rpi_nimbus

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
rpi_nimbus [2019/04/14 15:01] – [Exclude logging] Júne Parkrpi_nimbus [2024/03/15 23:47] – [Specification] Júne Park
Line 1: Line 1:
 <nav>  <nav> 
   * {{fa>server?color=#8B0000}} Linux   * {{fa>server?color=#8B0000}} Linux
-    * [[:rpi_common|General Things on Raspbian]]+    * [[:rpi_common|■ General Things on Raspbian]]
     * [[:rpi_autism|Media Ditorium ─ AUTiSM Rainbow]]     * [[:rpi_autism|Media Ditorium ─ AUTiSM Rainbow]]
     * [[:rpi_epigen|Private Cellarium ─ EPiGEN Crystal]]     * [[:rpi_epigen|Private Cellarium ─ EPiGEN Crystal]]
     * [[:rpi_nimbus|Webius Officium ─ NiMBUS deBlanc]]     * [[:rpi_nimbus|Webius Officium ─ NiMBUS deBlanc]]
-    * [[:debian_common|General info on Debian Linux]]+    * [[:debian_common|■ General info on Debian Linux]]
     * [[:deb_mutism|Opus Imperium ─ MUTiSM Magnum]]     * [[:deb_mutism|Opus Imperium ─ MUTiSM Magnum]]
 +    * [[:deb_gilead|Actu Periculum ─ GiLEAD Argenta]]
 +    * [[:deb_debris|Finca LaDichium ─ DEBRiS Chrome]]
   * {{fa>windows?color=#0000A0}} Windows   * {{fa>windows?color=#0000A0}} Windows
-    * [[:pc_common|Common Works on Windows]]+    * [[:pc_common|■ Common Works on Windows]]
     * [[:pc_mesonism|Primus Workstation ─ MESONiSM]]     * [[:pc_mesonism|Primus Workstation ─ MESONiSM]]
     * [[:pc_mesonium|Manibus Tablet ─ MESONiUM]]     * [[:pc_mesonium|Manibus Tablet ─ MESONiUM]]
Line 14: Line 16:
     * [[:pc_mesonity|Praevus Station ─ MESONiTY]]     * [[:pc_mesonity|Praevus Station ─ MESONiTY]]
   * {{fa>android?color=#006400}} Android   * {{fa>android?color=#006400}} Android
-    * [[:cell_common|Common Stuffs on Androids]]+    * [[:cell_common|■ Common Stuffs on Androids]]
     * [[:cell_epiaux|Júne's Primus ─ EPiAUX 5X]]     * [[:cell_epiaux|Júne's Primus ─ EPiAUX 5X]]
     * [[:cell_epihex|Júne's Extentus ─ EPiHEX 6]]     * [[:cell_epihex|Júne's Extentus ─ EPiHEX 6]]
 +    * [[:cell_epimer|Júne's Maximus ─ EPiMER 5P]]
     * [[:cell_epinex|Júne's Secondus ─ EPiNEX 5]]     * [[:cell_epinex|Júne's Secondus ─ EPiNEX 5]]
     * [[:cell_epitab|Júne's Laminus - EPiTAB 7]]     * [[:cell_epitab|Júne's Laminus - EPiTAB 7]]
Line 22: Line 25:
 </nav> </nav>
  
-===== Webius Officium ─ NiMBUS deBlanc =====+====== Webius Officium ─ NiMBUS deBlanc ======
  
 {{:rpi_nimbus.jpg?nolink&250|}} {{:rpi_nimbus.jpg?nolink&250|}}
  
-  * Name: {{material>assignment_turned_in}} NiMBUS deBlanc (official) | {{material>create}} 구운몽 (korean)+Name: {{mdi>cards?28&color=#9000B3}} ''**NiMBUS** deBlanc'' (official) | {{mdi>creation?28&color=#9000B3}} ''구운몽'' (korean)
  
 ---- ----
 ==== Specification ====  ==== Specification ==== 
  
-  * Model: [[https://www.raspberrypi.org/products/raspberry-pi-3-model-b/|Raspberry Pi 3 Model B]] [[wp>Raspberry_Pi#Model_B|Raspbierry Pi Model B]] +{{mdi>raspberry-pi?32&color=#9000B3}} Model: [[https://www.raspberrypi.org/products/raspberry-pi-3-model-b/|Raspberry Pi 3 Model B]] [[wp>Raspberry_Pi#Model_B|Raspbierry Pi Model B]]
-  * {{fa>database?color=#522B47}}: 240G on ''/var/www'' & 500G on ''~/storage'' - {{fa>plug}} [[SECURED:JUNE_HARDWARE#data_storage|Storage in details]] {{fa>lock}} +
-  * {{fa>wifi?color=#7B0828}}: Wireless (''wlan0'') & Wired (''eth0'') - {{fa>wifi}} [[SECURED:HOME_NETWORK#dhcp_assigned_ip|Júne's home network]] {{fa>lock}} +
-  * {{fa>globe?color=#0F0E0E}} Web service and web resources including [[wp>WebDAV]]+
  
