Hackviking He killed Chuck Norris, he ruled dancing so he took up a new hobby…

20Mar/170

Kodi central db backup

Using a central database for all your Kodi media players is convenient. Only one of them need to scan for new content or you can even update the database straight away. It holds state across all the devices like paused movies, watched episodes etc. If you have a large library it takes time to scan it all again so you should keep it backed up. I didn't but now I do!

Continue reading...

1Mar/170

RaspberryPI: Print server

The goal for this build was to create a print server for my Brother HL-110 and Dymo LabelWriter 450 that could be used by both Mac and Windows. It turned out to be more tricky then I expected! After some research, testing and re-installs I came up with a solution that worked. It involves compiling drivers, setting up CUPS and samba to get all the parts to work properly.

Continue reading...

12Jun/162

Raspbian Jessie: Set a static IP-address

For many of my projects on the Raspberry Pi a static, or fixed, IP-address has been needed. Here is a quick tutorial on how to set it up. This is aimed for SSH users who have no GUI on there Pi. Before you configured this by editing the network interfaces config file but not any more. Raspbian Jessie comes with dhcpcd5 by default and you can uninstall it it's just easier to append to it's configuration. Start by opening it's configuration.

sudo nano /etc/dhcpcd.conf

dhcpcd.conf

At the end of this line you can add a static IP-address configuration. Here is an example:

#static ip
interface eth0
static ip_address=192.168.0.3/24
static routers=192.168.0.1
static domain_name_servers=8.8.8.8 8.8.4.4

First we specify the interface eth0 then all options follows with the prefix static. Ip address is specified with subnet, /24 is the equivalent of a subnet mask of 255.255.255.0. We also specify the networks default gateway for all traffic that will leave the network. In most cases this is your router for home built projects. We also need some DNS servers so we can use FQDN instead of just ip addresses when we communicate. In this example I have used the two Google DNS servers.

3Jun/160

HifiBerry Dac on Raspberry Pi OpenElec Kodi

Have been experiencing static noise from the analog output on my Raspberry Pi for some time. Tested several different power sources and it came to a point where I wasn't sure if the noise has always been present or not. In the end I got a HifiBerry Dac+ and some decent cables and the issue went away. The installation was really easy and well documented in the HifiBerry Knowledge base. In the video above you can see the difference, I very much recommend this!

20Apr/160

Raspberry Pi: Wifi AP-client

You have a wifi connection but need an Ethernet connection or need to share it with several computers over Ethernet? That can be easily accomplished with a Raspberry Pi. Sometimes I need two different internet connection for testing different setups. In addition to my own internet connection there is community wifi in public areas in my apartment complex. Since I live right my the pool I can connect to that wifi at my window. To make it easy to use I wanted a router that I could use as my default gateway on any computer or server to access the secondary internet connection. To accomplish this I used a Raspberry Pi 2 with the latest version of Raspian.

Basic setup

I presume that people interesting in doing this kind of setup have the basic knowledge in setting up the Raspberry Pi, like expanding the file system and setting the root password. There are enough guides out there so I'm not going to cover that in this post. Instead we jump right into configuring the wifi. If you use a Raspberry Pi 3 you can use the built in wifi but this guide will work with any Raspberry Pi compatible dongle. Depending on the distance and quality of the signal you might need to opt for one with a better antenna.

If we run cat /etc/network/interfaces we can see that wlan0 refers to /etc/wpa_supplicant/wpa_supplicant.conf for configuration. So let's go ahead and edit that configuration file with sudo nano /etc/wpa_supplicant/wpa_supplicant.conf. The contents looks something like this:

country=GB
 ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
 update_config=1

You can change the country to where ever you are but in most cases you can just leave it be. Some countries use different channels and might need additional configuration. I went with the basic GB even though I'm in the US and it works fine. Then we need to add the configuration for our network, just append it at the end. This guide is for a WPA2 secured network and you should not use anything else for security reasons.

network={
    ssid="xxxxxx"
    psk="xxxxxx"
    proto=RSN
    key_mgmt=WPA-PSK
    pairwise=CCMP
    auth_alg=OPEN
}

Here is a basic outline of what these parameters are for:

