Flashing and Patitioning

Raspbery-Pi-Setup.md

@@ -35,12 +35,52 @@ This guide is build on following hardware:
 
 > [!IMPORTANT]  
 >  - Throughout this guide, the username **carplay** will be used for the Raspberry Pi user account. You need to adjust commands if you are using different one.
-
 # 0 Story
 
 # 1 Flashing
+Download and install [Raspberry Pi Imager](https://www.raspberrypi.com/software/). Open it and choose your Raspberry Pi model.
+![Flashing 1](pictures/rpi-flash1.png)
+Choose **Raspberry Pi OS (other)** and select **Raspberry Pi OS Lite (32-bit)**. This provides a minimal Debian-based system with lower memory footprint.
+![Flashing 2](pictures/rpi-flash2.png)
+Select the target micro-SD card you have inserted.
+![Flashing 3](pictures/rpi-flash3.png)
+> [!NOTE]  
+> There was a bug with **Customisation** step at the version 2.0.0 that do not create user properly. If customisation is working, set up hostname and locale as needed. Define the username and password. We will connect RPI directly to screen and keyboard and configure networking manually later, so leave the **Wi-Fi** section empty settings empty. 
+> SSH also can be enabled so you can connect to the device later. Password authentication is sufficient for basic use and avoids managing key files, though public key authentication provides stronger security. In this setup the system won’t be connected to the internet except when manually managed or updated, so password authentication is sufficient.
 
+Skip customisation step to set up accounts and locales on first boot.
+![Flashing 4](pictures/rpi-flash4.png)
+Review the configuration and write the image to the SD card. Wait for the process to finish.
+![Flashing 5](pictures/rpi-flash5.png)
 # 2 Partitioning
+> [!NOTE]  
+>This optional step prepares the system for an overlay filesystem, allowing the core system to run in read-only mode while keeping the user directory writable. It also creates a Linux swap partition. If you don’t need an overlay setup, you can skip this and boot the Pi normally. The SD card partitions will be expanded automatically on first boot.
+
+In this step we create additional SD-card partitions for **swap** and the **home folder**. This allows the OS partition to run in read-only mode using an **overlay filesystem**, reducing write operations and improving stability and protection. At the same time, data can still be written to **/home** without disabling the overlay for persistent files or frequent updates.
+## Partitioning with gparted
+You will need a Linux machine or a virtual machine running any Linux distribution. Install **gparted** on your system (use apt on Debian-based systems):
+``` shell
+sudo apt install gparted
+```
+> [!IMPORTANT]  
+You need to perform partitioning after flashing the image to the SD card. On the first boot, RPI OS will expand the initial partition to fill the SD card, and shrinking it afterward is more complicated and risky.
+
+Plug your SD card in, or attach it to the virtual machine. Open **gparted** and select the SD card. You should see the **bootfs** and **rootfs** partitions, followed by free space.
+
+**bootfs** contains the bootloader and firmware files needed for the system to start. **rootfs** holds the main filesystem with the OS and applications.
+![Partitioning 1](pictures/rpi-partition1.png)
+First, increase the size of **rootfs**. Open *Partition* → *Resize/Move* and set the new partition size. About 8 GB is sufficient for a minimal setup.
+![Partitioning 2](pictures/rpi-partition2.png)
+Next, create a partition for **/home**. Choose *Partition* → *New* and set *Free space following* for swap (at least 512 MB on an RPI Zero 2W). Set the filesystem to **ext4**, enter a label such as **home**.
+![Partitioning 3](pictures/rpi-partition3.png)
+Finally, create the swap partition using the remaining unallocated space. Use *Partition* → *New*,  choose the **linux-swap** filesystem type and enter a label such as **swap**.
+![Partitioning 4](pictures/rpi-partition4.png)
+Review the changes and apply them
+![Partitioning 5](pictures/rpi-partition5.png)
+## First boot
+
+## Mount partitions
+
 
 # 3 WPA-Supplicant
 
@@ -58,34 +98,35 @@ This guide is build on following hardware:
 
 # 10 Wifi scripts
 > [!TIP]
-> Our setup do not require wifi, so we want to manually turn on wifi connection if we need to install updates or make a hotspot to connect to RPI to see logs or control something without internet access.
-> To solve this we will make 2 scripts:
+> Our setup does not require a constant Wi-Fi connection, so we will manually enable Wi-Fi only when needed to install updates or create a hotspot to access the Pi for logs or control without internet.
+> To achieve this, we will create two scripts:
 > - Connect to wifi using WPA Supplicant (step 3)
 > - Start wifi hot spot using hostapd with DHCP service using dnsmasq. 
 > 
-> Also we will add those scripts to JWM (step 5) mouse menu for fast access.
+> Additionally, we will add these scripts to the JWM mouse menu (step 5) for quick access.
 
