Hackviking He killed Chuck Norris, he ruled dancing so he took up a new hobby…

30Oct/171

Raspberry Pi: Ubiquiti UniFi Controller

You can use Unifi Controller from your computer to configure and monitor your Ubiquiti access points but a cloud key is much nicer. The Unifi Cloud Key is basically just an ARM computer running of an SD-card. Sound familiar? So what's the difference between that and a Raspberry Pi? Not much besides memory and price. It more or less costs three times as much and the extra memory is not necessary for a small office or home installation. The Unifi Controller doesn't only take care of your access points but also firewall and switches if you use Unifi gear. In my case I have a Ubiquiti Edge Router X as a firewall and that doesn't play with the Unifi Controller. At the same time it has a very nice UI as is and have 5 separate ports for different LAN's while the entry firewall for Unify has 3 where one is WAN and one is for voip. In this article I describe how to setup Unifi Controller on a Raspberry Pi, provision the AP and then keep the Unifi Controller in a different subnet from the WLAN. I also show how to setup a guest wifi on a separate subnet.

Continue reading...

25Sep/177

Automated Raspberry Pi Backup – complete image

I love my Raspberry Pi projects and I run a lot of specialist "mini" servers at home doing everything from torrent sharing of Linux distros to media streaming and media playing. But all Raspberry Pi's and other single board computers that rely on SD-cards sooner or later comes to a point where they trash the card and doesn't boot again.

Every time I run into that situation without remembering exactly what was running and how on the particular Raspberry Pi. I want backups, not just the backup I usually do right after installation but a last night backup or similar. So I put up an NFS share on my NAS to store the backups, it will work just as well with a USB stick connected directly to the Raspberry Pi. Here is a step by step guide how I automated the backups on all my Raspberry Pi's. This script will create a complete image of the SD-card while the Raspberry Pi is running. You can just write that image to a new SD-card and pop it into the Pi and it will be like nothing happened!

Continue reading...

20Mar/170

Kodi central db backup

Using a central database for all your Kodi media players is convenient. Only one of them need to scan for new content or you can even update the database straight away. It holds state across all the devices like paused movies, watched episodes etc. If you have a large library it takes time to scan it all again so you should keep it backed up. I didn't but now I do!

Continue reading...

1Mar/174

RaspberryPI: Print server

The goal for this build was to create a print server for my Brother HL-110 and Dymo LabelWriter 450 that could be used by both Mac and Windows. It turned out to be more tricky then I expected! After some research, testing and re-installs I came up with a solution that worked. It involves compiling drivers, setting up CUPS and samba to get all the parts to work properly.

Continue reading...

14Jun/160

Control Kodi with your TV-remote without CEC

HDMI-CEC is a wonderful thing when you have it! It enables your TV to relay control signals over the HDMI cable which gives you the ability to control your Kodi mediaplayer, or similar device, with your TV remote. Unfortunately not all TV's support this and that leaves you with a few options with disadvantages.

The smart phone apps available for controlling Kodi are good, no question about it. But every time I put on my TV I need to find my smartphone or tablet and make sure I'm on the correct wifi. Call me old fashioned but I like the TV as a semi stand alone device if you know what I mean.

Secondary remotes come in a number of different types. There are the regular IR based once that require additional hardware, if you don't have IR reception on your device. Since all my Kodi boxes are Raspberry Pi based I need additional hardware. There is also stand alone remotes connected to wifi ro Bluetooth which are pretty good but expensive. As soon as your dog, child or other semi destructive member of your household get their hands on it will be broken or gone.

As I mentioned before you need additional hardware on the Raspberry Pi to support a remote control unless it's communicating over the HDMI port. I also want a cheap solution that I can easily replace if damaged or lost. And if possible I don't want a second remote control for my TV setup. Here comes Flirc and saves the day!

Flirc is a programmable USB IR-receiver that can be used with any remote control! It even has a profile for Kodi in it's setup application. It's usually recommended for Kodi users in combination with a standard Apple TV remote. Even if I like the Apple TV remote it's still a second remote. There are a number of unused buttons on any TV remote that can be programmed into the Flirc. In my case I realized that the up, down, right and left keys on my TV remote, that are crucial for Kodi operations, where unused while not in the menu system of my TV. If I tried to use them without the menu open there where no response from the TV at all.

The setup of the Flirc is really easy! Just connect it to your computer and download the software, select the profile and then program the buttons you want. Then just unplug it and connect it to your Kodi box. It is also very sensitive for IR-signals, all my Raspberry Pi's are strapped to the back of my TV furniture but thanks to my white walls the IR-signal bounces in there and are picked up without any problem.

It's currently priced under $23 on Amazon and really worth it. It can be used with any remote and you can replace your TV set and just reprogram it if needed.

 

12Jun/162

Raspbian Jessie: Set a static IP-address

For many of my projects on the Raspberry Pi a static, or fixed, IP-address has been needed. Here is a quick tutorial on how to set it up. This is aimed for SSH users who have no GUI on there Pi. Before you configured this by editing the network interfaces config file but not any more. Raspbian Jessie comes with dhcpcd5 by default and you can uninstall it it's just easier to append to it's configuration. Start by opening it's configuration.

sudo nano /etc/dhcpcd.conf

dhcpcd.conf

At the end of this line you can add a static IP-address configuration. Here is an example:

#static ip
interface eth0
static ip_address=192.168.0.3/24
static routers=192.168.0.1
static domain_name_servers=8.8.8.8 8.8.4.4

First we specify the interface eth0 then all options follows with the prefix static. Ip address is specified with subnet, /24 is the equivalent of a subnet mask of 255.255.255.0. We also specify the networks default gateway for all traffic that will leave the network. In most cases this is your router for home built projects. We also need some DNS servers so we can use FQDN instead of just ip addresses when we communicate. In this example I have used the two Google DNS servers.

3Jun/160

HifiBerry Dac on Raspberry Pi OpenElec Kodi

Have been experiencing static noise from the analog output on my Raspberry Pi for some time. Tested several different power sources and it came to a point where I wasn't sure if the noise has always been present or not. In the end I got a HifiBerry Dac+ and some decent cables and the issue went away. The installation was really easy and well documented in the HifiBerry Knowledge base. In the video above you can see the difference, I very much recommend this!

18May/1616

WD MyPassport Wireless with BitTorrent Sync

SD-card backups in the field as well as automatic upload to your NAS whenever you have an internet connection? Yes it can be done with Western Digital MyPassport Wireless and BitTorrent Sync!

In the past I have always uploaded the footage from my GoPro and compact camera via my laptop in the hotel rooms (or where ever I can find an internet connection). I wanted a more streamlined process and an easy way to empty an SD-card in the field. The MyPassport Wireless takes care of the first problem out of the box. With a built in SD-card reader you can move all content on an SD-card to the built in hard drive. Just set it up to do an automatic copy as soon as an SD-card is present in the reader and it will dump everything to disc.

I also wanted to make an "of site" backup whenever possible. I have been setting up a geo-location backup built on BitTorrent Sync so I already have those servers in place. Since the MyPassport Wireless is ARM based, like a Raspberry Pi, it's pretty straight forward to setup BtSync on this device. It also has built in support for accessing wifi hotspots and connect to the Internet. This can be done via the mobile app. So this guide will give you the following functionality:

  • Dump SD-cards to a hard drive just by carrying the small WD MyPassport Wireless
  • When ever it's conected to the Internet it will start to sync all the new data to your BitTorrent Sync servers.

I'm not sure what the WD warranty would say about this so you do this on your own risk. There is no package manager installed on the MyPassport Wireless so it all have to be done manually. I'm making no claims that this is the best way to do it but I have been testing it out for a while now and it works great so far. Continue reading...

20Apr/160

Raspberry Pi: Wifi AP-client

You have a wifi connection but need an Ethernet connection or need to share it with several computers over Ethernet? That can be easily accomplished with a Raspberry Pi. Sometimes I need two different internet connection for testing different setups. In addition to my own internet connection there is community wifi in public areas in my apartment complex. Since I live right my the pool I can connect to that wifi at my window. To make it easy to use I wanted a router that I could use as my default gateway on any computer or server to access the secondary internet connection. To accomplish this I used a Raspberry Pi 2 with the latest version of Raspian.

Basic setup

I presume that people interesting in doing this kind of setup have the basic knowledge in setting up the Raspberry Pi, like expanding the file system and setting the root password. There are enough guides out there so I'm not going to cover that in this post. Instead we jump right into configuring the wifi. If you use a Raspberry Pi 3 you can use the built in wifi but this guide will work with any Raspberry Pi compatible dongle. Depending on the distance and quality of the signal you might need to opt for one with a better antenna.

If we run cat /etc/network/interfaces we can see that wlan0 refers to /etc/wpa_supplicant/wpa_supplicant.conf for configuration. So let's go ahead and edit that configuration file with sudo nano /etc/wpa_supplicant/wpa_supplicant.conf. The contents looks something like this:

country=GB
 ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
 update_config=1

You can change the country to where ever you are but in most cases you can just leave it be. Some countries use different channels and might need additional configuration. I went with the basic GB even though I'm in the US and it works fine. Then we need to add the configuration for our network, just append it at the end. This guide is for a WPA2 secured network and you should not use anything else for security reasons.

network={
    ssid="xxxxxx"
    psk="xxxxxx"
    proto=RSN
    key_mgmt=WPA-PSK
    pairwise=CCMP
    auth_alg=OPEN
}

Here is a basic outline of what these parameters are for:

SSID - Name of the network you want to connect to.
PSK - Password for the network.
PROTO - RSN = WPA2, WPA = WPA1.
KEY_MGMT - WPA-PSK = Preshared key (regular wifi password setup), WPA-EAP = Authentication via enterprise authentication server.
PAIRWISE - CCMP = AES cipher (WPA2), TKIP = TKIP cipher (WPA1).
AUTH_ALG - OPEN = WPA2

Save that file and exit nano, now we can restart the connection and see that it works.

sudo wpa_action wlan0 stop
sudo ifup wlan0

It will take a while for the DHCP to finish. Then we can check the status in with sudo wpa_cli status. Now we want to make sure that the Raspberry Pi actually uses the internet connection from the wifi and not the local one. Also I want a static ip-address on the Raspberry Pi since it's going to be a router. In raspbian jessie this can't be done from /etc/network/interfaces anymore so we need to add these two lines to /etc/dhcpcd.conf.

interface eth0
static ip_address=192.168.0.2/24

This will make the IP-address 192.168.0.2, subnet mask will be 255.255.255.0 and the lack of default gateway will route all internet traffic over the wifi. I also disable ipv6 since my internal network uses that and I don't want any traffic to spill over that connection. sudo nano /etc/sysctl.conf and add this line at the end:

net.ipv6.conf.all.disable_ipv6 = 1

Then reload the settings and reboot the Raspberry Pi to get the new network settings.

sudo sysctl -p
sudo reboot

Setup forwarding

After reconnecting to the new ip-address we need to enable forwarding. sudo nano /etc/sysctl.conf again and add this line:

nnet.ipv4.ip_forward = 1

And then reload the settings

sudo sysctl -p

Configure IPtables

Then we need to setup iptables to take care of forwarding, NAT and also security.

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Setup NAT from internal network (eth0) out onto the wifi (wlan0).

sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

Allow all traffic from inside to outside.

sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT[/bash]

Allow all established connection back in (let the response through).

sudo iptables -A INPUT -i lo -j ACCEPT

Allow loopback traffic. This is very important otherwise some services will not work on the Raspberry Pi.

sudo iptables -A INPUT -i eth0 -p icmp -j ACCEPT

Allow ping from the local network.

sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

Allow SSH from internal network.

sudo iptables -A INPUT -i eth0 -p tcp --dport 10000 -j ACCEPT

Allow webmin from local network (see below).

sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Allow responses to traffic we initialized.

sudo iptables -P FORWARD DROP
sudo iptables -P INPUT DROP

Lock it down, disallowing all traffic we didn't specify above

sudo apt-get install iptables-persistent
sudo systemctl enable netfilter-persistent

We make the iptable rules we just added persistent after reboot, just answer yes on the questions in the install. The second command will make it persistent after reboot. If you change any iptable rules after this just run the command below to save them. A reference to iptables can be found here http://ipset.netfilter.org/iptables.man.html

sudo netfilter-persistent save

Now our new router is ready to rock! Just change the local clients default gateway to 192.168.0.2 and you will go out to the internet over the new connection.

Install additional packages

Since I'm going to use this for testing purposes I want quick access to config of iptables for example. For this I want to install webmin which is a web based UI for configuring different services on Linux systems. First we need to add the webmin repository to our sources list, so sudo nano /etc/apt/sources.list and add these two lines at the end.

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

Install the repository key so the packages can be verified.

wget http://www.webmin.com/jcameron-key.asc
sudo apt-key add jcameron-key.asc

Then update and install.

sudo apt-get update
sudo apt-get install webmin

Now you can browse to https://192.168.0.2:10000 and login with your pi account. There are extensive documentation for this software online so I'm not going deeper into it in this post but it's an easy way to change the configuration of your box without the need to SSH into it each time. I also want speedtest-cli installed so I can test the speed of the connection. It's just a CLI implementation of the speedtest.net website so you can test the connection speed.

install speedtest-cli for testing as well

 

10Apr/160

Pi: BtSync satellite – spin down hard drive

My BitTorrent satellite has finally synced my 6tb of data over the local network. The initial sync took several days but so far it seems to pretty quick picking up new files and syncing them. Before I move it to my office I want to make sure I get some peace and quite in the office. I need it to spin down the hard drive when not syncing data. I had the same issue with the BitTorrent Sync server in my apartment always spinning up my NAS but this was actually a bit different.

Since this node uses a USB-disk instead of the network shares on a NAS it can actually do some basic stuff, like indexing, without spinning up the drive. I don't know if it's due to the utilization of Truecrypt or if it's built in but there is some cache which allows the btsync daemon to list the files on disk without the disk spinning up. So I don't have to reconfigure the indexing intervall like I had to on the node uses the NAS. That is communicating over the network to the NFS shares of the NAS and it will spin up it's disk every time someone access it. So there I had to reset the sync intervall to 12 hours. But for my backup solution that will be just fine.

The second thing I was sure I had to change was my script for the LCD display. Since it's reads a JSON file with user credentials from the encrypted disk every 45 seconds I thought it would spin up the drive. No it also ended up cached somewhere and everything is working great at the moment. Have tested throwing new files in there and it synconices just fine! The disk spins up, writes the data and goes back to sleep again after 30 minutes.

To achieve this we need to use hdparm, if your on a Raspberry you need sudo before these commands:

apt-get install hdparm

Then we can run it from the command line:

hdparm - S120 /dev/sda1
/dev/sda:
setting standby to 120 (10 minutes)

To make it persistant after reboot just nano /etc/hdparm.conf, and add this at the end of the file:

/dev/sda1 {
spindown_time = 120
}

So this is the last step before I can move it to my office and really test out the GEO-location backup. Here is a list of the other posts about this: