Configuration Apple-pi - Raspbian: Difference between revisions

From miki
Jump to navigation Jump to search
 
(9 intermediate revisions by the same user not shown)
Line 23: Line 23:
<source lang=bash>
<source lang=bash>
# Setup git repo main directory
# Setup git repo main directory
sudo useradd -s /usr/bin/git-shell -m git
sudo useradd -s /usr/bin/git-shell -m git # User both for ssh: and git: protocol access (shell disabled)
sudo su -p git # Notice -p since shell is disabled
sudo su -p git
cd ~git
cd ~git
mkdir git # This directory will store all .git repo
mkdir git # This directory will store all .git repo
mkdir .ssh
cat ... >> .ssh/authorized_keys # Add keys of user that can use the ssh: protocol
</source>
* Install '''git-daemon''' (enable ''git:'' protocol):
<source lang=bash>
sudo apt-get install git-daemon-sysvinit
sudo vi /etc/default/git-daemon # Change user to 'git'
sudo /etc/init.d/git-daemon start # Start daemon
</source>
</source>
* Setup '''minecraft.git''':
* Setup '''minecraft.git''':
<source lang=bash>
<source lang=bash>
sudo su -p git # or sudo su -s /bin/bash git
sudo su -p git # or sudo su -s /bin/bash git
cd ~git/git
cd ~git/git
git init --bare minecraft.git
git init --bare minecraft.git
cd minecraft.git
cd minecraft.git
touch git-daemon-export-ok
touch git-daemon-export-ok
git config --add daemon.receive-pack true
git config --add daemon.receivepack true # no hyphen in receivepack!
vi hooks/update # Install hook to prevent non-ff update
exit
exit
sudo ln -sf ~git/git/minecraft.git /var/cache/git/minecraft.git
sudo ln -sf ~git/git/minecraft.git /var/cache/git/minecraft.git
Line 59: Line 68:
{| class="install_simple_log"
{| class="install_simple_log"
|-
|-
|'''Network WIFI'''||Check that WiFi dongle is detected with <code>lsusb</code>
|'''Category'''||<small>[YYYY-MM-DD]</small> Update<br/>Additional configuration settings
<source lang=bash>
|}
lsusb
# Bus 001 Device 004: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter
</source>
Check that wireless device has an interface available with <code>iwconfig</code> [https://wiki.debian.org/WiFi/HowToUse] [https://wiki.debian.org/WiFi]
<source lang=bash>
iwconfig
# wlan0 IEEE 802.11bgn ESSID:"ManticoreNet" Nickname:"<WIFI@REALTEK>"
# Mode:Managed Frequency:2.412 GHz Access Point: 00:1D:7E:0C:24:5E
# Bit Rate:150 Mb/s Sensitivity:0/0
# Retry:off RTS thr:off Fragment thr:off
# Power Management:off
# Link Quality=100/100 Signal level=87/100 Noise level=0/100
# Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
# Tx excessive retries:0 Invalid misc:0 Missed beacon:0
</source>
We configure interface '''wlan0''' to use WPA in roaming, and static ip address for network id '''home'''.[http://raspberrypi.stackexchange.com/questions/11882/wpa-roam-can-only-be-used-with-the-manual-inet-method]


* See <code>man interfaces</code> for instruction
* <code>auto wlan0</code> tells that the interface should start automatically at boot
* <code>wpa-roam</code> implies that <code>manual</code> must be used
* To configure a static address, add an extra interface (here with name '''home'''), and configure this interface instead.<br/>The name must match name given in attribute <code>id_str</code> in file {{file|wpa_supplicant.conf}}. This allows to have different network configuration for different wireless networks.
* Wifi network credentials are stored in a separate file that only root can read
File {{file|/etc/network/interfaces}}:
<source lang=text>
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

iface home inet static
address 172.19.100.107
netmask 255.255.0.0
gateway 172.19.3.1
</source>

