|
Size: 304
Comment: Won't be able to use artifactory on such a tiny system
|
Size: 3938
Comment: add MAC address
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| * Raspbian on RPi Model 3B+ * debian stretch (9.11) x64 * ansible managed where possible |
* RPi OS Lite 64-bit (Bookworm) on RPi Model 3B+ |
| Line 8: | Line 6: |
| <<TableOfContents>> | |
| Line 9: | Line 8: |
| == local work == | == hardware == |
| Line 11: | Line 10: |
| * Wireguard server to LAN for remote access | {{{ ether b8:27:eb:8c:f4:f8 }}} == network == /etc/dhcpcd.conf uses a static IPv4 address at the bottom? But still apparently comes up like it's DHCP. The IPv6 stuff works at least. {{{ slaac hwaddr interface eth0 static ip_address=192.168.1.24/24 static routers=192.168.1.1 static domain_name_servers=8.8.8.8 1.1.1.1 8.8.4.4 }}} Who even set this up? I don't remember doing it... Edit: it was pihole |
| Line 16: | Line 34: |
| Autoconfigured | Autoconfigured, slaac hwaddr, not externally accessible |
| Line 19: | Line 37: |
| == Ansible == | == services == |
| Line 21: | Line 39: |
| Local repo on filesystem with lots of adhoc code. | * Wireguard server to LAN for remote access * apt cache, will try running this setup for the crappy raspi repo: https://fabianlee.org/2018/02/11/ubuntu-a-centralized-apt-package-cache-using-apt-cacher-ng/ * Pihole DNS server == wireguard == * no notes on install * Proxy ARP enabled in sysctl.conf as per https://wiki.debian.org/BridgeNetworkConnectionsProxyArp {{{ net.ipv4.ip_forward=1 net.ipv4.conf.all.proxy_arp=1 }}} == Pihole == Straightforward basic install, no conflict with other installed services. * Pi-hole DNS (IPv4): 192.168.1.24 * Pi-hole DNS (IPv6): 2404:e80:42e3:0:ba27:ebff:fe8c:f4f8 Admin UI at https://pihole-backup.thighhighs.top/admin/ TLS works \o/ https://discourse.pi-hole.net/t/enabling-https-for-your-pi-hole-web-interface/5771/17 == Disable wifi and bluetooth on RPi == I'm using asval as a network appliance, so I don't need the radios. https://sleeplessbeastie.eu/2018/12/31/how-to-disable-onboard-wifi-and-bluetooth-on-raspberry-pi-3/ 1. Edit your /boot/config.txt and add: {{{ dtoverlay=disable-wifi dtoverlay=disable-bt }}} * The linked page above uses pi3-disable-foo, which are deprecated names 1. Disable hciuart daemon used for bluetooth modem access {{{ systemctl disable --now hciuart }}} == RTC module == I've installed the Jaycar XC-9044 RPi realtime clock RTC, it's apparently a good clock chip with a little battery (or something). Most models using this chip have a spot for a watch battery, but this one has a tiiiiny little thing soldered on the board. I hope it's decent. 1. Physically install the module on the 3V3 plus I2C pins 1. Enable i2c with raspi-config, or do it yourself * Comment out any blacklist entries for i2c[-_]bcm2708 in /etc/modprobe.d/raspi-blacklist.conf * Add `i2c-dev` to /etc/modules * `dtparam=i2c_arm=on` in /boot/config.txt * Activate it now, `modprobe i2c-dev` 1. Install packages {{{ apt install python-smbus i2c-tools }}} 1. Reboot now to detect it 1. Detect the device on i2c bus: `i2cdetect -y 1` * Should appear at 0x68 1. Enable the kernel driver for it, or something, by adding a devicetree overlay * Append to end of /boot/config.txt {{{ dtoverlay=i2c-rtc,ds3231 }}} 1. Reboot again 1. Again detect the device on i2c bus: i2cdetect -y 1 * Should appear at 0x68, BUT with "UU" at the address 1. Remove the fake hardware clock {{{ systemctl disable fake-hwclock apt purge fake-hwclock }}} 1. In theory everything just works now thanks to a udev rule * https://www.raspberrypi.org/forums/viewtopic.php?t=209700 * /lib/udev/rules.d/85-hwclock.rules * KERNEL=="rtc0", RUN+="/sbin/hwclock --rtc=$root/$name --hctosys" * "Set the system time from RTC and set the kernel TZ to the local timezone when the kernel clock module is loaded" 1. Your NTP daemon will handle writing the system clock back to the HW clock periodically. chrony is great, or you can use the simple systemd-timesyncd: https://www.raspberrypi.org/forums/viewtopic.php?t=200385 * Purge chrony so that timesyncd will activate itself, and configure it in /etc/systemd/timesyncd.conf {{{ [Time] NTP=ntp.on.net ntp.ubuntu.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org }}} |
asval
- RPi OS Lite 64-bit (Bookworm) on RPi Model 3B+
- located at home
Contents
hardware
ether b8:27:eb:8c:f4:f8
network
/etc/dhcpcd.conf uses a static IPv4 address at the bottom? But still apparently comes up like it's DHCP. The IPv6 stuff works at least.
