Difference between revisions of "PortaPi Router"

From kipiki
Jump to: navigation, search
(Image deployment)
(Build)
Line 25: Line 25:
 
*Raspbian lite image (debian stretch) - [https://www.raspberrypi.org/downloads/raspbian/ Raspbian Downloads page]
 
*Raspbian lite image (debian stretch) - [https://www.raspberrypi.org/downloads/raspbian/ Raspbian Downloads page]
  
=Build=
+
=Buildout Process=
  
 
==Image deployment==
 
==Image deployment==
Line 76: Line 76:
 
# sync
 
# sync
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
 +
After the image is deployed to the microsd card, put it into the pi, hook up the pi to a monitor, keyboard, wired internet connection
 +
 +
Power the pi on, it will automatically resize its second partition (root) to fill the sd card then reboot.
 +
 +
Log into the pi, default credentials:<br>
 +
User: pi
 +
Pass: raspberry
 +
 +
==Setting up initial system==
 +
Items covered in this section:
 +
*Set user password
 +
*Set hostname
 +
*Update system
 +
 +
==Setting up WPASupplicant==
 +
Items covered in this section:
 +
*Having the internal wireless card connect to a building wireless access point automatically
 +
 +
==Building the local access point==
 +
Items covered in this section:
 +
*Building an access point using the usb
 +
 +
==Setting up DHCP/DNS==
 +
Items covered in this section:
 +
*Setting up dnsmasq to broadcast DHCP over access point and physical lan
 +
*Setting up local resolutions for DNS
 +
*Setting up Stephen Black's Hostfile
 +
 +
===dnsmasq setup===
 +
 +
===Local DNS resolutions===
 +
 +
===Stephen Black's Hostfile===
 +
This section covers using Stephen Black's Hostfile.  It is used for two things, and is configurable:
 +
*Protect users from things like ads, tracking, malware, viruses
 +
*Prevent users from going to nefarious sites.
 +
 +
As cool as the hosts file is, please take the following into consideration:
 +
*If you want pure-internet access, do not perform this section.  Things like ad services will not work with this enabled.
 +
*I generally consider this as protect only, if you block stuff that users *want* to see, they will find a way around it.
 +
 +
==Setting up routes and restrictions==
 +
 +
==Caretaking/after build==
 +
Items covered in this section:
 +
*Updating the installation
 +
*Saving/restoring image for backup or if intrusion concern

Revision as of 15:47, 30 August 2017

'This is a WIP document, should be finished by Sept 2nd 2017 at the latest'

Synopsis

Building a very small portable lan for groups like the 2600 and lug where you want shared resources without bringing in the big machines/routers/ect but still providing a useful environment.

Points to accomplish with build

  • Have one to two units, small enough to comfortably fit in small backpack compartment
  • No interaction required at meeting to have it up and running, steps: 1> apply power, 2> drink beer
  • Automatically set up on wireless - pre-configured to

Hardware Used

  • Raspberry Pi 3 B+ Wireless
  • Sandisk Ultra 32GB - I suggest using Sandisk Ultra or Extreme cards as they have error correcting, cheap SD cards usually die in short order being used as root for a computer.
  • Anker 20000 battery that can put out 4A (way overkill)
  • Edimax nano wireless that works with linux (for spawning its own access point)
  • Switch that can run off 5v - For me a Trendnet TEG-S5g then using a direct usb -> 2.1mm barrel connector to power
  • Short Ethernet cable
  • Short USB cable (Pi Power)
  • Short USB -> 2.1mm jack (Switch Power)

Finished build picture

#### Picture Placeholder ####

Software Used

Buildout Process

Image deployment

First we are going to download, extract then stick the image on our microsd card


I will be using a linux machine to perform these initial imaging steps.


Deploying the image:

  • Download whatever linux your using (I'm using raspbian / debian stretch in this case) using whatever method you like, I used the torrent via deluge
  • Put your microsd into a reader, and insert into your linux box
  • Find what your device got named, on a single disk modern linux system it is probably /dev/sdb
  • Make sure you do not have data on the microsd that you want to preserve, the following actions will erase the microsd. My example is for /dev/sdb, ensure you use the proper device for your microsd, I am not responsible for destroyed data.


The following commands are run as root

# fdisk -l /dev/sdb
Disk /dev/sdb: 29.7 GiB, 31914983424 bytes, 62333952 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x8c9f67fa

Device     Boot Start      End  Sectors  Size Id Type
/dev/sdb1        2048 62333951 62331904 29.7G  b W95 FAT32
# time dd if=2017-08-16-raspbian-stretch-lite.img of=/dev/sdb bs=4M
442+1 records in
442+1 records out
1854418944 bytes (1.9 GB, 1.7 GiB) copied, 199.563 s, 9.3 MB/s

real	3m19.565s
user	0m0.000s
sys	0m1.727s
# fdisk -l /dev/sdb
Disk /dev/sdb: 29.7 GiB, 31914983424 bytes, 62333952 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xee397c53

Device     Boot Start     End Sectors  Size Id Type
/dev/sdb1        8192   93813   85622 41.8M  c W95 FAT32 (LBA)
/dev/sdb2       94208 3621911 3527704  1.7G 83 Linux
# sync

After the image is deployed to the microsd card, put it into the pi, hook up the pi to a monitor, keyboard, wired internet connection

Power the pi on, it will automatically resize its second partition (root) to fill the sd card then reboot.

Log into the pi, default credentials:
User: pi Pass: raspberry

Setting up initial system

Items covered in this section:

  • Set user password
  • Set hostname
  • Update system

Setting up WPASupplicant

Items covered in this section:

  • Having the internal wireless card connect to a building wireless access point automatically

Building the local access point

Items covered in this section:

  • Building an access point using the usb

Setting up DHCP/DNS

Items covered in this section:

  • Setting up dnsmasq to broadcast DHCP over access point and physical lan
  • Setting up local resolutions for DNS
  • Setting up Stephen Black's Hostfile

dnsmasq setup

Local DNS resolutions

Stephen Black's Hostfile

This section covers using Stephen Black's Hostfile. It is used for two things, and is configurable:

  • Protect users from things like ads, tracking, malware, viruses
  • Prevent users from going to nefarious sites.

As cool as the hosts file is, please take the following into consideration:

  • If you want pure-internet access, do not perform this section. Things like ad services will not work with this enabled.
  • I generally consider this as protect only, if you block stuff that users *want* to see, they will find a way around it.

Setting up routes and restrictions

Caretaking/after build

Items covered in this section:

  • Updating the installation
  • Saving/restoring image for backup or if intrusion concern