File {{file|/etc/wpa_supplicant/wpa_supplicant.conf}}:
<source lang=text>
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
ssid="***********"
psk="************"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
id_str="home"
}
</source>
Bring up or down the interface with:
<source lang=bash>
sudo ifup wlan0
sudo ifdown wlan0
</source>
The following error messages can be ignored [http://kerneldriver.wordpress.com/2012/10/21/configuring-wpa2-using-wpa_supplicant-on-the-raspberry-pi/]:
<pre>
$ sudo ifup wlan0
ioctl[SIOCSIWAP]: Operation not permitted
ioctl[SIOCSIWENCODEEXT]: Invalid argument
ioctl[SIOCSIWENCODEEXT]: Invalid argument
</pre>
|-
|Network SSH
|
* Setup crontab to create reverse port fwding to noekeon.org - port '''54901''' (cfr {{file|autonoekeon.sh}} and {{file|crontab-autonoekeon}})
* On noekeon.org, added to {{file|authorized_keys}}:
no-pty,no-X11-forwarding,permitopen="localhost:54901",command="/bin/echo do-not-send-commands" ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDhjxL9dpvQfk3LeKUHGCilVk4Ng11Vu532gvGhNk7A1VJxF7vO8r5VaPbad1uKhtI+fVq1knbg
++EZw5AhBBsYdnH2SEucb9Kfjm1Ub1Im5A9PhbElFO3q/8p2gn19ULZ6VPUc48my6g0WiEnU0o11OtgLq35wZ7jXOHwClRil3LDh+s7y
OnTAirQbp91A/20YpqIxmY5opgUN08mH/rcHTl1gMS0LAzK0MUJtoOAy7BqqKXRy4iMb/HYHPDGbjGpq1uIiXP/9H1opKtTcq8bQ+Oyq
Jr5VYO7wVYyYWhS9d9gD2IoMpNagvW8xudAVzMjh8gGRcTArzpU4uGT22MiR pi@apple-pi
* Connect back to ''apple-pi'' via noekeon.org with:
<source lang=bash>
autossh -M 0 -f -N -n -q -L 22201:localhost:54901 noekeon
ssh -p 22201 pi@localhost
</source>
|-
|crontab
|
<source lang=bash>
@reboot /usr/bin/tmux new-session -d ~pi/bin/autonoekeon.sh \; new-window ~pi/bin/local/netconsole-log.sh
</source>
|}


== To Do ==
== To Do ==
=== Issues ===
=== Issues ===
* '''{{red|Issue}}''' — To be completed
* '''{{red|Issue}}''' — Frequently losing WiFi connection, without reconect.
:* '''Workaround''' &mdash; Use a cron script to detect and force reconnect [http://www.raspberrypi.org/forums/viewtopic.php?t=13169&p=451078*/5 * * * * /usr/local/bin/testwifi.sh 2> /var/log/testwifi.log]
:* Crontab line, edited with <code>sudo crontab -e</code>
<pre>
*/2 * * * * /usr/local/bin/testwifi.sh > /var/log/testwifi.log 2>&1
</pre>
:* {{file|/usr/local/bin/testwifi.sh}}
<source lang=bash>
#echo '/usr/local/bin/testwifi.sh log'
TESTIP=172.19.100.107

#ping -c4 ${TESTIP} > /dev/null
/sbin/ifconfig wlan0 | grep --quiet $TESTIP

if [ $? != 0 ]
then
logger -t $0 "WiFi seems down, restarting"
sudo /sbin/ifdown --force wlan0
sleep 10
sudo /sbin/ifup wlan0
else
#logger -t $0 "WiFi seems up."
true
fi

</source>
:* Reduce {{file|syslog}} spam by filtering out cron log. Edit {{file|/etc/rsyslog.conf}} [http://superuser.com/questions/40760/how-to-prevent-cron-from-spamming-syslog]
<source lang=diff>
diff --git a/rsyslog.conf b/rsyslog.conf
-*.*;auth,authpriv.none -/var/log/syslog
+*.*;auth,authpriv.none,cron.none -/var/log/syslog
</source>
* '''{{red|To Do}}''' — Description
* '''{{red|To Do}}''' — Description



Latest revision as of 06:10, 8 December 2015

Configuration Page

Introduction

This is the configuration page for the Raspbian partition on Apple-pi.

Configuration Files

All configuration files can be found here.

Repositories

To be completed.

Installed Applications

Common applications

Some application from the Common configuration for Linux, namely:

sudo apt-get install git etckeeper libnss-mdns avahi-daemon mdns-scan mc autossh vim-gnome tmux

Essential

Git (git)
# Setup git repo main directory
sudo useradd -s /usr/bin/git-shell -m git   # User both for ssh: and git: protocol access (shell disabled)
sudo su -p git                              # Notice -p since shell is disabled
cd ~git
mkdir git                                   # This directory will store all .git repo
mkdir .ssh
cat ... >> .ssh/authorized_keys             # Add keys of user that can use the ssh: protocol
  • Install git-daemon (enable git: protocol):
sudo apt-get install git-daemon-sysvinit
sudo vi /etc/default/git-daemon             # Change user to 'git'
sudo /etc/init.d/git-daemon start           # Start daemon
  • Setup minecraft.git:
sudo su -p git                              # or sudo su -s /bin/bash git
cd ~git/git
git init --bare minecraft.git
cd minecraft.git
touch git-daemon-export-ok
git config --add daemon.receivepack true    # no hyphen in receivepack!
vi hooks/update                             # Install hook to prevent non-ff update
exit
sudo ln -sf ~git/git/minecraft.git /var/cache/git/minecraft.git

