From 12ab919dacb0c8d6cdb4fd651288f6f7c2982fc2 Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 00:34:16 -0500
Subject: [PATCH 01/12] Install scripts for deploying Coder to a fresh Raspbian
 build.

---
 coder-apps/common/auth/app/app.js             |   3 +-
 coder-apps/pi/auth/app/app.js                 |   1 +
 coder-base/package.json                       |  28 +-
 .../stock_raspbian/coder_bootstrap_install.sh |  36 ++
 .../scripts/00_latest_updates.sh              |  10 +
 .../scripts/01_headless_basics.sh             |  71 +++
 .../scripts/02_coder_dependencies.sh          |  44 ++
 installer/stock_raspbian/scripts/README       |  25 +
 .../scripts/coder_system_setup.sh             |  12 +
 .../scripts/grant_coder_sudo.sh               |   5 +
 .../scripts/install_all_coder.sh              |  27 +
 raspbian-addons/boot/coder_settings/hosts.txt |   8 +
 raspbian-addons/etc/hostname                  |   1 +
 raspbian-addons/etc/hosts                     |   8 +
 .../etc/init.d/generate-ssh-hostkeys          |   5 +-
 raspbian-addons/etc/init.d/isc-dhcp-server    |   8 +-
 raspbian-addons/etc/init.d/pull-hostname      |  30 +-
 raspbian-addons/etc/redis/redis.conf          | 492 ++++++++++++++++++
 raspbian-addons/etc/ssh/sshd_config           |  87 ----
 .../coder/coder-dist/coder-base/package.json  |  36 +-
 20 files changed, 800 insertions(+), 137 deletions(-)
 create mode 100755 installer/stock_raspbian/coder_bootstrap_install.sh
 create mode 100755 installer/stock_raspbian/scripts/00_latest_updates.sh
 create mode 100755 installer/stock_raspbian/scripts/01_headless_basics.sh
 create mode 100755 installer/stock_raspbian/scripts/02_coder_dependencies.sh
 create mode 100644 installer/stock_raspbian/scripts/README
 create mode 100755 installer/stock_raspbian/scripts/coder_system_setup.sh
 create mode 100755 installer/stock_raspbian/scripts/grant_coder_sudo.sh
 create mode 100755 installer/stock_raspbian/scripts/install_all_coder.sh
 create mode 100644 raspbian-addons/boot/coder_settings/hosts.txt
 create mode 100644 raspbian-addons/etc/hostname
 create mode 100644 raspbian-addons/etc/hosts
 create mode 100644 raspbian-addons/etc/redis/redis.conf
 delete mode 100644 raspbian-addons/etc/ssh/sshd_config

diff --git a/coder-apps/common/auth/app/app.js b/coder-apps/common/auth/app/app.js
index dacd9034..4f4a42f5 100644
--- a/coder-apps/common/auth/app/app.js
+++ b/coder-apps/common/auth/app/app.js
@@ -21,7 +21,7 @@
 var mustache = require('mustache');
 var util = require('util');
 var fs = require('fs');
-var bcrypt = require('bcrypt');
+var bcrypt = require('bcrypt-nodejs');
 
 //stores cache of password hash and device name
 var device_settings = {
@@ -534,6 +534,7 @@ exports.api_logout_handler = function( req, res ) {
 
 var saveDeviceSettings = function() {
     err = fs.writeFileSync( process.cwd() + "/device.json", JSON.stringify(device_settings, null, 4), 'utf8' );
+    fs.chmodSync(process.cwd() + '/device.json', '600');
     return err;
 };
 
diff --git a/coder-apps/pi/auth/app/app.js b/coder-apps/pi/auth/app/app.js
index 68822f5d..e5b7847b 100644
--- a/coder-apps/pi/auth/app/app.js
+++ b/coder-apps/pi/auth/app/app.js
@@ -530,6 +530,7 @@ exports.api_logout_handler = function( req, res ) {
 
 var saveDeviceSettings = function() {
     err = fs.writeFileSync( process.cwd() + "/device.json", JSON.stringify(device_settings, null, 4), 'utf8' );
+    fs.chmodSync(process.cwd() + '/device.json', '600');
     return err;
 };
 
