User Tools

Site Tools


raspberry-pi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
raspberry-pi [2013/04/02 10:42] – created dblumeraspberry-pi [2023/04/12 20:44] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== Raspberry Pi ====== ====== Raspberry Pi ======
  
-From [[http://www.raspberrypi.org/phpBB3/viewtopic.php?p=137164|this thread on SD cards]], the comment from by carlosfm on Mon Aug 27, 2012 9:46 pm suggests that the 16GB Sandisk Extreme Class 10 45MB/s working fine on my Pi might be a good card to use.+From [[http://www.raspberrypi.org/phpBB3/viewtopic.php?p=137164|this thread on SD cards]], the comment from by carlosfm on Mon Aug 27, 2012 9:46 pm suggests that the **16GB Sandisk Extreme Class 10 45MB/s** working fine on my Pi might be a good card to use. 
 + 
 +Also, highly recommended: **Samsung 32GB Class 10 Model Code: MB-SSBGA/US** 
 + 
 +Partway down the page, it says there's a debian package to download: 
 + 
 +<code> 
 +$ wget https://dl.dropbox.com/u/15710882/iozone3_397-2_armhf.deb 
 +$ sudo dpkg -i iozone3_397-2_armhf.deb 
 +$ iozone -e -I -a -s 50M -r 4k -r 512k -r 16M -i 0 -i 1 -i 2 | tee iozone_out.txt 
 +</code> 
 + 
 +> I was reading the manual for iozone and it said to make sure, for accurate results, to make the -s switch size be TWICE your ram size. My Pi has 512mb so figured minus the 16mb gpu share I'd make it 1000M (for 1gb test file)
  
 Still, there's more to learn.  Something about: Still, there's more to learn.  Something about:
Line 8: Line 20:
 just apt-get install bonnie++  just apt-get install bonnie++ 
 </code> </code>
 +
 +===== Debian OS Installation Essentials =====
 +
 +([[http://blog.philippklaus.de/2012/05/raspberry-pi/|Source]])
 +
 +<code>
 +passwd
 +sudo dpkg-reconfigure tzdata
 +sudo apt-get update && sudo apt-get upgrade
 +sudo apt-get install vim
 +sudo apt-get install screen
 +</code>
 +
 +<code>
 +sudo apt-get install ca-certificates
 +sudo apt-get install git-core
 +sudo wget http://goo.gl/1BOfJ -O /usr/bin/rpi-update && sudo chmod +x /usr/bin/rpi-update
 +sudo rpi-update
 +sudo shutdown -r now
 +</code>
 +
 +To be able to listen to audio via the headphone jack. See [[http://www.raspberrypi.org/phpBB3/viewtopic.php?f=6&t=5490|here]], and do this:
 +
 +<code>
 +sudo apt-get install alsa-utils; sudo modprobe snd_bcm2835; sudo amixer cset numid=3 1
 +</code>
 +
 +Playing m3u playlists:
 +
 +<code>
 +mpg123 -@ http://streams.br-online.de/bayern3_2.m3u
 +</code>
 +
 +Text-based browsing: Either lynx or links
 +
 +<code>
 +sudo apt-get install lynx
 +sudo apt-get install links
 +</code>
 +
 +Maybe ''sudo vim /etc/lynx-cur/lynx.cfg'' and change "#ACCEPT_ALL_COOKIES:FALSE" to "ACCEPT_ALL_COOKIES:TRUE"
 +===== Logs =====
 +
 +Consider [[https://github.com/azlux/log2ram|installing log2ram]] to extend the life of your SDCard by writing logs to RAM first.
 +
 +When there are problems, check for logs in ''/var/log/syslog'' or ''/var/log/messages''.
 +
 +I think we need to update ''/etc/systemd/system/log2ram.service'' to make log2ram come after nginx, like so...
 +
 +<file bash log2ram.service>
 +[Unit]
 +Description=Log2Ram
 +DefaultDependencies=no
 +Before=basic.target rsyslog.service syslog.target systemd-journald.service sysinit.target shutdown.target apache2.service nginx.service
 +After=local-fs.target
 +Conflicts=shutdown.target reboot.target halt.target
 +RequiresMountsFor=/var/log /var/hdd.log
 +IgnoreOnIsolate=yes
 +
 +[Service]
 +Type=oneshot
 +ExecStart= /usr/local/bin/log2ram start
 +ExecStop= /usr/local/bin/log2ram stop
 +ExecReload= /usr/local/bin/log2ram write
 +RemainAfterExit=yes
 +
 +[Install]
 +WantedBy=sysinit.target
 +</file>
 +
 +Otherwise, it turns out that log2ram does screw up nginx's ability to start on power-cycle. Maybe need something like the following...
