Finish up initial migration to ubuntu for docs

This commit is contained in:
KemoNine 2020-08-03 16:03:07 +00:00
parent ff211ac1b1
commit b3140d5ced
14 changed files with 168 additions and 174 deletions

View file

@ -14,17 +14,17 @@ Items marked ```REQUIRED``` are assumed to be setup and working. You've been war
* [Base Firmware (REQUIRED)](base.md) * [Base Firmware (REQUIRED)](base.md)
* [Finalize Setup (REQUIRED)](finalize_setup.md) * [Finalize Setup (REQUIRED)](finalize_setup.md)
* [Setup swap (REQUIRED)](swap.md) * [Setup swap (REQUIRED)](swap.md)
* [CPU Governor](cpu_governor.md) * [Additional Networking Setup (REQUIRED)](networking.md)
* [Slideshow Prep (REQUIRED)](slideshow_prep.md) * [Slideshow Prep (REQUIRED)](slideshow_prep.md)
* [Slideshow Setup (REQUIRED)](slideshow.md) * [Slideshow Setup (REQUIRED)](slideshow.md)
* [Email Notifications (REQUIRED)](email_notifications.md) * [Email Notifications (REQUIRED)](email_notifications.md)
* [cron / Scheduler (REQUIRED)](cron.md)
* [Backups via restic](restic.md)
* [Additional Networking Setup (REQUIRED)](cockpit.md)
* [Web Dashboard / Landing Page](landing_page.md)
* [System Monitoring (REQUIRED)](monit.md) * [System Monitoring (REQUIRED)](monit.md)
* [Resource Monitoring](munin.md) * [HDMI Scheduled On/Off](scheduled_display.md)
* [CPU Governor](cpu_governor.md)
* [Backups via restic](restic.md)
* [Web Based Administration](cockpit.md)
* [Web Dashboard / Landing Page](landing_page.md)
* [Web File Manager (Picture Sync)](filebrowser.md) * [Web File Manager (Picture Sync)](filebrowser.md)
* [SyncThing (Picture Sync)](syncthing.md) * [SyncThing (Picture Sync)](syncthing.md)
* [rclone (Picture Sync)](rclone.md) * [rclone (Picture Sync)](rclone.md)
* [HDMI Scheduled On/Off](scheduled_display.md) * [Resource Monitoring](munin.md)

View file

@ -2,17 +2,12 @@
The below commands will setup ```cockpit``` so you can manage your PiFrame from a web browser. This is wholly optional but can be useful when ssh/serial terminal access aren't available. The below commands will setup ```cockpit``` so you can manage your PiFrame from a web browser. This is wholly optional but can be useful when ssh/serial terminal access aren't available.
If you don't want the admin UI you still should install ```NetworkManager``` and ```firewalld``` as the rest of the documentation assumes these are installed.
``` sh ``` sh
# Remote management on http://ip:9090 # Remote management on http://ip:9090
pacman -S cockpit cockpit-pcp packagekit udisks2 networkmanager firewalld apt install cockpit
systemctl enable --now firewalld
firewall-cmd --zone=public --permanent --add-port=9090/tcp firewall-cmd --zone=public --permanent --add-port=9090/tcp
firewall-cmd --zone=public --permanent --add-service=ssh
firewall-cmd --reload firewall-cmd --reload
systemctl enable --now NetworkManager
systemctl enable --now cockpit.socket systemctl enable --now cockpit.socket
``` ```

View file

@ -1,23 +0,0 @@
# cron/Scheduler
The below commands will setup a cron daemon (scheduler) for running things like backups, statistic gathering and more via a schedule. While technically not required, we *strongly* recommend using cron for backups so you get the output via e-mail (or similar). This is also required if you want to monitor resource utilization via ```munin```.
## Important Notes
* This assumes you have setup ```msmtp``` for email notifications
## Setup
``` sh
pacman -S cronie
mkdir /etc/systemd/system/cronie.service.d
cat > /etc/systemd/system/cronie.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/bin/crond -n -m '/usr/bin/msmtp -t'
EOF
systemctl daemon-reload
systemctl enable --now cronie
```

