Update stage3/02-setup-system/00-run.sh

Update stage3/02-setup-system/files/gnome-initial-setup
Change file name
2025-08-04 17:42:22 -07:00 · 2025-08-04 17:40:35 -07:00 · 2025-08-04 17:23:17 -07:00 · 2025-08-04 17:18:24 -07:00 · 2025-08-04 17:16:40 -07:00 · 2025-08-04 16:50:40 -07:00
86 changed files with 1421 additions and 837 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +0,0 @@
 include:
  - project: serge/pi-gen
    ref: ci
    file: 'pi-gen.yml'
--- a/README.md
+++ b/README.md
@@ -1,23 +1,18 @@
-# pi-gen
+# ChillcraftOS Build System
-Tool used to create Raspberry Pi OS images, and custom images based on Raspberry Pi OS,
+ChillcraftOS is a custom Raspberry Pi OS built using a system based on `pi-gen`. This build system is specifically designed to create **ChillcraftOS** images, not general Raspberry Pi OS images.
 which was in turn derived from the Raspbian project.
-**Note**: Raspberry Pi OS 32 bit images are based primarily on Raspbian, while
+**Important Notes:**  
-Raspberry Pi OS 64 bit images are based primarily on Debian.
+- The 32-bit versions of ChillcraftOS are based on Raspbian.
-
+- The 64-bit versions of ChillcraftOS are based on Debian.
 **Note**: 32 bit images should be built from the `master` branch.
 64 bit images should be built from the `arm64` branch.
 ## Dependencies
-pi-gen runs on Debian-based operating systems released after 2017, and we
+The ChillcraftOS Build System relies on `pi-gen` and is compatible with Debian-based operating systems released after 2017. We recommend using the latest OS versions for better security.
 always advise you use the latest OS for security reasons.
-On other Linux distributions it may be possible to use the Docker build described
+For other Linux distributions, you can use the Docker-based build method provided below.
 below.
-To install the required dependencies for `pi-gen` you should run:
+To install the required dependencies for building ChillcraftOS, run the following command:
 ```bash
 apt-get install coreutils quilt parted qemu-user-static debootstrap zerofree zip \
@@ -25,427 +20,18 @@ dosfstools libarchive-tools libcap2-bin grep rsync xz-utils file git curl bc \
 gpg pigz xxd arch-test
 ```
-The file `depends` contains a list of tools needed.  The format of this
+The `depends` file in the repository lists all the necessary tools, formatted as `<tool>[:<debian-package>]`.
 package is `<tool>[:<debian-package>]`.
-## Getting started with building your images
+## Getting Started with Building ChillcraftOS
-Getting started is as simple as cloning this repository on your build machine. You
+To start building ChillcraftOS, clone the ChillcraftOS Build System repository:
 can do so with:
 ```bash
-git clone https://github.com/RPI-Distro/pi-gen.git
+git clone https://git.oxmc.me/Chillcraft/ChillcraftOS.git
 ```
-`--depth 1` can be added after `git clone` to create a shallow clone, only containing
+For a shallow clone containing only the latest revision, you can add `--depth 1`. **However, avoid using this on your development machine**.
 the latest revision of the repository. Do not do this on your development machine.
-Also, be careful to clone the repository to a base path **NOT** containing spaces.
+Make sure the repository is cloned to a directory **without spaces**, as spaces in the base path may cause `pi-gen` to fail.
 This configuration is not supported by debootstrap and will lead to `pi-gen` not
 running.
-After cloning the repository, you can move to the next step and start configuring
+Once cloned, you're ready to configure and start building ChillcraftOS.
 your build.
 ## Config
 Upon execution, `build.sh` will source the file `config` in the current
 working directory.  This bash shell fragment is intended to set needed
 environment variables.
 The following environment variables are supported:
 * `IMG_NAME` (Default: `raspios-$RELEASE-$ARCH`, for example: `raspios-bookworm-armhf`)
   The name of the image to build with the current stage directories. Use this
   variable to set the root name of your OS, eg `IMG_NAME=Frobulator`.
   Export files in stages may add suffixes to `IMG_NAME`.
 * `PI_GEN_RELEASE` (Default: `Raspberry Pi reference`)
   The release name to use in `/etc/issue.txt`. The default should only be used
   for official Raspberry Pi builds.
 * `RELEASE` (Default: `bookworm`)
   The release version to build images against. Valid values are any supported
   Debian release. However, since different releases will have different sets of
   packages available, you'll need to either modify your stages accordingly, or
   checkout the appropriate branch. For example, if you'd like to build a
   `bullseye` image, you should do so from the `bullseye` branch.
 * `APT_PROXY` (Default: unset)
   If you require the use of an apt proxy, set it here.  This proxy setting
   will not be included in the image, making it safe to use an `apt-cacher` or
   similar package for development.
 * `BASE_DIR`  (Default: location of `build.sh`)
   **CAUTION**: Currently, changing this value will probably break build.sh
   Top-level directory for `pi-gen`.  Contains stage directories, build
   scripts, and by default both work and deployment directories.
 * `WORK_DIR`  (Default: `$BASE_DIR/work`)
   Directory in which `pi-gen` builds the target system.  This value can be
   changed if you have a suitably large, fast storage location for stages to
   be built and cached.  Note, `WORK_DIR` stores a complete copy of the target
   system for each build stage, amounting to tens of gigabytes in the case of
   Raspbian.
   **CAUTION**: If your working directory is on an NTFS partition you probably won't be able to build: make sure this is a proper Linux filesystem.
 * `DEPLOY_DIR`  (Default: `$BASE_DIR/deploy`)
   Output directory for target system images and NOOBS bundles.
 * `DEPLOY_COMPRESSION` (Default: `zip`)
   Set to:
   * `none` to deploy the actual image (`.img`).
   * `zip` to deploy a zipped image (`.zip`).
   * `gz` to deploy a gzipped image (`.img.gz`).
   * `xz` to deploy a xzipped image (`.img.xz`).
 * `DEPLOY_ZIP` (Deprecated)
   This option has been deprecated in favor of `DEPLOY_COMPRESSION`.
   If `DEPLOY_ZIP=0` is still present in your config file, the behavior is the
   same as with `DEPLOY_COMPRESSION=none`.
 * `COMPRESSION_LEVEL` (Default: `6`)
   Compression level to be used when using `zip`, `gz` or `xz` for
   `DEPLOY_COMPRESSION`. From 0 to 9 (refer to the tool man page for more
   information on this. Usually 0 is no compression but very fast, up to 9 with
   the best compression but very slow ).
 * `USE_QEMU` (Default: `0`)
   Setting to '1' enables the QEMU mode - creating an image that can be mounted via QEMU for an emulated
   environment. These images include "-qemu" in the image file name.
 * `LOCALE_DEFAULT` (Default: 'en_GB.UTF-8' )
   Default system locale.
 * `TARGET_HOSTNAME` (Default: 'raspberrypi' )
   Setting the hostname to the specified value.
 * `KEYBOARD_KEYMAP` (Default: 'gb' )
   Default keyboard keymap.
   To get the current value from a running system, run `debconf-show
   keyboard-configuration` and look at the
   `keyboard-configuration/xkb-keymap` value.
 * `KEYBOARD_LAYOUT` (Default: 'English (UK)' )
   Default keyboard layout.
   To get the current value from a running system, run `debconf-show
   keyboard-configuration` and look at the
   `keyboard-configuration/variant` value.
 * `TIMEZONE_DEFAULT` (Default: 'Europe/London' )
   Default time zone.
   To get the current value from a running system, look in
   `/etc/timezone`.
 * `FIRST_USER_NAME` (Default: `pi`)
   Username for the first user. This user only exists during the image creation process. Unless
   `DISABLE_FIRST_BOOT_USER_RENAME` is set to `1`, this user will be renamed on the first boot with
   a name chosen by the final user. This security feature is designed to prevent shipping images
   with a default username and help prevent malicious actors from taking over your devices.
 * `FIRST_USER_PASS` (Default: unset)
   Password for the first user. If unset, the account is locked.
 * `DISABLE_FIRST_BOOT_USER_RENAME` (Default: `0`)
   Disable the renaming of the first user during the first boot. This make it so `FIRST_USER_NAME`
   stays activated. `FIRST_USER_PASS` must be set for this to work. Please be aware of the implied
   security risk of defining a default username and password for your devices.
 * `WPA_COUNTRY` (Default: unset)
   Sets the default WLAN regulatory domain and unblocks WLAN interfaces. This should be a 2-letter ISO/IEC 3166 country Code, i.e. `GB`
 * `ENABLE_SSH` (Default: `0`)
   Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you Raspberry Pi.
  * `PUBKEY_SSH_FIRST_USER` (Default: unset)
   Setting this to a value will make that value the contents of the FIRST_USER_NAME's ~/.ssh/authorized_keys.  Obviously the value should
   therefore be a valid authorized_keys file.  Note that this does not
   automatically enable SSH.
  * `PUBKEY_ONLY_SSH` (Default: `0`)
   * Setting to `1` will disable password authentication for SSH and enable
   public key authentication.  Note that if SSH is not enabled this will take
   effect when SSH becomes enabled.
 * `SETFCAP` (Default: unset)
   * Setting to `1` will prevent pi-gen from dropping the "capabilities"
   feature. Generating the root filesystem with capabilities enabled and running
   it from a filesystem that does not support capabilities (like NFS) can cause
   issues. Only enable this if you understand what it is.
 * `STAGE_LIST` (Default: `stage*`)
    If set, then instead of working through the numeric stages in order, this list will be followed. For example setting to `"stage0 stage1 mystage stage2"` will run the contents of `mystage` before stage2. Note that quotes are needed around the list. An absolute or relative path can be given for stages outside the pi-gen directory.
 * `EXPORT_CONFIG_DIR` (Default: `$BASE_DIR/export-image`)
    If set, use this directory path as the location of scripts to run when generating images. An absolute or relative path can be given for a location outside the pi-gen directory.
 A simple example for building Raspberry Pi OS:
 ```bash
 IMG_NAME='raspios'
 ```
 The config file can also be specified on the command line as an argument the `build.sh` or `build-docker.sh` scripts.
 ```
 ./build.sh -c myconfig
 ```
 This is parsed after `config` so can be used to override values set there.
 ## How the build process works
 The following process is followed to build images:
 * Iterate through all of the stage directories in alphanumeric order
 * Bypass a stage directory if it contains a file called
   "SKIP"
 * Run the script `prerun.sh` which is generally just used to copy the build
   directory between stages.
 * In each stage directory iterate through each subdirectory and then run each of the
   install scripts it contains, again in alphanumeric order. **These need to be named
   with a two digit padded number at the beginning.**
   There are a number of different files and directories which can be used to
   control different parts of the build process:
     - **00-run.sh** - A unix shell script. Needs to be made executable for it to run.
     - **00-run-chroot.sh** - A unix shell script which will be run in the chroot
       of the image build directory. Needs to be made executable for it to run.
     - **00-debconf** - Contents of this file are passed to debconf-set-selections
       to configure things like locale, etc.
     - **00-packages** - A list of packages to install. Can have more than one, space
       separated, per line.
     - **00-packages-nr** - As 00-packages, except these will be installed using
       the `--no-install-recommends -y` parameters to apt-get.
     - **00-patches** - A directory containing patch files to be applied, using quilt.
       If a file named 'EDIT' is present in the directory, the build process will
       be interrupted with a bash session, allowing an opportunity to create/revise
       the patches.
  * If the stage directory contains files called "EXPORT_NOOBS" or "EXPORT_IMAGE" then
    add this stage to a list of images to generate
  * Generate the images for any stages that have specified them
 It is recommended to examine build.sh for finer details.
 ## Docker Build
 Docker can be used to perform the build inside a container. This partially isolates
 the build from the host system, and allows using the script on non-debian based
 systems (e.g. Fedora Linux). The isolation is not complete due to the need to use
 some kernel level services for arm emulation (binfmt) and loop devices (losetup).
 To build:
 ```bash
 vi config         # Edit your config file. See above.
 ./build-docker.sh
 ```
 If everything goes well, your finished image will be in the `deploy/` folder.
 You can then remove the build container with `docker rm -v pigen_work`
 If you encounter errors during the build, you can edit the corresponding scripts, and
 continue:
 ```bash
 CONTINUE=1 ./build-docker.sh
 ```
 To examine the container after a failure you can enter a shell within it using:
 ```bash
 sudo docker run -it --privileged --volumes-from=pigen_work pi-gen /bin/bash
 ```
 After successful build, the build container is by default removed. This may be undesired when making incremental changes to a customized build. To prevent the build script from remove the container add
 ```bash
 PRESERVE_CONTAINER=1 ./build-docker.sh
 ```
 There is a possibility that even when running from a docker container, the
 installation of `qemu-user-static` will silently fail when building the image
 because `binfmt-support` _must be enabled on the underlying kernel_. An easy
 fix is to ensure `binfmt-support` is installed on the host machine before
 starting the `./build-docker.sh` script (or using your own docker build
 solution).
 ### Passing arguments to Docker
 When the docker image is run various required command line arguments are provided.  For example the system mounts the `/dev` directory to the `/dev` directory within the docker container.  If other arguments are required they may be specified in the PIGEN_DOCKER_OPTS environment variable.  For example setting `PIGEN_DOCKER_OPTS="--add-host foo:192.168.0.23"` will add '192.168.0.23   foo' to the `/etc/hosts` file in the container.  The `--name`
 and `--privileged` options are already set by the script and should not be redefined.
 ## Stage Anatomy
 ### Raspbian Stage Overview
 The build of Raspbian is divided up into several stages for logical clarity
 and modularity.  This causes some initial complexity, but it simplifies
 maintenance and allows for more easy customization.
 - **Stage 0** - bootstrap.  The primary purpose of this stage is to create a
   usable filesystem.  This is accomplished largely through the use of
   `debootstrap`, which creates a minimal filesystem suitable for use as a
   base.tgz on Debian systems.  This stage also configures apt settings and
   installs `raspberrypi-bootloader` which is missed by debootstrap.  The
   minimal core is installed but not configured. As a result, this stage will not boot.
 - **Stage 1** - truly minimal system.  This stage makes the system bootable by
   installing system files like `/etc/fstab`, configures the bootloader, makes
   the network operable, and installs packages like raspi-config.  At this
   stage the system should boot to a local console from which you have the
   means to perform basic tasks needed to configure and install the system.
 - **Stage 2** - lite system.  This stage produces the Raspberry Pi OS Lite image.
   Stage 2 installs some optimized memory functions, sets timezone and charmap
   defaults, installs fake-hwclock and ntp, wireless LAN and bluetooth support,
   dphys-swapfile, and other basics for managing the hardware.  It also
   creates necessary groups and gives the pi user access to sudo and the
   standard console hardware permission groups.
   Note: Raspberry Pi OS Lite contains a number of tools for development,
   including `Python`, `Lua` and the `build-essential` package. If you are
   creating an image to deploy in products, be sure to remove extraneous development
   tools before deployment.
 - **Stage 3** - desktop system.  Here's where you get the full desktop system
   with X11 and LXDE, web browsers, git for development, Raspberry Pi OS custom UI
   enhancements, etc.  This is a base desktop system, with some development
   tools installed.
 - **Stage 4** - Normal Raspberry Pi OS image. System meant to fit on a 4GB card.
   This is the    stage that installs most things that make Raspberry Pi OS friendly
   to new users - e.g. system documentation.
 - **Stage 5** - The Raspberry Pi OS Full image. More development
   tools, an email client, learning tools like Scratch, specialized packages
   like sonic-pi, office productivity, etc.
 ### Stage specification
 If you wish to build up to a specified stage (such as building up to stage 2
 for a lite system), place an empty file named `SKIP` in each of the `./stage`
 directories you wish not to include.
 Then add an empty file named `SKIP_IMAGES` to `./stage4` and `./stage5` (if building up to stage 2) or
 to `./stage2` (if building a minimal system).
 ```bash
 # Example for building a lite system
 echo "IMG_NAME='raspios'" > config
 touch ./stage3/SKIP ./stage4/SKIP ./stage5/SKIP
 touch ./stage4/SKIP_IMAGES ./stage5/SKIP_IMAGES
 sudo ./build.sh  # or ./build-docker.sh
 ```
 If you wish to build further configurations upon (for example) the lite
 system, you can also delete the contents of `./stage3` and `./stage4` and
 replace with your own contents in the same format.
 ## Skipping stages to speed up development
 If you're working on a specific stage the recommended development process is as
 follows:
 * Add a file called SKIP_IMAGES into the directories containing EXPORT_* files
   (currently stage2, stage4 and stage5)
 * Add SKIP files to the stages you don't want to build. For example, if you're
   basing your image on the lite image you would add these to stages 3, 4 and 5.
 * Run build.sh to build all stages
 * Add SKIP files to the earlier successfully built stages
 * Modify the last stage
 * Rebuild just the last stage using `sudo CLEAN=1 ./build.sh` (or, for docker builds
   `PRESERVE_CONTAINER=1 CONTINUE=1 CLEAN=1 ./build-docker.sh`)
 * Once you're happy with the image you can remove the SKIP_IMAGES files and
   export your image to test
 # Troubleshooting
 ## `64 Bit Systems`
 A 64 bit image can be generated from the `arm64` branch in this repository. Just
 replace the command from [this section](#getting-started-with-building-your-images)
 by the one below, and follow the rest of the documentation:
 ```bash
 git clone --branch arm64 https://github.com/RPI-Distro/pi-gen.git
 ```
 If you want to generate a 64 bits image from a Raspberry Pi running a 32 bits
 version, you need to add `arm_64bit=1` to your `config.txt` file and reboot your
 machine. This will restart your machine with a 64 bits kernel. This will only
 work from a Raspberry Pi with a 64-bit capable processor (i.e. Raspberry Pi Zero
 2, Raspberry Pi 3 or Raspberry Pi 4).
 ## `binfmt_misc`
 Linux is able to execute binaries from other architectures, meaning that it should be
 possible to make use of `pi-gen` on an x86_64 system, even though it will be running
 ARM binaries. This requires support from the [`binfmt_misc`](https://en.wikipedia.org/wiki/Binfmt_misc)
 kernel module.
 You may see one of the following errors:
 ```
 update-binfmts: warning: Couldn't load the binfmt_misc module.
 ```
 ```
 W: Failure trying to run: chroot "/pi-gen/work/test/stage0/rootfs" /bin/true
 and/or
 chroot: failed to run command '/bin/true': Exec format error
 ```
 To resolve this, ensure that the following files are available (install them if necessary):
 ```
 /lib/modules/$(uname -r)/kernel/fs/binfmt_misc.ko
 /usr/bin/qemu-aarch64-static
 ```
 You may also need to load the module by hand - run `modprobe binfmt_misc`.
 If you are using WSL to build you may have to enable the service `sudo update-binfmts --enable`
--- a/build-docker.sh
+++ b/build-docker.sh
@@ -82,7 +82,16 @@ fi
 # Modify original build-options to allow config file to be mounted in the docker container
 BUILD_OPTS="$(echo "${BUILD_OPTS:-}" | sed -E 's@\-c\s?([^ ]+)@-c /config@')"
-${DOCKER} build --build-arg BASE_IMAGE=debian:bookworm -t pi-gen "${DIR}"
+# Check the arch of the machine we're running on. If it's 64-bit, use a 32-bit base image instead
 case "$(uname -m)" in
  x86_64|aarch64)
    BASE_IMAGE=i386/debian:bookworm
    ;;
  *)
    BASE_IMAGE=debian:bookworm
    ;;
 esac
 ${DOCKER} build --build-arg BASE_IMAGE=${BASE_IMAGE} -t pi-gen "${DIR}"
 if [ "${CONTAINER_EXISTS}" != "" ]; then
  DOCKER_CMDLINE_NAME="${CONTAINER_NAME}_cont"
--- a/build.sh
+++ b/build.sh
@@ -1,90 +1,140 @@
 #!/bin/bash -e
 # shellcheck disable=SC2119
-run_sub_stage()
+run_sub_stage() {
 {
 	log "Begin ${SUB_STAGE_DIR}"
-	pushd "${SUB_STAGE_DIR}" > /dev/null
+	pushd "${SUB_STAGE_DIR}" >/dev/null
 	for i in {00..99}; do
-		if [ -f "${i}-debconf" ]; then
+		for DEBCONF_FILE in "${i}-debconf-${ARCH}" "${i}-debconf-arm-only" "${i}-debconf"; do
-			log "Begin ${SUB_STAGE_DIR}/${i}-debconf"
+			if [ -f "${SUB_STAGE_DIR}/${DEBCONF_FILE}" ]; then
-			on_chroot << EOF
+				# Skip arm-only if not arm
 				if [[ "${DEBCONF_FILE}" == *"-debconf-arm-only" ]] && [[ "${ARCH}" != "armhf" && "${ARCH}" != "arm64" ]]; then
 					continue
 				fi
 				log "Begin ${SUB_STAGE_DIR}/${DEBCONF_FILE}"
 				on_chroot <<EOF
 debconf-set-selections <<SELEOF
-$(cat "${i}-debconf")
+$(cat "${SUB_STAGE_DIR}/${DEBCONF_FILE}")
 SELEOF
 EOF
-			log "End ${SUB_STAGE_DIR}/${i}-debconf"
+				log "End ${SUB_STAGE_DIR}/${DEBCONF_FILE}"
-		fi
+			fi
-		if [ -f "${i}-packages-nr" ]; then
+		done
-			log "Begin ${SUB_STAGE_DIR}/${i}-packages-nr"
+		for PACKAGE_LIST in "${i}-packages-nr-${ARCH}" "${i}-packages-nr-arm-only" "${i}-packages-nr"; do
-			PACKAGES="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" < "${i}-packages-nr")"
+			if [ -f "${SUB_STAGE_DIR}/${PACKAGE_LIST}" ]; then
-			if [ -n "$PACKAGES" ]; then
+				# Skip arm-only packages if not arm architecture
-				on_chroot << EOF
+				if [[ "${PACKAGE_LIST}" == *"-nr-arm-only" ]] && [[ "${ARCH}" != "armhf" && "${ARCH}" != "arm64" ]]; then
 					continue
 				fi
 				log "Begin ${SUB_STAGE_DIR}/${PACKAGE_LIST}"
 				PACKAGES="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" <"${SUB_STAGE_DIR}/${PACKAGE_LIST}")"
 				if [ -n "$PACKAGES" ]; then
 					on_chroot <<EOF
 apt-get -o Acquire::Retries=3 install --no-install-recommends -y $PACKAGES
 EOF
 				fi
 				log "End ${SUB_STAGE_DIR}/${PACKAGE_LIST}"
 			fi
-			log "End ${SUB_STAGE_DIR}/${i}-packages-nr"
+		done
-		fi
+		for PACKAGE_LIST in "${i}-packages-${ARCH}" "${i}-packages-arm-only" "${i}-packages"; do
-		if [ -f "${i}-packages" ]; then
+			if [ -f "${SUB_STAGE_DIR}/${PACKAGE_LIST}" ]; then
-			log "Begin ${SUB_STAGE_DIR}/${i}-packages"
+				# Skip arm-only packages if not arm architecture
-			PACKAGES="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" < "${i}-packages")"
+				if [[ "${PACKAGE_LIST}" == *"-packages-arm-only" ]] && [[ "${ARCH}" != "armhf" && "${ARCH}" != "arm64" ]]; then
-			if [ -n "$PACKAGES" ]; then
+					continue
-				on_chroot << EOF
+				fi
 				log "Begin ${SUB_STAGE_DIR}/${PACKAGE_LIST}"
 				PACKAGES="$(sed -f "${SCRIPT_DIR}/remove-comments.sed" <"${SUB_STAGE_DIR}/${PACKAGE_LIST}")"
 				if [ -n "$PACKAGES" ]; then
 					on_chroot <<EOF
 apt-get -o Acquire::Retries=3 install -y $PACKAGES
 EOF
 				fi
 				log "End ${SUB_STAGE_DIR}/${PACKAGE_LIST}"
 			fi
-			log "End ${SUB_STAGE_DIR}/${i}-packages"
+		done
-		fi
+		for PATCH_DIR in "${i}-patches-${ARCH}" "${i}-patches-arm-only" "${i}-patches"; do
-		if [ -d "${i}-patches" ]; then
+			if [ -d "${SUB_STAGE_DIR}/${PATCH_DIR}" ]; then
-			log "Begin ${SUB_STAGE_DIR}/${i}-patches"
+				# Check arm-only patches should only apply for armhf/arm64
-			pushd "${STAGE_WORK_DIR}" > /dev/null
+				if [[ "${PATCH_DIR}" == *"-patches-arm-only" ]] && [[ "${ARCH}" != "armhf" && "${ARCH}" != "arm64" ]]; then
-			if [ "${CLEAN}" = "1" ]; then
+					continue
-				rm -rf .pc
+				fi
-				rm -rf ./*-pc
+
 				log "Begin ${SUB_STAGE_DIR}/${PATCH_DIR}"
 				pushd "${STAGE_WORK_DIR}" >/dev/null
 				if [ "${CLEAN}" = "1" ]; then
 					rm -rf .pc
 					rm -rf ./*-pc
 				fi
 				QUILT_PATCHES="${SUB_STAGE_DIR}/${PATCH_DIR}"
 				SUB_STAGE_QUILT_PATCH_DIR="$(basename "$SUB_STAGE_DIR")-pc"
 				mkdir -p "$SUB_STAGE_QUILT_PATCH_DIR"
 				ln -snf "$SUB_STAGE_QUILT_PATCH_DIR" .pc
 				quilt upgrade
 				if [ -e "${SUB_STAGE_DIR}/${PATCH_DIR}/EDIT" ]; then
 					echo "Dropping into bash to edit patches..."
 					bash
 				fi
 				RC=0
 				quilt push -a || RC=$?
 				case "$RC" in
 				0 | 2) ;; # 0 = success, 2 = "already applied"
 				*) false ;;
 				esac
 				popd >/dev/null
 				log "End ${SUB_STAGE_DIR}/${PATCH_DIR}"
 			fi
-			QUILT_PATCHES="${SUB_STAGE_DIR}/${i}-patches"
+		done
-			SUB_STAGE_QUILT_PATCH_DIR="$(basename "$SUB_STAGE_DIR")-pc"
+		for RUN_SCRIPT in "${i}-run-${ARCH}.sh" "${i}-run-arm-only.sh" "${i}-run.sh"; do
-			mkdir -p "$SUB_STAGE_QUILT_PATCH_DIR"
+			if [ -x "${SUB_STAGE_DIR}/${RUN_SCRIPT}" ]; then
-			ln -snf "$SUB_STAGE_QUILT_PATCH_DIR" .pc
+				# Skip arm-only if not arm
-			quilt upgrade
+				if [[ "${RUN_SCRIPT}" == *"-arm-only.sh" ]] && [[ "${ARCH}" != "armhf" && "${ARCH}" != "arm64" ]]; then
-			if [ -e "${SUB_STAGE_DIR}/${i}-patches/EDIT" ]; then
+					continue
-				echo "Dropping into bash to edit patches..."
+				fi
-				bash
+
 				log "Begin ${SUB_STAGE_DIR}/${RUN_SCRIPT}"
 				"./${RUN_SCRIPT}"
 				log "End ${SUB_STAGE_DIR}/${RUN_SCRIPT}"
 			fi
-			RC=0
+		done
-			quilt push -a || RC=$?
+		for CHROOT_SCRIPT in "${i}-run-chroot-${ARCH}.sh" "${i}-run-chroot-arm-only.sh" "${i}-run-chroot.sh"; do
-			case "$RC" in
+			if [ -f "${SUB_STAGE_DIR}/${CHROOT_SCRIPT}" ]; then
-				0|2)
+				# Skip arm-only if not arm
-					;;
+				if [[ "${CHROOT_SCRIPT}" == *"-arm-only.sh" ]] && [[ "${ARCH}" != "armhf" && "${ARCH}" != "arm64" ]]; then
-				*)
+					continue
-					false
+				fi
-					;;
+
-			esac
+				log "Begin ${SUB_STAGE_DIR}/${CHROOT_SCRIPT}"
-			popd > /dev/null
+				on_chroot <"${SUB_STAGE_DIR}/${CHROOT_SCRIPT}"
-			log "End ${SUB_STAGE_DIR}/${i}-patches"
+				log "End ${SUB_STAGE_DIR}/${CHROOT_SCRIPT}"
-		fi
+			fi
-		if [ -x ${i}-run.sh ]; then
+		done
 			log "Begin ${SUB_STAGE_DIR}/${i}-run.sh"
 			./${i}-run.sh
 			log "End ${SUB_STAGE_DIR}/${i}-run.sh"
 		fi
 		if [ -f ${i}-run-chroot.sh ]; then
 			log "Begin ${SUB_STAGE_DIR}/${i}-run-chroot.sh"
 			on_chroot < ${i}-run-chroot.sh
 			log "End ${SUB_STAGE_DIR}/${i}-run-chroot.sh"
 		fi
 	done
-	popd > /dev/null
+	popd >/dev/null
 	log "End ${SUB_STAGE_DIR}"
 }
-
+run_stage() {
 run_stage(){
 	log "Begin ${STAGE_DIR}"
 	STAGE="$(basename "${STAGE_DIR}")"
-	pushd "${STAGE_DIR}" > /dev/null
+	pushd "${STAGE_DIR}" >/dev/null
 	STAGE_WORK_DIR="${WORK_DIR}/${STAGE}"
 	ROOTFS_DIR="${STAGE_WORK_DIR}"/rootfs
@@ -109,9 +159,9 @@ run_stage(){
 		fi
 		for SUB_STAGE_DIR in "${STAGE_DIR}"/*; do
 			if [ -d "${SUB_STAGE_DIR}" ]; then
-        		if [ ! -f "${SUB_STAGE_DIR}/SKIP" ] && [ ! -f "${SUB_STAGE_DIR}/SKIP_${ARCH}" ]; then
+				if [ ! -f "${SUB_STAGE_DIR}/SKIP" ] && [ ! -f "${SUB_STAGE_DIR}/SKIP_${ARCH}" ]; then
-            		run_sub_stage
+					run_sub_stage
-        		fi
+				fi
 			fi
 		done
 	fi
@@ -121,7 +171,7 @@ run_stage(){
 	PREV_STAGE="${STAGE}"
 	PREV_STAGE_DIR="${STAGE_DIR}"
 	PREV_ROOTFS_DIR="${ROOTFS_DIR}"
-	popd > /dev/null
+	popd >/dev/null
 	log "End ${STAGE_DIR}"
 }
@@ -160,16 +210,14 @@ if [ -f config ]; then
 	source config
 fi
-while getopts "c:" flag
+while getopts "c:" flag; do
 do
 	case "$flag" in
-		c)
+	c)
-			EXTRA_CONFIG="$OPTARG"
+		EXTRA_CONFIG="$OPTARG"
-			# shellcheck disable=SC1090
+		# shellcheck disable=SC1090
-			source "$EXTRA_CONFIG"
+		source "$EXTRA_CONFIG"
-			;;
+		;;
-		*)
+	*) ;;
 			;;
 	esac
 done
@@ -177,7 +225,7 @@ export PI_GEN=${PI_GEN:-pi-gen}
 export PI_GEN_REPO=${PI_GEN_REPO:-https://github.com/RPi-Distro/pi-gen}
 export PI_GEN_RELEASE=${PI_GEN_RELEASE:-Raspberry Pi reference}
-export ARCH=arm64
+export ARCH="${ARCH:-arm64}"
 export RELEASE=${RELEASE:-bookworm}
 export IMG_NAME="${IMG_NAME:-chillcraftos-$RELEASE-$ARCH}"
@@ -190,28 +238,18 @@ export SCRIPT_DIR="${BASE_DIR}/scripts"
 export WORK_DIR="${WORK_DIR:-"${BASE_DIR}/work/${IMG_NAME}"}"
 export DEPLOY_DIR=${DEPLOY_DIR:-"${BASE_DIR}/deploy"}
-# DEPLOY_ZIP was deprecated in favor of DEPLOY_COMPRESSION
+export DEPLOY_COMPRESSION=${DEPLOY_COMPRESSION:-xz}
 # This preserve the old behavior with DEPLOY_ZIP=0 where no archive was created
 if [ -z "${DEPLOY_COMPRESSION}" ] && [ "${DEPLOY_ZIP:-1}" = "0" ]; then
 	echo "DEPLOY_ZIP has been deprecated in favor of DEPLOY_COMPRESSION"
 	echo "Similar behavior to DEPLOY_ZIP=0 can be obtained with DEPLOY_COMPRESSION=none"
 	echo "Please update your config file"
 	DEPLOY_COMPRESSION=none
 fi
 export DEPLOY_COMPRESSION=${DEPLOY_COMPRESSION:-zip}
 export COMPRESSION_LEVEL=${COMPRESSION_LEVEL:-6}
 export LOG_FILE="${WORK_DIR}/build.log"
-export TARGET_HOSTNAME=${TARGET_HOSTNAME:-raspberrypi}
+export TARGET_HOSTNAME=${TARGET_HOSTNAME:-chillcraftos}
-
+export FIRST_USER_NAME=${FIRST_USER_NAME:-system}
-export FIRST_USER_NAME=${FIRST_USER_NAME:-setup}
+export FIRST_USER_ISSYSTEM=${FIRST_USER_ISSYSTEM:-true}
 export FIRST_USER_PASS
 export DISABLE_FIRST_BOOT_USER_RENAME=${DISABLE_FIRST_BOOT_USER_RENAME:-0}
 export WPA_COUNTRY
 export ENABLE_SSH="${ENABLE_SSH:-0}"
 export PUBKEY_ONLY_SSH="${PUBKEY_ONLY_SSH:-0}"
-export LOCALE_DEFAULT="${LOCALE_DEFAULT:-en_GB.UTF-8}"
+export LOCALE_DEFAULT="${LOCALE_DEFAULT:-en_US.UTF-8}"
 export KEYBOARD_KEYMAP="${KEYBOARD_KEYMAP:-us}"
 export KEYBOARD_LAYOUT="${KEYBOARD_LAYOUT:-English (US)}"
@@ -224,6 +262,7 @@ export PUBKEY_SSH_FIRST_USER
 export CLEAN
 export APT_PROXY
 export TEMP_REPO
 export STAGE
 export STAGE_DIR
@@ -257,7 +296,6 @@ trap term EXIT INT TERM
 dependencies_check "${BASE_DIR}/depends"
 PAGESIZE=$(getconf PAGESIZE)
 if [ "$ARCH" == "armhf" ] && [ "$PAGESIZE" != "4096" ]; then
 	echo
@@ -285,23 +323,12 @@ if [[ ! "$FIRST_USER_NAME" =~ ^[a-z][-a-z0-9_]*$ ]]; then
 	exit 1
 fi
-if [[ "$DISABLE_FIRST_BOOT_USER_RENAME" == "1" ]] && [ -z "${FIRST_USER_PASS}" ]; then
+if [[ -n "${APT_PROXY}" ]] && ! curl --silent "${APT_PROXY}" >/dev/null; then
 	echo "To disable user rename on first boot, FIRST_USER_PASS needs to be set"
 	echo "Not setting FIRST_USER_PASS makes your system vulnerable and open to cyberattacks"
 	exit 1
 fi
 if [[ "$DISABLE_FIRST_BOOT_USER_RENAME" == "1" ]]; then
 	echo "User rename on the first boot is disabled"
 	echo "Be advised of the security risks linked to shipping a device with default username/password set."
 fi
 if [[ -n "${APT_PROXY}" ]] && ! curl --silent "${APT_PROXY}" >/dev/null ; then
 	echo "Could not reach APT_PROXY server: ${APT_PROXY}"
 	exit 1
 fi
-if [[ -n "${WPA_PASSWORD}" && ${#WPA_PASSWORD} -lt 8 || ${#WPA_PASSWORD} -gt 63  ]] ; then
+if [[ -n "${WPA_PASSWORD}" && ${#WPA_PASSWORD} -lt 8 || ${#WPA_PASSWORD} -gt 63 ]]; then
 	echo "WPA_PASSWORD" must be between 8 and 63 characters
 	exit 1
 fi
@@ -334,7 +361,17 @@ for EXPORT_DIR in ${EXPORT_DIRS}; do
 	# shellcheck source=/dev/null
 	source "${EXPORT_DIR}/EXPORT_IMAGE"
 	EXPORT_ROOTFS_DIR=${WORK_DIR}/$(basename "${EXPORT_DIR}")/rootfs
-	run_stage
+	if [ -e "${EXPORT_DIR}/EXPORT_ISO" ]; then
 		# shellcheck source=/dev/null
 		source "${EXPORT_DIR}/EXPORT_ISO"
 		STAGE_DIR="${BASE_DIR}/export-iso"
 		run_stage
 	elif [ -e "${EXPORT_DIR}/EXPORT_IMAGE" ]; then
 		# shellcheck source=/dev/null
 		source "${EXPORT_DIR}/EXPORT_IMAGE"
 		STAGE_DIR="${BASE_DIR}/export-image"
 		run_stage
 	fi
 	if [ "${USE_QEMU}" != "1" ]; then
 		if [ -e "${EXPORT_DIR}/EXPORT_NOOBS" ]; then
 			# shellcheck source=/dev/null
--- a/1
+++ b/1
@@ -0,0 +1 @@
 ARCH=amd64
--- a/1
+++ b/1
@@ -0,0 +1 @@
 ARCH=arm64
--- a/docs/config.md
+++ b/docs/config.md
@@ -0,0 +1,172 @@
 ## Config
 Upon execution, `build.sh` will source the file `config` in the current
 working directory.  This bash shell fragment is intended to set needed
 environment variables.
 The following environment variables are supported:
 * `IMG_NAME` (Default: `raspios-$RELEASE-$ARCH`, for example: `raspios-bookworm-armhf`)
   The name of the image to build with the current stage directories. Use this
   variable to set the root name of your OS, eg `IMG_NAME=Frobulator`.
   Export files in stages may add suffixes to `IMG_NAME`.
 * `PI_GEN_RELEASE` (Default: `Raspberry Pi reference`)
   The release name to use in `/etc/issue.txt`. The default should only be used
   for official Raspberry Pi builds.
 * `RELEASE` (Default: `bookworm`)
   The release version to build images against. Valid values are any supported
   Debian release. However, since different releases will have different sets of
   packages available, you'll need to either modify your stages accordingly, or
   checkout the appropriate branch. For example, if you'd like to build a
   `bullseye` image, you should do so from the `bullseye` branch.
 * `APT_PROXY` (Default: unset)
   If you require the use of an apt proxy, set it here.  This proxy setting
   will not be included in the image, making it safe to use an `apt-cacher` or
   similar package for development.
 * `TEMP_REPO` (Default: unset)
   An additional temporary apt repo to be used during the build process. This
   could be useful if you require pre-release software to be included in the
   image. The variable should contain sources in [one-line-style format](https://manpages.debian.org/stable/apt/sources.list.5.en.html#ONE-LINE-STYLE_FORMAT).
   "RELEASE" will be replaced with the RELEASE variable.
 * `BASE_DIR`  (Default: location of `build.sh`)
   **CAUTION**: Currently, changing this value will probably break build.sh
   Top-level directory for `pi-gen`.  Contains stage directories, build
   scripts, and by default both work and deployment directories.
 * `WORK_DIR`  (Default: `$BASE_DIR/work`)
   Directory in which `pi-gen` builds the target system.  This value can be
   changed if you have a suitably large, fast storage location for stages to
   be built and cached.  Note, `WORK_DIR` stores a complete copy of the target
   system for each build stage, amounting to tens of gigabytes in the case of
   Raspbian.
   **CAUTION**: If your working directory is on an NTFS partition you probably won't be able to build: make sure this is a proper Linux filesystem.
 * `DEPLOY_DIR`  (Default: `$BASE_DIR/deploy`)
   Output directory for target system images and NOOBS bundles.
 * `DEPLOY_COMPRESSION` (Default: `zip`)
   Set to:
   * `none` to deploy the actual image (`.img`).
   * `zip` to deploy a zipped image (`.zip`).
   * `gz` to deploy a gzipped image (`.img.gz`).
   * `xz` to deploy a xzipped image (`.img.xz`).
 * `DEPLOY_ZIP` (Deprecated)
   This option has been deprecated in favor of `DEPLOY_COMPRESSION`.
   If `DEPLOY_ZIP=0` is still present in your config file, the behavior is the
   same as with `DEPLOY_COMPRESSION=none`.
 * `COMPRESSION_LEVEL` (Default: `6`)
   Compression level to be used when using `zip`, `gz` or `xz` for
   `DEPLOY_COMPRESSION`. From 0 to 9 (refer to the tool man page for more
   information on this. Usually 0 is no compression but very fast, up to 9 with
   the best compression but very slow ).
 * `USE_QEMU` (Default: `0`)
   Setting to '1' enables the QEMU mode - creating an image that can be mounted via QEMU for an emulated
   environment. These images include "-qemu" in the image file name.
 * `LOCALE_DEFAULT` (Default: 'en_GB.UTF-8' )
   Default system locale.
 * `TARGET_HOSTNAME` (Default: 'raspberrypi' )
   Setting the hostname to the specified value.
 * `KEYBOARD_KEYMAP` (Default: 'gb' )
   Default keyboard keymap.
   To get the current value from a running system, run `debconf-show
   keyboard-configuration` and look at the
   `keyboard-configuration/xkb-keymap` value.
 * `KEYBOARD_LAYOUT` (Default: 'English (UK)' )
   Default keyboard layout.
   To get the current value from a running system, run `debconf-show
   keyboard-configuration` and look at the
   `keyboard-configuration/variant` value.
 * `TIMEZONE_DEFAULT` (Default: 'Europe/London' )
   Default time zone.
   To get the current value from a running system, look in
   `/etc/timezone`.
 * `FIRST_USER_NAME` (Default: `system`)
   Username for the first user. This user only exists during the image creation process.
 * `WPA_COUNTRY` (Default: unset)
   Sets the default WLAN regulatory domain and unblocks WLAN interfaces. This should be a 2-letter ISO/IEC 3166 country Code, i.e. `GB`
 * `ENABLE_SSH` (Default: `0`)
   Setting to `1` will enable ssh server for remote log in. Note that if you are using a common password such as the defaults there is a high risk of attackers taking over you Raspberry Pi.
  * `PUBKEY_SSH_FIRST_USER` (Default: unset)
   Setting this to a value will make that value the contents of the FIRST_USER_NAME's ~/.ssh/authorized_keys.  Obviously the value should
   therefore be a valid authorized_keys file.  Note that this does not
   automatically enable SSH.
  * `PUBKEY_ONLY_SSH` (Default: `0`)
   * Setting to `1` will disable password authentication for SSH and enable
   public key authentication.  Note that if SSH is not enabled this will take
   effect when SSH becomes enabled.
 * `SETFCAP` (Default: unset)
   * Setting to `1` will prevent pi-gen from dropping the "capabilities"
   feature. Generating the root filesystem with capabilities enabled and running
   it from a filesystem that does not support capabilities (like NFS) can cause
   issues. Only enable this if you understand what it is.
 * `STAGE_LIST` (Default: `stage*`)
    If set, then instead of working through the numeric stages in order, this list will be followed. For example setting to `"stage0 stage1 mystage stage2"` will run the contents of `mystage` before stage2. Note that quotes are needed around the list. An absolute or relative path can be given for stages outside the pi-gen directory.
 * `EXPORT_CONFIG_DIR` (Default: `$BASE_DIR/export-image`)
    If set, use this directory path as the location of scripts to run when generating images. An absolute or relative path can be given for a location outside the pi-gen directory.
 A simple example for building Raspberry Pi OS:
 ```bash
 IMG_NAME='raspios'
 ```
 The config file can also be specified on the command line as an argument the `build.sh` or `build-docker.sh` scripts.
 ```
 ./build.sh -c myconfig
 ```
 This is parsed after `config` so can be used to override values set there.
--- a/docs/docker-build.md
+++ b/docs/docker-build.md
@@ -0,0 +1,47 @@
 ## Docker Build
 Docker can be used to perform the build inside a container. This partially isolates
 the build from the host system, and allows using the script on non-debian based
 systems (e.g. Fedora Linux). The isolation is not complete due to the need to use
 some kernel level services for arm emulation (binfmt) and loop devices (losetup).
 To build:
 ```bash
 vi config         # Edit your config file. See above.
 ./build-docker.sh
 ```
 If everything goes well, your finished image will be in the `deploy/` folder.
 You can then remove the build container with `docker rm -v pigen_work`
 If you encounter errors during the build, you can edit the corresponding scripts, and
 continue:
 ```bash
 CONTINUE=1 ./build-docker.sh
 ```
 To examine the container after a failure you can enter a shell within it using:
 ```bash
 sudo docker run -it --privileged --volumes-from=pigen_work pi-gen /bin/bash
 ```
 After successful build, the build container is by default removed. This may be undesired when making incremental changes to a customized build. To prevent the build script from remove the container add
 ```bash
 PRESERVE_CONTAINER=1 ./build-docker.sh
 ```
 There is a possibility that even when running from a docker container, the
 installation of `qemu-user-static` will silently fail when building the image
 because `binfmt-support` _must be enabled on the underlying kernel_. An easy
 fix is to ensure `binfmt-support` is installed on the host machine before
 starting the `./build-docker.sh` script (or using your own docker build
 solution).
 ### Passing arguments to Docker
 When the docker image is run various required command line arguments are provided.  For example the system mounts the `/dev` directory to the `/dev` directory within the docker container.  If other arguments are required they may be specified in the PIGEN_DOCKER_OPTS environment variable.  For example setting `PIGEN_DOCKER_OPTS="--add-host foo:192.168.0.23"` will add '192.168.0.23   foo' to the `/etc/hosts` file in the container.  The `--name`
 and `--privileged` options are already set by the script and should not be redefined.
--- a/docs/get-started.md
+++ b/docs/get-started.md
@@ -0,0 +1,48 @@
 # pi-gen
 Tool used to create Raspberry Pi OS images, and custom images based on Raspberry Pi OS,
 which was in turn derived from the Raspbian project.
 **Note**: Raspberry Pi OS 32 bit images are based primarily on Raspbian, while
 Raspberry Pi OS 64 bit images are based primarily on Debian.
 **Note**: 32 bit images should be built from the `master` branch.
 64 bit images should be built from the `arm64` branch.
 ## Dependencies
 pi-gen runs on Debian-based operating systems released after 2017, and we
 always advise you use the latest OS for security reasons.
 On other Linux distributions it may be possible to use the Docker build described
 below.
 To install the required dependencies for `pi-gen` you should run:
 ```bash
 apt-get install coreutils quilt parted qemu-user-static debootstrap zerofree zip \
 dosfstools libarchive-tools libcap2-bin grep rsync xz-utils file git curl bc \
 gpg pigz xxd arch-test
 ```
 The file `depends` contains a list of tools needed.  The format of this
 package is `<tool>[:<debian-package>]`.
 ## Getting started with building your images
 Getting started is as simple as cloning this repository on your build machine. You
 can do so with:
 ```bash
 git clone https://github.com/RPI-Distro/pi-gen.git
 ```
 `--depth 1` can be added after `git clone` to create a shallow clone, only containing
 the latest revision of the repository. Do not do this on your development machine.
 Also, be careful to clone the repository to a base path **NOT** containing spaces.
 This configuration is not supported by debootstrap and will lead to `pi-gen` not
 running.
 After cloning the repository, you can move to the next step and start configuring
 your build.
--- a/docs/how-the-build-process-works.md
+++ b/docs/how-the-build-process-works.md
@@ -0,0 +1,43 @@
 ## How the build process works
 The following process is followed to build images:
 * Iterate through all of the stage directories in alphanumeric order
 * Bypass a stage directory if it contains a file called
   "SKIP"
 * Run the script `prerun.sh` which is generally just used to copy the build
   directory between stages.
 * In each stage directory iterate through each subdirectory and then run each of the
   install scripts it contains, again in alphanumeric order. **These need to be named
   with a two digit padded number at the beginning.**
   There are a number of different files and directories which can be used to
   control different parts of the build process:
     - **00-run.sh** - A unix shell script. Needs to be made executable for it to run.
     - **00-run-chroot.sh** - A unix shell script which will be run in the chroot
       of the image build directory. Needs to be made executable for it to run.
     - **00-debconf** - Contents of this file are passed to debconf-set-selections
       to configure things like locale, etc.
     - **00-packages** - A list of packages to install. Can have more than one, space
       separated, per line.
     - **00-packages-nr** - As 00-packages, except these will be installed using
       the `--no-install-recommends -y` parameters to apt-get.
     - **00-patches** - A directory containing patch files to be applied, using quilt.
       If a file named 'EDIT' is present in the directory, the build process will
       be interrupted with a bash session, allowing an opportunity to create/revise
       the patches.
  * If the stage directory contains files called "EXPORT_NOOBS" or "EXPORT_IMAGE" then
    add this stage to a list of images to generate
  * Generate the images for any stages that have specified them
 It is recommended to examine build.sh for finer details.
--- a/docs/stage-anatomy.md
+++ b/docs/stage-anatomy.md
@@ -0,0 +1,84 @@
 ## Stage Anatomy
 ### Raspbian Stage Overview
 The build of Raspbian is divided up into several stages for logical clarity
 and modularity.  This causes some initial complexity, but it simplifies
 maintenance and allows for more easy customization.
 - **Stage 0** - bootstrap.  The primary purpose of this stage is to create a
   usable filesystem.  This is accomplished largely through the use of
   `debootstrap`, which creates a minimal filesystem suitable for use as a
   base.tgz on Debian systems.  This stage also configures apt settings and
   installs `raspberrypi-bootloader` which is missed by debootstrap.  The
   minimal core is installed but not configured. As a result, this stage will not boot.