slaac hwaddr interface eth0 static ip_address=192.168.1.24/24 static routers=192.168.1.1 static domain_name_servers=8.8.8.8 1.1.1.1 8.8.4.4
Who even set this up? I don't remember doing it...
Edit: it was pihole
IPv6
Autoconfigured, slaac hwaddr, not externally accessible
services
- Wireguard server to LAN for remote access
apt cache, will try running this setup for the crappy raspi repo: https://fabianlee.org/2018/02/11/ubuntu-a-centralized-apt-package-cache-using-apt-cacher-ng/
- Pihole DNS server
wireguard
- no notes on install
Proxy ARP enabled in sysctl.conf as per https://wiki.debian.org/BridgeNetworkConnectionsProxyArp
net.ipv4.ip_forward=1 net.ipv4.conf.all.proxy_arp=1
Pihole
Straightforward basic install, no conflict with other installed services.
- Pi-hole DNS (IPv4): 192.168.1.24
- Pi-hole DNS (IPv6): 2404:e80:42e3:0:ba27:ebff:fe8c:f4f8
Admin UI at https://pihole-backup.thighhighs.top/admin/
TLS works \o/ https://discourse.pi-hole.net/t/enabling-https-for-your-pi-hole-web-interface/5771/17
Disable wifi and bluetooth on RPi
I'm using asval as a network appliance, so I don't need the radios.
https://sleeplessbeastie.eu/2018/12/31/how-to-disable-onboard-wifi-and-bluetooth-on-raspberry-pi-3/
Edit your /boot/config.txt and add:
dtoverlay=disable-wifi dtoverlay=disable-bt
- The linked page above uses pi3-disable-foo, which are deprecated names
Disable hciuart daemon used for bluetooth modem access
systemctl disable --now hciuart
RTC module
I've installed the Jaycar XC-9044 RPi realtime clock RTC, it's apparently a good clock chip with a little battery (or something). Most models using this chip have a spot for a watch battery, but this one has a tiiiiny little thing soldered on the board. I hope it's decent.
- Physically install the module on the 3V3 plus I2C pins
- Enable i2c with raspi-config, or do it yourself
- Comment out any blacklist entries for i2c[-_]bcm2708 in /etc/modprobe.d/raspi-blacklist.conf
Add i2c-dev to /etc/modules
dtparam=i2c_arm=on in /boot/config.txt
Activate it now, modprobe i2c-dev
Install packages
apt install python-smbus i2c-tools
- Reboot now to detect it
Detect the device on i2c bus: i2cdetect -y 1
- Should appear at 0x68
- Enable the kernel driver for it, or something, by adding a devicetree overlay
Append to end of /boot/config.txt
dtoverlay=i2c-rtc,ds3231
- Reboot again
- Again detect the device on i2c bus: i2cdetect -y 1
- Should appear at 0x68, BUT with "UU" at the address
Remove the fake hardware clock
systemctl disable fake-hwclock apt purge fake-hwclock
- In theory everything just works now thanks to a udev rule
- /lib/udev/rules.d/85-hwclock.rules
- KERNEL=="rtc0", RUN+="/sbin/hwclock --rtc=$root/$name --hctosys"
- "Set the system time from RTC and set the kernel TZ to the local timezone when the kernel clock module is loaded"
Your NTP daemon will handle writing the system clock back to the HW clock periodically. chrony is great, or you can use the simple systemd-timesyncd: https://www.raspberrypi.org/forums/viewtopic.php?t=200385
Purge chrony so that timesyncd will activate itself, and configure it in /etc/systemd/timesyncd.conf
[Time] NTP=ntp.on.net ntp.ubuntu.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org