Difference between revisions of "Equipment/Denning"

From London Hackspace Wiki
Jump to: navigation, search
(spacefed and ldap is here)
(remove netboot stuff)
Line 25: Line 25:
Runs zone minder, see below.
Runs zone minder, see below.
Also a netboot server, provides:
* Diskless i386 and amd64 debian wheezy
* Rescue and Install for debian wheezy.
* partition magic
* memtest
* [http://www.dban.org/ dban]
* [http://linux.voyage.hk/ Voyage] (a minimised debian disto that can run from readonly media) '''Warning''' : the Voyage auto install kernel will '''reformat''' things they are booted on ''without prompting''.
Also runs [http://www.ansibleworks.com/docs/intro_getting_started.html ansible] for setting up machines in the space.
Also runs [http://www.ansibleworks.com/docs/intro_getting_started.html ansible] for setting up machines in the space.
Line 68: Line 59:
Has only a single mechanical harddrive so vulnerable to data loss.
Has only a single mechanical harddrive so vulnerable to data loss.
Maybe look at adopting this for netboot stuffs: https://github.com/askarel/Pantoufle
=== nfs ===
Denning runs a few diskless nfs clients via pxe etc, unfortunatly nfs dosn't work very well, and i don't know why.
* The kernel used nfs v3 over tcp
* the mount works on my laptop (manual mounting)
* dosn't work on the spaces "windows" laptop (when netbooting)
* dosn't work on new colin (?) (when netbooting)
* i386 seems to work (?)
* but i386 has a newer kernel...
==== linkdump:====
* https://lists.gnu.org/archive/html/ltib/2010-08/msg00103.html
* https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt
==== todo ====
* Try other machines incase it's a wierd nic driver bug
* Try more i386 vs. amd64.
* Upgrade kernel on the amd64 diskless image
== Ansible procedures ==
== Ansible procedures ==

Revision as of 20:08, 20 October 2014

Hackspace Unknown.png
Model Nexcom DNA1110
Sub-category Systems
Status Good working order
Last updated 8 December 2019 18:20:33
Training requirement yes
Training link Unknown
ACnode no
Owner LHS
Origin donation from Tgreer
Maintainers Sysadmin team


Runs the non-vital services that used to run on Boole. Might get used for other stuff as well. Same hardware as Boole

Runs the spacefed node for the space (via a freeradius server) and has an LDAP server. the LDAP db is replicated from Turing.

Runs zone minder, see below.

Also runs ansible for setting up machines in the space.


Has an 8 port video capture card in it. It's currently connected to the 3 yard cameras and the rear lobby camera. The other 4 inputs are disabled until we put more cameras up.

The card is one of these (or a clone):

The modprobe.d settings I'm using are:

options i2c-algo-bit bit_test=1 options tuner debug=1 options bttv gbuffers=16 card=102,102,102,102,102,102,102,102 radio=0,0,0,0,0,0,0,0 tuner=4,4,4,4,4,4,4,4 audiodev=-1,-1,-1,-1,-1,-1,-1,-1 v4l2=1 bttv_verbose=1 chroma_agc=1 combfilter=2 full_luma_range=1 coring=1

Each input is configured with:

  • fps: 10
  • alarm fps: 25
  • palette: BGR24
  • resolution: 640 x 480

This might just about work with all 8 inputs, we may have to drop the resolution to 360 x 288

The old card.


Has only a single mechanical harddrive so vulnerable to data loss.

Ansible procedures

using Ansible with a Rasbperry Pi

dd raspbian image (use the 02-09 one to avoid usb issues)
boot pi
watch dhcp logs on boole
ssh pi@ip
passwd: raspberry

sudo raspi-config
update it
expand filesystem
change password
boot to console
advanced options -> hostname

cd /etc/network
edit interfaces to get a static ip

on boole:

add hostname to fwd and rev. dns, don't forget to commit your changes.

log into denning with ssh keys forwarded

add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis]
sections, and [doorbot] if it's a doorbot, make the syslocation="something sensible"


if it's a replacement for an old machine then:

ssh-keygen -R hostname
ssh-keygen -R hostname.lan.london.hackspace.org.uk
ssh-keygen -R ipv4 address (?)
ssh-keygen -R ipv6 address (?)


cd /etc/ansible

install python-apt which ansible needs:

ansible -vvv -u pi -k -s -m command -a "apt-get -y install python-apt" "hostname"

Then run it

ansible-playbook -u pi -s -k -l "hostname" lhs/site.yml

The 2nd one will add our users, ssh keys, packages, etc etc.


not sure how resolv.conf gets setup, I thought having:

iface eth0 inet static
        dns-search lan.london.hackspace.org.uk

Would sort it, but maybe that dosn't and we got lucky from dhcp?

The dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be
done manually, add to ansible.

Removing an admin

edit /etc/ansible/lhs/vars/defaults.yml, remove them from users, add them to disable_users, then re-run ansible.

Ansible Troubleshooting

problem, ansible dies in the snmp config cos it can't find a default ipv4 address.
fix: make sure the machine has an ipv4 default route
problem, the sshfp stuff just has hostname. rather than hostname.lan.london.hackspace.org.uk.
fix: edit /etc/hosts on the effected machine so that both the long and short versions of the hostname are in there.