SSID - Name of the network you want to connect to.
PSK - Password for the network.
PROTO - RSN = WPA2, WPA = WPA1.
KEY_MGMT - WPA-PSK = Preshared key (regular wifi password setup), WPA-EAP = Authentication via enterprise authentication server.
PAIRWISE - CCMP = AES cipher (WPA2), TKIP = TKIP cipher (WPA1).
AUTH_ALG - OPEN = WPA2

Save that file and exit nano, now we can restart the connection and see that it works.

sudo wpa_action wlan0 stop
sudo ifup wlan0

It will take a while for the DHCP to finish. Then we can check the status in with sudo wpa_cli status. Now we want to make sure that the Raspberry Pi actually uses the internet connection from the wifi and not the local one. Also I want a static ip-address on the Raspberry Pi since it's going to be a router. In raspbian jessie this can't be done from /etc/network/interfaces anymore so we need to add these two lines to /etc/dhcpcd.conf.

interface eth0
static ip_address=192.168.0.2/24

This will make the IP-address 192.168.0.2, subnet mask will be 255.255.255.0 and the lack of default gateway will route all internet traffic over the wifi. I also disable ipv6 since my internal network uses that and I don't want any traffic to spill over that connection. sudo nano /etc/sysctl.conf and add this line at the end:

net.ipv6.conf.all.disable_ipv6 = 1

Then reload the settings and reboot the Raspberry Pi to get the new network settings.

sudo sysctl -p
sudo reboot

Setup forwarding

After reconnecting to the new ip-address we need to enable forwarding. sudo nano /etc/sysctl.conf again and add this line:

nnet.ipv4.ip_forward = 1

And then reload the settings

sudo sysctl -p

Configure IPtables

Then we need to setup iptables to take care of forwarding, NAT and also security.

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Setup NAT from internal network (eth0) out onto the wifi (wlan0).

sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

Allow all traffic from inside to outside.

sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT[/bash]

Allow all established connection back in (let the response through).

sudo iptables -A INPUT -i lo -j ACCEPT

Allow loopback traffic. This is very important otherwise some services will not work on the Raspberry Pi.

sudo iptables -A INPUT -i eth0 -p icmp -j ACCEPT

Allow ping from the local network.

sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

Allow SSH from internal network.

sudo iptables -A INPUT -i eth0 -p tcp --dport 10000 -j ACCEPT

Allow webmin from local network (see below).

sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Allow responses to traffic we initialized.

sudo iptables -P FORWARD DROP
sudo iptables -P INPUT DROP

Lock it down, disallowing all traffic we didn't specify above

sudo apt-get install iptables-persistent
sudo systemctl enable netfilter-persistent

We make the iptable rules we just added persistent after reboot, just answer yes on the questions in the install. The second command will make it persistent after reboot. If you change any iptable rules after this just run the command below to save them. A reference to iptables can be found here http://ipset.netfilter.org/iptables.man.html

sudo netfilter-persistent save

Now our new router is ready to rock! Just change the local clients default gateway to 192.168.0.2 and you will go out to the internet over the new connection.

Install additional packages

Since I'm going to use this for testing purposes I want quick access to config of iptables for example. For this I want to install webmin which is a web based UI for configuring different services on Linux systems. First we need to add the webmin repository to our sources list, so sudo nano /etc/apt/sources.list and add these two lines at the end.

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

Install the repository key so the packages can be verified.

wget http://www.webmin.com/jcameron-key.asc
sudo apt-key add jcameron-key.asc

Then update and install.

sudo apt-get update
sudo apt-get install webmin

Now you can browse to https://192.168.0.2:10000 and login with your pi account. There are extensive documentation for this software online so I'm not going deeper into it in this post but it's an easy way to change the configuration of your box without the need to SSH into it each time. I also want speedtest-cli installed so I can test the speed of the connection. It's just a CLI implementation of the speedtest.net website so you can test the connection speed.

install speedtest-cli for testing as well

 

22Mar/1616

OpenVPN performance on the Pi

Setting up an OpenVPN router on the Pi is pretty straight forward but what about performance? How much performance do we lose by using the Raspberry Pi or the Banana Pi? I have been testing a few different models to see what the overall performance difference is. I also wanted to compare them against each other. OpenVPN is heavy on the CPU due to it's encryption, there are a lot of guides out there about turning the encryption of but why even use a VPN then? It all depends on what you use your VPN tunnel for and what kind of through put you actually need. In this test I have used all three main versions of the Raspberry Pi and a Banana Pi.

Continue reading...

19Mar/1614

Pi: Make a VPN gateway with UPnP port forwarding

Tunneling your traffic over an encrypted VPN can be good for both privacy concerns and circumventing geoblocking. If a service is only offered in a specific country or blocked at your current location. My use case is a bit of both. Currently living in the USA which is the biggest surveillance state on earth I want my traffic to originate from my home country, Sweden, where I know the law and whats allowed and not allowed. Avoiding the mighty force of the NSA completely can only be done by unplugging but at least it's a little bit better. Also several services I want to use is only offered in Sweden, like local Swedish news as an example. Both of these can be solved by setting up a VPN tunnel back Sweden!
Continue reading...

12Mar/164

Banana Pi: First run

Banana Pi was created to fill the need for more powerful hardware than the Raspberry Pi supplied. There are a lot of single board computers spinning of the Raspberry Pi success. Even though Raspberry Pi got the throne much thanks to it's simplicity and relatively ease of use, compared to for example the Odroid, it has been lacking hardware vice for some applications. Raspberry has maintained it's position thanks to it's growing community and further development. With the release of the Raspberry Pi 3 they have at least done a good catch up in terms of performance but are still lacking in other hardware areas.

The Banana Pi I used for the first time today is the very first Banana Pi. This particular one is a bit of a globe-trotter!  I ordered it from Chine over a year ago, while I was still living in Sweden. Un-boxed it, put it in it's case and put it away in a drawer. When a moved to California last year it got stuffed in one of the moving boxes and I finally had time to use it. Even though it's first generation and old it still leaves the Raspberry Pi behind in some ways. Back in the day the dual core 1Ghz processor was a step up from the Raspberry Pi so was the 1Gb memory that was twice the size of what the Raspberry offered at the time.

Putting the Banana Pi along side the Raspberry Pi 3 we see that Raspberry is back on the throne when it comes to performance. It has also added on board wifi and bluetooth which makes wonders for my bedroom Kodi install but the Banana Pi isn't beaten yet if you ask me. It still have a 1Gbit ethernet port while the Raspberry still only supplies you with 100Mbit. Why would this matter? When I started testing BitTorrent Syncing for my geo-location backup I ended up not using a Raspberry Pi for just that reason. Since my data was on a NAS the indexing of files over a 100Mbit connection was just to slow. In the end the 1Gbit ethernet connection on a Odroid-C1 performed so much better then the Raspberry Pi.

Another feature that I really like with the Banana Pi is the SATA port and SATA power connector included on the board. The ability to connect a SATA hard drive directly to the board without using USB opens up for some interesting implementations. In the end I really like Raspberry Pi and Odroid and Banana Pi.... They all share a great base to stand on and are good for different applications. The Raspberry Pi is my first choice for "mainstream" applications like Kodi, OpenVpn servers or Transmission bittorrent servers. But when it comes to building the little more specialized stuff there are other, and some times better, options out there.

When I did the first run of the Odroid (also over a year after I bought it!) I realized it was a bit more complicated then the Raspberry Pi. No sleek easy config tools already on the image. Not as much safety nets to prevent you from messing up your kernel etcetera. So taking out my Banana Pi I expected the same! First I realized that Raspbian is available for the Banana Pi as well! And the sleek easy, step by step setup and configuration was available as well!

bananian-config

If you have ever used the CLI config tool on the Raspberry Pi you will feel right at home! One addition that I really liked is that it forces you to change the root password, in my opinion that should be implemented on the Raspberry Pi as well! You would be amazed how many unsecure Raspberry Pi's there are connected to the internet with SSH ports available. When I first started looking into that I was actually surprised since this isn't something that the regular consumer buys and plugs in to there network.

The tool will also let you configure the following:

  • set your timezone
  • set your locale
  • set your hostname
  • set which hardware your on, Banana Pi - Banana Pro etc...
  • expand your root file system

Then just reboot the system and make sure that everything is up to date!

bananian-update
apt-get update
apt-get upgrade

From what I have read so far, and tested my self, you can more or less run anything on the Banana as you can do on the Raspberry. I'm really looking forward to setting up some implementation utilizing the SATA port. What are your thoughts on this feel free to comment either here or on Google+.

11Mar/160

BtSync: Let my NAS sleep

BitTorrent Sync (btsync) will re-index all files every 10 minutes to look for new files to sync. After installing btsync on Raspberry Pi initially and then ending up running it on an Odroid-C1 my WD NAS never sleeps. The first 48 hours it was expected since it took all that time to index all the files. But now my NAS never sleeps. Since this is a backup solution I don't have the need for it to actually re-index every 10 minutes. If the Western Digital LiveBook Duo is left alone for 20 minutes it will spin down it's hard drives. So here is a quick guide on how to configure the re-index interval for btsync installed on an arm system. This is done on the system initially installed with the Raspberry Pi: BitTorrent Sync guide.

Continue reading...

10Mar/160

Raspberry Pi: BitTorrent sync alternative Syncthing

Btsync is a great tool for syncing data and backups to several different locations. By leveraging the torrent technology you can increase the download/upload speeds by adding more nodes to the swarm. Installing Btsync on a built in system like the Raspberry Pi or Odroid-C1 is a challenge since it consumes a lot of system resources, read more about installing BitTorrent Sync on Raspberry Pi. Reading up on the subject a lot of people did suggest that Syncthing takes up less system resources then btsync so let's install it and try it out.

Pre requirements

Same as for the btsync install I need to access my NAS root NFS share to get all the data that I will sync. So first I setup a mount point and do a persistent mount of that share.

sudo mkdir /mnt/stroot
sudo chmod 777 /mnt/stroot

Then let's edit /etc/fstab so run sudo nano /etc/fstab and add a line representing your share.

192.168.0.5:/nfs /mnt/stroot nfs rsize=8192,wsize=8192,timeo=14,nolock,intr 0 0

This will give me the root for all the shares so I don't have to map every share individually but are able to access all of them as subfolders.

To test this out we can run sudo mount -a. Then reboot the system and check that the mount is persistent. If you have issues with the persistence and are running DHCP please see my Raspbian:fstab doesn't mount NFS on boot article for reference.

Install

Download the Syncthing repository key and add it.

wget -O - https://syncthing.net/release-key.txt | sudo apt-key add -

Add the repository

echo "deb http://apt.syncthing.net/ syncthing release" | sudo tee /etc/apt/sources.list.d/syncthing.list

Update the repository with sudo apt-get update and then install with

sudo apt-get install syncthing

Then try to run it with syncthing, as soon as you see it start properly you can stop it with CTRL + C. To set it up to run as a service we need first reconfigure the bind address.

nano /home/pi/.config/syncthing/config.xml

Look for the gui option, it should look like this:

<gui enabled="true" tls="false">
<address>127.0.0.1:8384</address>
<apikey>2Yy41r5k5oocz6rDIWVsKeP4wUx9uknD</apikey>
<theme>dark</theme>
</gui>

Here you can change all the settings in regard to the UI. Change the bind address to 0.0.0.0 so it will respond to all ip addresses. If your running on a fixed IP and not DHCP you can go ahead and bind it to a specific address if you like. You can also change the tls setting to true, enabling https for the UI. This will however result in a security warning when you browse to the UI due to the self signed certificate.

If you now run syncthing from the command line it will bind to the IP and you will be able to navigate to the UI.

Autostart Syncthing as a "service"

First we need to create a init.d script for Syncthing.

sudo nano /etc/init.d/syncthing

Copy and paste the following into it:

#!/bin/sh
### BEGIN INIT INFO
# Provides:          Syncthing
# Required-Start:    $local_fs $remote_fs $network
# Required-Stop:     $local_fs $remote_fs $network
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Syncthing
# Description:       Syncthing is for backups
### END INIT INFO
 
 
# Documentation available at
# http://refspecs.linuxfoundation.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptfunc.html
# Debian provides some extra functions though
. /lib/lsb/init-functions
 
 
DAEMON_NAME="syncthing"
DAEMON_USER=pi
DAEMON_PATH="/usr/bin/syncthing"
DAEMON_OPTS=""
DAEMON_PWD="${PWD}"
DAEMON_DESC=$(get_lsb_header_val $0 "Short-Description")
DAEMON_PID="/var/run/${DAEMON_NAME}.pid"
DAEMON_NICE=0
DAEMON_LOG='/var/log/syncthing'
 
[ -r "/etc/default/${DAEMON_NAME}" ] &amp;&amp; . "/etc/default/${DAEMON_NAME}"
 
do_start() {
  local result
 
	pidofproc -p "${DAEMON_PID}" "${DAEMON_PATH}" &gt; /dev/null
	if [ $? -eq 0 ]; then
		log_warning_msg "${DAEMON_NAME} is already started"
		result=0
	else
		log_daemon_msg "Starting ${DAEMON_DESC}" "${DAEMON_NAME}"
		touch "${DAEMON_LOG}"
		chown $DAEMON_USER "${DAEMON_LOG}"
		chmod u+rw "${DAEMON_LOG}"
		if [ -z "${DAEMON_USER}" ]; then
			start-stop-daemon --start --quiet --oknodo --background \
				--nicelevel $DAEMON_NICE \
				--chdir "${DAEMON_PWD}" \
				--pidfile "${DAEMON_PID}" --make-pidfile \
				--exec "${DAEMON_PATH}" -- $DAEMON_OPTS
			result=$?
		else
			start-stop-daemon --start --quiet --oknodo --background \
				--nicelevel $DAEMON_NICE \
				--chdir "${DAEMON_PWD}" \
				--pidfile "${DAEMON_PID}" --make-pidfile \
				--chuid "${DAEMON_USER}" \
				--exec "${DAEMON_PATH}" -- $DAEMON_OPTS
			result=$?
		fi
		log_end_msg $result
	fi
	return $result
}
 
do_stop() {
	local result
 
	pidofproc -p "${DAEMON_PID}" "${DAEMON_PATH}" &gt; /dev/null
	if [ $? -ne 0 ]; then
		log_warning_msg "${DAEMON_NAME} is not started"
		result=0
	else
		log_daemon_msg "Stopping ${DAEMON_DESC}" "${DAEMON_NAME}"
		killproc -p "${DAEMON_PID}" "${DAEMON_PATH}"
		result=$?
		log_end_msg $result
		rm "${DAEMON_PID}"
	fi
	return $result
}
 
do_restart() {
	local result
	do_stop
	result=$?
	if [ $result = 0 ]; then
		do_start
		result=$?
	fi
	return $result
}
 
do_status() {
	local result
	status_of_proc -p "${DAEMON_PID}" "${DAEMON_PATH}" "${DAEMON_NAME}"
	result=$?
	return $result
}
 
do_usage() {
	echo $"Usage: $0 {start | stop | restart | status}"
	exit 1
}
 
case "$1" in
start)   do_start;   exit $? ;;
stop)    do_stop;    exit $? ;;
restart) do_restart; exit $? ;;
status)  do_status;  exit $? ;;
*)       do_usage;   exit  1 ;;
esac

Make the init.d script executable and make it start on boot.

sudo chmod +x /etc/init.d/syncthing
sudo update-rc.d syncthing defaults

Now you can start the Syncthing service like any other service.

sudo service syncthing start

Conclusion

The reason I looked into Syncthing in the first place was the memory consumption of btsync. After running a few tests I can see that it's the same with Syncthing. By the time I'm writing this my btsync instance running on my Odroid-C1 has index almost 4Tb of data and is running smoothly. Syncthing is opensource, which I like a lot, but it's a much more immature product then btsync. The windows client is just an .exe that will run a local web server that you connect to. Btsync seems more mature and robust from my initial tests. Syncthing will probably develop into something better but at this time I will go with btsync instead. Btsync is also developed by the torrent technology creators which make me believe in it even more. Install guide for btsync...

Why don't you install both of them and try them out and let me know what you think in the comments?