====== Raspberry Pi ======
From [[http://www.raspberrypi.org/phpBB3/viewtopic.php?p=137164|this thread on SD cards]], the comment from by carlosfm on Mon Aug 27, 2012 9:46 pm suggests that the **16GB Sandisk Extreme Class 10 45MB/s** working fine on my Pi might be a good card to use.
Also, highly recommended: **Samsung 32GB Class 10 Model Code: MB-SSBGA/US**
Partway down the page, it says there's a debian package to download:
$ wget https://dl.dropbox.com/u/15710882/iozone3_397-2_armhf.deb
$ sudo dpkg -i iozone3_397-2_armhf.deb
$ iozone -e -I -a -s 50M -r 4k -r 512k -r 16M -i 0 -i 1 -i 2 | tee iozone_out.txt
> I was reading the manual for iozone and it said to make sure, for accurate results, to make the -s switch size be TWICE your ram size. My Pi has 512mb so figured minus the 16mb gpu share I'd make it 1000M (for 1gb test file)
Still, there's more to learn. Something about:
just apt-get install bonnie++
===== Debian OS Installation Essentials =====
([[http://blog.philippklaus.de/2012/05/raspberry-pi/|Source]])
passwd
sudo dpkg-reconfigure tzdata
sudo apt-get update && sudo apt-get upgrade
sudo apt-get install vim
sudo apt-get install screen
sudo apt-get install ca-certificates
sudo apt-get install git-core
sudo wget http://goo.gl/1BOfJ -O /usr/bin/rpi-update && sudo chmod +x /usr/bin/rpi-update
sudo rpi-update
sudo shutdown -r now
To be able to listen to audio via the headphone jack. See [[http://www.raspberrypi.org/phpBB3/viewtopic.php?f=6&t=5490|here]], and do this:
sudo apt-get install alsa-utils; sudo modprobe snd_bcm2835; sudo amixer cset numid=3 1
Playing m3u playlists:
mpg123 -@ http://streams.br-online.de/bayern3_2.m3u
Text-based browsing: Either lynx or links
sudo apt-get install lynx
sudo apt-get install links
Maybe ''sudo vim /etc/lynx-cur/lynx.cfg'' and change "#ACCEPT_ALL_COOKIES:FALSE" to "ACCEPT_ALL_COOKIES:TRUE"
===== Logs =====
Consider [[https://github.com/azlux/log2ram|installing log2ram]] to extend the life of your SDCard by writing logs to RAM first.
When there are problems, check for logs in ''/var/log/syslog'' or ''/var/log/messages''.
I think we need to update ''/etc/systemd/system/log2ram.service'' to make log2ram come after nginx, like so...
[Unit]
Description=Log2Ram
DefaultDependencies=no
Before=basic.target rsyslog.service syslog.target systemd-journald.service sysinit.target shutdown.target apache2.service nginx.service
After=local-fs.target
Conflicts=shutdown.target reboot.target halt.target
RequiresMountsFor=/var/log /var/hdd.log
IgnoreOnIsolate=yes
[Service]
Type=oneshot
ExecStart= /usr/local/bin/log2ram start
ExecStop= /usr/local/bin/log2ram stop
ExecReload= /usr/local/bin/log2ram write
RemainAfterExit=yes
[Install]
WantedBy=sysinit.target
Otherwise, it turns out that log2ram does screw up nginx's ability to start on power-cycle. Maybe need something like the following...
#!/usr/bin/env bash
# The tool we use to save flash affects the startup of nginx
if [ ! -d "/var/log/nginx" ]; then
sudo mkdir /var/log/nginx
fi
# if service --status-all | grep -Fq '[ - ] nginx'; then
if ! service nginx status | grep -Fq 'active (running)'; then
sudo /etc/init.d/nginx start > /dev/null
# systemctl start nginx
fi
===== Keyboard Repeat Problem =====
[[http://elinux.org/R-Pi_Troubleshooting#R-Pi_does_not_respond_to_key_presses_.2F_Keyboard_randomly_repeats_key_presses|They claim it's often a power problem.]]
> Forum user MrEngman reported some keyboard repeats and wireless hangs until upgrading to the debian6-19-04-2012 kernel, which he reports stable with no problems even with a low TP1-TP2 voltage of 4.65 - 4.68 volts.
To see which version you have:
$ cat /proc/version
Try plugging the keyboard and mouse directly into the Raspberry Pi, and see what happens.
===== Camera =====
A list of [[http://elinux.org/RPi_USB_Webcams|tested webcams]].
Here's a [[http://www.raspberrypi.org/phpBB3/viewtopic.php?f=46&t=39470|Python script for saving jpg images]].
Here's [[https://medium.com/p/2d5a2d61da3d|a tutorial that suggests using motion]].
Video Tutorials:
* [[https://www.youtube.com/watch?v=NVrqNaLxU_g|Raspberry Pi Webcam Server Tutorial (Live Stream)]]
* [[https://www.youtube.com/watch?v=H1jSudsIJfA|Raspberry Pi as a Webcam Server]]
===== Headless Xwin =====
How to [[http://jeffskinnerbox.wordpress.com/2012/09/09/raspberry-pi-has-arrived/|run X Windows on the Raspberry Pi and use the PC as your X Terminal]].
===== Apache vs Cherokee vs Nginx Webserver =====
[[http://www.wikihow.com/Make-a-Raspberry-Pi-Web-Server]]
Looks like [[http://www.jeremymorgan.com/blog/programming/raspberry-pi-web-server-comparison/|I should use Nginx]].
How to [[http://en.joscandreu.com/blog/install-php-raspberrypi/|Install nginx and PHP]]. And should I need to do something that'd require .htaccess or mod_rewrite, here's a [[http://blog.martinfjordvald.com/2011/02/nginx-primer-2-from-apache-to-nginx/|Nginx Primer from Apache to Nginx]].
It'd be interesting to see [[http://docs.getpelican.com/en/latest/getting_started.html|Pelican]] [[http://www.instructables.com/id/Host-your-own-blog-from-a-25-Raspberry-Pi-compute/|work on a Raspberry Pi]] running Nginx.
**Note**: See history-of-nginx-start.txt, and note that the web server files are at /var/www
===== Backup =====
(Old link: [[http://lifehacker.com/how-to-clone-your-raspberry-pi-sd-card-for-super-easy-r-1261113524|How to Clone Your Raspberry Pi SD Card for Super Easy Reinstallations]])
I put the microSD in the SamSung SD Adaptor, and [[https://thepihut.com/blogs/raspberry-pi-tutorials/17789160-backing-up-and-restoring-your-raspberry-pis-sd-card|used Win32 Disk Imager]] to make a backup at H:\RasberryPi2.img
==== Reading from Device to Image File ====
* Specify a new Image File name. (On a big disk.)
* Select "Read" to read form the Raspberry Pi's card to the file on disk.
==== Writing from Image File to SD Card ====
* Specify an existing Image File.
* Select "Write" to write from the file on disk to the Raspberry Pi's card.
My Raspberry Pi is up-to-date as of 2017-02-05.
===== Cert Bot =====
- https://certbot.eff.org/#debianjessie-nginx
- Fix it with this recipe: https://github.com/certbot/certbot/issues/2673 (Maybe not needed!)
This seems useful: https://bjornjohansen.no/letsencrypt-nginx
In detail:
1. Add Backports to /etc/apt/sources.list as per https://backports.debian.org/Instructions/
2. Do the apt-get
sudo apt-get install certbot -t jessie-backports
3. Run certbot
sudo certbot certonly --webroot -w /var/www/html -d pi.dlma.com -d wopr.dlma.com
You should find that /etc/letsencrypt/live is populated with files like pi.dlma.com/cert1
4. Renew (and reload if successful) with
sudo certbot renew && /usr/sbin/service nginx reload
5. Consider using a root cronjob
sudo crontab -e
0 5 * * 0 certbot renew --post-hook "service nginx reload" >> /home/pi/letsencrypt-renew.log
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/pi.dlma.com/fullchain.pem. Your cert will
expire on 2017-09-31. To obtain a new or tweaked version of this
certificate in the future, simply run certbot again. To
non-interactively renew *all* of your certificates, run "certbot
renew"
- If you lose your account credentials, you can recover through
e-mails sent to david.blume@gmail.com.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
6. Port forward ports 80 and 443. At the local router:
http://router.asus.com/Advanced_VirtualServer_Content.asp
WAN -> Virtual Server / Port Forwarding
7. Update nginx
https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-16-04
Update /etc/nginx/sites-available/default as per this [[https://www.nginx.com/blog/nginx-https-101-ssl-basics-getting-started/|Getting Started guide from Nginx]].
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name pi.dlma.com;
return 301 https://$server_name$request_uri;
}
server {
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/pi.dlma.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pi.dlma.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/pi.dlma.com/chain.pem;
...
**TODO**: Maybe figure out [[https://www.nginx.com/blog/nginx-https-101-ssl-basics-getting-started/|how to redirect http://wopr.dlma.com to https://wopr.dlma.com]].
Then check and restart nginx:
$ sudo nginx -t
$ sudo systemctl restart nginx
**TODO**: Renew with ''certbot renew --quiet'' as per [[https://certbot.eff.org/#debianjessie-nginx|certbot]] or [[https://bjornjohansen.no/letsencrypt-nginx|manually]].
===== Updating CertBot to use ACMEv2 =====
Got an email from the EFF saying my current CertBot client uses ACMEv1 and it needs to be upgraded. Followed some instructions here:[[https://certbot.eff.org/lets-encrypt/debianother-nginx|Debian Jessie instructions from the EFF]].
sudo apt-get remove certbot
wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto
But the next step (they suggested''sudo /usr/local/bin/certbot-auto certonly --nginx''), but I tried:
sudo /usr/local/bin/certbot-auto certonly --webroot -w /var/www/html -d pi.dlma.com -d wopr.dlma.com
is broken because it first an apt-get and Jessie Backports is gone, and then because the pip installation failed Hash verification.
==== Problem: Jessie Backports is gone. ====
Follow the instructions here: [[https://www.lucas-nussbaum.net/blog/?p=947|Removal of Jessie-Updates and Jessie-Backports from Debian Mirrors]]
Remove "deb http://ftp.debian.org/debian jessie-backports main" from ''/etc/apt/sources.list'' and add:
deb http://archive.debian.org/debian/ jessie-backports main contrib non-free
deb-src http://archive.debian.org/debian/ jessie-backports main contrib non-free
And then essentially (I did it with a sudo vim session):
echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until
==== Problem pip install hash verification ====
[[https://community.letsencrypt.org/t/certbot-auto-certificates-fails-while-installing-phyton-packages-with-these-packages-do-not-match-the-hashes/90363/5|Certbot fails when installing Python packages]]. This can be resolved by deleting the ''/etc/pip.conf'' file:
[global]
extra-index-url=https://www.piwheels.org/simple
===== Upgrading Distros =====
When upgrading from Jessie to Stretch, I followed this recipe: [[https://pimylifeup.com/upgrade-raspbian-jessie-to-raspbian-stretch/|How to Upgrade Raspbian Jessie to Raspbian Stretch]].
I didn't keep PiHole working, as I would get occasional network drops when working from home, and it was resolved when taking PiHole out of the mix. Will probably have to do a fresh install.
===== PiHole =====
**Note**: I've currently got an incompatibility between PiHole and HTTPS redirecting. So I'm not using CertBot at the moment. Will have to figure that out.
PiHole connects to FTL over port 4711. If FTL were running, it'd have a logfile you could view like so:
$ cat /var/log/pihole-FTL.log
You could also do the following:
telnet 127.0.0.1 4711
>stats
or
echo ">stats" | nc 127.0.0.1 4711
If you can't connect, you can see which services are listening like so:
$ sudo netstat -tulpn
$ sudo netstat -tulpn | grep FTL
I eventually clued in to my problem here:
$ pihole-FTL running
FATAL: Opening of FTL log (/var/log/pihole-FTL.log) failed!
Make sure it exists and is writeable by user pi
raspberrypi:~$ ls -l /var/log/pihole*
-rw-r--r-- 1 pihole pihole 0 Nov 24 20:42 /var/log/pihole-FTL.log
-rw-r--r-- 1 pihole pihole 312 Sep 4 00:00 /var/log/pihole-FTL.log.1
-rw-r----- 1 dnsmasq root 18538496 Nov 24 12:46 /var/log/pihole.log
-rw-r----- 1 dnsmasq root 15273984 Sep 12 00:00 /var/log/pihole.log.1
...
raspberrypi:~$ cat /var/log/pihole-FTL.log.1
[2017-09-03 15:17:05.038] FATAL: Opening of /var/log/pihole.log failed!
[2017-09-03 15:17:05.038] Make sure it exists and is readable by user pihole
$ sudo chmod +r /var/log/pihole.log
$ sudo service pihole-FTL restart
$ sudo netstat -tulpn | grep FTL
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 11082/pihole-FTL
And eventually discovered that my actual problem was that my log2ram mount was full. After fixing /var/log, I still had to ask pihole to restart its DNS.
$ pihole restartdns
==== Example PiHole API ====
curl "http://pi.hole/admin/api.php?summary" | python -m json.tool
===== New ACMEv2 Certbot overwrites /etc/nginx/sites-enabled/default =====
We keep backups at ''~/etc_nginx_sites-enabled_default_pihole.backup''.
sudo service nginx restart
===== Jessie or earlier: Add piwheels for fast Python pip installations =====
If you're not installing Stretch or later, here's [[https://www.piwheels.hostedpi.com/|info on piwheels]]. Add the following to ''/etc/pip.conf'':
[global]
extra-index-url=https://www.piwheels.org/simple
====== Keywords ======
Keywords: Lets Encrypt, LetsEncrypt, Hole