Raspberry pi cheat sheets

For stand-alone microprocessors

Raspberry pi cheat sheets

Postby Doug Coulter » Fri Jun 19, 2015 11:48 am

Note, see below. There are some changes with the latest Jessie linux, and the latest NGINX - nothing works other than straight HTML if you don't make the changes I show below.


As I do pi (and for that matter, PC) related projects, I keep notes. Didn't do this as a younger guy, when I "understood instantly and remembered forever" - but I'm not that guy anymore. I'm the poor slob who might have to modify it and/or make it work again long after I've forgotten all the details. This is like putting good comments in code, but in this case, it's sysadmin stuff - it's how-to put things in and get them working. I've probably put this up before, but it deserves notice, as it's the fastest/easiest way to get NGINX web serving going on in a pi - and it's a far better server than Apache unless you have invested tons in being an Apache expert - different, simpler, faster, lighter, does all the same stuff, only better.

Here's my own notes for my favorite sysadmin:
Code: Select all
NGINX

installed mods for php and perl cgi's
(perl CGI's end with .pl)
/etc/nginx/nginx.conf
/etc/nginx/sites-available/default

Our content is located at /usr/share/nginx/www/


Do the tutorial above, in order - copying these files won't work unless the prerequisites are there, but here are the important ones for reference (and you can cut-paste from these while doing the tutorial).
This is /etc/nginx/sites-available/default:
Code: Select all
# You may add here your
# server {
#   ...
# }
# statements for each of your virtual hosts to this file

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

server {
   #listen   80; ## listen for ipv4; this line is default and implied
   #listen   [::]:80 default_server ipv6only=on; ## listen for ipv6

   root /usr/share/nginx/www;
   index index.php index.cgi index.html index.htm;

   # Make site accessible from http://localhost/
   server_name localhost;

   location / {
      # First attempt to serve request as file, then
      # as directory, then fall back to displaying a 404.
      try_files $uri $uri/ /index.html;
      # Uncomment to enable naxsi on this location
      # include /etc/nginx/naxsi.rules
   }

   location /doc/ {
      alias /usr/share/doc/;
      autoindex on;
      allow 127.0.0.1;
      allow ::1;
      deny all;
   }

   # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
   #location /RequestDenied {
   #   proxy_pass http://127.0.0.1:8080;   
   #}

   #error_page 404 /404.html;

   # redirect server error pages to the static page /50x.html
   #
   #error_page 500 502 503 504 /50x.html;
   #location = /50x.html {
   #   root /usr/share/nginx/www;
   #}

   # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
   #
   location ~ \.php$ {
      fastcgi_split_path_info ^(.+\.php)(/.+)$;
   #   # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
   #
   #   # With php5-cgi alone:
   #   fastcgi_pass 127.0.0.1:9000;
   #   # With php5-fpm:
      fastcgi_pass unix:/var/run/php5-fpm.sock;
      fastcgi_index index.php;
      include fastcgi_params;
   }
   location ~ \.pl|cgi$ {
      try_files $uri =404;
      gzip off;
      fastcgi_pass  127.0.0.1:8999;
      fastcgi_index index.pl;
      fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
      include fastcgi_params;
   }

   # deny access to .htaccess files, if Apache's document root
   # concurs with nginx's one
   #
   location ~ /\.ht {
      deny all;
   }
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#   listen 8000;
#   listen somename:8080;
#   server_name somename alias another.alias;
#   root html;
#   index index.html index.htm;
#
#   location / {
#      try_files $uri $uri/ =404;
#   }
#}


# HTTPS server
#
#server {
#   listen 443;
#   server_name localhost;
#
#   root html;
#   index index.html index.htm;
#
#   ssl on;
#   ssl_certificate cert.pem;
#   ssl_certificate_key cert.key;
#
#   ssl_session_timeout 5m;
#
#   ssl_protocols SSLv3 TLSv1;
#   ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
#   ssl_prefer_server_ciphers on;
#
#   location / {
#      try_files $uri $uri/ =404;
#   }
#}



For fairly ridiculous reasons, I'm going to put a Pi in my battery box. Those reasons are - there is ethernet cable buried ?? years ago going there - and we want galvanic isolation for millivolt measurements at a current shunt, and well, I have a spare older pi (the new model 2 version will spoil you instantly) - so why not? Using the general scheme I've been using that slaves arduino's off pi's - I can later add the one that's going to control the Listeroid diesel backup generator, and of course, have CGI's etc for control, status, and manual over-ride of whatever I have this do automatically. To ID the pi to any user of tightVNC, I used this as its desktop pic:
Batteries.JPG
Does anyone think this needs added text for ID?


I've added tellem and tellme from my landns thing to all my machines here, so once things have been up over a minute or two, you can just use machine names in browsers and vnc viewers etc. In the case of the pi, I started tellem and tellme from /etc/rc.local after just copying them to /usr/bin and doing a sudo chmod 6711 to them both. Since they daemonize, all you have to do is put for example /usr/bin/tellem in /etc/rc.local and that all works fine. The installer I originally put up has fallen afoul of the fight between sysV init and systemD on some machines, sigh. (It still works on most pc's with most linuxes).

This particular pi wants to be able to use a Dallas DS18B20 (sealed up as a soil temperature monitor) for battery temperature (redundant with the Xantrex stuff I can't scrape data from, darn).
So, here's the cheat-sheet for that:
Code: Select all
DS18B20 on pi

in /boot/config.txt, add
dtoverlay=w1-gpio

in /etc/modules, add
w1-gpio
w1-therm

reboot, then:

cd /sys/bus/w1/devices
ls
cd 28-xxxx (change this to match what serial number pops up)
cat w1_slave

Two lines are output.  First one ends in "YES" if it's good data, second one
ends in t=##### (degrees C x 1000)


I also want perl's Device::SMBus to talk to an I2C a/d converter for battery voltage and differential on the current shunt (which I'll have a detailed post about once it's installed and working).
Here's the skinny on that - and I will have to rewrite an arduino library to work on the pi with this AD1015 device. No big deal I hope.
Code: Select all
For I2c:
sudo cpanm Dev::SMBus

Added i2c-dev and i2c-bcm2708 to /etc/modules
Added dependencies for perl Device::SMBus: i2c-tools libi2c-dev (which installs easier if you do this first?)
The magic words are: sudo i2cdetect -y 1
The above lists all detected i2c device addresses.

Handy link on pi i2c from Adafruit.
Note, for perl modules, install cpanminus and say sudo cpanm module::name...it works a lot easier than other ways, and the name is the same as on CPAN.
eg say sudo cpanm Device::SMBus - and it will happen, including nearly all dependencies (nothing is quite perfect, I'm sure you understand).


I always install synaptic (sudo apt-get synaptic) as one of the very first things I do, as I like to be able to search rather than just blindly copy "apt-get" lines from web pages. It's also really good at removing stuff - like the pi noob stuff (wolfram, scratch, games, silly things that eat space and I never use) - including their dependencies, making your basic image a lot tighter. To install what is invoked as cpanm above, you install cpanminus (which is why I use cpanminus - names in synpatic aren't the same as on CPAN).
Of course, if you're just fishing around, you want this link for CPAN.
Most perl modules are in just plain perl - so they work on pi as is. Some require some C libraries to be built, and still probably work on pi. Device::SerialPort is another biggie that does (as does GnuplotIF if you use Gnuplot-x11), but it requires you use sudo raspi-config to free up the pi's serial hardware as just a port first (and add yourself to dialup group if you haven't). At some point if you haven't, you'll have to install build-essentials (from apt-get or synaptic). Most of the other package installers figure this out and do it for you - there's a version of gcc that works for ARM.
Posting as just me, not as the forum owner. Everything I say is "in my opinion" and YMMV -- which should go for everyone without saying.
User avatar
Doug Coulter
 
Posts: 3515
Joined: Wed Jul 14, 2010 7:05 pm
Location: Floyd county, VA, USA

Re: Raspberry pi cheat sheets - changes for Jessie

Postby Doug Coulter » Fri Nov 27, 2015 11:46 pm

Yup, the new Jessie distro changes some things. systemd - what can I say that hasn't been said? I lack enough invective to properly describe it. That's saying something.

This post will be updated as I learn more, I'm still struggling with why php isn't working...but I got perl-fcgi to work, and here's how:
in /etc/init.d/perl-fcgi, change the start and restart cases from
su - $FASTCGI_USER -c $PERL_SCRIPT
to remove the dash (-) after su, else it wants a password for it to work. Just getting rid of the su also works, but runs perl-fcgi as root - not good for security. It works, but don't do that.
You must also change /etc/passwd line for www-data from /usr/sbin/nologin to /bin/sh at the end of the line (/bin/bash may also work).
This all because everything now needs a login with password, but systemd evidently can't handle doing that - and who knows if www-data as created by the installs even has one? Nothing I tried worked when doing those lines manually till I made the above changes.

I'll add whatever I find that fixes php5-fpm - it runs from the install, but any php files as described above in the video are simply passed right to the browser without the php being done...you get a blank page in the browser, but when looking at the source, it's that php file without interpretation. So it's not running it through php and substituting as installed on Jessie.

Ah, the example given above says to wrap the php in just
<?
// some php here
?>

But what's actually required now is
<?php
// some php crap
?>
Else it's ignored and just passed through as though it were html, or not even that, though show source in the browser shows it, the browser itself prints nothing at all. This appears to be a function of NGINX, as php5-fpm is running fine without other changes. It just never gets called without the php after the ?.

Sigh...Miller time now. Heck, the raspi cam stuff might even work now...kind of doubt it, and doggone it, I wish their fancy re-factored install script had an option for "HEY TURKEY, I ALREADY HAVE A WEB SERVER SETUP" as the existing stuff will bork all this...and now it's hard to do it manually. As in, it is now easiest to install it on a dummy pi SD card, then copy over just the cam stuff - which includes raspimjpeg and all its setup, as well as the /var/html stuff...and yes, it's scattered all over the place...Not a project to begin after midnight here.

Here's what /etc/nginx/sites-available/default looks like now:
Code: Select all
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
   listen 80 default_server;
   listen [::]:80 default_server;

   # SSL configuration
   #
   # listen 443 ssl default_server;
   # listen [::]:443 ssl default_server;
   #
   # Self signed certs generated by the ssl-cert package
   # Don't use them in a production server!
   #
   # include snippets/snakeoil.conf;

   root /var/www/html;

   # Add index.php to the list if you are using PHP
   index index.php index.cgi index.html index.htm index.nginx-debian.html;

   server_name _;

   location / {
      # First attempt to serve request as file, then
      # as directory, then fall back to displaying a 404.
      try_files $uri $uri/ =404;
   }

   # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
   #
   location ~ \.php$ {
      include snippets/fastcgi-php.conf;
   #   fastcgi_split_path_info ^(.+\.php)(/.+)$;
   #
   #   # With php5-cgi alone:
   #   fastcgi_pass 127.0.0.1:9000;
   #   # With php5-fpm:
      fastcgi_pass unix:/var/run/php5-fpm.sock;
   }

   location ~ \.pl|cgi$ {
      try_files $uri =404;
      gzip off;
      fastcgi_pass 127.0.0.01:8999;
      fastcgi_index index.pl;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      include fastcgi_params;
   }
   

   # deny access to .htaccess files, if Apache's document root
   # concurs with nginx's one
   #
   location ~ /\.ht {
      deny all;
   }
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#   listen 80;
#   listen [::]:80;
#
#   server_name example.com;
#
#   root /var/www/example.com;
#   index index.html;
#
#   location / {
#      try_files $uri $uri/ =404;
#   }
#}
Posting as just me, not as the forum owner. Everything I say is "in my opinion" and YMMV -- which should go for everyone without saying.
User avatar
Doug Coulter
 
Posts: 3515
Joined: Wed Jul 14, 2010 7:05 pm
Location: Floyd county, VA, USA

Re: Raspberry pi cheat sheets - mint-mate 17.2

Postby Doug Coulter » Mon Dec 07, 2015 7:36 pm

Well, it just so happens that mint-mate (based on ubuntu 14.04) has all the same issues as Jessie, and one more (which is also listed as a possible issue on pi's using the raspi web cam server).
www-data as a user doesn't have a login...and it needs one for the perl fast-cgi to work in Mint.
This is fixed by editing /etc/passwd (as root).

Code: Select all
Old line:
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
New line:
www-data:x:33:33:www-data:/var/www:/bin/sh


And now everything works everywhere...again. Too many cooks...old tutorials...
It seems there's still no substitute for actually understanding how things are supposed to work and how to troubleshoot them. Someone else's scripts can't substitute for understanding and arcane knowledge. So what else isn't new?
Posting as just me, not as the forum owner. Everything I say is "in my opinion" and YMMV -- which should go for everyone without saying.
User avatar
Doug Coulter
 
Posts: 3515
Joined: Wed Jul 14, 2010 7:05 pm
Location: Floyd county, VA, USA

Re: Raspberry pi cheat sheets

Postby Doug Coulter » Tue Jul 23, 2019 9:09 am

Seems like they all keep getting it wrong (if you want to run fastcgi-'language-of-choice'). Same deal when upgrading a pi to "buster" - not only did it reinstall a presumably more up to date nginx, it messed up passwd again - same thing. you have to give www-data a real login, as some things (not php) have this quaint idea that security might be an issue.

Also, since for whatever reason, some of this other stuff (php, the perl wrappers) seem to use some apache modules, and there's stuff in /var/www - the upgrade to Buster also installed APACHE!

You can imagine the confusion when parts of the web site on this pi were served, but parts not. Apache's default root is /var/www/html (which is where the pi cam php stuff lives) - but mine is /var/www, because the cam is just one thing this pi serves. It wasn't till I managed to get a 404 with the apache error message I realized why all my diddling with things NGINX didn't fix it.....because I suppose apache has some favored nation status - or perhaps systemd works in alpha order (despite all that fancy dependency wrangling you have tell it how to do) in linux, it starts first and grabs port 80...

Just beware of this one...I did an inplace upgrade (on a test SD card of course). I'm not sure if that saved me any time over downloading the zip and adding the myriad of customizations I normally do for a homestead server (around 100?) because the inplace does it as endless packages instead of all one zipped image, and FWIW, you've got to be there and pay attention as it will ask many times if it should wipe out all of your customizations - one by one. So it took pretty much an entire day, with me coming back every 10-20 minutes to find it paused after the couple of initial hours downloading packages...

To me, NGINX is still worth it. It's so much faster and less resource-intensive than apache, not to mention about 1% of the learning curve, that if you're not already an apache master, you might as well just go with the newer server.

Here's the link I went by: https://www.tomshardware.com/news/raspb ... 39735.html
Basically you replace all the repo definitions with the new stuff, update and dist-upgrade. And wait. And wait.

Once done by either method, Buster is pretty nice. The addition of a cpu temperature monitor will no doubt be super nice (it's a bit of a trick to put in the panel, but nothing you can't figure out) with the pi-4b, and it shows my pi-3b+'s running way too hot - even with a heatsink. A nice little 40mm noctua fan cools those right on down, though. Wish they weren't so expensive, but they have at least scienced out all the noise issues every other brand has, and they're darn nice to have.
Posting as just me, not as the forum owner. Everything I say is "in my opinion" and YMMV -- which should go for everyone without saying.
User avatar
Doug Coulter
 
Posts: 3515
Joined: Wed Jul 14, 2010 7:05 pm
Location: Floyd county, VA, USA


Return to Embedded software

Who is online

Users browsing this forum: No registered users and 2 guests

cron