Busy hands | Disquiet mind

So simply joining an existing mastodon instance is not enough for you, you want control? Set up your own! The official documentation has a page about that, including listing a bunch of specialised hosting providers that will do this installation bit for you. But we like the more difficult road with the rewarding learning curve around here. Make sure you get get your linux box prepared, and we'll get into setting up a mastodon instance on local hardware, running linux, without docker, and without cloud storage.

Step 1; Get to installing mastodon

( Details )

Step 2; Get to customising mastodon

( Details )

Step 3; Should you set up an instance for other people?

( Details )

Let's Encrypt's root cert expired the end of September just gone.

For the first time since then I tried running an old python script on a Raspberry Pi. It failed with an all too familiar error message. In both python3, and with curl.

I never see these errors in my browser (because Firefox is great like that). Even when I didn't have the certs on my site fully configured it didn't matter because Firefox had the necessary root and intermediate certs.

So I tried curl on my Windows machine, and it worked, no errors. Okay, it's not the configuration of my site. It's the Raspberry Pi. I need to update its cert cache.

I found most of what I needed here. The certs I want are here. (We'll be picking up local certs, so changing into the same directory is important.)

sudo mkdir /usr/share/ca-certificates/local
cd /usr/share/ca-certificates/local

sudo wget https://letsencrypt.org/certs/isrgrootx1.pem
sudo wget https://letsencrypt.org/certs/lets-encrypt-r3.pem

sudo openssl x509 -inform PEM -in isrgrootx1.pem -outform PEM -out isrgrootx1.crt
sudo openssl x509 -inform PEM -in lets-encrypt-r3.pem -outform PEM -out lets-encrypt-r3.crt

sudo dpkg-reconfigure ca-certificates

When prompted choose 'ask'. Mark your new certs with an asterisk, choose 'ok', and wait for it to finish.

Test by trying that curl command again. All goes well, no more errors!

Great, let's try that script again. Nope! More errors. Now that our Raspberry Pi has the correct certs we need to update the python certs. Enter an interactive session and find out where it keeps these certs.

python3
import certifi
certifi.where()

It says '/home/pi/.local/lib/python3.7/site-packages/certifi/cacert.pem'. Let's replace it!

rm /home/pi/.local/lib/python3.7/site-packages/certifi/cacert.pem
cp /etc/ssl/certs/ca-certificates.crt /home/pi/.local/lib/python3.7/site-packages/certifi/cacert.pem

Test by trying that python3 script again. All goes well, no more errors! Hopefully for real this time.

I had an idea to set up my cubox as an Android station to sync/operate all my bluetooth wearables. But neither the Android image (4.4?!) nor the Ignition installer would boot. Just sat there, glowing a red LED at me. I found their official builds server, and the only image up there for cubox is Debian. Which also doesn't work.

Okay so. *rolls up sleeves in dramatic fashion*

Cuboxes come with serial on by default, over the micro-USB cable.
Find the device name;
sudo dmesg
Connect to serial;
sudo screen /dev/ttyUSB0 1115200
(If you are in Windows it's the same procedure as for Raspberry Pi.)

U-Boot 2009.08-dirty (Jan 21 2013 - 10:57:40) Marvell version: 5.4.4 NQ SR1

BootROM:
       Version on chip: 2.33
       Status: OK
       Retries #: 0
Board: CuBox
SoC:   88AP510 (A1)
CPU:   Marvell Sheeva (Rev 5)
       CPU @ 800Mhz, L2 @ 400Mhz
       DDR3 @ 400Mhz, TClock @ 166Mhz
PEX 0: interface detected no Link.
PEX 1: interface detected no Link.
DRAM:   2 GB
       CS 0: base 0x00000000 size  1 GB
       CS 1: base 0x40000000 size  1 GB
       Addresses 60M - 0M are saved for the U-Boot usage.
SF: Detected W25Q32 with page size  4 kB, total  4 MB