diff --git a/coder-base/package.json b/coder-base/package.json
index e42be37a..a467922a 100644
--- a/coder-base/package.json
+++ b/coder-base/package.json
@@ -1,17 +1,17 @@
 {
 	"name": "coder-base",
-        "description": "kid-friendly web programming environment for pi",
-        "version": "0.0.1",
-        "private": true,
-        "dependencies": {
-                "express": "3.1.0",
-                "redis": "0.8.2",
-                "mustache": "0.7.2",
-                "consolidate": "0.8.0",
-                "socket.io": "0.9.13",
-                "express-params": "0.0.3",
-		"bcrypt": "0.7.4",
-		"connect": "*",
-		"cookie": "*"
-        }
+  "description": "A simple way to make cool web things",
+  "version": "0.0.7",
+  "private": true,
+  "dependencies": {
+    "express": "3.1.0",
+    "redis": "0.8.2",
+    "mustache": "0.7.2",
+    "consolidate": "0.8.0",
+    "socket.io": "0.9.13",
+    "express-params": "0.0.3",
+    "bcrypt-nodejs": "*",
+    "connect": "*",
+    "cookie": "*"
+  }
 }
diff --git a/installer/stock_raspbian/coder_bootstrap_install.sh b/installer/stock_raspbian/coder_bootstrap_install.sh
new file mode 100755
index 00000000..15042e6f
--- /dev/null
+++ b/installer/stock_raspbian/coder_bootstrap_install.sh
@@ -0,0 +1,36 @@
+
+echo "### Set up coder account."
+adduser --system --group coder
+echo ""
+
+
+echo "### Fetch the latest coder tree and install in /home/coder/coder-dist"
+su -s/bin/bash coder <<'EOF'
+cd /home/coder
+git clone https://github.com/googlecreativelab/coder.git coder-dist
+EOF
+echo ""
+
+echo "### Changing directory to raspian install scripts."
+echo "### /home/coder/coder-dist/installer/stock_raspbian/scripts"
+cd /home/coder/coder-dist/installer/stock_raspbian/scripts
+echo ""
+
+cat <<EOF
+
+------------------------------------------------------------------
+Ready to install Coder on your Raspberry Pi!
+
+The following command will:
+  - Update your system packages and kernel to the latest version.
+  - Configure your Pi for headless operation.
+  - Install all Coder dependencies and 3rd party node modules.
+  - Set up Coder to boot when your Pi is restarted.
+
+To continue, run the following:
+
+sudo ./install_all_coder.sh
+
+
+
+EOF
diff --git a/installer/stock_raspbian/scripts/00_latest_updates.sh b/installer/stock_raspbian/scripts/00_latest_updates.sh
new file mode 100755
index 00000000..64967e95
--- /dev/null
+++ b/installer/stock_raspbian/scripts/00_latest_updates.sh
@@ -0,0 +1,10 @@
+echo "### Fetch all the latest Pi updates."
+apt-get -y update
+apt-get -y dist-upgrade
+echo ""
+
+
+echo "### Update the kernel and firmware to latest versions."
+rpi-update
+echo ""
+
diff --git a/installer/stock_raspbian/scripts/01_headless_basics.sh b/installer/stock_raspbian/scripts/01_headless_basics.sh
new file mode 100755
index 00000000..247030ed
--- /dev/null
+++ b/installer/stock_raspbian/scripts/01_headless_basics.sh
@@ -0,0 +1,71 @@
+
+echo "### Add ssh to start up."
+insserv ssh
+update-rc.d ssh enable
+echo ""
+
+echo "### Install avahi daemon (enables mDNS/DNS-SD so you can connect to coder.local)."
+apt-get -y install avahi-daemon
+echo ""
+
+echo "### Install dhcpd daemon (will be used to give addresses when in ad-hoc hotspot mode)."
+apt-get -y install isc-dhcp-server
+echo ""
+
+echo "### Update dhcpd init.d script so it doesn't run by default."
+cp ../../../raspbian-addons/etc/init.d/isc-dhcp-server /etc/init.d/isc-dhcp-server
+insserv -r isc-dhcp-server
+echo ""
+
+echo "### Set up wpaconfig group."
+addgroup --system wpaconfig
+adduser coder wpaconfig
+echo ""
+
+echo "### Updating headless boot scripts."
+cp -rv ../../../raspbian-addons/boot/coder_settings/ /boot/
+
+cp -v ../../../raspbian-addons/etc/iptables.up.rules /etc/
+cp -v ../../../raspbian-addons/etc/network/if-pre-up.d/* /etc/network/if-pre-up.d/
+cp -v ../../../raspbian-addons/etc/network/interfaces* /etc/network/
+
+cp -v ../../../raspbian-addons/etc/default/* /etc/default/
+cp -v ../../../raspbian-addons/etc/dhcp/dhcpd.conf /etc/dhcp/
+cp -v ../../../raspbian-addons/etc/modprobe.d/* /etc/modprobe.d/
+
+cp -v ../../../raspbian-addons/etc/wpa_supplicant/wpa_supplicant* /etc/wpa_supplicant/
+chown -v root:wpaconfig /etc/wpa_supplicant/wpa_supplicant*
+chmod -v 660 /etc/wpa_supplicant/wpa_supplicant*
+
+cp -v ../../../raspbian-addons/etc/init.d/coder-daemon /etc/init.d/
+cp -v ../../../raspbian-addons/etc/init.d/generate-ssh-hostkeys /etc/init.d/
+cp -v ../../../raspbian-addons/etc/init.d/pull-coder-reset /etc/init.d/
+cp -v ../../../raspbian-addons/etc/init.d/pull-hostname /etc/init.d/
+cp -v ../../../raspbian-addons/etc/init.d/pull-net-interfaces /etc/init.d/
+cp -v ../../../raspbian-addons/etc/init.d/pull-wpa-supplicant /etc/init.d/
+
+echo "### Add init scripts to start up routine."
+echo "Coder"
+insserv coder-daemon
+update-rc.d coder-daemon enable
+
+echo "Auto ssh key regen"
+insserv generate-ssh-hostkeys
+update-rc.d generate-ssh-hostkeys enable
+
+echo "Coder quick reset capability"
+insserv pull-coder-reset
+update-rc.d pull-coder-reset enable
+
+echo "SD host configuration capability"
+insserv pull-hostname
+update-rc.d pull-hostname enable
+
+echo "SD network interface configuration capability"
+insserv pull-net-interfaces
+update-rc.d pull-net-interfaces enable
+
+echo "SD wireless configuration capability"
+insserv pull-wpa-supplicant
+update-rc.d pull-wpa-supplicant enable
+echo ""
diff --git a/installer/stock_raspbian/scripts/02_coder_dependencies.sh b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
new file mode 100755
index 00000000..84b5aa36
--- /dev/null
+++ b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
@@ -0,0 +1,44 @@
+
+echo "### Add coder user to [spi, gpio, audio] groups (device access that coder needs)."
+adduser coder spi
+adduser coder gpio
+adduser coder audio
+echo ""
+
+echo "### Install redis."
+apt-get -y install redis-server
+cp -v ../../../raspbian-addons/etc/redis/redis.conf /etc/redis/redis.conf
+echo ""
+
+echo "### Install nodejs and npm."
+#These are really old...
+#apt-get -y install nodejs npm
+mkdir tmp
+wget http://nodejs.org/dist/v0.10.8/node-v0.10.8-linux-arm-pi.tar.gz -P tmp/
+tar -zxv -C tmp/ -f tmp/node-v0.10.8-linux-arm-pi.tar.gz
+cp -rv tmp/node-v0.10.8-linux-arm-pi /opt/node
+ln -s /opt/node/bin/node /usr/bin/node
+ln -s /opt/node/bin/npm /usr/bin/npm
+rm -rf tmp
+echo ""
+
+echo "### Installing Coder base apps (you can ignore any stat warnings)."
+su -s/bin/bash coder <<'EOF'
+cd /home/coder/coder-dist/coder-apps
+./install_pi.sh ../coder-base
+EOF
+echo ""
+
+echo "### Adding Raspberry Pi Coder features."
+cp -rv ../../../raspbian-addons/home/coder/coder-dist/coder-base/sudo_scripts ../../../coder-base/
+chown root:root -Rv ../../../coder-base/sudo_scripts
+chmod -v 744 ../../../coder-base/sudo_scripts/*
+echo ""
+
+echo "### Installing node.js modules."
+su -s/bin/bash coder <<'EOF'
+cd /home/coder/coder-dist/coder-base
+cp ../raspbian-addons/home/coder/coder-dist/coder-base/package.json .
+npm install
+EOF
+echo ""
diff --git a/installer/stock_raspbian/scripts/README b/installer/stock_raspbian/scripts/README
new file mode 100644
index 00000000..fe53e1d1
--- /dev/null
+++ b/installer/stock_raspbian/scripts/README
@@ -0,0 +1,25 @@
+These scripts are intended to assist with deploying the latest
+version of Coder on a clean, stock Raspbian system.
+
+BEFORE PROCEEDING:
+You should have a coder user, group, and the coder environment
+installed in /home/coder/coder-dist
+
+If you have not done this already, run the following commands
+first. Otherwise, proceed to the next step.
+
+sudo ./coder_system_setup.sh
+
+
+
+INSTALLING CODER:
+To update Raspbian with all the necessary changes for Coder
+to run, execute the following:
+
+cd /home/coder/coder-dist/installer/stock_raspbian/scripts
+sudo ./install_all_coder.sh
+
+This will update to the latest version of Raspbain, install
+the necessary dependencies, and make updates to the system
+to support headless booting and mDNS discovery.
+
diff --git a/installer/stock_raspbian/scripts/coder_system_setup.sh b/installer/stock_raspbian/scripts/coder_system_setup.sh
new file mode 100755
index 00000000..981d0cbd
--- /dev/null
+++ b/installer/stock_raspbian/scripts/coder_system_setup.sh
@@ -0,0 +1,12 @@
+
+# set up coder account
+adduser --system --group coder
+
+
+# fetch the latest coder tree
+su -s/bin/bash coder <<'EOF'
+cd /home/coder
+git clone https://github.com/googlecreativelab/coder.git coder-dist
+EOF
+
+
diff --git a/installer/stock_raspbian/scripts/grant_coder_sudo.sh b/installer/stock_raspbian/scripts/grant_coder_sudo.sh
new file mode 100755
index 00000000..03ae47b0
--- /dev/null
+++ b/installer/stock_raspbian/scripts/grant_coder_sudo.sh
@@ -0,0 +1,5 @@
+# Allows the coder user to run a limited number of scripts as the root user.
+# This is used for changing the pi password and wireless settings, and for
+# rebooting the device from the Coder UI.
+
+bash -c "echo 'coder ALL= NOPASSWD: /home/coder/coder-dist/coder-base/sudo_scripts/*' >>/etc/sudoers"
diff --git a/installer/stock_raspbian/scripts/install_all_coder.sh b/installer/stock_raspbian/scripts/install_all_coder.sh
new file mode 100755
index 00000000..57893262
--- /dev/null
+++ b/installer/stock_raspbian/scripts/install_all_coder.sh
@@ -0,0 +1,27 @@
+bash ./00_latest_updates.sh
+bash ./01_headless_basics.sh
+bash ./02_coder_dependencies.sh
+
+
+cat <<EOF
+
+
+
+
+
+==================================================================
+Coder installation is almost complete.
+
+FINAL STEP:
+
+In order for Coder to be able to update your password and wireless
+settings, it needs to have limited sudo access.
+If you haven't done this already, you can run the following command
+to grant this access to the coder user.
+
+sudo ./grant_coder_sudo.sh
+
+Do not run this command if you've already given sudo access to
+coder during a previous install.
+
+EOF
diff --git a/raspbian-addons/boot/coder_settings/hosts.txt b/raspbian-addons/boot/coder_settings/hosts.txt
new file mode 100644
index 00000000..c5997eaa
--- /dev/null
+++ b/raspbian-addons/boot/coder_settings/hosts.txt
@@ -0,0 +1,8 @@
+127.0.0.1 localhost
+::1   localhost ip6-localhost ip6-loopback
+fe00::0   ip6-localnet
+ff00::0   ip6-mcastprefix
+ff02::1   ip6-allnodes
+ff02::2   ip6-allrouters
+
+127.0.1.1 coder
diff --git a/raspbian-addons/etc/hostname b/raspbian-addons/etc/hostname
new file mode 100644
index 00000000..972bf968
--- /dev/null
+++ b/raspbian-addons/etc/hostname
@@ -0,0 +1 @@
+coder
diff --git a/raspbian-addons/etc/hosts b/raspbian-addons/etc/hosts
new file mode 100644
index 00000000..c5997eaa
--- /dev/null
+++ b/raspbian-addons/etc/hosts
@@ -0,0 +1,8 @@
+127.0.0.1 localhost
+::1   localhost ip6-localhost ip6-loopback
+fe00::0   ip6-localnet
+ff00::0   ip6-mcastprefix
+ff02::1   ip6-allnodes
+ff02::2   ip6-allrouters
+
+127.0.1.1 coder
diff --git a/raspbian-addons/etc/init.d/generate-ssh-hostkeys b/raspbian-addons/etc/init.d/generate-ssh-hostkeys
index 04ba4368..fe8d9cc2 100755
--- a/raspbian-addons/etc/init.d/generate-ssh-hostkeys
+++ b/raspbian-addons/etc/init.d/generate-ssh-hostkeys
@@ -16,21 +16,24 @@ logger="logger -t $prog"
 
 rsa_key="/etc/ssh/ssh_host_rsa_key"
 dsa_key="/etc/ssh/ssh_host_dsa_key"
+ecdsa_key="/etc/ssh/ssh_host_ecdsa_key"
 
 # Exit if the hostkeys already exist
-if [ -f $rsa_key -a -f $dsa_key ]; then
+if [ -f $rsa_key -a -f $dsa_key -a -f $ecdsa_key ]; then
 	exit
 fi
 
 # Generate the ssh host keys
 [ -f $rsa_key ] || ssh-keygen -f $rsa_key -t rsa -C 'host' -N ''
 [ -f $dsa_key ] || ssh-keygen -f $dsa_key -t dsa -C 'host' -N ''
+[ -f $ecdsa_key ] || ssh-keygen -f $ecdsa_key -t ecdsa -C 'host' -N ''
 
