This is more of note/ checklist to myself so might not be very useful to others. I figure I should note these steps somewhere for the next time I setup a Raspberry Pi (4 in my case). I tend to set them up headless.
- If I don’t plan on using a wired connection I must setup Wi-Fi before hand. Create a file called
wpa_supplicant.conf
and put it in the root of the SD card. See this page for a file you can copy and modify. - Create a file called
SSH
in the root of the SD card to enable SSH access. - Default username/ password is pi/ raspberry.
- If you have mDNS enabled (example you are on macOS) then the name
raspberrypi.local
will point to the IP of the Pi. Else find the IP via your router’s DHCP page, or Nmap. More ideas on this page. - Change the password for the pi user. (Command is
passwd
). - Create a user using
useradd
. For example:sudo useradd -u 1001 -g users -c "Rakhesh Sasidharan" -G sudo -m rakhesh
- The above command creates a user called “rakhesh” with user ID 1001 (I specify a user ID to keep this account consistent with my other devices; you could skip it) and a member of the group “users” and additional group “sudo”. Also, create the home directory.
- Change this user’s password:
sudo passwd rakhesh
- Now SSH in as this user.
- Copy your SSH public key over to the Pi (see next step). Or generate a fresh one:
ssh-keygen -t ed25519 -C "rakhesh@machine" -f ~/.ssh/id_ed25519-pi
- The above command creates a new key of type ED25519 and stores it in a file called ~/.ssh/id_ed25519-pi. I like having separate keys for various devices. The key has a comment “rakhesh@machine” so I know which machine it belongs to when I add it to the Pi (see next step).
- On the Pi create a directory called ~/.ssh and change its permissions (
mkdir ~/.ssh && chmod go-rwx .ssh
) then create a file called~/.authorized_keys
and copy the public key there. - Set the hostname (with fqdn) by adding it to
/etc/hostname
. - Add the short hostname and hostname with fqdn in
/etc/hosts
against 127.0.0.1.- If you want to update the DHCP server with the new name do
sudo dhclient -r ; sudo dhclient
- If you want to update the DHCP server with the new name do
- I like to uncomment the line for sources in
/etc/apt/sources.list
just in case I need them later. So open an editor viasudo
, or type the following:sed 's/#deb-src/deb-src/g' /etc/apt/sources.list | sudo tee /etc/apt/sources.list
(note to self: thesudo tee
bit is because if I putsudo
at the beginning, withsed
, it fails as the right side of the pipe doesn’t run under the sudo context). - Update the Pi:
sudo apt update && sudo apt full-upgrade -y
That’s it for now. I plan to keep updating this post with more stuff as I go along.
Additional steps for Docker:
- Install docker:
curl -sSL https://get.docker.com | sh
(you don’t need to pipe this tosh
but can save to a file and read what it does and then run it viash
– for example:curl -sSL https://get.docker.com -o ${HOME}/install-docker.sh
, then read the file and confirm it does nothing harmful, then run it viash ${HOME}/install-docker.sh
)- This also sets up the Docker repo in
/etc/apt/sources.list.d
- This also sets up the Docker repo in
- Add myself to the
docker
group:sudo usermod -aG docker rakhesh
- Docker Compose (thanks to this blog post; the official instructions needed some tweaking for Raspbian/ Pi) :
- First install the dependencies:
sudo apt install -y libffi-dev libssl-dev python3-dev python3 python3-pip
- Then install compose itself:
sudo pip3 install docker-compose
(takes a while… took about 20 mins for me on a Pi4)
- First install the dependencies:
Additional stuff worth installing:
sudo apt install ngrep jq dnsutils ldnsutils apt-show-versions hddtemp bc git
(this gets me tools likejq
,ngrep
,dig
,nslookup
,drill
)