We have upgraded the community system as part of the upgrade a password reset is required for all users before login in.

How to create custom firmware for Onion Omega 2S+

  • Hi. I would like to create a custom version of the onion firmware, but not sure where to start.

    Essentially, I would like to customise the following:

    • change setup screen branding
    • prompt user to change the root password in the setup process
    • add another step to the setup process for user to select from a range of options.
    • disable omega wifi network after setup (by deleting the wwan interface and setting the wifi ssid to hidden)
    • change the default root password
    • run a python script on startup

    Any help would be greatly appreciated.

    P.s. I am probably in over my head with this, so if there are any devs who would be willing to do this for me, I would be willing to pay a small fee.


  • @tom-muscleverse Any of us who need to setup an Omega2 for distribution to customers and/or corporate users need to deal with these issues. The OOTB Omega2 setup uses a load of javascript etc, the files are found in /www you can modify the branding and add additional steps if you want. The source of all of this is on the Onion Github :


    Disabling the wifi AP after setup is complete can easily be achieved by using a hotplug script. The script runs when apcli0 comes up, meaning Wifi is functional. My script just sets a random password for the AP and hides it. This is the basic hotplug script:

    # File:   40-setup
    # Place me in /etc/hotplug.d/iface/40-setup
    echo  "Starting interace hotplug ${DEVICE} Action: ${ACTION} Interface: ${INTERFACE}" >> /tmp/cblog
    if [ "$ACTION" = "ifup" -a "$INTERFACE" = "$WIFI_INTERFACE" ]; then
            echo "IFUP ${DEVICE}" >> /tmp/cblog
            echo "Run script for device: ${DEVICE}" >> /tmp/cblog

    The guts of your setup script is in /etc/myapp/setup.sh and would contain whatever commands you want to be executed. For example, if you want to hide the AP and set a complex password you would use:

    uci set wireless.ap.key='gniyusdfdsfv,a653#0dxzzsfksgf;isyuf'
    uci set wireless.ap.hidden='1'
        uci commit wireless

    The password should of course be randomly generated, and conform to the requirements of WPA2 passwords. Here is a link that describes a range of methods to generate random passwords


    With regard to running a python script on startup, you could include this in your hotplug script, but a more common method is to add the required command to /etc/rc.local

  • @crispyoz

    First up, you are a saint. Thanks so much for responding.

    I still have a few questions if you are willing to answer:

    1. How do I download a copy of the firmware to modify? The github repo you linked seems like just a snapshot of the OS.
    2. What is the best way to mass deploy the software to many onion omega2S+?
    3. Where is the default root password stored? I would like to change it something custom.

    Please bear with me, I am new to this stuff lol.

  • @tom-muscleverse There are a lot of really knowledgeable folks in the Onion community, we've all struggled to kick off our projects so don't be afraid to ask questions. Of course it's great to have another Aussie on board šŸ™‚

    The Omega2 runs OpenWrt which is basically Linux minimised, so a lot of the concepts you want to understand about your Omega2 can be found googling Linux stuff. Now to each of your questions.

    Questions 1 and 2 can be answered together. There are 2 main processes we use to deploy a customised version of the Omega2 firmware. 1) You can use the build system to roll your own version of the firmware; 2) Take an Omega2 and install/remove the required/undesired packages, add your scripts and configurations etc, once you have that device setup as you want to mass deploy, you clone that device to all of the new devices. Each of the two options have their pros and cons which will summarise here.

    Option 1, roll your own firmware: New users without software development experience can find this a bit frustrating sorting out the various dependencies and error messages you need to resolve depending on the machine you are using to build this, the upside is that once you have this up and running you can configure the entire system and add scripts and files, then build a deployable firmware image, specific to your requirements. Importantly a factory reset will reset to your firmware build.

    Onion provide a docker image to get you up and running with your build system quickly. Personally I prefer to install the build system myself. You use the build system on your PC, not on the Omega2 as IoT devices don't have enough capacity nor juice to build this stuff. Then you transfer your firmware to the Omega2 and run the firmware upgrade command: sysupgrade

    Option 2: Set up a single Omega2 as you require, then clone it to multiple devices. Easier to do, but a factory reset will blow away your firmware and install the factory firmware. @Lazar-Demin wrote a great article on how to do this:

    Also look at this thread for some good info:


    Setting up a build system is documented here: https://docs.onion.io/omega2-docs/cross-compiling.html

    I would suggest reading the whole document as it's very well written and provides a great understanding the Omega2 device.

    With regard to question 3. Usernames are in /etc/passwd and their passwords are hashed and stored in /etc/shadow , just like *nix, google shadow password for a more detailed explanation of how and why *nix works this way. You use the command passwd to change your password, don't edit these files.

Looks like your connection to Community was lost, please wait while we try to reconnect.