if=/dev/zero bs=$((512/8)) count=1 of=/dev/shm/keyfile cryptsetup luksFormat --batch-mode --cipher=aes-xts-plain64 --key-size=512 \ --hash=sha512 /dev/mmcblk2p2 /dev/shm/keyfile cryptsetup open /dev/mmcblk2p2 rootfs --key-file=/dev/shm/keyfile mkfs.ext4 -L rootfs /dev/mapper/rootfs # 6. mount partitions mkdir -p ${WORKDIR}/restore mount /dev/mapper/rootfs ${WORKDIR}/restore mkdir -p ${WORKDIR}/restore/boot mount /dev/mmcblk2p1 ${WORKDIR}/restore/boot # 7. restore from backup rsync -a --info=progress2 ${WORKDIR}/backup/. ${WORKDIR}/restore sync # 8. disable rootfs resize?? touch ${WORKDIR}/restore/root/.no_rootfs_resize # 9. prepare chroot environment cd ${WORKDIR}/restore mount -o rbind /dev dev mount -t proc proc proc mount -t sysfs sys sys cat /etc/resolv.conf > etc/resolv.conf cat /etc/hosts > etc/hosts cat /etc/apt/sources.list > etc/apt/sources.list cat /etc/apt/sources.list.d/armbian.list > etc/apt/sources.list.d/armbian.list #10. change armbian environment sed -i '/^bootlogo=/s,=.*,=false,;/^rootdev=/s,=.*,=/dev/mapper/rootfs,' boot/armbianEnv.txt #11. add necessary modules to initramfs lsmod | cut -d ' ' -f1 | tail -n+2 > etc/initramfs-tools/modules #12. create etc/crypttab echo "rootfs UUID=$(lsblk /dev/mmcblk2p2 --nodeps --noheadings -o UUID) none initramfs,luks" > etc/crypttab #13. create etc/fstab echo "/dev/mapper/rootfs / ext4 defaults,noatime,nodiratime,commit=600,errors=remount-ro 0 1" > etc/fstab echo "UUID=$(lsblk /dev/mmcblk2p1 --noheadings -o UUID) /boot ext4 defaults,noatime,nodiratime,commit=600,errors=remount-ro 0 2" >> etc/fstab echo "tmpfs /tmp tmpfs defaults,nosuid 0 0" >> etc/fstab #14. chrooted environment cat << EOF > config #!/bin/sh -vx apt update echo 'force-confdef' > /root/.dpkg.cfg apt --yes install cryptsetup-initramfs rm /root/.dpkg.cfg lsinitramfs /boot/initrd.img* | grep 'usr.*cryptsetup' exit EOF chmod +x config chroot . ./config rm config #15. user input needed: new passphrase (temporary keyfile becomes obsolete) cryptsetup luksChangeKey --key-file=/dev/shm/keyfile --cipher=aes-xts-plain64 --hash=sha512 /dev/mmcblk2p2 #16. unmount everything umount | awk '/restore/{print $3}' | sort -r | xargs umount #17. poweroff, eject sdcard, power on [ -d "${WORKDIR}" ] && rmdir "${WORKDIR}" nanopi6_fde

Not talking about hardware accelerated support Software rendering works just fine in mpv. I thought firefox maybe needed an extra package, but it seems the online videos I tested are broadcasts. That's the only thing that makes sense . Local rendering work just fine, just not accelerated. Thanks for your time though.

Armbian/Jammy is working like a charm, thanks guys. Settings up the encryption was a bit of bitch but its working as you can see. Any chance of adding encryption to the installer?

This is a HTML5 audio/video tester for web browsers: https://tools.woolyss.com/html5-audio-video-tester/ As you can see .webm is not enabled because frankly I have no idea which package I need to enable that. I have opus and av1 installed: ii libdav1d5:arm64 0.9.2-1 arm64 fast and small AV1 video stream decoder (shared library) ii libopus0:arm64 1.3.1-0.1build2 arm64 Opus codec runtime library I tried gstreamer1.0-ugly and gstreamer1.0-bad but to no avail. Any idea's which package I am missing?

