Add initial development notes
This commit is contained in:
parent
72e9a0ed73
commit
52c65ec7f4
702
notes.txt
Normal file
702
notes.txt
Normal file
|
@ -0,0 +1,702 @@
|
||||||
|
########################################
|
||||||
|
# IMPORTANT CONSIDERATIONS
|
||||||
|
########################################
|
||||||
|
|
||||||
|
This setup does NOT use SSL for anything. Use acme.sh + vhosts + nginx if you really wanna walk that path
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Setup environment
|
||||||
|
########################################
|
||||||
|
https://ubuntu.com/download/raspberry-pi/thank-you?version=20.04&architecture=arm64+raspi
|
||||||
|
boot ubuntu server 64bit
|
||||||
|
ubuntu / ubuntu
|
||||||
|
update to latest of everything
|
||||||
|
apt update && apt install parted wget curl nano tmux vim htop iotop nload
|
||||||
|
ip addr
|
||||||
|
ssh into rpi
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Inspiration
|
||||||
|
########################################
|
||||||
|
|
||||||
|
https://archlinuxarm.org/platforms/armv8/broadcom/raspberry-pi-4#installation
|
||||||
|
https://github.com/phortx/Raspberry-Pi-Setup-Guide
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Prep / install arch linux on micro sd card
|
||||||
|
########################################
|
||||||
|
|
||||||
|
parted /dev/sda
|
||||||
|
mklabel msdos
|
||||||
|
mkpart
|
||||||
|
p
|
||||||
|
[enter]
|
||||||
|
1
|
||||||
|
100M
|
||||||
|
mkpart
|
||||||
|
p
|
||||||
|
[enter]
|
||||||
|
100M
|
||||||
|
-1
|
||||||
|
set 1 boot on
|
||||||
|
set 1 lba on
|
||||||
|
q
|
||||||
|
|
||||||
|
mkfs.vat /dev/sda1
|
||||||
|
mkfs.btrfs /dev/sda2
|
||||||
|
|
||||||
|
mkdir /mnt/arch
|
||||||
|
mount -o nodiratime,noatime,compress /dev/sda2 /mnt/arch
|
||||||
|
mkdir /mnt/arch/boot
|
||||||
|
mount /dev/sda1 /mnt/arch/boot
|
||||||
|
cd /mnt/arch
|
||||||
|
wget http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-4-latest.tar.gz
|
||||||
|
tar -xpf ArchLinuxARM-rpi-4-latest.tar.gz
|
||||||
|
rm ArchLinuxARM-rpi-4-latest.tar.gz
|
||||||
|
|
||||||
|
cat > /mnt/arch/boot/config.txt <<EOF
|
||||||
|
# KmN: Borrowed some stuff from majaro
|
||||||
|
# See /boot/overlays/README for all available options
|
||||||
|
|
||||||
|
gpu_mem=512
|
||||||
|
dtoverlay=miniuart-bt
|
||||||
|
initramfs initramfs-linux.img followkernel
|
||||||
|
disable_overscan=1
|
||||||
|
|
||||||
|
#enable vc4
|
||||||
|
dtoverlay=vc4-fkms-v3d
|
||||||
|
max_framebuffers=1
|
||||||
|
EOF
|
||||||
|
|
||||||
|
nano -w /mnt/arch/boot/cmdline.txt
|
||||||
|
root=mmcblk0p2 rootflags=nodiratime,noatime,compress rw rootwait
|
||||||
|
remove kgdboc=ttyAMA0,115200
|
||||||
|
|
||||||
|
|
||||||
|
parted /dev/sda
|
||||||
|
set 1 boot on
|
||||||
|
set 1 lba on
|
||||||
|
set 2 lba on
|
||||||
|
|
||||||
|
systemctl poweroff
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Arch setup finalization
|
||||||
|
########################################
|
||||||
|
|
||||||
|
swap micro sd cards
|
||||||
|
|
||||||
|
boot into arch
|
||||||
|
login as root with password root
|
||||||
|
|
||||||
|
pacman-key --init
|
||||||
|
pacman-key --populate archlinuxarm
|
||||||
|
|
||||||
|
pacman -Syy
|
||||||
|
pacman -Su
|
||||||
|
systemctl reboot
|
||||||
|
|
||||||
|
userdel alarm
|
||||||
|
|
||||||
|
passwd
|
||||||
|
|
||||||
|
sed -i 's/#Color/Color/' /etc/pacman.conf # Add color to pacman
|
||||||
|
|
||||||
|
pacman -S openssh tmux nano vim htop iotop nload python python-pip wget curl git bash-completion p7zip exfat-utils man-db man-pages btrfs-progs sudo
|
||||||
|
|
||||||
|
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
|
||||||
|
systemctl enable --now sshd
|
||||||
|
systemctl restart sshd
|
||||||
|
|
||||||
|
ip addr
|
||||||
|
|
||||||
|
ln -sf /usr/share/zoneinfo/UTC /etc/localtime
|
||||||
|
timedatectl set-local-rtc 0
|
||||||
|
timedatectl set-ntp true
|
||||||
|
echo LANG=en_US.UTF-8 > /etc/locale.conf
|
||||||
|
sed -i "s/#en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen
|
||||||
|
locale-gen
|
||||||
|
nano -w /etc/hostname
|
||||||
|
nano -w /etc/hosts
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Swap
|
||||||
|
########################################
|
||||||
|
|
||||||
|
mkdir /swap
|
||||||
|
chattr +C /swap
|
||||||
|
fallocate -l 1024M /swap/swap.1
|
||||||
|
chmod 600 /swap/swap.1
|
||||||
|
mkswap /swap/swap.1
|
||||||
|
swapon /swap/swap.1
|
||||||
|
echo 'vm.swappiness=1' > /etc/sysctl.d/99-sysctl.conf
|
||||||
|
echo "/swap/swap.1 none swap defaults 0 0" >> /etc/fstab
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Tweak journald
|
||||||
|
########################################
|
||||||
|
|
||||||
|
mkdir /etc/systemd/journald.conf.d/
|
||||||
|
cat > /etc/systemd/journald.conf.d/00-wall.conf <<EOF
|
||||||
|
[Journal]
|
||||||
|
ForwardToWall=no
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/journald.conf.d/00-journal-size.conf <<EOF
|
||||||
|
[Journal]
|
||||||
|
SystemMaxUse=256M
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/journald.conf.d/00-audit.conf <<EOF
|
||||||
|
[Journal]
|
||||||
|
Audit=no
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/journald.conf.d/00-console.conf <<EOF
|
||||||
|
[Journal]
|
||||||
|
ForwardToConsole=no
|
||||||
|
TTYPath=
|
||||||
|
EOF
|
||||||
|
systemctl restart systemd-journald
|
||||||
|
systemctl mask systemd-journald-audit.socket
|
||||||
|
nano -w /boot/cmdline.txt
|
||||||
|
add audit=0 at end of cmdline
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# rpi tooling setup
|
||||||
|
########################################
|
||||||
|
|
||||||
|
sed -i "s/appendpath '\/usr\/bin'/appendpath '\/usr\/bin'\nappendpath '\/opt\/vc\/bin'/g" /etc/profile
|
||||||
|
source /etc/profile
|
||||||
|
|
||||||
|
|
||||||
|
pacman -S libnewt
|
||||||
|
wget https://raw.github.com/chattama/raspi-config-archlinux/archlinux/raspi-config -O /usr/local/bin/raspi-config
|
||||||
|
chmod a+x /usr/local/bin/raspi-config
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# cpu power / governor
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S cpupower
|
||||||
|
sed -i "s/#governor='ondemand'/governor='powersave'/g" /etc/default/cpupower
|
||||||
|
systemctl enable --now cpupower
|
||||||
|
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# AUR package manager
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S --needed base-devel go
|
||||||
|
useradd yay -s /usr/bin/nologin
|
||||||
|
mkdir /home/yay
|
||||||
|
chown yay: -R /home/yay
|
||||||
|
git clone https://aur.archlinux.org/yay.git /opt/yay
|
||||||
|
chown yay: -R /opt/yay/
|
||||||
|
cd /opt/yay
|
||||||
|
cat > /etc/sudoers.d/yay <<EOF
|
||||||
|
yay ALL=(ALL) NOPASSWD: ALL
|
||||||
|
EOF
|
||||||
|
chmod 600 /etc/sudoers.d/yay
|
||||||
|
sudo -sHu yay makepkg -si
|
||||||
|
cat >> ~/.bashrc <<EOF
|
||||||
|
alias yay="/usr/bin/sudo -sHu yay /usr/bin/yay"
|
||||||
|
EOF
|
||||||
|
source ~/.bashrc
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# prep for slideshow
|
||||||
|