 +
 +<file bash todo_after_powercycle.sh>
 +#!/usr/bin/env bash
 +
 +# The tool we use to save flash affects the startup of nginx
 +if [ ! -d "/var/log/nginx" ]; then
 +  sudo mkdir /var/log/nginx
 +fi
 +
 +# if service --status-all | grep -Fq '[ - ]  nginx'; then
 +if ! service nginx status | grep -Fq 'active (running)'; then
 +  sudo /etc/init.d/nginx start > /dev/null
 +  # systemctl start nginx
 +fi
 +</file>
 +===== Keyboard Repeat Problem =====
 +
 +[[http://elinux.org/R-Pi_Troubleshooting#R-Pi_does_not_respond_to_key_presses_.2F_Keyboard_randomly_repeats_key_presses|They claim it's often a power problem.]]
 +
 +> Forum user MrEngman reported some keyboard repeats and wireless hangs until upgrading to the debian6-19-04-2012 kernel, which he reports stable with no problems even with a low TP1-TP2 voltage of 4.65 - 4.68 volts.
 +
 +To see which version you have:
 +<code>
 +$ cat /proc/version
 +</code>
 +
 +Try plugging the keyboard and mouse directly into the Raspberry Pi, and see what happens.
 +
 +===== Camera =====
 +
 +A list of [[http://elinux.org/RPi_USB_Webcams|tested webcams]].
 +Here's a [[http://www.raspberrypi.org/phpBB3/viewtopic.php?f=46&t=39470|Python script for saving jpg images]].
 +Here's [[https://medium.com/p/2d5a2d61da3d|a tutorial that suggests using motion]].
 +
 +Video Tutorials:
 +
 +  * [[https://www.youtube.com/watch?v=NVrqNaLxU_g|Raspberry Pi Webcam Server Tutorial (Live Stream)]]
 +  * [[https://www.youtube.com/watch?v=H1jSudsIJfA|Raspberry Pi as a Webcam Server]]
 +===== Headless Xwin =====
 +
 +How to [[http://jeffskinnerbox.wordpress.com/2012/09/09/raspberry-pi-has-arrived/|run X Windows on the Raspberry Pi and use the PC as your X Terminal]].
 +
 +===== Apache vs Cherokee vs Nginx Webserver =====
 +
 +[[http://www.wikihow.com/Make-a-Raspberry-Pi-Web-Server]]
 +
 +Looks like [[http://www.jeremymorgan.com/blog/programming/raspberry-pi-web-server-comparison/|I should use Nginx]].
 +
 +How to [[http://en.joscandreu.com/blog/install-php-raspberrypi/|Install nginx and PHP]].  And should I need to do something that'd require .htaccess or mod_rewrite, here's a [[http://blog.martinfjordvald.com/2011/02/nginx-primer-2-from-apache-to-nginx/|Nginx Primer from Apache to Nginx]].
 +
 +It'd be interesting to see [[http://docs.getpelican.com/en/latest/getting_started.html|Pelican]] [[http://www.instructables.com/id/Host-your-own-blog-from-a-25-Raspberry-Pi-compute/|work on a Raspberry Pi]] running Nginx.
 +
 +**Note**: See history-of-nginx-start.txt, and note that the web server files are at /var/www
 +
 +===== Backup =====
 +
 +(Old link: [[http://lifehacker.com/how-to-clone-your-raspberry-pi-sd-card-for-super-easy-r-1261113524|How to Clone Your Raspberry Pi SD Card for Super Easy Reinstallations]])
 +
 +I put the microSD in the SamSung SD Adaptor, and [[https://thepihut.com/blogs/raspberry-pi-tutorials/17789160-backing-up-and-restoring-your-raspberry-pis-sd-card|used Win32 Disk Imager]] to make a backup at H:\RasberryPi2.img
 +
 +==== Reading from Device to Image File ====
 +
 +  * Specify a new Image File name. (On a big disk.)
 +  * Select "Read" to read form the Raspberry Pi's card to the file on disk.
 +
 +
 +==== Writing from Image File to SD Card ====
 +
 +  * Specify an existing Image File.
 +  * Select "Write" to write from the file on disk to the Raspberry Pi's card.
 +
 +My Raspberry Pi is up-to-date as of 2017-02-05.
 +===== Cert Bot =====
 +
 +  - https://certbot.eff.org/#debianjessie-nginx
 +  - Fix it with this recipe: https://github.com/certbot/certbot/issues/2673 (Maybe not needed!)
 +
 +This seems useful: https://bjornjohansen.no/letsencrypt-nginx
 +
 +In detail:
 +
 +1. Add Backports to /etc/apt/sources.list as per https://backports.debian.org/Instructions/
 +
 +2. Do the apt-get
 +
 +  sudo apt-get install certbot -t jessie-backports
 +
 +3. Run certbot
 +
 +  sudo certbot certonly --webroot -w /var/www/html -d pi.dlma.com -d wopr.dlma.com
 +  
 +You should find that /etc/letsencrypt/live is populated with files like pi.dlma.com/cert1
 +  
 +4. Renew (and reload if successful) with 
 +
 +  sudo certbot renew && /usr/sbin/service nginx reload
 + 
 +5. Consider using a root cronjob
 +
 +   sudo crontab -e
 +   0 5 * * 0 certbot renew --post-hook "service nginx reload" >> /home/pi/letsencrypt-renew.log
 +
 +<code>
 +IMPORTANT NOTES:
 + - Congratulations! Your certificate and chain have been saved at
 +   /etc/letsencrypt/live/pi.dlma.com/fullchain.pem. Your cert will
 +   expire on 2017-09-31. To obtain a new or tweaked version of this
 +   certificate in the future, simply run certbot again. To
 +   non-interactively renew *all* of your certificates, run "certbot
 +   renew"
 + - If you lose your account credentials, you can recover through
 +   e-mails sent to david.blume@gmail.com.
 + - Your account credentials have been saved in your Certbot
 +   configuration directory at /etc/letsencrypt. You should make a
 +   secure backup of this folder now. This configuration directory will
 +   also contain certificates and private keys obtained by Certbot so
 +   making regular backups of this folder is ideal.
 + - If you like Certbot, please consider supporting our work by:
 +
 +   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 +   Donating to EFF:                    https://eff.org/donate-le
 +</code>
 +
 +6. Port forward ports 80 and 443.  At the local router:
 +
 +http://router.asus.com/Advanced_VirtualServer_Content.asp
 +
 +WAN -> Virtual Server / Port Forwarding
 +
 +7. Update nginx
 +
 +https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-16-04
 +
 +Update /etc/nginx/sites-available/default as per this [[https://www.nginx.com/blog/nginx-https-101-ssl-basics-getting-started/|Getting Started guide from Nginx]].
 +
 +  server {
 +          listen 80 default_server;
 +          listen [::]:80 default_server;
 +          server_name pi.dlma.com;
 +          return 301 https://$server_name$request_uri;
 +  }
 +  
 +  server {
 +        # SSL configuration
 +        #
 +        listen 443 ssl default_server;
 +        listen [::]:443 ssl default_server;
 +        
 +        ssl_certificate /etc/letsencrypt/live/pi.dlma.com/fullchain.pem;
 +        ssl_certificate_key /etc/letsencrypt/live/pi.dlma.com/privkey.pem;
 +        ssl_trusted_certificate /etc/letsencrypt/live/pi.dlma.com/chain.pem;
 +        ...
 +
 +**TODO**: Maybe figure out [[https://www.nginx.com/blog/nginx-https-101-ssl-basics-getting-started/|how to redirect http://wopr.dlma.com to https://wopr.dlma.com]].
 +
 +Then check and restart nginx:
 +
 +  $ sudo nginx -t
 +  $ sudo systemctl restart nginx
 +  
 +**TODO**: Renew with ''certbot renew --quiet'' as per [[https://certbot.eff.org/#debianjessie-nginx|certbot]] or [[https://bjornjohansen.no/letsencrypt-nginx|manually]].
 +
 +===== Updating CertBot to use ACMEv2 =====
 +
 +Got an email from the EFF saying my current CertBot client uses ACMEv1 and it needs to be upgraded. Followed some instructions here:[[https://certbot.eff.org/lets-encrypt/debianother-nginx|Debian Jessie instructions from the EFF]].
 +
 +  sudo apt-get remove certbot
 +  wget https://dl.eff.org/certbot-auto
 +  sudo mv certbot-auto /usr/local/bin/certbot-auto
 +  sudo chown root /usr/local/bin/certbot-auto
 +  sudo chmod 0755 /usr/local/bin/certbot-auto
 +
 +But the next step (they suggested''sudo /usr/local/bin/certbot-auto certonly --nginx''), but I tried:
 +
 +  sudo /usr/local/bin/certbot-auto certonly --webroot -w /var/www/html -d pi.dlma.com -d wopr.dlma.com
 +  
 +is broken because it first  an apt-get and Jessie Backports is gone, and then because the pip installation failed Hash verification.
