Ultra Low Cost Performance Servers

Raspberry Image for Remote Maintenance

How To prepare a Raspberry Pi device to be used as a remote maintenance box by Nexedi team
  • Last Update:2020-04-22
  • Version:
  • Language:

Prepare Raspberry for Remote Maintenance

 

Context

When RapidSPace provider needs to do some maintenance on the server and they want the help of Nexedi people, it is better to have a Raspberry Pi device where nexedi team can always connect to. This raspberry pi will connect to the internet using the hotspot of mobile phone. Nexedi team will connect to this raspberry pi using re6st.

 

How to setup the raspberry pi

auto eth0
iface eth0 inet static
  address 192.168.46.2
  netmask 24

# setup of Wifi connection, make sure to use the parameter from your phone
auto wlan0
iface wlan0 inet dhcp
        wpa-ssid yourwifiname
        wpa-psk yourpassword
  • install Freefib re6st (run the comands as root)
wget https://deploy.erp5.net/gnet/re6st # in China, you can use "wget https://deploy.erp5.cn/gnet/re6st"

# make sure to have requested a token (see vifib-HowTo.Request.Freefib.Re6st.Token)
FORCE=yes bash re6st

# you will need to insert your token and chose if you want router advertisement
  • install openssh-server
sudo apt install openssh-server
sudo systemctl start ssh
sudo systemctl enable ssh
  • setup the nexedi team ssh key in pi account (run the command below as pi user)
cat >> ~/.ssh/authorized_keys << EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5qVcd6gclQmxL9i0Vsasy6vMiVaIjKHHNAwVBRjx0Ie+sDxaCZRJHrRGJmbDMMJBSV2vO08DgureHdDkXoLpR4M7LjgjPW/gAP3nQ9w0b8L1VixXvXiIDWIdgeD+beHrMJyZM0cbEWN1nGL0eMP8C9PWIZDvxPvAGDwW1uSDKdBtfQuLTcByWQa0IP9I/tJaC5gov8IOdWS6x7pqZW29SYoRd0HOQJfODoq8lFhtCrpMbzgXEaXTglSTXPI92URqSAqY2WXW1Aqm3baZSU5eM9HfU7a6OYC8RQ0Lywxw276uHRribLSPZelWO+HiIEu7jQ3VUIe0bXu5tgcMsuswd luke@nexedi.com-chronos

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5MAMmMmojqNRoOnGc7xGoJWWAzYo2f2zO2K4elsZhHfG6l2SQJTmna0DuUi8qEtBbA9+TN1HAOeEXQKMsQyydG8dAE9vT41Lj5y8kXQDDquQxcpTIrqjmSqxjG42Olk+sT+XvcdyqA//29OHhhrKdhIf9LAOsIPHDYW06hRMf7kXIgt3MNi8ayPpA9coTHIscvV8MzwbF2q8Owrkj5UpPmSd/cjmFTcijT3rXmN0E1d3lrCvIuqxFBsFB47o0q53rFZMc5HoHQjJbg6dB4E0GNT0Ujl9ZaIDEzQbe1/T5BVWXrwDfYXbj8UlqtXeFQlo2dB+au2tHw56s4boqDxIl thomas.gambier@nexedi.com
EOF
  • give the IPv6 to the Nexedi team (run "ip -6 address" command and give the output to nexedi team) so they can test if they can access

 

Optional: install PXE boot server

This step is optional and should be carried on only if nexedi team ask you to. Otherwise, you can stop now.

  • log in with SSH to your raspberry and run the following script:
#!/bin/bash

apt install -y dnsmasq

cat << EOF > /etc/dnsmasq.conf
port=0
interface=eth0
dhcp-range=192.168.46.51,192.168.46.150,12h
dhcp-option=3,192.168.46.1
dhcp-option=vendor:Etherboot,60,"Etherboot"
dhcp-boot=grubx64.efi
enable-tftp
tftp-root=/tftpboot/debian10
tftp-secure
log-dhcp
EOF

# create Debian 10 boot directory
mkdir -p /tftpboot/debian10
cd /tftpboot/debian10
wget http://ftp.debian.org/debian/dists/buster/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xzvf netboot.tar.gz
ln -s debian-installer/amd64/grubx64.efi 


chown -R dnsmasq: /tftpboot/

systemctl restart dnsmasq
systemctl enable dnsmasq

 

Adjust the network if needed

If the switch address is not 192.168.46.1, you will need to adjust 2 things. Please do:

  • login to raspberry pi with user "pi" and password "nexedi"
  • edit /etc/network/interfaces to change the address and the gateway address
  • edit /etc/dnsmasq.conf to change the lines "dhcp-range" and "dhcp-option=3"