Raspberry Pi - Storage Server for Williams Moms

Part 1: General setup

  • run raspbian-ua-netinst on SD card (default install - server packages of debian buster)
  • SSH in as root…
> /etc/motd
echo $HOSTNAME > /etc/hostname
sed -i s/pi/$HOSTNAME/g /etc/hosts
apt-get update && apt-get --no-install-recommends install aptitude

ln -sf /usr/share/zoneinfo/America/Chicago /etc/localtime
echo "America/Chicago" > /etc/timezone
dpkg-reconfigure -f noninteractive tzdata
sed -i -e 's/^# en_US.UTF-8/en_US.UTF-8/' /etc/locale.gen
dpkg-reconfigure -f noninteractive locales

aptitude full-upgrade

aptitude install netcat-traditional screen rsync psmisc file patch ethtool strace tcpdump vim bzip2 xz-utils
aptitude --without-recommends install dnsutils

aptitude install watchdog
sed -i -e 's/^#watchdog-device/watchdog-device/g' /etc/watchdog.conf
sed -i -e 's/^#max-load-1\t/max-load-1\t/g' /etc/watchdog.conf
echo "# Raspberry Pi doesn't work with the default timeout of 60; set it to 10 instead" >> /etc/watchdog.conf
echo $'watchdog-timeout\t= 10' >> /etc/watchdog.conf

adduser williams
adduser tdobes
adduser tdobes adm
adduser tdobes systemd-journal

aptitude install firmware-brcm80211 # rpi3 wifi firmware
aptitude install ifmetric iw wireless-tools ifplugd wpasupplicant
sed -i -e 's/^REGDOMAIN=$/REGDOMAIN=US/g' /etc/default/crda
sed -i -e 's/^INTERFACES=""/INTERFACES="eth0"/g' /etc/default/ifplugd
sed -i -e 's/^allow-hotplug eth0/#allow-hotplug eth0/g' /etc/network/interfaces
systemctl restart ifplugd

echo >> /etc/network/interfaces
echo 'allow-hotplug wlan0' >> /etc/network/interfaces
echo 'iface wlan0 inet manual' >> /etc/network/interfaces
echo '  wpa-driver nl80211,wext' >> /etc/network/interfaces
echo '  wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf' >> /etc/network/interfaces
echo >> /etc/network/interfaces
echo 'iface wifi inet dhcp' >> /etc/network/interfaces
echo '  metric 1' >> /etc/network/interfaces

cat > /etc/wpa_supplicant/wpa_supplicant.conf <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev

#  ssid="mcp-5.8"
#  scan_ssid=1
#  psk="**PASSWORD**"
#  priority=10
#  id_str="wifi"
chmod -x /etc/wpa_supplicant/action_wpa.sh # ensures that ifplugd doesn't disconnect wifi - see http://raspberrypi.stackexchange.com/questions/31780/wpa-supplicant-conf-with-two-network-cards-not-working-when-wpa-roam

# Clean-up and optimization

# systemctl disable rsyslog.service
systemctl disable rsync.service
systemctl disable sshswitch.service
# systemctl stop rsyslog.service
# rm /var/log/auth.log* /var/log/daemon.log* /var/log/debug /var/log/kern.log* /var/log/messages /var/log/user.log* /var/log/syslog

Part 2: CIFS Server

aptitude --without-recommends install e2fsprogs
mkdir -p /mnt/ssd
fdisk /dev/sda
# t, 83, w
mkfs.ext4 /dev/sda1
echo UUID=`ls -l /dev/disk/by-uuid/ | grep sda1 | awk '{print $9}'`$'\t/mnt/ssd\text4\tnoatime,discard\t0\t2' >> /etc/fstab
mount /mnt/ssd
mkdir -p /mnt/ssd/share
chown williams /mnt/ssd/share
chmod 0775 /mnt/ssd/share
aptitude install nload

aptitude install samba
mv /etc/samba/smb.conf /etc/samba/smb.conf.orig
cat > /etc/samba/smb.conf <<EOF
  security = user
  workgroup = WILLIAMS
  server string = RPi Storage Server

  # try to become browse master
  local master = yes
  # don't use DNS for NetBIOS lookups
  dns proxy = no
  # don't flood DNS servers with useless queries (see manpage; DC lookup still uses DNS)... also disable broadcast resolution
  # name resolve order = wins
  name resolve order = wins host
  # ensure that we follow PAM rules (hopefully this will enforce home directory auto-creation)
  obey pam restrictions = yes
  # no broadcast announcements (we're not using OS/2)
  lm announce = no

  # disable print server
  load printers = no
  show add printer wizard = no
  disable spoolss = yes

  # logging
  log file = /var/log/samba/log.%m
  # cap logfiles at 1MB
  max log size = 1000
  log level = 2
  # don't send anything to syslog
  syslog = 0
  # mail the admin if we crash
  panic action = /usr/share/samba/panic-action %d

  # performance tweaks
  use sendfile = yes

  # obtain permissions from parent dir
  inherit permissions = yes
  # drop connections with no open files after 15 minutes of inactivity
  deadtime = 15
  # allow Windows to handle inheritance correctly
  map acl inherit = yes

  # hide Apple-specific files from Windows, but delete them if we're deleting a folder
  veto files = /.AppleDesktop/Network Trash Folder/TheVolumeSettingsFolder/.AppleDouble/.AppleDB/.DS_Store/.TemporaryItems/
  delete veto files = yes

  create mask = 0664
  directory mask = 0775

  # this wreaks all sorts of havoc with symlinks
  unix extensions = no

  # emulate DOS attributes using xattr
  store dos attributes = yes

  comment = SSD Share
  writable = yes
  path = /mnt/ssd/share
smbpasswd -a -L williams
systemctl restart smbd nmbd

Part 3: NFS Server

aptitude install nfs-kernel-server

echo >> /etc/exports
echo $'/mnt/ssd/share\t192.168.32.0/24(rw,async,no_subtree_check)' >> /etc/exports
echo $'/mnt/ssd/share\t192.168.31.0/24(rw,async,no_subtree_check)' >> /etc/exports
exportfs -vra
computer/raspberry_pi_storage_server.txt · Last modified: 2019/12/28 21:09 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS