Blast is the boring linux automatic setup tool. The name is supposed to be an innuendo to YaST, but well... I suppose it sounded better in my head ;-)

Blast can be used to build Debian system images for various targets including Raspberry Pi, live-media, and regular system installations. It is based on GNU Make and debootstrap. It will setup wireless networking, SSH access, and user accounts and it includes modules for preseeding various software configuration options. All configuration options for a system image can be set within a single make file.


There is no real installation proces involved, because blast is just a bunch of Make files. To use it you have to check out the source repository:

~$ git clone

Depending on what systems you want to build you may also need some additional tools to run blast. Here is the debian packages you should install on the host system:


A host configuration is written as a Make file. The repository contains a file named config.example to get you started. The main Makefile should not be edited. Once you have set up a system configuration, e.g. you can start the build process by running

~$ sudo make

The build process needs to be run as root user. This is because we will set up and mount disk images, use debootstrap, chroot into the system environment etc. Employ security measures at your discretion.

Config options

Options that can be used in the make file are:

Choosing the target: iso= subvol= squash= raspi= image=

By setting one, and only one of the following options, you can choose a system type:


Only applies when building a raspi= or image= target. This defaults to 1GB. The image should be large enough to fit all the software you want to install. The image does not need to fill your target medium, and should in fact be no larger than necessary. You can use the autoresize module (see below) to expand an installation to fill its available disk space once the medium is booted for the first time.


One of the architectures available in the debian repos. Default is amd64, which is usually what you want. If you are builing a Raspberry Pi target it is always armhf, regardless of what you choose. The most common case where you need to change this would be when builing for i386. If the target platform is incompatible with your host playform, you will need one of the qemu-*-static binaries to run the installation. qemu-arm-static will be used automatically when builing for Raspberry Pi.


The Debian release you want to install. Still defaults to stretch, so you may want to change this. There is currently a bug in the Debian package scripts for buster, which requires you to restart the make process after the first crash. The Debian installer will crash during the udev installation, once it realises that it runs in a change root environment. If you start blast a second time, it will deploy a workaround and continue the installation. This is a bug in the Debian udev installer scripts. Debian bullseye and sid are not thoroughly tested but should work as well.


Probably the most important option. Takes a list of debian packages you want to install within the system image. This will be added to a list of default packages, and packages installed by various modules. Package names may be separated by whitespace or comma. You can write this list packages = but I recommand using the packages += syntax so you can prepare multiple lines which will be appended to one another.


Comma separated list of modules from the modules/ directory. Modules can contain configuration and setup commands for various use cases. Including a module may enable addisional options for the make file. See the modules documentation below.


The hostname of the target system. A machine will request this as network name and display it in various places like the login dialog, shell prompt, etc. Set this to something you recognize. Use blast, live, or raspi if you cannot think of anything better. You can choose computer names among names from Movies, TV Shows, Rock Bands, Chemical Elements, Greek deities, Spices, Countries, etc. It is up to you.


The root password for the system. If you leave this unset, the root user may not login via password. Other methods of login will still be available. You can use this if you are lazy, but of course the password will appear in plain text in the configuration file. The root password will be automatically hashed using the openssl utility. Note that in the default Debian configuration the root password cannot be used to login via SSH.


A more secure way of providing root credentials. This is a filename of a ssh public key without the .pub file ending. If the file does not exist a key pair will be generated, with the private key in the given file, and the public key in corresponding .pub file. The public key will be deployed to the target system to provide root login.


Comma separated list of user names. A regular (unpriviliged) user account will be created for each user name. The login password will be empty by default. This enables users to login by just pressing the enter key, when prompted for a password. Users can (and should!) set their own password after logging in for the first time. When building a grephical desktop system I recommend including the usermode package, so that users have a graphical tool for changing their login password. Note that SSH refuses to accept empty login passwords in the default configuration.

wifi= wifipass=

Default wifi network and password. If the password is omitted, the system will try to connect to an unencrypted wifi network. With the password set, it will try to connect to a WPA/WPA2 encrypted network. WEP is not supported. The network configuration will be applied using the ifupdown and wireless-tools. Beware that, if the network-manager is installed it may interfere with these settings.


Default time zone, e.g. Europe/Berlin. Defaults to UTC if not set.


Comma separated list of locales, which will be included. The first will be used as the default locale. E.g. de_DE.UTF-8


default keyboard layout, e.g. German, defaults to US, if not set.


Modules can contain configuration and setup commands for various use cases. Including a module may enable addisional options for the make file. Modules are enabled by through the modules= option.


Perform the installation from an Apt-proxy. After the installation is completed the clients apt configuration will be reset to use the regular debian sources. Adds the option approx=.


Adds a script that will resize the clients root file system during the first boot. Useful for RaspberryPi SD-card images.

live be written


Sets up nodm as a login manager, i.e. enable autologin.



Recommended for desktop environments. Sets up a default XFCE desktop environment with a preconfigured desktop bar at the bottom of the screen, consistent theme settings across GTK / QT applications, etc.


Regular Gimp installation with some UI presets like single window mode, etc.


Include and enable driver for Waveshare 4 inch touch display (480x320, connected via GPIO). May work with 3.5inch variant as well.


Include and enable driver for Waveshare 5 inch touch display (800x420, connected via HDMI).