https://wiki.friendlyelec.com/wiki/index.php/NanoPi_R5S#Get_Started
Instalar via SD usando e copyFlasher para escrever na eevsftpprom
Baixar – rk3568-eflasher-friendlycore-lite-focal-5.10-arm64-YYYYMMDD.img.gz ou superior
Escrever no SDCARD com win32Diskimager
Colocar sdcard e fazer boot e aguardar o flash..Aguarde o LED System ficar slow e os outros leds verdes..
Retirar sd card e dar boot novamente.
Endereço Padrão de fábrica
eth0 – WAN – DHCP/sites/
ETH1 – 192.168.2.1
ETH2 – 192.168.3.1
Conecte na WAN e busque o ip recebido para dar ssh
Default Username
User Name: root
Password: fa
Se ubuntu>24 usar NETPLAN
vi /etc/netplan/01-cfg.yaml
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses:
– 10.11.12.90/24
routes:
– to: default
via: 10.11.12.1
nameservers:
addresses: [10.11.12.1, 192.168.180.1, 8.8.8.8, 8.8.4.4]
mude a senha do root
Mudar ip das interfaces ETH
ETH0 – DHCP
ETH1 – 10.11.12.90 – temporária para configurar em casa
ETH2 – 192.168.180.100 – Padrão ligada na LAN do roteador Principal do KIT
Exemplo de configuração da ETH1
vi /etc/network/interfaces.d/eth1
auto eth1
iface eth1 inet static
address 10.11.12.90
netmask 255.255.255.0
gateway 10.11.12.1
dns-nameservers 10.11.12.1 8.8.8.8 8.8.4.4
vi /etc/network/interfaces.d/eth2
auto eth1
iface eth1 inet static
address 192.168.180.100
netmask 255.255.255.0
gateway 192.168.180.1
OBS: Deixe o gateway ligado somente na interface que será conectada
ADICIONE O DNS
vi /etc/systemd/resolved.conf
[Resolve]
DNS=10.11.12.1 192.168.180.1 8.8.4.4 8.8.8.8 1.1.1.1
sudo systemctl restart systemd-resolved.service
sudo systemctl enable systemd-resolved.service
timedatectl set-timezone America/Sao_Paulo
reboot
Mude o hostname
hostnamectl set-hostname lstsrvkit01
hostnamectl set-hostname lstsrvkit01 –pretty
vi /etc/hosts
Mude o hostname para o escolhido
Criar as entradas dns apontando para proxy.lstimelapses.com.br
lst15.lstimelapses.com.br
streaminglst15.lstimelapses.com.br
lstsrvkit1nvr
lstsrvkit1roteador
lstcamxxx de acordo com a câmera
ATUALIZE O UBUNTU
apt-get update -y && apt-get upgrade -y
apt –fix-broken install
apt-get update -y && apt-get upgrade -y
sudo apt-get install exfat-utils
sudo apt install exfatprogs
sudo apt install curl
sudo apt install rsync
NTP/CHRONY
apt-get install chrony -y && service chrony restart
#vai usar o ntp do ubuntu
FAÇA O HARDENING THE SERVER – ubuntu 20.x
apt clean
apt autoremove
adduser lst
adduser lst sudo
id lst
reboot
Faça login como lst
sudo -i
vi /etc/ssh/sshd_config
PermitRootLogin no
reboot
Tente login como root para testar
#Permitir ao usuario lst fazer shutdown
addgroup wheel
usermod -a -G wheel lst
vi /etc/sudoers
Add line:
%wheel ALL= NOPASSWD: /sbin/shutdown, /sbin/reboot
www-data ALL=NOPASSWD: /bin/mount, /bin/umount, /usr/bin/rsync, /sbin/reboot, /sbin/shutdown, /sites/controles/apis/rsyncCameraParaDiscoUSB.sh
ssh-keygen -t rsa
#PROXY
ssh-copy-id -p 65108 lst@proxy.lstimelapses.com.br
ssh-copy-id -p 65108 lst@proxy1.lstimelapses.com.br
ssh-copy-id -p 65108 lst@177.145.42.72