 - **Stage 1** - truly minimal system.  This stage makes the system bootable by
   installing system files like `/etc/fstab`, configures the bootloader, makes
   the network operable, and installs packages like raspi-config.  At this
   stage the system should boot to a local console from which you have the
   means to perform basic tasks needed to configure and install the system.
 - **Stage 2** - lite system.  This stage produces the Raspberry Pi OS Lite image.
   Stage 2 installs some optimized memory functions, sets timezone and charmap
   defaults, installs fake-hwclock and ntp, wireless LAN and bluetooth support,
   dphys-swapfile, and other basics for managing the hardware.  It also
   creates necessary groups and gives the pi user access to sudo and the
   standard console hardware permission groups.
   Note: Raspberry Pi OS Lite contains a number of tools for development,
   including `Python`, `Lua` and the `build-essential` package. If you are
   creating an image to deploy in products, be sure to remove extraneous development
   tools before deployment.
 - **Stage 3** - desktop system.  Here's where you get the full desktop system
   with X11 and LXDE, web browsers, git for development, Raspberry Pi OS custom UI
   enhancements, etc.  This is a base desktop system, with some development
   tools installed.
 - **Stage 4** - Normal Raspberry Pi OS image. System meant to fit on a 4GB card.
   This is the    stage that installs most things that make Raspberry Pi OS friendly
   to new users - e.g. system documentation.
 - **Stage 5** - The Raspberry Pi OS Full image. More development
   tools, an email client, learning tools like Scratch, specialized packages
   like sonic-pi, office productivity, etc.
 ### Stage specification
 If you wish to build up to a specified stage (such as building up to stage 2
 for a lite system), place an empty file named `SKIP` in each of the `./stage`
 directories you wish not to include.
 Then add an empty file named `SKIP_IMAGES` to `./stage4` and `./stage5` (if building up to stage 2) or
 to `./stage2` (if building a minimal system).
 ```bash
 # Example for building a lite system
 echo "IMG_NAME='raspios'" > config
 touch ./stage3/SKIP ./stage4/SKIP ./stage5/SKIP
 touch ./stage4/SKIP_IMAGES ./stage5/SKIP_IMAGES
 sudo ./build.sh  # or ./build-docker.sh
 ```
 If you wish to build further configurations upon (for example) the lite
 system, you can also delete the contents of `./stage3` and `./stage4` and
 replace with your own contents in the same format.
 ## Skipping stages to speed up development
 If you're working on a specific stage the recommended development process is as
 follows:
 * Add a file called SKIP_IMAGES into the directories containing EXPORT_* files
   (currently stage2, stage4 and stage5)
 * Add SKIP files to the stages you don't want to build. For example, if you're
   basing your image on the lite image you would add these to stages 3, 4 and 5.
 * Run build.sh to build all stages
 * Add SKIP files to the earlier successfully built stages
 * Modify the last stage
 * Rebuild just the last stage using `sudo CLEAN=1 ./build.sh` (or, for docker builds
   `PRESERVE_CONTAINER=1 CONTINUE=1 CLEAN=1 ./build-docker.sh`)
 * Once you're happy with the image you can remove the SKIP_IMAGES files and
   export your image to test
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@@ -0,0 +1,45 @@
 # Troubleshooting
 ## `64 Bit Systems`
 A 64 bit image can be generated from the `arm64` branch in this repository. Just
 replace the command from [this section](#getting-started-with-building-your-images)
 by the one below, and follow the rest of the documentation:
 ```bash
 git clone --branch arm64 https://github.com/RPI-Distro/pi-gen.git
 ```
 If you want to generate a 64 bits image from a Raspberry Pi running a 32 bits
 version, you need to add `arm_64bit=1` to your `config.txt` file and reboot your
 machine. This will restart your machine with a 64 bits kernel. This will only
 work from a Raspberry Pi with a 64-bit capable processor (i.e. Raspberry Pi Zero
 2, Raspberry Pi 3 or Raspberry Pi 4).
 ## `binfmt_misc`
 Linux is able to execute binaries from other architectures, meaning that it should be
 possible to make use of `pi-gen` on an x86_64 system, even though it will be running
 ARM binaries. This requires support from the [`binfmt_misc`](https://en.wikipedia.org/wiki/Binfmt_misc)
 kernel module.
 You may see one of the following errors:
 ```
 update-binfmts: warning: Couldn't load the binfmt_misc module.
 ```
 ```
 W: Failure trying to run: chroot "/pi-gen/work/test/stage0/rootfs" /bin/true
 and/or
 chroot: failed to run command '/bin/true': Exec format error
 ```
 To resolve this, ensure that the following files are available (install them if necessary):
 ```
 /lib/modules/$(uname -r)/kernel/fs/binfmt_misc.ko
 /usr/bin/qemu-aarch64-static
 ```
 You may also need to load the module by hand - run `modprobe binfmt_misc`.
 If you are using WSL to build you may have to enable the service `sudo update-binfmts --enable`
--- a/export-image/00-allow-rerun/00-run.sh
+++ b/export-image/00-allow-rerun/00-run.sh
@@ -1,9 +1,7 @@
 #!/bin/bash -e
-if [ ! -x "${ROOTFS_DIR}/usr/bin/qemu-arm-static" ]; then
+if [[ "${ARCH}" == "arm64" || "${ARCH}" == "armhf" ]]; then
-	cp /usr/bin/qemu-arm-static "${ROOTFS_DIR}/usr/bin/"
+	if [ -e "${ROOTFS_DIR}/etc/ld.so.preload" ]; then
-fi
+		mv "${ROOTFS_DIR}/etc/ld.so.preload" "${ROOTFS_DIR}/etc/ld.so.preload.disabled"
-
+	fi
-if [ -e "${ROOTFS_DIR}/etc/ld.so.preload" ]; then
+fi
 	mv "${ROOTFS_DIR}/etc/ld.so.preload" "${ROOTFS_DIR}/etc/ld.so.preload.disabled"
 fi
--- a/export-image/01-set-sources/01-run.sh
+++ b/export-image/01-set-sources/01-run.sh
@@ -0,0 +1,11 @@
 #!/bin/bash -e
 rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache"
 rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list"
 find "${ROOTFS_DIR}/var/lib/apt/lists/" -type f -delete
 on_chroot << EOF
 apt-get update
 apt-get -y dist-upgrade --auto-remove --purge
 apt-get clean
 apt-file update
 EOF
--- a/export-image/01-user-rename/00-packages
+++ b/export-image/01-user-rename/00-packages
@@ -1 +0,0 @@
 userconf-pi
--- a/export-image/01-user-rename/01-run.sh
+++ b/export-image/01-user-rename/01-run.sh
@@ -1,9 +0,0 @@
 #!/bin/bash -e
 if [[ "${DISABLE_FIRST_BOOT_USER_RENAME}" == "0" ]]; then
 	on_chroot <<- EOF
 		SUDO_USER="${FIRST_USER_NAME}" rename-user -f -s
 	EOF
 else
 	rm -f "${ROOTFS_DIR}/etc/xdg/autostart/piwiz.desktop"
 fi
--- a/export-image/02-network/01-run.sh
+++ b/export-image/02-network/01-run.sh
--- a/export-image/02-network/files/resolv.conf
+++ b/export-image/02-network/files/resolv.conf
--- a/export-image/03-set-partuuid/00-run.sh
+++ b/export-image/03-set-partuuid/00-run.sh
@@ -0,0 +1,15 @@
 #!/bin/bash -e
 IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img"
 IMGID="$(dd if="${IMG_FILE}" skip=440 bs=1 count=4 2>/dev/null | xxd -e | cut -f 2 -d' ')"
 BOOT_PARTUUID="${IMGID}-01"
 RECOVERY_PARTUUID="${IMGID}-02"
 ROOT_PARTUUID="${IMGID}-03"
 sed -i "s/BOOTDEV/PARTUUID=${BOOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab"
 sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab"
 #sed -i "s/RECOVERY/PARTUUID=${RECOVERY_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab"
 sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/boot/firmware/cmdline.txt"
--- a/export-image/04-finalise/01-run.sh
+++ b/export-image/04-finalise/01-run.sh
@@ -0,0 +1,141 @@
 #!/bin/bash -e
 IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img"
 INFO_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.info"
 SBOM_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.sbom"
 BMAP_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.bmap"
 on_chroot << EOF
 update-initramfs -k all -c
 if [ -x /etc/init.d/fake-hwclock ]; then
 	/etc/init.d/fake-hwclock stop
 fi
 if hash hardlink 2>/dev/null; then
 	hardlink -t /usr/share/doc
 fi
 EOF
 if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then
 	sed -i 's/^update_initramfs=.*/update_initramfs=yes/' "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf"
 	sed -i 's/^MODULES=.*/MODULES=dep/' "${ROOTFS_DIR}/etc/initramfs-tools/initramfs.conf"
 fi
 #if [ -d "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" ]; then
 #	chmod 700 "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config"
 #fi
 rm -f "${ROOTFS_DIR}/usr/bin/qemu-arm-static"
 if [ "${USE_QEMU}" != "1" ]; then
 	if [ -e "${ROOTFS_DIR}/etc/ld.so.preload.disabled" ]; then
 		mv "${ROOTFS_DIR}/etc/ld.so.preload.disabled" "${ROOTFS_DIR}/etc/ld.so.preload"
 	fi
 fi
 rm -f "${ROOTFS_DIR}/etc/network/interfaces.dpkg-old"
 rm -f "${ROOTFS_DIR}/etc/apt/sources.list~"
 rm -f "${ROOTFS_DIR}/etc/apt/trusted.gpg~"
 rm -f "${ROOTFS_DIR}/etc/passwd-"
 rm -f "${ROOTFS_DIR}/etc/group-"
 rm -f "${ROOTFS_DIR}/etc/shadow-"
 rm -f "${ROOTFS_DIR}/etc/gshadow-"
 rm -f "${ROOTFS_DIR}/etc/subuid-"
 rm -f "${ROOTFS_DIR}/etc/subgid-"
 rm -f "${ROOTFS_DIR}"/var/cache/debconf/*-old
 rm -f "${ROOTFS_DIR}"/var/lib/dpkg/*-old
 rm -f "${ROOTFS_DIR}"/usr/share/icons/*/icon-theme.cache
 rm -f "${ROOTFS_DIR}/var/lib/dbus/machine-id"
 true > "${ROOTFS_DIR}/etc/machine-id"
 ln -nsf /proc/mounts "${ROOTFS_DIR}/etc/mtab"
 find "${ROOTFS_DIR}/var/log/" -type f -exec cp /dev/null {} \;
 rm -f "${ROOTFS_DIR}/root/.vnc/private.key"
 rm -f "${ROOTFS_DIR}/etc/vnc/updateid"
 update_issue "$(basename "${EXPORT_DIR}")"
 install -m 644 "${ROOTFS_DIR}/etc/rpi-issue" "${ROOTFS_DIR}/boot/firmware/issue.txt"
 if ! [ -L "${ROOTFS_DIR}/boot/issue.txt" ]; then
 	ln -s firmware/issue.txt "${ROOTFS_DIR}/boot/issue.txt"
 fi
 cp "$ROOTFS_DIR/etc/rpi-issue" "$INFO_FILE"
 {
 	if [ -f "$ROOTFS_DIR/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" ]; then
 		firmware=$(zgrep "firmware as of" \
 			"$ROOTFS_DIR/usr/share/doc/raspberrypi-kernel/changelog.Debian.gz" | \
 			head -n1 | sed  -n 's|.* \([^ ]*\)$|\1|p')
 		printf "\nFirmware: https://github.com/raspberrypi/firmware/tree/%s\n" "$firmware"
 		kernel="$(curl -s -L "https://github.com/raspberrypi/firmware/raw/$firmware/extra/git_hash")"
 		printf "Kernel: https://github.com/raspberrypi/linux/tree/%s\n" "$kernel"
 		uname="$(curl -s -L "https://github.com/raspberrypi/firmware/raw/$firmware/extra/uname_string7")"
 		printf "Uname string: %s\n" "$uname"
 	fi
 	printf "\nPackages:\n"
 	dpkg -l --root "$ROOTFS_DIR"
 } >> "$INFO_FILE"
 if hash syft 2>/dev/null; then
 	syft scan dir:"${ROOTFS_DIR}" \
 		--base-path="${ROOTFS_DIR}" \
 		--source-name="${IMG_NAME}${IMG_SUFFIX}" \
 		--source-version="${IMG_DATE}" \
 		-o spdx-json="${SBOM_FILE}"
 fi
 ROOT_DEV="$(awk "\$2 == \"${ROOTFS_DIR}\" {print \$1}" /etc/mtab)"
 unmount "${ROOTFS_DIR}"
 zerofree "${ROOT_DEV}"
 unmount_image "${IMG_FILE}"
 if hash bmaptool 2>/dev/null; then
 	bmaptool create \
 		-o "${BMAP_FILE}" \
 		"${IMG_FILE}"
 fi
 mkdir -p "${DEPLOY_DIR}"
 rm -f "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.*"
 rm -f "${DEPLOY_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img"
 case "${DEPLOY_COMPRESSION}" in
 zip)
 	pushd "${STAGE_WORK_DIR}" > /dev/null
 	zip -"${COMPRESSION_LEVEL}" \
 	"${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.zip" "$(basename "${IMG_FILE}")"
 	popd > /dev/null
 	;;
 gz)
 	pigz --force -"${COMPRESSION_LEVEL}" "$IMG_FILE" --stdout > \
 	"${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.img.gz"
 	;;
 xz)
 	xz --compress --force --threads 0 --memlimit-compress=50% -"${COMPRESSION_LEVEL}" \
 	--stdout "$IMG_FILE" > "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.img.xz"
 	;;
 none | *)
 	cp "$IMG_FILE" "$DEPLOY_DIR/"
 ;;
 esac
 if [ -f "${SBOM_FILE}" ]; then
 	xz -c "${SBOM_FILE}" > "$DEPLOY_DIR/$(basename "${SBOM_FILE}").xz"
 fi
 if [ -f "${BMAP_FILE}" ]; then
 	cp "$BMAP_FILE" "$DEPLOY_DIR/"
 fi
 cp "$INFO_FILE" "$DEPLOY_DIR/"
--- a/export-image/mk-img.sh
+++ b/export-image/mk-img.sh
@@ -1,73 +0,0 @@
 #!/bin/bash -e
 IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img"
 unmount_image "${IMG_FILE}"
 rm -f "${IMG_FILE}"
 rm -rf "${ROOTFS_DIR}"
 mkdir -p "${ROOTFS_DIR}"
 BOOT_SIZE="$((512 * 1024 * 1024))"
 ROOT_SIZE=$(du -x --apparent-size -s "${EXPORT_ROOTFS_DIR}" --exclude var/cache/apt/archives --exclude boot/firmware --block-size=1 | cut -f 1)
 # All partition sizes and starts will be aligned to this size
 ALIGN="$((4 * 1024 * 1024))"
 # Add this much space to the calculated file size. This allows for
 # some overhead (since actual space usage is usually rounded up to the
 # filesystem block size) and gives some free space on the resulting
 # image.
 ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 200 * 1024 * 1024) / 1" | bc)"
 BOOT_PART_START=$((ALIGN))
 BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 ROOT_PART_START=$((BOOT_PART_START + BOOT_PART_SIZE))
 ROOT_PART_SIZE=$(((ROOT_SIZE + ROOT_MARGIN + ALIGN  - 1) / ALIGN * ALIGN))
 IMG_SIZE=$((BOOT_PART_START + BOOT_PART_SIZE + ROOT_PART_SIZE))
 truncate -s "${IMG_SIZE}" "${IMG_FILE}"
 parted --script "${IMG_FILE}" mklabel msdos
 parted --script "${IMG_FILE}" unit B mkpart primary fat32 "${BOOT_PART_START}" "$((BOOT_PART_START + BOOT_PART_SIZE - 1))"
 parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${ROOT_PART_START}" "$((ROOT_PART_START + ROOT_PART_SIZE - 1))"
 echo "Creating loop device..."
 cnt=0
 until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do
 	if [ $cnt -lt 5 ]; then
 		cnt=$((cnt + 1))
 		echo "Error in losetup.  Retrying..."
 		sleep 5
 	else
 		echo "ERROR: losetup failed; exiting"
 		exit 1
 	fi
 done
 ensure_loopdev_partitions "$LOOP_DEV"
 BOOT_DEV="${LOOP_DEV}p1"
 ROOT_DEV="${LOOP_DEV}p2"
 ROOT_FEATURES="^huge_file"
 for FEATURE in 64bit; do
 if grep -q "$FEATURE" /etc/mke2fs.conf; then
 	ROOT_FEATURES="^$FEATURE,$ROOT_FEATURES"
 fi
 done
 if [ "$BOOT_SIZE" -lt 134742016 ]; then
 	FAT_SIZE=16
 else
 	FAT_SIZE=32
 fi
 mkdosfs -n bootfs -F "$FAT_SIZE" -s 4 -v "$BOOT_DEV" > /dev/null
 mkfs.ext4 -L rootfs -O "$ROOT_FEATURES" "$ROOT_DEV" > /dev/null
 mount -v "$ROOT_DEV" "${ROOTFS_DIR}" -t ext4
 mkdir -p "${ROOTFS_DIR}/boot/firmware"
 mount -v "$BOOT_DEV" "${ROOTFS_DIR}/boot/firmware" -t vfat
 rsync -aHAXx --exclude /var/cache/apt/archives --exclude /boot/firmware "${EXPORT_ROOTFS_DIR}/" "${ROOTFS_DIR}/"
 rsync -rtx "${EXPORT_ROOTFS_DIR}/boot/firmware/" "${ROOTFS_DIR}/boot/firmware/"
--- a/export-image/mk-iso.sh
+++ b/export-image/mk-iso.sh
@@ -1,92 +0,0 @@
 #!/bin/bash -e
 ISO_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.iso"
 unmount_image "${ISO_FILE}"
 rm -f "${ISO_FILE}"
 rm -rf "${ROOTFS_DIR}"
 mkdir -p "${ROOTFS_DIR}"
 BOOT_SIZE="$((512 * 1024 * 1024))"
 ROOT_SIZE=$(du -x --apparent-size -s "${EXPORT_ROOTFS_DIR}" --exclude var/cache/apt/archives --exclude boot/firmware --block-size=1 | cut -f 1)
 # All partition sizes and starts will be aligned to this size
 ALIGN="$((4 * 1024 * 1024))"
 # Add this much space to the calculated file size. This allows for
 # some overhead (since actual space usage is usually rounded up to the
 # filesystem block size) and gives some free space on the resulting
 # image.
 ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 200 * 1024 * 1024) / 1" | bc)"
 BOOT_PART_START=$((ALIGN))
 BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 ROOT_PART_START=$((BOOT_PART_START + BOOT_PART_SIZE))
 ROOT_PART_SIZE=$(((ROOT_SIZE + ROOT_MARGIN + ALIGN  - 1) / ALIGN * ALIGN))
 IMG_SIZE=$((BOOT_PART_START + BOOT_PART_SIZE + ROOT_PART_SIZE))
 truncate -s "${IMG_SIZE}" "${ISO_FILE}"
 parted --script "${ISO_FILE}" mklabel msdos
 parted --script "${ISO_FILE}" unit B mkpart primary fat32 "${BOOT_PART_START}" "$((BOOT_PART_START + BOOT_PART_SIZE - 1))"
 parted --script "${ISO_FILE}" unit B mkpart primary ext4 "${ROOT_PART_START}" "$((ROOT_PART_START + ROOT_PART_SIZE - 1))"
 echo "Creating loop device..."
 cnt=0
 until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$ISO_FILE")"; do
    if [ $cnt -lt 5 ]; then
        cnt=$((cnt + 1))
        echo "Error in losetup. Retrying..."
        sleep 5
    else
        echo "ERROR: losetup failed; exiting"
        exit 1
    fi
 done
 ensure_loopdev_partitions "$LOOP_DEV"
 BOOT_DEV="${LOOP_DEV}p1"
 ROOT_DEV="${LOOP_DEV}p2"
 ROOT_FEATURES="^huge_file"
 for FEATURE in 64bit; do
    if grep -q "$FEATURE" /etc/mke2fs.conf; then
        ROOT_FEATURES="^$FEATURE,$ROOT_FEATURES"
    fi
 done
 if [ "$BOOT_SIZE" -lt 134742016 ]; then
    FAT_SIZE=16
 else
    FAT_SIZE=32
 fi
 mkdosfs -n bootfs -F "$FAT_SIZE" -s 4 -v "$BOOT_DEV" > /dev/null
 mkfs.ext4 -L rootfs -O "$ROOT_FEATURES" "$ROOT_DEV" > /dev/null
 mount -v "$ROOT_DEV" "${ROOTFS_DIR}" -t ext4
 mkdir -p "${ROOTFS_DIR}/boot/firmware"
 mount -v "$BOOT_DEV" "${ROOTFS_DIR}/boot/firmware" -t vfat
 rsync -aHAXx --exclude /var/cache/apt/archives --exclude /boot/firmware "${EXPORT_ROOTFS_DIR}/" "${ROOTFS_DIR}/"
 rsync -rtx "${EXPORT_ROOTFS_DIR}/boot/firmware/" "${ROOTFS_DIR}/boot/firmware/"
 # Create bootable ISO with GRUB
 echo "Creating bootable ISO..."
 mkdir -p "${ROOTFS_DIR}/boot/grub"
 # Install GRUB bootloader
 cat > "${ROOTFS_DIR}/boot/grub/grub.cfg" <<EOF
 set default=0
 set timeout=5
 menuentry "Linux" {
    linux /boot/vmlinuz root=/dev/sda2
    initrd /boot/initrd.img
 }
 EOF
 grub-mkrescue -o "${ISO_FILE}" "${ROOTFS_DIR}"
 echo "Bootable ISO created at ${ISO_FILE}"
--- a/export-image/prerun.sh
+++ b/export-image/prerun.sh
@@ -1,10 +1,86 @@
 #!/bin/bash -e
-# Check if the architecture is arm64 or armhf
+IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img"
-if [[ "$ARCH" == "arm64" || "$ARCH" == "armhf" ]]; then
+
-    # If the architecture is arm64 or armhf, run mk-img.sh
+unmount_image "${IMG_FILE}"
-    ./mk-img.sh
+
 rm -f "${IMG_FILE}"
 rm -rf "${ROOTFS_DIR}"
 mkdir -p "${ROOTFS_DIR}"
 BOOT_SIZE="$((512 * 1024 * 1024))"
 RECOVERY_SIZE="$((256 * 1024 * 1024))"
 ROOT_SIZE=$(du -x --apparent-size -s "${EXPORT_ROOTFS_DIR}" --exclude var/cache/apt/archives --exclude boot/firmware --block-size=1 | cut -f 1)
 # All partition sizes and starts will be aligned to this size
 ALIGN="$((8 * 1024 * 1024))"
 ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 400 * 1024 * 1024) / 1" | bc)"
 BOOT_PART_START=$((ALIGN))
 BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 RECOVERY_PART_START=$((BOOT_PART_START + BOOT_PART_SIZE))
 RECOVERY_PART_SIZE=$(((RECOVERY_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 ROOT_PART_START=$((RECOVERY_PART_START + RECOVERY_PART_SIZE))
 ROOT_PART_SIZE=$(((ROOT_SIZE + ROOT_MARGIN + ALIGN - 1) / ALIGN * ALIGN))
 IMG_SIZE=$((BOOT_PART_START + BOOT_PART_SIZE + RECOVERY_PART_SIZE + ROOT_PART_SIZE))
 echo "Estimated sizes:"
 echo "  Boot partition: $((BOOT_PART_SIZE / 1024 / 1024))MB"
 echo "  Root partition: $((ROOT_PART_SIZE / 1024 / 1024))MB"
 echo "  Recovery partition: $((RECOVERY_PART_SIZE / 1024 / 1024))MB"
 echo "  Total image size: $((IMG_SIZE / 1024 / 1024))MB"
 truncate -s "${IMG_SIZE}" "${IMG_FILE}"
 parted --script "${IMG_FILE}" mklabel msdos
 parted --script "${IMG_FILE}" unit B mkpart primary fat32 "${BOOT_PART_START}" "$((BOOT_PART_START + BOOT_PART_SIZE - 1))"
 parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${RECOVERY_PART_START}" "$((RECOVERY_PART_START + RECOVERY_PART_SIZE - 1))"
 parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${ROOT_PART_START}" "$((ROOT_PART_START + ROOT_PART_SIZE - 1))"
 echo "Creating loop device..."
 cnt=0
 until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do
 	if [ $cnt -lt 5 ]; then
 		cnt=$((cnt + 1))
 		echo "Error in losetup.  Retrying..."
 		sleep 5
 	else
 		echo "ERROR: losetup failed; exiting"
 		exit 1
 	fi
 done
 ensure_loopdev_partitions "$LOOP_DEV"
 BOOT_DEV="${LOOP_DEV}p1"
 RECOVERY_DEV="${LOOP_DEV}p2"
 ROOT_DEV="${LOOP_DEV}p3"
 ROOT_FEATURES="^huge_file"
 for FEATURE in 64bit; do
 	if grep -q "$FEATURE" /etc/mke2fs.conf; then
 		ROOT_FEATURES="^$FEATURE,$ROOT_FEATURES"
 	fi
 done
 if [ "$BOOT_SIZE" -lt 134742016 ]; then
 	FAT_SIZE=16
 else
-    # Otherwise, run mk-iso.sh
+	FAT_SIZE=32
-    ./mk-iso.sh
+fi
-fi
+
 mkdosfs -n bootfs -F "$FAT_SIZE" -s 4 -v "$BOOT_DEV" > /dev/null
 mkfs.ext4 -L recovery -O "$ROOT_FEATURES" "$RECOVERY_DEV" > /dev/null
 mkfs.ext4 -L rootfs -O "$ROOT_FEATURES" "$ROOT_DEV" > /dev/null
 mount -v "$ROOT_DEV" "${ROOTFS_DIR}" -t ext4
 mkdir -p "${ROOTFS_DIR}/boot/firmware"
 mount -v "$BOOT_DEV" "${ROOTFS_DIR}/boot/firmware" -t vfat
 #mkdir -p "${ROOTFS_DIR}/recovery"
 #mount -v "$RECOVERY_DEV" "${ROOTFS_DIR}/recovery" -t ext4
 rsync -aHAXx --exclude /var/cache/apt/archives --exclude /boot/firmware "${EXPORT_ROOTFS_DIR}/" "${ROOTFS_DIR}/"
 rsync -rtx "${EXPORT_ROOTFS_DIR}/boot/firmware/" "${ROOTFS_DIR}/boot/firmware/"
 #rsync -aHAXx "${EXPORT_ROOTFS_DIR}/recovery/" "${ROOTFS_DIR}/recovery/"
 echo "Image created with boot, rootfs, and 256MB recovery partition."
--- a/export-iso/00-allow-rerun/00-run.sh
+++ b/export-iso/00-allow-rerun/00-run.sh
@@ -0,0 +1,11 @@
 #!/bin/bash -e
 if [[ "${ARCH}" == "arm64" || "${ARCH}" == "armhf" ]]; then
 	if [ ! -x "${ROOTFS_DIR}/usr/bin/qemu-arm-static" ]; then
 		cp /usr/bin/qemu-arm-static "${ROOTFS_DIR}/usr/bin/"
 	fi
 	if [ -e "${ROOTFS_DIR}/etc/ld.so.preload" ]; then
 		mv "${ROOTFS_DIR}/etc/ld.so.preload" "${ROOTFS_DIR}/etc/ld.so.preload.disabled"
 	fi
 fi
--- a/export-image/02-set-sources/01-run.sh
+++ b/export-image/02-set-sources/01-run.sh
@@ -3,8 +3,8 @@
 rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache"
 find "${ROOTFS_DIR}/var/lib/apt/lists/" -type f -delete
 on_chroot << EOF
 apt-file update
 apt-get update
 apt-get -y dist-upgrade --auto-remove --purge
 apt-get clean
 apt-file update
 EOF
--- a/export-iso/02-network/01-run.sh
+++ b/export-iso/02-network/01-run.sh
@@ -0,0 +1,3 @@
 #!/bin/bash -e
 install -m 644 files/resolv.conf "${ROOTFS_DIR}/etc/"
--- a/export-iso/02-network/files/resolv.conf
+++ b/export-iso/02-network/files/resolv.conf
@@ -0,0 +1 @@
 nameserver 8.8.8.8
--- a/export-image/04-set-partuuid/00-run.sh
+++ b/export-image/04-set-partuuid/00-run.sh
@@ -6,8 +6,10 @@ IMGID="$(dd if="${IMG_FILE}" skip=440 bs=1 count=4 2>/dev/null | xxd -e | cut -f
 BOOT_PARTUUID="${IMGID}-01"
 ROOT_PARTUUID="${IMGID}-02"
 #HOME_PARTUUID="${IMGID}-03"
 sed -i "s/BOOTDEV/PARTUUID=${BOOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab"
 sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab"
 #sed -i "s/HOMEDEV/PARTUUID=${HOME_PARTUUID}/" "${ROOTFS_DIR}/etc/fstab"
 sed -i "s/ROOTDEV/PARTUUID=${ROOT_PARTUUID}/" "${ROOTFS_DIR}/boot/firmware/cmdline.txt"
--- a/export-image/05-finalise/01-run.sh
+++ b/export-image/05-finalise/01-run.sh
@@ -3,6 +3,7 @@
 IMG_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.img"
 INFO_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.info"
 SBOM_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.sbom"
 BMAP_FILE="${STAGE_WORK_DIR}/${IMG_FILENAME}${IMG_SUFFIX}.bmap"
 on_chroot << EOF
 update-initramfs -k all -c
@@ -19,9 +20,9 @@ if [ -f "${ROOTFS_DIR}/etc/initramfs-tools/update-initramfs.conf" ]; then
 	sed -i 's/^MODULES=.*/MODULES=dep/' "${ROOTFS_DIR}/etc/initramfs-tools/initramfs.conf"
 fi
-if [ -d "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" ]; then
+#if [ -d "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config" ]; then
-	chmod 700 "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config"
+#	chmod 700 "${ROOTFS_DIR}/home/${FIRST_USER_NAME}/.config"
-fi
+#fi
 rm -f "${ROOTFS_DIR}/usr/bin/qemu-arm-static"
@@ -100,6 +101,12 @@ zerofree "${ROOT_DEV}"
 unmount_image "${IMG_FILE}"
 if hash bmaptool 2>/dev/null; then
 	bmaptool create \
 		-o "${BMAP_FILE}" \
 		"${IMG_FILE}"
 fi
 mkdir -p "${DEPLOY_DIR}"
 rm -f "${DEPLOY_DIR}/${ARCHIVE_FILENAME}${IMG_SUFFIX}.*"
@@ -128,4 +135,7 @@ esac
 if [ -f "${SBOM_FILE}" ]; then
 	xz -c "${SBOM_FILE}" > "$DEPLOY_DIR/image_$(basename "${SBOM_FILE}").xz"
 fi
 if [ -f "${BMAP_FILE}" ]; then
 	xz -c "${BMAP_FILE}" > "$DEPLOY_DIR/image_$(basename "${BMAP_FILE}").xz"
 fi
 cp "$INFO_FILE" "$DEPLOY_DIR/"
--- a/export-iso/prerun.sh
+++ b/export-iso/prerun.sh
@@ -0,0 +1,134 @@
 #!/bin/bash -e
 IMG_NAME="${IMG_FILENAME}${IMG_SUFFIX}"
 IMG_FILE="${STAGE_WORK_DIR}/${IMG_NAME}.img"
 MOUNT_DIR="${ROOTFS_DIR}"
 BOOT_SIZE=$((512 * 1024 * 1024))
 EFI_SIZE=$((128 * 1024 * 1024)) # 128MB EFI partition
 RECOVERY_SIZE=$((256 * 1024 * 1024))
 ALIGN=$((4 * 1024 * 1024))
 unmount_image "${IMG_FILE}"
 rm -f "${IMG_FILE}"
 rm -rf "${MOUNT_DIR}"
 mkdir -p "${MOUNT_DIR}"
 # Calculate rootfs size
 ROOT_SIZE=$(du -x --apparent-size -s "${EXPORT_ROOTFS_DIR}" --exclude var/cache/apt/archives --exclude boot/firmware --block-size=1 | cut -f 1)
 ROOT_MARGIN="$(echo "($ROOT_SIZE * 0.2 + 200 * 1024 * 1024) / 1" | bc)"
 BOOT_PART_START=$((ALIGN))
 BOOT_PART_SIZE=$(((BOOT_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 EFI_PART_START=$((BOOT_PART_START + BOOT_PART_SIZE))
 EFI_PART_SIZE=$(((EFI_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 ROOT_PART_START=$((EFI_PART_START + EFI_PART_SIZE))
 ROOT_PART_SIZE=$(((ROOT_SIZE + ROOT_MARGIN + ALIGN - 1) / ALIGN * ALIGN))
 RECOVERY_PART_START=$((ROOT_PART_START + ROOT_PART_SIZE))
 RECOVERY_PART_SIZE=$(((RECOVERY_SIZE + ALIGN - 1) / ALIGN * ALIGN))
 IMG_SIZE=$((BOOT_PART_START + BOOT_PART_SIZE + EFI_PART_SIZE + ROOT_PART_SIZE + RECOVERY_PART_SIZE))
 # Create raw image
 truncate -s "${IMG_SIZE}" "${IMG_FILE}"
 parted --script "${IMG_FILE}" mklabel gpt
 parted --script "${IMG_FILE}" unit B mkpart primary fat32 "${BOOT_PART_START}" "$((BOOT_PART_START + BOOT_PART_SIZE - 1))"
 parted --script "${IMG_FILE}" set 1 boot on
 parted --script "${IMG_FILE}" unit B mkpart primary fat32 "${EFI_PART_START}" "$((EFI_PART_START + EFI_PART_SIZE - 1))"
 parted --script "${IMG_FILE}" set 2 esp on
 parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${ROOT_PART_START}" "$((ROOT_PART_START + ROOT_PART_SIZE - 1))"
 parted --script "${IMG_FILE}" unit B mkpart primary ext4 "${RECOVERY_PART_START}" "$((RECOVERY_PART_START + RECOVERY_PART_SIZE - 1))"
 # Create loop device
 cnt=0
 until ensure_next_loopdev && LOOP_DEV="$(losetup --show --find --partscan "$IMG_FILE")"; do
    ((cnt++))
    if [ $cnt -ge 5 ]; then echo "ERROR: losetup failed"; exit 1; fi
    echo "Retrying losetup..."; sleep 5
 done
 ensure_loopdev_partitions "$LOOP_DEV"
 BOOT_DEV="${LOOP_DEV}p1"
 EFI_DEV="${LOOP_DEV}p2"
 ROOT_DEV="${LOOP_DEV}p3"
 RECOVERY_DEV="${LOOP_DEV}p4"
 # Format partitions
 FAT_SIZE=$([ "$BOOT_SIZE" -lt 134742016 ] && echo 16 || echo 32)
 mkdosfs -n bootfs -F "$FAT_SIZE" -s 4 "$BOOT_DEV"
 mkfs.fat -F 32 -n EFI "$EFI_DEV"
 mkfs.ext4 -L rootfs -O "^64bit,^huge_file" "$ROOT_DEV"
 mkfs.ext4 -L recovery "$RECOVERY_DEV"
 # Mount and copy rootfs
 mount "$ROOT_DEV" "$MOUNT_DIR" -t ext4
 mkdir -p "${MOUNT_DIR}/boot"
 mount "$BOOT_DEV" "${MOUNT_DIR}/boot" -t vfat
 mkdir -p "${MOUNT_DIR}/boot/efi"
 mount "$EFI_DEV" "${MOUNT_DIR}/boot/efi" -t vfat
 rsync -aHAXx --exclude /var/cache/apt/archives --exclude /boot/firmware --exclude /boot/overlays "${EXPORT_ROOTFS_DIR}/" "${MOUNT_DIR}/"
 # Recovery partition
 mkdir -p "${MOUNT_DIR}/recovery"
 mount "$RECOVERY_DEV" "${MOUNT_DIR}/recovery" -t ext4
 # Optionally copy recovery tools
 # cp recovery-tools/recovery.sh "${MOUNT_DIR}/recovery/"
 # Install GRUB (BIOS)
 mkdir -p "${MOUNT_DIR}/boot/grub"
 cat > "${MOUNT_DIR}/boot/grub/grub.cfg" <<EOF
 set default=0
 set timeout=5
 menuentry "Linux" {
    linux /boot/vmlinuz root=/dev/sda3
    initrd /boot/initrd.img
 }
 EOF
 grub-install \
  --target=i386-pc \
  --boot-directory="${MOUNT_DIR}/boot" \
  --modules="part_msdos ext2 fat normal biosdisk" \
  --force \
  --no-floppy \
  --boot-directory="${MOUNT_DIR}/boot" \
  "$LOOP_DEV"
 # Install GRUB (UEFI)
 mkdir -p "${MOUNT_DIR}/boot/efi/EFI/boot"
 grub-install \
  --target=x86_64-efi \
  --efi-directory="${MOUNT_DIR}/boot/efi" \
  --boot-directory="${MOUNT_DIR}/boot" \
  --removable \
  --no-nvram \
  --modules="part_gpt part_msdos ext2 fat normal efi_gop efi_uga biosdisk" \
  --bootloader-id=GRUB \
  --recheck
 # Unmount all
 umount -l "${MOUNT_DIR}/boot/efi"
 umount -l "${MOUNT_DIR}/boot"
 umount -l "${MOUNT_DIR}/recovery"
 umount -l "${MOUNT_DIR}"
 losetup -d "$LOOP_DEV"
 # Create hybrid ISO using xorriso (make sure it's installed)
 ISO_FILE="${STAGE_WORK_DIR}/${IMG_NAME}.iso"
 EFI_IMG="${STAGE_WORK_DIR}/efi.img"
 dd if=/dev/zero of="${EFI_IMG}" bs=1M count=128
 mkfs.vfat "${EFI_IMG}"
 mmd -i "${EFI_IMG}" ::/EFI ::/EFI/boot
 mcopy -i "${EFI_IMG}" "${MOUNT_DIR}/boot/efi/EFI/boot/bootx64.efi" ::/EFI/boot/bootx64.efi
 xorriso -as mkisofs \
  -r -J -joliet -l \
  -b boot/grub/i386-pc/eltorito.img \
  -no-emul-boot -boot-load-size 4 -boot-info-table \
  -eltorito-alt-boot \
  -e efi.img \
  -no-emul-boot \
  -isohybrid-gpt-basdat \
  -o "${ISO_FILE}" \
  "${MOUNT_DIR}" \
  --efi-boot-part --efi-boot-image --protective-msdos-label
 echo "Bootable ISO with BIOS and UEFI support created at ${ISO_FILE}"
--- a/scripts/common
+++ b/scripts/common
@@ -9,10 +9,9 @@ bootstrap(){
 	export http_proxy=${APT_PROXY}
-	BOOTSTRAP_ARGS+=(--arch arm64)
+	BOOTSTRAP_ARGS+=(--arch "$ARCH")
 	BOOTSTRAP_ARGS+=(--include gnupg)
 	BOOTSTRAP_ARGS+=(--components "main,contrib,non-free")
 	#BOOTSTRAP_ARGS+=(--keyring "${STAGE_DIR}/files/raspberrypi.gpg")
 	BOOTSTRAP_ARGS+=(--exclude=info,ifupdown)
 	BOOTSTRAP_ARGS+=(--include=ca-certificates)
 	BOOTSTRAP_ARGS+=("$@")
--- a/stage0/00-configure-apt/00-run.sh
+++ b/stage0/00-configure-apt/00-run.sh
@@ -1,12 +1,18 @@
 #!/bin/bash -e
 # Configure apt sources
 install -m 644 files/sources.list "${ROOTFS_DIR}/etc/apt/"
 install -m 644 files/raspi.list "${ROOTFS_DIR}/etc/apt/sources.list.d/"
 #install -m 644 files/oxmc.list "${ROOTFS_DIR}/etc/apt/sources.list.d/"
 sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list"
 sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspi.list"
 #sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/oxmc.list"
 if [[ "${ARCH}" == "arm64" || "${ARCH}" == "armhf" ]]; then
 	install -m 644 files/raspi.list "${ROOTFS_DIR}/etc/apt/sources.list.d/"
 	sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/raspi.list"
 fi
 install -m 644 files/oxmc.list "${ROOTFS_DIR}/etc/apt/sources.list.d/"
 sed -i "s/RELEASE/${RELEASE}/g" "${ROOTFS_DIR}/etc/apt/sources.list.d/oxmc.list"
 # Configure apt proxy
 if [ -n "$APT_PROXY" ]; then
 	install -m 644 files/51cache "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache"
 	sed "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache" -i -e "s|APT_PROXY|${APT_PROXY}|"
@@ -14,17 +20,35 @@ else
 	rm -f "${ROOTFS_DIR}/etc/apt/apt.conf.d/51cache"
 fi
-cat files/raspberrypi.gpg.key | gpg --dearmor > "${STAGE_WORK_DIR}/raspberrypi-archive-stable.gpg"
+if [ -n "$TEMP_REPO" ]; then
-install -m 644 "${STAGE_WORK_DIR}/raspberrypi-archive-stable.gpg" "${ROOTFS_DIR}/etc/apt/trusted.gpg.d/"
+	install -m 644 /dev/null "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list"
-#cat files/oxmc.gpg.key | gpg --dearmor > "${STAGE_WORK_DIR}/oxmc.gpg"
+	echo "$TEMP_REPO" | sed "s/RELEASE/$RELEASE/g" > "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list"
-#install -m 644 "${STAGE_WORK_DIR}/oxmc.gpg" "${ROOTFS_DIR}/etc/apt/trusted.gpg.d/"
+else
 	rm -f "${ROOTFS_DIR}/etc/apt/sources.list.d/00-temp.list"
 fi
 # Configure apt preferences
 install -m 644 files/apt-chillcraftos-prefs "${ROOTFS_DIR}/etc/apt/preferences.d/"
 if [[ "${ARCH}" == "arm64" || "${ARCH}" == "armhf" ]]; then
 	# Add raspberrypi-archive-keyring to apt
 	cat files/raspberrypi.gpg.key | gpg --dearmor > "${STAGE_WORK_DIR}/raspberrypi-archive-stable.gpg"
 	install -m 644 "${STAGE_WORK_DIR}/raspberrypi-archive-stable.gpg" "${ROOTFS_DIR}/etc/apt/trusted.gpg.d/"
 fi
 # Add oxmc-archive-keyring to apt
 cat files/oxmc.gpg.key | gpg --dearmor > "${STAGE_WORK_DIR}/oxmc.gpg"
 install -m 644 "${STAGE_WORK_DIR}/oxmc.gpg" "${ROOTFS_DIR}/etc/apt/trusted.gpg.d/"
 # Add armhf and arm64 architectures, update and upgrade and cache policy
 on_chroot <<- \EOF
-	ARCH="$(dpkg --print-architecture)"
+	SYSTEM_ARCH="$(dpkg --print-architecture)"
-	if [ "$ARCH" = "armhf" ]; then
+	if [ "$SYSTEM_ARCH" = "armhf" ]; then
 		dpkg --add-architecture arm64
-	elif [ "$ARCH" = "arm64" ]; then
+	elif [ "$SYSTEM_ARCH" = "arm64" ]; then
 		dpkg --add-architecture armhf
 	fi
 	apt-get update
 	apt-get dist-upgrade -y
 	apt-cache policy
 EOF
--- a/stage0/00-configure-apt/files/apt-chillcraftos-prefs
+++ b/stage0/00-configure-apt/files/apt-chillcraftos-prefs
@@ -0,0 +1,3 @@
 Package: *
 Pin: release o=apt.oxmc.me, n=bookworm
 Pin-Priority: 1001
--- a/stage0/00-configure-apt/files/oxmc.list
+++ b/stage0/00-configure-apt/files/oxmc.list
@@ -1,3 +1,3 @@
-deb http://apt.oxmc.me/ RELEASE main
+deb https://cdn.oxmc.me/apt RELEASE main
 # Uncomment line below then 'apt-get update' to enable 'apt-get source'
-#deb-src http://apt.oxmc.me/ RELEASE main
+#deb-src https://cdn.oxmc.me/apt RELEASE main
--- a/stage0/01-locale/00-run.sh
+++ b/stage0/01-locale/00-run.sh
@@ -0,0 +1,9 @@
 #!/bin/bash
 set -e
 #on_chroot <<- EOF
 #    sed -i "/^${LOCALE_DEFAULT//./\\.} UTF-8/s/^#//" /etc/locale.gen || echo "${LOCALE_DEFAULT} UTF-8" >> /etc/locale.gen
 #    locale-gen
 #    update-locale LANG=${LOCALE_DEFAULT}
 #    echo "LANG=${LOCALE_DEFAULT}" > /etc/default/locale
 #EOF
--- a/stage0/02-firmware/01-packages-amd64
+++ b/stage0/02-firmware/01-packages-amd64
@@ -0,0 +1 @@
 grub2
--- a/stage0/02-firmware/01-packages-arm-only
+++ b/stage0/02-firmware/01-packages-arm-only
--- a/stage0/files/raspberrypi.gpg
+++ b/stage0/files/raspberrypi.gpg
--- a/stage1/00-boot-files/00-run-arm-only.sh
+++ b/stage1/00-boot-files/00-run-arm-only.sh
--- a/stage1/01-sys-tweaks/00-packages-arm-only
+++ b/stage1/01-sys-tweaks/00-packages-arm-only
--- a/stage1/01-sys-tweaks/00-run.sh
+++ b/stage1/01-sys-tweaks/00-run.sh
@@ -2,17 +2,17 @@
 install -v -m 644 files/fstab "${ROOTFS_DIR}/etc/fstab"
 # SteamOS like readonly root
-install -m 644 files/system-readonly "${ROOTFS_DIR}/sbin/"
+install -m 755 files/system-readonly "${ROOTFS_DIR}/sbin/"
 on_chroot << EOF
 if ! id -u ${FIRST_USER_NAME} >/dev/null 2>&1; then
-	adduser --disabled-password --gecos "" ${FIRST_USER_NAME}
+    #adduser --disabled-password --gecos "" ${FIRST_USER_NAME}
    if [ "${FIRST_USER_ISSYSTEM}" = "true" ]; then
        useradd -r -M -d / ${FIRST_USER_NAME}
    else
        adduser --disabled-password --gecos "" ${FIRST_USER_NAME}
    fi
 fi
 if [ -n "${FIRST_USER_PASS}" ]; then
 	echo "${FIRST_USER_NAME}:${FIRST_USER_PASS}" | chpasswd
 fi
 echo "root:root" | chpasswd
 EOF
--- a/stage1/01-sys-tweaks/files/fstab
+++ b/stage1/01-sys-tweaks/files/fstab
@@ -1,5 +1,3 @@
-proc            /proc           proc    defaults          0       0
+proc     /proc           proc    defaults          0       0
 BOOTDEV  /boot/firmware  vfat    defaults          0       2
-ROOTDEV  /               ext4    defaults,noatime  0       1
+ROOTDEV  /               ext4    defaults,noatime  0       1
 # For /home (always writable):
 LABEL=home /home ext4 defaults 0 2
--- a/stage1/01-sys-tweaks/files/system-readonly
+++ b/stage1/01-sys-tweaks/files/system-readonly
@@ -4,24 +4,24 @@ FSTAB_FILE="/etc/fstab"
 if [ "$1" == "enable" ]; then
    echo "Enabling read-only mode..."
-    
+
    # Modify fstab to set root filesystem as read-only
-    sudo sed -i 's|\(ROOTDEV.* / .* ext4 \)defaults,noatime|\1ro,noatime|' "$FSTAB_FILE"
+    sudo sed -i 's|\(PARTUUID=[^ ]* / .* ext4 \)defaults,noatime|\1ro,noatime|' "$FSTAB_FILE"
-    
+
    # Remount root as read-only
    sudo mount -o remount,ro /
-    
+
    echo "System is now read-only. Reboot for changes to persist."
 elif [ "$1" == "disable" ]; then
    echo "Disabling read-only mode..."