-Our scripts will live in /opt/scripts directory. First we need to create it
+The scripts will be stored in the `/opt/scripts` directory. First, create this directory:
 ``` shell
 sudo mkdir /opt/scripts
 ```
 ## WIFI hotspot with DHCP
-We will use **hostapd** for hotspot configuration and **dnsmasq** for providing DHCP address for clients. First we need to install both of them.
+We will use **hostapd** to configure the hotspot and **dnsmasq** to provide DHCP addresses to connected clients. First, install both packages:
 ``` shell
 sudo apt install dnsmasq
 sudo apt install hostapd
 ```
-Cause we are running things manually we disable dnsmasq from running automatically
+Since we will run these services manually, disable **dnsmasq** from starting automatically and stop it:
 ``` shell
 sudo systemctl disable dnsmasq.service
+sudo systemctl stop dnsmasq
 ```
-Next we need to configure wifi hotspot, so we create configuration file
+Next, configure the Wi-Fi hotspot by creating the hostapd configuration file:
 ``` shell
 sudo nano /etc/hostapd/hostapd.conf
 ```
-Put following content in the file
+Add the following content, adjusting SSID, password and other settings as needed:
 ```
-interface=wlan0
+interface=wlan0 
 driver=nl80211
 ssid=Carplay
 hw_mode=g
@@ -108,7 +149,7 @@ max_num_sta=5
 - **hw_mode** - Operation mode, 802.11g is compatible with most of devices.
 - **channel** - Wifi channel number in the 2.4 GHz band
 - **wmm_enabled** - Controls Wi-Fi Multimedia (WMM), which prioritizes traffic for better Quality of Service (QoS)
-- **auth_algs** - Enables open system authentication for WPA2-PSK setups.
+- **auth_algs** -  Authentication algorithm. Bit field: 1: WPA, 2: WEP, 3: Both. 
 - **wpa** -  Select WPA security protocol version
 - **wpa_passphrase** - Wi-Fi password (must be 8–63 characters)
 - **wpa_key_mgmt** - Key management algorithm for WPA, PSK is suitable for small networks
@@ -116,11 +157,11 @@ max_num_sta=5
 - **country_code** - Specifying the country code ensures compliance with local Wi-Fi regulations
 - **max_num_sta** - Limits the number of connected clients
 
-Next we create a script for our wifi access point.
+Create a script to start and manage the Wi-Fi access point:
 ``` shell
 sudo nano /opt/scripts/enable_ap.sh
 ```
-Put the following into the file. The script will activate wifi, stop any active wifi connections, set up WIFI Access Point according to our configuration with address 10.0.10.1. Next it will run DHCP service that will provide clients with IP addresses in range 10.0.10.2 to 10.0.10.20. We are using & in start commands to make service run in separate process and continue and not block the script.
+The script will enable Wi-Fi, stop any existing connections, and set up the Wi-Fi access point address according to our configuration to 10.0.10.1. It then starts the DHCP service to assign client IPs in the range 10.0.10.2 to 10.0.10.20. The `&` at the end of each start command runs the service in the background in separate process, allowing the script to continue without blocking. Add the following to the file:
 ``` shell
 #!/bin/bash
 
@@ -143,9 +184,9 @@ sudo hostapd /etc/hostapd/hostapd.conf &
 > [!NOTE]  
 > Replace wlan0 with your wireless interface
 
-Finally we need to make script executable
+Finally, make the script executable with:
 ``` shell
-sudo chmod +x /opt/scripts/enable_ap.sh.sh
+sudo chmod +x /opt/scripts/enable_ap.sh
 ```
 
 ## Connect to WIFI with WPA Supplicant
@@ -183,7 +224,7 @@ sudo systemctl disable wpa_supplicant@wlan0.service
 ## Enable SUDO in scripts
 Our scripts are using SUDO which require elevate permissions. Thats require to enter password, but we want to run scripts from menu. So we need to configure our user to run sudo commands without password. There is a way to configure certain commands only, but simple (and less secure) way is to enable everything.
 > [!WARNING]  
-> This might already be enabled on Raspberry Pi OS, so check if you can run those scripts without password
+> This might be already enabled on Raspberry Pi OS, so check if you can run those scripts without password
 
 Create extra configuration for /etc/sudoers
 ``` shell