Raspberry Pi/Zero 2W/Ubuntu/24.04: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
No edit summary
 
(44 intermediate revisions by the same user not shown)
Line 1: Line 1:
{|class='wikitable' style='width:100%;margin:-11px 0 6px 0'
{|class='wikitable'
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
lsblk
lsblk
:'
:'
Line 10: Line 10:
</syntaxhighlight>
</syntaxhighlight>
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
ls -alh /media/${USER}/system-boot/{ssh,{config,cmdline}.txt}
ls -alh /media/${USER}/system-boot/{ssh,{config,cmdline}.txt}
:'
:'
Line 20: Line 20:
|-
|-
|valign='top'|
|valign='top'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
ls -lah /media/${USER}/writable/etc/netplan/
ls -lah /media/${USER}/writable/etc/netplan/
:'
:'
Line 30: Line 30:
</syntaxhighlight>
</syntaxhighlight>
|valign='top'|
|valign='top'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
ls -lah /media/${USER}/writable/etc/udev/rules.d/
ls -lah /media/${USER}/writable/etc/udev/rules.d/
:'
:'
Line 41: Line 41:
|-
|-
|valign='top' colspan='2'|
|valign='top' colspan='2'|
{|class='wikitable mw-collapsible mw-collapsed' style='width:100%;margin:3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
system-boot » config.txt
system-boot » config.txt
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
cat /media/${USER}/system-boot/config.txt && echo
cat /media/${USER}/system-boot/config.txt && echo
<<-'TXT'
<<-'TXT'
Line 113: Line 113:
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
|}
|}
{|class='wikitable mw-collapsible mw-collapsed' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left'|
!scope='col' style='text-align:left'|
system-boot » cmdline.txt
system-boot » cmdline.txt
|-
|-
|valign='top'|
|valign='top'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
cat /media/${USER}/system-boot/cmdline.txt && echo
cat /media/${USER}/system-boot/cmdline.txt && echo
:'
:'
Line 128: Line 128:


==SD Card » Pre-Boot==
==SD Card » Pre-Boot==
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0'
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left'|
!scope='col' style='text-align:left'|
SD Card » Pre-Boot
SD Card » Pre-Boot
|-
|-
|valign='top'|
|valign='top'|
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0'
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
system-boot » config.txt
system-boot » config.txt
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
cat <<'INI' | tee -a /media/${USER}/system-boot/config.txt >/dev/null
cat <<'INI' | tee -a /media/${USER}/system-boot/config.txt >/dev/null
dtoverlay=dwc2
dtoverlay=dwc2
Line 148: Line 148:
</syntaxhighlight>
</syntaxhighlight>
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
lsmod | grep -E 'dwc2|g_ether'
lsmod | grep -E 'dwc2|g_ether'
dmesg | grep -E 'dwc2'
dmesg | grep -E 'dwc2'
Line 158: Line 158:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible mw-collapsed' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left'|
!scope='col' style='text-align:left'|
system-boot » cmdline.txt
system-boot » cmdline.txt
|-
|-
|valign='top'|
|valign='top'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
# modules-load=dwc2
# modules-load=dwc2


Line 172: Line 172:
|-
|-
|valign='top'|
|valign='top'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
# modules-load=dwc2,g_ether
# modules-load=dwc2,g_ether


Line 181: Line 181:
|-
|-
|valign='top'|
|valign='top'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
# modules-load=dwc2,g_ether
# modules-load=dwc2,g_ether
# g_ether.host_addr=12:a5:cf:42:92:fd
# g_ether.host_addr=12:a5:cf:42:92:fd
Line 191: Line 191:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible mw-collapsed' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
writable » 10-usb-wan.yaml
writable » 10-usb-wan.yaml
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='yaml'>
<syntaxhighlight lang='yaml'>
ls -lah            /media/${USER}/writable/etc/netplan/
ls -lah            /media/${USER}/writable/etc/netplan/
cat <<'YML' | sudo /media/${USER}/writable/etc/netplan/10-usb-wan.yaml >/dev/null
cat <<'YML' | sudo /media/${USER}/writable/etc/netplan/10-usb-wan.yaml >/dev/null
Line 221: Line 221:


|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
sudo netplan try --timeout 60
sudo netplan try --timeout 60
sudo netplan generate
sudo netplan generate
Line 245: Line 245:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
writable » 99-usb-gadget.yaml
writable » 99-usb-gadget.yaml
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='yaml'>
<syntaxhighlight lang='yaml'>
ls -lah                /media/${USER}/writable/etc/netplan/
ls -lah                /media/${USER}/writable/etc/netplan/
cat <<'YML' | sudo tee /media/${USER}/writable/etc/netplan/99-usb-gadget.yaml >/dev/null
cat <<'YML' | sudo tee /media/${USER}/writable/etc/netplan/99-usb-gadget.yaml >/dev/null
Line 268: Line 268:


|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
sudo netplan try --timeout 60
sudo netplan try --timeout 60
sudo netplan generate
sudo netplan generate
Line 285: Line 285:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
writable » 70-usb-gadget-net.rules
writable » 70-usb-gadget-net.rules
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
ls -lah                /media/${USER}/writable/etc/udev/rules.d/
ls -lah                /media/${USER}/writable/etc/udev/rules.d/
cat <<'INI' | sudo tee /media/${USER}/writable/etc/udev/rules.d/70-usb-gadget-net.rules >/dev/null
cat <<'INI' | sudo tee /media/${USER}/writable/etc/udev/rules.d/70-usb-gadget-net.rules >/dev/null
Line 300: Line 300:


|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
sudo udevadm control --reload
sudo udevadm control --reload
sudo udevadm trigger
sudo udevadm trigger
Line 312: Line 312:


==SD Card » Post-Boot==
==SD Card » Post-Boot==
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0'
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left'|
!scope='col' style='text-align:left'|
SD Card » Post-Boot
SD Card » Post-Boot
|-
|-
|valign='top'|
|valign='top'|
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0'
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
Post-Boot » Swapfile
Post-Boot » Swapfile
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
cat <<'EXE' | sudo bash
cat <<'EXE' | sudo bash
swapoff /swapfile
swapoff /swapfile
Line 331: Line 331:
</syntaxhighlight>
</syntaxhighlight>
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
cat << FST | sudo tee -a /etc/fstab >/dev/null
cat << FST | sudo tee -a /etc/fstab >/dev/null
# Loopback Swap Space » 512Mi + 512Mi  
# Loopback Swap Space » 512Mi + 512Mi  
Line 340: Line 340:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible mw-collapsed' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
Post-Boot » 10-usb-wan.yaml
Post-Boot » 10-usb-wan.yaml
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='yaml'>
<syntaxhighlight lang='yaml'>
ls -lah            /etc/netplan/
ls -lah            /etc/netplan/
cat <<'YML' | sudo /etc/netplan/10-usb-wan.yaml >/dev/null
cat <<'YML' | sudo /etc/netplan/10-usb-wan.yaml >/dev/null
Line 370: Line 370:


|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
sudo netplan try --timeout 60
sudo netplan try --timeout 60
sudo netplan generate
sudo netplan generate
Line 394: Line 394:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
Post-Boot » 99-usb-gadget.yaml
Post-Boot » 99-usb-gadget.yaml
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='yaml'>
<syntaxhighlight lang='yaml'>
ls -lah                /etc/netplan/
ls -lah                /etc/netplan/
cat <<'YML' | sudo tee /etc/netplan/99-usb-gadget.yaml >/dev/null
cat <<'YML' | sudo tee /etc/netplan/99-usb-gadget.yaml >/dev/null
Line 417: Line 417:


|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
sudo netplan try --timeout 60
sudo netplan try --timeout 60
sudo netplan generate
sudo netplan generate
Line 434: Line 434:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
{|class='wikitable mw-collapsible' style='width:100%;margin:6px 0 3px 0'
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
!scope='col' style='text-align:left' colspan='2'|
Post-Boot » 70-usb-gadget-net.rules
Post-Boot » 70-usb-gadget-net.rules
|-
|-
|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='ini'>
<syntaxhighlight lang='ini'>
ls -lah                /etc/udev/rules.d/
ls -lah                /etc/udev/rules.d/
cat <<'INI' | sudo tee /etc/udev/rules.d/70-usb-gadget-net.rules >/dev/null
cat <<'INI' | sudo tee /etc/udev/rules.d/70-usb-gadget-net.rules >/dev/null
Line 449: Line 449:


