Paraphraser/custom-os-builds.md

## custom-os-builds.md

      
    Raw
  

              custom-os-builds.md
            
          
    Installing IOTstack on custom OS builds

The following question appeared on the IOTstack Discord channel. It's the second part of a thread but I'll come back to the first part later:

I'm still struggling with this error. So the instruction says don't assign a password for root during the Debian installation. HOWEVER, the OS image that I'm using already comes with a default root password and I have to enter the default password to continue at the first step. Is there any way to remove this default password? Otherwise, it seems there is no way to continue the installations on this OS...

I don't want to over-sell this but the general thrust of the Unix industry over the last 20-odd years has been to avoid enabling the root account. In more recent times, security gurus, legislatures and best practice have been leading us to a world where there are no default accounts for anything.
Thus, while the general principle must always be "your system, your rules", if someone presented me with an OS image which rolled back the last 20 years of progress, it would make me very twitchy.
Against that background, I tried to emulate the question scenario. I used Proxmox-VE plus debian-12.4.0-amd64-netinst.iso as my starting point. During the installation, I:

Enabled the root account (by providing a password); and
Tried to avoid creating a user account (by leaving the fields empty).

In a normal installation, you would not enable the root account but you would create a user account. That combination lets the user account run sudo commands (albeit with a password) but doesn't let anyone login as root.
The Debian installer let me do #1 but not #2 so I wound up with a system named testbian where the root account was enabled, plus I had an ordinary user I didn't really want named required.
When I attempted to use ssh to connect to the guest, I was not able to login as root but I was able to login as required.
The required user was not in the sudoers list and, accordingly, was unable to run sudo commands.
The first order of business is to fix all that:


Become root. I could do this either via the Proxmox-VE "console" for the guest or the ssh session I already had open as required. The latter was simpler:
$ su - root
Password:
#

The password needed here is the one set for root during the installation.


Change the SSH configuration so root can login via SSH:
# echo "PermitRootLogin yes" >/etc/ssh/sshd_config.d/88_permit_root_login.conf
# systemctl restart sshd


From a second terminal window, confirm that root can login via SSH:
$ ssh root@testbian.local
root@testbian.local's password: 
#


Go back to the first terminal window and logout (ie control+d), twice. The first logout exits root, the second exits required and terminates the SSH connection.


From the second terminal window (ie logged-in as root), delete the required user.
# deluser --remove-home required
Looking for files to backup/remove ...
Removing files ...
Removing crontab ...
Removing user `required' ...
Done.


The system now approximates the environment of the question. I can login as root but no other users are defined.
Now let's set up the system the way it should be (while acknowledging that should is a topic that is open to debate but which, for the purposes of this gist, is "my gist, my rules"):


Add a user with administrative privileges. I have a short function which does all the necessary work so I copy the contents of the box below, paste it into the root terminal window, and hit return:
add_privileged_user() {
	adduser --home /home/$1 --shell /bin/bash $1
	echo "$1  ALL=(ALL) NOPASSWD:ALL" >/etc/sudoers.d/$1
	usermod -G sudo -a $1
	usermod -G adm -a $1
}

Then I call that function to add at least one user. For the purposes of this exercise, I'm going to call that user moi:
# add_privileged_user moi
Adding user `moi' ...
Adding new group `moi' (1000) ...
Adding new user `moi' (1000) with group `moi (1000)' ...
Creating home directory `/home/moi' ...
Copying files from `/etc/skel' ...
New password: 
Retype new password: 
passwd: password updated successfully
Changing the user information for moi
Enter the new value, or press ENTER for the default
	Full Name []: Me Myself and I
	Room Number []: 
	Work Phone []: 
	Home Phone []: 
	Other []: 
Is the information correct? [Y/n] Y
Adding new user `moi' to supplemental / extra groups `users' ...
Adding user `moi' to group `users' ...

I can confirm the existence of this user:
# ls /home
moi
# grep moi /etc/passwd
moi:x:1000:1000:Me Myself and I,,,:/home/moi:/bin/bash

You can define other admin users by making more calls to add_privileged_user, and you can define non-privileged users just by running the adduser command.


All the action in step 1 was from a second terminal window. From a third terminal window, confirm that moi can login via SSH:
$ ssh moi@testbian.local
moi@testbian.local's password: 
$ 


Confirm that moi has admin privileges (ie can execute sudo commands without authenticating):
$ sudo ls -a
.  ..  .bash_logout  .bashrc  .cache  .config  .face  .face.icon  .local  .profile  .sudo_as_admin_successful

The confirmation is the command executing without prompting for a password.


Go back to the second terminal window (logged-in as root via SSH) and logout.


From the third terminal window, remove the ability of root to login over SSH:
$ sudo rm /etc/ssh/sshd_config.d/88_permit_root_login.conf
$ sudo systemctl restart sshd


Prevent other ways of logging-in as root:
$ sudo usermod -s /usr/sbin/nologin root


The system should now approximate "best practice":

the only access is via the (hopefully) unpredictable usernames you create (ie moi) rather than guessable names like admin or pi;
all ability to login as root has been disabled; and
the only way to run privileged commands is with sudo (for which you need to know how to login as a user with those privileges).

The question text shown above was the second part of a thread. The first part of the thread was:

I've installed IoTStack on RPi with no issue. Now I'm trying to install it on a SOC which runs a Debian based OS and can't make it work.  When I'm logded in with admin uset and I enter the Curl command to install, it says "this script shoud NOT be run using sudo". When I try it with a none admin user, it gives me this error : the convenience script returned and error. Unavlble to proceed". Any help is appreciated.