ssh-copy-id -p 65108 lst@187.64.131.115
ssh-copy-id lst@10.11.12.140
#PROXY2
ssh-copy-id lst@194.163.150.131
ssh-copy-id lst@proxy2.lstimelapses.com.br
#PROXY10
ssh-copy-id -p 65109 lst@proxy10.lstimelapses.com.br
# RSYNC para os portais
ssh-copy-id -p 65140 lst@portal.lstimelapses.com.br
ssh-copy-id -p 65140 lst@177.145.42.72
ssh-copy-id -p 65140 lst@187.64.131.115
#PORTAL10
ssh-copy-id -p 65118 lst@portal10.lstimelapses.com.br
ssh-copy-id -p 65118 lst@187.64.131.115
ssh-copy-id -p 65118 lst@177.145.42.72
Caso não funcione, vá ao servidor que vai receber a chave e altere as permissões da pasta do usuário para 755
sudo apt install ca-certificates apt-transport-https software-properties-common
add-apt-repository ppa:ondrej/php
add-apt-repository ppa:ondrej/apache2
add-apt-repository ppa:ondrej/nginx
grep -rhE ^deb /etc/apt/sources.list* | grep -i ondrej
apt update && apt upgrade
sudo apt install php -y
php -v
se instalar o 8.3
apt install -y php8.3 php8.3-cli php8.3-fpm php8.3-common php8.3-mysql php8.3-mysqli php8.3-zip php8.3-gd php8.3-mbstring php8.3-curl php8.3-xml php8.3-bcmath php8.3-soap php8.3-sqlite3 php8.3-fileinfo php8.3-iconv
Se instalar 8.4
apt install -y php8.4 php8.4-cli php8.4-fpm php8.4-common php8.4-mysql php8.4-mysqli php8.4-zip php8.4-gd php8.4-mbstring php8.4-curl php8.4-xml php8.4-bcmath php8.4-soap php8.4-sqlite3 php8.4-fileinfo php8.4-iconv
Instalar o nginx e remover o apache2
apt clean && apt autoremove && apt purge apache2 -y
apt install nginx -y
systemctl restart nginx
systemctl restart php8.4-fpm
cd /
Listar Partições
cat /proc/partitions
Criar partição única
(echo g; echo n; echo p; echo 1; echo “”; echo “”; echo w; echo q) | fdisk /dev/nvme0n1
reboot
Formatar
mkfs.ext4 /dev/nvme0n1p1
Mostrar o bloco
blkid /dev/nvme0n1p1
Adicione o UUID encontrado ao fstab
vi /etc/fstab
UUID=af769ab1-981d-4c3e-97a0-e38448230ed7 /media/nvme ext4 defaults 0 0
mkdir -p /media/nvme
chmod 777 /media/nvme
Run “mount” to check if the SSD is mounted successfully:
mount /media/nvme
You can reboot your board to check if your SSD will be automatically mounted:
reboot
mkdir /scripts && chown -R lst:lst /scripts && mkdir /logs && chown -R lst:lst /logs && mkdir /backups && chown -R lst:lst /backups && mkdir -p /DADOS/rsync_cameras_pendentes
mkdir -p /DADOS/cameras && mkdir -p /DADOS/rsyncCamerasPendentes
chown -R lst:lst /DADOS
Caso tenha nvme crie o link simbólico
ln -s /media/nvme/cameras cameras
Copie os scripts de outro servidor ativo na rede EX: lst10 ou do repositório do DSLST001 para a pasta /scripts
Copiar os arquivos de outros KITS
COPIAR DO PADRÂO
rsync -e “ssh -p 65140” -azvrh lst@portal.lstimelapses.com.br:/BACKUPS-TNASLST001/KITS/PADRAO/scripts/* /scripts
COPIAR DO LST06 por exemplo
rsync -e “ssh -p 65140” -azvrh lst@portal.lstimelapses.com.br:/BACKUPS-TNASLST001/KITS/lst06.lstimelapses.com.br/scripts/* /scripts
#scp -P 65110 -r backuplstz@dslst001.synology.me:/volume1/ARCHIVES-RECUPERACAO-RAPIDA/BACKUPS/KITS/lst30.lstimelapses.com.br/scripts/* /scripts
