[HN Gopher] Raspberry Pi config for all things Internet
___________________________________________________________________
Raspberry Pi config for all things Internet
Author : Brajeshwar
Score : 124 points
Date : 2021-09-18 16:25 UTC (6 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| stardenburden wrote:
| I feel like nix[1] is better suited than Ansible for this.
|
| Just I'm this week, I made an iso for my rpi config, which has
| everything setup from ssh keys to the services i want to use. All
| I need to do is flash it and it's good to go. Not to mention that
| I can easier manage a fleet of this with remote deployment[2].
|
| [1] https://nixos.org
|
| [2] Nixops, deploy-rs or the --target-host flag in nixos-rebuild
| louwrentius wrote:
| If you plan to use a RPi4 as a router:
|
| 1. It can handle up to 650 Mbit if you use firewalling with
| iptables
|
| 2. You only need one (1) interface if you use VLANS.
| 0x426577617265 wrote:
| I'm having a hard time visualizing how I could use only one
| interface. How would the rest of the devices connects? Or are
| you suggesting using as a wifi only router?
| [deleted]
| btgeekboy wrote:
| It's the "router on a stick" method. You use a VLAN-capable
| switch, and connect the upstream connection (cable modem,
| ONT, etc) to a port on one VLAN, while the rest of your
| network is on another VLAN.
| dsissitka wrote:
| > 1. It can handle up to 650 Mbit if you use firewalling with
| iptables
|
| Is that at 1.5 GHz?
|
| I was surprised by how powerful Pi 4s are. At 2 GHz they'll do
| cake at gig.
| testmasterflex wrote:
| Have you tried it on Pi 0W?
| axegon_ wrote:
| I have, sort of. At my old job, just as the pandemic started,
| one of my coworkers didn't have vpn access and the company ran
| out of cisco licences before he managed to get one so I
| tunneled him through my pi0, afaik it was tolerable for pulling
| and pushing code but nothing more than that.
| geerlingguy wrote:
| Zero uses a very constrained CPU; you'd get max 100 Mbps
| throughput over wired, much less on WiFi. But if you only used
| the DNS/Adblock capabilities, it wouldn't be too bad.
| HappyTypist wrote:
| so hard to find stock of this in australia :(
| WaitWaitWha wrote:
| When I read the title i was hoping it will shorten my path. Alas,
| not so. Slightly on a tangent, but fits with the "all things"...
|
| I have been trying to extricate my family from Google & Apple
| ecosystems. This requires various servers. At first, I was going
| to do something like a rackmount server with KVM, Docker, or
| similar virtualization. Turns out, the cost of a handful of
| RasPi4B8Gs (~$75 x n, where n is server per service) is less
| expensive then running a full server (~$1500+).
|
| Now just to find the right and stable software packages that are
| relatively smooth transition. :/
|
| I currently have them set up as my DNS & filtering, & DHCPD,
| working on calDAV, cardDAV, VPN, and file (& bookmarks) synch.
| m82labs wrote:
| I wrote up an article on hosting email in an S3 bucket. It does
| mean your email is in AWS, so not sure if that is any better.
|
| https://markw.dev/aws-free-email/
| geerlingguy wrote:
| Be sure to check out the accompanying blog post [1] and also
| another post on integrating AirGradient monitoring [2].
|
| [1] https://www.jeffgeerling.com/blog/2021/monitor-your-
| internet...
|
| [2] https://www.jeffgeerling.com/blog/2021/airgradient-diy-
| air-q...
| tailspin2019 wrote:
| This is cool. I've dabbled with Ansible for managing smallish
| projects like this but have never quite committed fully to it to
| get the full benefits.
|
| I think part of the issue may be that because I'm not using
| Ansible every day, whenever I come back to it there is a bit of
| context that I need to reload into my brain to get back up to
| speed... I guess that could be a sign that the tool is too heavy
| for my use case perhaps.
|
| I have a bunch of provisioning shell scripts that I do seem to
| find a bit less abstract and easier to manage. In fact I need to
| use one today to renew my home lab wildcard SSL domain
| certificate and push it to my various local systems.
| zellyn wrote:
| I was checking out Ansible for my Raspberry Pis, but settled on
| bundlewrap.org eventually: much lower barrier to entry. (Also
| much simpler, but that's ok with me.)
| tailspin2019 wrote:
| BundleWrap looks very cool. I have a number of potential uses
| for that in mind already.
| jrm4 wrote:
| Yooo, if anyone wants to let me know on this. I'm already using
| an off the shelf load balancer because I didn't have time to
| figure out on my own -- would it be possible to "tag this on" and
| determine stats for all my connections?
|
| TL-R605 by TP-Link is the router I'm using.
| Kudos wrote:
| Is running a speedtest on a regular cadence going to cause some
| minor impact to your internet quality when it happens?
| [deleted]
| dec0dedab0de wrote:
| Yes, using your connection will always cause an impact. If it's
| noticeable or not depends on a bunch of factors that are hard
| to guess about. I wouldn't run it very often if I didn't have
| some kind of QoS in place.
| smallpipe wrote:
| If you have a good router that does some queue management and
| doesn't suffer from buffer bloat, it shouldn't impact it too
| much.
| ggregoire wrote:
| Which routers including those features would you recommend?
| IQRouter? https://www.bufferbloat.net/projects/bloat/wiki/Wha
| t_can_I_d...
___________________________________________________________________
(page generated 2021-09-18 23:00 UTC)