Maqaalka Waxaan ka hadlay habka loo rogo Raspberry-ka barta gelitaanka wireless-ka iyadoo la adeegsanayo nidaamka hawlgalka CentOS. Adiga oo isu keenaya router gurigayga sida ku cad sawirkan, waxaan ku qancay hal-abuurkayga hal-abuurka ah waxaanan helay kor u qaadida nabadda maskaxda ee qayb muhiim ah oo ka mid ah kaabayaashayga raaxada leh. Si kastaba ha ahaatee, dareenka dhamaystir-la'aanta xalka iyo dhammaystirnaanta gudaha ayaa i soo jiidatay: "Natiijada aan fiicnayn ee shaqada xaq uma laha inay jirto." Fikirka ah "ku habboonaanta waa la gaari karaa oo waa in la gaaro" igama tegin hal daqiiqo.
Ka dibna maalin maalmaha ka mid ah, mid ka mid ah golayaasha mawduucyada, waxaan la kulmay dood ku saabsan qoto dheer ee nidaamyada hawlgalka ee jira ee Raspberry (aarch64 vs armhfp): kaas oo 64-bit OS uu mabda'a ahaan, ku haboonaan karo oo ka shaqeyn karo nooca Raspberry 3 ++?
CentOS aan jeclahay ee dhismaha ARM ee "Userland" kuma degdegin inuu u beddelo nooca ugu dambeeyay ee kernel oo uu u beddelo 64-bit. Iyo kaydka EPEL, ee ku xidhan xagga Ilaahay ayaa og meesha aan lahayn saxeex dijital ah, waxay ahayd riyo hurdo la'aan ah.
Anigoo u hadlaya sidii raacsane qaybinta ku salaysan RPM, waxaan la yaabay markii aan ogaaday in OS ee Raspberry gabi ahaanba la iloobay doodaha. Fedora! Oo tan inkastoo xaqiiqda ah in la sii daayo
Maqaalkan waxaan ka hadli doonaa habka rakibidda Fedora (arch64) on Raspberry Pi 3 Model B + Π² waxqabadka ugu yar ee dheeraadka ah. Waxaan si kooban u dul istaagi doonaa sifooyinka kor u qaadista barta marinka Wi-Fi, oo lagu aqoonsaday natiijada hawlgalka tijaabada ee qaabayntaydii hore .
0. Waxaad u baahan doontaa
Wax walba waa la mid sidii ku taxan maqaalkii hore:
- Raspberry Pi 3 Model B+;
- microSD>= 4GB (kadib waxaad ku wareejin kartaa nidaamka 2GB drive);
- Goobta shaqada ee leh Linux iyo akhristaha kaadhka microSD;
- Isku xirka shabakada fiilada ee u dhexeeya Raspberry iyo Linux-ka shaqada (kiiskan, ma jiro kormeer dheeraad ah iyo kiiboodhka loo baahan yahay si loo habeeyo), helitaanka internetka ee labada qalab;
- Xirfad sare oo Linux ah (si aad u ogaato oo aadan ka baqin: , ΠΈ ).
La mid ah ku celcelinta - dhisitaanka Linux-kaaga, sawirka qaybinta Fedora ayaa la isticmaali doonaa, ka dibna iyada oo lagu salaynayo, nidaamka ugu yar ayaa la abuuri doonaa (iyada oo aan "laga soo uruurin")
1. Ku rakibida qaybinta asalka ah
Isku duwayaasha sawirka cayriin ee nidaamka internetka:
Ka dib markaad ku duubto microSD iyo ka hor intaadan isticmaalin, waxaad u baahan tahay:
- Kordhi "xididka" nidaamka faylka (qaybta 3aad, ext4)
parted /dev/mmcblk0 resizepart 3 100% e2fsck -f /dev/mmcblk0p3; resize2fs /dev/mmcblk0p3; e2fsck -f /dev/mmcblk0p3 for i in 1 2 3; do mkdir -p /mnt/$i; mount /dev/mmcblk0p$i /mnt/$i; done - Dami SELinux
echo 'SELINUX=disabled' > /mnt/3/etc/selinux/config - Ka saar Wizard Dejinta Hore:
find /mnt/3/etc/systemd/ -iname initial-setup.service -delete - Oggolow gelitaanka ssh:
mkdir -p /mnt/3/root/.ssh cp -fv ~/.ssh/id_rsa.pub /mnt/3/root/.ssh/authorized_keys sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/g' /mnt/3/etc/ssh/sshd_config
Hadda waxaad ka soo dejisan kartaa "raspberry" microSD oo waxaad ku xiri kartaa shabakadda.
