= vector = * RPi Model 4 (aarch64, 4-core, 4gb RAM) * RPi OS Lite 64-bit (Bookworm) * LAN MAC `e4:5f:01:1c:c6:ea` * WLAN MAC `e4:5f:01:1c:c6:eb` * located at home <> == Build notes == This is the most generic stuff to do for initial setup, before tweaking it to a specific use. === OS imaging === Using the Raspberry Pi Imager app, start with '''RPi OS Lite 64-bit''', suitable for the RPi 3B+ It lets you make some customisations before flashing, which is really nice: * Set hostname to '''vector''' * Enable SSH * Password auth, make a new secure password and record it in 1Password * Set username and password * `furinkan // ` * No WLAN * Set locale to Australia/Sydney, us keyboard * Disable telemetry Prepare DHCP server with static address for the LAN MAC address. Put in the card and let it boot, should be fairly quick. === First login === 1. Login as `furinkan@vector` and copy your SSH key there {{{ ssh-copy-id furinkan@vector }}} 1. sudo up and copy your SSH key to root's account as well {{{ sudo -i ssh-keygen -t ed25519 touch ~/.ssh/authorized_keys chmod 0600 ~/.ssh/authorized_keys cat ~furinkan/.ssh/authorized_keys >> ~/.ssh/authorized_keys }}} 1. Login again directly as root 1. Set the hostname with domain as well now {{{ hostnamectl set-hostname vector.thighhighs.top }}} 1. Install base packages {{{ apt update apt install -y vim git screen ack apt autoremove apt full-upgrade -y }}} 1. More packages {{{ apt install wget curl net-tools jq make mlocate elinks nmap whois updatedb reboot }}} 1. Edit `/etc/pam.d/sshd` and remove `user_readenv=1`, this will keep the logs tidy 1. Disable HashKnownHosts for SSH client {{{ echo -e "Host *\n HashKnownHosts no" > /etc/ssh/ssh_config.d/20-disable-hashknownhosts.conf }}} 1. Configure shell * Edit `/root/.bashrc` to enable colours * Set the default editor to vim.basic: {{{ update-alternatives --config editor }}} * Add shell history timestamping {{{ cat <> ~/.bashrc # Timestamped shell FTW export HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' EOF }}} 1. Configure vim {{{ cat < ~/.vimrc set nocompatible syntax on set background=dark set hlsearch set modeline set scrolloff=3 EOF }}} === Disable wifi and bluetooth and other stuff === I'm using vector as a network appliance, so I don't need the radios: https://sleeplessbeastie.eu/2022/06/01/how-to-disable-onboard-wifi-and-bluetooth-on-raspberry-pi-4/ 1. Add dtoverlays to your `/boot/config.txt` to disable the radios: {{{ cat <> /boot/config.txt dtoverlay=disable-wifi dtoverlay=disable-bt EOF }}} 1. Let's also disable sound {{{ sed -r -i 's,^dtparam=audio=on$,dtparam=audio=off,' /boot/config.txt }}} 1. Disable bluetooth and modem services {{{ systemctl disable --now hciuart systemctl disable --now bluetooth.target systemctl disable --now bluetooth.service systemctl disable --now ModemManager.service }}} 1. For some reason this isn't working on the RPi4? Whatever, nuke the software packages as well {{{ apt purge -y bluez bluez-firmware wpasupplicant rm -rfv /etc/wpa_supplicant apt autoremove -y }}} 1. No keyboard means no hotkeys needed {{{ apt purge -y triggerhappy }}} 1. Does this work to disable it?? {{{ echo "blacklist hci_uart" > /etc/modprobe.d/blacklist-hciuart.conf echo "blacklist snd_bcm2835" > /etc/modprobe.d/blacklist-sndbcm2835.conf }}} 1. Reboot === Tools config === 1. Configure screen {{{ curl -o ~/.screenrc https://gist.githubusercontent.com/barneydesmond/d16c5201ed9d2280251dfca7c620bb86/raw/.screenrc }}} 1. Configure `top`: `z x c s 1.5 e 0 1 W q` == Save a copy == Now take an image of the system by putting the card in another system, after shrinking the filesystem {{{ e2fsck -f /dev/mmcblk0p2 resize2fs /dev/mmcblk0p2 2G dd bs=4M count=600 if=/dev/mmcblk0 | pv -br | gzip --fast > 2021-04-20_vector_img_pre_unifi.img.gz }}}