Thank you for responding, but you take it seemingly the wrong way, so assume its me and let me rephrase: I am not asking for anything. Since its a WIP, I assumed (wrongly?) that the project would like some feedback. > SSH & serial login is enabled by default. I don't think allowing blank password > would be a good idea under such circumstance. Yes, its users call, but we have > to prevent at least most stupid actions. One can always override this later in > case he knows what he is doing. We even used to have password complexity check > error, which was perhaps too hard and a while back was downgraded to a warning. > IMO there are enough of safety compromises. I was merely pointing out the 'inconsistency' of * Being able to set a blank password during installation and * Not being able to login upon reboot > Making it work on Ubuntu packages base represented months of work in exchange > for virtually nothing. Rare people is able to understand that and most people > are just used to consume without compensation, complaining and asking for more. > If you / people would understand what they are asking for ... ;) it would > already be a great step forward. No, this is not easy to make. Especially > because everyone expects from developers to pay for everything. Join, do your > part. But not with requests and demands. Project would hire several developers > to make it better for you ... Not what I meant at all mate. I was merely pointing out that not every user knows that (in this case) Bullseye means Debian and Jammy means "Ubuntu". I had to google it. A bit more information on the d/l page would have been most welcome :) > As it is impossible to satisfy everyone in this aspect, we don't even try. > Armbian provides clean base images with minimum set of applications. > Additional applications can be installed classical APT way, via armbian-config > or you start making your own images - build framework > https://github.com/armbian/build is a masterpiece. You can do your own Armbian > based image and adding your own applications in no time. Guilty, I jumped the gun here a bit. I contacted the "Tor Project" that there is a userbase that uses dev. boards as daily drivers (rpi,opi,nanopi) and want to use Tor Browser but can't. So with any luck in the future we hopefully can download it from their website. But here one can D/L a 3rd party port: https://sourceforge.net/projects/tor-browser-ports/files/ That being said, since you mentioned building images, I could build my own, but to what end? I am already using what I want. And personally I believe that no one would want to D/L what I build, just from a security perspective for starters. Could you elaborate, because I do not understand why an end user would want to build his own image.

Tried the Bullseye CLI, its feels solid Feedback: SHA is missing: https://redirect.armbian.com/nanopi-r6s/Bullseye_legacy_minimal.sha blank password will not be allowed after installation, so you are stuck on the login screen hardware acceleration does not work for bullseye ( bullseye=debian jammy=ubuntu i had to google it ) no tor-browser? ( i know I'm pushing my luck here ) Other than that, it was a pleasant experience

What is the power draw for NanoPC-T6 ? If you can and would do a reading or give an indication. That would be very much appreciated. These guys already did it for the r6s/r6c https://forum.openwrt.org/t/nanopi-r6s-linux-6-3-arm-soc-updates/153072/25

There is another "crazy " device out: NanoPC-T6, almost same specs as r6s and r6c https://www.friendlyelec.com/index.php?route=product/product&product_id=292 https://wiki.friendlyelec.com/wiki/index.php/NanoPC-T6 MEM: 4gb/8gb/16gb EMMC: 32gb/64gb/256gb NICS: 2x 2.5gbps nic VIDEO: 3x hdmi (2x out,1x in) IR: optional

Could someone paste this picture into https://www.armbian.com/nanopi-r6s/ ( I had some spare time)

Hello I have somewhat moronic questions, so please bare with me. I see a lot of images for the NanoPi R6C. However I am mostly familiar to the Mate Desktop. I am under the assumption that I could install the minimal CLI Armbian image and work my way up from there. Is this correct? If not, what has to be done in order to achieve that desired outcome? Thank you very much in advance, Dantes