Differences

This shows you the differences between two versions of the page.

--- pi:raspbian [2020-05-18 13:32] – set vim as default editor gabriel
+++ pi:raspbian [2020-05-18 21:31] – adding tmux and alternative shells gabriel
@@ Line 3: / Line 3: @@
 This page documents my local Raspberry Pi config for a Raspberry Pi 3 running Raspbian.  This is config is based on Raspian Buster Lite released on 2020-02-13 by the Raspberry Pi Foundation which can be found [[https://www.raspberrypi.org/downloads/raspbian/|here]].
-  * Disable auto resizing of root partition on boot
+===== Before first boot =====
-  * Disable quiet boot
-  * Configure static IP address
-  * Modify OpenSSH configuration
-  * Add user
-===== Disable automatic resizing of root partition =====
+By default Raspbian attempts to grow the root partition of your system on first boot to fill your entire SD card. To disable this option do the following on the SD card image before first boot.
-By default Raspbian attempts to grow the root partition of your system on first boot to fill your entire SD card.
+  * Remove custom init script and quiet from ''/boot/cmdline.txt'' before first power on.
-To disable this option do the following.
+  * Remove ''/etc/init.d/resize2fs_once'' script.
-  * Remove custom init script and quiet from /boot/cmdline.txt before first power on.
-  * Remove /etc/init.d/resize script.
 ===== After first boot =====
@@ Line 26: / Line 19: @@
 apt install vim
 update-alternatives --set editor /usr/bin/vim.basic
+</code>
+==== Disble IPv6 ====
+Add the following to ''/etc/sysctl.d/local.conf'':
+<code>
+# disable IPv6
+net.ipv6.conf.all.disable_ipv6=1
 </code>
 ==== Configure static IP address ====
-Edit /etc/dhcpcd.conf
+Edit ''/etc/dhcpcd.conf'' and add the following:
-==== Set OpenSSH to start on first boot ====
+<code>
+# Static eth0 configuration
+interface eth0
+static ip_address=10.77.3.6/24
+static routers=10.77.3.1
+static domain_name_servers=10.77.3.4 10.77.3.5
+</code>
+Add our local domain to the default search path configured by ''resolvconf''.
+<code>
+echo "search in.quay.net" >> /etc/resolv.conf.tail
+</code>
+==== Configure OpenSSHD on boot====
+Set to run on boot.
 <code>
@@ Line 41: / Line 59: @@
 ==== User configuration ====
-Add local user
+The following user modifications are made.
+=== local user ===
+Add local user:
 <code>
@@ Line 49: / Line 71: @@
 </code>
-Disable pi user
+=== pi ===
+Disable pi user:
 <code>
@@ Line 55: / Line 79: @@
 </code>
-Set root password
+=== root ===
+Now set root password.
+=== ansible ===
+Add ansible user:
+<code>
+groupadd -g 1111 ansible
+useradd -u 1111 -c "Ansible control user" -g 1111 -m ansible
+usermod -p '*' ansible
+</code>
+Configure the following sudo rule for ansible:
+<code>
+# Ansible control user
+ansible ALL=(ALL) NOPASSWD:ALL
+</code>
+Copy SSH keys for Ansible user.
+==== Sudoers config ====
+Set ''timestamp_timeout=NN'' to more useful timeout value.
 ==== Grow root partition ====
-Use parted and resize2fs to manually set root filesystem size.
+Use ''parted'' and ''resize2fs'' to manually set root filesystem size.
 <code>
@@ Line 74: / Line 123: @@
 ==== raspi-config ====
-Run the raspi-config tool and set the following options.
+Run the ''raspi-config'' tool and set the following options:
   * **2 Network Options** -> Hostname -> Set hostname
@@ Line 88: / Line 137: @@
     * **A3 Memory Split** -> 16
-===== Old: Raspian Jessie Lite instructions =====
+==== Additional hardware configuration via config.txt ====
+These settings involve manual configuration of ''/boot/config.txt'' to disable certain drivers.  See [[https://github.com/raspberrypi/firmware/blob/master/boot/overlays/README|boot overlays README]] for more information.
+=== Disable unneeded networking ===
+<code>
+# disable WiFi
+dtoverlay=disable-wifi
+# disable Bluetooth
+dtoverlay=disable-bt
+</code>
+Disable modem service per boot overlays doc:
+<code>
+systemctl disable hciuart
+</code>
+=== Disable audio driver ===
+Comment out the audio driver:
+<code>
+# Enable audio (loads snd_bcm2835)
+#dtparam=audio=on
+</code>
+==== Configure OpenSSH server ====
+Disable all keys except ed25519.
+<code>
+cat "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
+rm -fv /etc/ssh/*key*
+dpkg-reconfigure openssh-server
+</code>
+==== Packages ====
+<code>
+vim
+ntp
+isc-dhcp-server
+bind9
+dnsutils
+whois
+fping
+git
+tmux
+mksh
+zsh
+</code>
+==== Services ====
+Service modification
+<code>
+systemctl disable apt-daily-upgrade.timer
+systemctl disable apt-daily.timer
+</code>
+===== See also =====
+  * [[quay:dns|Local DNS configuration]]
+  * [[quay:ntp|Local time service]]
+  * [[quay:dhcp|Local DHCP service]]
+----
+//This section contains old instructions for Raspian 8 and will be deprecated in the future.//
+===== [Old] Raspian Jessie Lite instructions =====
   * Add OpenSSH authorized_keys for root user
@@ Line 167: / Line 291: @@
 </code>
-====== Service management under systemd ======
+==== Service management under systemd ====
   * Add service to systemd init process: ''systemctl enable $SERVICE''
   * List all services: ''service --status-all''
-====== Disable WiFi completely ======
+==== Disable WiFi completely ====
 Blacklist the driver by creating a file in ''/etc/modprobe.d'' called ''wlan-blacklist.conf'' with the following contents: