raspberrypi
Table of Contents
Raspberry Pi Setup
This is where I keep notes to setup Raspberry Pis for various applications.
Initial configuration
> sudo raspi-config
Expand filesystem
Set locale "en_US,UTF-8 UTF-8"
Set timezone "US, Central"
Set keyboard layout "Generic 101-key PC, English (US)"
Set Wi-Fi country "US United States"
Enable SSH
> sudo apt update
> sudo apt upgrade
Change default password & set the root password
> passwd
> sudo passwd root
> sudo nano /etc/ssh/sshd_config
change "PermitRootLogin without-password" to "PermitRootLogin yes"
Increase Swap File Size
> sudo nano /etc/dphys-swapfile
change "CONF_SWAPSIZE=100" to "CONF_SWAPSIZE=256"
Install NTP client
> sudo apt install ntp
> sudo nano /etc/ntp.conf
server SERVERIPADDRESS prefer
Install a firewall
> sudo apt install firewalld
Install WebMin (Debian 11)
> sudo nano /etc/apt/sources.list
Add the line: "deb http://download.webmin.com/download/repository sarge contrib"
> su
# cd /root
# wget https://download.webmin.com/jcameron-key.asc
# cat jcameron-key.asc | gpg --dearmor >/etc/apt/trusted.gpg.d/jcameron-key.gpg
# exit
> sudo apt update
> sudo apt install apt-transport-https
> sudo apt install webmin
Create firewall service for Webmin
> sudo nano /etc/firewalld/services/webmin.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>Webmin</short>
<description>Webmin</description>
<port protocol="tcp" port="10000"/>
</service>
> sudo chmod 640 /etc/firewalld/services/webmin.xml
> sudo firewall-cmd --permanent --add-service=webmin
Specialized configurations
Next, notes for specific purposes:
Other installs
Mumble Server
> sudo apt install mumble-server
> sudo dpkg-reconfigure mumble-server
> sudo nano /etc/mumble-server.ini
bandwidth=128000
users=10
Create firewall service for Mumble
> sudo nano /etc/firewalld/services/mumble.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>Mumble</short>
<description>Mumble</description>
<port protocol="tcp" port="64738"/>
</service>
> sudo chmod 640 /etc/firewalld/services/mumble.xml
> sudo firewall-cmd --permanent --add-service=mumble
Apache
> sudo apt install apache2 -y
> sudo apt install php libapache2-mod-php -y
> sudo rm /var/www/html/index.html
> sudo nano /var/www/html/index.php
<?php echo "Raspberry Pi3 time: "; ?>
<?php echo date('Y-m-d H:i:s'); ?>
> sudo firewall-cmd --permanent --add-service=http
UniFi Network Controller
> sudo apt install openjdk-8-jre-headless -y > sudo apt install haveged -y > sudo apt install apt-transport-https -y > echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list > sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg > sudo apt update > sudo apt install unifi -y Go to your UniFi Controller via https://IPADDRESS:8443
Create firewall service for UniFi
> sudo nano /etc/firewalld/services/unifi.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>UniFi</short>
<description>UniFi</description>
<port protocol="udp" port="3478"/>
<port protocol="tcp" port="5514"/>
<port protocol="tcp" port="8080"/>
<port protocol="tcp" port="8443"/>
<port protocol="tcp" port="8880"/>
<port protocol="tcp" port="8843"/>
<port protocol="tcp" port="6789"/>
<port protocol="tcp" port="27117"/>
<port protocol="udp" port="5656-5699"/>
<port protocol="udp" port="10001"/>
<port protocol="udp" port="1900"/>
</service>
> sudo chmod 640 /etc/firewalld/services/unifi.xml
> sudo firewall-cmd --permanent --add-service=unifi
Dokuwiki
> sudo apt install php libapache2-mod-php php-mcrypt dokuwiki
> sudo nano /etc/dokuwiki/apache.conf
change "Allow from localhost 127.0.0.1 ::1" to "Allow from all"
Nagios4
> su # apt install nagios4 # apt install libgd-tools # getent passwd nagios # getent group nagios # systemctl status nagios4 # systemctl enable nagios4 # a2enmod rewrite cgi # htdigest -c /etc/nagios4/htdigest.users "Restricted Nagios4 Access" nagiosadmin > sudo usermod -a -G nagios www-data
MySQL
> sudo apt-get install php-pear php-mysql
> sudo apt-get install mariadb-server-10.0 mariadb-client-10.0
> sudo mysql_secure_installation
> sudo apt-get install phpmyadmin
> sudo nano /etc/apache2/apache2.conf
add to the end "Include /etc/phpmyadmin/apache.conf"
> sudo mysql -u root -p
GRANT ALL PRIVILEGES ON mydb.* TO 'pi'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES on *.* to 'root'@'localhost' IDENTIFIED BY '<password>';
GRANT ALL PRIVILEGES on *.* to 'phpmyadmin'@'localhost' IDENTIFIED BY '<password>';
FLUSH PRIVILEGES;
quit
> /etc/init.d/apache2 restart
TightVNC
Allow the vnc-server service rule in firewalld
> sudo apt install tightvncserver
> vncserver :1 -geometry 1600x900 -depth 16 -pixelformat rgb565:
