= vector =
* RPi Model 4 (aarch64, 4-core, 4gb RAM)
* RPi OS Lite 64-bit (Bookworm)
* LAN MAC `e4:5f:01:1c:c6:ea`
* WLAN MAC `e4:5f:01:1c:c6:eb`
* located at home
<<TableOfContents>>
== Build notes ==
This is the most generic stuff to do for initial setup, before tweaking it to a specific use.
=== OS imaging ===
Using the Raspberry Pi Imager app, start with '''RPi OS Lite 64-bit''', suitable for the RPi 3B+
It lets you make some customisations before flashing, which is really nice:
* Set hostname to '''vector'''
* Enable SSH
* Password auth, make a new secure password and record it in 1Password
* Set username and password
* `furinkan // <the password you just created>`
* No WLAN
* Set locale to Australia/Sydney, us keyboard
* Disable telemetry
Prepare DHCP server with static address for the LAN MAC address.
Put in the card and let it boot, should be fairly quick.
=== First login ===
1. Login as `furinkan@vector` and copy your SSH key there {{{
ssh-copy-id furinkan@vector
}}}
1. sudo up and copy your SSH key to root's account as well {{{
sudo -i
ssh-keygen -t ed25519
touch ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys
cat ~furinkan/.ssh/authorized_keys >> ~/.ssh/authorized_keys
}}}
1. Login again directly as root
1. Set the hostname with domain as well now {{{
hostnamectl set-hostname vector.thighhighs.top
}}}
1. Install base packages {{{
apt update
apt install -y vim git screen ack
apt autoremove
apt full-upgrade -y
}}}
1. More packages {{{
apt install wget curl net-tools jq make mlocate elinks nmap whois
updatedb
reboot
}}}
1. Edit `/etc/pam.d/sshd` and remove `user_readenv=1`, this will keep the logs tidy
1. Disable HashKnownHosts for SSH client {{{
echo -e "Host *\n HashKnownHosts no" > /etc/ssh/ssh_config.d/20-disable-hashknownhosts.conf
}}}
1. Configure shell
* Edit `/root/.bashrc` to enable colours
* Set the default editor to vim.basic: {{{
update-alternatives --config editor
}}}
* Add shell history timestamping {{{
cat <<EOF >> ~/.bashrc
# Timestamped shell FTW
export HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S '
EOF
}}}
1. Configure vim {{{
cat <<EOF > ~/.vimrc
set nocompatible
syntax on
set background=dark
set hlsearch
set modeline
set scrolloff=3
EOF
}}}
=== Disable wifi and bluetooth and other stuff ===
I'm using vector as a network appliance, so I don't need the radios: https://sleeplessbeastie.eu/2022/06/01/how-to-disable-onboard-wifi-and-bluetooth-on-raspberry-pi-4/
1. Add dtoverlays to your `/boot/config.txt` to disable the radios: {{{
cat <<EOF >> /boot/config.txt
dtoverlay=disable-wifi
dtoverlay=disable-bt
EOF
}}}
1. Let's also disable sound {{{
sed -r -i 's,^dtparam=audio=on$,dtparam=audio=off,' /boot/config.txt
}}}
1. Disable bluetooth and modem services {{{
systemctl disable --now hciuart
systemctl disable --now bluetooth.target
systemctl disable --now bluetooth.service
systemctl disable --now ModemManager.service
}}}
1. For some reason this isn't working on the RPi4? Whatever, nuke the software packages as well {{{
apt purge -y bluez bluez-firmware wpasupplicant
rm -rfv /etc/wpa_supplicant
apt autoremove -y
}}}
1. No keyboard means no hotkeys needed {{{
apt purge -y triggerhappy
}}}
1. Does this work to disable it?? {{{
echo "blacklist hci_uart" > /etc/modprobe.d/blacklist-hciuart.conf
echo "blacklist snd_bcm2835" > /etc/modprobe.d/blacklist-sndbcm2835.conf
}}}
1. Reboot
=== Tools config ===
1. Configure screen {{{
curl -o ~/.screenrc https://gist.githubusercontent.com/barneydesmond/d16c5201ed9d2280251dfca7c620bb86/raw/.screenrc
}}}
1. Configure `top`: `z x c s 1.5 <Enter> e 0 1 W q`
== Save a copy ==
Now take an image of the system by putting the card in another system, after shrinking the filesystem {{{
e2fsck -f /dev/mmcblk0p2
resize2fs /dev/mmcblk0p2 2G
dd bs=4M count=600 if=/dev/mmcblk0 | pv -br | gzip --fast > 2021-04-20_vector_img_pre_unifi.img.gz
}}}