 # Output the public keys to the console
 # This allows user to get host keys securely through console log
 echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" | $logger
 ssh-keygen -l -f $rsa_key.pub | $logger
 ssh-keygen -l -f $dsa_key.pub | $logger
+ssh-keygen -l -f $ecdsa_key.pub | $logger
 echo "------END SSH HOST KEY FINGERPRINTS------" | $logger
 
 
diff --git a/raspbian-addons/etc/init.d/isc-dhcp-server b/raspbian-addons/etc/init.d/isc-dhcp-server
index 59d88e2b..290b74f1 100755
--- a/raspbian-addons/etc/init.d/isc-dhcp-server
+++ b/raspbian-addons/etc/init.d/isc-dhcp-server
@@ -8,15 +8,15 @@
 # Required-Stop:     $remote_fs $network $syslog
 # Should-Start:      $local_fs slapd $named
 # Should-Stop:       $local_fs slapd
-# Default-Start:     
-# Default-Stop:      
+# Default-Start:
+# Default-Stop:
 # Short-Description: DHCP server
 # Description:       Dynamic Host Configuration Protocol Server
 ### END INIT INFO
 
 ##commented out only launching from wpa-supplicant
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
+# ORIG-Start:     2 3 4 5
+# ORIG-Stop:      0 1 6
 
 PATH=/sbin:/bin:/usr/sbin:/usr/bin
 
diff --git a/raspbian-addons/etc/init.d/pull-hostname b/raspbian-addons/etc/init.d/pull-hostname
index 23db23fc..8d0ee36f 100755
--- a/raspbian-addons/etc/init.d/pull-hostname
+++ b/raspbian-addons/etc/init.d/pull-hostname
@@ -14,23 +14,29 @@
 prog=$(basename $0)
 logger="logger -t $prog"
 
-source_conf="/boot/coder_settings/hostname.txt"
-dest_conf="/etc/hostname"
+hostname_conf="/boot/coder_settings/hostname.txt"
+hostname_dest_conf="/etc/hostname"
+hosts_conf="/boot/coder_settings/hosts.txt"
+hosts_dest_conf="/etc/hosts"
 
 
 # copy from source to dest if source exists
-if [ -f $source_conf ]; then
-	echo "-----IMPORTING WPA_SUPPLICANT.CONF FROM SD-----" | $logger
-	cp $source_conf $dest_conf
-	chown root:root $dest_conf
-	chmod 644 $dest_conf
+if [ -f $hostname_conf ]; then
+	echo "-----IMPORTING HOSTNAME FROM SD-----" | $logger
+	cp $hostname_conf $hostname_dest_conf
+	chown root:root $hostname_dest_conf
+	chmod 644 $hostname_dest_conf
 
 	HOSTNAME="$(cat /etc/hostname)"
-	hostname "$HOSTNAME"	
-	
-	# Should we delete or re-import every time? 
-	# Opting to import every time.
-	# rm -f $source_conf
+	hostname "$HOSTNAME"
+fi
+
+# copy from source to dest if source exists
+if [ -f $hosts_conf ]; then
+	echo "-----IMPORTING HOSTS FROM SD-----" | $logger
+	cp $hosts_conf $hosts_dest_conf
+	chown root:root $hosts_dest_conf
+	chmod 644 $hosts_dest_conf
 fi
 