Troque as indicações do servidor antigo pelo servidor novo
find /scripts -name \*.ini -exec sed -i “s/lst33/lst36/g” {} \;
IPC: Verifique no arquivo settingsScripts.ini se TODAS as informações estão corretas
Rode os scripts de rsync para testar se esta tudo certo
Ex:
sh /scripts/rsyncConfiguracoes.sh
Veja se criou na pasta de BACKUP DOS KITS
Crie um arquivo de teste e teste o rsync
mkdir -p /DADOS/cameras/CAM-TESTE && cd /DADOS/cameras/CAM-TESTE && touch teste.jpg
#sh /scripts/rsyncCamerasPendentesRemovingSourceFiles.sh
sh /scripts/rsyncCamerasParaPortal.sh
Verifique se criou o arquivo no local correto e no portal correto
https://linuxhostsupport.com/blog/how-to-setup-reverse-ssh-tunnel-on-linux/
apt-get install autossh
Edite os dados de cada linha do autossh com as portas corretas
vi /scripts/ssh-tunnel-lstimelapses.sh
Nos proxys, edite o script colocando as portas corretas e teste a conexão
proxy2:# vi /scripts/ssh-tunnel-lst10.sh
Rode o /scripts/resetaAutoSSH.sh a cada 20min para reiniciar as conexões
Faça um reboot e verifique após 5m se o processo do autossh esta ligado
Faça um teste a partir do proxy1
Ex:
sh /scripts/ssh-tunnel-lst31.sh
Adicione o crontab copiado para o servidor atual
crontab < /scripts/crontabAtual.txt
#crontab /scripts/crontabAtual.txt
apt install vsftpd ftp ufw -y
systemctl enable vsftpd && systemctl start vsftpd
useradd -m ftpcameras
passwd ftpcameras
usermod -d /DADOS/cameras ftpcameras
useradd sftpcameras
passwd sftpcameras
usermod -d /DADOS/cameras sftpcameras
Coloca no mesmo grupo do ftpcameras
usermod -a -G ftpcameras sftpcameras
echo -e ‘#!/bin/sh\necho “This account is limited to FTP access only.”‘ | sudo tee -a /bin/ftponly
echo -e ‘#!/bin/sh\necho “FTP only.”‘ | sudo tee -a /bin/ftponly
sudo chmod a+x /bin/ftponly
echo “/bin/ftponly” | sudo tee -a /etc/shells
sudo usermod ftpcameras -s /bin/ftponly
Coloque as senhas padrão cadastradas na planilha
Habilitando o SFTP via SSHD
vi /etc/ssh/sshd_config
adicione ao final do arquivo
Match User sftpcameras
ForceCommand internal-sftp
PasswordAuthentication yes
ChrootDirectory /DADOS
PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no
Configurações do VSFTP
cp /etc/vsftpd.conf /etc/vsftpd.conf.bkp
rm /etc/vsftpd.conf
vi /etc/vsftpd.conf
Use essas configurações abaixo
listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
local_umask=0002
allow_writeable_chroot=yes
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
systemctl restart vsftpd
Dê as permissões de escrita corretas para o grupo ftpcameras
chown lst:ftpcameras /DADOS
chown -R ftpcameras:ftpcameras /DADOS/cameras
chmod -R ug+rwx /DADOS/cameras
Faça o teste conectando ao ftp e ao sftp por uma câmera para validar
Configurações do SFTP na câmera
mkdir /media/usb
apt install ntfs-3g
fdisk -l para descobrir a partição
mount -t auto /dev/sda1 /media/usb
apt install rsync
RSYNC DOS ARQUIVOS DAS CAMERAS
Copie os scripts de outro servidor do kit e altere o nome do servidor dentro dos scripts
Ou recrie os scripts..
vi /scripts/rsyncCameras.sh
##############################################################
#!/bin/bash
#######################################
# RSYNC PARA O PORTAL5
#######################################
INICIO=`date +%d/%m/%Y-%H:%M:%S`
#######################################
# RSYNC DA PASTA CAMERAS
#######################################
PASTAORIGEM=/media/nvme/cameras/
PASTADESTINO=root@portal5.lstimelapses.com.br:/cameras
rsync -zrvh –chmod=ugo=rwX $PASTAORIGEM $PASTADESTINO
##############################################################
Crontab para rodar o rsyncCameras periodicamente
*/5 * * * * flock -xn /tmp/rsyncCameras.lck -c “sh /scripts/rsyncCameras.sh” > /logs/cron-rsyncCameras.log
Habilita o Foward entre as interfaces (optional)
#echo net.ipv4.ip_forward=1 > /etc/sysctl.d/99-ip-forward.conf
Instale os sensores
apt install lm-sensors
sensors
cd /tmp
UBUNTU 20
wget https://repo.zabbix.com/zabbix/6.4/ubuntu-arm64/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu20.04_all.deb
dpkg -i zabbix-release_6.4-1+ubuntu20.04_all.deb
rm zabbix-release_6.4-1+ubuntu20.04_all.deb
UBUNTU 24
wget https://repo.zabbix.com/zabbix/6.4/ubuntu-arm64/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu24.04_all.deb
dpkg -i zabbix-release_6.4-1+ubuntu24.04_all.deb
rm zabbix-release_6.4-1+ubuntu24.04_all.deb
# LATEST VERSION
wget https://repo.zabbix.com/zabbix/7.2/release/ubuntu/pool/main/z/zabbix-release/zabbix-release_latest_7.2+ubuntu24.04_all.deb
dpkg -i zabbix-release_latest_7.2+ubuntu24.04_all.deb
rm zabbix-release_latest_7.2+ubuntu24.04_all.deb
apt update && apt upgrade
apt install zabbix-agent2
Para configurar
cd /etc/zabbix
cp zabbix_agent2.conf zabbix_agent2.conf.bkp
rm zabbix_agent2.conf
vi zabbix_agent2.conf
deixe somente as linhas abaixo e troque o hostname, Server e ServerActive se necessário
#################################################################
PidFile=/var/run/zabbix/zabbix_agent2.pid
LogFile=/var/log/zabbix/zabbix_agent2.log
LogFileSize=0
Server=mon1.lstimelapses.com.br, mon2.lstimelapses.com.br, 10.11.12.106, 177.145.42.72, 187.64.131.115
ServerActive=mon1.lstimelapses.com.br, mon2.lstimelapses.com.br, 10.11.12.106, 177.145.42.72, 187.64.131.115
Hostname=lst35
RefreshActiveChecks=60
Include=/etc/zabbix/zabbix_agent2.d/*.conf
UnsafeUserParameters=1
UserParameter=system.CPUTemp, sensors 2> /dev/null | grep -m1 crit | cut -c 16-19
UserParameter=system.DiskUsageRoot, df -H | grep -vE ‘^Filesystem|tmpfs|cdrom|loop|udev|nvme’ | awk ‘{ print $5 }’
ControlSocket=/tmp/agent.sock
Include=./zabbix_agent2.d/plugins.d/*.conf
#UserParameter=cluster1.cpuTemperature,sensors | grep crit | cut -c 16-19
#################################################################
systemctl restart zabbix-agent2
systemctl enable zabbix-agent2
systemctl status zabbix-agent2
Vá ao monitoramento.lstimelapses.com.br e clone algum servidor antigo para o novo
ou faça do zero…
Crie o item de monitoramento de temperatura… no host adicionado
Monitorar Temperatura
https://myopsblog.wordpress.com/2016/06/06/cpu-temperature-monitoring-with-zabbix/
Pegar somente a temperatura do Processador
sensors 2> /dev/null | grep -m1 crit | cut -c 16-19
Crie um item e faça o monitoramento da CPU Temp no zabbix
apt clean && apt autoremove && apt purge apache2 -y
apt install nginx -y
rm /etc/nginx/sites-available/default
rm /etc/nginx/sites-enabled/default
crie o controles.conf em /etc/nginx/conf.d com as informações abaixo
vi /etc/nginx/conf.d/controles.conf
server {
listen 80;
#add_header Access-Control-Allow-Origin *;
root /sites/controles;
index index.php index.html;
location / {
try_files $uri $uri/ @ext;
}
location ~ \/\.php {
rewrite “^(.*)\/.php” $1.php last;
}
location @ext {
rewrite “^(.*)$” $1.php;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.4-fpm.sock;
}
}
systemctl restart nginx
mkdir -p /sites/controles
rsync -e “ssh -p 65140” -azvrh lst@portal.lstimelapses.com.br:/BACKUPS-TNASLST001/SITES/controles/* /sites/controles
Libere acesso ao ping pelo usuario www-data
sudo chmod u+s /bin/ping
Teste se o ping funciona
sudo -u www-data ping 192.168.180.1
Teste para ver se o servidor esta ok
wget localhost
Se vier erro 502, instale o PHP novamente
EX:
lst31-1.lstimelapses.com.br
lst31-2.lstimelapses.com.br
lst31-3.lstimelapses.com.br
# WEB PROXY1
pidof autossh >/dev/null && echo “Tunnel AutoSSH [WEB na porta 80 para PROXY1] Running ok!” || autossh -N -i /root/.ssh/id_rsa -p 65108 lst@proxy1.lstimelapses.com.br -o ServerAliveInterval=15 -o “ServerAliveCountMax 3” -o “ConnectTimeout 10” -o “ExitOnForwardFailure yes” -R 3180:localhost:80 & >/dev/null 2>&1
# WEB PROXY1
pidof autossh >/dev/null && echo “Tunnel AutoSSH [WEB na porta 80 para PROXY1] Running ok!” || autossh -N -i /root/.ssh/id_rsa -p 65108 lst@proxy1.lstimelapses.com.br -o ServerAliveInterval=15 -o “ServerAliveCountMax 3” -o “ConnectTimeout 10” -o “ExitOnForwardFailure yes” -R 31080:localhost:80 & >/dev/null 2>&1
# WEB PROXY1
pidof autossh >/dev/null && echo “Tunnel AutoSSH [WEB na porta 80 para PROXY1] Running ok!” || autossh -N -i /root/.ssh/id_rsa -p 65108 lst@proxy1.lstimelapses.com.br -o ServerAliveInterval=15 -o “ServerAliveCountMax 3” -o “ConnectTimeout 10” -o “ExitOnForwardFailure yes” -R 51080:localhost:80 & >/dev/null 2>&1
##############################################################################################
## LST32
##############################################################################################
acl is_lst32_1 hdr_end(host) -i lst32-1.lstimelapses.com.br
acl is_lst32_2 hdr_end(host) -i lst32-2.lstimelapses.com.br
acl is_lst32_3 hdr_end(host) -i lst32-3.lstimelapses.com.br
use_backend lst32_1 if is_lst32_1
use_backend lst32_2 if is_lst32_2
use_backend lst32_3 if is_lst32_3
backend lst32_1
server lst32_1 127.0.0.1:3280
backend lst32_2
server lst32_2 127.0.0.1:32080
backend lst32_3
server lst32_3 127.0.0.1:52080
##############################################################################################
https://lst31-1.lstimelapses.com.br/
utilize a senha padrão “@1” para testar o acesso
Se der erro de certificado
certbot certonly
depois sh /scripts/criarCertificadoParaHaproxy.sh lst31-1.lstimelapses.com.br
LIVESTREAMING DE IMAGENS DE CÂMERAS IP OU NVR USANDO RTSP
Vamos habilitar o livestreaming das câmeras ou do NVR utilizando o mediamtx para gerar um servidor HLS a partir do stream RTSP das câmeras.
EX: Fazer o streaming de do NVR
URL RTSP do canal 1/stream LOW do NVR rtsp://lststreaming:Mumbrega1@192.168.180.150/cam/realmonitor?channel=1&subtype=1
PASSOS (Se não tiver sido copiado antes)
mkdir /scripts/mediaMTX
cd /scripts/mediaMTX
wget https://github.com/bluenviron/mediamtx/releases/download/v1.8.5/mediamtx_v1.8.5_linux_armv7.tar.gz
gzip -d mediamtx_v1.8.5_linux_armv7.tar.gz
tar xvf mediamtx_v1.8.5_linux_armv7.tar
chmod -R a+x /scripts/mediaMTX/mediamtx
chmod a+x /scripts/mediaMTX/startMediaMTX.sh
Crie o path do streaming abaixo de paths:
vi mediamtx.yml
paths:
CAM170-yb71762:
source: rtsp://admin:Manoel00@192.168.180.170/Preview_01_sub
CAM170-yb71762-main:
source: rtsp://admin:Manoel00@192.168.180.170/Preview_01_main
Faça o teste para ver se localmente o streaming esta funcionando.
https://192.168.180.170:8888/CAM170-yb71762/index.m3u8
https://192.168.180.170:8888/CAM170-yb71762-main/index.m3u8
Faça o teste pelo vlc abrindo uma transmissão de rede para a URLHLStream.
