|
|
| Line 19: |
Line 19: |
| A 1U Intel Atom machine in the rack in the basement, specs etc [http://www.nexcom.com/Products/network-and-communication-solutions/desktop-appliance/desktop-appliance/communication-gateway-dna-1110# here] | | A 1U Intel Atom machine in the rack in the basement, specs etc [http://www.nexcom.com/Products/network-and-communication-solutions/desktop-appliance/desktop-appliance/communication-gateway-dna-1110# here] |
|
| |
|
| Is our core router, has both FTTC lines connected to it. DHCP and DNS server. Runs the spacefed node for the space and is an ldap server.
| | Boole is our core router, has both FTTC lines connected to it. DHCP and DNS server. Runs the spacefed node for the space and is an ldap server. |
| | |
| Also a netboot server, provides:
| |
| | |
| * Diskless i386 and amd64 debian wheezy
| |
| * Rescue and Install for debian wheezy.
| |
| * partition magic
| |
| * memtest
| |
| * [http://www.dban.org/ dban]
| |
| * [http://linux.voyage.hk/ Voyage] (a minimised debian disto that can run from readonly media) '''Warning''' : the Voyage auto install kernel will '''reformat''' things they are booted on ''without prompting''.
| |
| | |
| Also runs [http://www.ansibleworks.com/docs/intro_getting_started.html ansible] for setting up machines in the space.
| |
|
| |
|
| === Issues === | | === Issues === |
|
| |
|
| On boot unbound can fail to start due to ipv6 dad not finishing in time for it to bind to it's ipv6 address, see this: http://lists.debian.org/debian-devel/2012/11/msg00038.html I added sleep 10 to the unboudn init scripts. | | On boot unbound can fail to start due to ipv6 dad not finishing in time for it to bind to it's ipv6 address, see this: |
| | |
| We have have installed the latest versio of the rp-pppoe ppp plugin so we can use a 1508 byte mtu to avoid having to do mss clamping.
| |
| | |
| === using Ansible with a Rasbperry Pi ===
| |
| | |
| <nowiki>
| |
| dd raspbian image (use the 02-09 one to avoid usb issues)
| |
| boot pi
| |
| watch dhcp logs on boole
| |
| ssh pi@ip
| |
| passwd: raspberry
| |
| | |
| sudo raspi-config
| |
| update it
| |
| expand filesystem
| |
| change password
| |
| boot to console
| |
| advanced options -> hostname
| |
| | |
| cd /etc/network
| |
| edit interfaces to get a static ip
| |
| reboot
| |
| | |
| log into boole with ssh keys forwarded
| |
| | |
| add hostname to dns
| |
| add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis]
| |
| sections, and [doorbot] if it's a doorbot, make the syslocation="something sensible"
| |
| | |
| then:
| |
| | |
| if it's a replacement for an old machine then
| |
| ssh-keygen -R hostname
| |
| ssh-keygen -R hostname.lan.london.hackspace.org.uk
| |
| ssh-keygen -R ipv4 address (?)
| |
| ssh-keygen -R ipv6 address (?)
| |
| | |
| then:
| |
| | |
| cd /etc/ansible
| |
| ansible -v -s -u pi -k -m command -a "apt-get -y install python-apt" "hostname*"
| |
| ansible-playbook -u pi -s -k -l "perlman*" lhs/site.yml
| |
| | |
| The 2nd one will add our users, ssh keys, packages, etc etc.
| |
| | |
| notes:
| |
| | |
| not sure how resolv.conf gets setup, I thought having:
| |
| | |
| iface eth0 inet static
| |
| [...]
| |
| dns-nameservers 172.31.24.2
| |
| dns-search lan.london.hackspace.org.uk
| |
| | |
| would sort it, but maybe that dosn't and we got lucky from dhcp?
| |
|
| |
|
| the dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be
| | http://lists.debian.org/debian-devel/2012/11/msg00038.html I added sleep 10 to the unbound init scripts. |
| done manually, add to ansible.
| |
|
| |
|
| </nowiki>
| | We have have installed the latest version of the rp-pppoe ppp plugin so we can use a 1508 byte mtu to avoid having to do mss clamping. |