|valign='top' style='width:50%'|
|valign='top' style='width:50%'|
<syntaxhighlight style='margin:3px 0' lang='bash'>
<syntaxhighlight lang='bash'>
sudo udevadm control --reload
sudo udevadm control --reload
sudo udevadm trigger
sudo udevadm trigger
Line 458: Line 458:
</syntaxhighlight>
</syntaxhighlight>
|}
|}
|}
==Host » Ethernet » USB0==
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left'|
Host » Ethernet » USB0
|-
|valign='top'|
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
Host » 70-pi-usb-net.rules
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='ini'>
ls -lah                /etc/udev/rules.d/
cat <<'INI' | sudo tee /etc/udev/rules.d/70-pi-usb-net.rules >/dev/null
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="12:a5:cf:42:92:fd", NAME="usb0"
INI
sudo chmod 644 /etc/udev/rules.d/70-pi-usb-net.rules
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
sudo udevadm control --reload
sudo udevadm trigger
sudo ip add show usb0
ping -c3 192.168.8.1
</syntaxhighlight>
|}
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
Host » 20-usb0.network » Match » MAC
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='ini'>
ls -lah                /etc/systemd/network/
cat <<'INI' | sudo tee /etc/systemd/network/20-usb0.network >/dev/null
[Match]
MACAddress=12:a5:cf:42:92:fd
[Network]
Address=192.168.8.1/24
INI
sudo chown root:root /etc/systemd/network/20-usb0.network
sudo chmod 644      /etc/systemd/network/20-usb0.network
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
ls -l /etc/systemd/network/20-usb0.network
sudo systemctl restart systemd-networkd
networkctl status usb0
ip addr show usb0
networkctl list
ping -c3 192.168.10.1
ping -c3 192.168.10.2
</syntaxhighlight>
|}
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
Host » 20-usb0.network » Match » Name
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='ini'>
ls -lah                /etc/systemd/network/
cat <<'INI' | sudo tee /etc/systemd/network/20-usb0.network >/dev/null
[Match]
Name=usb0
[Link]
MACAddress=12:a5:cf:42:92:fd
[Network]
Address=192.168.8.1/24
INI
sudo chown root:root /etc/systemd/network/20-usb0.network
sudo chmod 644      /etc/systemd/network/20-usb0.network
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
ls -l /etc/systemd/network/20-usb0.network
sudo systemctl restart systemd-networkd
networkctl status usb0
ip addr show usb0
networkctl list
ping -c3 192.168.10.1
ping -c3 192.168.10.2
</syntaxhighlight>
|}
|}
==Utility » Install==
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left'|
Utility » Install
|-
|valign='top'|
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
Install » LXD
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
cat << EXE | sudo bash
snap install lxd --channel=6/stable
usermod -aG lxd shahed
EXE
echo 'id -nG' | sudo -i -u shahed bash
</syntaxhighlight>
<syntaxhighlight style='margin:5px 0 3px 0' lang='bash'>
systemctl status ufw
sudo iptables -S
sudo ufw status
</syntaxhighlight>
<syntaxhighlight style='margin:5px 0 3px 0' lang='bash'>
sudo ufw enable
cat << EXE | sudo bash
ufw      allow OpenSSH
ufw      allow in  on lxdbr0
ufw route allow in  on lxdbr0
ufw route allow out on lxdbr0
EXE
sudo ufw status numbered
sudo iptables -S
</syntaxhighlight>
<syntaxhighlight style='margin:5px 0 3px 0' lang='bash'>
cat << EXE | sudo bash
snap restart  lxd
snap services lxd
EXE
</syntaxhighlight>
<syntaxhighlight style='margin:5px 0 3px 0' lang='bash'>
lxc image ls images:alpine
lxc launch  images:alpine/3.23 academia
lxc exec academia -- sh -c 'ping -c5 chorke.org'
lxc exec academia -- sh -c 'ping -c5 shahed.biz'
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='yaml'>
cat <<'YML' | sudo lxd init --preseed
---
config: {}
networks:
- config:
    ipv4.address: 10.20.0.1/24
    ipv4.nat: "true"
    ipv6.address: auto
  description: ""
  name: lxdbr0
  type: ""
  project: default
storage_pools:
- config:
    size: 5GiB
  description: ""
  name: lxd-zfs-pool-aa
  driver: zfs
storage_volumes: []
profiles:
- config: {}
  description: ""
  devices:
    eth0:
      name: eth0
      network: lxdbr0
      type: nic
    root:
      path: /
      pool: lxd-zfs-pool-aa
      type: disk
  name: default
projects: []
cluster: null
YML
</syntaxhighlight>
|}
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
Install » Docker
|-
|valign='top' colspan='2'|
<syntaxhighlight lang='bash'>
curl -fsSL https://download.docker.com/linux/ubuntu/gpg \
| sudo tee /etc/apt/keyrings/docker.asc >/dev/null
DISTRIBUTION=$(. /etc/os-release && echo "${VERSION_CODENAME}")
cat << SRC | sudo tee /etc/apt/sources.list.d/docker.list >/dev/null
deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu ${DISTRIBUTION}  stable
SRC
</syntaxhighlight>
|-
|valign='top' colspan='2'|
<syntaxhighlight lang='bash'>
cat << EXE | sudo bash
apt-get update;echo
apt-cache policy docker-ce
apt list -a --upgradable;apt-get upgrade -y;echo
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
apt-get clean cache && find /tmp -type f,s -atime +10 -delete
EXE
</syntaxhighlight>
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='json'>
cat << EOF | sudo tee /etc/docker/daemon.json >/dev/null
{
    "bip"  : "10.20.13.1/24",
    "mtu"  : 1500,
    "dns"  : [
        "1.1.1.1",
        "8.8.8.8"
    ],
    "debug": true
}
EOF
</syntaxhighlight>
|valign='top' style='width:50%'|
|-
|valign='top'|
<syntaxhighlight lang='bash'>
cat << EXE | sudo bash
systemctl stop  docker.socket
systemctl stop  docker.service
systemctl start docker.service
usermod -aG docker shahed
EXE
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
docker network ls
echo 'id -nG' | sudo -i -u shahed bash
cat <<'EXE'  | docker run --rm -i alpine sh
echo
cat /etc/resolv.conf ;echo
ping -c3 chorke.org  ;echo
EXE
</syntaxhighlight>
|}
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
Install » Pi-hole
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
ssh -i ~/.ssh/cid.chorke.org_ed25519 -qt shahed@192.168.10.2 bash
sudo su
cd /opt/ && wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh
ls -ahl /opt/pihole/
pihole setpassword
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
cat << EXE | sudo bash
ufw allow 53
ufw allow 80/tcp
ufw allow 443/tcp
ufw status numbered
EXE
</syntaxhighlight>
|-
|valign='top' colspan='2'|
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
Pi-hole » Config
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config dns.upstreams
#    pihole-FTL --config dns.upstreams '[]'
sudo pihole-FTL --config dns.upstreams '[
  "1.1.1.1",
  "8.8.8.8"
]'
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config dns.revServers
#    pihole-FTL --config dns.revServers '[]'
sudo pihole-FTL --config dns.revServers '[
  "true,192.168.10.0/24,192.168.10.2,biz.otg",
  "true,192.168.49.0/24,192.168.49.110,biz.ops"
]'
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config dns.hosts
#    pihole-FTL --config dns.hosts '[]'
sudo pihole-FTL --config dns.hosts '[
  "10.20.40.1          aa.shahed.shahed.biz.otg",
  "10.20.40.2          aa.shahed.shahed.biz.otg",
  "10.20.41.1        aa.hetzner.shahed.biz.otg",
  "10.20.41.2        ab.hetzner.shahed.biz.otg",
  "192.168.10.1              gw.shahed.biz.otg",
  "192.168.10.3              ab.shahed.biz.otg",
  "192.168.10.4              ac.shahed.biz.otg",
  "192.168.10.2              ns0.shahed.biz.otg",
  "192.168.49.110            ns0.shahed.biz.ops",
  "192.168.49.102          pgsql.shahed.biz.ops",
  "192.168.49.100          kafka.shahed.biz.ops",
  "192.168.49.101        mariadb.shahed.biz.ops"
]'
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config misc.dnsmasq_lines
#    pihole-FTL --config misc.dnsmasq_lines '[]'
sudo pihole-FTL --config misc.dnsmasq_lines '[
  "address=/biz.otg/192.168.10.2",
  "address=/com.otg/192.168.10.2",
  "address=/org.otg/192.168.10.2",
  "address=/bd.ops/192.168.49.110",
  "address=/io.ops/192.168.49.110",
  "address=/my.ops/192.168.49.110",
  "address=/biz.ops/192.168.49.110",
  "address=/com.ops/192.168.49.110",
  "address=/k8s.ops/192.168.49.110",
  "address=/org.ops/192.168.49.110",
  "address=/group.ops/192.168.49.110",
  "dhcp-option=6,192.168.10.1"
]'
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config dns.cnameRecords
#    pihole-FTL --config dns.cnameRecords '[]'
sudo pihole-FTL --config dns.cnameRecords '[
  "bd.ops,ns0.shahed.biz.ops",
  "io.ops,ns0.shahed.biz.ops",
  "my.ops,ns0.shahed.biz.ops",
  "biz.ops,ns0.shahed.biz.ops",
  "com.ops,ns0.shahed.biz.ops",
  "k8s.ops,ns0.shahed.biz.ops",
  "org.ops,ns0.shahed.biz.ops",
  "biz.otg,ns0.shahed.biz.otg",
  "group.ops,ns0.shahed.biz.ops",
  "k8s.shahed.biz.ops,www.k8s.ops",
  "host.shahed.biz.ops,host.k8s.ops",
  "dev.shahed.biz,ns0.shahed.biz.ops",
  "pihole.shahed.biz.ops,ns0.shahed.biz.ops",
  "psql.shahed.biz.ops,pgsql.shahed.biz.ops",
  "mysql.shahed.biz.ops,mariadb.shahed.biz.ops"
]'
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d false
nslookup          ab.shahed.biz.otg
nslookup      kafka.shahed.biz.ops
nslookup    mariadb.shahed.biz.ops
ping -c3    192.168.10.1
ping -c3    192.168.10.2
dig  +short @192.168.10.2  -x 192.168.10.1
dig  +short @192.168.10.2      gw.shahed.biz.otg
ping -c3    192.168.49.110
dig  +short @192.168.49.110 -x 192.168.49.110
dig  +short @192.168.49.110    pihole.shahed.biz.ops
ping -c3    192.168.49.100
dig  +short @192.168.49.110 -x 192.168.49.100
dig  +short @192.168.49.110    kafka.shahed.biz.ops
</syntaxhighlight>
|}
{|class='wikitable mw-collapsible mw-collapsed'
!scope='col' style='text-align:left' colspan='2'|
Pi-hole » Config » Legacy
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
echo;\
sudo cat /etc/addn-hosts;
cat <<'INI' | \
sudo tee /etc/addn-hosts >/dev/null
10.20.40.1          aa.shahed.shahed.biz.otg
10.20.40.2          aa.shahed.shahed.biz.otg
10.20.41.1        aa.hetzner.shahed.biz.otg
10.20.41.2        ab.hetzner.shahed.biz.otg
192.168.10.1              gw.shahed.biz.otg
192.168.10.3              ab.shahed.biz.otg
192.168.10.4              ac.shahed.biz.otg
192.168.10.2              ns0.shahed.biz.otg
192.168.49.110            ns0.shahed.biz.ops
192.168.49.102          pgsql.shahed.biz.ops
192.168.49.100          kafka.shahed.biz.ops
192.168.49.101        mariadb.shahed.biz.ops
192.168.49.103      pgbouncer.shahed.biz.ops
INI
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
echo;\
sudo cat /etc/dnsmasq.d/02-custom.conf;
cat <<'INI' | \
sudo tee /etc/dnsmasq.d/02-custom.conf >/dev/null
addn-hosts=/etc/addn-hosts
address=/biz.otg/192.168.10.2
address=/com.otg/192.168.10.2
address=/org.otg/192.168.10.2
address=/bd.ops/192.168.49.110
address=/io.ops/192.168.49.110
address=/my.ops/192.168.49.110
address=/biz.ops/192.168.49.110
address=/com.ops/192.168.49.110
address=/k8s.ops/192.168.49.110
address=/org.ops/192.168.49.110
address=/group.ops/192.168.49.110
dhcp-option=6,192.168.10.1
INI
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
echo;\
sudo cat /etc/dnsmasq.d/05-pihole-custom-cname.conf;
cat <<'INI' | \
sudo tee /etc/dnsmasq.d/05-pihole-custom-cname.conf >/dev/null
cname=bd.ops,ns0.shahed.biz.ops
cname=io.ops,ns0.shahed.biz.ops
cname=my.ops,ns0.shahed.biz.ops
cname=biz.ops,ns0.shahed.biz.ops
cname=com.ops,ns0.shahed.biz.ops
cname=k8s.ops,ns0.shahed.biz.ops
cname=org.ops,ns0.shahed.biz.ops
cname=biz.otg,ns0.shahed.biz.otg
cname=group.ops,ns0.shahed.biz.ops
cname=k8s.shahed.biz.ops,www.k8s.ops
cname=host.shahed.biz.ops,host.k8s.ops
cname=dev.shahed.biz,ns0.shahed.biz.ops
cname=pihole.shahed.biz.ops,ns0.shahed.biz.ops
cname=psql.shahed.biz.ops,pgsql.shahed.biz.ops
cname=mysql.shahed.biz.ops,mariadb.shahed.biz.ops
INI
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d true
nslookup          ab.shahed.biz.otg
nslookup      kafka.shahed.biz.ops
nslookup    mariadb.shahed.biz.ops
ping -c3    192.168.10.1
ping -c3    192.168.10.2
dig  +short @192.168.10.2  -x 192.168.10.1
dig  +short @192.168.10.2      gw.shahed.biz.otg
ping -c3    192.168.49.110
dig  +short @192.168.49.110 -x 192.168.49.110
dig  +short @192.168.49.110    pihole.shahed.biz.ops
ping -c3    192.168.49.100
dig  +short @192.168.49.110 -x 192.168.49.100
dig  +short @192.168.49.110    kafka.shahed.biz.ops
</syntaxhighlight>
|}
|}
|}
==Playground==
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
Playground
|-
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mIsolation:\e[0m\n:'
sudo pihole-FTL --config webserver.port
sudo pihole-FTL --config webserver.port "127.0.0.1:8080"
</syntaxhighlight>
|valign='top' style='width:50%'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config webserver.port
sudo pihole-FTL --config webserver.port "80o,443os,[::]:80o,[::]:443os"
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d true
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
echo ;\
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d false
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config dns.cnameRecords
sudo cat /etc/dnsmasq.d/05-pihole-custom-cname.conf
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.dnsmasq_lines
sudo cat /etc/dnsmasq.d/02-custom.conf
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config dns.hosts
sudo cat /etc/pihole/hosts/custom.list
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config dns.hosts
sudo cat /etc/addn-hosts
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
sudo systemctl restart pihole-FTL
sudo pihole networkflush
sudo pihole reloadlists
sudo pihole reloaddns
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
sudo cat /etc/pihole/migration_backup/adlists.list
sudo cat /etc/pihole/hosts/custom.list
sudo cat /etc/pihole/dnsmasq.conf
sudo cat /etc/pihole/pihole.toml
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
# pihole » domain  » list » allow
sudo pihole allow gitlab.shahed.biz
sudo pihole reloaddns
sudo pihole allow -l
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
# pihole » domain  » list » allow » delete
sudo pihole allow gitlab.shahed.biz -d
sudo pihole reloaddns
sudo pihole allow -l
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
# pihole » domain  » list » allow » wild
sudo pihole --allow-wild shahed.biz
sudo pihole --allow-wild -l
sudo pihole reloaddns
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
# pihole » domain  » list » allow » wild » delete
sudo pihole --allow-wild shahed.biz -d
sudo pihole --allow-wild -l
sudo pihole reloaddns
</syntaxhighlight>
|-
|valign='top'|
<syntaxhighlight lang='bash'>
cat <<'EXE' | sudo bash
echo
while read -r domain; do
  pihole --allow-wild ${domain} || true
done <<'DNS'
cloudflareinsights.com
cloudflareclient.com
alpinelinux.org
finology.com.my
xpresscover.io
loanstreet.my
DNS
echo ; pihole --allow-wild -l
echo ; pihole  allow      -l
echo ; pihole reloaddns
EXE
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
cat <<'EXE' | sudo bash
echo
while read -r domain; do
  pihole --allow-wild ${domain} || true
done <<'DNS'
snapcraft.io
bmet.gov.bd
chorke.com
chorke.org
github.com
shahed.biz
DNS
echo ; pihole --allow-wild -l
echo ; pihole  allow      -l
echo ; pihole reloaddns
EXE
</syntaxhighlight>
|}
|}