########################################
|
||||||
|
|
||||||
|
# prep storage for pics
|
||||||
|
btrfs subvolume create /tank
|
||||||
|
btrfs subvolume create /tank/pictures
|
||||||
|
# load pictures via rclone/syncthing/scp/etc
|
||||||
|
|
||||||
|
# basic window manager stuffs for making feh work properly
|
||||||
|
yay -S greetd cage xorg-server-xwayland
|
||||||
|
systemctl enable --now greetd
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# setup slide show app
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S feh imagemagick ttf-dejavu
|
||||||
|
# reload 86400 is to refresh the list of images daily -- tune for preferred number of seconds
|
||||||
|
# slideshow-delay is number of seconds (as a float) between images ; tune accordingly
|
||||||
|
useradd -s /usr/bin/nologin -m feh
|
||||||
|
chmod a+rx /tank/pictures
|
||||||
|
pacman -S acl
|
||||||
|
setfacl -m "u:feh:rX" /tank/pictures
|
||||||
|
setfacl -dm "u:feh:rX" /tank/pictures
|
||||||
|
pacman -S incron
|
||||||
|
cat > /etc/incron.d/feh <<EOF
|
||||||
|
/tank/pictures IN_DELETE systemctl restart greetd
|
||||||
|
EOF
|
||||||
|
systemctl enable --now incrond
|
||||||
|
cat > /usr/local/bin/feh-slideshow.sh <<EOF
|
||||||
|
#!/bin/bash
|
||||||
|
/usr/bin/feh --auto-zoom --borderless --fullscreen --hide-pointer --image-bg black --randomize --recursive \
|
||||||
|
--slideshow-delay 300 --reload 86400 \
|
||||||
|
--draw-tinted --draw-exif --draw-filename \
|
||||||
|
--fontpath /usr/share/fonts/TTF/ --font DejaVuSansMono/10 \
|
||||||
|
--verbose \
|
||||||
|
/tank/pictures
|
||||||
|
EOF
|
||||||
|
chmod a+x /usr/local/bin/feh-slideshow.sh
|
||||||
|
cat >> /etc/greetd/config.toml <<EOF
|
||||||
|
[initial_session]
|
||||||
|
command = "/usr/bin/cage /usr/local/bin/feh-slideshow.sh"
|
||||||
|
user = "feh"
|
||||||
|
EOF
|
||||||
|
systemctl restart greetd
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# email notifications via msmtp
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S msmtp msmtp-mta
|
||||||
|
|
||||||
|
cat > /etc/aliases <<EOF
|
||||||
|
# Example aliases file
|
||||||
|
|
||||||
|
# Send root to Joe and Jane
|
||||||
|
root: user@domain.tld
|
||||||
|
|
||||||
|
# Send cron to Mark
|
||||||
|
cron: user@domain.tld
|
||||||
|
|
||||||
|
# Send everything else to admin
|
||||||
|
default: user@domain.tld
|
||||||
|
EOF
|
||||||
|
cat > /etc/msmtprc <<EOF
|
||||||
|
# Accounts will inherit settings from this section
|
||||||
|
defaults
|
||||||
|
auth on
|
||||||
|
tls on
|
||||||
|
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||||
|
|
||||||
|
logfile /var/log/msmtp.log
|
||||||
|
|
||||||
|
from user@domain.tld
|
||||||
|
keepbcc on
|
||||||
|
|
||||||
|
account piframe
|
||||||
|
host email.domain.tld
|
||||||
|
port 587
|
||||||
|
auth on
|
||||||
|
user user@domain.tld
|
||||||
|
password apassword
|
||||||
|
|
||||||
|
# Set a default account
|
||||||
|
account default : piframe
|
||||||
|
|
||||||
|
aliases /etc/aliases
|
||||||
|
EOF
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# Cron (needed for email output of backup jobs)
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S cronie
|
||||||
|
mkdir /etc/systemd/system/cronie.service.d
|
||||||
|
cat > /etc/systemd/system/cronie.service.d/override.conf <<EOF
|
||||||
|
[Service]
|
||||||
|
ExecStart=
|
||||||
|
ExecStart=/usr/bin/crond -n -m '/usr/bin/msmtp -t'
|
||||||
|
EOF
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable --now cronie
|
||||||
|
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# restic backups