Local Applications

Application (package) [YYYY-MM-DD] Update
Additional configuration settings

Uninstalled

Application (package) [YYYY-MM-DD] Update
Additional configuration settings

Settings

Network WIFI Check that WiFi dongle is detected with lsusb
lsusb
# Bus 001 Device 004: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n WLAN Adapter

Check that wireless device has an interface available with iwconfig [1] [2]

iwconfig
# wlan0     IEEE 802.11bgn  ESSID:"ManticoreNet"  Nickname:"<WIFI@REALTEK>"
#           Mode:Managed  Frequency:2.412 GHz  Access Point: 00:1D:7E:0C:24:5E   
#           Bit Rate:150 Mb/s   Sensitivity:0/0  
#           Retry:off   RTS thr:off   Fragment thr:off
#           Power Management:off
#           Link Quality=100/100  Signal level=87/100  Noise level=0/100
#           Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
#           Tx excessive retries:0  Invalid misc:0   Missed beacon:0

We configure interface wlan0 to use WPA in roaming, and static ip address for network id home.[3]

  • See man interfaces for instruction
  • auto wlan0 tells that the interface should start automatically at boot
  • wpa-roam implies that manual must be used
  • To configure a static address, add an extra interface (here with name home), and configure this interface instead.
    The name must match name given in attribute id_str in file wpa_supplicant.conf. This allows to have different network configuration for different wireless networks.
  • Wifi network credentials are stored in a separate file that only root can read

File /etc/network/interfaces:

auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

iface home inet static
    address 172.19.100.107
    netmask 255.255.0.0
    gateway 172.19.3.1

File /etc/wpa_supplicant/wpa_supplicant.conf:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
	ssid="***********"
	psk="************"
	proto=RSN
	key_mgmt=WPA-PSK
	pairwise=CCMP TKIP
	group=CCMP TKIP
	id_str="home"
}

Bring up or down the interface with:

sudo ifup wlan0
sudo ifdown wlan0

The following error messages can be ignored [4]:

$ sudo ifup wlan0
ioctl[SIOCSIWAP]: Operation not permitted
ioctl[SIOCSIWENCODEEXT]: Invalid argument
ioctl[SIOCSIWENCODEEXT]: Invalid argument
Network SSH
  • Setup crontab to create reverse port fwding to noekeon.org - port 54901 (cfr autonoekeon.sh and crontab-autonoekeon)
  • On noekeon.org, added to authorized_keys:
no-pty,no-X11-forwarding,permitopen="localhost:54901",command="/bin/echo do-not-send-commands" ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDhjxL9dpvQfk3LeKUHGCilVk4Ng11Vu532gvGhNk7A1VJxF7vO8r5VaPbad1uKhtI+fVq1knbg
++EZw5AhBBsYdnH2SEucb9Kfjm1Ub1Im5A9PhbElFO3q/8p2gn19ULZ6VPUc48my6g0WiEnU0o11OtgLq35wZ7jXOHwClRil3LDh+s7y
OnTAirQbp91A/20YpqIxmY5opgUN08mH/rcHTl1gMS0LAzK0MUJtoOAy7BqqKXRy4iMb/HYHPDGbjGpq1uIiXP/9H1opKtTcq8bQ+Oyq
Jr5VYO7wVYyYWhS9d9gD2IoMpNagvW8xudAVzMjh8gGRcTArzpU4uGT22MiR pi@apple-pi
  • Connect back to apple-pi via noekeon.org with:
autossh -M 0 -f -N -n -q -L 22201:localhost:54901 noekeon
ssh -p 22201 pi@localhost
crontab
@reboot      /usr/bin/tmux new-session -d ~pi/bin/autonoekeon.sh \; new-window ~pi/bin/local/netconsole-log.sh

To Do

Issues

  • Issue — Frequently losing WiFi connection, without reconect.
*/2 * * * * /usr/local/bin/testwifi.sh > /var/log/testwifi.log 2>&1
  • /usr/local/bin/testwifi.sh
#echo '/usr/local/bin/testwifi.sh log'
TESTIP=172.19.100.107

#ping -c4 ${TESTIP} > /dev/null
/sbin/ifconfig wlan0 | grep --quiet $TESTIP

if [ $? != 0 ]
then
    logger -t $0 "WiFi seems down, restarting"
    sudo /sbin/ifdown --force wlan0
    sleep 10
    sudo /sbin/ifup wlan0
else
    #logger -t $0 "WiFi seems up."
    true
fi
  • Reduce syslog spam by filtering out cron log. Edit /etc/rsyslog.conf [5]
diff --git a/rsyslog.conf b/rsyslog.conf
-*.*;auth,authpriv.none          -/var/log/syslog
+*.*;auth,authpriv.none,cron.none          -/var/log/syslog
  • To Do — Description

Done & Fixed

  • Fixed — Issue description
    Fix description
  • Done — Description