-----+{{mdi>database-plus?32&color=#9000B3}} Storages --- {{mdi>harddisk}} [[SECURED:JUNE_HARDWARE#data_storage|Storage in details]] {{mdi>lock}} 
 +  * {{mdi>database}} ''**240G**'' --- ''/var/www'' partition {{fa>usb?14&color=#005eb8}} 
 +  * {{mdi>database}} ''**500G**'' --- ''~/storage'' partition {{fa>usb?14&color=#005eb8}}
  
-==== Hosting Services ==== +=== Live status of storages ===
  
-<button type="info"  icon="fa fa-lock">[[[[secured:web_admin#june_s_pion_gateway|admin]]</button> **''[[https://pi.meson.one/|Júne's PiON Gateway]]''**  --- WebDAV and Documents Archives +<code ini> 
 +Mounted on     Type  Size  Used Avail Use% 
 +             ext4   15G  2.3G   12G  17% 
 +/var/www       ext4  220G  451M  208G   1% 
 +/home/www-data ext4  458G  307G  128G  71% 
 +</code>
  
 +{{mdi>server-network?32&color=#9000B3}} --- {{mdi>wifi-strength-3-lock}} [[SECURED:HOME_NETWORK#dhcp_assigned_ip|Júne's home network]] {{mdi>lock}}
 +  * {{mdi>lan?color=#9000B3}} Wired (''NiMBUS-enx001''
 +  * {{mdi>wifi?color=#9000B3}} Wireless Connection (''NiMBUS-wlx001''
 +  * {{mdi>lan?color=#9000B3}} Wired {{fa>usb?14&color=#000000}} (''NiMBUS-wlx002'')  
  
-<button type="info"  icon="fa fa-lock">[[[[secured:web_admin#june_s_cloud_platform|admin]]</button**''[[https://cloud.meson.in|Júne's Cloud Platform]]''**  --- Gateway for all cloud services +{{mdi>web?32&color=#9000B3}}  Web publishing and web resources including [[wp>WebDAV]]
  
-<button type="info"  icon="fa fa-lock">[[[[secured:web_admin#june_s_wiki|admin]]</button> **''[[https://wiki.meson.in|Júne's Wiki]]''**  --- What I Know Is ... Here +----
  
 +==== Hosting Services ==== 
  
-{{fa>sliders?color=#d20962&2x}} Live [[:secured:nginx_config#nimbus_debalanc|Nginx Configuration]] for ''**NiMBUS**'' {{fa>lock?color=#808080}} +<button type="primary" size="sm" icon="fa fa-lock">[[[[secured:web_admin#june_s_pion_gateway|admin]]</button> **''[[https://pi.meson.one/|Júne's PiON Gateway]]''**  --- WebDAV and Documents Archives 
  
  
 +<button type="primary"  size="sm" icon="fa fa-lock">[[[[secured:web_admin#june_s_cloud_platform|admin]]</button> **''[[https://cloud.meson.in|Júne's Cloud Platform]]''**  --- Gateway for all cloud services 
 +
 +<button type="primary"  size="sm" icon="fa fa-lock">[[[[secured:web_admin#june_s_wiki|admin]]</button> **''[[https://wiki.meson.in|Júne's Wiki]]''**  --- What I Know Is ... Here 
 +
 +<button type="danger" size="sm" icon="fa fa-sliders">[[https://wiki.meson.one/doku.php?id=secured:nginx_config#nimbus_debalanc|Nginx Configuration]]</button> Showing lively on OWL {{fa>opera?14&color=#cc0f16}} for ''**NiMBUS** deBlanc'' {{fa>lock?color=#808080}} 
  
