-
-
Save HackingGate/9dc4434c3de17188a17844438fc38aff to your computer and use it in GitHub Desktop.
| #!/usr/bin/python | |
| from sense_hat import SenseHat | |
| import os | |
| def get_cpu_temp(): | |
| res = os.popen('vcgencmd measure_temp').readline() | |
| return float(res.replace("temp=", "").replace("'C\n", "")) | |
| def get_temp(sense): | |
| t1 = sense.get_temperature_from_humidity() | |
| t2 = sense.get_temperature_from_pressure() | |
| t = (t1 + t2) / 2 | |
| t_cpu = get_cpu_temp() | |
| t_corr = t - ((t_cpu - t) / 15) - 3 | |
| return t_corr | |
| sense = SenseHat() | |
| humidity = sense.get_humidity() | |
| pressure = sense.get_pressure() | |
| print("%s %s %s" % (get_temp(sense), humidity, pressure)) |
Install Sense Hat
My configuration (above photo is outdated)
Sense Hat
| 16mm Hex Brass Spacer
Geekworm X735 board (fan attached)
| 11mm Hex Brass Spacer
Raspberry Pi 4 board
Sense HAT - Raspberry Pi Documentation
sudo apt update
sudo apt install sense-hat -y
sudo reboot
Install homebridge-sensehat v0.1.0
sudo su
cd /home/homebridge
mkdir homebridge-sensehat
cd homebridge-sensehat
wget https://gist.github.com/HackingGate/9dc4434c3de17188a17844438fc38aff/raw/2d849a72f83a2643895eff5918f8f83d39bc33cf/sensors.py
wget https://github.com/srob/homebridge-sensehat/raw/master/leds.py
wget https://github.com/srob/homebridge-sensehat/raw/master/index.js
exit
Install homebridge-sensehat v0.1.0 plugin via web.
{
"accessory": "SenseHat",
"name": "SenseHat",
"script_path": "~/homebridge-sensehat/"
}
Test if temperature correct when board overheat
Thermal testing Raspberry Pi 4 - Raspberry Pi Blog
At 21.13.00.
At 21.27.35.
My $1 cheap thermometer shows the same temperature. ✅
oh-my-zsh
Install oh-my-zsh
sudo apt update
sudo apt install git zsh -y
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
Install pi theme for on-my-zsh
mkdir $ZSH_CUSTOM/themes -p
wget -O $ZSH_CUSTOM/themes/pi.zsh-theme https://raw.githubusercontent.com/tobyjamesthomas/pi/master/pi.zsh-theme
sed -i.bak 's/^ZSH_THEME=.*/ZSH_THEME="pi"/' ~/.zshrc
Update omz
omz update
Bitcoin Core
Official Download Page: https://bitcoin.org/en/download
For 32-bit ARM Linux, the download link is:
https://bitcoin.org/bin/bitcoin-core-0.21.1/bitcoin-0.21.1-arm-linux-gnueabihf.tar.gz
Fore auto update, use snap store instead.
# From https://snapcraft.io/install/bitcoin-core/raspbian
# Install snap
sudo apt update
sudo apt install snapd
sudo reboot
sudo snap install core
# Install bitcoin-core
sudo snap install bitcoin-coreList info to see how can I launch bitcoin-core.
$ snap info bitcoin-core
...
commands:
- bitcoin-core.cli
- bitcoin-core.daemon
- bitcoin-core.qt
...
Snaps are installed in /snap/bin but I get the error
$ /snap/bin/bitcoin-core.cli -version
ERROR: ld.so: object '/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.
Bitcoin Core RPC client version v22.0.0
But this one works. Seems the binary published to snap store supports 32-bit but snap itself don't.
$ /snap/bitcoin-core/current/bin/bitcoin-cli -version
Bitcoin Core RPC client version v22.0.0
So my PATH be like
export PATH=/snap/bitcoin-core/current/bin:/snap/bin:$PATH
Pi-hole
Installation
Install pi-hole
https://github.com/homebridge/homebridge-raspbian-image/wiki/How-To-Install-Pi-Hole
Configuration
Homebridge local
http://homebridge.local:8581
Config: /etc/nginx/sites-enabled/homebridge.local
Restart: sudo systemctl restart lighttpd.service
Update: sudo hb-config
Pi-hole
http://homebridge.local
Config: /etc/lighttpd/lighttpd.conf
Restart: sudo systemctl restart lighttpd.service
Update: pihole -up
Custom port:
Edit /etc/lighttpd/external.conf
Edit /etc/lighttpd/conf-enabled/external.conf
server.port := 8080
Compatible with WireGuard VPN
Change to Respond only on interface eth0
Compatible with vlmcsd
Turn off DNSSEC
Update
Torjan-go
https://blog.chaos.run/dreams/debian-deploy-trojan-go-server/index.html
/etc/systemd/system/trojan-go.service
[Unit]
Description=Trojan-Go
Documentation=https://github.com/p4gefau1t/trojan-go
After=network.target nss-lookup.target
[Service]
User=nobody
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true
ExecStart=/usr/local/bin/trojan-go/trojan-go -config /usr/local/etc/trojan-go/config.json
Restart=on-failure
RestartSec=10
[Install]
WantedBy=multi-user.target
How to issue Let's Encrypt certificate
https://www.cyberciti.biz/faq/issue-lets-encrypt-wildcard-certificate-with-acme-sh-and-cloudflare-dns/
command
acme.sh --issue --dns dns_cf -d x4s.hackinggate.com
log
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
[Sun Jan 30 23:55:49 JST 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Sun Jan 30 23:55:49 JST 2022] Creating domain key
[Sun Jan 30 23:55:50 JST 2022] The domain key is here: /home/pi/.acme.sh/x4s.hackinggate.com/x4s.hackinggate.com.key
[Sun Jan 30 23:55:50 JST 2022] Single domain='x4s.hackinggate.com'
[Sun Jan 30 23:55:50 JST 2022] Getting domain auth token for each domain
[Sun Jan 30 23:55:59 JST 2022] Getting webroot for domain='x4s.hackinggate.com'
[Sun Jan 30 23:55:59 JST 2022] Adding txt value: XsJ1KXrbdJspcrOl6Q3eRjfM3h913u_QfKrT6snqHA4 for domain: _acme-challenge.x4s.hackinggate.com
[Sun Jan 30 23:56:01 JST 2022] Adding record
[Sun Jan 30 23:56:01 JST 2022] Added, OK
[Sun Jan 30 23:56:01 JST 2022] The txt record is added: Success.
[Sun Jan 30 23:56:01 JST 2022] Let's check each DNS record now. Sleep 20 seconds first.
[Sun Jan 30 23:56:22 JST 2022] You can use '--dnssleep' to disable public dns checks.
[Sun Jan 30 23:56:22 JST 2022] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
[Sun Jan 30 23:56:22 JST 2022] Checking x4s.hackinggate.com for _acme-challenge.x4s.hackinggate.com
[Sun Jan 30 23:56:23 JST 2022] Domain x4s.hackinggate.com '_acme-challenge.x4s.hackinggate.com' success.
[Sun Jan 30 23:56:23 JST 2022] All success, let's return
[Sun Jan 30 23:56:23 JST 2022] Verifying: x4s.hackinggate.com
[Sun Jan 30 23:56:26 JST 2022] Processing, The CA is processing your order, please just wait. (1/30)
[Sun Jan 30 23:56:31 JST 2022] Success
[Sun Jan 30 23:56:31 JST 2022] Removing DNS records.
[Sun Jan 30 23:56:31 JST 2022] Removing txt: XsJ1KXrbdJspcrOl6Q3eRjfM3h913u_QfKrT6snqHA4 for domain: _acme-challenge.x4s.hackinggate.com
[Sun Jan 30 23:56:33 JST 2022] Removed: Success
[Sun Jan 30 23:56:33 JST 2022] Verify finished, start to sign.
[Sun Jan 30 23:56:33 JST 2022] Lets finalize the order.
[Sun Jan 30 23:56:33 JST 2022] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/SDI4a-5pScPZITvOcZ7GWA/finalize'
[Sun Jan 30 23:56:37 JST 2022] Order status is processing, lets sleep and retry.
[Sun Jan 30 23:56:37 JST 2022] Retry after: 15
[Sun Jan 30 23:56:53 JST 2022] Polling order status: https://acme.zerossl.com/v2/DV90/order/SDI4a-5pScPZITvOcZ7GWA
[Sun Jan 30 23:56:56 JST 2022] Downloading cert.
[Sun Jan 30 23:56:56 JST 2022] Le_LinkCert='https://acme.zerossl.com/v2/DV90/cert/qe2eWCrc70AtJ_3U7O6iqQ'
[Sun Jan 30 23:57:02 JST 2022] Cert success.
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
[Sun Jan 30 23:57:02 JST 2022] Your cert is in: /home/pi/.acme.sh/x4s.hackinggate.com/x4s.hackinggate.com.cer
[Sun Jan 30 23:57:02 JST 2022] Your cert key is in: /home/pi/.acme.sh/x4s.hackinggate.com/x4s.hackinggate.com.key
[Sun Jan 30 23:57:02 JST 2022] The intermediate CA cert is in: /home/pi/.acme.sh/x4s.hackinggate.com/ca.cer
[Sun Jan 30 23:57:02 JST 2022] And the full chain certs is there: /home/pi/.acme.sh/x4s.hackinggate.com/fullchain.cer
install
acme.sh --install-cert -d x4s.hackinggate.com \
--key-file ~/certs/x4s.hackinggate.com.key \
--fullchain-file ~/certs/x4s.hackinggate.com.crt \
--reloadcmd "bash ~/scripts/cert.sh && sudo service nginx force-reload"
Calibre Server
Install Calibre:
sudo apt install calibre
Upgrade Raspberry Pi OS from buster to bullseye by ChatGPT
As of my last training data cut-off in September 2021, the process to upgrade your Raspberry Pi OS from "Buster" (Debian 10) to "Bullseye" (Debian 11) would follow similar steps to other Debian-based system upgrades.
Here is a general outline of the steps you'd take:
Step 1: Make a backup
Before you begin, it's essential to back up any important data. System upgrades have the potential to go wrong, and it's always better to be safe than sorry.
Step 2: Update your current system
First, update your existing system packages to their latest versions. To do this, open a terminal and type:
sudo apt update
sudo apt full-upgradeThis will update the package list and upgrade all packages to their latest version. The full-upgrade command will also handle any dependencies, removing obsolete packages if necessary.
Step 3: Modify your apt sources
You will need to modify the /etc/apt/sources.list file and change all instances of 'buster' to 'bullseye'. You can do this manually with a text editor or use the sed command in terminal:
sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak # Backup your sources list
sudo sed -i 's/buster/bullseye/g' /etc/apt/sources.listIf you have additional software sources set up in separate files under /etc/apt/sources.list.d/, you should also update those files:
sudo sed -i 's/buster/bullseye/g' /etc/apt/sources.list.d/*.listStep 4: Perform the upgrade
You can now proceed with the upgrade by running:
sudo apt update
sudo apt full-upgradeThis will update your package list with the Bullseye repositories and perform the upgrade.
Step 5: Clean up
After the upgrade, you may want to remove unnecessary packages:
sudo apt autoremove
sudo apt autocleanStep 6: Reboot your Raspberry Pi
Finally, reboot your Raspberry Pi to make sure everything is working as expected:
sudo rebootNOTE: This is a general guide. The specific steps may vary based on your particular configuration and the specific versions of the OS. It's crucial to back up your data before performing an OS upgrade, as things can occasionally go wrong. Proceed with caution and consult the official documentation and community if you encounter problems or have concerns. It's often also a good idea to test this process on a secondary device first, if one is available.
1. Install QEMU:
sudo apt update
sudo apt-get install qemu-system-arm qemu-efi
2. Download the Raspberry Pi OS image and Kernel image:
wget https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2023-05-03/2023-05-03-raspios-bullseye-arm64-lite.img.xz
xz -d 2023-05-03-raspios-bullseye-arm64-lite.img.xz
wget https://raw.githubusercontent.com/dhruvvyas90/qemu-rpi-kernel/master/kernel-qemu-5.10.63-bullseye
wget https://github.com/dhruvvyas90/qemu-rpi-kernel/raw/master/versatile-pb-bullseye-5.10.63.dtb
Migrating to 64-bit OS (aarch64)
Why?
https://www.linuxserver.io/blog/a-farewell-to-arm-hf
How?
Reflash the image
Official Raspberry Pi OS
Download Raspberry Pi OS
https://www.raspberrypi.com/software/operating-systems/
Install Raspberry Pi OS using Raspberry Pi Imager
brew install raspberry-pi-imagerFlash with SSH enabled
sudo dpkg-reconfigure locales
Install Docker
https://docs.docker.com/engine/install/debian/
Configure Docker
https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user
sudo usermod -aG docker $USER
Relogin the user
Calibre web with docker compose
docker-compose.yml
---
version: "2.1"
services:
calibre-web:
image: lscr.io/linuxserver/calibre-web:latest
container_name: calibre-web
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- DOCKER_MODS=linuxserver/mods:universal-calibre
- OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional
volumes:
- /home/pi/calibre/config:/config
- /home/pi/calibre/library:/books
ports:
- 8083:8083
restart: unless-stoppedCrontab
crontab -e
@reboot (sleep 30s ; cd calibre ; /usr/bin/docker compose up -d --build)&Basic Configuration
Calibre web
Install https://github.com/janeczku/calibre-web
Create /etc/systemd/system/calibre-web.service
[Unit]
Description=Calibre-Web
After=network.target
[Service]
Type=simple
User=pi
Group=pi
WorkingDirectory=/home/pi/calibre
ExecStart=/home/pi/.local/bin/cps
Restart=on-failure
[Install]
WantedBy=multi-user.target
Enable and start
sudo systemctl enable calibre-web
sudo systemctl start calibre-web
Cloudflare tunnel
For SSH, RDP, SMB
https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/
tailscale
fileserver
Install
curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bashInit
filebrowser config initChange listen port from default 8080 to 8780 (Optional)
filebrowser config set --port 8780Test
filebrowser -r .Add user
filebrowser users add admin adminUpdate user
filebrowser users update admin --username pi
filebrowser users update pi --password pass1234Add /etc/systemd/system/filebrowser.service with the following content.
[Unit]
Description=filebrowser
After=network.target
[Service]
Type=simple
WorkingDirectory=/home/pi
ExecStart=/usr/local/bin/filebrowser -r /home/pi
Restart=on-failure
User=pi
Group=pi
[Install]
WantedBy=multi-user.targetLoad, enable and run
sudo systemctl daemon-reload
sudo systemctl enable --now filebrowser.service
SSH login
SSH document
Password is
raspberry.OS basic security
Securing your Raspberry Pi - Raspberry Pi Documentation
(S5) Auto Loginis is already disabled.
(A1) Expand Filesystem is already expanded.
(L2) Timezone
Make
sudorequire a password (default editor is nano, it supports some GNU key binding)Disable password logins