RaspberryPi

From dbawiki
Jump to: navigation, search

Install Raspbian using img file[edit]

On a Mac, use Etcher and point it at the downloaded image file, or ...

  • Format the SD card using SDCardFormatter
  • Check where the SD card is mounted
mbpi7:.ssh stuart$ df -g
Filesystem    1G-blocks Used Available Capacity   iused    ifree %iused  Mounted on
/dev/disk0s2        237   47       189    21%  12608239 49696631   20%   /
devfs                 0    0         0   100%       724        0  100%   /dev
/dev/disk1s2        931  637       293    69% 167108601 76998065   68%   /Volumes/data
map -hosts            0    0         0   100%         0        0  100%   /net
map auto_home         0    0         0   100%         0        0  100%   /home
/dev/disk2s1          3    0         3     1%         0        0  100%   /Volumes/UNTITLED 4

We see here it is mounted on /Volumes/UNTITLED 4

  • Unmount the SD card using Disk Utility or
sudo umount /Volumes/UNTITLED\ 4/
  • Copy the image file to the SD card
sudo dd if=../Downloads/2014-01-07-wheezy-raspbian.img of=/dev/rdisk2 bs=1m

Backup your Raspberry Pi SD card to an image file[edit]

After the OS is installed, up to date, upgraded and just how you want it, keep a copy to save time if it crashes
First find out the name of the Pi's disk 

diskutil list

Do the copy 

sudo dd bs=1m if=/dev/rdisk2 of=raspi_20140108.img

For the geeks, kill -29 makes dd report its status to stderr

Enable remote SSH access[edit]

Either:

  • mount the sd card on another computer and create an empty file named 'ssh' on the boot filesystem, or
sudo systemctl enable ssh
sudo systemctl start ssh

How to install a Raspberry Pi SMS Server[edit]

Send text messages via a 3G GSM modem from your applications[edit]

Use Pushbullet - no cost option[edit]

Autoboot the wlan0 wireless lan interface on Raspberry Pi[edit]

root@raspberrypi:/# cat /etc/network/interfaces 
auto lo

iface lo inet loopback
iface eth0 inet dhcp

#allow-hotplug wlan0
#iface wlan0 inet manual
#wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
#iface default inet dhcp


auto wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
wpa-ssid "<SSID>"
wpa-psk "<PASSPHRASE>"


iface default inet dhcp

or, for later versions... 

vi /etc/network/interfaces

allow-hotplug wlan0
iface wlan0 inet manual
    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

vi /etc/wpa_supplicant/wpa_supplicant.conf

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
network={
    ssid="YOUR_NETWORK_NAME"
    psk="YOUR_PASSWORD"
    key_mgmt=WPA-PSK
}

or on later versions of Raspbian, with the card in your computer, place a file named wpa_supplicant.conf on the boot filesystem containing the WiFi network and it's password and you are done! 

vi /boot/wpa_supplicant.conf

and put this info in it (adjust as necessary) 

country=BE
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
 
network={
    ssid="<your_ssid>"
    psk="<your_password>"
    key_mgmt=WPA-PSK
}

This file then gets copied at boot time to /etc/wpa_supplicant/wpa_supplicant.conf
or, if using RetroPie...
With the SD card in your computer, place a file named wifikeyfile.txt on the boot filesystem containing the WiFi network and it's password and you are done! 

vi /boot/wifikeyfile.txt

ssid="WIFI SSID"
psk="wifi passphrase"

Mount an NFS share[edit]

  • Ready made tutorial here

Assign a fixed IP address (to the wireless adapter in the case)[edit]

Get the current IP address and other info 

ifconfig -a

We're interested in these bits: 

wlan0
          inet addr:192.168.1.15  Bcast:192.168.1.255  Mask:255.255.255.0

Get the router/gateway address 

netstat -rn

We're interested in these bits: 

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0 wlan0

Now using the above data, edit /etc/network/interfaces and add the following lines to the wlan0 section (also changing the iface line to "static") 

address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1

It should end up looking something like this: 

auto wlan0
allow-hotplug wlan0
iface wlan0 inet static
address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
wpa-ssid "<SSID>"
wpa-psk "<PASSPHRASE>"

Restart the networking daemon[edit]

(or reboot the Pi) 

/etc/init.d/networking reload

Install an OpenVPN server[edit]

All operations as root

Get the Pi up-to-date[edit]

apt-get update
apt-get upgrade
apt-get autoremove
raspi-config  # set overclocking to Medium

Install the packages[edit]

apt-get install openvpn openssl

and optionally this to be able to reach the server from the internet using names instead of numbers 

apt-get install ddclient

and maybe other useful stuff 

apt-get install host shorewall telnet lighttpd

Generate a copy of the easy-rsa structure[edit]

cd /etc/openvpn
cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 ./easy-rsa

Modify the easy-rsa location[edit]

cd easy-rsa
vi vars
Change 
#export EASY_RSA="`pwd`"
export EASY_RSA="/etc/openvpn/easy-rsa"
. ./vars
./clean-all

Link correct binary[edit]

ln -s openssl-1.0.0.cnf openssl.cnf

Generate certificate authority files[edit]

./build-ca ca

This creates 4 files in the keys subdirectory... 

-rw-r--r-- 1 root root 1383 Feb  2 12:02 ca.crt
-rw------- 1 root root  916 Feb  2 12:02 ca.key
-rw-r--r-- 1 root root    0 Feb  2 12:02 index.txt
-rw-r--r-- 1 root root    3 Feb  2 12:02 serial

Generate the server key files[edit]

just hit ENTER for the password but sign and commit the certificate when asked 

./build-key-server home_server

keys subdirectory now looks like this 

-rw-r--r-- 1 root root 4129 Feb  2 12:03 01.pem
-rw-r--r-- 1 root root 1383 Feb  2 12:02 ca.crt
-rw------- 1 root root  916 Feb  2 12:02 ca.key
-rw-r--r-- 1 root root 4129 Feb  2 12:03 home_server.crt
-rw-r--r-- 1 root root  737 Feb  2 12:03 home_server.csr
-rw------- 1 root root  916 Feb  2 12:03 home_server.key
-rw-r--r-- 1 root root  141 Feb  2 12:03 index.txt
-rw-r--r-- 1 root root   21 Feb  2 12:03 index.txt.attr
-rw-r--r-- 1 root root    0 Feb  2 12:02 index.txt.old
-rw-r--r-- 1 root root    3 Feb  2 12:03 serial
-rw-r--r-- 1 root root    3 Feb  2 12:02 serial.old

Generate the client keys[edit]

just hit ENTER for the password but sign and commit the certificate when asked 

./build-key home_client1

keys subdirectory now looks like this 

-rw-r--r-- 1 root root 4129 Feb  2 12:03 01.pem
-rw-r--r-- 1 root root 4012 Feb  2 12:04 02.pem
-rw-r--r-- 1 root root 1383 Feb  2 12:02 ca.crt
-rw------- 1 root root  916 Feb  2 12:02 ca.key
-rw-r--r-- 1 root root 4012 Feb  2 12:04 home_client1.crt
-rw-r--r-- 1 root root  737 Feb  2 12:04 home_client1.csr
-rw------- 1 root root  916 Feb  2 12:04 home_client1.key
-rw-r--r-- 1 root root 4129 Feb  2 12:03 home_server.crt
-rw-r--r-- 1 root root  737 Feb  2 12:03 home_server.csr
-rw------- 1 root root  916 Feb  2 12:03 home_server.key
-rw-r--r-- 1 root root  283 Feb  2 12:04 index.txt
-rw-r--r-- 1 root root   21 Feb  2 12:04 index.txt.attr
-rw-r--r-- 1 root root   21 Feb  2 12:03 index.txt.attr.old
-rw-r--r-- 1 root root  141 Feb  2 12:03 index.txt.old
-rw-r--r-- 1 root root    3 Feb  2 12:04 serial
-rw-r--r-- 1 root root    3 Feb  2 12:03 serial.old

Generate the Diffie-Hellman file[edit]

./build-dh

This gives us one extra file 

-rw-r--r-- 1 root root  245 Dec 24 13:40 dh1024.pem

Build a server config file[edit]

Copy from the examples directory... 

cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
gunzip /etc/openvpn/server.conf.gz

… or 

cd ..
vi server.conf

and paste this snippet: 

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/home_server.crt
key /etc/openvpn/easy-rsa/keys/home_server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
log-append /var/log/openvpn
comp-lzo

Enable IP forwarding[edit]

echo 1 >/proc/sys/net/ipv4/ip_forward

Allow IP forwarding across reboots[edit]

vi /etc/sysctl.conf
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

Activate the changes with 

sysctl -p

Generate and export an OpenVPN client config file[edit]

Use Tunnelblick (on a Mac) to generate a template client configuration file or copy/paste and modify this:
If you use Viscosity, this is not necessary. You just need to fill in the blanks on its connection panel…
In either case you need to know where you stored the files (ca.crt, home_client1.crt and home_client1.key) generated earlier. 

dev tun
client
proto udp
#remote 192.168.1.100 1194    # testing with lan address of Raspberry Pi
remote <public ip address> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert home_client1.crt
key homeclient1.key
comp-lzo
verb 3

Check IP address and interface name[edit]

ifconfig -a

Alter routing table to allow traffic to the server[edit]

Copy/paste this snippet: assuming wired interface and the ip address of our Pi is 192.168.1.100
Some info on iptables might come in handy at this point. See references below...

vi /etc/iptables.rules

# Generated by iptables-save v1.4.14 on Sun Feb  9 16:15:03 2014
*filter
:INPUT ACCEPT [121:9458]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [261:42388]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m udp --dport 1194 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A FORWARD -o eth0 -m state --state NEW -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
COMMIT
# Completed on Sun Feb  9 16:15:03 2014
# Generated by iptables-save v1.4.14 on Sun Feb  9 16:15:03 2014
*nat
:PREROUTING ACCEPT [127:9041]
:INPUT ACCEPT [97:6824]
:OUTPUT ACCEPT [9:642]
:POSTROUTING ACCEPT [9:642]
-A INPUT -i eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.1.100
COMMIT
# Completed on Sun Feb  9 16:15:03 2014

then edit /etc/network/interfaces and add the following line just after "iface eth0 inet static" 

pre-up iptables-restore < /etc/iptables.rules

Start the server[edit]

/etc/init.d/openvpn start

Server is running, setup client.

  • Gotcha that caught me out several times…

If you change any of the iptables rules, you need to stop/start the OpenVPN server for it to take note of the new settings! 

/etc/init.d/openvpn restart

ddclient sample configuration file[edit]

Put this in /etc/ddclient.conf and modify it to taste
I use dnsdynamic. If you don't, you'll need to change more than is indicated below 

daemon=600                              # check every 10 minutess
syslog=yes                              # log update msgs to syslog
mail=root                               # mail all msgs to root
mail-failure=root                       # mail failed update msgs to root
pid=/var/run/ddclient.pid               # record PID in file.
ssl=yes                                 # use ssl-support.  Works with ssl-library
use=web, web=myip.dnsdynamic.com        # get ip from server.
server=www.dnsdynamic.org               # default server
login=[your username here]              # default login
password=[your password here]           # default password
server=www.dnsdynamic.org,              \
protocol=dyndns2                        \
[your website here]

iptables[edit]

  • man iptables!