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S restic
|
||||||
|
btrfs subvolume create /tank/backup
|
||||||
|
restic init -r /tank/backup
|
||||||
|
cat > /root/restic_backup.sh <<EOF
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
MACHINE=picture-frame
|
||||||
|
ZONE=root
|
||||||
|
|
||||||
|
export RESTIC_REPOSITORY=/tank/backup/
|
||||||
|
export RESTIC_PASSWORD=testing1234
|
||||||
|
|
||||||
|
/usr/bin/restic backup -v -q \
|
||||||
|
--tag $MACHINE --tag $ZONE \
|
||||||
|
/ \
|
||||||
|
--exclude /run \
|
||||||
|
--exclude /snapshots \
|
||||||
|
--exclude /tank \
|
||||||
|
--exclude /scratch \
|
||||||
|
--exclude /proc \
|
||||||
|
--exclude /sys \
|
||||||
|
--exclude /var/lib/schroot/mount \
|
||||||
|
--exclude /var/lib/docker \
|
||||||
|
--exclude /var/lib/lxcfs \
|
||||||
|
--exclude /mnt \
|
||||||
|
--exclude /root/.cache \
|
||||||
|
|
||||||
|
/usr/bin/restic forget -v \
|
||||||
|
--tag $MACHINE --tag $ZONE \
|
||||||
|
--keep-daily=7 \
|
||||||
|
--keep-weekly=4 \
|
||||||
|
--keep-monthly=12 \
|
||||||
|
--keep-yearly 1
|
||||||
|
|
||||||
|
# This can take a very, very long time
|
||||||
|
/usr/bin/restic prune && /usr/bin/restic check
|
||||||
|
EOF
|
||||||
|
chmod a+x /root/restic_backup.sh
|
||||||
|
crontab -e
|
||||||
|
0 7 * * * /root/restic_backup.sh
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# web based admin panel / dashboard / app
|
||||||
|
########################################
|
||||||
|
|
||||||
|
# Remote management on http://ip:9090
|
||||||
|
pacman -S cockpit cockpit-pcp packagekit udisks2 networkmanager firewalld
|
||||||
|
systemctl enable --now firewalld
|
||||||
|
firewall-cmd --zone=public --permanent --add-port=9090/tcp
|
||||||
|
firewall-cmd --zone=public --permanent --add-service=ssh
|
||||||
|
firewall-cmd --reload
|
||||||
|
systemctl enable --now NetworkManager
|
||||||
|
systemctl enable --now cockpit.socket
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# web server w/ useful links
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S lighttpd
|
||||||
|
mkdir /etc/lighttpd/conf.d
|
||||||
|
echo "include \"/etc/lighttpd/conf.d/*.conf\"" >> /etc/lighttpd/lighttpd.conf
|
||||||
|
mkdir /srv/http
|
||||||
|
cat > /srv/http/index.html <<EOF
|
||||||
|
<html>
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<title>PiFrame</title>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<p><a href="http://127.0.0.1:9090">CockPit Web Management</a></p>
|
||||||
|
<p><a href="http://127.0.0.1:2812">Monit Monitoring</a></p>
|
||||||
|
<p><a href="http://127.0.0.1:2813">Munin Monitoring</a></p>
|
||||||
|
<p><a href="http://127.0.0.1:8384">Syncthing Admin Interface</a></p>
|
||||||
|
<p><a href="http://127.0.0.1:9191">Picture File Browser</a></p>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
EOF
|
||||||
|
firewall-cmd --zone=public --permanent --add-service=http
|
||||||
|
firewall-cmd --zone=public --permanent --add-service=https
|
||||||
|
firewall-cmd --reload
|
||||||
|
systemctl enable --now lighttpd
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# system monitoring
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S monit
|
||||||
|
mkdir /etc/monit.d
|
||||||
|
nano -w /etc/monitrc
|
||||||
|
include /etc/monit.d/*
|
||||||
|
set httpd port 2812 and
|
||||||
|
use address 0.0.0.0 # only accept connection from localhost (drop if you use M/Monit)
|
||||||
|
allow admin:monit # require user 'admin' with password 'monit'
|
||||||
|
|
||||||
|
|
||||||
