Skip to content
Carl Karsten edited this page Jun 24, 2024 · 6 revisions

How to install the server (where everything gets installed to) on bare metal.

Summary:

  1. build bare debian box ready for ansible
  2. ansible part 1 - everything needed to netboot a pi, and the public facing server bits
  3. put server into maintenance mode (pi has rw access to its files)
  4. boot pi, more ansible
  5. put server into production mode

Step 0

Install the OS using the DebCof Video team box building process:

https://github.com/CarlFK/veyepar/wiki/System-Stack#what-to-do-first

When the setup process asks for hostname: voctotest (default) replace with base. (we don't want a video mixer, we want a simple Debian box.)

Step 1

Once the base install is done: setup ssh keys, ip address, hostname.

ssh in:

sudo apt-get update --allow-releaseinfo-change; sudo apt upgrade

sudo apt install ssh-import-id
sudo ssh-import-id carlfk # give root your own public key

sudo vim /etc/hostname /etc/hosts

sudo vim /etc/network/interfaces

Use your inventory parameters and the DC Video Team playbook to setup a pxe server:

Clone this repo and the dc-video team ansible next to each other:

git clone https://github.com/CarlFK/pici
git clone https://salsa.debian.org/debconf-video-team/ansible dc_a
  • put your machine's hostname in ansible/inventory/hosts under [pxe] and [users]
  • put your machine's 2 MACs into ansible/inventory/host_vars/negk.yml
  • your admin user in ansible/inventory/group_vars/all/all.yml
  • maybe put your box's IP to ansible/inventory/hosts
ansible-playbook dc_a/site.yml --inventory-file pici/ansible/inventory/hosts --user root
ansible-playbook ansible/site.yml --inventory-file ansible/inventory/hosts --user root --limit negk

Now you should have a dhcp/dns/tftp server on the local nic.

Step 3

Boot netboot a Pi, you should see activity on server:

tio /dev/serial0
journalctl -f -u dnsmasq.service

Step 3.1

  1. 'maintenance.sh' - Put the system into maintenance mode (pi can update the server)
  2. Log into pi as root to verify ssh keys are set and populate known_hosts.

This repo has been checked out on the server. it is handy to use that up update the pi (it takes over an hour.) TODO: a bit more instruction here, like ... how does ansible get to pi? (a: port number)

ansible-playbook ansible/site.yml -vv --inventory-file ansible/inventory/hosts --user root --limit pi

Step 4

Put the system into production mode (nfs is ro, enable overlayroot on pi)

production.sh

The system is ready for public consumption.

Clone this wiki locally