Now that my test Debian system approximates best practice, let's try getting IOTstack installed. As the author of PiBuilder that's what I would normally recommend but the Discord question was framed around using the add-on method so I'm going to use that approach.
It's called the "add-on method" because it assumes an existing tailored system. That's probably true of the SOC system mentioned in the question but, in this case of this gist, the system I'm working with is green-fields so it will be a good idea to keep that in mind:


First, bring the apt lists up-to-date and then install curl:
$ sudo apt update
$ sudo apt install -y curl

Plus, if apt update says there are outdated packages, it's a good idea to fix that at the same time (Debian 12.4.0 is sufficiently new that that didn't happen to me for this build):
$ sudo apt upgrade -y


With curl in place, we can run the installer (and I'm going to include the full output):
moi@testbian:~$ curl -fsSL https://raw.githubusercontent.com/SensorsIot/IOTstack/master/install.sh | bash
                                         
  _____ ____ _______  _             _    
 |_   _/ __ \__   __|| | installer | |   
   | || |  | | | |___| |_ __ _  ___| | __
   | || |  | | | / __| __/ _` |/ __| |/ /
  _| || |__| | | \__ \ || (_| | (__|   < 
 |_____\____/  |_|___/\__\__,_|\___|_|\_\
                                         
                                         
Checking operating-system environment - pass

Updating Advanced Package Tool (apt) caches
Hit:1 http://deb.debian.org/debian bookworm InRelease
Hit:2 http://deb.debian.org/debian bookworm-updates InRelease
Hit:3 http://security.debian.org/debian-security bookworm-security InRelease
Reading package lists... Done                 
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

