en:cube:install
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
en:cube:install [2019/07/09 22:58] – tierce | en:cube:install [2021/09/18 19:21] – [After the install] celo | ||
---|---|---|---|
Line 1: | Line 1: | ||
# Install a cube | # Install a cube | ||
- | FIXEME | + | |
- | This procedure explains how to setup an Internet Cube and configure it for Neutrinet. | + | This procedure explains how to setup an Internet Cube (Olimex [Lime2](https:// |
- | It is based on this document: https://repo.labriqueinter.net/ | + | |
## Generate the VPN certificates | ## Generate the VPN certificates | ||
- | To use our VPN, you need to follow [this registration process](en: | + | In order to use our VPN, you need to follow [this registration process](en: |
- | If, for some reason, you're re-installing | + | In case, for some reason, you are reinstalling |
+ | |||
+ | ## Generate a cube file | ||
+ | |||
+ | To configure Yunohost' | ||
+ | |||
+ | You will also need a file with the credentials chosen while the registration process : | ||
+ | |||
+ | ```bash | ||
+ | cd < | ||
+ | nano auth | ||
+ | ``` | ||
+ | In the file, write your credentials, | ||
+ | |||
+ | ```bash | ||
+ | a.mail@address.xyz | ||
+ | Password or Passphrase | ||
+ | ``` | ||
+ | |||
+ | In the same folder, download Neutrinet' | ||
+ | ```bash | ||
+ | wget https:// | ||
+ | ``` | ||
+ | |||
+ | Run the script : | ||
+ | ```bash | ||
+ | ./ | ||
+ | ``` | ||
Line 18: | Line 44: | ||
* a A20-OLinuXino-LIME board | * a A20-OLinuXino-LIME board | ||
* a microSD card where the Cube operating system (Yunohost/ | * a microSD card where the Cube operating system (Yunohost/ | ||
- | * a MOD-WIFI-R5370-ANT WiFi Antenna | + | * a MOD-WIFI-R5370-ANT WiFi Antenna |
* a 5V DC power adapter | * a 5V DC power adapter | ||
- | * a Neutrinet VPN account | + | * a Neutrinet VPN account |
You can find details about the components and buy them [here](https:// | You can find details about the components and buy them [here](https:// | ||
Line 29: | Line 55: | ||
* An Internet connection to download the Yunohost image. | * An Internet connection to download the Yunohost image. | ||
- | * An ethernet cable to connect the Cube to your home router (e.g: your Proximus BBox) | + | * An ethernet cable to connect the Cube to your home router (i.e. your ISP internet box) |
## Install Yunohost on the SD Card | ## Install Yunohost on the SD Card | ||
- | In order to install | + | ### Download |
- | ### Download the script | + | Download the latest version of Yunohost for internet cubes (Olimex Lime1 or Lime2) from [[https:// |
- | Open a terminal, then: | + | For instance, for a Lime2 board: |
```bash | ```bash | ||
- | $ mkdir ~/ | + | wget https://build.yunohost.org/internetcube-buster-4.1.7.4_v2021.04.01-lime2-stable.img.gz |
- | $ cd ~/ | + | |
- | $ wget https://repo.labriqueinter.net/install-sd.sh | + | |
- | $ chmod 0755 install-sd.sh | + | |
``` | ``` | ||
- | ### Run the script | + | Import |
+ | ```bash | ||
+ | gpg --keyserver keyserver.ubuntu.com --recv-keys 1904C5B42E4856DCD4E9CF96360AAF3259A3E6FF | ||
+ | ``` | ||
- | First remove | + | Download |
+ | ```bash | ||
+ | wget https:// | ||
+ | ``` | ||
- | In your terminal, run (add the -2 argument if you use a Lime2 and not a Lime1 and -e if you wan a fully encrypted file system) | + | Verify |
```bash | ```bash | ||
- | $ ./install-sd.sh [-e] [-2] | + | gpg --verify internetcube-buster-4.1.7.4_v2021.04.01-lime2-stable.img.gz.sig |
``` | ``` | ||
- | And follow the on screen instructions. | + | |
- | It will: | + | Uncompress the Yunohost image: |
- | - detect your SD card | + | ```bash |
- | - download | + | gunzip internetcube-buster-4.1.7.4_v2021.04.01-lime2-stable.img.gz |
- | - verify its integrity | + | ``` |
- | - install | + | |
+ | ### Flash the SD card | ||
+ | |||
+ | Read the Yunohost | ||
+ | |||
+ | First, find the device name of your SD card: | ||
+ | ```bash | ||
+ | lsblk | ||
+ | ``` | ||
+ | Usually, it's `mmcblk0` | ||
+ | |||
+ | Install | ||
+ | ```bash | ||
+ | sudo dd if=internetcube-buster-4.1.7.4_v2021.04.01-lime2-stable.img of=/ | ||
+ | ``` | ||
+ | :!: Ensure that the SD card is *not* mounted during the copy process! | ||
Remove the SD card from your computer when it's done. | Remove the SD card from your computer when it's done. | ||
Line 69: | Line 113: | ||
- Insert the WiFi antenna into the USB port of the Cube's board | - Insert the WiFi antenna into the USB port of the Cube's board | ||
- Insert the SD card into your Cube | - Insert the SD card into your Cube | ||
- | - Connect your Cube to an ethernet cable that is connected to your home router (e.g: your Proximus BBox) | + | - Connect your Cube to an ethernet cable that is connected to your home router (i.e your ISP internet box) |
- Make sure your computer is connected (via WiFi or ethernet) to your home router too (you will connect to your Cube via the local network) | - Make sure your computer is connected (via WiFi or ethernet) to your home router too (you will connect to your Cube via the local network) | ||
Line 83: | Line 127: | ||
In your terminal, run: | In your terminal, run: | ||
```bash | ```bash | ||
- | $ ./install-sd.sh -l | + | for interface in $(ip link show up | grep "state UP" | cut -d ':' |
+ | sudo arp-scan | ||
+ | done | ||
``` | ``` | ||
- | The output should | + | The output should |
``` | ``` | ||
- | Internet Cubes found on the network: | + | 192.168.1.46 |
- | + | ||
- | 1. YunoHost Admin: | + | |
- | SSH Access: | + | |
- | | + | |
``` | ``` | ||
- | In this example, the IP address | + | These are IP addresses |
- | 192.168.1.46 | + | |
- | If the script | + | If you cannot find your cube, try again a couple of minutes later. |
- | # Connect to your Cube via SSH | + | ## Run the Internet |
- | To connect | + | Connect |
+ | (Please replace `192.168.1.46` with the IP address of your Cube found in the previous step) | ||
+ | |||
+ | Provide the following details: | ||
+ | * The main domain name | ||
+ | * First user name | ||
+ | * First user password (this will be your admin password | ||
+ | * Your cube file generated | ||
+ | * Your Wifi hotspot credentials (optional) | ||
+ | |||
+ | You will be able to change | ||
+ | |||
+ | ### Install the Neutrinet app | ||
+ | |||
+ | Your VPN certificate will be valid for 1 year. | ||
+ | |||
+ | Connect to your Cube with SSH: | ||
```bash | ```bash | ||
- | $ ssh root@192.168.1.46 | + | ssh admin@192.168.1.46 |
``` | ``` | ||
(Please replace 192.168.1.46 with the IP address of your Cube found in the previous step) | (Please replace 192.168.1.46 with the IP address of your Cube found in the previous step) | ||
- | The root password of your Cube is: | ||
- | olinux | ||
- | You'll be asked to change it. Please choose a strong password and do not loose it. | ||
- | ## Configure your Cube for use with Neutrinet | + | Install the Neutrinet app for Yunohost in order to let the cube automatically renew the certificate before expiration: |
+ | ```bash | ||
+ | sudo yunohost app install neutrinet | ||
+ | ``` | ||
+ | You can keep the default values. | ||
+ | |||
+ | ## Configure | ||
+ | |||
+ | See [this page](dns). | ||
+ | |||
+ | ## Configure IPv6 for the Hotspot Wifi | ||
+ | |||
+ | If you installed the hotspot Wifi, you need an extra step to configure IPv6. | ||