|
set mailserver robomail.nusku.biz port 587
|
||||||
|
username "piframe@robomail.nusku.biz" password "r8QA6AEFaqtCdDjfvzY3gvsX"
|
||||||
|
using tls
|
||||||
|
cat > /etc/monit.d/rootfs <<EOF
|
||||||
|
check filesystem rootfs with path /
|
||||||
|
if space usage > 80% then alert
|
||||||
|
EOF
|
||||||
|
cat > /etc/monit.d/tankfs <<EOF
|
||||||
|
check filesystem tankfs with path /tank
|
||||||
|
if space usage > 80% then alert
|
||||||
|
EOF
|
||||||
|
cat > /etc/monit.d/feh <<EOF
|
||||||
|
check process feh matching /usr/bin/feh
|
||||||
|
start program = "/usr/bin/systemctl start greetd"
|
||||||
|
stop program = "/usr/bin/systemctl stop greetd"
|
||||||
|
if does not exist then alert
|
||||||
|
if does not exist for 2 cycles then restart
|
||||||
|
EOF
|
||||||
|
systemctl enable --now monit
|
||||||
|
firewall-cmd --zone=public --permanent --add-port=2812/tcp
|
||||||
|
firewall-cmd --reload
|
||||||
|
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# system _resource_ monitoring
|
||||||
|
########################################
|
||||||
|
|
||||||
|
pacman -S munin perl-cgi-fast
|
||||||
|
nano -w /etc/munin/munin.conf
|
||||||
|
graph_strategy cgi
|
||||||
|
html_strategy cron
|
||||||
|
[piframe]
|
||||||
|
address 127.0.0.1
|
||||||
|
use_node_name yes
|
||||||
|
chown munin: /var/lib/munin/cgi-tmp
|
||||||
|
chown munin: -R /usr/share/munin/www
|
||||||
|
munin-node-configure --shell # activate useful plugins
|
||||||
|
sudo -sHu munin munin-cron # prime munin data
|
||||||
|
systemctl enable --now munin-node
|
||||||
|
crontab /etc/munin/munin-cron-entry -u munin
|
||||||
|
cat > /etc/lighttpd/lighttpd-munin.conf <<EOF
|
||||||
|
# Apply the following tweaks to the /etc/munin/munin.conf file ahead of running lighttpd for munin
|
||||||
|
## Use cgi rendering for graph and html
|
||||||
|
#graph_strategy cgi
|
||||||
|
#html_strategy cron
|
||||||
|
|
||||||
|
server.username = "munin"
|
||||||
|
server.groupname = "munin"
|
||||||
|
|
||||||
|
server.document-root = "/srv/http"
|
||||||
|
server.port = 2813
|
||||||
|
|
||||||
|
server.errorlog = "/var/log/munin/lighttpd-error.log"
|
||||||
|
dir-listing.activate = "disable"
|
||||||
|
server.modules = (
|
||||||
|
"mod_access",
|
||||||
|
"mod_accesslog",
|
||||||
|
"mod_alias",
|
||||||
|
"mod_rewrite",
|
||||||
|
"mod_redirect",
|
||||||
|
"mod_cgi",
|
||||||
|
"mod_fastcgi",
|
||||||
|
)
|
||||||
|
server.follow-symlink = "enable"
|
||||||
|
index-file.names = ( "index.html", "index.htm" )
|
||||||
|
|
||||||
|
url.redirect += ( "^/*$" => "/munin/" )
|
||||||
|
|
||||||
|
\$HTTP["url"] =~ "/munin-cgi/munin-cgi-graph" {
|
||||||
|
alias.url += ( "/munin-cgi/munin-cgi-graph" => "/usr/share/munin/cgi/munin-cgi-graph" )
|
||||||
|
cgi.assign = ( "" => "" )
|
||||||
|
}
|
||||||
|
|
||||||
|
#alias.url += ( "/munin/static" => "/etc/munin/static" )
|
||||||
|
alias.url += ( "/munin" => "/usr/share/munin/www" )
|
||||||
|
|
||||||
|
mimetype.assign = (
|
||||||
|
".html" => "text/html",
|
||||||
|
".txt" => "text/plain",
|
||||||
|
".css" => "text/css",
|
||||||
|
".js" => "application/x-javascript",
|
||||||
|
".jpg" => "image/jpeg",
|
||||||
|
".jpeg" => "image/jpeg",
|
||||||
|
".gif" => "image/gif",
|
||||||
|
".png" => "image/png",
|
||||||
|
"" => "application/octet-stream"
|
||||||
|
)
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/system/lighttpd-munin.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Lighttpd Web Server (munin)
|
||||||
|
After=syslog.target network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