> vncserver -kill :1
> nano ~/.vnc/xstartup
#!/bin/bash
xrdb $HOME/.Xresources
startxfce4 &
> sudo chmod +x ~/.vnc/xstartup
> vncserver
> sudo nano /etc/systemd/system/vncserver@.service
[Unit]
Description=Start TightVNC server at startup
After=syslog.target network.target
[Service]
Type=forking
User=pi
Group=pi
WorkingDirectory=/home/pi
PIDFile=/home/pi/.vnc/%H:%i.pid
ExecStartPre=-/usr/bin/vncserver -kill :%i > /dev/null 2>&1
ExecStart=/usr/bin/vncserver -depth 24 -geometry 1280x800 :%i
ExecStop=/usr/bin/vncserver -kill :%i
[Install]
WantedBy=multi-user.target
> sudo systemctl daemon-reload
> sudo systemctl enable vncserver@1.service
> vncserver -kill :1
> sudo systemctl start vncserver@1
> sudo systemctl status vncserver@1
Squid
> sudo apt-get install squid3
> sudo cp /etc/squid/squid.conf /etc/squid/squidoriginal.conf.bak
> sudo nano /etc/squid/squid.conf
Remove "#" from "#http_access allow localnet"
Remove "#" from: "#acl localnet src" and edit the IP range 192.168.10.0/24
Change "#dns_v4_first off" to "dns_v4_first on"
Remove "#" from: "#Cache_mem 256 MB"
Change "#maximum_object_size 4 MB" to "Maximum_object_size 4096 MB"
Change "#maximum_object_size_in_memory 512 KB" to "Maximum_object_size_in_memory 8192 KB"
Change "#cache_dir ufs /var/spool/squid 100 16 256" to "cache_dir ufs /var/spool/squid 8192 16 256"
> sudo service squid restart
Allow squid service in firewalld
No-IP DUC
> mkdir /home/pi/noip > cd /home/pi/noip > wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz > tar vzxf noip-duc-linux.tar.gz > cd noip-2.1.9-1 > sudo make > sudo make install > sudo noip2 -S To reconfigure the client: /usr/local/bin/noip2 -C
LCD Display
> sudo rm -rf LCD-show > git clone https://github.com/goodtft/LCD-show.git > chmod -R 755 LCD-show > cd LCD-show/ > sudo ./MPI4008-show
WeeWX
(WeatherFlow Tempest Configuration)
> wget -qO - https://weewx.com/keys.html | sudo gpg --dearmor --output /etc/apt/trusted.gpg.d/weewx.gpg
> wget -qO - https://weewx.com/apt/weewx-python3.list | sudo tee /etc/apt/sources.list.d/weewx.list
> sudo apt-get update
> sudo apt-get install weewx
During the install select 'Simulator'
Go to https://github.com/captain-coredump/weatherflow-udp and get weatherflow-udp-master.zip
Unzip and copy weatherflowudp.py to /usr/share/weewx/user/weatherflowudp.py
> sudo nano /etc/weewx/weewx.conf
Replace "station_type = Simulator" with "station_type = WeatherFlowUDP"
Replace the "[Simulator]" section with :
[WeatherFlowUDP]
driver = user.weatherflowudp
log_raw_packets = False
udp_address = <broadcast>
# udp_address = 192.168.10.241
# udp_address = 255.255.255.255
udp_port = 50222
udp_timeout = 90
share_socket = False
# This section is for the TEMPEST WeatherFlow Bridge packets, via UDP broadcast on local subnet
[[sensor_map]]
outTemp = air_temperature.ST-00050585.obs_st-
outHumidity = relative_humidity.ST-00050585.o+bs_st
pressure = station_pressure.ST-00050585.obs_st
#lightning_strikes = lightning_strike_count.ST-00050585.obs_st
#avg_distance = lightning_strike_avg_distance.ST-00050585.obs_st
outTempBatteryStatus = battery.ST-00050585.obs_st
windSpeed = wind_speed.ST-00050585.rapid_wind
windDir = wind_direction.ST-00050585.rapid_wind
#luxXXX = illuminance.ST-00050585.obs_st
UV = uv.ST-00050585.obs_st
rain = rain_accumulated.ST-00050585.obs_st
windBatteryStatus = battery.ST-00050585.obs_st
radiation = solar_radiation.ST-00050585.obs_st
#lightningXXX = distance.ST-00050585.evt_strike
#lightningYYY = energy.ST-00050585.evt_strike
> sudo tail -f /var/log/syslog (to check status)
WeeWX to OpenWeatherMap
> wget -O weewx-owm.zip https://github.com/matthewwall/weewx-owm/archive/master.zip
> sudo wee_extension --install weewx-owm.zip
> sudo nano /etc/weewx/weewx.conf
[StdRESTful]
[[OpenWeatherMap]]
appid = OWM_APPID
station_id = STATION_ID
> sudo /etc/init.d/weewx stop
> sudo /etc/init.d/weewx start
WeeWX to MQTT
> sudo apt install python3
> sudo apt install python3-pip
> sudo pip3 install paho-mqtt
> wget -O weewx-mqtt.zip https://github.com/matthewwall/weewx-mqtt/archive/master.zip
> sudo wee_extension --install weewx-mqtt.zip
> sudo nano /etc/weewx/weewx.conf
[StdRESTful]
[[MQTT]]
server_url = mqtt://username:password@example.com:1883
> sudo /etc/init.d/weewx stop
> sudo /etc/init.d/weewx start
—-
> lsusb List USB devices > ps -ef List processes > sudo snmpwalk -v 2c -c COMMUNITY $IP 192.168.10.160 -O n Check SNMP > vcgencmd measure_temp Check CPU temp > sudo certbot --authenticator standalone --installer apache -d gedean.net --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"
raspberrypi.txt · Last modified: 2023/05/09 19:25 by w5ged