==References==
==References==
{|class='wikitable mw-collapsible' style='width:100%;margin:3px 0'
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='3'|
!scope='col' style='text-align:left' colspan='3'|
References
References
|-
|-
|valign='top' style='width:33%'|
|valign='top' style='width:33%'|
* [[Raspberry Pi/5 16GB/Debian/13|Raspberry Pi » 5 16GB » Debian » 13]]
* [https://downloads.raspberrypi.com/imager/ Raspberry Pi » Download]
* [https://downloads.raspberrypi.com/imager/ Raspberry Pi » Download]
* [https://www.raspberrypi.com/software/ Raspberry Pi]
* [https://www.raspberrypi.com/software/ Raspberry Pi]
Line 471: Line 1,123:


|valign='top' style='width:34%'|
|valign='top' style='width:34%'|
* [[Raspberry Pi Authoritative DNS Server|Bind9 » Authoritative DNS Server]]
* [[Raspberry Pi Secondary DNS Server|Bind9 » Secondary DNS Server]]


|valign='top' style='width:33%'|
|valign='top' style='width:33%'|
* [https://docs.pi-hole.net/ftldns/dns-cache/ Pi-Hole » DNS Cache]
* [https://pi-hole.net/blog/2025/02/18/introducing-pi-hole-v6/ Pi-Hole » v6 » Intro]


|-
|-
Line 500: Line 1,156:


|valign='top'|
|valign='top'|
* [[OpenWrt/Cudy/TR3000|OpenWrt » Cudy » TR3000]]
* [[Diagram/Kroki|Diagram » Kroki]]
* [[Diagram]]
* [[K9s]]


|}
|}

Latest revision as of 00:48, 19 January 2026

lsblk
:'
sdb           8:16   1  29.8G  0 disk 
├─sdb1        8:17   1   512M  0 part /media/shahed/system-boot
└─sdb2        8:18   1  29.3G  0 part /media/shahed/writable
'

ls -alh /media/${USER}/system-boot/{ssh,{config,cmdline}.txt}
:'
-rw-r--r-- 1 shahed shahed  170 Dec 30 01:03 /media/shahed/system-boot/cmdline.txt
-rw-r--r-- 1 shahed shahed 1.8K Dec 29 21:13 /media/shahed/system-boot/config.txt
-rw-r--r-- 1 shahed shahed    0 Dec 29 17:45 /media/shahed/system-boot/ssh
'

ls -lah /media/${USER}/writable/etc/netplan/
:'
total 12K
drwxr-xr-x   2 root root 4.0K Dec 30 08:29 .
drwxr-xr-x 108 root root 4.0K Dec 29 20:55 ..
-rw-------   1 root root  262 Dec 29 17:22 50-cloud-init.yaml
'

ls -lah /media/${USER}/writable/etc/udev/rules.d/
:'
total 72K
drwxr-xr-x 2 root root 4.0K Aug  6 01:00 .
drwxr-xr-x 4 root root 4.0K Dec 29 20:47 ..
-rw-r--r-- 1 root root  62K Aug  6 01:00 70-snap.snapd.rules
'

system-boot » config.txt 

cat /media/${USER}/system-boot/config.txt && echo
<<-'TXT'
[all]
arm_64bit=1
kernel=vmlinuz
cmdline=cmdline.txt
initramfs initrd.img followkernel

# Enable the audio output, I2C and SPI interfaces on the GPIO header. As these
# parameters related to the base device-tree they must appear *before* any
# other dtoverlay= specification
dtparam=audio=on
dtparam=i2c_arm=on
dtparam=spi=on

# Comment out the following line if the edges of the desktop appear outside
# the edges of your display
disable_overscan=1

# If you have issues with audio, you may try uncommenting the following line
# which forces the HDMI output into HDMI mode instead of DVI (which doesn't
# support audio output)
#hdmi_drive=2

# Enable the KMS ("full" KMS) graphics overlay, leaving GPU memory as the
# default (the kernel is in control of graphics memory with full KMS)
dtoverlay=vc4-kms-v3d
disable_fw_kms_setup=1

# Enable the serial pins
enable_uart=1

# Autoload overlays for any recognized cameras or displays that are attached
# to the CSI/DSI ports. Please note this is for libcamera support, *not* for
# the legacy camera stack
camera_auto_detect=1
display_auto_detect=1

# Config settings specific to arm64
dtoverlay=dwc2

[pi4]
max_framebuffers=2
arm_boost=1

[pi3+]
# Use a smaller contiguous memory area, specifically on the 3A+ to avoid an
# OOM oops on boot. The 3B+ is also affected by this section, but it shouldn't
# cause any issues on that board
dtoverlay=vc4-kms-v3d,cma-128

[pi02]
# The Zero 2W is another 512MB board which is occasionally affected by the same
# OOM oops on boot.
dtoverlay=vc4-kms-v3d,cma-128

[cm4]
# Enable the USB2 outputs on the IO board (assuming your CM4 is plugged into
# such a board)
dtoverlay=dwc2,dr_mode=host

[all]
TXT

system-boot » cmdline.txt 

cat /media/${USER}/system-boot/cmdline.txt && echo
:'
console=serial0,115200 multipath=off dwc_otg.lpm_enable=0 console=tty1 root=LABEL=writable rootfstype=ext4 rootwait fixrtc cfg80211.ieee80211_regdom=MY
'

SD Card » Pre-Boot

SD Card » Pre-Boot

system-boot » config.txt 

cat <<'INI' | tee -a /media/${USER}/system-boot/config.txt >/dev/null
dtoverlay=dwc2

# Enable Heartbeat LED
dtparam=pwr_led_trigger=heartbeat
dtparam=act_led_trigger=heartbeat
INI

lsmod | grep -E 'dwc2|g_ether'
dmesg | grep -E 'dwc2'




sudo dtoverlay dwc2

system-boot » cmdline.txt 

# modules-load=dwc2

cat <<'INI' | tee /media/${USER}/system-boot/cmdline.txt >/dev/null
console=serial0,115200 multipath=off dwc_otg.lpm_enable=0 console=tty1 root=LABEL=writable rootfstype=ext4 rootwait modules-load=dwc2 fixrtc cfg80211.ieee80211_regdom=MY
INI

# modules-load=dwc2,g_ether

cat <<'INI' | tee /media/${USER}/system-boot/cmdline.txt >/dev/null
console=serial0,115200 multipath=off dwc_otg.lpm_enable=0 console=tty1 root=LABEL=writable rootfstype=ext4 rootwait modules-load=dwc2,g_ether fixrtc cfg80211.ieee80211_regdom=MY
INI

# modules-load=dwc2,g_ether
# g_ether.host_addr=12:a5:cf:42:92:fd
# g_ether.dev_addr=5e:bc:ca:27:92:b1

cat <<'INI' | tee /media/${USER}/system-boot/cmdline.txt >/dev/null
console=serial0,115200 multipath=off dwc_otg.lpm_enable=0 console=tty1 root=LABEL=writable rootfstype=ext4 rootwait modules-load=dwc2,g_ether fixrtc cfg80211.ieee80211_regdom=MY g_ether.host_addr=12:a5:cf:42:92:fd g_ether.dev_addr=5e:bc:ca:27:92:b1
INI

writable » 10-usb-wan.yaml 

ls -lah            /media/${USER}/writable/etc/netplan/
cat <<'YML' | sudo /media/${USER}/writable/etc/netplan/10-usb-wan.yaml >/dev/null
---
network:
  version: 2
  renderer: networkd
  ethernets:
    usb0:
      dhcp4: false
      addresses:
        - 192.168.10.2/24
      routes:
        - to: default
          via: 192.168.10.1
      nameservers:
        addresses:
          - 192.168.10.1
          - 8.8.8.8
      optional: true
YML
sudo chmod 600 /media/${USER}/writable/etc/netplan/10-usb-wan.yaml