 +
 +==== Problem: Jessie Backports is gone. ====
 +
 +Follow the instructions here: [[https://www.lucas-nussbaum.net/blog/?p=947|Removal of Jessie-Updates and Jessie-Backports from Debian Mirrors]]
 +
 +Remove "<nowiki>deb http://ftp.debian.org/debian jessie-backports main</nowiki>" from ''/etc/apt/sources.list'' and add:
 +
 +  deb http://archive.debian.org/debian/ jessie-backports main contrib non-free
 +  deb-src http://archive.debian.org/debian/ jessie-backports main contrib non-free
 +
 +And then essentially (I did it with a sudo vim session):
 +
 +  echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until
 +  
 +==== Problem pip install hash verification ====
 +
 +[[https://community.letsencrypt.org/t/certbot-auto-certificates-fails-while-installing-phyton-packages-with-these-packages-do-not-match-the-hashes/90363/5|Certbot fails when installing Python packages]]. This can be resolved by deleting the ''/etc/pip.conf'' file:
 +
 +<file bash /etc/pip.conf>
 +[global]
 +extra-index-url=https://www.piwheels.org/simple
 +</file>
 +
 +===== Upgrading Distros =====
 +
 +When upgrading from Jessie to Stretch, I followed this recipe: [[https://pimylifeup.com/upgrade-raspbian-jessie-to-raspbian-stretch/|How to Upgrade Raspbian Jessie to Raspbian Stretch]].
 +
 +I didn't keep PiHole working, as I would get occasional network drops when working from home, and it was resolved when taking PiHole out of the mix. Will probably have to do a fresh install.
 +
 +===== PiHole =====
 +
 +**Note**: I've currently got an incompatibility between PiHole and HTTPS redirecting. So I'm not using CertBot at the moment. Will have to figure that out.
 +
 +PiHole connects to FTL over port 4711.  If FTL were running, it'd have a logfile you could view like so:
 +
 +<code bash>
 +$ cat /var/log/pihole-FTL.log
 +</code>
 +
 +You could also do the following:
 +
 +<code bash>
 +telnet 127.0.0.1 4711
 +>stats
 +</code>
 +
 +or
 +
 +<code bash>
 +echo ">stats" | nc 127.0.0.1 4711
 +</code>
 +
 +If you can't connect, you can see which services are listening like so:
 +
 +<code bash>
 +$ sudo netstat -tulpn
 +$ sudo netstat -tulpn | grep FTL
 +</code>
 +
 +I eventually clued in to my problem here:
 +
 +<code bash>
 +$ pihole-FTL running
 +FATAL: Opening of FTL log (/var/log/pihole-FTL.log) failed!
 +       Make sure it exists and is writeable by user pi
 +raspberrypi:~$ ls -l /var/log/pihole*
 +-rw-r--r-- 1 pihole  pihole        0 Nov 24 20:42 /var/log/pihole-FTL.log
 +-rw-r--r-- 1 pihole  pihole      312 Sep  4 00:00 /var/log/pihole-FTL.log.1
 +-rw-r----- 1 dnsmasq root   18538496 Nov 24 12:46 /var/log/pihole.log
 +-rw-r----- 1 dnsmasq root   15273984 Sep 12 00:00 /var/log/pihole.log.1
 +...
 +raspberrypi:~$ cat /var/log/pihole-FTL.log.1
 +[2017-09-03 15:17:05.038] FATAL: Opening of /var/log/pihole.log failed!
 +[2017-09-03 15:17:05.038]        Make sure it exists and is readable by user pihole
 +$ sudo chmod +r /var/log/pihole.log
 +$ sudo service pihole-FTL restart
 +$ sudo netstat -tulpn | grep FTL
 +tcp        0      0 127.0.0.1:4711          0.0.0.0:              LISTEN      11082/pihole-FTL
 +</code>
 +
 +And eventually discovered that my actual problem was that my log2ram mount was full. After fixing /var/log, I still had to ask pihole to restart its DNS.
 +
 +<code>
 +$ pihole restartdns
 +</code>
 +
 +==== Example PiHole API ====
 +
 +<code>
 +curl "http://pi.hole/admin/api.php?summary" | python -m json.tool
 +</code>
 +
 +===== New ACMEv2 Certbot overwrites /etc/nginx/sites-enabled/default =====
 +
 +We keep backups at ''~/etc_nginx_sites-enabled_default_pihole.backup''.
 +
 +  sudo service nginx restart
 +
 +===== Jessie or earlier: Add piwheels for fast Python pip installations =====
 +
 +If you're not installing Stretch or later, here's [[https://www.piwheels.hostedpi.com/|info on piwheels]]. Add the following to ''/etc/pip.conf'':
 +<file bash /etc/pip.conf>
 +[global]
 +extra-index-url=https://www.piwheels.org/simple
 +</file>
 +
 +====== Keywords ======
 +
 +Keywords: Lets Encrypt, LetsEncrypt, Hole
raspberry-pi.1364924555.txt.gz · Last modified: 2023/04/12 20:44 (external edit)