#Adicione os redirecionamentos no controles.conf do nginx
vi /etc/nginx/conf.d/controles.conf
location /CAM170-yb71762/ {
proxy_pass http://127.0.0.1:8888/CAM170-yb71762/;
}
location /CAM170-yb71762-main/ {
proxy_pass http://127.0.0.1:8888/CAM170-yb71762-main/;
}
No MYSQL acrescente os streaming do HLS para a câmera
ex:
https://lst33.lstimelapses.com.br/CAM170-yb71762/index.m3u8
https://lst33.lstimelapses.com.br/CAM170-yb71762-main/index.m3u8
Faça o teste para ver se remotamente o streaming esta funcionando.
https://lst33.lstimelapses.com.br/CAM170-yb71762/
Crie o script para iniciar o mediamtx
vi /scripts/mediaMTX/startMediaMTX.sh
cd /scripts/mediaMTX
/scripts/mediaMTX/mediamtx &
chmod a+x startMediaMTX.sh
Crie o crontab para rodar o mediamtx
crontab -e
adicione as linhas
#Liga o mediaMTX – LIVE STREAMING HLS e verifica se estaligado a cada 1m
*/1 * * * * flock -xn /tmp/mediaMTX.lck -c “/scripts/mediaMTX/startMediaMTX.sh” > /logs/mediaMTX.log
PARA FINALIZAR
apt clean
apt autoremove
LIVESTREAMING DE IMAGENS DE CÂMERAS DSLR USANDO GPHOTO2
Instale o gphoto2
Instale o mediamxt e inicie
Rode o script abaixo para iniciar o streaming da DSLR para RTSP
vi startStreamingDSLR2RTSP.sh
gphoto2 –capture-movie –stdout | ffmpeg -re -i pipe:0 -listen 1 -c:v libx264 -preset ultrafast -tune zerolatency -b:v 500k -c:a aac -strict experimental -f rtsp rtsp://localhost:8554/dslr 2>&1 > /dev/null
Veja se o streaming esta ok no VLC apontando para url do rtsp.
rtsp://192.168.180.100:8554/dslr
Se estiver ok, agora inclua no mediamxt.yml as seguintes linhas
paths:
# example:
dslrhls:
source: rtsp://192.168.180.100:8554/dslr
inicie o mediamtx e inicie o script startStreamingDSLR2RTSP.sh
Veja se o streaming esta ok no VLC apontando para url do HLS.
http://192.168.180.100:8888/dslrhls/index.m3u8
apt install apache2
sudo a2enmod proxy proxy_http proxy_balancer lbmethod_byrequests
systemctl enable apache2
systemctl restart apache2
vi /etc/apache2/ports.conf
Listen 80
# Roteador Interno
Listen 8888
# de acordo com o ip das câmeras ligadas ao servidor
Listen 8236
vi /etc/apache2/sites-available/000-default.conf
<VirtualHost *:8888>
# ROTEADOR
ProxyPreserveHost On
ProxyPass / http://192.168.180.1/
ProxyPassReverse / http://192.168.180.1/
</VirtualHost>
<VirtualHost *:8236>
# CAM236
ProxyPreserveHost On
ProxyPass / http://192.168.180.236/
ProxyPassReverse / http://192.168.180.236/
</VirtualHost>
Criar os hostnames do servidor no DNS apontando TODOS para proxy.lstimelapses.com.br
lstsrvkit6.lstimelapses.com.br
lstsrvkit6nvr.lstimelapses.com.br
lstsrvkit6roteador.lstimelapses.com.br
lstcam236.lstimelapses.com.br
Configurar o haproxy.cfg com os dados do novo servidor
reboot
https://docs.shinobi.video/installation/ninja-way
Acesse a interface e troque a senha
https://lstsrvkit7nvr.lstimelapses.com.br/super
usuario: admin@shinobi.video
senha: admin
E crie uma API KEY
Crie o usuario padrão no NVR – Shinobi
monitoramento@lstimelapses.com.br
Defina as pastas de vídeo para o NVME
Coloque o Max Storage deste usuário como metade da capacidade do NVME
Se precisar desinstalar o shinobi – https://hub.shinobi.video/articles/view/Ebna1Xo9S43ZPnd
apt install snapd
snap install –classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
certbot certonly
https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-22-04
Mude a pasta de dados
vi /etc/docker/daemon.json
{
“data-root”: “/media/nvme/docker-data“
}
ou
In /etc/default/docker or whatever location it exists in your system, change the following to something like this:
DOCKER_OPTS=”–dns 8.8.8.8 –dns 8.8.8.4 -g /drive/location