 
diff --git a/raspbian-addons/etc/redis/redis.conf b/raspbian-addons/etc/redis/redis.conf
new file mode 100644
index 00000000..2d5b35a4
--- /dev/null
+++ b/raspbian-addons/etc/redis/redis.conf
@@ -0,0 +1,492 @@
+# Redis configuration file example
+
+# Note on units: when memory size is needed, it is possible to specifiy
+# it in the usual form of 1k 5GB 4M and so forth:
+#
+# 1k => 1000 bytes
+# 1kb => 1024 bytes
+# 1m => 1000000 bytes
+# 1mb => 1024*1024 bytes
+# 1g => 1000000000 bytes
+# 1gb => 1024*1024*1024 bytes
+#
+# units are case insensitive so 1GB 1Gb 1gB are all the same.
+
+# By default Redis does not run as a daemon. Use 'yes' if you need it.
+# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
+daemonize yes
+
+# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
+# default. You can specify a custom pid file location here.
+pidfile /var/run/redis/redis-server.pid
+
+# Accept connections on the specified port, default is 6379.
+# If port 0 is specified Redis will not listen on a TCP socket.
+port 6379
+
+# If you want you can bind a single interface, if the bind option is not
+# specified all the interfaces will listen for incoming connections.
+#
+bind 127.0.0.1
+
+# Specify the path for the unix socket that will be used to listen for
+# incoming connections. There is no default, so Redis will not listen
+# on a unix socket when not specified.
+#
+# unixsocket /var/run/redis/redis.sock
+# unixsocketperm 755
+
+# Close the connection after a client is idle for N seconds (0 to disable)
+timeout 0
+
+# Set server verbosity to 'debug'
+# it can be one of:
+# debug (a lot of information, useful for development/testing)
+# verbose (many rarely useful info, but not a mess like the debug level)
+# notice (moderately verbose, what you want in production probably)
+# warning (only very important / critical messages are logged)
+loglevel notice
+
+# Specify the log file name. Also 'stdout' can be used to force
+# Redis to log on the standard output. Note that if you use standard
+# output for logging but daemonize, logs will be sent to /dev/null
+logfile /var/log/redis/redis-server.log
+
+# To enable logging to the system logger, just set 'syslog-enabled' to yes,
+# and optionally update the other syslog parameters to suit your needs.
+# syslog-enabled no
+
+# Specify the syslog identity.
+# syslog-ident redis
+
+# Specify the syslog facility.  Must be USER or between LOCAL0-LOCAL7.
+# syslog-facility local0
+
+# Set the number of databases. The default database is DB 0, you can select
+# a different one on a per-connection basis using SELECT <dbid> where
+# dbid is a number between 0 and 'databases'-1
+databases 16
+
+################################ SNAPSHOTTING  #################################
+#
+# Save the DB on disk:
+#
+#   save <seconds> <changes>
+#
+#   Will save the DB if both the given number of seconds and the given
+#   number of write operations against the DB occurred.
+#
+#   In the example below the behaviour will be to save:
+#   after 900 sec (15 min) if at least 1 key changed
+#   after 300 sec (5 min) if at least 10 keys changed
+#   after 60 sec if at least 10000 keys changed
+#
+#   Note: you can disable saving at all commenting all the "save" lines.
+
+save 900 1
+save 300 10
+save 60 10000
+
+# Compress string objects using LZF when dump .rdb databases?
+# For default that's set to 'yes' as it's almost always a win.
+# If you want to save some CPU in the saving child set it to 'no' but
+# the dataset will likely be bigger if you have compressible values or keys.
+rdbcompression yes
+
+# The filename where to dump the DB
+dbfilename dump.rdb
+
+# The working directory.
+#
+# The DB will be written inside this directory, with the filename specified
+# above using the 'dbfilename' configuration directive.
+# 
+# Also the Append Only File will be created inside this directory.
+# 
+# Note that you must specify a directory here, not a file name.
+dir /var/lib/redis
+
+################################# REPLICATION #################################
+
+# Master-Slave replication. Use slaveof to make a Redis instance a copy of
+# another Redis server. Note that the configuration is local to the slave
+# so for example it is possible to configure the slave to save the DB with a
+# different interval, or to listen to another port, and so on.
+#
+# slaveof <masterip> <masterport>
+
+# If the master is password protected (using the "requirepass" configuration
+# directive below) it is possible to tell the slave to authenticate before
+# starting the replication synchronization process, otherwise the master will
+# refuse the slave request.
+#
+# masterauth <master-password>
+
+# When a slave lost the connection with the master, or when the replication
+# is still in progress, the slave can act in two different ways:
+#
+# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
+#    still reply to client requests, possibly with out of data data, or the
+#    data set may just be empty if this is the first synchronization.
+#
+# 2) if slave-serve-stale data is set to 'no' the slave will reply with
+#    an error "SYNC with master in progress" to all the kind of commands
+#    but to INFO and SLAVEOF.
+#
+slave-serve-stale-data yes
+
+# Slaves send PINGs to server in a predefined interval. It's possible to change
+# this interval with the repl_ping_slave_period option. The default value is 10
+# seconds.
+#
+# repl-ping-slave-period 10
+
+# The following option sets a timeout for both Bulk transfer I/O timeout and
+# master data or ping response timeout. The default value is 60 seconds.
+#
+# It is important to make sure that this value is greater than the value
+# specified for repl-ping-slave-period otherwise a timeout will be detected
+# every time there is low traffic between the master and the slave.
+#
+# repl-timeout 60
+
+################################## SECURITY ###################################
+
+# Require clients to issue AUTH <PASSWORD> before processing any other
+# commands.  This might be useful in environments in which you do not trust
+# others with access to the host running redis-server.
+#
+# This should stay commented out for backward compatibility and because most
+# people do not need auth (e.g. they run their own servers).
+# 
+# Warning: since Redis is pretty fast an outside user can try up to
+# 150k passwords per second against a good box. This means that you should
+# use a very strong password otherwise it will be very easy to break.
+#
+# requirepass foobared
+
+# Command renaming.
+#
+# It is possilbe to change the name of dangerous commands in a shared
+# environment. For instance the CONFIG command may be renamed into something
+# of hard to guess so that it will be still available for internal-use
+# tools but not available for general clients.
+#
+# Example:
+#
+# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
+#
+# It is also possilbe to completely kill a command renaming it into
+# an empty string:
+#
+# rename-command CONFIG ""
+
+################################### LIMITS ####################################
+
+# Set the max number of connected clients at the same time. By default there
+# is no limit, and it's up to the number of file descriptors the Redis process
+# is able to open. The special value '0' means no limits.
+# Once the limit is reached Redis will close all the new connections sending
+# an error 'max number of clients reached'.
+#
+# maxclients 128
+
+# Don't use more memory than the specified amount of bytes.
+# When the memory limit is reached Redis will try to remove keys
+# accordingly to the eviction policy selected (see maxmemmory-policy).
+#
+# If Redis can't remove keys according to the policy, or if the policy is
+# set to 'noeviction', Redis will start to reply with errors to commands
+# that would use more memory, like SET, LPUSH, and so on, and will continue
+# to reply to read-only commands like GET.
+#
+# This option is usually useful when using Redis as an LRU cache, or to set
+# an hard memory limit for an instance (using the 'noeviction' policy).
+#
+# WARNING: If you have slaves attached to an instance with maxmemory on,
+# the size of the output buffers needed to feed the slaves are subtracted
+# from the used memory count, so that network problems / resyncs will
+# not trigger a loop where keys are evicted, and in turn the output
+# buffer of slaves is full with DELs of keys evicted triggering the deletion
+# of more keys, and so forth until the database is completely emptied.
+#
+# In short... if you have slaves attached it is suggested that you set a lower
+# limit for maxmemory so that there is some free RAM on the system for slave
+# output buffers (but this is not needed if the policy is 'noeviction').
+#
+# maxmemory <bytes>
+
+# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
+# is reached? You can select among five behavior:
+# 
+# volatile-lru -> remove the key with an expire set using an LRU algorithm
+# allkeys-lru -> remove any key accordingly to the LRU algorithm
+# volatile-random -> remove a random key with an expire set
+# allkeys->random -> remove a random key, any key
+# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
+# noeviction -> don't expire at all, just return an error on write operations
+# 
+# Note: with all the kind of policies, Redis will return an error on write
+#       operations, when there are not suitable keys for eviction.
+#
+#       At the date of writing this commands are: set setnx setex append
+#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
+#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
+#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
+#       getset mset msetnx exec sort
+#
+# The default is:
+#
+# maxmemory-policy volatile-lru
+
+# LRU and minimal TTL algorithms are not precise algorithms but approximated
+# algorithms (in order to save memory), so you can select as well the sample
+# size to check. For instance for default Redis will check three keys and
+# pick the one that was used less recently, you can change the sample size
+# using the following configuration directive.
+#
+# maxmemory-samples 3
+
+############################## APPEND ONLY MODE ###############################
+
+# By default Redis asynchronously dumps the dataset on disk. If you can live
+# with the idea that the latest records will be lost if something like a crash
+# happens this is the preferred way to run Redis. If instead you care a lot
+# about your data and don't want to that a single record can get lost you should
+# enable the append only mode: when this mode is enabled Redis will append
+# every write operation received in the file appendonly.aof. This file will
+# be read on startup in order to rebuild the full dataset in memory.
+#
+# Note that you can have both the async dumps and the append only file if you
+# like (you have to comment the "save" statements above to disable the dumps).
+# Still if append only mode is enabled Redis will load the data from the
+# log file at startup ignoring the dump.rdb file.
+#
+# IMPORTANT: Check the BGREWRITEAOF to check how to rewrite the append
+# log file in background when it gets too big.
+
+appendonly yes
+
+# The name of the append only file (default: "appendonly.aof")
+# appendfilename appendonly.aof
+
+# The fsync() call tells the Operating System to actually write data on disk
+# instead to wait for more data in the output buffer. Some OS will really flush 
+# data on disk, some other OS will just try to do it ASAP.
+#
+# Redis supports three different modes:
+#
+# no: don't fsync, just let the OS flush the data when it wants. Faster.
+# always: fsync after every write to the append only log . Slow, Safest.
+# everysec: fsync only if one second passed since the last fsync. Compromise.
+#
+# The default is "everysec" that's usually the right compromise between
+# speed and data safety. It's up to you to understand if you can relax this to
+# "no" that will will let the operating system flush the output buffer when
+# it wants, for better performances (but if you can live with the idea of
+# some data loss consider the default persistence mode that's snapshotting),
+# or on the contrary, use "always" that's very slow but a bit safer than
+# everysec.
+#
+# If unsure, use "everysec".
+
+# appendfsync always
+appendfsync everysec
+# appendfsync no
+
+# When the AOF fsync policy is set to always or everysec, and a background
+# saving process (a background save or AOF log background rewriting) is
+# performing a lot of I/O against the disk, in some Linux configurations
+# Redis may block too long on the fsync() call. Note that there is no fix for
+# this currently, as even performing fsync in a different thread will block
+# our synchronous write(2) call.
+#
+# In order to mitigate this problem it's possible to use the following option
+# that will prevent fsync() from being called in the main process while a
+# BGSAVE or BGREWRITEAOF is in progress.
+#
+# This means that while another child is saving the durability of Redis is
+# the same as "appendfsync none", that in pratical terms means that it is
+# possible to lost up to 30 seconds of log in the worst scenario (with the
+# default Linux settings).
+# 
+# If you have latency problems turn this to "yes". Otherwise leave it as
+# "no" that is the safest pick from the point of view of durability.
+no-appendfsync-on-rewrite no
+
+# Automatic rewrite of the append only file.
+# Redis is able to automatically rewrite the log file implicitly calling
+# BGREWRITEAOF when the AOF log size will growth by the specified percentage.
+# 
+# This is how it works: Redis remembers the size of the AOF file after the
+# latest rewrite (or if no rewrite happened since the restart, the size of
+# the AOF at startup is used).
+#
+# This base size is compared to the current size. If the current size is
+# bigger than the specified percentage, the rewrite is triggered. Also
+# you need to specify a minimal size for the AOF file to be rewritten, this
+# is useful to avoid rewriting the AOF file even if the percentage increase
+# is reached but it is still pretty small.
+#
+# Specify a precentage of zero in order to disable the automatic AOF
+# rewrite feature.
+
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+
+################################## SLOW LOG ###################################
+
+# The Redis Slow Log is a system to log queries that exceeded a specified
+# execution time. The execution time does not include the I/O operations
+# like talking with the client, sending the reply and so forth,
+# but just the time needed to actually execute the command (this is the only
+# stage of command execution where the thread is blocked and can not serve
+# other requests in the meantime).
+# 
+# You can configure the slow log with two parameters: one tells Redis
+# what is the execution time, in microseconds, to exceed in order for the
+# command to get logged, and the other parameter is the length of the
+# slow log. When a new command is logged the oldest one is removed from the
+# queue of logged commands.
+
+# The following time is expressed in microseconds, so 1000000 is equivalent
+# to one second. Note that a negative number disables the slow log, while
+# a value of zero forces the logging of every command.
+slowlog-log-slower-than 10000
+
+# There is no limit to this length. Just be aware that it will consume memory.
+# You can reclaim memory used by the slow log with SLOWLOG RESET.
+slowlog-max-len 128
+
+################################ VIRTUAL MEMORY ###############################
+
+### WARNING! Virtual Memory is deprecated in Redis 2.4
+### The use of Virtual Memory is strongly discouraged.
+
+# Virtual Memory allows Redis to work with datasets bigger than the actual
+# amount of RAM needed to hold the whole dataset in memory.
+# In order to do so very used keys are taken in memory while the other keys
+# are swapped into a swap file, similarly to what operating systems do
+# with memory pages.
+#
+# To enable VM just set 'vm-enabled' to yes, and set the following three
+# VM parameters accordingly to your needs.
+
+vm-enabled no
+# vm-enabled yes
+
+# This is the path of the Redis swap file. As you can guess, swap files
+# can't be shared by different Redis instances, so make sure to use a swap
+# file for every redis process you are running. Redis will complain if the
+# swap file is already in use.
+#
+# The best kind of storage for the Redis swap file (that's accessed at random) 
+# is a Solid State Disk (SSD).
+#
+# *** WARNING *** if you are using a shared hosting the default of putting
+# the swap file under /tmp is not secure. Create a dir with access granted
+# only to Redis user and configure Redis to create the swap file there.
+vm-swap-file /var/lib/redis/redis.swap
+
+# vm-max-memory configures the VM to use at max the specified amount of
+# RAM. Everything that deos not fit will be swapped on disk *if* possible, that
+# is, if there is still enough contiguous space in the swap file.
+#
+# With vm-max-memory 0 the system will swap everything it can. Not a good
+# default, just specify the max amount of RAM you can in bytes, but it's
+# better to leave some margin. For instance specify an amount of RAM
+# that's more or less between 60 and 80% of your free RAM.
+vm-max-memory 0
+
+# Redis swap files is split into pages. An object can be saved using multiple
+# contiguous pages, but pages can't be shared between different objects.
+# So if your page is too big, small objects swapped out on disk will waste
+# a lot of space. If you page is too small, there is less space in the swap
+# file (assuming you configured the same number of total swap file pages).
+#
+# If you use a lot of small objects, use a page size of 64 or 32 bytes.
+# If you use a lot of big objects, use a bigger page size.
+# If unsure, use the default :)
+vm-page-size 32
+
+# Number of total memory pages in the swap file.
+# Given that the page table (a bitmap of free/used pages) is taken in memory,
+# every 8 pages on disk will consume 1 byte of RAM.
+#
+# The total swap size is vm-page-size * vm-pages
+#
+# With the default of 32-bytes memory pages and 134217728 pages Redis will
+# use a 4 GB swap file, that will use 16 MB of RAM for the page table.
+#
+# It's better to use the smallest acceptable value for your application,
+# but the default is large in order to work in most conditions.
+vm-pages 134217728
+
+# Max number of VM I/O threads running at the same time.
+# This threads are used to read/write data from/to swap file, since they
+# also encode and decode objects from disk to memory or the reverse, a bigger
+# number of threads can help with big objects even if they can't help with
+# I/O itself as the physical device may not be able to couple with many
+# reads/writes operations at the same time.
+#
+# The special value of 0 turn off threaded I/O and enables the blocking
+# Virtual Memory implementation.
+vm-max-threads 4
+
+############################### ADVANCED CONFIG ###############################
+
+# Hashes are encoded in a special way (much more memory efficient) when they
+# have at max a given numer of elements, and the biggest element does not
+# exceed a given threshold. You can configure this limits with the following
+# configuration directives.
+hash-max-zipmap-entries 512
+hash-max-zipmap-value 64
+
+# Similarly to hashes, small lists are also encoded in a special way in order
+# to save a lot of space. The special representation is only used when
+# you are under the following limits:
+list-max-ziplist-entries 512
+list-max-ziplist-value 64
+
+# Sets have a special encoding in just one case: when a set is composed
+# of just strings that happens to be integers in radix 10 in the range
+# of 64 bit signed integers.
+# The following configuration setting sets the limit in the size of the
+# set in order to use this special memory saving encoding.
+set-max-intset-entries 512
+
+# Similarly to hashes and lists, sorted sets are also specially encoded in
+# order to save a lot of space. This encoding is only used when the length and
+# elements of a sorted set are below the following limits:
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+
+# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
+# order to help rehashing the main Redis hash table (the one mapping top-level
+# keys to values). The hash table implementation redis uses (see dict.c)
+# performs a lazy rehashing: the more operation you run into an hash table
+# that is rhashing, the more rehashing "steps" are performed, so if the
+# server is idle the rehashing is never complete and some more memory is used
+# by the hash table.
+# 
+# The default is to use this millisecond 10 times every second in order to
+# active rehashing the main dictionaries, freeing memory when possible.
+#
+# If unsure:
+# use "activerehashing no" if you have hard latency requirements and it is
+# not a good thing in your environment that Redis can reply form time to time
+# to queries with 2 milliseconds delay.
+#
+# use "activerehashing yes" if you don't have such hard requirements but
+# want to free memory asap when possible.
+activerehashing yes
+
+################################## INCLUDES ###################################
+
+# Include one or more other config files here.  This is useful if you
+# have a standard template that goes to all redis server but also need
+# to customize a few per-server settings.  Include files can include
+# other files, so use this wisely.
+#
+# include /path/to/local.conf
+# include /path/to/other.conf
diff --git a/raspbian-addons/etc/ssh/sshd_config b/raspbian-addons/etc/ssh/sshd_config
deleted file mode 100644
index 5458c7e9..00000000
--- a/raspbian-addons/etc/ssh/sshd_config
+++ /dev/null
@@ -1,87 +0,0 @@
-# Package generated configuration file
-# See the sshd_config(5) manpage for details
-
-# What ports, IPs and protocols we listen for
-Port 22
-# Use these options to restrict which interfaces/protocols sshd will bind to
-#ListenAddress ::
-#ListenAddress 0.0.0.0
-Protocol 2
-# HostKeys for protocol version 2
-HostKey /etc/ssh/ssh_host_rsa_key
-HostKey /etc/ssh/ssh_host_dsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#Privilege Separation is turned on for security
-UsePrivilegeSeparation yes
-
-# Lifetime and size of ephemeral version 1 server key
-KeyRegenerationInterval 3600
-ServerKeyBits 768
-
-# Logging
-SyslogFacility AUTH
-LogLevel INFO
-
-# Authentication:
-LoginGraceTime 120
-PermitRootLogin yes
-StrictModes yes
-
-RSAAuthentication yes
-PubkeyAuthentication yes
-#AuthorizedKeysFile	%h/.ssh/authorized_keys
-
-# Don't read the user's ~/.rhosts and ~/.shosts files
-IgnoreRhosts yes
-# For this to work you will also need host keys in /etc/ssh_known_hosts
-RhostsRSAAuthentication no
-# similar for protocol version 2
-HostbasedAuthentication no
-# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
-#IgnoreUserKnownHosts yes
-
-# To enable empty passwords, change to yes (NOT RECOMMENDED)
-PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Change to no to disable tunnelled clear text passwords
-#PasswordAuthentication yes
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosGetAFSToken no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-X11Forwarding yes
-X11DisplayOffset 10
-PrintMotd no
-PrintLastLog yes
-TCPKeepAlive yes
-#UseLogin no
-
-#MaxStartups 10:30:60
-#Banner /etc/issue.net
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
diff --git a/raspbian-addons/home/coder/coder-dist/coder-base/package.json b/raspbian-addons/home/coder/coder-dist/coder-base/package.json
index 86d045cc..37c3fc7f 100644
--- a/raspbian-addons/home/coder/coder-dist/coder-base/package.json
+++ b/raspbian-addons/home/coder/coder-dist/coder-base/package.json
@@ -1,20 +1,20 @@
 {
-	"name": "coder-base",
-        "description": "kid-friendly web programming environment for pi",
-        "version": "0.0.1",
-        "private": true,
-        "dependencies": {
-                "express": "3.1.0",
-                "redis": "0.8.2",
-                "mustache": "0.7.2",
-                "consolidate": "0.8.0",
-                "socket.io": "0.9.13",
-                "express-params": "0.0.3",
-		"bcrypt": "0.7.4",
-		"connect": "*",
-		"cookie": "*",
-		"gpio": "*",
-		"i2c": "*",
-		"pi-spi": "*"
-        }
+  "name": "coder-base",
+  "description": "A simple way to make cool web things with Raspberry Pi",
+  "version": "0.0.7",
+  "private": true,
+  "dependencies": {
+    "express": "3.1.0",
+    "redis": "0.8.2",
+    "mustache": "0.7.2",
+    "consolidate": "0.8.0",
+    "socket.io": "0.9.13",
+    "express-params": "0.0.3",
+    "bcrypt": "0.7.4",
+    "connect": "*",
+    "cookie": "*",
+    "gpio": "*",
+    "i2c": "*",
+    "pi-spi": "*"
+  }
 }

From d36199e859186ce1babf3fda8ac0085a5a26f7c4 Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 16:05:29 -0500
Subject: [PATCH 02/12] Adding default modules and cleanup scripts for image
 building.

---
 .../scripts/00_latest_updates.sh              |  2 +
 .../scripts/01_headless_basics.sh             |  2 +
 .../scripts/02_coder_dependencies.sh          |  6 +-
 .../stock_raspbian/scripts/clean_device.sh    | 74 +++++++++++++++++++
 .../scripts/coder_system_setup.sh             |  7 +-
 .../scripts/grant_coder_sudo.sh               |  6 ++
 .../scripts/install_all_coder.sh              | 18 ++++-
 .../etc/modprobe.d/raspi-blacklist.conf       |  4 +
 raspbian-addons/etc/modules                   | 18 +++++
 9 files changed, 130 insertions(+), 7 deletions(-)
 create mode 100644 installer/stock_raspbian/scripts/clean_device.sh
 create mode 100644 raspbian-addons/etc/modprobe.d/raspi-blacklist.conf
 create mode 100644 raspbian-addons/etc/modules

diff --git a/installer/stock_raspbian/scripts/00_latest_updates.sh b/installer/stock_raspbian/scripts/00_latest_updates.sh
index 64967e95..e907300b 100755
--- a/installer/stock_raspbian/scripts/00_latest_updates.sh
+++ b/installer/stock_raspbian/scripts/00_latest_updates.sh
@@ -1,3 +1,5 @@
+#!/bin/bash
+
 echo "### Fetch all the latest Pi updates."
 apt-get -y update
 apt-get -y dist-upgrade
diff --git a/installer/stock_raspbian/scripts/01_headless_basics.sh b/installer/stock_raspbian/scripts/01_headless_basics.sh
index 247030ed..ac40945c 100755
--- a/installer/stock_raspbian/scripts/01_headless_basics.sh
+++ b/installer/stock_raspbian/scripts/01_headless_basics.sh
@@ -1,3 +1,4 @@
+#!/bin/bash
 
 echo "### Add ssh to start up."
 insserv ssh
@@ -32,6 +33,7 @@ cp -v ../../../raspbian-addons/etc/network/interfaces* /etc/network/
 cp -v ../../../raspbian-addons/etc/default/* /etc/default/
 cp -v ../../../raspbian-addons/etc/dhcp/dhcpd.conf /etc/dhcp/
 cp -v ../../../raspbian-addons/etc/modprobe.d/* /etc/modprobe.d/
+cp -v ../../../raspbian-addons/etc/modules /etc/modules
 
 cp -v ../../../raspbian-addons/etc/wpa_supplicant/wpa_supplicant* /etc/wpa_supplicant/
 chown -v root:wpaconfig /etc/wpa_supplicant/wpa_supplicant*
diff --git a/installer/stock_raspbian/scripts/02_coder_dependencies.sh b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
index 84b5aa36..fac312ef 100755
--- a/installer/stock_raspbian/scripts/02_coder_dependencies.sh
+++ b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
@@ -1,3 +1,4 @@
+#!/bin/bash
 
 echo "### Add coder user to [spi, gpio, audio] groups (device access that coder needs)."
 adduser coder spi
@@ -11,8 +12,9 @@ cp -v ../../../raspbian-addons/etc/redis/redis.conf /etc/redis/redis.conf
 echo ""
 
 echo "### Install nodejs and npm."
-#These are really old...
-#apt-get -y install nodejs npm
+# The node packages are really old...
+# Ideally, we'd do: apt-get -y install nodejs npm
+# For now, we'll install manually from nodejs.org to /opt/node/
 mkdir tmp
 wget http://nodejs.org/dist/v0.10.8/node-v0.10.8-linux-arm-pi.tar.gz -P tmp/
 tar -zxv -C tmp/ -f tmp/node-v0.10.8-linux-arm-pi.tar.gz
diff --git a/installer/stock_raspbian/scripts/clean_device.sh b/installer/stock_raspbian/scripts/clean_device.sh
new file mode 100644
index 00000000..5f8824e9
--- /dev/null
+++ b/installer/stock_raspbian/scripts/clean_device.sh
@@ -0,0 +1,74 @@
+#!/bin/bash
+
+
+echo "Removing any generated SSL keys and certs."
+rm /etc/ssh/ssh_host_dsa_key
+rm /etc/ssh/ssh_host_dsa_key.pub
+rm /etc/ssh/ssh_host_rsa_key
+rm /etc/ssh/ssh_host_rsa_key.pub
+rm /home/coder/coder-dist/coder-base/certs/server.*
+echo ""
+
+echo "Resetting Coder http configuration defaults."
+cp /home/coder/coder-dist/coder-base/config.js.default /home/coder/coder-dist/coder-base/config.js
+cp /home/coder/coder-dist/coder-base/device.json.reset /home/coder/coder-dist/coder-base/device.json
+rm -rf /home/coder/coder-dist/coder-base/tmp/*
+echo ""
+
+echo "Clearing out user history files."
+rm /root/.bash_history
+rm /root/.viminfo
+rm /home/pi/.bash_history
+rm /home/pi/.viminfo
+rm /home/coder/.bash_history
+rm /home/coder/.viminfo
+rm /home/coder/.gitconfig
+echo ""
+
+echo "Resetting hostname and hosts files in /boot/coder_settings."
+touch /boot/coder_settings/reset.txt
+cp ../../../raspbian-addons/boot/coder_settings/hosts.txt /boot/coder_settings/hosts.txt
+cp ../../../raspbian-addons/boot/coder_settings/hostname.txt /boot/coder_settings/hostname.txt
+echo ""
+
+echo "Resetting wifi and network defaults."
+cp ../../../raspbian-addons/etc/network/interfaces /etc/network/interfaces
+cp ../../../raspbian-addons/etc/network/interfaces.reset /etc/network/interfaces.reset
+chown root:root /etc/network/interfaces
+chown root:root /etc/network/interfaces.reset
+chmod 664 /etc/network/interfaces
+chmod 664 /etc/network/interfaces.reset
+cp ../../../raspbian-addons/etc/wpa_supplicant/wpa_supplicant.conf.reset /etc/wpa_supplicant/wpa_supplicant.conf
+chown root:wpaconfig /etc/wpa_supplicant/wpa_supplicant.conf
+chmod 660 /etc/wpa_supplicant/wpa_supplicant.conf
+echo ""
+
+echo "Clearing system log files."
+rm /var/log/messages
+rm /var/log/syslog
+rm /var/log/wtmp
+touch /var/log/wtmp
+chmod 644 /var/log/wtmp
+rm /var/log/dmesg*
+rm /var/log/debug
+touch /var/log/debug
+rm /var/log/btmp
+touch /var/log/btmp
+chmod 644 /var/log/btmp
+rm /var/log/auth.log
+touch /var/log/auth.log
+chown root:adm /var/log/auth.log
+chmod 640 /var/log/auth.log
+touch /var/log/user.log
+chown root:adm /var/log/user.log
+chmod 640 /var/log/user.log
+echo ""
+
+# Reset pi password to raspberry
+echo "Choose the default pi passwd (normally this should be raspberry)"
+passwd pi
+
+echo ""
+echo "Done!"
+echo ""
+
diff --git a/installer/stock_raspbian/scripts/coder_system_setup.sh b/installer/stock_raspbian/scripts/coder_system_setup.sh
index 981d0cbd..1477b423 100755
--- a/installer/stock_raspbian/scripts/coder_system_setup.sh
+++ b/installer/stock_raspbian/scripts/coder_system_setup.sh
@@ -1,12 +1,15 @@
+#!/bin/bash
 
-# set up coder account
+echo "### Setting up the coder account."
 adduser --system --group coder
+echo ""
 
 
-# fetch the latest coder tree
+echo "### Downloading the Coder git repo to /home/coder/coder-dist."
 su -s/bin/bash coder <<'EOF'
 cd /home/coder
 git clone https://github.com/googlecreativelab/coder.git coder-dist
 EOF
+echo ""
 
 
diff --git a/installer/stock_raspbian/scripts/grant_coder_sudo.sh b/installer/stock_raspbian/scripts/grant_coder_sudo.sh
index 03ae47b0..84b232e5 100755
--- a/installer/stock_raspbian/scripts/grant_coder_sudo.sh
+++ b/installer/stock_raspbian/scripts/grant_coder_sudo.sh
@@ -1,5 +1,11 @@
+#!/bin/bash
+
 # Allows the coder user to run a limited number of scripts as the root user.
 # This is used for changing the pi password and wireless settings, and for
 # rebooting the device from the Coder UI.
 
+echo "### Granting sudo access to coder for scripts in /home/coder/coder-dist/coder-base/sudo_scripts/"
 bash -c "echo 'coder ALL= NOPASSWD: /home/coder/coder-dist/coder-base/sudo_scripts/*' >>/etc/sudoers"
+echo "### A line has been added to /etc/sudoers:"
+echo "coder ALL= NOPASSWD: /home/coder/coder-dist/coder-base/sudo_scripts/*"
+echo ""
diff --git a/installer/stock_raspbian/scripts/install_all_coder.sh b/installer/stock_raspbian/scripts/install_all_coder.sh
index 57893262..0676b86a 100755
--- a/installer/stock_raspbian/scripts/install_all_coder.sh
+++ b/installer/stock_raspbian/scripts/install_all_coder.sh
@@ -1,7 +1,19 @@
-bash ./00_latest_updates.sh
-bash ./01_headless_basics.sh
-bash ./02_coder_dependencies.sh
+#!/bin/bash
 
+cat <<EOF
+==================================================================
+Beginning Coder installation.
+
+This will update your Raspberry Pi, install all the required
+packages for Coder, and configure your Pi to be configured
+via a web browser, without the use of a monitor.
+
+EOF
+
+
+./00_latest_updates.sh
+./01_headless_basics.sh
+./02_coder_dependencies.sh
 
 cat <<EOF
 
diff --git a/raspbian-addons/etc/modprobe.d/raspi-blacklist.conf b/raspbian-addons/etc/modprobe.d/raspi-blacklist.conf
new file mode 100644
index 00000000..61c637eb
--- /dev/null
+++ b/raspbian-addons/etc/modprobe.d/raspi-blacklist.conf
@@ -0,0 +1,4 @@
+# blacklist spi and i2c by default (many users don't need them)
+
+#blacklist spi-bcm2708
+#blacklist i2c-bcm2708
diff --git a/raspbian-addons/etc/modules b/raspbian-addons/etc/modules
new file mode 100644
index 00000000..40224950
--- /dev/null
+++ b/raspbian-addons/etc/modules
@@ -0,0 +1,18 @@
+# /etc/modules: kernel modules to load at boot time.
+#
+# This file contains the names of kernel modules that should be loaded
+# at boot time, one per line. Lines beginning with "#" are ignored.
+# Parameters can be specified after the module name.
+
+# Sound
+snd-bcm2835
+
+# SPI
+spi-bcm2708
+spi-dev
+
+# I2C
+i2c-bcm2708
+i2c-dev
+
+

From 45defbf6f17753fc5d80431cea6da12522569604 Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 16:52:51 -0500
Subject: [PATCH 03/12] Set executable bit on clean_device.sh

---
 installer/stock_raspbian/scripts/clean_device.sh | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 installer/stock_raspbian/scripts/clean_device.sh

diff --git a/installer/stock_raspbian/scripts/clean_device.sh b/installer/stock_raspbian/scripts/clean_device.sh
old mode 100644
new mode 100755

From 975d7dc59f957051b4bce0727880024ebfabc7de Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 17:48:06 -0500
Subject: [PATCH 04/12] Cleaning out ecdsa keys and install bootstrap.

---
 installer/stock_raspbian/scripts/clean_device.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/installer/stock_raspbian/scripts/clean_device.sh b/installer/stock_raspbian/scripts/clean_device.sh
index 5f8824e9..95f406f0 100755
--- a/installer/stock_raspbian/scripts/clean_device.sh
+++ b/installer/stock_raspbian/scripts/clean_device.sh
@@ -4,6 +4,8 @@
 echo "Removing any generated SSL keys and certs."
 rm /etc/ssh/ssh_host_dsa_key
 rm /etc/ssh/ssh_host_dsa_key.pub
+rm /etc/ssh/ssh_host_ecdsa_key
+rm /etc/ssh/ssh_host_ecdsa_key.pub
 rm /etc/ssh/ssh_host_rsa_key
 rm /etc/ssh/ssh_host_rsa_key.pub
 rm /home/coder/coder-dist/coder-base/certs/server.*
@@ -16,6 +18,7 @@ rm -rf /home/coder/coder-dist/coder-base/tmp/*
 echo ""
 
 echo "Clearing out user history files."
+rm /home/pi/coder_bootstrap_install.sh
 rm /root/.bash_history
 rm /root/.viminfo
 rm /home/pi/.bash_history

From 549628249585964ebc5d6559a82f229cb78c75af Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 17:57:17 -0500
Subject: [PATCH 05/12] should clear resolv.conf on reimage

---
 installer/stock_raspbian/scripts/clean_device.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/installer/stock_raspbian/scripts/clean_device.sh b/installer/stock_raspbian/scripts/clean_device.sh
index 95f406f0..485de838 100755
--- a/installer/stock_raspbian/scripts/clean_device.sh
+++ b/installer/stock_raspbian/scripts/clean_device.sh
@@ -32,6 +32,7 @@ echo "Resetting hostname and hosts files in /boot/coder_settings."
 touch /boot/coder_settings/reset.txt
 cp ../../../raspbian-addons/boot/coder_settings/hosts.txt /boot/coder_settings/hosts.txt
 cp ../../../raspbian-addons/boot/coder_settings/hostname.txt /boot/coder_settings/hostname.txt
+echo "nameserver 8.8.8.8" >/etc/resolv.conf
 echo ""
 
 echo "Resetting wifi and network defaults."

From 0805d910bcc51c48eea66ce30e95600218ef0f90 Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 18:48:50 -0500
Subject: [PATCH 06/12] Adjusting node version and dependencies for sockets and
 cookie compatability.

---
 coder-base/package.json                                     | 4 ++--
 installer/stock_raspbian/scripts/02_coder_dependencies.sh   | 6 +++---
 .../home/coder/coder-dist/coder-base/package.json           | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/coder-base/package.json b/coder-base/package.json
index a467922a..8292e5d2 100644
--- a/coder-base/package.json
+++ b/coder-base/package.json
@@ -11,7 +11,7 @@
     "socket.io": "0.9.13",
     "express-params": "0.0.3",
     "bcrypt-nodejs": "*",
-    "connect": "*",
-    "cookie": "*"
+    "connect": "2.14.3",
+    "cookie": "0.1.1"
   }
 }
diff --git a/installer/stock_raspbian/scripts/02_coder_dependencies.sh b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
index fac312ef..ff8145d5 100755
--- a/installer/stock_raspbian/scripts/02_coder_dependencies.sh
+++ b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
@@ -16,9 +16,9 @@ echo "### Install nodejs and npm."
 # Ideally, we'd do: apt-get -y install nodejs npm
 # For now, we'll install manually from nodejs.org to /opt/node/
 mkdir tmp
-wget http://nodejs.org/dist/v0.10.8/node-v0.10.8-linux-arm-pi.tar.gz -P tmp/
-tar -zxv -C tmp/ -f tmp/node-v0.10.8-linux-arm-pi.tar.gz
-cp -rv tmp/node-v0.10.8-linux-arm-pi /opt/node
+wget http://nodejs.org/dist/v0.10.7/node-v0.10.7-linux-arm-pi.tar.gz -P tmp/
+tar -zxv -C tmp/ -f tmp/node-v0.10.7-linux-arm-pi.tar.gz
+cp -rv tmp/node-v0.10.7-linux-arm-pi /opt/node
 ln -s /opt/node/bin/node /usr/bin/node
 ln -s /opt/node/bin/npm /usr/bin/npm
 rm -rf tmp
diff --git a/raspbian-addons/home/coder/coder-dist/coder-base/package.json b/raspbian-addons/home/coder/coder-dist/coder-base/package.json
index 37c3fc7f..2041f0a3 100644
--- a/raspbian-addons/home/coder/coder-dist/coder-base/package.json
+++ b/raspbian-addons/home/coder/coder-dist/coder-base/package.json
@@ -11,8 +11,8 @@
     "socket.io": "0.9.13",
     "express-params": "0.0.3",
     "bcrypt": "0.7.4",
-    "connect": "*",
-    "cookie": "*",
+    "connect": "2.14.3",
+    "cookie": "0.1.1",
     "gpio": "*",
     "i2c": "*",
     "pi-spi": "*"

From 19c34b800cee396e8a84082e8f788f76b28bdd9c Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 8 Feb 2015 19:26:44 -0500
Subject: [PATCH 07/12] Enable spi and i2c kernel modules

---
 .../scripts/01_headless_basics.sh             |  2 +
 raspbian-addons/boot/config.txt               | 46 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100755 raspbian-addons/boot/config.txt

diff --git a/installer/stock_raspbian/scripts/01_headless_basics.sh b/installer/stock_raspbian/scripts/01_headless_basics.sh
index ac40945c..d0d3dc62 100755
--- a/installer/stock_raspbian/scripts/01_headless_basics.sh
+++ b/installer/stock_raspbian/scripts/01_headless_basics.sh
@@ -25,6 +25,8 @@ echo ""
 
 echo "### Updating headless boot scripts."
 cp -rv ../../../raspbian-addons/boot/coder_settings/ /boot/
+cp -v /boot/config.txt /boot/config.bak
+cp -v ../../../raspbian-addons/boot/config.txt /boot/config.txt
 
 cp -v ../../../raspbian-addons/etc/iptables.up.rules /etc/
 cp -v ../../../raspbian-addons/etc/network/if-pre-up.d/* /etc/network/if-pre-up.d/
diff --git a/raspbian-addons/boot/config.txt b/raspbian-addons/boot/config.txt
new file mode 100755
index 00000000..fd26c50c
--- /dev/null
+++ b/raspbian-addons/boot/config.txt
@@ -0,0 +1,46 @@
+# For more options and information see 
+# http://www.raspberrypi.org/documentation/configuration/config-txt.md
+# Some settings may impact device functionality. See link above for details
+
+# uncomment if you get no picture on HDMI for a default "safe" mode
+#hdmi_safe=1
+
+# uncomment this if your display has a black border of unused pixels visible
+# and your display can output without overscan
+#disable_overscan=1
+
+# uncomment the following to adjust overscan. Use positive numbers if console
+# goes off screen, and negative if there is too much border
+#overscan_left=16
+#overscan_right=16
+#overscan_top=16
+#overscan_bottom=16
+
+# uncomment to force a console size. By default it will be display's size minus
+# overscan.
+#framebuffer_width=1280
+#framebuffer_height=720
+
+# uncomment if hdmi display is not detected and composite is being output
+#hdmi_force_hotplug=1
+
+# uncomment to force a specific HDMI mode (this will force VGA)
+#hdmi_group=1
+#hdmi_mode=1
+
+# uncomment to force a HDMI mode rather than DVI. This can make audio work in
+# DMT (computer monitor) modes
+#hdmi_drive=2
+
+# uncomment to increase signal to HDMI, if you have interference, blanking, or
+# no display
+#config_hdmi_boost=4
+
+# uncomment for composite PAL
+#sdtv_mode=2
+
+#uncomment to overclock the arm. 700 MHz is the default.
+#arm_freq=800
+
+dtparam=spi=on
+dtparam=i2c_arm=on

From 1aec1b3b39eee5203b677f49c3301433ef37c353 Mon Sep 17 00:00:00 2001
From: Jason Striegel <jason.striegel@gmail.com>
Date: Wed, 18 Feb 2015 00:33:30 -0500
Subject: [PATCH 08/12] Fixing zip and gpio issues.