Streaming disabled 
L2 Cache Prefetch disabled
L2 Cache ECC disabled
Modifying CPU/CORE/DDR power rails to 1.0(-2.5%) / 1.0(-5%) / 1.5(-5%)
USB 0: Host Mode
USB 1: Host Mode
Setting VPU power OFF.
Setting GPU power ON.
MMC:   MV_SDHCI: 0, MV_SDHCI: 1
Net:   egiga0 [PRIME]
Hit any key to stop autoboot:  0 
===> Executing ext4load usb 0:1 0x02000000 /boot.scr
(Re)start USB...
USB:   Register 10011 NbrPorts 1
USB EHCI 1.00
scanning bus for devices... 1 USB Device(s) found
...
** Unable to use ide 0:2 for fatload **
===> Executing ext4load ide 0:2 0x02000000 /boot/boot.scr
** Bad partition 2 **
===> Executing fatload ide 0:2 0x02000000 /boot/boot.scr
Error No HD connection 
** Can't read from device 0 **

** Unable to use ide 0:2 for fatload **

egiga0 no link
Using egiga0 device
TFTP from server 192.168.15.100; our IP address is 192.168.15.223
Filename 'boot.scr'.
Load address: 0x2000000
Loading: T T T T T T T T T T 
Retry count exceeded; starting again

Oh no. The very first line delivers the bad news. This machine is old. Older than I'd thought. Turns out there are two kinds of cubox; Marvell/Armada 510 CPU, and Freescale imx6 cubox-i. The former is the one I have, the latter is the only one currently supported.

As my hardware has been abandoned by the manufacturer I'm left with Kali, Arch, or Geexbox/Kodi.

Kali;
Download cubox version, e.g. kali-2017.3-cubox-i.img.xz
Extract; unxz kali-2017.3-cubox.img.xz
Write; sudo dd if=kali-2017.3-cubox.img of=/dev/sdcard bs=512k
Finally use gparted to expand partition to whole sdcard
And as if by magic, the cubox boots up into Kali! (I find this especially humourous as I recently tried to create a Kali LiveUSB stick for my laptop, and couldn't get it to boot, it appears due to a lack of hardware support.)

It doesn't help me build my Android station, but, thank you Community, for helping keep this hardware from obsolescence.

After disassembling Gizmo I found I needed to remove, and discard, some stuff.

( Details and pictures )

Now, some assembly; the brain transplant.

( Brain wiring )

( Brain programming )


Part 1 | Part 2 | Part 3 | Part 4 | Part 5

Okay. Hi. Yes, I'm still here. It's been an eventful err, many months. But more about that another time. Maybe.

Well, either that, or, I only post once in a Blue Moon! (Sorry, couldn't resist.)

Last year at EMF I picked up a BeagleBone Black (rev C). This week I actually unpacked it and powered it up. I was pleasantly surprised to find that the rev C ships with Debian installed, but that means most of the documentation online (and on the BBB) is slightly out of date. No worries; things are actually simpler now!

Even though it shipped with Debian when I tried to apt-get update/upgrade/install I got errors. So there was only one thing for it; flash the onboard memory. When I went about this I found that the source of online documentation was (is?) offline. And the wayback machine was only serving up some too-old files. Luckily I found a chap with a link to the most recent eMMC flasher image! I've said it before, and I'll say it again, yay for bloggers!

One thing that tripped me up; when writing the image to the SD card, on Windows you need to run the program As Administrator for sufficient privileges. Learn from my mistakes friends. Also, only hold down the SD button until the 4-LEDs start to flash, then let go. The rest is smooth sailing.

When you boot up, you ssh in (over the USB cable); as root, with no password. Set one immediately! Then you do all the usual configuration things;
set a nice hostname - vim /etc/hostnames, vim /etc/hosts
add a non-root user - adduser, visudo
setup wireless - vim /etc/network/interfaces (unfortunately it involves hardcoding your password)

(I got a raspberry pi wireless dongle to use with my cubox, and now my BBB. Poor thing has never meet a raspberry pi. ... Speaking of the cubox; arch linux turned out to be just too much effort. Will probably throw Debian on there as well.)

Then reboot, and if ifconfig doesn't show an ip-address try ifup wlan0. Once online apt-get update, apt-get upgrade. And just like that you have a fully functioning Debian server (with broken out physical pins) to bend to your will. I have to say, it is one of the easiest setups I have encountered with microcontrollers/embedded systems. And a good first impression means a lot. I look forward to playing with it more.

*edit 2015-09-16*
Setting up my second BBB was far more troublesome! I finally got it working; using dd in linux, onto an 8gb micro sdcard (my 4gb must have a .1 or .2 too small), and even though the file (from here) is named 2015-03-01 the installation reports 2015-07-17. Curiouser and curiouser.