+ | |||
+ | Connect to https:// | ||
+ | |||
+ | Go to your client details by clicking on the entry with mail address. | ||
+ | |||
+ | You should see IPv6 subnet lease (the row with a `/64` IPv6). | ||
+ | |||
+ | In case you don't have a IPv6 subnet lease yet, click on `Modify IP lease assignment`. | ||
+ | |||
+ | Then click on your mail address and click `Add IPv6 subnet lease`. | ||
+ | |||
+ | Choose a range of 64, and click on the `Assign` button. | ||
+ | |||
+ | You can then go back to the home page to see your new IPv6 subnet lease. | ||
+ | |||
+ | Connect to Wifi Hotspot admin of your internet cube: https:// | ||
+ | |||
+ | Then, under the tab `IPv6`, paste the IPv6 subnet lease to the delegated prefix field. | ||
+ | |||
+ | Click on the button `Save and reload` to apply your changes. | ||
+ | |||
+ | ## Troubleshootings | ||
+ | |||
+ | If you have issues, or maybe you were able to find a fix for an issue, do not hesitate to contact us : https:// | ||
+ | |||
+ | ### During the install | ||
+ | |||
+ | #### Debian repositories changed from stable to oldstable | ||
+ | |||
+ | See also https:// | ||
+ | |||
+ | At the very first step of the internet cube installer, the install is stuck with the following error: | ||
+ | ``` | ||
+ | E: Repository ' | ||
+ | E: Repository ' | ||
+ | E: Repository ' | ||
+ | Command ' | ||
+ | ``` | ||
- | Now that you're connected | + | Connect with SSH to your cube with the root account: |
```bash | ```bash | ||
- | root@olinux:~# wget https://raw.githubusercontent.com/ | + | ssh root@192.168.1.46 |
- | root@olinux: | + | |
- | root@olinux: | + | |
``` | ``` | ||
+ | Enter `yunohost` as password. | ||
- | And follow | + | Then, just run: |
- | Important: at some point during the installation, | + | ```bash |
- | neutrinet | + | apt update |
+ | ``` | ||
+ | And then answer yes to the questions. | ||
- | It will: | + | #### VPN install |
- | - ask you for: | + | |
- | - a Main domain name. If you choose example.com, | + | |
- | - a Username, used to connect to the user interface and access your apps | + | |
- | - your Firstname/ | + | |
- | - an Email. It must contain the domain previously entered as second part, e.g: jon@example.com | + | |
- | - VPN client certificate. This is the content of the client.crt file you download. | + | |
- | - VPN client key. This is the content of the client.key file you download. | + | |
- | - CA server certificate. This is the content of the ca.crt file you download. | + | |
- | - VPN username/ | + | |
- | - IPv6 delegated prefix. If you don't have one, leave it blank (only necessary if you want to use IPv6) | + | |
- | - WiFi AP SSID. This is the name of the WiFi network created by your Cube, as it will appear in the available WiFi list of your computer. | + | |
- | - The Administration password. This password is: neutrinet | + | |
- | - update the system | + | |
- | - finish the Yunohost configuration | + | |
- | - install | + | |
- | - vpnclient: to connect to the Neutrinet VPN | + | |
- | - hotspot: to create a WiFi network | + | |
- | - doctorcube: to help fix the Cube in some situations | + | |
- | - neutrinet_ynh: | + | |
- | ## Change all passwords | + | See also https:// |
- | Those passwords have been set to 'neutrinet' | + | In case there are special characters in your VPN account password:, the install will fail with the following error: |
+ | ``` | ||
+ | Running: yunohost app addaccess vpnclient -u '******' | ||
+ | ' | ||
+ | ' | ||
+ | allowed_users: | ||
+ | vpnclient: ****** | ||
+ | Running: yunohost app setting vpnclient service_enabled -v 1 | ||