View file

@ -12,7 +12,7 @@ This is optional but strongly recommended to setup.
``` sh ``` sh
pacman -S msmtp msmtp-mta apt install msmtp msmtp-mta
cat > /etc/aliases <<EOF cat > /etc/aliases <<EOF
# Example aliases file # Example aliases file

View file

@ -13,18 +13,18 @@ The below will setup ```filebrowser``` as a file manager for your photos on the
``` sh ``` sh
curl -fsSL https://filebrowser.org/get.sh | bash curl -fsSL https://filebrowser.org/get.sh | bash
mkdir /home/feh/filebrowser mkdir /home/fim/filebrowser
filebrowser -c /home/feh/filebrowser/pictures.config \ filebrowser -d /home/fim/filebrowser/pictures.db \
config init config init
filebrowser -c /home/feh/filebrowser/pictures.config \ filebrowser -d /home/fim/filebrowser/pictures.db \
config set --address 0.0.0.0 config set --address 0.0.0.0
filebrowser -c /home/feh/filebrowser/pictures.config \ filebrowser -d /home/fim/filebrowser/pictures.db \
config set --port 9191 config set --port 9191
filebrowser -c /home/feh/filebrowser/pictures.config \ filebrowser -d /home/fim/filebrowser/pictures.db \
config set --branding.name "PiFrame - Pictures" config set --branding.name "PiFrame - Pictures"
filebrowser -c /home/feh/filebrowser/pictures.config \ filebrowser -d /home/fim/filebrowser/pictures.db \
users add admin apassword users add admin apassword
chown feh: -R /home/feh/filebrowser chown fim: -R /home/fim/filebrowser
firewall-cmd --zone=public --permanent --add-port=9191/tcp firewall-cmd --zone=public --permanent --add-port=9191/tcp
firewall-cmd --reload firewall-cmd --reload
cat > /etc/systemd/system/filebrowser-pictures.service <<EOF cat > /etc/systemd/system/filebrowser-pictures.service <<EOF
@ -33,9 +33,9 @@ Description=Filebrowser - Pictures
After=network.target After=network.target
[Service] [Service]
User=feh User=fim
PrivateTmp=true PrivateTmp=true
ExecStart=/usr/local/bin/filebrowser -c /home/feh/filebrowser/pictures.config -d /home/feh/filebrowser/pictures.db -r /tank/pictures --img-processors 1 --disable-thumbnails ExecStart=/usr/local/bin/filebrowser -d /home/fim/filebrowser/pictures.db -r /tank/pictures --img-processors 1 --disable-thumbnails
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -32,7 +32,7 @@ systemctl reboot
sudo -sHu root /bin/bash sudo -sHu root /bin/bash
# Useful packages # Useful packages
apt install build-essential cmake nano tmux vim htop iotop nload git apt install build-essential cmake nano tmux vim htop iotop nload git net-tools
# Raspberry Pi tools # Raspberry Pi tools
apt install linux-tools-raspi apt install linux-tools-raspi

View file

@ -16,11 +16,8 @@ The below commands will setup a basic web server and a landing page for your PiF
# web server w/ useful links # web server w/ useful links
######################################## ########################################
pacman -S lighttpd apt install lighttpd
mkdir /etc/lighttpd/conf.d cat > /var/www/html/index.html <<EOF
echo "include \"/etc/lighttpd/conf.d/*.conf\"" >> /etc/lighttpd/lighttpd.conf
mkdir /srv/http
cat > /srv/http/index.html <<EOF
<html> <html>
<head> <head>

View file

@ -4,32 +4,31 @@ The below commands will setup ```monit``` to track key elements of the PiFrame h
``` sh ``` sh
pacman -S monit apt install monit
mkdir /etc/monit.d nano -w /etc/monit/monitrc
nano -w /etc/monitrc
include /etc/monit.d/*
set httpd port 2812 and set httpd port 2812 and
use address 0.0.0.0 use address 0.0.0.0
allow admin:monit allow admin:monit
set mailserver domain.tld port 587 set mailserver domain.tld port 587
username "piframe@domain.tld" password "apassword" username "piframe@domain.tld" password "apassword"
using tls using tls
cat > /etc/monit.d/rootfs <<EOF cat > /etc/monit/conf.d/rootfs <<EOF
check filesystem rootfs with path / check filesystem rootfs with path /
if space usage > 80% then alert if space usage > 80% then alert
EOF EOF
cat > /etc/monit.d/tankfs <<EOF cat > /etc/monit/conf.d/tankfs <<EOF
check filesystem tankfs with path /tank check filesystem tankfs with path /tank
if space usage > 80% then alert if space usage > 80% then alert
EOF EOF
cat > /etc/monit.d/feh <<EOF cat > /etc/monit/conf.d/fim <<EOF
check process feh matching /usr/bin/feh check process fim matching /usr/bin/fim
start program = "/usr/bin/systemctl start greetd" start program = "/usr/bin/systemctl start fim"
stop program = "/usr/bin/systemctl stop greetd" stop program = "/usr/bin/systemctl stop fim"
if does not exist then alert if does not exist then alert
if does not exist for 2 cycles then restart if does not exist for 2 cycles then restart
EOF EOF
systemctl enable --now monit systemctl enable --now monit
systemctl restart monit
firewall-cmd --zone=public --permanent --add-port=2812/tcp firewall-cmd --zone=public --permanent --add-port=2812/tcp
firewall-cmd --reload firewall-cmd --reload

View file

@ -1,94 +1,96 @@
# Resource Monitoring # Resource Monitoring
The below commands will setup ```munin``` for monitoring resource utilization on your PiFrame. This is wholly optional but can provide insights if your PiFrame is exhibiting odd behavior. The below commands will setup ```munin``` for monitoring resource utilization on your PiFrame. This is wholly optional but can provide insights if your PiFrame is exhibiting odd behavior.
## Important Notes ## Important Notes
* This setup will deploy a *dedicated instance* of ```lighttpd``` to handle access to the ```munin``` data. Given how lean ```lighttpd``` is on resources, this saves many hassles with virtual hosts and the like. * This setup will deploy a *dedicated instance* of ```lighttpd``` to handle access to the ```munin``` data. Given how lean ```lighttpd``` is on resources, this saves many hassles with virtual hosts and the like.
* This setup uses cgi to generate ```munin``` graphs. The Raspberry Pi cpu can take awhile to generate graphs. Please be patient. This approach was chosen to keep ```munin``` from consuming resource generating graphs every time it collects statistics. This also helps prevent excessive disk writes to the micro sd card extending its life. * This setup uses cgi to generate ```munin``` graphs. The Raspberry Pi cpu can take awhile to generate graphs. Please be patient. This approach was chosen to keep ```munin``` from consuming resource generating graphs every time it collects statistics. This also helps prevent excessive disk writes to the micro sd card extending its life.
## Setup ## Setup
``` sh ``` sh
pacman -S munin perl-cgi-fast apt install munin
nano -w /etc/munin/munin.conf nano -w /etc/munin/munin.conf
graph_strategy cgi graph_strategy cgi
html_strategy cron html_strategy cron
[piframe] [piframe]
address 127.0.0.1 address 127.0.0.1
use_node_name yes use_node_name yes
chown munin: /var/lib/munin/cgi-tmp touch /var/log/munin/munin-cgi-graph.log
chown munin: -R /usr/share/munin/www chown munin: /var/log/munin/munin-cgi-graph.log
munin-node-configure --shell # activate useful plugins munin-node-configure --shell # activate useful plugins
sudo -sHu munin munin-cron # prime munin data sudo -sHu munin munin-cron # prime munin data
systemctl enable --now munin-node systemctl enable --now munin-node
crontab /etc/munin/munin-cron-entry -u munin systemctl restart munin-node
cat > /etc/lighttpd/lighttpd-munin.conf <<EOF cat > /etc/lighttpd/lighttpd-munin.conf <<EOF
# Apply the following tweaks to the /etc/munin/munin.conf file ahead of running lighttpd for munin # Apply the following tweaks to the /etc/munin/munin.conf file ahead of running lighttpd for munin
## Use cgi rendering for graph and html ## Use cgi rendering for graph and html
#graph_strategy cgi #graph_strategy cgi
#html_strategy cron #html_strategy cron
server.username = "munin" server.username = "munin"
server.groupname = "munin" server.groupname = "munin"
server.document-root = "/srv/http" server.document-root = "/var/www/html"
server.port = 2813 server.port = 2813
server.errorlog = "/var/log/munin/lighttpd-error.log" server.errorlog = "/dev/stdout"
dir-listing.activate = "disable" accesslog.filename = "/dev/stdout"
server.modules = ( dir-listing.activate = "disable"
"mod_access", server.modules = (
"mod_accesslog", "mod_access",
"mod_alias", "mod_accesslog",
"mod_rewrite", "mod_alias",
"mod_redirect", "mod_rewrite",
"mod_cgi", "mod_redirect",
"mod_fastcgi", "mod_cgi",
) "mod_fastcgi",
server.follow-symlink = "enable" )
index-file.names = ( "index.html", "index.htm" ) server.pid-file = "/run/lighttpd-munin.pid"
server.follow-symlink = "enable"
url.redirect += ( "^/*$" => "/munin/" ) index-file.names = ( "index.html", "index.htm" )
\$HTTP["url"] =~ "/munin-cgi/munin-cgi-graph" { url.redirect += ( "^/*$" => "/munin/" )
alias.url += ( "/munin-cgi/munin-cgi-graph" => "/usr/share/munin/cgi/munin-cgi-graph" )
cgi.assign = ( "" => "" ) \$HTTP["url"] =~ "/munin-cgi/munin-cgi-graph" {
} alias.url += ( "/munin-cgi/munin-cgi-graph" => "/usr/lib/munin/cgi/munin-cgi-graph" )
cgi.assign = ( "" => "" )
#alias.url += ( "/munin/static" => "/etc/munin/static" ) }
alias.url += ( "/munin" => "/usr/share/munin/www" )
alias.url += ( "/munin/static" => "/etc/munin/static" )
mimetype.assign = ( alias.url += ( "/munin" => "/var/cache/munin/www" )
".html" => "text/html",
".txt" => "text/plain", mimetype.assign = (
".css" => "text/css", ".html" => "text/html",
".js" => "application/x-javascript", ".txt" => "text/plain",
".jpg" => "image/jpeg", ".css" => "text/css",
".jpeg" => "image/jpeg", ".js" => "application/x-javascript",
".gif" => "image/gif", ".jpg" => "image/jpeg",
".png" => "image/png", ".jpeg" => "image/jpeg",
"" => "application/octet-stream" ".gif" => "image/gif",
) ".png" => "image/png",
EOF "" => "application/octet-stream"
cat > /etc/systemd/system/lighttpd-munin.service <<EOF )
[Unit] EOF
Description=Lighttpd Web Server (munin) cat > /etc/systemd/system/lighttpd-munin.service <<EOF
After=syslog.target network.target [Unit]
Description=Lighttpd Web Server (munin)
[Service] After=syslog.target network.target
PrivateTmp=true
ExecStart=/usr/bin/lighttpd-angel -D -f /etc/lighttpd/lighttpd-munin.conf [Service]
ExecReload=/bin/kill -HUP $MAINPID PrivateTmp=true
KillSignal=SIGINT ExecStart=/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd-munin.conf
ExecReload=/bin/kill -HUP $MAINPID
[Install] KillSignal=SIGINT
WantedBy=multi-user.target
EOF [Install]
systemctl daemon-reload WantedBy=multi-user.target
systemctl enable --now lighttpd-munin EOF
firewall-cmd --zone=public --permanent --add-port=2813/tcp systemctl daemon-reload
firewall-cmd --reload systemctl enable --now lighttpd-munin
firewall-cmd --zone=public --permanent --add-port=2813/tcp
``` firewall-cmd --reload
```

