====== Raspberry Pi Setup ======
This is where I keep notes to setup Raspberry Pis for various applications.
==== Initial configuration ====
> sudo raspi-config
Expand filesystem
Set locale "en_US,UTF-8 UTF-8"
Set timezone "US, Central"
Set keyboard layout "Generic 101-key PC, English (US)"
Set Wi-Fi country "US United States"
Enable SSH
> sudo apt update
> sudo apt upgrade
Change default password & set the root password
> passwd
> sudo passwd root
> sudo nano /etc/ssh/sshd_config
change "PermitRootLogin without-password" to "PermitRootLogin yes"
Increase Swap File Size
> sudo nano /etc/dphys-swapfile
change "CONF_SWAPSIZE=100" to "CONF_SWAPSIZE=256"
Install NTP client
> sudo apt install ntp
> sudo nano /etc/ntp.conf
server SERVERIPADDRESS prefer
Install a firewall
> sudo apt install firewalld
Install WebMin (Debian 11)
> sudo nano /etc/apt/sources.list
Add the line: "deb http://download.webmin.com/download/repository sarge contrib"
> su
# cd /root
# wget https://download.webmin.com/jcameron-key.asc
# cat jcameron-key.asc | gpg --dearmor >/etc/apt/trusted.gpg.d/jcameron-key.gpg
# exit
> sudo apt update
> sudo apt install apt-transport-https
> sudo apt install webmin
Create firewall service for Webmin
> sudo nano /etc/firewalld/services/webmin.xml
Webmin
Webmin
> sudo chmod 640 /etc/firewalld/services/webmin.xml
> sudo firewall-cmd --permanent --add-service=webmin
==== Specialized configurations ====
Next, notes for specific purposes:
*[[piaware|PiAware ADS-B Feeder]]
*[[pi_aprs|Pi APRS iGate]]
*[[retropie|RetroPie game console]]
*[[openvpn|OpenVPN Proxy]]
*[[rtl_sdr|Software Defined Radio]]
*[[modbus|EPever Solar charge controller Modbus interface]]
*[[pi_daq|Pi OPC DAQ]]
*[[pi_redsprings|Red Springs Remote Controller]]
====== Other installs ======
==== Mumble Server ====
> sudo apt install mumble-server
> sudo dpkg-reconfigure mumble-server
> sudo nano /etc/mumble-server.ini
bandwidth=128000
users=10
Create firewall service for Mumble
> sudo nano /etc/firewalld/services/mumble.xml
Mumble
Mumble
> sudo chmod 640 /etc/firewalld/services/mumble.xml
> sudo firewall-cmd --permanent --add-service=mumble
==== Apache ====
> sudo apt install apache2 -y
> sudo apt install php libapache2-mod-php -y
> sudo rm /var/www/html/index.html
> sudo nano /var/www/html/index.php
> sudo firewall-cmd --permanent --add-service=http
==== UniFi Network Controller ====
> sudo apt install openjdk-8-jre-headless -y
> sudo apt install haveged -y
> sudo apt install apt-transport-https -y
> echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
> sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg
> sudo apt update
> sudo apt install unifi -y
Go to your UniFi Controller via https://IPADDRESS:8443
Create firewall service for UniFi
> sudo nano /etc/firewalld/services/unifi.xml
UniFi
UniFi
> sudo chmod 640 /etc/firewalld/services/unifi.xml
> sudo firewall-cmd --permanent --add-service=unifi
==== Dokuwiki ====
> sudo apt install php libapache2-mod-php php-mcrypt dokuwiki
> sudo nano /etc/dokuwiki/apache.conf
change "Allow from localhost 127.0.0.1 ::1" to "Allow from all"
==== Nagios4 ====
> su
# apt install nagios4
# apt install libgd-tools
# getent passwd nagios
# getent group nagios
# systemctl status nagios4
# systemctl enable nagios4
# a2enmod rewrite cgi
# htdigest -c /etc/nagios4/htdigest.users "Restricted Nagios4 Access" nagiosadmin
> sudo usermod -a -G nagios www-data
==== MySQL ====
> sudo apt-get install php-pear php-mysql
> sudo apt-get install mariadb-server-10.0 mariadb-client-10.0
> sudo mysql_secure_installation
> sudo apt-get install phpmyadmin
> sudo nano /etc/apache2/apache2.conf
add to the end "Include /etc/phpmyadmin/apache.conf"
> sudo mysql -u root -p
GRANT ALL PRIVILEGES ON mydb.* TO 'pi'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES on *.* to 'root'@'localhost' IDENTIFIED BY '';
GRANT ALL PRIVILEGES on *.* to 'phpmyadmin'@'localhost' IDENTIFIED BY '';
FLUSH PRIVILEGES;
quit
> /etc/init.d/apache2 restart
==== TightVNC ====
Allow the vnc-server service rule in firewalld
> sudo apt install tightvncserver
> vncserver :1 -geometry 1600x900 -depth 16 -pixelformat rgb565:
> vncserver -kill :1
> nano ~/.vnc/xstartup
#!/bin/bash
xrdb $HOME/.Xresources
startxfce4 &
> sudo chmod +x ~/.vnc/xstartup
> vncserver
> sudo nano /etc/systemd/system/vncserver@.service
[Unit]
Description=Start TightVNC server at startup
