Setup-Raspi-Mobile: Difference between revisions
		
		
		
		Jump to navigation
		Jump to search
		
| No edit summary | |||
| Line 13: | Line 13: | ||
|   apt-get update |   apt-get update | ||
|   apt-get upgrade |   #apt-get upgrade | ||
|  #or better | |||
|  apt-get full-upgrade | |||
| *Shrink journal | |||
|  journalctl --vacuum-size=20M | |||
|  journalctl --vacuum-time=3d | |||
| *View packages   | *View packages   | ||
| Line 23: | Line 29: | ||
|   apt-get purge |   apt-get purge | ||
|   apt autoremove |   apt autoremove | ||
| *Good on Debian 11 Bullseye | |||
|  apt-get remove firmware-libertas --purge | |||
|  apt-get remove firmware-atheros --purge | |||
|  apt-get remove rpi-eeprom --purge | |||
|  apt-get remove gcc-10 --purge | |||
|  apt-get remove iso-codes --purge | |||
|  apt-get remove cpp-10  --purge | |||
|  apt-get clean | |||
|  apt-get purge | |||
|  apt autoremove | |||
|  root@raspberrypi:~# df -h | |||
|  Filesystem      Size  Used Avail Use% Mounted on | |||
|  /dev/root       1.6G  1.3G  177M  89% / | |||
|  devtmpfs        776M     0  776M   0% /dev | |||
|  tmpfs           937M     0  937M   0% /dev/shm | |||
|  tmpfs           375M  1.7M  373M   1% /run | |||
|  tmpfs           5.0M  4.0K  5.0M   1% /run/lock | |||
|  /dev/mmcblk0p1  253M   49M  204M  20% /boot | |||
|  tmpfs           188M     0  188M   0% /run/user/1000 | |||
| *Install additional packages needed for this project | *Install additional packages needed for this project | ||
|   apt-get install mc autofs iptraf samba samba-common nftables apache2 locate tcpdump ncdu |   apt-get install mc autofs iptraf samba samba-common nftables apache2 locate tcpdump ncdu | ||
|   apt-get install hostapd wireless-tools dnsmasq iw bridge-utils cloud-utils lsof |   apt-get install hostapd wireless-tools dnsmasq iw bridge-utils cloud-utils lsof nmap tcpdump | ||
| =Apapter= | =Apapter= | ||
| Line 88: | Line 116: | ||
| =AUTOFS/UDEV= | =AUTOFS/UDEV= | ||
| *Story about shutting down Raspi: https://raspberrypi.stackexchange.com/questions/50345/is-it-okay-to-just-pull-the-plug | |||
| *Add config file for our usb sticks | *Add config file for our usb sticks | ||
|   touch /etc/auto.rbusb |   touch /etc/auto.rbusb | ||
| Line 94: | Line 123: | ||
| *Restart | *Restart | ||
|   systemctl restart autofs |   systemctl restart autofs | ||
| *Get autofs helper script | *Get autofs helper script (automount helper, auto shutdow on usb flash device) | ||
|   wget https://coolgeo.org:/download/scripts/autofs-config.pl -O /usr/local/bin/autofs-config.pl |   wget https://coolgeo.org:/download/scripts/autofs-config.pl -O /usr/local/bin/autofs-config.pl | ||
|   chmod u+x /usr/local/bin/autofs-config.pl |   chmod u+x /usr/local/bin/autofs-config.pl | ||
| Line 104: | Line 133: | ||
| =Apache2/WebDAV= | =Apache2/WebDAV= | ||
| */etc/apache2/sites-available/000-default.conf | |||
|   DavLockDB /var/www/DavLock |   DavLockDB /var/www/DavLock | ||
|   <Directory "/automnt/"> |   <Directory "/automnt/"> | ||
| Line 135: | Line 164: | ||
| =HOSTS= | =HOSTS= | ||
| */etc/hosts | */etc/hosts | ||
|   192.168. |   192.168.4.1     raspi raspberry raspberrypi raspap | ||
| =INIT= | =INIT= | ||
| Line 233: | Line 261: | ||
| */etc/dnsmasq.d/090_wlan0.conf | */etc/dnsmasq.d/090_wlan0.conf | ||
|   --------------------------------------------------------- |   #--------------------------------------------------------- | ||
|   #Raspi-Mobile wlan0 configuration |   #Raspi-Mobile wlan0 configuration | ||
|   interface=wlan0 |   interface=wlan0 | ||
|   dhcp-range=192.168.4.50,192.168.4.255,255.255.255.0,30d   |   dhcp-range=192.168.4.50,192.168.4.255,255.255.255.0,30d   | ||
|   --------------------------------------------------------- |   #--------------------------------------------------------- | ||
| *Apply | *Apply | ||
|   systemctl enable dnsmasq |   systemctl enable dnsmasq | ||
|   systemctl restart dnsmasq |   systemctl restart dnsmasq | ||
| =HOSTAPD= | =HOSTAPD= | ||
| Line 270: | Line 297: | ||
|   systemctl restart hostapd |   systemctl restart hostapd | ||
| '''Workaround if hostapd does not start''' | |||
| */etc/systemd/system/rbautostart.service | |||
|  [Unit] | |||
|  Description=RaspiMobile automatic tasks at startup only | |||
|  After=network.target auditd.service | |||
|  [Service] | |||
|  Type=oneshot | |||
|  ExecStart=/usr/sbin/rbautstart | |||
|  [Install] | |||
| */usr/sbin/rbautstart | |||
|  #!/bin/bash | |||
|  #restart hostapd at startup | |||
|  systemctl restart hostapd | |||
| =WiFi Scan= | |||
| *Check your neighbourhood | |||
|  iwlist wlan0 scan | |||
| =Disable syslog= | =Disable syslog= | ||
| Line 277: | Line 328: | ||
| =Optional keepalive logging= | =Optional keepalive logging= | ||
| *This is  | *This is simple logging script to see if the device is up and write into syslog | ||
|   root@raspberrypi:/# cat /home//pi/rbkeepalive.sh |   root@raspberrypi:/# cat /home//pi/rbkeepalive.sh | ||
|   #!/bin/bash |   #!/bin/bash | ||
| Line 290: | Line 341: | ||
|   root@raspberrypi:/# crontab -l | grep rbkeepalive.sh |   root@raspberrypi:/# crontab -l | grep rbkeepalive.sh | ||
|   */10 * * * * /home/pi/rbkeepalive.sh |   */10 * * * * /home/pi/rbkeepalive.sh | ||
| =RaspAP= | |||
| *https://raspap.com/#quick | |||
| *Set the WiFi country in raspi-config's Localisation Options: | |||
|  raspi-config | |||
| *Invoke RaspAP's Quick Installer:  | |||
|  curl -sL https://install.raspap.com | bash | |||
| *Configure Website, for port 8080 and set the pi user as admin | |||
| =OnetTime Disk Expand= | =OnetTime Disk Expand= | ||
| Line 342: | Line 402: | ||
|   apt-get install neofetch |   apt-get install neofetch | ||
|   bash -c $'echo "neofetch" >> /etc/profile.d/mymotd.sh && chmod +x /etc/profile.d/mymotd.sh' |   bash -c $'echo "neofetch" >> /etc/profile.d/mymotd.sh && chmod +x /etc/profile.d/mymotd.sh' | ||
| *Add to /etc/profile.d/mymotd.sh | |||
|  echo "See here too: https://coolscript.org/index.php/Raspi-Mobile" | |||
| *RaspAP | *RaspAP | ||
|   curl -sL https://install.raspap.com | bash |   curl -sL https://install.raspap.com | bash | ||
| =Last Step= | |||
| Last step is to delete the logs and shut down<br> | |||
|  systemctl stop autofs.service | |||
|  systemctl stop apache2 nmbd smbd | |||
|  rm /etc/auto.rbusb | |||
|  touch /etc/auto.rbusb | |||
|  rm  -rf /var/log/apache2/* | |||
|  rm  -rf /var/log/samba/* | |||
|  rm  /var/log/* | |||
|  history -c | |||
|  systemctl stop autofs | |||
|  cd /automount | |||
|  echo "###########" | |||
|  echo " POWER OFF"  | |||
|  echo "###########" | |||
|  init 0 | |||
| =bashrc= | |||
|  # ~/.bashrc: executed by bash(1) for non-login shells. | |||
|  # see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) | |||
|  # for examples | |||
|  # If not running interactively, don't do anything | |||
|  case $- in | |||
|     *i*) ;; | |||
|       *) return;; | |||
|  esac | |||
|  # don't put duplicate lines or lines starting with space in the history. | |||
|  # See bash(1) for more options | |||
|  HISTCONTROL=ignoreboth | |||
|  # append to the history file, don't overwrite it | |||
|  shopt -s histappend | |||
|  # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) | |||
|  HISTSIZE=1000 | |||
|  HISTFILESIZE=2000 | |||
|  # check the window size after each command and, if necessary, | |||
|  # update the values of LINES and COLUMNS. | |||
|  shopt -s checkwinsize | |||
|  # If set, the pattern "**" used in a pathname expansion context will | |||
|  # match all files and zero or more directories and subdirectories. | |||
|  #shopt -s globstar | |||
|  # make less more friendly for non-text input files, see lesspipe(1) | |||
|  #[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" | |||
|  # set variable identifying the chroot you work in (used in the prompt below) | |||
|  if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then | |||
|      debian_chroot=$(cat /etc/debian_chroot) | |||
|  fi | |||
|  # set a fancy prompt (non-color, unless we know we "want" color) | |||
|  case "$TERM" in | |||
|      xterm-color|*-256color) color_prompt=yes;; | |||
|  esac | |||
|  # uncomment for a colored prompt, if the terminal has the capability; turned | |||
|  # off by default to not distract the user: the focus in a terminal window | |||
|  # should be on the output of commands, not on the prompt | |||
|  force_color_prompt=yes | |||
|  if [ -n "$force_color_prompt" ]; then | |||
|     if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then | |||
|         # We have color support; assume it's compliant with Ecma-48 | |||
|         # (ISO/IEC-6429). (Lack of such support is extremely rare, and such | |||
|         # a case would tend to support setf rather than setaf.) | |||
|         color_prompt=yes | |||
|     else | |||
|         color_prompt= | |||
|     fi | |||
|  fi | |||
|  if [ "$color_prompt" = yes ]; then | |||
|     PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w \$\[\033[00m\] ' | |||
|  else | |||
|     PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' | |||
|  fi | |||
|  unset color_prompt force_color_prompt | |||
|  # If this is an xterm set the title to user@host:dir | |||
|  case "$TERM" in | |||
|  xterm*|rxvt*) | |||
|     PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" | |||
|     ;; | |||
|  *) | |||
|     ;; | |||
|  esac | |||
|  # enable color support of ls and also add handy aliases | |||
|  if [ -x /usr/bin/dircolors ]; then | |||
|     test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" | |||
|     alias ls='ls --color=auto' | |||
|     #alias dir='dir --color=auto' | |||
|     #alias vdir='vdir --color=auto' | |||
|     alias grep='grep --color=auto' | |||
|     alias fgrep='fgrep --color=auto' | |||
|     alias egrep='egrep --color=auto' | |||
|  fi | |||
|  # colored GCC warnings and errors | |||
|  #export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' | |||
|  # some more ls aliases | |||
|  #alias ll='ls -l' | |||
|  #alias la='ls -A' | |||
|  #alias l='ls -CF' | |||
|  # Alias definitions. | |||
|  # You may want to put all your additions into a separate file like | |||
|  # ~/.bash_aliases, instead of adding them here directly. | |||
|  # See /usr/share/doc/bash-doc/examples in the bash-doc package. | |||
|  if [ -f ~/.bash_aliases ]; then | |||
|      . ~/.bash_aliases | |||
|  fi | |||
|  # enable programmable completion features (you don't need to enable | |||
|  # this, if it's already enabled in /etc/bash.bashrc and /etc/profile | |||
|  # sources /etc/bash.bashrc). | |||
|  if ! shopt -oq posix; then | |||
|   if [ -f /usr/share/bash-completion/bash_completion ]; then | |||
|     . /usr/share/bash-completion/bash_completion | |||
|   elif [ -f /etc/bash_completion ]; then | |||
|     . /etc/bash_completion | |||
|   fi | |||
|  fi | |||
| =Beta OpenVPN= | |||
| *Need NFT | |||
|  table ip nat { | |||
|        chain PREROUTING { | |||
|                type nat hook prerouting priority -100; policy accept; | |||
|        } | |||
|        chain INPUT { | |||
|                type nat hook input priority 100; policy accept; | |||
|        } | |||
|        chain POSTROUTING { | |||
|            type nat hook postrouting priority 100; policy accept; | |||
|            iifname "eth0" counter oifname "tun0" masquerade  comment "masq for eth0" | |||
|            iifname "tun0" counter oifname "tun0" masquerade  comment "masq for eth0" | |||
|            iifname "wlan0" counter oifname "tun0" masquerade  comment "masq for eth0" | |||
|        } | |||
|        chain OUTPUT { | |||
|                type nat hook output priority -100; policy accept; | |||
|        } | |||
| *Neet openvpn add on | |||
|  auth-user-pass /etc/openvpn/login.conf | |||
|  #route 0.0.0.0 0.0.0.0 | |||
|  log /var/log/openvpn.log | |||
|  verb 6 | |||
|  redirect-gateway autolocal | |||
| =Model3 vs Model4= | |||
| *Model4 | |||
|  root@raspberrypi:~# lscpu | |||
|  Architecture: armv7l | |||
|  Byte Order: Little Endian | |||
|  CPU(s): 4 | |||
|  On-line CPU(s) list: 0-3 | |||
|  Thread(s) per core: 1 | |||
|  Core(s) per socket: 4 | |||
|  Socket(s): 1 | |||
|  Vendor ID: ARM | |||
|  Model: 3 | |||
|  Model name: Cortex-A72 | |||
| *Modell 3 | |||
|  root@raspberrypi:~# lscpu | |||
|  Architecture: armv7l | |||
|  Byte Order: Little Endian | |||
|  CPU(s): 4 | |||
|  On-line CPU(s) list: 0-3 | |||
|  Thread(s) per core: 1 | |||
|  Core(s) per socket: 4 | |||
|  Socket(s): 1 | |||
|  Vendor ID: ARM | |||
|  Model: 4 | |||
|  Model name: Cortex-A53 | |||
Revision as of 18:03, 21 January 2022
Disk
- Expand the filesystem after fresh installation
raspi-config - Advanced - Expand Filesystem
Delete docs to get more disk space
sudo rm -rf /usr/share/doc/ sudo rm -rf /usr/share/man/ sudo rm -rf /usr/share/locale/
APT
apt-get update #apt-get upgrade #or better apt-get full-upgrade
- Shrink journal
journalctl --vacuum-size=20M journalctl --vacuum-time=3d
- View packages
dpkg-query -Wf '${Installed-Size}\t${Package}\n' | sort -n
- Remove and clean
apt-get remove libraspberrypi-doc --purge apt-get clean apt-get purge apt autoremove
- Good on Debian 11 Bullseye
apt-get remove firmware-libertas --purge apt-get remove firmware-atheros --purge apt-get remove rpi-eeprom --purge apt-get remove gcc-10 --purge apt-get remove iso-codes --purge apt-get remove cpp-10 --purge apt-get clean apt-get purge apt autoremove
root@raspberrypi:~# df -h Filesystem Size Used Avail Use% Mounted on /dev/root 1.6G 1.3G 177M 89% / devtmpfs 776M 0 776M 0% /dev tmpfs 937M 0 937M 0% /dev/shm tmpfs 375M 1.7M 373M 1% /run tmpfs 5.0M 4.0K 5.0M 1% /run/lock /dev/mmcblk0p1 253M 49M 204M 20% /boot tmpfs 188M 0 188M 0% /run/user/1000
- Install additional packages needed for this project
apt-get install mc autofs iptraf samba samba-common nftables apache2 locate tcpdump ncdu apt-get install hostapd wireless-tools dnsmasq iw bridge-utils cloud-utils lsof nmap tcpdump
Apapter
- Turn on WiFi and leave Bluetooth off
root@raspberrypi:~# rfkill unblock 0 root@raspberrypi:~# rfkill block 1
root@raspberrypi:~# rfkill ID TYPE DEVICE SOFT HARD 0 wlan phy0 unblocked unblocked 1 bluetooth hci0 blocked unblocked
sysctl
- /etc/sysctl.conf
net.ipv4.ip_forward=1
- Activate
sysctl -p
User/Group
addgroup sambagrp usermod -a -G sambagrp pi
Samba
- Set a password for the pi user
smbpasswd -a pi
- /etc/samba/smb.conf
[global] workgroup = WORKGROUP server string = %h server (Linux) #interfaces = eth0 bind interfaces only = yes log file = /var/log/samba/log.%m panic action = /usr/share/samba/panic-action %d server role = standalone server obey pam restrictions = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = Yes map to guest = Bad User #log level = 4 #To be used for debugging purposes local master = no disable netbios = yes [automnt] comment = automnt path = /automnt valid users = @sambagrp browsable = yes writable = yes read only = no create mask = 0660
- Enable and start smbd, disable nmbd
systemctl enable smbd systemctl restart smbd systemctl stop nmbd systemctl disable nmbd systemctl mask nmbd
AUTOFS/UDEV
- Story about shutting down Raspi: https://raspberrypi.stackexchange.com/questions/50345/is-it-okay-to-just-pull-the-plug
- Add config file for our usb sticks
touch /etc/auto.rbusb
- Add to the end of auto.master
echo '/automnt /etc/auto.rbusb --timeout=5 --ghost' >> /etc/auto.master
- Restart
systemctl restart autofs
- Get autofs helper script (automount helper, auto shutdow on usb flash device)
wget https://coolgeo.org:/download/scripts/autofs-config.pl -O /usr/local/bin/autofs-config.pl chmod u+x /usr/local/bin/autofs-config.pl
- Add udev rule
echo 'ACTION=="add", SUBSYSTEM=="block", KERNEL=="sd*", ATTRS{vendor}=="*", RUN+="/usr/bin/perl /usr/local/bin/autofs-config.pl"' > /etc/udev/rules.d/90-local.rules
- Reload udev
udevadm control --reload-rules && udevadm trigger
- TEST USB
Apache2/WebDAV
- /etc/apache2/sites-available/000-default.conf
DavLockDB /var/www/DavLock
<Directory "/automnt/">
 Options +Indexes
 Order allow,deny
 Allow from all
 Require all granted
</Directory>
<VirtualHost *:80>
   ServerAdmin webmaster@localhost
   DocumentRoot /automnt
   Alias /automnt /automnt
   <Directory /automnt>
    DAV On
   </Directory>
   <Directory "/automnt">
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user
   </Directory>
</VirtualHost>
- Enable WebDAV Mod
a2enmod dav_fs
- Restart
systemctl restart apache2
- Add the PI user to WebDAV
htpasswd -c /etc/apache2/.htpasswd pi
HOSTS
- /etc/hosts
192.168.4.1 raspi raspberry raspberrypi raspap
INIT
- /etc/systemd/system/rbinit.service
[Unit] Description=RaspiMobile Init Script After=network.target [Service] Type=oneshot ExecStart=/usr/sbin/rbinit [Install] WantedBy=multi-user.target
- /usr/sbin/rbinit
#!/bin/bash #Workaround for Ipdads /sbin/ip addr add 192.168.5.1/24 dev eth0:0 /sbin/nft -f /etc/nftables.conf
- Apply the new init script
chmod 755 /usr/sbin/rbinit systemctl enable rbinit.service systemctl start rbinit
NFT
- /etc/nftables.conf
#!/usr/sbin/nft -f
flush ruleset
table inet filter {
       chain input {
               type filter hook input priority 0; policy accept;
       }
       chain forward {
               type filter hook forward priority 0; policy accept;
       }
       chain output {
               type filter hook output priority 0; policy accept;
       }
}
table ip nat {
       chain PREROUTING {
               type nat hook prerouting priority -100; policy accept;
       }
       chain INPUT {
               type nat hook input priority 100; policy accept;
       }
       chain POSTROUTING {
               type nat hook postrouting priority 100; policy accept;
               oif "eth0" masquerade comment "masq for eth0"
               oif "wlan0" masquerade comment "masq for wlan0"
       }
       chain OUTPUT {
               type nat hook output priority -100; policy accept;
       }
}
- Apply
systemctl enable nftables systemctl start nftables
DHCPCD
/etc/dhcpcd.conf
hostname clientid persistent option rapid_commit option domain_name_servers, domain_name, domain_search, host_name option classless_static_routes option ntp_servers require dhcp_server_identifier slaac private nohook lookup-hostname #wlan0 configuration interface wlan0 static ip_address=192.168.4.1/24 static routers=192.168.4.1 gateway
- Apply changes
systemctl daemon-reload systemctl restart dhcpcd.service
DNSMASQ
- /etc/dnsmasq.d/090_wlan0.conf
#--------------------------------------------------------- #Raspi-Mobile wlan0 configuration interface=wlan0 dhcp-range=192.168.4.50,192.168.4.255,255.255.255.0,30d #---------------------------------------------------------
- Apply
systemctl enable dnsmasq systemctl restart dnsmasq
HOSTAPD
- /etc/hostapd/hostapd.conf
driver=nl80211 ctrl_interface=/var/run/hostapd ctrl_interface_group=0 auth_algs=1 wpa_key_mgmt=WPA-PSK beacon_int=100 ssid=raspi-mobile channel=1 hw_mode=g ieee80211n=0 wpa_passphrase=raspberry interface=wlan0 wpa=2 wpa_pairwise=CCMP country_code=DE ignore_broadcast_ssid=0
- Apply
systemctl unmask hostapd systemctl enable hostapd systemctl restart hostapd
Workaround if hostapd does not start
- /etc/systemd/system/rbautostart.service
[Unit] Description=RaspiMobile automatic tasks at startup only After=network.target auditd.service [Service] Type=oneshot ExecStart=/usr/sbin/rbautstart [Install]
- /usr/sbin/rbautstart
#!/bin/bash #restart hostapd at startup systemctl restart hostapd
WiFi Scan
- Check your neighbourhood
iwlist wlan0 scan
Disable syslog
- Save disk space and avoid corruptions on the sd card
systemctl stop syslog.socket rsyslog.service systemctl disable syslog.socket rsyslog.service
Optional keepalive logging
- This is simple logging script to see if the device is up and write into syslog
root@raspberrypi:/# cat /home//pi/rbkeepalive.sh #!/bin/bash backup_time=$(date +'%H:%M:%S') log_date=$(date +'%Y%m%d') backup_dir="/tmp/" alive_suffix="-alive.txt" echo "$backup_dir$log_date$alive_suffix Keepalive $backup_time" >> $backup_dir$log_date$alive_suffix
- Perms
chmod 755 /home//pi/rbkeepalive.sh
- Crontab, all 10 Minutes
root@raspberrypi:/# crontab -l | grep rbkeepalive.sh */10 * * * * /home/pi/rbkeepalive.sh
RaspAP
- https://raspap.com/#quick
- Set the WiFi country in raspi-config's Localisation Options:
raspi-config
- Invoke RaspAP's Quick Installer:
curl -sL https://install.raspap.com | bash
- Configure Website, for port 8080 and set the pi user as admin
OnetTime Disk Expand
- /etc/systemd/system/rbexpanddisk.service
[Unit] Description=RaspiMobile one time disk expand After=network.target [Service] Type=oneshot ExecStart=/usr/sbin/rbexpand [Install] WantedBy=multi-user.target
- Enable the one time service
root@raspberrypi:~# systemctl enable rbexpanddisk
- /usr/sbin/rbexpand
#!/bin/bash #Script to expand the Raspi filesystem. The script checks for the file /tmp/raspi-mobile and will run if the file exists. #After the first run the script will disable its own service (rbexapnd.service) and delete /tmp/raspi-mobile PATH=/sbin:/usr/sbin/:/usr/local/sbin:/bin:/usr/local/bin:/usr/bin: declare LS="Raspi-Mobile:" #LS = LogSuffix declate TriggerFile="/tmp/raspi-mobile" if [ -f $TriggerFile ]; then systemctl enable syslog.socket rsyslog.service systemctl start syslog.socket rsyslog.service logger "$LS Start expanding disk" logger "$LS growpart /dev/mmcblk0 2" growpart /dev/mmcblk0 2 | logger logger "$LS resize2fs /dev/mmcblk0p2" resize2fs /dev/mmcblk0p2 | logger logger "$LS Disable rbexpand" systemctl disable rbexpand.service | logger rm $TriggerFile >/dev/null 2>&1 logger "$LS Disable syslog" systemctl stop syslog.socket rsyslog.service | logger systemctl disable syslog.socket rsyslog.service | logger else logger "$LS Expanding is disabled" fi
chmod u+x /usr/sbin/rbexpand systemctl daemon-reload systemctl enable rbexpanddisk touch /tmp/raspi-mobile
Features
- Neofetch Banner
apt-get install neofetch bash -c $'echo "neofetch" >> /etc/profile.d/mymotd.sh && chmod +x /etc/profile.d/mymotd.sh'
- Add to /etc/profile.d/mymotd.sh
echo "See here too: https://coolscript.org/index.php/Raspi-Mobile"
- RaspAP
curl -sL https://install.raspap.com | bash
Last Step
Last step is to delete the logs and shut down
systemctl stop autofs.service systemctl stop apache2 nmbd smbd rm /etc/auto.rbusb touch /etc/auto.rbusb rm -rf /var/log/apache2/* rm -rf /var/log/samba/* rm /var/log/* history -c systemctl stop autofs cd /automount echo "###########" echo " POWER OFF" echo "###########" init 0
bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
   *i*) ;;
     *) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
HISTCONTROL=ignoreboth
# append to the history file, don't overwrite it
shopt -s histappend
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
HISTSIZE=1000
HISTFILESIZE=2000
# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
 
# If set, the pattern "**" used in a pathname expansion context will
# match all files and zero or more directories and subdirectories.
#shopt -s globstar
 
# make less more friendly for non-text input files, see lesspipe(1)
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
    debian_chroot=$(cat /etc/debian_chroot)
fi
# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
    xterm-color|*-256color) color_prompt=yes;;
esac
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
force_color_prompt=yes
if [ -n "$force_color_prompt" ]; then
   if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
       # We have color support; assume it's compliant with Ecma-48
       # (ISO/IEC-6429). (Lack of such support is extremely rare, and such
       # a case would tend to support setf rather than setaf.)
       color_prompt=yes
   else
       color_prompt=
   fi
fi
if [ "$color_prompt" = yes ]; then
   PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w \$\[\033[00m\] '
else
   PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt
# If this is an xterm set the title to user@host:dir
case "$TERM" in
xterm*|rxvt*)
   PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
   ;;
*)
   ;;
esac
# enable color support of ls and also add handy aliases
if [ -x /usr/bin/dircolors ]; then
   test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
   alias ls='ls --color=auto'
   #alias dir='dir --color=auto'
   #alias vdir='vdir --color=auto'
   alias grep='grep --color=auto'
   alias fgrep='fgrep --color=auto'
   alias egrep='egrep --color=auto'
fi
# colored GCC warnings and errors
#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
# some more ls aliases
#alias ll='ls -l'
#alias la='ls -A'
#alias l='ls -CF'
# Alias definitions.
# You may want to put all your additions into a separate file like
# ~/.bash_aliases, instead of adding them here directly.
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
    . ~/.bash_aliases
fi
# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if ! shopt -oq posix; then
 if [ -f /usr/share/bash-completion/bash_completion ]; then
   . /usr/share/bash-completion/bash_completion
 elif [ -f /etc/bash_completion ]; then
   . /etc/bash_completion
 fi
fi
Beta OpenVPN
- Need NFT
table ip nat {
      chain PREROUTING {
              type nat hook prerouting priority -100; policy accept;
      }
      chain INPUT {
              type nat hook input priority 100; policy accept;
      }
      chain POSTROUTING {
          type nat hook postrouting priority 100; policy accept;
          iifname "eth0" counter oifname "tun0" masquerade  comment "masq for eth0"
          iifname "tun0" counter oifname "tun0" masquerade  comment "masq for eth0"
          iifname "wlan0" counter oifname "tun0" masquerade  comment "masq for eth0"
      }
      chain OUTPUT {
              type nat hook output priority -100; policy accept;
      }
- Neet openvpn add on
auth-user-pass /etc/openvpn/login.conf #route 0.0.0.0 0.0.0.0 log /var/log/openvpn.log verb 6 redirect-gateway autolocal
Model3 vs Model4
- Model4
root@raspberrypi:~# lscpu Architecture: armv7l Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 1 Core(s) per socket: 4 Socket(s): 1 Vendor ID: ARM Model: 3 Model name: Cortex-A72
- Modell 3
root@raspberrypi:~# lscpu Architecture: armv7l Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 1 Core(s) per socket: 4 Socket(s): 1 Vendor ID: ARM Model: 4 Model name: Cortex-A53