31
docs/networking.md Normal file
View file

@ -0,0 +1,31 @@
# Networking Setup
The below commands will setup ```NetworkManager``` and ```firewalld``` for the networking infrastructure. These tools are a bit easier to work with via the web (See the Cockpit docs) and NetworkManager is commonly found when working with Raspberry Pi Documentation. We have kept ufw for the time being as a lot of Ubuntu meta packages assume it to be present.
``` sh
apt install network-manager firewalld
rm /etc/netplan/50-cloud-init.yaml
systemctl disable systemd-networkd.service
systemctl mask systemd-networkd.service
systemctl stop systemd-networkd.service
cat > /etc/netplan/50-cloud-init.yaml <<EOF
network:
version: 2
renderer: NetworkManager
EOF
netplan generate
ufw disable
systemctl disable ufw
firewall-cmd --zone=public --permanent --add-service=ssh
firewall-cmd --reload
systemctl enable --now NetworkManager
systemctl enable --now firewalld
# Setup Ethernet
# Setup by the above netplan tweaks
# Setup Wifi (optional)
nmtui
```

View file

@ -16,7 +16,11 @@ The below commands will setup a **local** backup of your photo frame using ```re
# restic backups # restic backups
######################################## ########################################
pacman -S restic wget https://github.com/restic/restic/releases/download/v0.9.6/restic_0.9.6_linux_arm64.bz2
bunzip2 restic_0.9.6_linux_arm64.bz2
mv restic_0.9.6_linux_arm64 /usr/local/bin/restic
chmod a+x /usr/local/bin/restic
restic self-update
btrfs subvolume create /tank/backup btrfs subvolume create /tank/backup
restic init -r /tank/backup restic init -r /tank/backup
cat > /root/restic_backup.sh <<EOF cat > /root/restic_backup.sh <<EOF

View file

@ -211,7 +211,7 @@ systemctl daemon-reload
systemctl enable --now no-cursor-tty1 systemctl enable --now no-cursor-tty1
systemctl enable --now fim systemctl enable --now fim
apt install incron apt install incron
cat > /etc/incron.d/feh <<EOF cat > /etc/incron.d/fim <<EOF
/tank/pictures IN_DELETE systemctl restart fim /tank/pictures IN_DELETE systemctl restart fim
EOF EOF
systemctl enable --now incrond systemctl enable --now incrond

View file

@ -4,10 +4,12 @@ The below will setup ```syncthing``` and give some basics for setup. This is who
``` sh ``` sh
pacman -S syncthing curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
apt update & apt install syncthing
touch /tank/pictures/.stfolder touch /tank/pictures/.stfolder
chown feh: /tank/pictures/.stfolder chown fim: /tank/pictures/.stfolder
systemctl enable --now syncthing@feh.service # use feh user so perms are right for pics systemctl enable --now syncthing@fim.service # use feh user so perms are right for pics
ssh -L 8385:127.0.0.1:8384 user@piframe ssh -L 8385:127.0.0.1:8384 user@piframe
http://localhost:8385 http://localhost:8385
Change settings Change settings

View file

@ -1,13 +0,0 @@
# WiFi
Below are some handy commands and notes regarding WiFi on the Raspberry Pi 4.
``` sh
# Wifi config using NetworkManager
nmtui
# Vanilla WiFi config (you probably don't want this if you're following our docs)
wifi-menu
```