list open ports 

netstat -tulpn

see if firewall is allowing access 

telnet <ip address> <port>

list FILTER rules 

iptables -L -n -v

list NAT rules 

iptables -L -t nat -n -v

list all rules in selected chain 

iptables -S -t nat -v

show all rules in a form to use for input 

iptables-save | tee /etc/iptables.rules

bring in those rules previously saved (does not overwrite the table - just adds these rules) 

iptables-restore < /etc/iptables.rules

show local routing table 

ip route show table local

Install both Flightradar24 and FlightAware feeders on a headless Raspberry Pi (Stretch)[edit]

Feed flight data up to flight services.
We can install both fr24feed and piaware and have them feeding at the same time.
At the time of writing, the Pi 3b+ is out but FlightAware does not have an image that works on it yet. So we will install its package manually.

Steps[edit]

Install Raspbian[edit]

  • Very well documented already (I like Etcher though for burning the images)

Prepare for initial boot[edit]

Before installing the microsd card in the Pi

  • Enable the ssh server
touch /boot/ssh
  • Assign static (wired) IP address for initial boot
vi /boot/cmdline.txt

Append this to the end of the line already there (modifying for your local network)... 

 ip=192.168.1.12::192.168.1.1:255.255.255.0:rpi:eth0:off

Initial boot[edit]

Put the microsd card in the Pi, plug in an ethernet cable and power it up. Give it 20 seconds and login using the IP address above.

  • Login as pi/raspberry and change the password and hostname if required
sudo su -
raspi-config
  • Assign static IP address in correct place

On Stretch, /etc/network/interfaces is no longer used 

vi /etc/dhcpcd.conf

# Example static IP configuration:
interface eth0
static ip_address=192.168.1.12/24
#static ip6_address=fd51:42f8:caae:d92e::ff/64
static routers=192.168.1.1
static domain_name_servers=192.168.1.13 8.8.8.8

Remove the IP address added to /boot/cmdline.txt 

vi /boot/cmdline.txt
  • Install useful stuff
apt-get install -y dnsutils
  • Turn IPV6 off
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1

Install the feeder packages[edit]

apt-get update
apt-get upgrade

The web server of choice of both of these tools is lighttpd (good choice in my opinion) and it will be installed by whichever package is run first.
In order to get the local skyview website up on http://<pi address>:8080, piaware should be installed first.

At this point, PiAware is installed, dump1090-fa is installed and lighttpd is installed. Now the DVB-T dongle needs to be connected otherwise the dump1090 software won't startup successfully.
If this is a reinstall of the software, you will have lost your feeder identification and you will be uploading as a guest user.
Get your feeder id from your login page on FlightAware. eg. flightaware.com/adsb/stats/user/rockingh0rse Put your feeder id back into PiAware's config file with this 

piaware-config feeder-id 12345678-1234-1234-1234-123456789abc
  • Reboot to initialise everything.
  • Log back in as root ( as pi, then sudo su - ) and check the status of the components with
systemctl status piaware

or 

piaware-status

If all is running ok, install FlightRadar24. This will detect that lighttpd and a version of dump1090 are already installed and will not overwrite them.

If you want to look at the script, download it using 

wget -O install_fr24_rpi.sh http://repo.feed.flightradar24.com/install_fr24_rpi.sh

If choosing to use MLAT, this is a good website to find your lat/long coordinates
You will need these when the fr24feed --signup program runs (last part of the setup). It will also ask for a sharing key. This can be found in the Welcome mail Flightradar24 sent you! Check the status of the components with 

systemctl status fr24feed
or 
fr24feed-status

All done? Check out the aircraft you're capturing. Start a browser and go to port 8080 on the Raspberry Pi for snazzy PiAware stats 

http://192.168.1.12:8080

or port 8754 for less snazzy but equally informative stats for FlightRadar24 

http://192.168.1.12:8754

Next step? Maybe interrogate the ACARS message system on board?

References[edit]

Retrieved from "https://mailnest.com/dbawiki/index.php?title=RaspberryPi&oldid=3207"