Installing/updating IOTstack dependencies
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
curl is already the newest version (7.88.1-10+deb12u4).
git is already the newest version (1:2.39.2-1.1).
jq is already the newest version (1.6-2.1).
jq set to manually installed.
whiptail is already the newest version (0.52.23-1+b1).
The following additional packages will be installed:
  binutils binutils-common binutils-x86-64-linux-gnu build-essential dpkg-dev fakeroot g++ g++-12 gcc gcc-12 libalgorithm-diff-perl libalgorithm-diff-xs-perl
  libalgorithm-merge-perl libasan8 libbinutils libc-dev-bin libc-devtools libc6-dev libcc1-0 libcrypt-dev libctf-nobfd0 libctf0 libdpkg-perl libexpat1-dev
  libfakeroot libfile-fcntllock-perl libgcc-12-dev libgprofng0 libitm1 libjs-jquery libjs-sphinxdoc libjs-underscore liblsan0 libnsl-dev libpython3-dev
  libpython3.11-dev libstdc++-12-dev libtirpc-dev libtsan2 libubsan1 linux-libc-dev make manpages-dev python3-distlib python3-distutils python3-filelock
  python3-lib2to3 python3-pip-whl python3-platformdirs python3-setuptools python3-setuptools-whl python3-wheel python3-wheel-whl python3.11-dev rpcsvc-proto
  zlib1g-dev
Suggested packages:
  binutils-doc debian-keyring g++-multilib g++-12-multilib gcc-12-doc gcc-multilib autoconf automake libtool flex bison gdb gcc-doc gcc-12-multilib
  gcc-12-locales glibc-doc bzr libstdc++-12-doc make-doc python-setuptools-doc
The following NEW packages will be installed:
  binutils binutils-common binutils-x86-64-linux-gnu build-essential dpkg-dev fakeroot g++ g++-12 gcc gcc-12 libalgorithm-diff-perl libalgorithm-diff-xs-perl
  libalgorithm-merge-perl libasan8 libbinutils libc-dev-bin libc-devtools libc6-dev libcc1-0 libcrypt-dev libctf-nobfd0 libctf0 libdpkg-perl libexpat1-dev
  libfakeroot libfile-fcntllock-perl libgcc-12-dev libgprofng0 libitm1 libjs-jquery libjs-sphinxdoc libjs-underscore liblsan0 libnsl-dev libpython3-dev
  libpython3.11-dev libstdc++-12-dev libtirpc-dev libtsan2 libubsan1 linux-libc-dev make manpages-dev python3-dev python3-distlib python3-distutils
  python3-filelock python3-lib2to3 python3-pip python3-pip-whl python3-platformdirs python3-setuptools python3-setuptools-whl python3-virtualenv python3-wheel
  python3-wheel-whl python3.11-dev rpcsvc-proto uuid-runtime zlib1g-dev
0 upgraded, 60 newly installed, 0 to remove and 0 not upgraded.
Need to get 68.5 MB of archives.
After this operation, 275 MB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bookworm/main amd64 uuid-runtime amd64 2.38.1-5+b1 [48.2 kB]
Get:2 http://deb.debian.org/debian bookworm/main amd64 binutils-common amd64 2.40-2 [2,487 kB]
Get:3 http://deb.debian.org/debian bookworm/main amd64 libbinutils amd64 2.40-2 [572 kB]
Get:4 http://deb.debian.org/debian bookworm/main amd64 libctf-nobfd0 amd64 2.40-2 [153 kB]
Get:5 http://deb.debian.org/debian bookworm/main amd64 libctf0 amd64 2.40-2 [89.8 kB]
Get:6 http://deb.debian.org/debian bookworm/main amd64 libgprofng0 amd64 2.40-2 [812 kB]
Get:7 http://deb.debian.org/debian bookworm/main amd64 binutils-x86-64-linux-gnu amd64 2.40-2 [2,246 kB]
Get:8 http://deb.debian.org/debian bookworm/main amd64 binutils amd64 2.40-2 [65.0 kB]
Get:9 http://deb.debian.org/debian bookworm/main amd64 libc-dev-bin amd64 2.36-9+deb12u3 [45.2 kB]
Get:10 http://deb.debian.org/debian bookworm-updates/main amd64 linux-libc-dev amd64 6.1.67-1 [1,905 kB]
Get:11 http://deb.debian.org/debian bookworm/main amd64 libcrypt-dev amd64 1:4.4.33-2 [118 kB]
Get:12 http://deb.debian.org/debian bookworm/main amd64 libtirpc-dev amd64 1.3.3+ds-1 [191 kB]
Get:13 http://deb.debian.org/debian bookworm/main amd64 libnsl-dev amd64 1.3.0-2 [66.4 kB]
Get:14 http://deb.debian.org/debian bookworm/main amd64 rpcsvc-proto amd64 1.4.3-1 [63.3 kB]
Get:15 http://deb.debian.org/debian bookworm/main amd64 libc6-dev amd64 2.36-9+deb12u3 [1,898 kB]
Get:16 http://deb.debian.org/debian bookworm/main amd64 libcc1-0 amd64 12.2.0-14 [41.7 kB]
Get:17 http://deb.debian.org/debian bookworm/main amd64 libitm1 amd64 12.2.0-14 [26.1 kB]
Get:18 http://deb.debian.org/debian bookworm/main amd64 libasan8 amd64 12.2.0-14 [2,195 kB]
Get:19 http://deb.debian.org/debian bookworm/main amd64 liblsan0 amd64 12.2.0-14 [969 kB]
Get:20 http://deb.debian.org/debian bookworm/main amd64 libtsan2 amd64 12.2.0-14 [2,196 kB]
Get:21 http://deb.debian.org/debian bookworm/main amd64 libubsan1 amd64 12.2.0-14 [883 kB]
Get:22 http://deb.debian.org/debian bookworm/main amd64 libgcc-12-dev amd64 12.2.0-14 [2,437 kB]
Get:23 http://deb.debian.org/debian bookworm/main amd64 gcc-12 amd64 12.2.0-14 [19.3 MB]
Get:24 http://deb.debian.org/debian bookworm/main amd64 gcc amd64 4:12.2.0-3 [5,216 B]
Get:25 http://deb.debian.org/debian bookworm/main amd64 libstdc++-12-dev amd64 12.2.0-14 [2,046 kB]
Get:26 http://deb.debian.org/debian bookworm/main amd64 g++-12 amd64 12.2.0-14 [10.7 MB]
Get:27 http://deb.debian.org/debian bookworm/main amd64 g++ amd64 4:12.2.0-3 [1,356 B]
Get:28 http://deb.debian.org/debian bookworm/main amd64 make amd64 4.3-4.1 [396 kB]
Get:29 http://deb.debian.org/debian bookworm/main amd64 libdpkg-perl all 1.21.22 [603 kB]
Get:30 http://deb.debian.org/debian bookworm/main amd64 dpkg-dev all 1.21.22 [1,353 kB]
Get:31 http://deb.debian.org/debian bookworm/main amd64 build-essential amd64 12.9 [7,704 B]
Get:32 http://deb.debian.org/debian bookworm/main amd64 libfakeroot amd64 1.31-1.2 [28.3 kB]
Get:33 http://deb.debian.org/debian bookworm/main amd64 fakeroot amd64 1.31-1.2 [66.9 kB]
Get:34 http://deb.debian.org/debian bookworm/main amd64 libalgorithm-diff-perl all 1.201-1 [43.3 kB]
Get:35 http://deb.debian.org/debian bookworm/main amd64 libalgorithm-diff-xs-perl amd64 0.04-8+b1 [11.4 kB]
Get:36 http://deb.debian.org/debian bookworm/main amd64 libalgorithm-merge-perl all 0.08-5 [11.8 kB]
Get:37 http://deb.debian.org/debian bookworm/main amd64 libc-devtools amd64 2.36-9+deb12u3 [52.9 kB]
Get:38 http://deb.debian.org/debian bookworm/main amd64 libexpat1-dev amd64 2.5.0-1 [150 kB]
Get:39 http://deb.debian.org/debian bookworm/main amd64 libfile-fcntllock-perl amd64 0.22-4+b1 [34.8 kB]
Get:40 http://deb.debian.org/debian bookworm/main amd64 libjs-jquery all 3.6.1+dfsg+~3.5.14-1 [326 kB]
Get:41 http://deb.debian.org/debian bookworm/main amd64 libjs-underscore all 1.13.4~dfsg+~1.11.4-3 [116 kB]
Get:42 http://deb.debian.org/debian bookworm/main amd64 libjs-sphinxdoc all 5.3.0-4 [130 kB]
Get:43 http://deb.debian.org/debian bookworm/main amd64 zlib1g-dev amd64 1:1.2.13.dfsg-1 [916 kB]
Get:44 http://deb.debian.org/debian bookworm/main amd64 libpython3.11-dev amd64 3.11.2-6 [4,738 kB]
Get:45 http://deb.debian.org/debian bookworm/main amd64 libpython3-dev amd64 3.11.2-1+b1 [9,572 B]
Get:46 http://deb.debian.org/debian bookworm/main amd64 manpages-dev all 6.03-2 [2,030 kB]
Get:47 http://deb.debian.org/debian bookworm/main amd64 python3.11-dev amd64 3.11.2-6 [615 kB]
Get:48 http://deb.debian.org/debian bookworm/main amd64 python3-lib2to3 all 3.11.2-3 [76.3 kB]
Get:49 http://deb.debian.org/debian bookworm/main amd64 python3-distutils all 3.11.2-3 [131 kB]
Get:50 http://deb.debian.org/debian bookworm/main amd64 python3-dev amd64 3.11.2-1+b1 [26.2 kB]
Get:51 http://deb.debian.org/debian bookworm/main amd64 python3-distlib all 0.3.6-1 [257 kB]
Get:52 http://deb.debian.org/debian bookworm/main amd64 python3-filelock all 3.9.0-1 [9,460 B]
Get:53 http://deb.debian.org/debian bookworm/main amd64 python3-setuptools all 66.1.1-1 [521 kB]
Get:54 http://deb.debian.org/debian bookworm/main amd64 python3-wheel all 0.38.4-2 [30.8 kB]
Get:55 http://deb.debian.org/debian bookworm/main amd64 python3-pip all 23.0.1+dfsg-1 [1,325 kB]
Get:56 http://deb.debian.org/debian bookworm/main amd64 python3-pip-whl all 23.0.1+dfsg-1 [1,717 kB]
Get:57 http://deb.debian.org/debian bookworm/main amd64 python3-platformdirs all 2.6.0-1 [16.3 kB]
Get:58 http://deb.debian.org/debian bookworm/main amd64 python3-setuptools-whl all 66.1.1-1 [1,111 kB]
Get:59 http://deb.debian.org/debian bookworm/main amd64 python3-wheel-whl all 0.38.4-2 [38.6 kB]
Get:60 http://deb.debian.org/debian bookworm/main amd64 python3-virtualenv all 20.17.1+ds-1 [93.9 kB]
Fetched 68.5 MB in 2s (28.5 MB/s)               
Extracting templates from packages: 100%
Selecting previously unselected package uuid-runtime.
(Reading database ... 152498 files and directories currently installed.)
Preparing to unpack .../00-uuid-runtime_2.38.1-5+b1_amd64.deb ...
Unpacking uuid-runtime (2.38.1-5+b1) ...
Selecting previously unselected package binutils-common:amd64.
Preparing to unpack .../01-binutils-common_2.40-2_amd64.deb ...
Unpacking binutils-common:amd64 (2.40-2) ...
Selecting previously unselected package libbinutils:amd64.
Preparing to unpack .../02-libbinutils_2.40-2_amd64.deb ...
Unpacking libbinutils:amd64 (2.40-2) ...
Selecting previously unselected package libctf-nobfd0:amd64.
Preparing to unpack .../03-libctf-nobfd0_2.40-2_amd64.deb ...
Unpacking libctf-nobfd0:amd64 (2.40-2) ...
Selecting previously unselected package libctf0:amd64.
Preparing to unpack .../04-libctf0_2.40-2_amd64.deb ...
Unpacking libctf0:amd64 (2.40-2) ...
Selecting previously unselected package libgprofng0:amd64.
Preparing to unpack .../05-libgprofng0_2.40-2_amd64.deb ...
Unpacking libgprofng0:amd64 (2.40-2) ...
Selecting previously unselected package binutils-x86-64-linux-gnu.
Preparing to unpack .../06-binutils-x86-64-linux-gnu_2.40-2_amd64.deb ...
Unpacking binutils-x86-64-linux-gnu (2.40-2) ...
Selecting previously unselected package binutils.
Preparing to unpack .../07-binutils_2.40-2_amd64.deb ...
Unpacking binutils (2.40-2) ...
Selecting previously unselected package libc-dev-bin.
Preparing to unpack .../08-libc-dev-bin_2.36-9+deb12u3_amd64.deb ...
Unpacking libc-dev-bin (2.36-9+deb12u3) ...
Selecting previously unselected package linux-libc-dev:amd64.
Preparing to unpack .../09-linux-libc-dev_6.1.67-1_amd64.deb ...
Unpacking linux-libc-dev:amd64 (6.1.67-1) ...
Selecting previously unselected package libcrypt-dev:amd64.
Preparing to unpack .../10-libcrypt-dev_1%3a4.4.33-2_amd64.deb ...
Unpacking libcrypt-dev:amd64 (1:4.4.33-2) ...
Selecting previously unselected package libtirpc-dev:amd64.
Preparing to unpack .../11-libtirpc-dev_1.3.3+ds-1_amd64.deb ...
Unpacking libtirpc-dev:amd64 (1.3.3+ds-1) ...
Selecting previously unselected package libnsl-dev:amd64.
Preparing to unpack .../12-libnsl-dev_1.3.0-2_amd64.deb ...
Unpacking libnsl-dev:amd64 (1.3.0-2) ...
Selecting previously unselected package rpcsvc-proto.
Preparing to unpack .../13-rpcsvc-proto_1.4.3-1_amd64.deb ...
Unpacking rpcsvc-proto (1.4.3-1) ...
Selecting previously unselected package libc6-dev:amd64.
Preparing to unpack .../14-libc6-dev_2.36-9+deb12u3_amd64.deb ...
Unpacking libc6-dev:amd64 (2.36-9+deb12u3) ...
Selecting previously unselected package libcc1-0:amd64.
Preparing to unpack .../15-libcc1-0_12.2.0-14_amd64.deb ...
Unpacking libcc1-0:amd64 (12.2.0-14) ...
Selecting previously unselected package libitm1:amd64.
Preparing to unpack .../16-libitm1_12.2.0-14_amd64.deb ...
Unpacking libitm1:amd64 (12.2.0-14) ...
Selecting previously unselected package libasan8:amd64.
Preparing to unpack .../17-libasan8_12.2.0-14_amd64.deb ...
Unpacking libasan8:amd64 (12.2.0-14) ...
Selecting previously unselected package liblsan0:amd64.
Preparing to unpack .../18-liblsan0_12.2.0-14_amd64.deb ...
Unpacking liblsan0:amd64 (12.2.0-14) ...
Selecting previously unselected package libtsan2:amd64.
Preparing to unpack .../19-libtsan2_12.2.0-14_amd64.deb ...
Unpacking libtsan2:amd64 (12.2.0-14) ...
Selecting previously unselected package libubsan1:amd64.
Preparing to unpack .../20-libubsan1_12.2.0-14_amd64.deb ...
Unpacking libubsan1:amd64 (12.2.0-14) ...
Selecting previously unselected package libgcc-12-dev:amd64.
Preparing to unpack .../21-libgcc-12-dev_12.2.0-14_amd64.deb ...
Unpacking libgcc-12-dev:amd64 (12.2.0-14) ...
Selecting previously unselected package gcc-12.
Preparing to unpack .../22-gcc-12_12.2.0-14_amd64.deb ...
Unpacking gcc-12 (12.2.0-14) ...
Selecting previously unselected package gcc.
Preparing to unpack .../23-gcc_4%3a12.2.0-3_amd64.deb ...
Unpacking gcc (4:12.2.0-3) ...
Selecting previously unselected package libstdc++-12-dev:amd64.
Preparing to unpack .../24-libstdc++-12-dev_12.2.0-14_amd64.deb ...
Unpacking libstdc++-12-dev:amd64 (12.2.0-14) ...
Selecting previously unselected package g++-12.
Preparing to unpack .../25-g++-12_12.2.0-14_amd64.deb ...
Unpacking g++-12 (12.2.0-14) ...
Selecting previously unselected package g++.
Preparing to unpack .../26-g++_4%3a12.2.0-3_amd64.deb ...
Unpacking g++ (4:12.2.0-3) ...
Selecting previously unselected package make.
Preparing to unpack .../27-make_4.3-4.1_amd64.deb ...
Unpacking make (4.3-4.1) ...
Selecting previously unselected package libdpkg-perl.
Preparing to unpack .../28-libdpkg-perl_1.21.22_all.deb ...
Unpacking libdpkg-perl (1.21.22) ...
Selecting previously unselected package dpkg-dev.
Preparing to unpack .../29-dpkg-dev_1.21.22_all.deb ...
Unpacking dpkg-dev (1.21.22) ...
Selecting previously unselected package build-essential.
Preparing to unpack .../30-build-essential_12.9_amd64.deb ...
Unpacking build-essential (12.9) ...
Selecting previously unselected package libfakeroot:amd64.
Preparing to unpack .../31-libfakeroot_1.31-1.2_amd64.deb ...
Unpacking libfakeroot:amd64 (1.31-1.2) ...
Selecting previously unselected package fakeroot.
Preparing to unpack .../32-fakeroot_1.31-1.2_amd64.deb ...
Unpacking fakeroot (1.31-1.2) ...
Selecting previously unselected package libalgorithm-diff-perl.
Preparing to unpack .../33-libalgorithm-diff-perl_1.201-1_all.deb ...
Unpacking libalgorithm-diff-perl (1.201-1) ...
Selecting previously unselected package libalgorithm-diff-xs-perl:amd64.
Preparing to unpack .../34-libalgorithm-diff-xs-perl_0.04-8+b1_amd64.deb ...
Unpacking libalgorithm-diff-xs-perl:amd64 (0.04-8+b1) ...
Selecting previously unselected package libalgorithm-merge-perl.
Preparing to unpack .../35-libalgorithm-merge-perl_0.08-5_all.deb ...
Unpacking libalgorithm-merge-perl (0.08-5) ...
Selecting previously unselected package libc-devtools.
Preparing to unpack .../36-libc-devtools_2.36-9+deb12u3_amd64.deb ...
Unpacking libc-devtools (2.36-9+deb12u3) ...
Selecting previously unselected package libexpat1-dev:amd64.
Preparing to unpack .../37-libexpat1-dev_2.5.0-1_amd64.deb ...
Unpacking libexpat1-dev:amd64 (2.5.0-1) ...
Selecting previously unselected package libfile-fcntllock-perl.
Preparing to unpack .../38-libfile-fcntllock-perl_0.22-4+b1_amd64.deb ...
Unpacking libfile-fcntllock-perl (0.22-4+b1) ...
Selecting previously unselected package libjs-jquery.
Preparing to unpack .../39-libjs-jquery_3.6.1+dfsg+~3.5.14-1_all.deb ...
Unpacking libjs-jquery (3.6.1+dfsg+~3.5.14-1) ...
Selecting previously unselected package libjs-underscore.
Preparing to unpack .../40-libjs-underscore_1.13.4~dfsg+~1.11.4-3_all.deb ...
Unpacking libjs-underscore (1.13.4~dfsg+~1.11.4-3) ...
Selecting previously unselected package libjs-sphinxdoc.
Preparing to unpack .../41-libjs-sphinxdoc_5.3.0-4_all.deb ...
Unpacking libjs-sphinxdoc (5.3.0-4) ...
Selecting previously unselected package zlib1g-dev:amd64.
Preparing to unpack .../42-zlib1g-dev_1%3a1.2.13.dfsg-1_amd64.deb ...
Unpacking zlib1g-dev:amd64 (1:1.2.13.dfsg-1) ...
Selecting previously unselected package libpython3.11-dev:amd64.
Preparing to unpack .../43-libpython3.11-dev_3.11.2-6_amd64.deb ...
Unpacking libpython3.11-dev:amd64 (3.11.2-6) ...
Selecting previously unselected package libpython3-dev:amd64.
Preparing to unpack .../44-libpython3-dev_3.11.2-1+b1_amd64.deb ...
Unpacking libpython3-dev:amd64 (3.11.2-1+b1) ...
Selecting previously unselected package manpages-dev.
Preparing to unpack .../45-manpages-dev_6.03-2_all.deb ...
Unpacking manpages-dev (6.03-2) ...
Selecting previously unselected package python3.11-dev.
Preparing to unpack .../46-python3.11-dev_3.11.2-6_amd64.deb ...
Unpacking python3.11-dev (3.11.2-6) ...
Selecting previously unselected package python3-lib2to3.
Preparing to unpack .../47-python3-lib2to3_3.11.2-3_all.deb ...
Unpacking python3-lib2to3 (3.11.2-3) ...
Selecting previously unselected package python3-distutils.
Preparing to unpack .../48-python3-distutils_3.11.2-3_all.deb ...
Unpacking python3-distutils (3.11.2-3) ...
Selecting previously unselected package python3-dev.
Preparing to unpack .../49-python3-dev_3.11.2-1+b1_amd64.deb ...
Unpacking python3-dev (3.11.2-1+b1) ...
Selecting previously unselected package python3-distlib.
Preparing to unpack .../50-python3-distlib_0.3.6-1_all.deb ...
Unpacking python3-distlib (0.3.6-1) ...
Selecting previously unselected package python3-filelock.
Preparing to unpack .../51-python3-filelock_3.9.0-1_all.deb ...
Unpacking python3-filelock (3.9.0-1) ...
Selecting previously unselected package python3-setuptools.
Preparing to unpack .../52-python3-setuptools_66.1.1-1_all.deb ...
Unpacking python3-setuptools (66.1.1-1) ...
Selecting previously unselected package python3-wheel.
Preparing to unpack .../53-python3-wheel_0.38.4-2_all.deb ...
Unpacking python3-wheel (0.38.4-2) ...
Selecting previously unselected package python3-pip.
Preparing to unpack .../54-python3-pip_23.0.1+dfsg-1_all.deb ...
Unpacking python3-pip (23.0.1+dfsg-1) ...
Selecting previously unselected package python3-pip-whl.
Preparing to unpack .../55-python3-pip-whl_23.0.1+dfsg-1_all.deb ...
Unpacking python3-pip-whl (23.0.1+dfsg-1) ...
Selecting previously unselected package python3-platformdirs.
Preparing to unpack .../56-python3-platformdirs_2.6.0-1_all.deb ...
Unpacking python3-platformdirs (2.6.0-1) ...
Selecting previously unselected package python3-setuptools-whl.
Preparing to unpack .../57-python3-setuptools-whl_66.1.1-1_all.deb ...
Unpacking python3-setuptools-whl (66.1.1-1) ...
Selecting previously unselected package python3-wheel-whl.
Preparing to unpack .../58-python3-wheel-whl_0.38.4-2_all.deb ...
Unpacking python3-wheel-whl (0.38.4-2) ...
Selecting previously unselected package python3-virtualenv.
Preparing to unpack .../59-python3-virtualenv_20.17.1+ds-1_all.deb ...
Unpacking python3-virtualenv (20.17.1+ds-1) ...
Setting up manpages-dev (6.03-2) ...
Setting up python3-setuptools-whl (66.1.1-1) ...
Setting up python3-filelock (3.9.0-1) ...
Setting up libfile-fcntllock-perl (0.22-4+b1) ...
Setting up python3-pip-whl (23.0.1+dfsg-1) ...
Setting up libalgorithm-diff-perl (1.201-1) ...
Setting up binutils-common:amd64 (2.40-2) ...
Setting up linux-libc-dev:amd64 (6.1.67-1) ...
Setting up libctf-nobfd0:amd64 (2.40-2) ...
Setting up python3-distlib (0.3.6-1) ...
Setting up python3-platformdirs (2.6.0-1) ...
Setting up libfakeroot:amd64 (1.31-1.2) ...
Setting up fakeroot (1.31-1.2) ...
update-alternatives: using /usr/bin/fakeroot-sysv to provide /usr/bin/fakeroot (fakeroot) in auto mode
Setting up libtirpc-dev:amd64 (1.3.3+ds-1) ...
Setting up rpcsvc-proto (1.4.3-1) ...
Setting up make (4.3-4.1) ...
Setting up libdpkg-perl (1.21.22) ...
Setting up libubsan1:amd64 (12.2.0-14) ...
Setting up libnsl-dev:amd64 (1.3.0-2) ...
Setting up uuid-runtime (2.38.1-5+b1) ...
Adding group `uuidd' (GID 122) ...
Done.
Created symlink /etc/systemd/system/sockets.target.wants/uuidd.socket → /lib/systemd/system/uuidd.socket.
uuidd.service is a disabled or a static unit, not starting it.
Setting up libcrypt-dev:amd64 (1:4.4.33-2) ...
Setting up libasan8:amd64 (12.2.0-14) ...
Setting up libtsan2:amd64 (12.2.0-14) ...
Setting up libjs-jquery (3.6.1+dfsg+~3.5.14-1) ...
Setting up libbinutils:amd64 (2.40-2) ...
Setting up libc-dev-bin (2.36-9+deb12u3) ...
Setting up python3-lib2to3 (3.11.2-3) ...
Setting up python3-wheel-whl (0.38.4-2) ...
Setting up libalgorithm-diff-xs-perl:amd64 (0.04-8+b1) ...
Setting up libcc1-0:amd64 (12.2.0-14) ...
Setting up liblsan0:amd64 (12.2.0-14) ...
Setting up libitm1:amd64 (12.2.0-14) ...
Setting up libc-devtools (2.36-9+deb12u3) ...
Setting up libjs-underscore (1.13.4~dfsg+~1.11.4-3) ...
Setting up libalgorithm-merge-perl (0.08-5) ...
Setting up libctf0:amd64 (2.40-2) ...
Setting up python3-distutils (3.11.2-3) ...
Setting up python3-setuptools (66.1.1-1) ...
Setting up python3-virtualenv (20.17.1+ds-1) ...
Setting up python3-wheel (0.38.4-2) ...
Setting up libgprofng0:amd64 (2.40-2) ...
Setting up libgcc-12-dev:amd64 (12.2.0-14) ...
Setting up python3-pip (23.0.1+dfsg-1) ...
Setting up libjs-sphinxdoc (5.3.0-4) ...
Setting up libc6-dev:amd64 (2.36-9+deb12u3) ...
Setting up binutils-x86-64-linux-gnu (2.40-2) ...
Setting up libstdc++-12-dev:amd64 (12.2.0-14) ...
Setting up binutils (2.40-2) ...
Setting up dpkg-dev (1.21.22) ...
Setting up libexpat1-dev:amd64 (2.5.0-1) ...
Setting up gcc-12 (12.2.0-14) ...
Setting up zlib1g-dev:amd64 (1:1.2.13.dfsg-1) ...
Setting up g++-12 (12.2.0-14) ...
Setting up gcc (4:12.2.0-3) ...
Setting up libpython3.11-dev:amd64 (3.11.2-6) ...
Setting up g++ (4:12.2.0-3) ...
update-alternatives: using /usr/bin/g++ to provide /usr/bin/c++ (c++) in auto mode
Setting up build-essential (12.9) ...
Setting up libpython3-dev:amd64 (3.11.2-1+b1) ...
Setting up python3.11-dev (3.11.2-6) ...
Setting up python3-dev (3.11.2-1+b1) ...
Processing triggers for man-db (2.11.2-2) ...
Processing triggers for libc-bin (2.36-9+deb12u3) ...

Installing docker and docker-compose-plugin using the 'convenience script'
from https://get.docker.com ...
# Executing docker install script, commit: e5543d473431b782227f8908005543bb4389b8de
+ sh -c apt-get update -qq >/dev/null
+ sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -qq apt-transport-https ca-certificates curl >/dev/null
+ sh -c install -m 0755 -d /etc/apt/keyrings
+ sh -c curl -fsSL "https://download.docker.com/linux/debian/gpg" | gpg --dearmor --yes -o /etc/apt/keyrings/docker.gpg
+ sh -c chmod a+r /etc/apt/keyrings/docker.gpg
+ sh -c echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable" > /etc/apt/sources.list.d/docker.list
+ sh -c apt-get update -qq >/dev/null
+ sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -qq docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-ce-rootless-extras docker-buildx-plugin >/dev/null
+ sh -c docker version
Client: Docker Engine - Community
 Version:           24.0.7
 API version:       1.43
 Go version:        go1.20.10
 Git commit:        afdd53b
 Built:             Thu Oct 26 09:08:02 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.7
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.10
  Git commit:       311b9ff
  Built:            Thu Oct 26 09:08:02 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.26
  GitCommit:        3dd1e886e55dd695541fdcd67420c2888645a495
 runc:
  Version:          1.1.10
  GitCommit:        v1.1.10-0-g18a0cb0
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

================================================================================

To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:

    dockerd-rootless-setuptool.sh install

Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.


To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/

WARNING: Access to the remote API on a privileged Docker daemon is equivalent
         to root access on the host. Refer to the 'Docker daemon attack surface'
         documentation for details: https://docs.docker.com/go/attack-surface/

================================================================================


Installation of docker and docker-compose-plugin completed normally.

Checking group memberships - docker adding moi - bluetooth adding moi

Checking whether docker-compose is installed correctly - pass

Checking your version of docker-compose - pass

Cloning the IOTstack repository from GitHub using options --filter=tree:0
Cloning into '/home/moi/IOTstack'...
remote: Enumerating objects: 1479, done.
remote: Counting objects: 100% (117/117), done.
remote: Compressing objects: 100% (116/116), done.
remote: Total 1479 (delta 1), reused 117 (delta 1), pack-reused 1362
Receiving objects: 100% (1479/1479), 840.98 KiB | 11.21 MiB/s, done.
Resolving deltas: 100% (33/33), done.
remote: Enumerating objects: 82, done.
remote: Counting objects: 100% (49/49), done.
remote: Compressing objects: 100% (33/33), done.
remote: Total 82 (delta 0), reused 34 (delta 0), pack-reused 33
Receiving objects: 100% (82/82), 13.44 KiB | 1.34 MiB/s, done.
remote: Enumerating objects: 278, done.
remote: Counting objects: 100% (189/189), done.
remote: Compressing objects: 100% (185/185), done.
remote: Total 278 (delta 33), reused 46 (delta 3), pack-reused 89
Receiving objects: 100% (278/278), 8.57 MiB | 12.82 MiB/s, done.
Resolving deltas: 100% (36/36), done.
Updating files: 100% (280/280), done.
IOTstack cloned successfully into /home/moi/IOTstack

Making python3 the default
update-alternatives: using /usr/bin/python3 to provide /usr/bin/python (python) in auto mode

Checking your version of Python - pass

Checking and updating IOTstack dependencies (pip)
Note: pip3 installs bypass externally-managed environment check
Defaulting to user installation because normal site-packages is not writeable
Collecting blessed
  Downloading blessed-1.20.0-py2.py3-none-any.whl (58 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 58.4/58.4 kB 404.4 kB/s eta 0:00:00
Collecting ruamel.yaml
  Downloading ruamel.yaml-0.18.5-py3-none-any.whl (116 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 116.4/116.4 kB 923.4 kB/s eta 0:00:00
Collecting ruamel.yaml.clib
  Downloading ruamel.yaml.clib-0.2.8-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl (544 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 544.0/544.0 kB 2.9 MB/s eta 0:00:00
Requirement already satisfied: six in /usr/lib/python3/dist-packages (from -r /home/moi/IOTstack/requirements-menu.txt (line 4)) (1.16.0)
Collecting wcwidth
  Downloading wcwidth-0.2.12-py2.py3-none-any.whl (34 kB)
Installing collected packages: wcwidth, ruamel.yaml.clib, blessed, ruamel.yaml
Successfully installed blessed-1.20.0 ruamel.yaml-0.18.5 ruamel.yaml.clib-0.2.8 wcwidth-0.2.12
bash completed - a reboot is required.

Broadcast message from root@testbian on pts/2 (Thu 2023-12-21 11:49:15 AEDT):

The system will reboot now!


moi@testbian:~$ Connection to testbian.local closed by remote host.
Connection to testbian.local closed.


After the reboot, login again:
$ ssh moi@testbian.local
$ ls
IOTstack


Run the IOTstack menu:
$ cd ~/IOTstack
$ ./menu.sh
Checking for project update
From https://github.com/SensorsIot/IOTstack
 * branch            master     -> FETCH_HEAD
Project is up to date
Python virtualenv found.
Python Version: 'Python 3.11.2'. Python and virtualenv is up to date.
Please enter sudo pasword if prompted
Command: docker version -f "{{.Server.Version}}"
Docker version 24.0.7 >= 18.2.0. Docker is good to go.
Project dependencies up to date

Existing installation detected.
Creating python virtualenv for menu...
Installing menu requirements into the virtualenv...

after which the menu takes over the screen.


Choose the MING (Mosquitto, InfluxDB, Node-RED, Grafana) components, including a right-arrow visit on Node-RED to select the default add-ons. Complete the menu process to generate docker-compose.yml.


Start the stack:
$ docker-compose up -d
[+] Running 19/19

… [snip]

[+] Running 5/5
 ✔ Network iotstack_default  Created                                                                                                                                                                                                       0.1s 
 ✔ Container influxdb        Started                                                                                                                                                                                                       0.2s 
 ✔ Container mosquitto       Started                                                                                                                                                                                                       0.2s 
 ✔ Container nodered         Started                                                                                                                                                                                                       0.2s 
 ✔ Container grafana         Started                                                                                                                                                                                                       0.2s 


Use a quick-and-dirty approach to getting IOTstackAliases installed (normally provided by PiBuilder):
$ git clone --depth=1 https://github.com/Paraphraser/IOTstackAliases ~/.local/IOTstackAliases
$ source ~/.local/IOTstackAliases/dot_iotstack_aliases


What's running?
$ DPS
NAMES       CREATED         STATUS                   SIZE
nodered     2 minutes ago   Up 2 minutes (healthy)   0B (virtual 591MB)
influxdb    2 minutes ago   Up 2 minutes (healthy)   0B (virtual 307MB)
grafana     2 minutes ago   Up 2 minutes (healthy)   0B (virtual 399MB)
mosquitto   2 minutes ago   Up 2 minutes (healthy)   0B (virtual 17.7MB)


What images exist?
$ DI
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
iotstack-nodered     latest    44d1226f71be   4 minutes ago   591MB
iotstack-mosquitto   latest    c6cb03629115   4 minutes ago   17.7MB
influxdb             1.8       1c590c16e042   29 hours ago    307MB
grafana/grafana      latest    8387f19108f9   2 days ago      399MB


Job done!