Bilawga qabowgu wuxuu qaataa ilaa hal daqiiqo iyo badh. TTX ee nidaamka ka dib marka la soo dejiyo:
rpm -qa | wc -l
444
2. Ururinta nidaamka ugu yar
Nasiib darro, "qaybinta ugu yar" ee ka imanaya horumariyayaashu waxay u noqdaan kuwo ka fog kuwa ugu dhexdhexaadka ah isticmaalka kheyraadka. Sawirka nidaamka waxaa la samayn karaa xitaa ka sii yar.
Si tan loo sameeyo, waxaad u baahan tahay inaad ku socodsiiso qoraalka Malinka:
#!/bin/bash
. /etc/os-release
P=$(mktemp --directory $(pwd)/$ID-$VERSION_ID.XXX)
dnf --installroot=$P --releasever=$VERSION_ID --setopt=install_weak_deps=false
--assumeyes install
bcm283x-firmware
dnf
grub2-efi-aa64
kernel
openssh-server
shim-aa64
for f in /boot/efi/EFI/fedora/grub.cfg
/boot/efi/EFI/fedora/grubenv
/boot/efi/rpi3-u-boot.bin
/etc/default/grub
/etc/fstab
do
cp -fv $f $P$f
done
rm -fv $P/dev/*
rm -rfv $P/var/cache/dnf
echo "--------------------------------------------------------------------------------"
du -hs $P
Kadib socodsiinta qoraalka, hage-hoosaad ayaa lagu abuuri doonaa tusaha hadda ($P) oo leh nuxurka xididka daabacaadda cusub ee OS ugu yar. Waad dami kartaa Raspberry oo aad ku soo celin kartaa microSD-ka goobta shaqada Linux.
3. Ku rakibida nidaamka ugu yar
Rakibadu waxay hoos u dhigtaa nuqul ka samaynta faylalka "sawirka" ugu yar ee OS (laga helay tallaabadii hore) dulsaar microSD si gaar ah loo diyaariyey oo tusaha ku habboon.
Kaarka 2GB iyo laba qaybood oo ka mid ah ayaa ku filan:
- / bootiin / efi - EFI + FAT32, boot, 100MB;
- / (xidid) - EXT4, dhammaan booska haray.
Ka dib markaad diyaariso microSD oo aad nuqul ka sameysid faylasha, waxaad u baahan tahay:
- hagaajin OS boot;
- daar shabakada;
- u habeeyo gelitaanka ssh.
Hagaajinta bootku waa in la beddelo UUID ee qaybaha faylasha:
microSD:/boot/efi/EFI/fedora/grub.cfg
microSD:/boot/efi/EFI/fedora/grubenv
iyo parameter Badbaadinta_entry= faylka ugu dambeeya
Faylka ku jira:
microSD:/etc/fstab
Waxaad ka heli kartaa qiyamkii hore, iyo qiimayaasha hadda (cusbooneysii) ee soosaarka amarka:
blkid | grep mmcblk | sort
Beddelka ka dib, waa inaad sidoo kale saxdo waxa ku jira fstab on microSD si dhibcood Buur u dhigma UUIDs qaybta cusub.
Shabakadda Shabakadda marka ugu horraysa ee aad shido Raspberry-ga waxa lagu gaadhi karaa βburoβ yar β samee xidhiidhiye (qorshe ahaan):
ln -s /usr/lib/systemd/system/systemd-networkd.service
microSD:/etc/systemd/system/multi-user.target.wants
iyo fayl:
mkdir -p microSD:/etc/systemd/network
cat > microSD:/etc/systemd/network/dhcp.network << EOF
[Match]
Name=*
[Network]
DHCP=ipv4
EOF
Soo dejin guul leh ka dib, hagaaji bilawga :
systemctl disable systemd-networkd
systemctl enable systemd-networkd
Helitaanka Superuser ee ssh waxaa loo habeeyey si la mid ah tillaabada 1.
Markaad wax walba si taxadar leh u samaysay oo aan khaladaad lahayn, waxaad u guuri kartaa microSD-ga "raspberry" oo waxaad bilaabi kartaa inaad la shaqeyso 64-bit OS nooca ugu yar ee dheeraadka ah.
4. Nidaam diyaarsan
"sawirka" nidaamka la dhammeeyey, oo loo sameeyay si waafaqsan tilmaamaha kor ku xusan, waxaa laga soo dejisan karaa xiriirka:
Tani waxay noqon doontaa kayd ka kooban laba fayl: qoraalka rakibaadda iyo TGZ oo wata faylasha OS. Kaydka wuxuu u baahan yahay in lagu furo goobta shaqada Linux, geli microSD (kaarka 2GB ayaa ku filan) oo ku socodsii qoraalka cabbirka - magaca aaladda:
./install /dev/mmcblk0
Iska ilaali!
Digniin la'aan, aaladda waa la qaabayn doonaa waxaana lagu rakibi doonaa nidaamka hawlgalka.
Ka dib fulinta qalad la'aanta ee qoraalka, kaarka dib ayaa loo habeyn karaa "raspberry" waxaana loo isticmaali karaa: qabashada dhcp, erayga sirta ah - "1".
Nidaamku wuxuu ka nadiifiyaa dhammaan aqoonsiga iyo furayaasha, taas oo ah sababta rakibid kasta oo cusub u gaar ah.
Waxaan mar kale ku celinayaa, nidaamka - ugu yar! Sidaa darteed, ha ka welwelin: DNF waa diyaar, si ay u shaqeyso waa inaad "ikhtiraacdaa" midka saxda ah .
Bilawga qabow ee Raspberry-ku wuxuu qaadanayaa ilaa 40 ilbiriqsi. TTX ee nidaamka ka dib marka la soo dejiyo:
rpm -qa | wc -l
191
5. WiFi
Waxaan in yar dul istaagi doonaa sifada hirgelinta barta marinka Wi-Fi-ga. Wixii faahfaahin ah, waxaad tixraaci kartaa kii hore .
EPEL hadda looma baahna - dhammaan baakooyinka waxay ku jiraan kaydadka rasmiga ah.
Waxay u badan tahay inay mudan tahay in la iska daayo , tan iyo Fedora, si ka duwan CentOS, waxay leedahay nidaam-shabakad-nidaameed dhawaan, kaas oo si caadi ah ugu dhex dhisan DHCP/DNS server. Laakiin xaqiiqadu waxay tahay in RHEL8 horumarinta , kuma dhiirigelinayso kalsoonida mustaqbalka ifaya ee mashruuca Marka la soo koobo, ma isku dayin.
Intaa waxaa dheer, darawalada hadda ee adabtarada Wi-Fi-ku-dhisan lagama "xadi karo" qaybinta Raspbian, laakiin si toos ah ayaa looga soo dejisan karaa .
Tani waa waxa faylasha Broadcom firmware ay u eg yihiin Raspberry-kayga (qorshe ahaan):
ls /usr/lib/firmware/brcm | grep 43455
[612775] brcmfmac43455-sdio.bin
[14828] brcmfmac43455-sdio.clm_blob
[symlink] brcmfmac43455-sdio.raspberrypi,3-model-b-plus.txt -> brcmfmac43455-sdio.txt
[2099] brcmfmac43455-sdio.txt
Iyaga la'aantood ma heli doontid 5GHz/AC.
Marka la eego tirada iyo magacyada is-dhexgalka. Hadda waxaan si adag ugu talinayaa qof kastaa inuusan isticmaalin "adeegyada" furayaasha softiweerka haddii aan loo baahnayn (), kaas oo soo saara culeys weyn oo ku jira xirmada shabakada iyo niyad jabinta marinka. Haddii aadan qorsheyneynin inaad haysato adapters-ka wireless-ka ee badan, markaa waa inaad isticmaashaa kaliya interfaces jireed. Waxaan haystaa laba Wi-Fi, marka iyaga kaliya waxaan ku daraa buundada software (inkasta oo aad taas samayn karto adiga oo si ka duwan u eegaya dejinta hostapd).
Oo waxaan jeclahay magac-beddelka interfaces.
Si tan loo sameeyo gudaha Fedora waxaad u baahan tahay inaad abuurto xiriir calaamad ah:
/etc/systemd/network/99-default.link -> /dev/null
ka dibna waxaa suurtogal ah in la bixiyo magacyo macno leh iyada oo aan la isku dayin , laakiin kaliya isticmaalaya systemd-networkd.
Tusaale ahaan, tani waa waxa isku-xidhka adabtarada ee router-kayga loo yaqaan:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
2: wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
3: lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
4: int: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master lan state UP group default qlen 1000
5: ext: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master lan state UP group default qlen 1000
- INT - la dhisay, dheer - adabtarada Wi-Fi dibadda (USB) oo la isugu keenay "buundo" Lan;
- wan - adabtarada Ethernet kaas oo internetku ku xidhan yahay.
Ma dareentay? - shay aad u fiican. Iyaga oo la socda kernel Linux cusub, waxay ku shaqeeyaan mucjisooyin dhab ah oo ku jira xadka wireless-ka: "soo dejin torrent" daran ma horseedi doonto hoos u dhac degdeg ah oo xawaaraha deriska ah. Xataa IP-TV-ga guriga ku shaqeeya "hawo ku dul shaqeeya" oo kanaal raran yahay "ma jabo" mana "tuursado" haba yaraatee!
Faylka adeegga daemon waxa lagu sameeyay isbeddello yaryar .
Hadda waxay u egtahay sidan (iyadoo la adeegsanayo tusaalaha adabtarada ku dhex dhisan):
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=network.target
BindsTo=sys-subsystem-net-devices-int.device
[Service]
Type=forking
PIDFile=/run/hostapd-int.pid
#ExecStartPre=/usr/sbin/iw dev int set power_save off
ExecStart=/usr/sbin/hostapd /path/to/hostapd-int.conf -P /run/hostapd-int.pid -B
[Install]
RequiredBy=sys-subsystem-net-devices-int.device
Iyo "sixirka" hostapd-int.conf ee ka shaqeeya 5GHz/AC:
ssid=rpi
wpa_passphrase=FedoRullezZ
# 5180 MHz [36] (20.0 dBm)
# 5200 MHz [40] (20.0 dBm)
# 5220 MHz [44] (20.0 dBm)
# 5240 MHz [48] (20.0 dBm)
# 5745 MHz [149] (20.0 dBm)
# 5765 MHz [153] (20.0 dBm)
# 5785 MHz [157] (20.0 dBm)
# 5805 MHz [161] (20.0 dBm)
# 5825 MHz [165] (20.0 dBm)
channel=36
#channel=149
# channel+6
# http://blog.fraggod.net/2017/04/27/wifi-hostapd-configuration-for-80211ac-networks.html
vht_oper_centr_freq_seg0_idx=42
#vht_oper_centr_freq_seg0_idx=155
country_code=US
interface=int
bridge=lan
driver=nl80211
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
macaddr_acl=0
hw_mode=a
wmm_enabled=1
# N
ieee80211n=1
require_ht=1
ht_capab=[HT40+][SHORT-GI-40][SHORT-GI-20]
# AC
ieee80211ac=1
ieee80211d=0
ieee80211h=0
vht_oper_chwidth=1
require_vht=1
vht_capab=[SHORT-GI-80]
Photoshop yar oo laga sameeyay Ericsson A1018s:
(Xiriirka internetka - 100Mbit/sec)
Iyo ugu dambeyntii, FAQ yar.
6. FAQ
6.1 Waa maxay sababta loo sameeyo Wi-Fi router Raspberry?
Mid ayaa si fudud ugu jawaabi kara, sida "waa wax xiiso leh in la isku dayo iyo waxaas oo dhan."
Laakiin dhab ahaantii, waxay iila muuqataa in mawduucu yahay mid halis ah. Xilligii internetka ee "dhiig-baxa", iibsashada router ee dukaanka iyo ku harista la haystayaashiisa waa rajo aad u xun. Dad badan ayaa horeyba u fahmay in la fadhiista CVE ama albaab danbe oo ku dhex dhisan aysan suurtagal ahayn.
Dabcan, waxaad u haajiraan kartaa WRT firmware kuwa xiiseeya. Waxaa laga yaabaa inay jirto kalsooni dheeraad ah iyaga, laakiin haddii aadan rabin inaad ku tiirsanaato, ka dibna kaliya isticmaal alaabtaada. Fikrad ahaan, kombuyuutar buuxa si wax kasta oo adduunka ah loogu hirgeliyo. Dhanka dariiqa, dabcan.
Sidaa darteed, doorashada "raspberry" waa dhaqdhaqaaq dhaqaale oo kaliya: kombuyuutar dhab ah iyo isla mar ahaantaana mid aan qaali ahayn. Inkastoo, laga yaabee sidoo kale - oo ay ku jiraan "laba-laab" gudaha.
6.2 Laakiin Raspberry waa "router hoose": gaabis ah oo leh hal deked Ethernet!
Sida router Wi-Fi guri ahaan, Raspberry-ku aad buu iigu qanacsan yahay. Waxaan horay uga hadlay xawaaraha hawada sare. Oo waxaa jira hal Ethernet oo keliya, si fiican, badeecad la mid ah Apple waa isku mid!
Laakiin si dhab ah, dabcan waxaan jeclaan lahaa wax badan. In kasta oo xaqiiqda ah in gurigayga dhammaan aaladaha ay ku xiran yihiin si siman, mararka qaarkood xiriir naxaas ah ayaa weli loo baahan yahay. Kiisaska noocaan oo kale ah, waxaan haystaa "xarun moobil" oo kayd ah:
qalab - wax sidan oo kale ah
6.3 Haddii kani yahay router, markaa waxba lagama sheego "daawaynta" TCP/IP, sababtoo ah tani waa muhiim!
Marka lagu daro dejinta xirmooyinka shabakadda (tcp_fastopen, HAA, iwm.), kan iyo maqaalkii hore ma daboolayaan nuucyada kale, gaar ahaan, habka diyaarinta microSD ee isticmaalka ugu wanaagsan (inkasta oo rakibuhu isku dayo inuu qaabeeyo kaadhka xusuusta hab khiyaano leh). Habka hagaajintu waa mid aan dhammaad lahayn, waxaad u baahan tahay oo kaliya inaad joojiso waqtiga.
6.4 Waa maxay sababta Fedora?
Sababtoo ah waan jeclahay! Fedora waa nidaamka "caadiga ah" ee geeks, kuwaas oo maqaalkani dhab ahaantii loogu talagalay. Waqtiga qorista, laga yaabee OS-ka kaliya ee loogu talagalay Raspberry ee nooca 64-bit waxaa si rasmi ah u taageeraya shaqaale muhiim ah oo horumariyayaal ah (kuwaas oo aanan ka sugi karin ).
6.5 Bluetooth ma shaqeeyaa? Waa sidee muuqaalku/codku/GPIO?
Ma garanayo. Maqaalku wuxuu ku saabsan yahay rakibaadda ugu yar ee nidaamka iyo isticmaalkiisa xiga ee router Wi-Fi ahaan.
6.6 Maxay tahay sababta dhammaan maqaallada ku saabsan CentOS/Fedora/RedHat ay u bilaabaan curyaaminta SELinux?
Sababtoo ah nidaamku wuu yar yahay, xitaa ma laha dab-damis ama qalab loogu talagalay dejinta. Qof kasta oo u baahan wuxuu ku rakibi karaa wax kasta oo ay u baahan yihiin.
6.7 Nidaamka lama isticmaali karo, erayga sirta ah lama bedeli karo - ma jiro passwd. Ma jiro ping, waxba!
Waxaa jira . Ama ikhtiyaarkan rakibaadda maahan adiga - isticmaal qalabka qaybinta ee horumariyeyaasha.
6.8 Aaway SWAP? La'aantiis ma noolaan karo!
Ma runbaa? OK markaa:
fallocate -l 1G /swap
chmod -v 0600 /swap
mkswap -f /swap
swapon -v /swap
grep "/swap" /etc/fstab || echo "/swap swap swap defaults 0 0" >> /etc/fstab
6.9 Waxaan jeclaan lahaa inaan isla markiiba soo dejiyo sawir diyaarsan oo leh barta marinka Wi-Fi ee habaysan!
Diyaarinta rakibe "qof walba" waxay u baahan doontaa waqti iyo dadaal. Haddii (si lama filaan ah!) Qof run ahaantii u helo tan xiisaha leh oo lagama maarmaanka ah, noo qor oo waxaanu la iman doonaa wax.
waxan ku dhamaynayaa.
Waxaan u rajeynayaa qof walba badbaado leh oo lagu dul socdo iyo xakamaynta ugu badan ee kaabayaasha!
Source: www.habr.com