After=syslog.target network.target
[Service]
Type=forking
User=pi
Group=pi
WorkingDirectory=/home/pi
PIDFile=/home/pi/.vnc/%H:%i.pid
ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1
ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 :%i
ExecStop=/usr/bin/vncserver -kill :%i
[Install]
WantedBy=multi-user.target
> sudo systemctl daemon-reload
> sudo systemctl enable vncserver@1.service
> vncserver -kill :1
> sudo systemctl start vncserver@1
> sudo systemctl status vncserver@1
==== Squid ====
> sudo apt-get install squid3
> sudo cp /etc/squid/squid.conf /etc/squid/squidoriginal.conf.bak
> sudo nano /etc/squid/squid.conf
Remove "#" from "#http_access allow localnet"
Remove "#" from: "#acl localnet src" and edit the IP range 192.168.10.0/24
Change "#dns_v4_first off" to "dns_v4_first on"
Remove "#" from: "#Cache_mem 256 MB"
Change "#maximum_object_size 4 MB" to "Maximum_object_size 4096 MB"
Change "#maximum_object_size_in_memory 512 KB" to "Maximum_object_size_in_memory 8192 KB"
Change "#cache_dir ufs /var/spool/squid 100 16 256" to "cache_dir ufs /var/spool/squid 8192 16 256"
> sudo service squid restart
Allow squid service in firewalld
==== No-IP DUC ====
> mkdir /home/pi/noip
> cd /home/pi/noip
> wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz
> tar vzxf noip-duc-linux.tar.gz
> cd noip-2.1.9-1
> sudo make
> sudo make install
> sudo noip2 -S
To reconfigure the client: /usr/local/bin/noip2 -C
----
==== LCD Display ====
> sudo rm -rf LCD-show
> git clone https://github.com/goodtft/LCD-show.git
> chmod -R 755 LCD-show
> cd LCD-show/
> sudo ./MPI4008-show
==== WeeWX ====
(WeatherFlow Tempest Configuration)
> wget -qO - https://weewx.com/keys.html | sudo gpg --dearmor --output /etc/apt/trusted.gpg.d/weewx.gpg
> wget -qO - https://weewx.com/apt/weewx-python3.list | sudo tee /etc/apt/sources.list.d/weewx.list
> sudo apt-get update
> sudo apt-get install weewx
During the install select 'Simulator'
Go to https://github.com/captain-coredump/weatherflow-udp and get weatherflow-udp-master.zip
Unzip and copy weatherflowudp.py to /usr/share/weewx/user/weatherflowudp.py
> sudo nano /etc/weewx/weewx.conf
Replace "station_type = Simulator" with "station_type = WeatherFlowUDP"
Replace the "[Simulator]" section with :
[WeatherFlowUDP]
driver = user.weatherflowudp
log_raw_packets = False
udp_address =
# udp_address = 192.168.10.241
# udp_address = 255.255.255.255
udp_port = 50222
udp_timeout = 90
share_socket = False
# This section is for the TEMPEST WeatherFlow Bridge packets, via UDP broadcast on local subnet
[[sensor_map]]
outTemp = air_temperature.ST-00050585.obs_st-
outHumidity = relative_humidity.ST-00050585.o+bs_st
pressure = station_pressure.ST-00050585.obs_st
#lightning_strikes = lightning_strike_count.ST-00050585.obs_st
#avg_distance = lightning_strike_avg_distance.ST-00050585.obs_st
outTempBatteryStatus = battery.ST-00050585.obs_st
windSpeed = wind_speed.ST-00050585.rapid_wind
windDir = wind_direction.ST-00050585.rapid_wind
#luxXXX = illuminance.ST-00050585.obs_st
UV = uv.ST-00050585.obs_st
rain = rain_accumulated.ST-00050585.obs_st
windBatteryStatus = battery.ST-00050585.obs_st
radiation = solar_radiation.ST-00050585.obs_st
#lightningXXX = distance.ST-00050585.evt_strike
#lightningYYY = energy.ST-00050585.evt_strike
> sudo tail -f /var/log/syslog (to check status)
==== WeeWX to OpenWeatherMap ====
> wget -O weewx-owm.zip https://github.com/matthewwall/weewx-owm/archive/master.zip
> sudo wee_extension --install weewx-owm.zip
> sudo nano /etc/weewx/weewx.conf
[StdRESTful]
[[OpenWeatherMap]]
appid = OWM_APPID
station_id = STATION_ID
> sudo /etc/init.d/weewx stop
> sudo /etc/init.d/weewx start
==== WeeWX to MQTT ====
> sudo apt install python3
> sudo apt install python3-pip
> sudo pip3 install paho-mqtt
> wget -O weewx-mqtt.zip https://github.com/matthewwall/weewx-mqtt/archive/master.zip
> sudo wee_extension --install weewx-mqtt.zip
> sudo nano /etc/weewx/weewx.conf
[StdRESTful]
[[MQTT]]
server_url = mqtt://username:password@example.com:1883
> sudo /etc/init.d/weewx stop
> sudo /etc/init.d/weewx start
----
> lsusb List USB devices
> ps -ef List processes
> sudo snmpwalk -v 2c -c COMMUNITY $IP 192.168.10.160 -O n Check SNMP
> vcgencmd measure_temp Check CPU temp
> sudo certbot --authenticator standalone --installer apache -d gedean.net --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"