PrivateTmp=true
|
||||||
|
ExecStart=/usr/bin/lighttpd-angel -D -f /etc/lighttpd/lighttpd-munin.conf
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
KillSignal=SIGINT
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable --now lighttpd-munin
|
||||||
|
firewall-cmd --zone=public --permanent --add-port=2813/tcp
|
||||||
|
firewall-cmd --reload
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# syncthing / rclone / web based file browser
|
||||||
|
########################################
|
||||||
|
|
||||||
|
curl https://rclone.org/install.sh | bash
|
||||||
|
pacman -S syncthing
|
||||||
|
touch /tank/pictures/.stfolder
|
||||||
|
chown feh: /tank/pictures/.stfolder
|
||||||
|
systemctl enable --now syncthing@feh.service # use feh user so perms are right for pics
|
||||||
|
ssh -L 8385:127.0.0.1:8384 user@piframe
|
||||||
|
http://localhost:8385
|
||||||
|
Change settings
|
||||||
|
General
|
||||||
|
Minimum free disk space : 10%
|
||||||
|
Anonymous usage reporting : Disabled
|
||||||
|
GUI
|
||||||
|
Listen address : 0.0.0.0:8384
|
||||||
|
GUI Auth user : admin
|
||||||
|
GUI Auth password : apassword
|
||||||
|
Delete default folder
|
||||||
|
Add /tank/pictures folder
|
||||||
|
Connect to upstream device w/ files you want to sync
|
||||||
|
Setup picture sync as inbound only
|
||||||
|
firewall-cmd --zone=public --permanent --add-port=8384/tcp
|
||||||
|
firewall-cmd --zone=public --permanent --add-port=22000/tcp
|
||||||
|
firewall-cmd --reload
|
||||||
|
|
||||||
|
curl -fsSL https://filebrowser.org/get.sh | bash
|
||||||
|
mkdir /home/feh/filebrowser
|
||||||
|
filebrowser -c /home/feh/filebrowser/pictures.json -d /home/feh/filebrowser/pictures.db \
|
||||||
|
config init
|
||||||
|
filebrowser -c /home/feh/filebrowser/pictures.json -d /home/feh/filebrowser/pictures.db \
|
||||||
|
config set --address 0.0.0.0
|
||||||
|
filebrowser -c /home/feh/filebrowser/pictures.json -d /home/feh/filebrowser/pictures.db \
|
||||||
|
config set --port 9191
|
||||||
|
filebrowser -c /home/feh/filebrowser/pictures.json -d /home/feh/filebrowser/pictures.db \
|
||||||
|
config set --branding.name "PiFrame - Pictures"
|
||||||
|
filebrowser -c /home/feh/filebrowser/pictures.json -d /home/feh/filebrowser/pictures.db \
|
||||||
|
users add admin apassword
|
||||||
|
chown feh: -R /home/feh/filebrowser
|
||||||
|
firewall-cmd --zone=public --permanent --add-port=9191/tcp
|
||||||
|
firewall-cmd --reload
|
||||||
|
cat > /etc/systemd/system/filebrowser-pictures.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Filebrowser - Pictures
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=feh
|
||||||
|
PrivateTmp=true
|
||||||
|
ExecStart=/usr/local/bin/filebrowser -c /home/feh/filebrowser/pictures.json -d /home/feh/filebrowser/pictures.db -r /tank/pictures --img-processors 1 --disable-thumbnails
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable --now filebrowser-pictures
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# wifi setup
|
||||||
|
########################################
|
||||||
|
|
||||||
|
nmtui # final wifi config to keep wires to a minimum (COCKPIT SETUP REQUIRED)
|
||||||
|
# use wifi-menu if not using network manger (network manager is part of cockpit setup)
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# hdmi on/off commands
|
||||||
|
########################################
|
||||||
|
|
||||||
|
vcgencmd get_lcd_info
|
||||||
|
vcgencmd display_power 0
|
||||||
|
vcgencmd display_power 1
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# schedule on/off of monitor
|
||||||
|
########################################
|
||||||
|
|
||||||
|
cat > /etc/systemd/system/screen-on.timer <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Turn on display
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=*-*-* 6:00:00
|
||||||
|
Persistent=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/system/screen-on.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Turn on display
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/opt/vc/bin/vcgencmd display_power 1
|
||||||
|
StandardOutput=journal
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/system/screen-off.timer <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Turn off display
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=*-*-* 00:00:00
|
||||||
|
Persistent=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
||||||
|
EOF
|
||||||
|
cat > /etc/systemd/system/screen-off.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Turn off display
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/opt/vc/bin/vcgencmd display_power 0
|
||||||
|
StandardOutput=journal
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable screen-on.timer
|
||||||
|
systemctl enable screen-off.timer
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# automatic updates (UNWISE)
|
||||||
|
########################################
|
||||||
|
|
||||||
|
auto updates (may be problematic given aur packages)
|
||||||
|
https://bbs.archlinux.org/viewtopic.php?id=247428
|
||||||
|
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# future : ambient light control
|
||||||
|
########################################
|
||||||
|
|
||||||
|
https://www.adafruit.com/product/4463
|
||||||
|
https://www.adafruit.com/product/4681
|
||||||
|
https://learn.adafruit.com/adafruit-bh1750-ambient-light-sensor/python-circuitpython
|
||||||
|
https://www.raspberrypi.org/forums/viewtopic.php?t=145894
|
||||||
|
http://www.ddcutil.com/building/
|
||||||
|
http://www.ddcutil.com/raspberry/
|
||||||
|
https://github.com/raspberrypi/linux/issues/3152
|
||||||
|
|
||||||
|
tweak /boot/config.txt to have dtoverlay=vc4-kms-v3d instead of fkms
|
||||||
|
pacman -S i2c-tools
|
||||||
|
cat > /etc/modules-load.d/i2c.conf <<EOF
|
||||||
|
i2c-dev
|
||||||
|
EOF
|
||||||
|
systemctl reboot
|
||||||
|
lsmod | grep i2c
|
||||||
|
ls /dev/i2c*
|
||||||
|
i2cdetect -r -y 11
|
||||||
|
|
||||||
|
pacman -S ddcutil
|
||||||
|
ddcutil detect
|
||||||
|
ddcutil capabilities
|
||||||
|
ddcutil getcvp
|
||||||
|
ddcutil setvcp
|
||||||
|
ddcutil vcpinfo
|
||||||
|
ddcutil dumpvcp
|
||||||
|
|
||||||
|
|
||||||
|
########################################
|
||||||
|
# future : human detection
|
||||||
|
########################################
|
||||||
|
|
||||||
|
https://www.sparkfun.com/products/14349
|
||||||
|
https://www.sparkfun.com/products/15794
|
||||||
|
https://learn.sparkfun.com/tutorials/qwiic-human-presence-sensor-ak9753-hookup-guide
|
||||||
|
https://github.com/sparkfun/SparkFun_AK975x_Arduino_Library
|
||||||
|
|
||||||
|
|
||||||
|
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
! Misc Notes
|
||||||
|
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
|
||||||
|
https://www.raspberrypi.org/forums/viewtopic.php?f=29&t=24679
|
||||||
|
|
||||||
|
eyyy, 2560x1600 @ 50hz via hdmi on a pi4 is working!
|
||||||
|
|
||||||
|
hdmi_cvt=2560 1600 50 5 0 0 1
|
||||||
|
hdmi_group=2
|
||||||
|
hdmi_mode=88
|
Loading…
Reference in a new issue