[HN Gopher] Raspberry Pi config for all things Internet ___________________________________________________________________ Raspberry Pi config for all things Internet Author : Brajeshwar Score : 124 points Date : 2021-09-18 16:25 UTC (6 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | stardenburden wrote: | I feel like nix[1] is better suited than Ansible for this. | | Just I'm this week, I made an iso for my rpi config, which has | everything setup from ssh keys to the services i want to use. All | I need to do is flash it and it's good to go. Not to mention that | I can easier manage a fleet of this with remote deployment[2]. | | [1] https://nixos.org | | [2] Nixops, deploy-rs or the --target-host flag in nixos-rebuild | louwrentius wrote: | If you plan to use a RPi4 as a router: | | 1. It can handle up to 650 Mbit if you use firewalling with | iptables | | 2. You only need one (1) interface if you use VLANS. | 0x426577617265 wrote: | I'm having a hard time visualizing how I could use only one | interface. How would the rest of the devices connects? Or are | you suggesting using as a wifi only router? | [deleted] | btgeekboy wrote: | It's the "router on a stick" method. You use a VLAN-capable | switch, and connect the upstream connection (cable modem, | ONT, etc) to a port on one VLAN, while the rest of your | network is on another VLAN. | dsissitka wrote: | > 1. It can handle up to 650 Mbit if you use firewalling with | iptables | | Is that at 1.5 GHz? | | I was surprised by how powerful Pi 4s are. At 2 GHz they'll do | cake at gig. | testmasterflex wrote: | Have you tried it on Pi 0W? | axegon_ wrote: | I have, sort of. At my old job, just as the pandemic started, | one of my coworkers didn't have vpn access and the company ran | out of cisco licences before he managed to get one so I | tunneled him through my pi0, afaik it was tolerable for pulling | and pushing code but nothing more than that. | geerlingguy wrote: | Zero uses a very constrained CPU; you'd get max 100 Mbps | throughput over wired, much less on WiFi. But if you only used | the DNS/Adblock capabilities, it wouldn't be too bad. | HappyTypist wrote: | so hard to find stock of this in australia :( | WaitWaitWha wrote: | When I read the title i was hoping it will shorten my path. Alas, | not so. Slightly on a tangent, but fits with the "all things"... | | I have been trying to extricate my family from Google & Apple | ecosystems. This requires various servers. At first, I was going | to do something like a rackmount server with KVM, Docker, or | similar virtualization. Turns out, the cost of a handful of | RasPi4B8Gs (~$75 x n, where n is server per service) is less | expensive then running a full server (~$1500+). | | Now just to find the right and stable software packages that are | relatively smooth transition. :/ | | I currently have them set up as my DNS & filtering, & DHCPD, | working on calDAV, cardDAV, VPN, and file (& bookmarks) synch. | m82labs wrote: | I wrote up an article on hosting email in an S3 bucket. It does | mean your email is in AWS, so not sure if that is any better. | | https://markw.dev/aws-free-email/ | geerlingguy wrote: | Be sure to check out the accompanying blog post [1] and also | another post on integrating AirGradient monitoring [2]. | | [1] https://www.jeffgeerling.com/blog/2021/monitor-your- | internet... | | [2] https://www.jeffgeerling.com/blog/2021/airgradient-diy- | air-q... | tailspin2019 wrote: | This is cool. I've dabbled with Ansible for managing smallish | projects like this but have never quite committed fully to it to | get the full benefits. | | I think part of the issue may be that because I'm not using | Ansible every day, whenever I come back to it there is a bit of | context that I need to reload into my brain to get back up to | speed... I guess that could be a sign that the tool is too heavy | for my use case perhaps. | | I have a bunch of provisioning shell scripts that I do seem to | find a bit less abstract and easier to manage. In fact I need to | use one today to renew my home lab wildcard SSL domain | certificate and push it to my various local systems. | zellyn wrote: | I was checking out Ansible for my Raspberry Pis, but settled on | bundlewrap.org eventually: much lower barrier to entry. (Also | much simpler, but that's ok with me.) | tailspin2019 wrote: | BundleWrap looks very cool. I have a number of potential uses | for that in mind already. | jrm4 wrote: | Yooo, if anyone wants to let me know on this. I'm already using | an off the shelf load balancer because I didn't have time to | figure out on my own -- would it be possible to "tag this on" and | determine stats for all my connections? | | TL-R605 by TP-Link is the router I'm using. | Kudos wrote: | Is running a speedtest on a regular cadence going to cause some | minor impact to your internet quality when it happens? | [deleted] | dec0dedab0de wrote: | Yes, using your connection will always cause an impact. If it's | noticeable or not depends on a bunch of factors that are hard | to guess about. I wouldn't run it very often if I didn't have | some kind of QoS in place. | smallpipe wrote: | If you have a good router that does some queue management and | doesn't suffer from buffer bloat, it shouldn't impact it too | much. | ggregoire wrote: | Which routers including those features would you recommend? | IQRouter? https://www.bufferbloat.net/projects/bloat/wiki/Wha | t_can_I_d... ___________________________________________________________________ (page generated 2021-09-18 23:00 UTC)