 ---- ----
 ==== +Work logs ====  ==== +Work logs ==== 
  
-  * ''Renew SSL certificates'' (Let's Encrypt) done   <sub> --- Updated on //2019/03/13 20:08//</sub>+  * ''adjust & optimize'' value of ''php-fpm'' -- ''/etc/php/7.x/fpm/pool.d/www.conf'' <sub>  --- Updated on //2020/07/25 21:40// </sub> 
 +  * ''proxy_pass'' for ''transmission web'' with ''bit.meson.in'', ''tor.meson.in'' & ''gen.meson.in'' <sub>  --- Updated on //2020/07/25 04:15// </sub> 
 +  * **''Fresh installation''** <sub>  --- Updated on //2020/07/25 04:13// </sub> 
 +  * Change ''backup rsync'' to another partition <sub>  --- Updated on //2020/06/27 04:01// </sub> 
 +  * Change ''web root'' of ''eigen.ml'', ''dav.meson.in'' & ''pdf.meson.in'' <sub>  --- Updated on //2020/06/27 04:00// </sub> 
 +  * Plugin Wireless LAN {{mdi>usb}} & Wired Giga LAN {{fa>usb}} <sub>  --- Updated on //2020/02/22 03:32// </sub> 
 +  * **''Fresh installation''** <sub>  --- Updated on //2020/02/11 02:16// </sub>
   * ''configure'' access.log and error.log separately  <sub> --- Updated on //2018/09/20 11:12//</sub>   * ''configure'' access.log and error.log separately  <sub> --- Updated on //2018/09/20 11:12//</sub>
-  * ''create'' server block for {{fa>folder-open}} [ ''dav.meson.in'' ]  <sub> --- Updated on //2018/08/14 15:35//</sub> +  * {{mdi>sitemap}} ''create'' server block for  [ ''dav.meson.in'' ]  <sub> --- Updated on //2018/08/14 15:35//</sub> 
   * ''Optimize'' Nginx configuration for **''Dokuwiki''** [[https://www.nginx.com/resources/wiki/start/topics/recipes/dokuwiki/|reference content]]   * ''Optimize'' Nginx configuration for **''Dokuwiki''** [[https://www.nginx.com/resources/wiki/start/topics/recipes/dokuwiki/|reference content]]
-  * ''create'' server block for {{fa>book}} [ ''lib.meson.one'' ] library project <sub>  --- Updated on //2018/04/11 18:22//</sub> +  * {{mdi>book-open-page-variant}} ''create'' server block for  [ ''lib.meson.one'' ] library project <sub>  --- Updated on //2018/04/11 18:22//</sub> 
   * Activate gzip module in Nginx <sub>  --- Updated on //2018/02/27 06:10//</sub>    * Activate gzip module in Nginx <sub>  --- Updated on //2018/02/27 06:10//</sub> 
   * Configured HTTP/2 for all sites <sub>  --- Updated on //2018/02/15 19:45//</sub>    * Configured HTTP/2 for all sites <sub>  --- Updated on //2018/02/15 19:45//</sub> 
Line 68: Line 91:
 <hidden> <hidden>
 ■ For archived history of SSL renewal  ■ For archived history of SSL renewal 
 +  * {{fa>certificate}} ''Renew SSL certificates'' (Let's Encrypt) done <sub>  --- Updated on //2019/08/01 18:48// </sub>
 +  * {{fa>certificate}} ''Renew SSL certificates'' (Let's Encrypt) done <sub>  --- Updated on //2019/05/23 01:57// </sub>
 +  * ''Renew SSL certificates'' (Let's Encrypt) done   <sub> --- Updated on //2019/03/13 20:08//</sub>
   * ''Renew SSL certificates'' (Let's Encrypt) done   --- <sub>Updated on</sub> //2018/10/21 00:29//   * ''Renew SSL certificates'' (Let's Encrypt) done   --- <sub>Updated on</sub> //2018/10/21 00:29//
   * ''Renew SSL certificates'' (Let's Encrypt) done  --- Updated on //2018/08/13 21:11//   * ''Renew SSL certificates'' (Let's Encrypt) done  --- Updated on //2018/08/13 21:11//
Line 77: Line 103:
  
 === +Que to do ===  === +Que to do === 
- 
-  * {{fa>server?color=#AA0000}} reverse proxy configuration 
  
   * rsync with cloud service such as Box or Dropbox   * rsync with cloud service such as Box or Dropbox
Line 89: Line 113:
  
 ---- ----
 +==== Disable Build-in Radios ==== 
  
 +Edit ''/boot/config.txt'' 
 +
 +<code ini> 
 +dtoverlay=disable-wifi
 +dtoverlay=disable-bt
 +</code> 
 +
 +Or add configuration string in ''config.txt'' 
 +
 +<code bash> 
 +echo "dtoverlay=pi3-disable-wifi" | sudo tee -a /boot/config.txt
 +echo "dtoverlay=pi3-disable-bt" | sudo tee -a /boot/config.txt
 +</code> 
 +
 +Disable systemd service that initializez Bluetooth Modems connected by UART. 
 +
 +<code bash> 
 +sudo systemctl disable hciuart.service
 +</code>
 +
 +----
 +==== Setup different SSIDs ==== 
 +
 +Default (initial) configuration for Wireless is stored in ''/etc/wpa_supplicant/wpa_supplicant.conf'' 
 +
 +If another wireless device is ''wlan1'' then copy as ''wpa_supplicant-**wlan1**.conf'' and edit 
 +
 +<code ini> 
 +ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
 +network={
 +    ssid="example"
 +    scan_ssid=1
 +    key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
 +    pairwise=CCMP TKIP
 +    group=CCMP TKIP WEP104 WEP40
 +    psk="very secret passphrase"
 +    eap=TTLS PEAP TLS
 +    identity="user@example.com"
 +    password="foobar"
 +    ca_cert="/etc/cert/ca.pem"
 +    client_cert="/etc/cert/user.pem"
 +    private_key="/etc/cert/user.prv"
 +    private_key_passwd="password"
 +    phase1="peaplabel=0"
 +    ca_cert2="/etc/cert/ca2.pem"
 +    client_cert2="/etc/cer/user.pem"
 +    private_key2="/etc/cer/user.prv"
 +    private_key2_passwd="password"
 +}
 +</code>
 ==== Enable your Server Blocks ====  ==== Enable your Server Blocks ==== 
  
Line 141: Line 216:
 ./certbot-auto delete ./certbot-auto delete
 </code>  </code> 
 +
 +----
 +
 +==== Let's Encrypt via repository ==== 
 +
 +<code bash> 
 + sudo apt update 
 + sudo apt install certbot python-certbot-nginx 
 +</code> 
 +
 +command is same as ''certbot-auto'' by ''root'' privilege. 
 +
 +=== Create certificate(s) === 
 +
 +<code bash> 
 + certbot certonly --webroot -w /var/www/mydomain -d www.mydomain.com 
 +</code> 
 +
 +=== Renew certificate(s) === 
 +
 +<code bash> 
 + certbot renew
 +</code> 
 +
 +=== Delete certificate(s) === 
 +
 +<code bash>
 + certbot delete --cert-name delete.mydomain.com 
 +</code> 
 +
 + 
 +=== Renew certificate(s) using systemd === 
 +
 +Check renewal executes without error, 
 +
 +<code bash> 
 + sudo certbot renew --dry-run 
 +</code> 
 +
 +== Service unit file == 
 +
 +If no error, edit **service unit file** typically stored in ''/etc/systemd/system/''. Edit ''/etc/systemd/system/certbot-renewal.service'' 
 +
 +<code ini> 
 +[Unit]
 +Description=Certbot Renewal
 +
 +[Service]
 +ExecStart=/usr/bin/certbot renew --post-hook "systemctl restart nginx.service"
 +</code> 
 +
 +Which restarts web service after renewing certificate(s).  
 +
 +== Timer unit file == 
 +
 +Modify ''/etc/systemd/system/certbot-renewal.timer'' to adjust timer for certbot renewal. 
 +
 +<code ini> 
 +[Unit]
 +Description=Timer for Certbot Renewal
 +
 +[Timer]
 +OnBootSec=300
 +OnUnitActiveSec=2w
 +
 +[Install]
 +WantedBy=multi-user.target
 +</code> 
 +
 +The configuration below will activate the service biweekly, and 300 seconds after boot-up.
 +
 +== Using systemctl and journalctl == 
 +
 +To start the timer
 +<code bash> 
 +  sudo systemctl start certbot-renewal.timer
 +</code> 
 +
 +To enable the timer to be started on boot-up
 +<code bash> 
 +  sudo systemctl enable certbot-renewal.timer
 +</code> 
 +
 +To show status information for the timer
 +<code bash> 
 +  systemctl status certbot-renewal.timer
 +</code> 
 +
 +To show journal entries for the timer
 +<code bash> 
 +  journalctl -u certbot-renewal.service
 +</code>
  
 ---- ----
Line 203: Line 370:
 ---- ----
 ==== Create WebDAV directory on Nginx ====  ==== Create WebDAV directory on Nginx ==== 
-**WebDAV** is web protocol based service to open directory and web resources via various ways. To enable WebDAB or Open directory in Nginx. Append the following code inside ''Server {  ...}'' line. +**WebDAV** is web protocol based service to open directory and web resources via various ways. To enable WebDAV or Open directory in Nginx. Append the following code inside ''Server {  ...}'' line. 
  
 <accordion> <accordion>
Line 268: Line 435:
 ''Fancyindex'' is an optional part if you have installed ''nginx-extra'' or ''nginx-full'' ''Fancyindex'' is an optional part if you have installed ''nginx-extra'' or ''nginx-full''
  
-{{fa>warning?color=#000000}} After ''Stretch'' Rapbian upgrade, ''Fancyindex'' feature could not work+{{fa>warning?color=#000000}} When ''fancyindex'' is oncomment out ''autoindex'' directive
  
 <code nginx>  <code nginx> 
 +#  autoindex on;
 +
    fancyindex on;     fancyindex on; 
    fancyindex_exact_size off;     fancyindex_exact_size off; 
Line 304: Line 473:
  
 ---- ----
-==== Backup & archive veb resources ====+==== Backup & archive web resources ====
    
 Using ''rsync'', backup and archive web resource into another location.  Using ''rsync'', backup and archive web resource into another location. 
Line 529: Line 698:
  
 ---- ----
 +===== Installing DokuWiki ===== 
  
-==== Known Problems ==== +==== Post installation ==== 
  
-=== upstream timed out(110: Connection timed out) ===+=== Setup permissions of directories ===  
 + 
 +''data'' directory 
 + 
 +<code bash> 
 +wiki/to/path$ sudo chmod -R g=rwX,u=rwX,o=rX data/ 
 +wiki/to/path$ sudo chown -R www-data:www-data data/ 
 +</code> 
 + 
 +everything ''below the data'' directory 
 + 
 +<code bash> 
 +wiki/to/path/data$ sudo chmod 2775 {attic,cache,index,locks,media,meta,pages,tmp} 
 +wiki/to/path/data$ sudo chown www-data:www-data {attic,cache,index,locks,media,meta,pages,tmp} 
 +</code> 
 + 
 +For newly created directories, it might require ''setgid'' bit in order to fully retain correct permissions after setting up the existing ones.  
 + 
 +---- 
 + 
 + 
 +===== Solved problems ===== 
 + 
 +==== symbol lookup error ====  
 + 
 +<text type="warning">{{fa>exclamation}} **Problem**</text>: Error during ''sudo apt update'' 
 + 
 +<text type="danger">{{fa>bug}} **Symptom**</text> 
 +<code text>  
 +apt-get: symbol lookup error: /usr/lib/arm-linux-gnueabihf/libapt-pkg.so.4.12: undefined symbol:  
 +</code> 
 + 
 +<text type="info">{{fa>lightbulb-o}} **Solution**</text>: reinstall package  
 +<code bash>  
 +# Download the current version of libapt-pkg4.12 
 +wget http://mirrordirector.raspbian.org/raspbian/pool/main/a/apt/libapt-pkg4.12_0.9.7.9+rpi1+deb7u7_armhf.deb 
 + 
 +# Install it 
 +sudo dpkg -i libapt-pkg4.12_0.9.7.9+rpi1+deb7u7_armhf.deb 
 +</code> 
 + 
 +---- 
 +===== Known problems =====  
 + 
 +==== upstream timed out(110: Connection timed out) ====
 <text type="warning">{{fa>exclamation}} **Problem**</text>: Error found in log ''/var/log/nginx/xxx_error.log'',  <text type="warning">{{fa>exclamation}} **Problem**</text>: Error found in log ''/var/log/nginx/xxx_error.log'', 
  
Line 541: Line 755:
 <text type="danger">{{fa>bug}} **Symptom**</text>: No symptom while running website. Only found in error log.  <text type="danger">{{fa>bug}} **Symptom**</text>: No symptom while running website. Only found in error log. 
  
-<text type="info">{{fa>lightbulb-o}} **Solution**</text>:  +<text type="info">{{fa>lightbulb-o}} **Solution**</text>:  [[https://www.digitalocean.com/community/questions/nginx-error-111-connection-refused|Solution #1]]
  
 ---- ----
-=== Under-voltage detected! (0x00050005) ===+==== Under-voltage detected! (0x00050005) ====
 <text type="warning">{{fa>exclamation}} **Problem**</text>: Error found in log ''/var/log/kern.log'',  <text type="warning">{{fa>exclamation}} **Problem**</text>: Error found in log ''/var/log/kern.log'', 
  
Line 553: Line 767:
 <text type="danger">{{fa>bug}} **Symptom**</text>: No symptom while running website. Only found in error log.  <text type="danger">{{fa>bug}} **Symptom**</text>: No symptom while running website. Only found in error log. 
  
-<text type="info">{{fa>lightbulb-o}} **Solution**</text>:  +<text type="info">{{fa>lightbulb-o}} **Solution**</text>:  
 + 
  
  • rpi_nimbus
  • Last modified: 2024/04/20 14:59
  • by Júne Park