---
 .../stock_raspbian/scripts/02_coder_dependencies.sh  | 12 +++++++++++-
 raspbian-addons/etc/udev/rules.d/10-gpio.rules       |  5 +++++
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 raspbian-addons/etc/udev/rules.d/10-gpio.rules

diff --git a/installer/stock_raspbian/scripts/02_coder_dependencies.sh b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
index ff8145d5..0923299d 100755
--- a/installer/stock_raspbian/scripts/02_coder_dependencies.sh
+++ b/installer/stock_raspbian/scripts/02_coder_dependencies.sh
@@ -1,9 +1,19 @@
 #!/bin/bash
 
-echo "### Add coder user to [spi, gpio, audio] groups (device access that coder needs)."
+echo "### Install I2C Tools."
+apt-get -y install i2c-tools
+echo "### Let gpio group access gpio."
+cp -v ../../../raspbian-addons/etc/udev/rules.d/10-gpio.rules /etc/udev/rules.d/10-gpio.rules
+
+echo "### Install Zip."
+apt-get -y install zip
+
+echo "### Add coder user to [spi, gpio, audio, video, i2c] groups (device access that coder needs)."
 adduser coder spi
 adduser coder gpio
 adduser coder audio
+adduser coder video
+adduser coder i2c
 echo ""
 
 echo "### Install redis."
diff --git a/raspbian-addons/etc/udev/rules.d/10-gpio.rules b/raspbian-addons/etc/udev/rules.d/10-gpio.rules
new file mode 100644
index 00000000..fea8859d
--- /dev/null
+++ b/raspbian-addons/etc/udev/rules.d/10-gpio.rules
@@ -0,0 +1,5 @@
+# Give the GPIO group access to /sys/class/gpio*
+
+SUBSYSTEM=="gpio", KERNEL!="gpio[0-9]*", ACTION=="add", PROGRAM="/bin/bash -c 'chown -R root:gpio $sys/class/gpio ; chmod 220 $sys/class/gpio/{export,unexport}'"
+
+SUBSYSTEM=="gpio", ACTION=="add", PROGRAM="/bin/bash -c 'chmod -f 755 $sys$devpath ; chmod -f 660 $sys$devpath/{active_low,direction,edge,uevent,value} ; chown -Rf root:gpio $sys/$devpath'"

From 069ff34da00e1e69baf280e0c121e651892e7085 Mon Sep 17 00:00:00 2001
From: Jason Striegel <jason.striegel@gmail.com>
Date: Thu, 19 Feb 2015 04:08:45 +0000
Subject: [PATCH 09/12] Using customized gpio library.

---
 raspbian-addons/home/coder/coder-dist/coder-base/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/raspbian-addons/home/coder/coder-dist/coder-base/package.json b/raspbian-addons/home/coder/coder-dist/coder-base/package.json
index 2041f0a3..80ae62b8 100644
--- a/raspbian-addons/home/coder/coder-dist/coder-base/package.json
+++ b/raspbian-addons/home/coder/coder-dist/coder-base/package.json
@@ -13,7 +13,7 @@
     "bcrypt": "0.7.4",
     "connect": "2.14.3",
     "cookie": "0.1.1",
-    "gpio": "*",
+    "gpio": "git://github.com/jmstriegel/GpiO.git",
     "i2c": "*",
     "pi-spi": "*"
   }

From 24ec044aa1678ba41fa1274df2265d8279f8e1ed Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sat, 21 Feb 2015 01:25:13 -0500
Subject: [PATCH 10/12] adding vim to default install

---
 installer/stock_raspbian/scripts/01_headless_basics.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/installer/stock_raspbian/scripts/01_headless_basics.sh b/installer/stock_raspbian/scripts/01_headless_basics.sh
index d0d3dc62..62c47c38 100755
--- a/installer/stock_raspbian/scripts/01_headless_basics.sh
+++ b/installer/stock_raspbian/scripts/01_headless_basics.sh
@@ -5,6 +5,10 @@ insserv ssh
 update-rc.d ssh enable
 echo ""
 
+echo "### Install vim."
+apt-get -y install vim
+echo ""
+
 echo "### Install avahi daemon (enables mDNS/DNS-SD so you can connect to coder.local)."
 apt-get -y install avahi-daemon
 echo ""

From baced2edd806c65475e8a2c8c01a6e5e61a8e23d Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sat, 21 Feb 2015 06:24:48 -0500
Subject: [PATCH 11/12] Avahi extras.

---
 .../scripts/01_headless_basics.sh             |  4 +-
 raspbian-addons/etc/avahi/avahi-daemon.conf   | 68 +++++++++++++++++++
 .../etc/avahi/services/coder.service          | 12 ++++
 3 files changed, 83 insertions(+), 1 deletion(-)
 create mode 100644 raspbian-addons/etc/avahi/avahi-daemon.conf
 create mode 100644 raspbian-addons/etc/avahi/services/coder.service

diff --git a/installer/stock_raspbian/scripts/01_headless_basics.sh b/installer/stock_raspbian/scripts/01_headless_basics.sh
index 62c47c38..b8050fcb 100755
--- a/installer/stock_raspbian/scripts/01_headless_basics.sh
+++ b/installer/stock_raspbian/scripts/01_headless_basics.sh
@@ -10,7 +10,9 @@ apt-get -y install vim
 echo ""
 
 echo "### Install avahi daemon (enables mDNS/DNS-SD so you can connect to coder.local)."
-apt-get -y install avahi-daemon
+apt-get -y install avahi-daemon avahi-utils
+cp ../../../raspbian-addons/etc/avahi/avahi-daemon.conf /etc/avahi/avahi-daemon.conf
+cp ../../../raspbian-addons/etc/avahi/services/coder.service /etc/avahi/services/
 echo ""
 
 echo "### Install dhcpd daemon (will be used to give addresses when in ad-hoc hotspot mode)."
diff --git a/raspbian-addons/etc/avahi/avahi-daemon.conf b/raspbian-addons/etc/avahi/avahi-daemon.conf
new file mode 100644
index 00000000..b7a2963e
--- /dev/null
+++ b/raspbian-addons/etc/avahi/avahi-daemon.conf
@@ -0,0 +1,68 @@
+# This file is part of avahi.
+#
+# avahi is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as
+# published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version.
+#
+# avahi is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with avahi; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA.
+
+# See avahi-daemon.conf(5) for more information on this configuration
+# file!
+
+[server]
+#host-name=foo
+#domain-name=local
+#browse-domains=0pointer.de, zeroconf.org
+use-ipv4=yes
+use-ipv6=no
+allow-interfaces=eth0,eth1,wlan0
+#deny-interfaces=eth1
+#check-response-ttl=no
+#use-iff-running=no
+#enable-dbus=yes
+#disallow-other-stacks=no
+#allow-point-to-point=no
+#cache-entries-max=4096
+#clients-max=4096
+#objects-per-client-max=1024
+#entries-per-entry-group-max=32
+ratelimit-interval-usec=1000000
+ratelimit-burst=1000
+
+[wide-area]
+enable-wide-area=yes
+
+[publish]
+#disable-publishing=no
+#disable-user-service-publishing=no
+#add-service-cookie=no
+#publish-addresses=yes
+#publish-hinfo=yes
+#publish-workstation=yes
+#publish-domain=yes
+#publish-dns-servers=192.168.50.1, 192.168.50.2
+#publish-resolv-conf-dns-servers=yes
+#publish-aaaa-on-ipv4=yes
+#publish-a-on-ipv6=no
+
+[reflector]
+#enable-reflector=no
+#reflect-ipv=no
+
+[rlimits]
+#rlimit-as=
+rlimit-core=0
+rlimit-data=4194304
+rlimit-fsize=0
+rlimit-nofile=768
+rlimit-stack=4194304
+rlimit-nproc=3
diff --git a/raspbian-addons/etc/avahi/services/coder.service b/raspbian-addons/etc/avahi/services/coder.service
new file mode 100644
index 00000000..ccca99b6
--- /dev/null
+++ b/raspbian-addons/etc/avahi/services/coder.service
@@ -0,0 +1,12 @@
+<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
+<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+
+
+<service-group>
+  <name replace-wildcards="yes">Coder Server at %h.local</name>
+
+  <service>
+    <type>_http._tcp</type>
+    <port>80</port>
+  </service>
+</service-group>

From 8b5d7fd36ffbe875ffaa8bd428c64f619196e4db Mon Sep 17 00:00:00 2001
From: Jason Striegel <jstriegel@google.com>
Date: Sun, 22 Feb 2015 17:48:04 -0500
Subject: [PATCH 12/12] handling paths with spaces.

---
 installer/macosx/CoderSetup.py   | 2 +-
 installer/macosx/formatsdcard.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/installer/macosx/CoderSetup.py b/installer/macosx/CoderSetup.py
index c49684cc..73535888 100644
--- a/installer/macosx/CoderSetup.py
+++ b/installer/macosx/CoderSetup.py
@@ -323,7 +323,7 @@ def formatSDDevice():
 
         pythonexe = os.path.dirname(sys.argv[0]) + "/../MacOS/python"
         open( logfile, 'w' ).close()
-        command = "osascript -e 'do shell script \"" + pythonexe + " -u formatsdcard.py really " + str( sdCardDev ) + " > " + logfile + " \" with administrator privileges'"
+        command = "osascript -e 'do shell script \"\\\"" + pythonexe + "\\\" -u formatsdcard.py really " + str( sdCardDev ) + " > " + logfile + " \" with administrator privileges'"
         print( "SYSTEM: " + command )
         #os.system( command )
         
diff --git a/installer/macosx/formatsdcard.py b/installer/macosx/formatsdcard.py
index 9706d2de..a0a03e36 100644
--- a/installer/macosx/formatsdcard.py
+++ b/installer/macosx/formatsdcard.py
@@ -50,7 +50,7 @@
 
     filesize = os.path.getsize( filepath )
     progresssize = 0
-    command = 'dd bs=2m if=' + filepath + ' of=/dev/rdisk' + str( sdCardDev )
+    command = 'dd bs=2m if="' + filepath + '" of=/dev/rdisk' + str( sdCardDev )
     print( "FORMATTING: " + command )
 
     proc = subprocess.Popen( command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE )