Author: Fabien

Mount a network share on linux

On linux you have the ability to mount network share as they were part of your local storage ,
On debian , you need to have a package named cifs-utils specialised to mount network share.

after installation of the package using the command :

apt-get install cifs-utils

You have to create a folder to attach the mount to

mkdir /media/netshare
mount -t cifs "//host-of-the-share/disk/" /media/netshare -o guest,iocharset=utf8,file_mode=0777,dir_mode=0777

if you have to identify yourself to use the network share the command is slightly different :

mount -t cifs "//host-of-the-share/disk/" /media/netshare -o user=username,iocharset=utf8,file_mode=0777,dir_mode=0777

the system should ask you for your password

to check if you mount was successfull , you can check the mount using

df

Change the default SSH port on your linux server

If you run a linux server with with a ssh service on the TCP port 22 , you are likely to get bombarded by automated login attempt by hundreds and hundreds of bots
You can look at the file  getting created by launching

tail -f /var/log/auth.log | grep Failed

the first thing you can do to stop that is to change the default port user by the SSH service on you linux server

for this you just have to edit the config file : /etc/ssh/sshd_config

Find the following lines

 # What ports, IPs and protocols we listen for
Port 22

And put the new port on which you would like to run your OpenSSH server.

After this little change restart the ssh service with the command

service ssh restart

You should see that the numerous and constant attacks sould instantly stop.

Security by obscurity is still security.

 

 

 

 

Control the orange pi zero GPIO

THIS POST HAS BEEN UPDATED

 

 

After installing my orange pi zero. I tried to use my board the reencode some video file that use xvid/ac3 to x264/aac with the ffmpeg linux command.

The problem was that it took more than two hours at 100% cpu usage on the 4 cores to reencode the video, during that time the cpu was getting instantly too hot and, as a result, was heavily throttling . I tried to use a radiator, and it significantly reduced the amount of throttling but it was not eliminating it, since eventually the cpu reached pretty high temperature.

I decided to add a fan to blow on the radiator to reduce even further the cpu temperature.

I didn’t want the fan to be running all the time so I decided to use the gpio function of my board to control the state of a pin to start and stop a fan.

The problem is that the logic levels sent by the gpio is 3.3v which is much to low to start the fan i own.

My fan is a 12v fan, but it turns out that it can run at 5v, it just have a lot of trouble starting, most of the time when I put 5 v on the fan, I just see a very small movement, and then nothing, I just have to give a little push, and then it will start

Of course, this is not going to be OK. I must find a way to start that fan without that initial push.

To send 5v instead of 3.3v to the fan I used a PNP transistor that will be controlled by the 3.3v signal.

On this photo , the GPIO control pin is wired to PIN number 23 , after i took that picture i changed it to pin number 7

 

As you can see on the photo, the pin one of the PNP transistor is wired to a GPIO pin, the pin 2 is wired to the pin 2 of the board which provide constant 5v,and then the pin 3 is wired to the the red wire of the fan.
The black fan wire is connected to the pin number 6 of the board.

Here is a little schematic of the wiring.

To control the gpio I used wiringpi program that I found at this URL

At first I tried to use the gpio pin number 23 but, for some reason I failed to change the state of that pin using the wiring pi library.

I then chosed to use the pin number 7 which is named GPIO.7 in the “gpio readall” command.

First I configured the pin 7 as an output using that command

gpio mode 7 out

Then i use that command to set pin 7 at logic level 1 (3.3v)

gpio write 7 1

But even with all that, my fan still needed a little push to start turning.

After a good afternoon where I considered buying a cheap and small 5v fan on one of the classic Chinese website, i remarked that if my control GPIO pin was not soldered and I disconnected and reconnected very rapidly the control wire, the fan was starting every time.

The idea of a bash script exploiting this fact was born.

Here is the script that works for me every time!

#!/bin/bash

gpio mode 7 out
i=0
while (($i < 10))
do
gpio write 7 1
sleep .1
gpio write 7 0
sleep .05
i=$(($i+1))
echo $i
done

gpio write 7 1

This  script put the pin 7 in output mode, then switch the state of pin 7 rapidly provoking the startup of the fan.  At the end of the script the pin 7 is left in the 1 state.

To be sure the fan started, I usually launch this script 3 times, but it’s overkill and one time is enough most of the time.

When I want to stop the fan, I just launch the command

gpio write 7 0

And the fan stop immediately,

Now creating a script that launch automatically the fan when the cpu get above a predefined temperature is going to be extremely easy, I will describe it in another article.

Even if the fan is turning very very slowly , it does have a very significant effect on cpu temperature

Reduction of more than 10 degrees

add custom metrics in influxDB

 

If you have a influxdb server running , there is some data collector like Collectd that can be used to automatically write data in your database.
But collectd is very difficult to personalise. and the documentation is pretty bad, (try using the curl plugin and greping data)
You can’t easily add the result of a piped bash command to the collected data for example.

in my case i’ve decided to ignore these pre made solutions that never completely satisfy my needs or write exactly the value i want in the database,

there is a simple way to use a http request to write in the influxDB database.
first before you even write something in ingluxDB, you have to create a database (you only have to launch this command once)

curl -G http://localhost:8086/query --data-urlencode "q=CREATE DATABASE metrics"

then lets say i want to log every 5min the disk usage in percent of my primary storage device. which is named /dev/mmcblk0p1

the df command is only giving me a rounded value : for example 22%

for my example i want a much more precise percentage ,  this little script does exactly that.

#!/bin/bash
#change mmc by the name of your drive , ex: sdba
df_total=$(df |grep mmc |awk -F' ' '{print $2}')
df_used=$(df |grep mmc |awk -F' ' '{print $3}')
df=$(echo "$df_used * 100 / $df_total" | bc -l | head -c 6)
curl -i -XPOST 'http://localhost:8086/write?db=metrics' --data-binary "disc_space,df=used value=$df"

this is writing in the database metrics the percentage used with 3 decimals if you are using 10% or more and 4 decimals if you use 10% or less
the changing precision is not a concern in my use case.

then if you want a value every 5min for example do a crontab -e  and add the line :

*/5 * * * * bash /root/myscript.sh

 

you can then use grafana for example to graph the data.

install Grafana 5 on a PI

If you have a OrangePi or a raspberry pi ,

there is high chance that the version of grafana package in the repositories of your distribution is outdated
in my case , i use armbian , the repo is from ubuntu xenial .

the version of Grafana in the xenial repo is antique (grafana 2.6.0) and the version is bugged if you use a Headless version of the os ,
the icon are not displayed when you are connected to the grafana interface. (because of a bug in phantomJS).

if you have already the 2.6.0 runing , remove it first

apt-get remove grafana

Then use this page to download a recent version of grafana compiled to run on a arm cpu

wget https://github.com/fg2it/grafana-on-raspberry/releases/download/v5.0.4/grafana_5.0.4_armhf.deb
then 
dpkg -i grafana_5.0.4_armhf.deb

if the grafana service is not auto starting at the system boot , you can launch that command :

systemctl enable grafana-server.service

you can check with netstat that your grafana service is running if your server is listening on the tcp port 3000

netstat -tcp -l

now start your browser and try to connect to http://ip-of-your-server:3000

 

Influx DB 1.2.0 on armbian or raspberry PI

If you like me you purchased an orange pi Zero , or a raspberry pi you have the option to use the great OS : Armbian ,
the problem is the repository used is from ubuntu xenial .

the influxdb package contained in the repo is currently only in version 0.10.0 and some critical functionality are missing in this version. (like moving average)

first use apt-get to install influxdb to install the old version

apt-get install influxdb

then stop the server

service influxdb stop

then on the influxDB official website you can find this command to download the latest arm version

wget https://dl.influxdata.com/influxdb/releases/influxdb-1.2.0_linux_armhf.tar.gz
tar xvfz influxdb-1.2.0_linux_armhf.tar.gz

then use rsync -a  influxdb-1.2.0_linux_armhf /  to copy the content of the extracted folder to the / directory and overwrite everything.

the restart the server

service influxdb start

to look if the service is starting correctly you can tail syslog

tail -f /var/log/syslog

in my case i had an error forcing me to do a complicated conversion of the database , or reset the database ,
My database was 2 days old , so i reseted the database ,

rm /var/lib/influxdb/meta/raft.db

the service should now be running ,

you can check that the server is listening on the 8086 tcp port ,

 netstat --tcp -l

Orange PI Zero : Control the onboard leds

 

The Orange PI zero is equipped with two onboard leds ,

 

One red , and one green ,
armbian give you the ability to control very easily the state of theses leds.

to turn on the red led you can use this command : echo 1 > /sys/class/leds/red_led/brightness
to turn off the red led you can simply launch : echo 0 > /sys/class/leds/red_led/brightness

to turn on the green led you can use this command : echo 1 > /sys/class/leds/green_led/brightness
to turn off the green led you can simply launch : echo 0 > /sys/class/leds/green_led/brightness

You can put some sleep command between the on and off, and use this functionality to notify you for example that a cron script is running.

Orange Pi Zero : How to get the CPU temperature

If you purchased the small yet awesome orange pi zero on Aliexpress you certainly had huge problems to download some OS images on the official Orange PI website ,

you can download an image on the armbian website that’s compatible with the Orange pi zero

when your orange pi zero is finally fonctional there is several way to get the current temperature of the CPU.

first you can use the command : armbianmonitor -m this command is going to give you , the uptime , cpu speed and the current CPU temperature every 6 seconds.

 

but if you want to get that temperature for graphing purpose for cacti , munin , or grafana this command is not going to be usefull because of the autorefresh functionality

there is an other command that just return the cpu temperature

cat /sys/devices/virtual/thermal/thermal_zone1/temp 

OR

cat /sys/devices/virtual/thermal/thermal_zone0/temp

there is two sensor inside the Allwinner H2+ , you can add the two values and then divide the result by two to get an average temperature.

then you can graph the temperature using grafana for example

now that you know the temperature of your PI , you can somthing about it :
in an other article i talk about using the GPIOs of the PI to activate a fan when the temperature reach a set threshold.