-    
+
    # Modify fstab to set root filesystem as writable
-    sudo sed -i 's|\(ROOTDEV.* / .* ext4 \)ro,noatime|\1defaults,noatime|' "$FSTAB_FILE"
+    sudo sed -i 's|\(PARTUUID=[^ ]* / .* ext4 \)ro,noatime|\1defaults,noatime|' "$FSTAB_FILE"
-    
+
    # Remount root as writable
    sudo mount -o remount,rw /
-    
+
    echo "System is now writable. Reboot for changes to persist."
 else
--- a/stage1/02-net-tweaks/00-run.sh
+++ b/stage1/02-net-tweaks/00-run.sh
@@ -2,7 +2,3 @@
 echo "${TARGET_HOSTNAME}" > "${ROOTFS_DIR}/etc/hostname"
 echo "127.0.1.1		${TARGET_HOSTNAME}" >> "${ROOTFS_DIR}/etc/hosts"
 on_chroot << EOF
 	SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_net_names 1
 EOF
--- a/stage1/02-net-tweaks/01-run-arm-only.sh
+++ b/stage1/02-net-tweaks/01-run-arm-only.sh
@@ -0,0 +1,5 @@
 #!/bin/bash -e
 on_chroot << EOF
 	SUDO_USER="${FIRST_USER_NAME}" raspi-config nonint do_net_names 1
 EOF
--- a/stage2/01-sys-tweaks/00-packages
+++ b/stage2/01-sys-tweaks/00-packages
@@ -12,13 +12,10 @@ ca-certificates curl
 fake-hwclock nfs-common usbutils
 dosfstools
 dphys-swapfile
 raspberrypi-sys-mods
 pi-bluetooth
 apt-listchanges
 apt-file
 usb-modeswitch
 libpam-chksshpwd
 rpi-update
 libmtp-runtime
 rsync
 htop
@@ -28,8 +25,6 @@ ssh-import-id
 ethtool
 ntfs-3g
 pciutils
 rpi-eeprom
 raspi-utils
 udisks2
 unzip zip p7zip-full
 file
--- a/stage2/01-sys-tweaks/00-patches-arm-only/01-resize-init.diff
+++ b/stage2/01-sys-tweaks/00-patches-arm-only/01-resize-init.diff
--- a/stage2/01-sys-tweaks/00-patches-arm-only/series
+++ b/stage2/01-sys-tweaks/00-patches-arm-only/series
@@ -0,0 +1 @@
 01-resize-init.diff
--- a/stage2/01-sys-tweaks/00-patches/03-inputrc.diff
+++ b/stage2/01-sys-tweaks/00-patches/03-inputrc.diff
--- a/stage2/01-sys-tweaks/00-patches/04-path.diff
+++ b/stage2/01-sys-tweaks/00-patches/04-path.diff
--- a/stage2/01-sys-tweaks/00-patches/series
+++ b/stage2/01-sys-tweaks/00-patches/series
@@ -1,5 +1,4 @@
 01-useradd.diff
 02-swap.diff
-04-inputrc.diff
+03-inputrc.diff
-05-path.diff
+04-path.diff
 07-resize-init.diff
--- a/stage2/01-sys-tweaks/01-packages-arm-only
+++ b/stage2/01-sys-tweaks/01-packages-arm-only
@@ -0,0 +1,5 @@
 raspberrypi-sys-mods
 pi-bluetooth
 rpi-update
 rpi-eeprom
 raspi-utils
--- a/stage2/01-sys-tweaks/01-run.sh
+++ b/stage2/01-sys-tweaks/01-run.sh
@@ -2,7 +2,9 @@
 install -m 755 files/resize2fs_once	"${ROOTFS_DIR}/etc/init.d/"
-install -m 644 files/50raspi		"${ROOTFS_DIR}/etc/apt/apt.conf.d/"
+if [[ "${ARCH}" == "arm64" || "${ARCH}" == "armhf" ]]; then
 	install -m 644 files/50raspi		"${ROOTFS_DIR}/etc/apt/apt.conf.d/"
 fi
 install -m 644 files/console-setup   	"${ROOTFS_DIR}/etc/default/"
@@ -27,7 +29,9 @@ if [ "${ENABLE_SSH}" == "1" ]; then
 else
 	systemctl disable ssh
 fi
-systemctl enable regenerate_ssh_host_keys
+if [[ "${ARCH}" == "arm64" || "${ARCH}" == "armhf" ]]; then
 	systemctl enable regenerate_ssh_host_keys
 fi
 EOF
 if [ "${USE_QEMU}" = "1" ]; then
--- a/stage2/02-net-tweaks/00-packages
+++ b/stage2/02-net-tweaks/00-packages
@@ -1,4 +1,3 @@
-wpasupplicant wireless-tools firmware-atheros firmware-brcm80211 firmware-libertas firmware-misc-nonfree firmware-realtek
+wpasupplicant wireless-tools firmware-atheros firmware-brcm80211 firmware-libertas firmware-realtek firmware-mediatek firmware-marvell-prestera-
 raspberrypi-net-mods
 network-manager
 net-tools
--- a/stage2/02-net-tweaks/01-packages-arm-only
+++ b/stage2/02-net-tweaks/01-packages-arm-only
@@ -0,0 +1 @@
 raspberrypi-net-mods
--- a/stage2/02-net-tweaks/01-run-arm-only.sh
+++ b/stage2/02-net-tweaks/01-run-arm-only.sh
--- a/stage3/00-install-packages/00-packages
+++ b/stage3/00-install-packages/00-packages
@@ -1,15 +1,13 @@
 gstreamer1.0-x gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-alsa gstreamer1.0-libav
-evince gtk2-engines alsa-utils
+gtk2-engines alsa-utils
 desktop-base
 git
 gvfs
 rfkill
 firefox rpi-firefox-mods libwidevinecdm0
 gldriver-test
 fonts-droid-fallback
 fonts-liberation2
 obconf
-raindrop
+python3-pyqt5 python3-qtawesome
 python3-pyqt5
 python3-opengl
 vulkan-tools mesa-vulkan-drivers
 libopengl0
--- a/stage3/00-install-packages/01-packages-amd64
+++ b/stage3/00-install-packages/01-packages-amd64
@@ -0,0 +1 @@
 firefox-esr
--- a/stage3/00-install-packages/01-packages-arm-only
+++ b/stage3/00-install-packages/01-packages-arm-only
@@ -0,0 +1,2 @@
 firefox rpi-firefox-mods libwidevinecdm0
 gldriver-test
--- a/stage3/00-install-packages/01-packages-nr
+++ b/stage3/00-install-packages/01-packages-nr
@@ -1,6 +1,4 @@
 xserver-xorg xinit
 mousepad
 eom
 menu-xdg
 yad zenity xdg-utils
 gvfs-backends gvfs-fuse
--- a/stage3/00-install-packages/01-run.sh
+++ b/stage3/00-install-packages/01-run.sh
@@ -1,5 +1,5 @@
 #!/bin/bash -e
 on_chroot <<- EOF
-	apt-mark auto python3-pyqt5 python3-opengl
+	apt-mark auto python3-pyqt5 python3-qtawesome python3-opengl
 EOF
--- a/stage3/01-install-desktop/00-packages
+++ b/stage3/01-install-desktop/00-packages
@@ -1,16 +1,12 @@
 python3-pygame
 python3-tk
 python3-pgzero
 python3-serial
 python3-pip
 python3-numpy
 rc-gui
 tree
 libgl1-mesa-dri libgles1 libgles2-mesa xcompmgr
 geany
 piclone
 python3-twython
 pprompt
 ffmpeg
 vlc
 rpi-imager
 plymouth
--- a/stage3/01-install-desktop/00-packages-nr
+++ b/stage3/01-install-desktop/00-packages-nr
@@ -1,2 +1 @@
-pi-package
+gnome-session gnome-shell libpam-gnome-keyring gnome-control-center gnome-software network-manager-gnome pulseaudio gnome-terminal gnome-online-accounts gnome-initial-setup gnome-tweaks gnome-shell-extension-no-annoyance gnome-shell-extension-manager gnome-shell-extension-gsconnect gnome-shell-extension-dash-to-panel gnome-shell-extension-bluetooth-quick-connect gnome-shell-extension-appindicator gnome-shell-extension-desktop-icons-ng gnome-shell-extensions-extra
 gnome-core gnome-tweaks gnome-shell-extension-no-annoyance gnome-shell-extension-manager gnome-shell-extension-gsconnect gnome-shell-extension-dash-to-panel gnome-shell-extension-bluetooth-quick-connect gnome-shell-extension-appindicator gnome-initial-setup
--- a/stage3/01-install-desktop/01-packages
+++ b/stage3/01-install-desktop/01-packages
--- a/stage3/01-install-desktop/01-packages-arm-only
+++ b/stage3/01-install-desktop/01-packages-arm-only
@@ -0,0 +1 @@
 chillcraftos-plymouth-theme chillcraftos-default-settings hyfetch
--- a/stage3/02-extras/00-run.sh
+++ b/stage3/02-extras/00-run.sh
@@ -1,4 +0,0 @@
 #!/bin/bash -e
 #polkit fixes
 install -m 644 files/polkit-admin.conf "${ROOTFS_DIR}/etc/polkit-1/localauthority.conf.d/51-admin.conf"
--- a/stage3/02-setup-system/00-packages
+++ b/stage3/02-setup-system/00-packages
--- a/stage3/02-setup-system/00-run.sh
+++ b/stage3/02-setup-system/00-run.sh
@@ -0,0 +1,48 @@
 #!/bin/bash -e
 # Create required directorys and profiles for dconf
 mkdir -p "${ROOTFS_DIR}/etc/dconf/profile"
 mkdir -p "${ROOTFS_DIR}/etc/dconf/db/local.d"
 mkdir -p "${ROOTFS_DIR}/etc/dconf/db/gnome-initial-setup.d"
 install -m 644 files/dconf-profile "${ROOTFS_DIR}/etc/dconf/profile/user"
 install -m 644 files/dconf-profile-initial-setup "${ROOTFS_DIR}/etc/dconf/profile/gnome-initial-setup"
 # Configure default GDM3 Session to Xorg
 mkdir -p "${ROOTFS_DIR}/var/lib/gdm"
 on_chroot << EOF
 sed -i 's/#WaylandEnable=false/WaylandEnable=false/' /etc/gdm3/daemon.conf
 touch /var/lib/gdm/run-initial-setup
 EOF
 # polkit fixes
 install -m 644 files/polkit-admin.conf "${ROOTFS_DIR}/etc/polkit-1/localauthority.conf.d/51-admin.conf"
 # Include custom vendor file for gnome-inital-setup
 mkdir -p "${ROOTFS_DIR}/usr/share/gnome-initial-setup/"
 install -m 644 files/vendor.conf "${ROOTFS_DIR}/usr/share/gnome-initial-setup/"
 # Set default gnome-extensions
 install -m 644 files/gnome-extensions "${ROOTFS_DIR}/etc/dconf/db/local.d/00-extensions"
 # Install wallpapers
 mkdir -p "${ROOTFS_DIR}/usr/local/share/backgrounds"
 install -m 644 files/loveimage.png "${ROOTFS_DIR}/usr/local/share/backgrounds/loveimage.png"
 install -m 644 files/neon-forest.png "${ROOTFS_DIR}/usr/local/share/backgrounds/neon-forest.png"
 # Set default settings (gnome-initial-setup)
 install -m 644 files/gnome-initial-setup "${ROOTFS_DIR}/etc/dconf/db/gnome-initial-setup.d/00-default-settings"
 # Set default gnome settings
 install -m 644 files/gnome-default-settings "${ROOTFS_DIR}/etc/dconf/db/local.d/00-default-settings"
 # Update all dconf databases
 on_chroot << EOF
 dconf update
 EOF
 # Remove setup user (only if it's not a system account)
 on_chroot << EOF
 if [ "${FIRST_USER_ISSYSTEM}" = "false" ]; then
    deluser --remove-home --remove-all-files ${FIRST_USER_NAME}
 fi
 EOF
--- a/stage3/02-setup-system/01-run-arm-only.sh
+++ b/stage3/02-setup-system/01-run-arm-only.sh
@@ -0,0 +1,11 @@
 #!/bin/bash -e
 # Enable xcompmgr
 on_chroot << EOF
    raspi-config nonint do_xcompmgr 0
 EOF
 # Pi-Apps (this is a bash script that installs pi-apps when the user runs it, then gets overwritten by the actual pi-apps)
 install -m 755 files/pi-apps "${ROOTFS_DIR}/usr/bin/pi-apps"
 install -m 755 files/pi-apps.desktop "${ROOTFS_DIR}/usr/share/applications/pi-apps.desktop"
 install -m 644 files/pi-apps-logo.png "${ROOTFS_DIR}/usr/share/icons/hicolor/256x256/apps/pi-apps.png"
--- a/stage3/02-setup-system/files/dconf-profile
+++ b/stage3/02-setup-system/files/dconf-profile
@@ -0,0 +1,2 @@
 user-db:user
 system-db:local
--- a/stage3/02-setup-system/files/dconf-profile-initial-setup
+++ b/stage3/02-setup-system/files/dconf-profile-initial-setup
@@ -0,0 +1,2 @@
 user-db:user
 system-db:gnome-initial-setup
--- a/stage3/02-setup-system/files/gnome-default-settings
+++ b/stage3/02-setup-system/files/gnome-default-settings
@@ -0,0 +1,10 @@
 [org/gnome/desktop/interface]
 gtk-theme='Adwaita-dark'
 color-scheme='prefer-dark'
 [org/gnome/desktop/background]
 picture-uri='file:///usr/local/share/backgrounds/neon-forest.png'
 picture-uri-dark='file:///usr/local/share/backgrounds/neon-forest.png'
 picture-options='spanned'
 primary-color='000000'
 secondary-color='FFFFFF'
--- a/stage3/02-setup-system/files/gnome-extensions
+++ b/stage3/02-setup-system/files/gnome-extensions
@@ -0,0 +1,2 @@
 [org/gnome/shell]
 enabled-extensions=['dash-to-panel@jderose9.github.com', 'ding@rastersoft.com', 'noannoyance@daase.net', 'ubuntu-appindicators@ubuntu.com', 'user-themes@gnome-shell-extensions.gcampax.github.com', 'no-overview@fthx']
--- a/stage3/02-setup-system/files/gnome-initial-setup
+++ b/stage3/02-setup-system/files/gnome-initial-setup
@@ -0,0 +1,8 @@
 # This file changes the wallpaper in the gnome-initial-setup session
 [org/gnome/desktop/background]
 picture-uri='file:///usr/local/share/backgrounds/loveimage.png'
 picture-options='zoom'
 [org/gnome/desktop/screensaver]
 picture-uri='file:///usr/local/share/backgrounds/loveimage.png'
--- a/stage3/02-setup-system/files/loveimage.png
+++ b/stage3/02-setup-system/files/loveimage.png
--- a/stage3/02-setup-system/files/neon-forest.png
+++ b/stage3/02-setup-system/files/neon-forest.png
--- a/stage3/02-setup-system/files/pi-apps
+++ b/stage3/02-setup-system/files/pi-apps
@@ -0,0 +1,194 @@
 #!/bin/bash
 # Check if ~/pi-apps or /usr/local/bin/pi-apps exists
 if [ -d ~/pi-apps ] || [ -f /usr/local/bin/pi-apps ]; then
  # Run the users pi-apps instead of installing it
  /usr/local/bin/pi-apps
  exit 0
 fi
 function error {
  echo -e "\e[91m$1\e[39m"
  exit 1
 }
 cd "$HOME"
 #ensure non-root
 if [[ "$(id -u)" == 0 ]]; then
  error "Pi-Apps is not designed to be installed as root! Please try again as a regular user."
 fi
 #ensure debian
 command -v apt >/dev/null || error "apt: command not found. Most likely this system is not running Debian."
 #Ensure running arm processor
 if uname -m | grep -qi 'x86\|i686\|i386' ;then
  error "Pi-Apps is not supported on non-ARM CPU architectures. We encourage you to use your distro's app store, like Gnome Software or Discover Software Center."
 fi
 sudo apt update || error "The command 'sudo apt update' failed. Before Pi-Apps will work, you must fix your apt package-management system."
 #install dependencies
 dependencies='yad curl wget aria2 lsb-release software-properties-common apt-utils apt-transport-https gnupg imagemagick bc librsvg2-bin locales shellcheck git wmctrl xdotool x11-utils rsync unzip debsums libgtk3-perl bzip2'
 if ! dpkg -s $dependencies &>/dev/null ;then
  sudo apt install $dependencies -y -f --no-install-recommends || error "Pi-Apps dependencies failed to install and so the Pi-Apps install has been aborted. Before Pi-Apps can be installed you must solve any errors above."
 fi
 #remove annoying "YAD icon browser" launcher
 sudo rm -f /usr/share/applications/yad-icon-browser.desktop
 #download pi-apps if folder missing
 DIRECTORY="$(readlink -f "$(dirname "$0")")"
 if [ -z "$DIRECTORY" ] || [ "$DIRECTORY" == "$HOME" ] || [ "$DIRECTORY" == bash ] || [ ! -f "${DIRECTORY}/api" ] || [ ! -f "${DIRECTORY}/gui" ];then
  DIRECTORY="$HOME/pi-apps"
 fi
 downloaded=0 #track if pi-apps was downloaded this time
 #Re-download pi-apps folder in all cases if pi-apps already exists
 #users expect to use the install script to "restore" a working pi-apps install in incase their local version is somehow not working or corrupted
 if [ -d "$DIRECTORY" ];then    
  rm -rf ~/pi-apps-forced-update
  echo "Reinstalling Pi-Apps..."
  downloaded=1
  output="$(git clone --depth 1 https://github.com/Botspot/pi-apps ~/pi-apps-forced-update 2>&1)"
  if [ $? != 0 ] || [ ! -d "$DIRECTORY" ];then
    error "Pi-Apps download failed!\ngit clone output was: $output"
  fi
  cp -af "${DIRECTORY}/data" ~/pi-apps-forced-update
  cp -af "${DIRECTORY}/apps" ~/pi-apps-forced-update
  rm -rf "$DIRECTORY"
  mv -f ~/pi-apps-forced-update "$DIRECTORY"
 #if pi-apps folder does not exist, download it
 elif [ ! -d "$DIRECTORY" ];then
  echo "Downloading Pi-Apps..."
  downloaded=1
  output="$(git clone --depth 1 https://github.com/Botspot/pi-apps "$DIRECTORY" 2>&1)"
  if [ $? != 0 ] || [ ! -d "$DIRECTORY" ];then
    error "Pi-Apps download failed!\ngit clone output was: $output"
  fi
  #click new installation analytics link
  "${DIRECTORY}/api" shlink_link script install
 fi
 #Past this point, DIRECTORY variable populated with valid pi-apps directory
 #if ChromeOS, install lxterminal
 if command -v garcon-terminal-handler >/dev/null ;then
  echo "In order to install apps on ChromeOS, a working terminal emulator is required.