sudo netplan try --timeout 60
sudo netplan generate
sudo netplan apply















sudo ip add show usb0
ping -c3 192.168.10.1
ping -c3 192.168.10.2

writable » 99-usb-gadget.yaml 

ls -lah                /media/${USER}/writable/etc/netplan/
cat <<'YML' | sudo tee /media/${USER}/writable/etc/netplan/99-usb-gadget.yaml >/dev/null
---
network:
  version: 2
  renderer: networkd
  ethernets:
    usb0:
      dhcp4: no
      addresses:
        - 192.168.8.2/24
      optional: true
YML
sudo chmod 600 /media/${USER}/writable/etc/netplan/99-usb-gadget.yaml

sudo netplan try --timeout 60
sudo netplan generate
sudo netplan apply

sudo ip add show usb0
ping -c3 192.168.8.1

ETH_USB0="$(ip -o link show | grep '12:a5:cf:42:92:fd' | awk -F': ' '{print $2}')"
sudo ip addr add 192.168.8.1/24 dev "${ETH_USB0}"
sudo ip link set  "${ETH_USB0}" up
sudo ip addr show "${ETH_USB0}"

ping -c3 192.168.8.2
ping -c3 192.168.8.1

writable » 70-usb-gadget-net.rules 

ls -lah                /media/${USER}/writable/etc/udev/rules.d/
cat <<'INI' | sudo tee /media/${USER}/writable/etc/udev/rules.d/70-usb-gadget-net.rules >/dev/null
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="5e:bc:ca:27:92:b1", NAME="usb0"
INI

sudo chmod 644 /media/${USER}/writable/etc/udev/rules.d/70-usb-gadget-net.rules

sudo udevadm control --reload
sudo udevadm trigger


sudo ip add show usb0
ping -c3 192.168.8.1

SD Card » Post-Boot

SD Card » Post-Boot

Post-Boot » Swapfile 

cat <<'EXE' | sudo bash
swapoff /swapfile
fallocate -l 1G /swapfile
ls -lh /swapfile && mkswap /swapfile
chmod 0600 /swapfile && swapon /swapfile && swapon --show && free -th
EXE

cat << FST | sudo tee -a /etc/fstab >/dev/null
# Loopback Swap Space » 512Mi + 512Mi 
/swapfile              none            swap    sw              0       0
FST

sudo mount -a

Post-Boot » 10-usb-wan.yaml 

ls -lah            /etc/netplan/
cat <<'YML' | sudo /etc/netplan/10-usb-wan.yaml >/dev/null
---
network:
  version: 2
  renderer: networkd
  ethernets:
    usb0:
      dhcp4: false
      addresses:
        - 192.168.10.2/24
      routes:
        - to: default
          via: 192.168.10.1
      nameservers:
        addresses:
          - 192.168.10.1
          - 8.8.8.8
      optional: true
YML
sudo chmod 600 /etc/netplan/10-usb-wan.yaml

sudo netplan try --timeout 60
sudo netplan generate
sudo netplan apply















sudo ip add show usb0
ping -c3 192.168.10.1
ping -c3 192.168.10.2

Post-Boot » 99-usb-gadget.yaml 

ls -lah                /etc/netplan/
cat <<'YML' | sudo tee /etc/netplan/99-usb-gadget.yaml >/dev/null
---
network:
  version: 2
  renderer: networkd
  ethernets:
    usb0:
      dhcp4: no
      addresses:
        - 192.168.8.2/24
      optional: true
YML
sudo chmod 600 /etc/netplan/99-usb-gadget.yaml

sudo netplan try --timeout 60
sudo netplan generate
sudo netplan apply

sudo ip add show usb0
ping -c3 192.168.8.1

ETH_USB0="$(ip -o link show | grep '12:a5:cf:42:92:fd' | awk -F': ' '{print $2}')"
sudo ip addr add 192.168.8.1/24 dev "${ETH_USB0}"
sudo ip link set  "${ETH_USB0}" up
sudo ip addr show "${ETH_USB0}"

ping -c3 192.168.8.2
ping -c3 192.168.8.1

Post-Boot » 70-usb-gadget-net.rules 

ls -lah                /etc/udev/rules.d/
cat <<'INI' | sudo tee /etc/udev/rules.d/70-usb-gadget-net.rules >/dev/null
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="5e:bc:ca:27:92:b1", NAME="usb0"
INI

sudo chmod 644 /etc/udev/rules.d/70-usb-gadget-net.rules

sudo udevadm control --reload
sudo udevadm trigger


sudo ip add show usb0
ping -c3 192.168.8.1

Host » Ethernet » USB0

Host » Ethernet » USB0

Host » 70-pi-usb-net.rules 

ls -lah                /etc/udev/rules.d/
cat <<'INI' | sudo tee /etc/udev/rules.d/70-pi-usb-net.rules >/dev/null
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="12:a5:cf:42:92:fd", NAME="usb0"
INI

sudo chmod 644 /etc/udev/rules.d/70-pi-usb-net.rules

sudo udevadm control --reload
sudo udevadm trigger


sudo ip add show usb0
ping -c3 192.168.8.1

Host » 20-usb0.network » Match » MAC 

ls -lah                /etc/systemd/network/
cat <<'INI' | sudo tee /etc/systemd/network/20-usb0.network >/dev/null
[Match]
MACAddress=12:a5:cf:42:92:fd

[Network]
Address=192.168.8.1/24
INI
sudo chown root:root /etc/systemd/network/20-usb0.network
sudo chmod 644       /etc/systemd/network/20-usb0.network

ls -l /etc/systemd/network/20-usb0.network
sudo systemctl restart systemd-networkd
networkctl status usb0
ip addr show usb0
networkctl list



ping -c3 192.168.10.1
ping -c3 192.168.10.2

Host » 20-usb0.network » Match » Name 

ls -lah                /etc/systemd/network/
cat <<'INI' | sudo tee /etc/systemd/network/20-usb0.network >/dev/null
[Match]
Name=usb0

[Link]
MACAddress=12:a5:cf:42:92:fd

[Network]
Address=192.168.8.1/24
INI
sudo chown root:root /etc/systemd/network/20-usb0.network
sudo chmod 644       /etc/systemd/network/20-usb0.network

ls -l /etc/systemd/network/20-usb0.network
sudo systemctl restart systemd-networkd
networkctl status usb0
ip addr show usb0
networkctl list






ping -c3 192.168.10.1
ping -c3 192.168.10.2

Utility » Install

Utility » Install

Install » LXD 

cat << EXE | sudo bash
snap install lxd --channel=6/stable
usermod -aG lxd shahed
EXE
echo 'id -nG' | sudo -i -u shahed bash

systemctl status ufw
sudo iptables -S
sudo ufw status

sudo ufw enable

cat << EXE | sudo bash
ufw       allow OpenSSH
ufw       allow in  on lxdbr0
ufw route allow in  on lxdbr0
ufw route allow out on lxdbr0
EXE

sudo ufw status numbered
sudo iptables -S

cat << EXE | sudo bash
snap restart  lxd
snap services lxd
EXE

lxc image ls images:alpine
lxc launch   images:alpine/3.23 academia
lxc exec academia -- sh -c 'ping -c5 chorke.org'
lxc exec academia -- sh -c 'ping -c5 shahed.biz'

cat <<'YML' | sudo lxd init --preseed
---
config: {}
networks:
- config:
    ipv4.address: 10.20.0.1/24
    ipv4.nat: "true"
    ipv6.address: auto
  description: ""
  name: lxdbr0
  type: ""
  project: default
storage_pools:
- config:
    size: 5GiB
  description: ""
  name: lxd-zfs-pool-aa
  driver: zfs
storage_volumes: []
profiles:
- config: {}
  description: ""
  devices:
    eth0:
      name: eth0
      network: lxdbr0
      type: nic
    root:
      path: /
      pool: lxd-zfs-pool-aa
      type: disk
  name: default
projects: []
cluster: null
YML

Install » Docker 

curl -fsSL https://download.docker.com/linux/ubuntu/gpg \
| sudo tee /etc/apt/keyrings/docker.asc >/dev/null

DISTRIBUTION=$(. /etc/os-release && echo "${VERSION_CODENAME}")
cat << SRC | sudo tee /etc/apt/sources.list.d/docker.list >/dev/null
deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu ${DISTRIBUTION}  stable
SRC

cat << EXE | sudo bash
apt-get update;echo
apt-cache policy docker-ce
apt list -a --upgradable;apt-get upgrade -y;echo
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
apt-get clean cache && find /tmp -type f,s -atime +10 -delete
EXE

cat << EOF | sudo tee /etc/docker/daemon.json >/dev/null
{
    "bip"  : "10.20.13.1/24",
    "mtu"  : 1500,
    "dns"  : [
        "1.1.1.1",
        "8.8.8.8"
    ],
    "debug": true
}
EOF

cat << EXE | sudo bash
systemctl stop  docker.socket
systemctl stop  docker.service
systemctl start docker.service

usermod -aG docker shahed
EXE

docker network ls
echo 'id -nG' | sudo -i -u shahed bash
cat <<'EXE'   | docker run --rm -i alpine sh
echo
cat /etc/resolv.conf ;echo
ping -c3 chorke.org  ;echo
EXE

Install » Pi-hole 

ssh -i ~/.ssh/cid.chorke.org_ed25519 -qt shahed@192.168.10.2 bash
sudo su

cd /opt/ && wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh
ls -ahl /opt/pihole/
pihole setpassword

cat << EXE | sudo bash
ufw allow 53
ufw allow 80/tcp
ufw allow 443/tcp

ufw status numbered 
EXE

Pi-hole » Config 

echo ;\
sudo pihole-FTL --config dns.upstreams
#    pihole-FTL --config dns.upstreams '[]'
sudo pihole-FTL --config dns.upstreams '[
  "1.1.1.1",
  "8.8.8.8"
]'

echo ;\
sudo pihole-FTL --config dns.revServers
#    pihole-FTL --config dns.revServers '[]'
sudo pihole-FTL --config dns.revServers '[
  "true,192.168.10.0/24,192.168.10.2,biz.otg",
  "true,192.168.49.0/24,192.168.49.110,biz.ops"
]'

echo ;\
sudo pihole-FTL --config dns.hosts
#    pihole-FTL --config dns.hosts '[]'
sudo pihole-FTL --config dns.hosts '[
  "10.20.40.1          aa.shahed.shahed.biz.otg",
  "10.20.40.2          aa.shahed.shahed.biz.otg",
  "10.20.41.1         aa.hetzner.shahed.biz.otg",
  "10.20.41.2         ab.hetzner.shahed.biz.otg",
  "192.168.10.1               gw.shahed.biz.otg",
  "192.168.10.3               ab.shahed.biz.otg",
  "192.168.10.4               ac.shahed.biz.otg",
  "192.168.10.2              ns0.shahed.biz.otg",
  "192.168.49.110            ns0.shahed.biz.ops",
  "192.168.49.102          pgsql.shahed.biz.ops",
  "192.168.49.100          kafka.shahed.biz.ops",
  "192.168.49.101        mariadb.shahed.biz.ops"
]'

echo ;\
sudo pihole-FTL --config misc.dnsmasq_lines
#    pihole-FTL --config misc.dnsmasq_lines '[]'
sudo pihole-FTL --config misc.dnsmasq_lines '[
  "address=/biz.otg/192.168.10.2",
  "address=/com.otg/192.168.10.2",
  "address=/org.otg/192.168.10.2",
  "address=/bd.ops/192.168.49.110",
  "address=/io.ops/192.168.49.110",
  "address=/my.ops/192.168.49.110",
  "address=/biz.ops/192.168.49.110",
  "address=/com.ops/192.168.49.110",
  "address=/k8s.ops/192.168.49.110",
  "address=/org.ops/192.168.49.110",
  "address=/group.ops/192.168.49.110",
  "dhcp-option=6,192.168.10.1"
]'

echo ;\
sudo pihole-FTL --config dns.cnameRecords
#    pihole-FTL --config dns.cnameRecords '[]'
sudo pihole-FTL --config dns.cnameRecords '[
  "bd.ops,ns0.shahed.biz.ops",
  "io.ops,ns0.shahed.biz.ops",
  "my.ops,ns0.shahed.biz.ops",
  "biz.ops,ns0.shahed.biz.ops",
  "com.ops,ns0.shahed.biz.ops",
  "k8s.ops,ns0.shahed.biz.ops",
  "org.ops,ns0.shahed.biz.ops",
  "biz.otg,ns0.shahed.biz.otg",
  "group.ops,ns0.shahed.biz.ops",
  "k8s.shahed.biz.ops,www.k8s.ops",
  "host.shahed.biz.ops,host.k8s.ops",
  "dev.shahed.biz,ns0.shahed.biz.ops",
  "pihole.shahed.biz.ops,ns0.shahed.biz.ops",
  "psql.shahed.biz.ops,pgsql.shahed.biz.ops",
  "mysql.shahed.biz.ops,mariadb.shahed.biz.ops"
]'

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d false

nslookup          ab.shahed.biz.otg
nslookup       kafka.shahed.biz.ops
nslookup     mariadb.shahed.biz.ops

ping -c3     192.168.10.1
ping -c3     192.168.10.2
dig  +short @192.168.10.2   -x 192.168.10.1
dig  +short @192.168.10.2      gw.shahed.biz.otg

ping -c3     192.168.49.110
dig  +short @192.168.49.110 -x 192.168.49.110
dig  +short @192.168.49.110    pihole.shahed.biz.ops

ping -c3     192.168.49.100
dig  +short @192.168.49.110 -x 192.168.49.100
dig  +short @192.168.49.110    kafka.shahed.biz.ops

Pi-hole » Config » Legacy 

echo;\
sudo cat /etc/addn-hosts;
cat <<'INI' | \
sudo tee /etc/addn-hosts >/dev/null
10.20.40.1          aa.shahed.shahed.biz.otg
10.20.40.2          aa.shahed.shahed.biz.otg
10.20.41.1         aa.hetzner.shahed.biz.otg
10.20.41.2         ab.hetzner.shahed.biz.otg
192.168.10.1               gw.shahed.biz.otg
192.168.10.3               ab.shahed.biz.otg
192.168.10.4               ac.shahed.biz.otg
192.168.10.2              ns0.shahed.biz.otg
192.168.49.110            ns0.shahed.biz.ops
192.168.49.102          pgsql.shahed.biz.ops
192.168.49.100          kafka.shahed.biz.ops
192.168.49.101        mariadb.shahed.biz.ops
192.168.49.103      pgbouncer.shahed.biz.ops
INI

echo;\
sudo cat /etc/dnsmasq.d/02-custom.conf;
cat <<'INI' | \
sudo tee /etc/dnsmasq.d/02-custom.conf >/dev/null
addn-hosts=/etc/addn-hosts
address=/biz.otg/192.168.10.2
address=/com.otg/192.168.10.2
address=/org.otg/192.168.10.2
address=/bd.ops/192.168.49.110
address=/io.ops/192.168.49.110
address=/my.ops/192.168.49.110
address=/biz.ops/192.168.49.110
address=/com.ops/192.168.49.110
address=/k8s.ops/192.168.49.110
address=/org.ops/192.168.49.110
address=/group.ops/192.168.49.110
dhcp-option=6,192.168.10.1
INI

echo;\
sudo cat /etc/dnsmasq.d/05-pihole-custom-cname.conf;
cat <<'INI' | \
sudo tee /etc/dnsmasq.d/05-pihole-custom-cname.conf >/dev/null
cname=bd.ops,ns0.shahed.biz.ops
cname=io.ops,ns0.shahed.biz.ops
cname=my.ops,ns0.shahed.biz.ops
cname=biz.ops,ns0.shahed.biz.ops
cname=com.ops,ns0.shahed.biz.ops
cname=k8s.ops,ns0.shahed.biz.ops
cname=org.ops,ns0.shahed.biz.ops
cname=biz.otg,ns0.shahed.biz.otg
cname=group.ops,ns0.shahed.biz.ops
cname=k8s.shahed.biz.ops,www.k8s.ops
cname=host.shahed.biz.ops,host.k8s.ops
cname=dev.shahed.biz,ns0.shahed.biz.ops
cname=pihole.shahed.biz.ops,ns0.shahed.biz.ops
cname=psql.shahed.biz.ops,pgsql.shahed.biz.ops
cname=mysql.shahed.biz.ops,mariadb.shahed.biz.ops
INI

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d true

nslookup          ab.shahed.biz.otg
nslookup       kafka.shahed.biz.ops
nslookup     mariadb.shahed.biz.ops

ping -c3     192.168.10.1
ping -c3     192.168.10.2
dig  +short @192.168.10.2   -x 192.168.10.1
dig  +short @192.168.10.2      gw.shahed.biz.otg

ping -c3     192.168.49.110
dig  +short @192.168.49.110 -x 192.168.49.110
dig  +short @192.168.49.110    pihole.shahed.biz.ops

ping -c3     192.168.49.100
dig  +short @192.168.49.110 -x 192.168.49.100
dig  +short @192.168.49.110    kafka.shahed.biz.ops

Playground

Playground 

printf '\n\e[1;37mIsolation:\e[0m\n:'
sudo pihole-FTL --config webserver.port
sudo pihole-FTL --config webserver.port "127.0.0.1:8080"

echo ;\
sudo pihole-FTL --config webserver.port
sudo pihole-FTL --config webserver.port "80o,443os,[::]:80o,[::]:443os"

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d true

echo ;\
sudo pihole-FTL --config misc.etc_dnsmasq_d
sudo pihole-FTL --config misc.etc_dnsmasq_d false

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config dns.cnameRecords
sudo cat /etc/dnsmasq.d/05-pihole-custom-cname.conf

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config misc.dnsmasq_lines
sudo cat /etc/dnsmasq.d/02-custom.conf

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config dns.hosts
sudo cat /etc/pihole/hosts/custom.list

printf '\n\e[1;37mCompatibility:\e[0m\n:'
sudo pihole-FTL --config dns.hosts
sudo cat /etc/addn-hosts

sudo systemctl restart pihole-FTL
sudo pihole networkflush
sudo pihole reloadlists
sudo pihole reloaddns

sudo cat /etc/pihole/migration_backup/adlists.list
sudo cat /etc/pihole/hosts/custom.list
sudo cat /etc/pihole/dnsmasq.conf
sudo cat /etc/pihole/pihole.toml

# pihole » domain  » list » allow
sudo pihole allow gitlab.shahed.biz
sudo pihole reloaddns
sudo pihole allow -l

# pihole » domain  » list » allow » delete
sudo pihole allow gitlab.shahed.biz -d
sudo pihole reloaddns
sudo pihole allow -l

# pihole » domain  » list » allow » wild
sudo pihole --allow-wild shahed.biz
sudo pihole --allow-wild -l
sudo pihole reloaddns

# pihole » domain  » list » allow » wild » delete
sudo pihole --allow-wild shahed.biz -d
sudo pihole --allow-wild -l
sudo pihole reloaddns

cat <<'EXE' | sudo bash
echo
while read -r domain; do
  pihole --allow-wild ${domain} || true
done <<'DNS'
cloudflareinsights.com
cloudflareclient.com
alpinelinux.org
finology.com.my
xpresscover.io
loanstreet.my
DNS

echo ; pihole --allow-wild -l
echo ; pihole   allow      -l
echo ; pihole reloaddns
EXE

cat <<'EXE' | sudo bash
echo
while read -r domain; do
  pihole --allow-wild ${domain} || true
done <<'DNS'
snapcraft.io
bmet.gov.bd
chorke.com
chorke.org
github.com
shahed.biz
DNS

echo ; pihole --allow-wild -l
echo ; pihole   allow      -l
echo ; pihole reloaddns
EXE

References

References

Retrieved from "https://wiki.chorke.org/index.php?title=Raspberry_Pi/Zero_2W/Ubuntu/24.04&oldid=16180"