Pale blue cloud  

   

   

Provisioning a new Raspberry Pi

Details

Last week I bought my third Raspberry Pi, it is going to host a new Nestcam server. My other two Pis are running XBMC [Kodi] and Domoticz and because both of those were provisioned a 'long' time ago I had to go back and figure out how I configured them.

With the inevitable (re)provisioning in the future I decided to make a list of configuration actions I performed so I don't have to look them up anymore.

The steps below lead to a lean Raspberry Pi server, without Xorg and related desktop applications, running Raspbian Wheezy, motion and nginx.

Note that most steps need to be executed as root but that I am leaving out the sudo command for brevity.

Download image

  1. Download the latest Raspbian Wheezy image and write it to a micro SD card according to the installation instructions.

Switch on and log in

  1. Connect the Pi to the network and power it up.
  2. Figure out the IP address that it received from the DHCP server: nmap -p 22 --open -sV 192.168.178.0/24
  3. Add a DHCP reservation in my router so that this RPi always receives the same IP address in my network. That way I don't need to tweak RPi's network configuration settings.
  4. Login with the default username and password (pi/raspberry).
  5. Install the latest updates:
    1. apt-get update
    2. apt-get upgrade

Configure by menu

  1. Run: sudo raspi-config.
  2. Execute the following menu choices:
    1. Change the password for user pi.
    2. Expand Filesystem
    3. Choose console login as the default login.
    4. Internationalization options: change locale to en_US.UTF-8 UTF-8 and change the timezone to mine.
    5. Advanced Options / Hostname: change the host name to nestcam.
    6. Advanced Options / memory Split: assign 16MB to GPU (default: 64) because we don't run X.
    7. Advanced Options / Update.
  3. Reboot

Manual configuration

  1. The default editor is nano, change that to vi:
    1. cd /etc/alternatives
    2. rm editor
    3. ln -s /usr/bin/vim.tiny editor
  2. Edit /etc/rc.local to switch off HDMI:
    # Power off HDMI device
    /opt/vc/bin/tvservice -o
  3. Editted /etc/motd to display the above as a reminder when logging in.
  4. Created new root crontab to get the latest updates every day (yet do not apply them automatically:
    12 0 * * * /usr/bin/apt-get update
  5. In /boot/cmdline.txt, set elevator=noop.
  6. Edit /etc/fstab to mount frequently written-to filesystems /var/run, /tmp en /var/tmp on tmpfs:
    none            /var/run        tmpfs   size=1M,noatime   0       0
    none            /tmp            tmpfs   size=1M,noatime   0       0
    none            /var/tmp        tmpfs   size=1M,noatime   0       0
  7. In /etc/inittab, disable 5 getty-s:
            1:2345:respawn:/sbin/getty --noclear 38400 tty1
            #2:23:respawn:/sbin/getty 38400 tty2
            #3:23:respawn:/sbin/getty 38400 tty3
            #4:23:respawn:/sbin/getty 38400 tty4
            #5:23:respawn:/sbin/getty 38400 tty5
            #6:23:respawn:/sbin/getty 38400 tty6

Remove unused software

I removed most of the graphical packages and desktop software because I am not going to use them. This saves diskspace (hundreds of MBs), decreases update times and potential vulnerabilities.

Clean up unwanted packages. I did not figure this out myself; stackexchange and other's blogs were very helpful.

  1. apt-get install deborphan
  2. apt-get remove --auto-remove --purge libx11-.*
  3. deborphan -sz
  4. apt-get remove --purge $(deborphan)
  5. apt-get autoremove

Install software

  1. Install motion: apt-get install motion.
  2. vi /etc/default/motion, set start_motion_daemon=yes.
  3. Install nginx: apt-get install nginx.
  4. Install FastCGI: apt-get install fcgiwrap.
  5. Configure motion.
    1. Copy motion.conf from backup.
    2. chown root.motion motion.conf.
    3. Make motion's export directory owned by motion.root.
  6. Test: /etc/init.d/motion start.
  7. Configure nginx.
  8. Copy nginx configuration from backup.
  9. Copy backup of www tree, fix index.html etc.

Automount external USB stick for motion snapshots

I am going to write the JPG snapshots that motion makes to an external USB stick, so that the SD card in the RPi does not wear out to quick because of all the writes.

When plugged in, this particular stick on this particular RPi becomes available on device /dev/sda1, so that's how I will configure the mount point.

  1. Create single 0B (W95 FAT32) partition on the USB stick.
  2. Create file system: mkfs.vfat /dev/sda1.
  3. Create mountpoint: install -m 0775 -d /mnt/stick.
  4. Change ownership: chown motion.www-data /mnt/stick.
  5. Manual mount to see how it goes: mount -t vfat /dev/sda1 /mnt/stick -o uid=motion,gid=www-data
  6. Add the following line line to /etc/fstab:
    dev/sda1 /mnt/stick vfat       auto,nouser,rw,umask=0002,uid=motion,gid=www-data 0 0
  7. Add user pi to the group www-data so it's easy to move snapshots around.
   
© Palebluedot