Rebuild Raspbery PI - With Natalia and Jason!

[scottmuc]

Yay for Repaving!

As much as possible is documented inline in this issue template. In case of problems you may find help by viewing all the previous repave issues. Have fun!

Things to do with the existing build

• [x] Disable DHCP on the PI

  Instructions

  Ensure that when we renew our DCHP lease, it comes from our router.

  sudo systemctl stop kea-dhcp4-server

• [x] Enable DHCP on the router and remove port mapping and release/renew IP address

  Instructions

  Windows: ipconfig /release and then ipconfig /renew

• [x] Shutdown PI

  Instructions

  Make sure the USB drive has spun down before doing any work.

  sudo shutdown -h now

• [x] Create SD card with the latest Raspberry Pi OS

  Instructions

  Using the SD card in the now powered down PI.

  The new installer has options to enable SSH and create a user.

  installer download

  note check if the underlying Debian distribution is changing as this might result in some issues in the playbook execution.

Post OS install steps on desktop

• [x] Ensure a working ansible enviroment

  Instructions

  Not much to say except use virtualenv. I don't have a consistent way to set this up because my macbook might be my controller, or my windows WSL host will be.

• [x] Turn on the PI and note the IP obtained from the Router

• [x] Transfer local public ssh key to PI

  Instructions

  In order to avoid the use of sshpass, copy the current sessions public ssh key to to ./ssh/authorized_keys of the pi user on the PI. This user is only necessary to run the bootstrap playbook (which creates an admin ansible user) and will be subsequently cleaned up.

  ssh-copy-id pi@<pi ip>

• [x] Bootstrap with Ansible

  Instructions

  ./ansible.sh bootstrap -i <pi ip>

• [x] Add the PI port forwarding

  Instructions

  Needed for the certbot ACME challenge in the next step.

• [x] Complete full configuration

  Instructions

  ./ansible.sh apply -i <pi ip>

• [x] Reboot PI

• [x] Re-add port mapping to the static IP

• [x] Disable DHCP on the router

• [x] Deploy goodenoughmoney.com

• [x] Create pi Samba user

  Instructions

  Run the following on the PI sudo smbpasswd -a smbrw

• [x] Make this template slightly better

How Do I Know I Am Done?

• [x] https://www.goodenoughmoney.com/ displays stuff

• [x] https://home.scottmuc.com/music/ loads navidrome and the music is playable

• [x] https://home.scottmuc.com/prometheus/ loads and has data

• [x] https://home.scottmuc.com/grafana/ loads and has data

• [x] Z:\ on my Windows PC works

• [x] ipconfig /release and then ipconfig /renew works

• [x] nslookup analytics.google.com is refused

• [x] Print out newly repaved machine details

  Instructions

  cat /etc/os-release && uname -a

[scottmuc]

DHCP turn off instruction is referring to old software, using DNSMASQ now for DHCPD.

[scottmuc]

Logging into the Telekom router with Brave seemed to be busted... also, should not if Bulleyes should be 32 or 64 bit.

[scottmuc]

Add hugo to WSL automation

[scottmuc]

Delete deletion of old Grafana repo

[scottmuc]

Thanks @nataliadm-cp and @jsnprtr for joining <3

[scottmuc]

~/workspace/infrastructure/pi ? ssh ansible@pi 'cat /etc/os-release && uname -a'
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
Linux raspberrypi 5.15.61-v8+ #1579 SMP PREEMPT Fri Aug 26 11:16:44 BST 2022 aarch64 GNU/Linux