 Installing lxterminal in 10 seconds... (press Ctrl+C to cancel)"
  sleep 10
  sudo apt install -yf lxterminal || error "Failed to install lxterminal on ChromeOS!"
 fi
 #menu button
 if [ ! -f ~/.local/share/applications/pi-apps.desktop ];then
  echo "Creating menu button..."
 fi
 mkdir -p ~/.local/share/applications
 if [ -f /etc/xdg/menus/lxde-pi-applications.menu ];then #If on PiOS, place launcher in Accessories as it has always been there and is more intuitive there
 echo "[Desktop Entry]
 Name=Pi-Apps
 Comment=Raspberry Pi App Store for open source projects
 Exec=${DIRECTORY}/gui
 Icon=${DIRECTORY}/icons/logo.png
 Terminal=false
 StartupWMClass=Pi-Apps
 Type=Application
 Categories=Utility
 StartupNotify=true" > ~/.local/share/applications/pi-apps.desktop
 else #if not on PiOS, place launcher in Preferences to match the wider decision of putting app installers there (see PR #2388)
 echo "[Desktop Entry]
 Name=Pi-Apps
 Comment=Raspberry Pi App Store for open source projects
 Exec=${DIRECTORY}/gui
 Icon=${DIRECTORY}/icons/logo.png
 Terminal=false
 StartupWMClass=Pi-Apps
 Type=Application
 Categories=Utility;System;PackageManager;
 StartupNotify=true" > ~/.local/share/applications/pi-apps.desktop
 fi
 chmod 755 ~/.local/share/applications/pi-apps.desktop
 gio set ~/.local/share/applications/pi-apps.desktop "metadata::trusted" yes
 #copy menu button to Desktop
 mkdir -p ~/Desktop
 cp -f ~/.local/share/applications/pi-apps.desktop ~/Desktop/
 chmod 755 ~/Desktop/pi-apps.desktop
 gio set ~/Desktop/pi-apps.desktop "metadata::trusted" yes
 #copy icon to local icons directory (necessary on some wayland DEs like on PiOS Wayfire)
 mkdir -p ~/.local/share/icons
 cp -f ${DIRECTORY}/icons/logo.png ~/.local/share/icons/pi-apps.png
 cp -f ${DIRECTORY}/icons/settings.png ~/.local/share/icons/pi-apps-settings.png
 #settings menu button
 if [ ! -f ~/.local/share/applications/pi-apps-settings.desktop ];then
  echo "Creating Settings menu button..."
 fi
 echo "[Desktop Entry]
 Name=Pi-Apps Settings
 Comment=Configure Pi-Apps or create an App
 Exec=${DIRECTORY}/settings
 Icon=${DIRECTORY}/icons/settings.png
 Terminal=false
 StartupWMClass=Pi-Apps-Settings
 Type=Application
 Categories=Settings;
 StartupNotify=true" > ~/.local/share/applications/pi-apps-settings.desktop
 if [ ! -f ~/.config/autostart/pi-apps-updater.desktop ];then
  echo "Creating autostarted updater..."
 fi
 mkdir -p ~/.config/autostart
 echo "[Desktop Entry]
 Name=Pi-Apps Updater
 Exec=${DIRECTORY}/updater onboot
 Icon=${DIRECTORY}/icons/logo.png
 Terminal=false
 StartupWMClass=Pi-Apps
 Type=Application
 X-GNOME-Autostart-enabled=true
 Hidden=false
 NoDisplay=false" > ~/.config/autostart/pi-apps-updater.desktop
 mkdir -p "${DIRECTORY}/data/status" "${DIRECTORY}/data/update-status" \
  "${DIRECTORY}/data/preload" "${DIRECTORY}/data/settings" \
  "${DIRECTORY}/data/status" "${DIRECTORY}/data/update-status" \
  "${DIRECTORY}/data/categories"
 #pi-apps terminal command
 if [ ! -f /usr/local/bin/pi-apps ] || ! cat /usr/local/bin/pi-apps | grep -q "${DIRECTORY}/gui" ;then
  echo "#!/bin/bash
 ${DIRECTORY}/gui"' "$@"' | sudo tee /usr/local/bin/pi-apps >/dev/null
  sudo chmod +x /usr/local/bin/pi-apps
 fi
 #check if system is broken
 errors="$("${DIRECTORY}/api" is_supported_system)" || error "$errors"
 #preload app list
 if [ ! -f "$DIRECTORY/data/preload/LIST-" ];then
  echo "Preloading app list..."
 fi
 "${DIRECTORY}/preload" yad &>/dev/null
 #Run runonce entries
 "${DIRECTORY}/etc/runonce-entries" &>/dev/null
 #Determine message of the day. If announcements file missing or over a day old, download it.
 if [ ! -f "${DIRECTORY}/data/announcements" ] || [ ! -z "$(find "${DIRECTORY}/data/announcements" -mtime +1 -print)" ]; then
  wget https://raw.githubusercontent.com/Botspot/pi-apps-announcements/main/message -qO "${DIRECTORY}/data/announcements"
 fi
 if [ $downloaded == 1 ];then
  echo "Installation complete. Pi-Apps can be launched from the start menu or by running the command 'pi-apps'."
  echo "Further explanation for how to use Pi-Apps can be found on our getting started webpage: https://pi-apps.io/wiki/getting-started/running-pi-apps/"
 else
  echo -e "Please note that Pi-Apps has NOT been freshly downloaded, because $DIRECTORY already exists."
 fi
--- a/stage3/02-setup-system/files/pi-apps-logo.png
+++ b/stage3/02-setup-system/files/pi-apps-logo.png
--- a/stage3/02-setup-system/files/pi-apps.desktop
+++ b/stage3/02-setup-system/files/pi-apps.desktop
@@ -0,0 +1,10 @@
 [Desktop Entry]
 Name=Pi-Apps
 Comment=Raspberry Pi App Store for open source projects
 Exec=/usr/bin/pi-apps
 Icon=/usr/share/icons/hicolor/256x256/apps/pi-apps.png
 Terminal=false
 StartupWMClass=Pi-Apps
 Type=Application
 Categories=Utility;System;PackageManager;
 StartupNotify=true
--- a/stage3/02-setup-system/files/polkit-admin.conf
+++ b/stage3/02-setup-system/files/polkit-admin.conf
--- a/stage3/02-setup-system/files/vendor.conf
+++ b/stage3/02-setup-system/files/vendor.conf
@@ -0,0 +1,5 @@
 [pages]
 # Pages to show when a user already exists
 existing_user_only=language;keyboard;timezone;goa;
 # Only show the following pages in a 'first boot' situation
 new_user_only=welcome;language;keyboard;timezone;account;network;privacy;goa;
--- a/stage3/04-enable-xcompmgr/00-run.sh
+++ b/stage3/04-enable-xcompmgr/00-run.sh
@@ -1,5 +0,0 @@
 #!/bin/bash -e
 on_chroot << EOF
 	raspi-config nonint do_xcompmgr 0
 EOF
--- a/stage3/05-print-support/00-packages
+++ b/stage3/05-print-support/00-packages
@@ -1,2 +0,0 @@
 cups
 system-config-printer
--- a/stage3/05-print-support/01-run.sh
+++ b/stage3/05-print-support/01-run.sh
@@ -1,5 +0,0 @@
 #!/bin/bash -e
 on_chroot <<EOF
 adduser "$FIRST_USER_NAME" lpadmin
 EOF
--- a/stage3/05-setup/00-run.sh
+++ b/stage3/05-setup/00-run.sh
@@ -1,17 +0,0 @@
 #!/bin/bash -e
 # Include custom vendor file for gnome-inital-setup
 mkdir -p "${ROOTFS_DIR}/usr/share/gnome-initial-setup/"
 install -m 644 files/vendor.conf "${ROOTFS_DIR}/usr/share/gnome-initial-setup/"
 # Configure default GDM3 Session to Xorg
 on_chroot << EOF
 sed -i 's/#WaylandEnable=false/WaylandEnable=false/' /etc/gdm3/daemon.conf
 mkdir -p /var/lib/gdm
 touch /var/lib/gdm/run-initial-setup
 EOF
 # Remove setup user (chill) [This allows for the user to be created in the first boot from the gnome-initial-setup]
 on_chroot << EOF
 deluser --remove-home --remove-all-files ${FIRST_USER_NAME}
 EOF
--- a/stage3/05-setup/files/vendor.conf
+++ b/stage3/05-setup/files/vendor.conf
@@ -1,5 +0,0 @@
 [pages]
 # Pages to show when a user already exists
 existing_user_only=language;keyboard;timezone;goa;
 # Only show the privacy page in the 'first boot' situation
 new_user_only=welcome;language;keyboard;network;account;privacy;
Author	SHA1	Message	Date
oxmc	8b1d5f1036	Update stage3/02-setup-system/00-run.sh	2025-08-04 17:42:22 -07:00
oxmc	1849783ab8	Update stage3/02-setup-system/files/gnome-initial-setup	2025-08-04 17:40:35 -07:00
oxmc	b32e346236	Change file name	2025-08-04 17:23:17 -07:00
oxmc	9b01cbfa7c	Add stage3/02-setup-system/files/00-gnome-initial-setup	2025-08-04 17:18:24 -07:00
oxmc	5b05d0673c	Add stage3/02-setup-system/files/dconf-profile-initial-setup	2025-08-04 17:16:40 -07:00
oxmc	bf30850a77	Remove packages	2025-08-04 16:50:40 -07:00
oxmc	2ea82d2ee1	Change deafult wallpaper	2025-08-04 16:47:01 -07:00
oxmc	6128c46c4d	Update stage3/02-setup-system/00-run.sh	2025-08-04 16:46:32 -07:00
oxmc	89be64a2a5	Add new background option	2025-08-04 16:46:01 -07:00
oxmc7769	16dea534b1	ISO work	2025-07-30 11:22:48 -07:00
oxmc7769	468ddd3807	Stable OS release with recovery partition	2025-05-13 06:36:48 -07:00
oxmc7769	cac89696cc	Fix rootfs issue	2025-04-29 00:01:36 -07:00
oxmc7769	fcab0c9c55	Test	2025-04-28 13:32:56 -07:00
oxmc7769	a8f91e1c53	change align size	2025-04-28 13:28:07 -07:00
oxmc7769	f34889a405	debugging	2025-04-28 13:15:39 -07:00
oxmc7769	b5ccc3d937	fix maybe?	2025-04-28 13:10:51 -07:00
oxmc7769	ea16e34aa7	idfk	2025-04-28 12:57:50 -07:00
oxmc7769	ab106ee155	Fiexs, and branch rename	2025-04-28 12:43:11 -07:00
oxmc7769	19c43a6ca7	Fix boot issue	2025-04-28 12:08:37 -07:00
oxmc7769	c89425c3ee	Fix mistake	2025-04-27 19:01:45 -07:00
oxmc7769	33d3efc43d	Remove recovery partition	2025-04-26 16:43:57 -07:00
oxmc7769	cfd3cb2c23	idfk	2025-04-26 16:32:50 -07:00
oxmc7769	1258d4b949	Fix ext4	2025-04-26 16:24:00 -07:00
oxmc7769	23114d61e2	test new part	2025-04-26 16:20:06 -07:00
oxmc7769	f9327e82ae	Attempt to fix resize	2025-04-25 20:30:37 -07:00
oxmc7769	8e2305eb5c	Fix resizefs	2025-04-24 07:45:42 -07:00
oxmc7769	0e97487672	Add a new package	2025-04-24 05:18:57 -07:00
oxmc7769	eba60e9c9f	ARM64, Change files	2025-04-24 03:08:02 -07:00
oxmc7769	39e1107a77	Fixes?	2025-04-24 01:40:34 -07:00
oxmc7769	2f29bd14cc	fix iso- maybe??	2025-04-23 05:09:23 -07:00
oxmc7769	0a607dc211	adjust iso	2025-04-23 04:40:12 -07:00
oxmc7769	b35f58abb8	Adjust iso	2025-04-23 04:24:06 -07:00
oxmc7769	1a6d3aeeed	Fix apt sources	2025-04-23 04:11:43 -07:00
oxmc7769	d4fb8f501d	exclude rpi files #1	2025-04-23 04:01:22 -07:00
oxmc7769	78d95ecb9c	Fix iso	2025-04-23 03:58:15 -07:00
oxmc7769	3c059bd298	Remove arm only EXPORT_IMAGE check	2025-04-23 03:54:33 -07:00
oxmc7769	c490b84a0d	fixes	2025-04-23 03:49:48 -07:00
oxmc7769	4eeb56df72	package adjustment	2025-04-23 03:38:39 -07:00
oxmc7769	0b4fff6272	AMD tweak 1	2025-04-23 03:17:14 -07:00
oxmc7769	a03e3afc9d	AMD support part 2	2025-04-23 03:08:09 -07:00
oxmc7769	f38d992317	Add back build.sh (whoops)	2025-04-22 22:36:38 -07:00
oxmc7769	dc04dc1780	AMD fix 1	2025-04-22 22:35:19 -07:00
oxmc7769	374c3ff1a8	Recovery and AMD64 builds?	2025-04-22 18:29:27 -07:00
oxmc7769	90447884e1	set default settings	2025-04-04 04:02:50 -07:00
oxmc7769	b5e19a5623	Add splash	2025-03-31 03:29:23 -07:00
oxmc7769	364abef5a5	Update packages	2025-03-25 00:18:00 -07:00
oxmc7769	d30ca2add6	Change a few things	2025-03-24 21:51:32 -07:00
oxmc7769	db12dd270c	Change folder layout	2025-03-24 21:43:17 -07:00
oxmc7769	896a6b9492	Update os-release info	2025-03-24 21:17:50 -07:00
oxmc7769	0b25510108	First full build	2025-03-24 16:35:33 -07:00
		`@@ -0,0 +1,3 @@`
							`#!/bin/bash -e`

							`install -m 644 files/resolv.conf "${ROOTFS_DIR}/etc/"`
		`@@ -0,0 +1,2 @@`
							`firefox rpi-firefox-mods libwidevinecdm0`
							`gldriver-test`
`@@ -1,2 +1 @@`
	`pi-package`	`gnome-session gnome-shell libpam-gnome-keyring gnome-control-center gnome-software network-manager-gnome pulseaudio gnome-terminal gnome-online-accounts gnome-initial-setup gnome-tweaks gnome-shell-extension-no-annoyance gnome-shell-extension-manager gnome-shell-extension-gsconnect gnome-shell-extension-dash-to-panel gnome-shell-extension-bluetooth-quick-connect gnome-shell-extension-appindicator gnome-shell-extension-desktop-icons-ng gnome-shell-extensions-extra`
	`gnome-core gnome-tweaks gnome-shell-extension-no-annoyance gnome-shell-extension-manager gnome-shell-extension-gsconnect gnome-shell-extension-dash-to-panel gnome-shell-extension-bluetooth-quick-connect gnome-shell-extension-appindicator gnome-initial-setup`
		`@@ -0,0 +1 @@`
							`chillcraftos-plymouth-theme chillcraftos-default-settings hyfetch`
		`@@ -0,0 +1,2 @@`
							`user-db:user`
							`system-db:gnome-initial-setup`
		`@@ -0,0 +1,2 @@`
							`[org/gnome/shell]`
							`enabled-extensions=['dash-to-panel@jderose9.github.com', 'ding@rastersoft.com', 'noannoyance@daase.net', 'ubuntu-appindicators@ubuntu.com', 'user-themes@gnome-shell-extensions.gcampax.github.com', 'no-overview@fthx']`