+ | Running: ynh-vpnclient-loadcubefile.sh -u ' | ||
+ | [VPN] Error: Configuration updated but service reload failed | ||
+ | Command ' | ||
+ | ``` | ||
- | - Administration password: https:// | + | Connect to your internet cube with the admin account: |
- | - User password: https:// | + | ```bash |
- | - WiFi Hotspot password: https:// | + | ssh admin@192.168.1.46 |
- | - root password: | + | ``` |
- | | + | Enter your admin password. |
- | | + | |
- | $ passwd | + | |
- | | + | |
- | ## Configure | + | Then, run the command that failed: |
+ | ```bash | ||
+ | sudo ynh-vpnclient-loadcubefile.sh -u "< | ||
+ | ``` | ||
+ | (Please replace `< | ||
- | See [this page](dns). | + | :!: Make sure to keep the quotes! |
+ | |||
+ | On the internet cube installer, retry the last step by clicking on the yellow button. | ||
+ | |||
+ | #### The loading bar freeze | ||
+ | |||
+ | If the loading bar freeze during the install, set the debug mode button to up. | ||
+ | |||
+ | You will then see the details of the install and what the install procedure is doing. | ||
+ | |||
+ | #### iptables/ | ||
+ | |||
+ | See https:// | ||
+ | |||
+ | This is due to a kernel update: you just need to reboot the cube. | ||
+ | |||
+ | Then, connect to the internet cube installer and retry the last step. | ||
+ | |||
+ | ### After the install | ||
+ | |||
+ | #### Issues with /tmp in RAM | ||
+ | |||
+ | By default, the files `/tmp` folder are stored in RAM, which isn't a good idea when you have less than 1Gb available in a cube. See [tmpfs / armbian](https:// | ||
+ | |||
+ | You can disable this by running the following: | ||
+ | ```bash | ||
+ | sudo sed s/ | ||
+ | sudo sed ' | ||
+ | ``` | ||
+ | |||
+ | Then, reboot the cube: | ||
+ | ```bash | ||
+ | sudo reboot | ||
+ | ``` | ||
+ | |||
+ | #### Unable to access some websites from the cube | ||
+ | |||
+ | When your cube is connected to the Neutrinet VPN in IPv6, you might be unable to access some websites, although you are able to ping them. In addition, if you have a domain in .nohost.me or .nohost.fr, etc. your cube won't be able to update the DynDNS. | ||
+ | |||
+ | Connect with SSH to the cube: | ||
+ | ```bash | ||
+ | ssh admin@192.168.1.46 | ||
+ | ``` | ||
+ | |||
+ | You need to reduce the MTU used to connect to the VPN: | ||
+ | ```bash | ||
+ | sudo nano / | ||
+ | ``` | ||
+ | In the section `neutrinet` or `Custom`, add the line: | ||
+ | ``` | ||
+ | mssfix 1400 | ||
+ | ``` | ||
+ | |||
+ | Then, restart the VPN client: | ||
+ | ```bash | ||
+ | sudo systemctl stop openvpn@client.service | ||
+ | sudo systemctl start ynh-vpnclient-checker | ||
+ | ``` | ||
+ | |||
+ | #### Roundcube fails to install on Lime 1 | ||
+ | |||
+ | Roundcube require more than 500M to install. On lime 1, it's necessary to add swap. You can do it by running the following : | ||
+ | |||
+ | ```bash | ||
+ | sudo fallocate -l 1G /swapfile | ||
+ | sudo chmod 600 /swapfile | ||
+ | sudo mkswap /swapfile | ||
+ | sudo swapon /swapfile | ||
+ | ``` | ||
+ | You can verify that swap is available : | ||
+ | |||
+ | ```bash | ||
+ | sudo swapon --show | ||
+ | ``` | ||
+ | |||
+ | This should return a line about the swap. | ||
+ | |||
+ | Then edit your fstab file to activate the swap on startup : | ||
+ | |||
+ | ```bash | ||
+ | sudo nano / | ||
+ | ``` | ||
+ | |||
+ | Add the line : | ||
+ | ```bash | ||
+ | /swapfile none swap sw 0 0 | ||
+ | ``` | ||
- | ## Problems | ||
- | We try to keep a list of issues we face at https:// | ||
- | If you have issues, or maybe you were able to find a fix for an issue, do not hesitate to contact us. |
en/cube/install.txt · Last modified: 2022/09/16 13:07 by celo