https://www.home-assistant.io/installation/raspberrypi#docker-compose
Troque o data root do docker para o nvme
Crie a pasta /media/nvme/HASS
Para executar o container
docker run -d \
–name homeassistant \
–privileged \
–restart=unless-stopped \
-e TZ=America/Sao_Paulo \
-v /media/nvme/HASS:/config \
-v /run/dbus:/run/dbus:ro \
–network=host \
ghcr.io/home-assistant/home-assistant:stable
Teste acessando: http://ip:8123
TESTES FINAIS
Teste o ssh pela monitoramento e pelo proxy
sh /scripts/ssh-tunnel-lstsrvkit07.sh
Teste se os scripts de RSYNC estão funcionando
sh /scripts/rsyncxxxx
Teste o acesso ao LIVE STREAMING
(SE CONFIGURADO)
https://streaminglst10.lstimelapses.com.br/nvr150_1
Verificar se o servidor apareceu no zabbix
Cadastre o servidor em https://controles.lstimelapses.com.br
NET TOOLS
apt install nmap
IP SCAN
nmap -sP 192.168.180.0/24
INSTALAR MODULOS PARA UTILIZAÇÃO DA CAMERA DSLR
aps install gphoto2
apt install sqlite3
BACKUP EMMC AO FINAL DA CONFIGURAÇÃO PARA UM SDCARD
fdisk -l
Ache o /dev do emmc e do sdcard e troque abaixo
dd if=/dev/mmcblk2 of=/dev/sdc bs=100M
https://wiki.friendlyelec.com/wiki/index.php/NanoPC-T6
Instalar via SD usando eFlasher para escrever na eeprom
Baixar – rk3588-sd-ubuntu-jammy-minimal-5.10-
Escrever no SDCARD com win32image
Colocar sdcard e fazer boot e aguardar o flash..Aguarde o LED System ficar slow
Retirar sd card e dar boot novamente.
Interfaces
ETH0 – REDE CABEADA DO CLIENTE RECEBENDO VIA DHCP – DHCP
ETH1 – REDE INTERNA DO KIT – LIGAR AO ROTEADOR OU SWITCH – 192.168.2.100
USB0 – 4G – INSTALAR O CHIP DA OPERADORA – 192.168.225.1
Mudar ip das interfaces ETH
ETH0 – DHCP (não alterar) – LIGAR NA INTERNET CABEADA
ETH1 – 192.168.2.100 – LIGAR NO ROTEADOR WIFI e configurar ele como 192.168.2.1
vi /etc/network/interfaces.d/eth1
auto eth1
iface eth1 inet static
address 192.168.2.100
netmask 255.255.255.0
gateway 192.168.2.1 # Desligar o gateway quando estiver usando 4G
dns-nameservers 8.8.8.8 8.8.4.4
Para iniciar
Conecte o cabo de rede na eth0 – DHCP
Busque o ip recebido para dar ssh
Default Username
User Name: root
Password: fa
mude a senha do root e faça shutdown
Instalação do 4G
Coloque o chip 4G, ligue o nanopc sem o cabo de rede e teste para ver se esta conectando normalmente a internet
Se estiver ok.
Conecte o cabo de rede na ETH0
Descubra o ip da eth0 com ifconfig
Conecte via SSH
Desligue o 4G para fazer as configurações restantes
ifconfig usb0 down
Habilite o Route entre as interfaces para permitir que a ETH1 fale com a internet via USB0 (4G)
vi /etc/sysctl.conf
uncomment net.ipv4.ip_forward=1
ou
sed -i ‘/net.ipv4.ip_forward/s/^#//’ /etc/sysctl.conf
ou
echo 1 > /proc/sys/net/ipv4/ip_forward
sysctl -p
sysctl net.ipv4.ip_forward
Install IPTABLES
apt install iptables
iptables -t nat -A POSTROUTING -o usb0 -j MASQUERADE
# Permitir que eth1 fale com usb0 (4G)
iptables -A FORWARD -i usb0 -o eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o usb0 -j ACCEPT
# Permitir que eth0(dhcp – rede do cliente) fale com eth1
iptables -A FORWARD -i eth0 -o eth1 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
apt install iptables-persistent
iptables-save > /etc/iptables/rules.v4
Instalar DHCP na eth1 (apenas quando estiver usando 4G)
apt install isc-dhcp-server -y
vi /etc/default/isc-dhcp-server
—-
INTERFACESv4=”eth1″
—-
Comment out the domain name server parameters as we are not using any DNS server,
#option domain-name “example.org”;
#option domain-name-servers ns1.example.org, ns2.example.org;
Uncomment
authoritative;
Add the subnet and IP address range to be used for DHCP Server. Also specify the ip address of enp0s8 interface as routers.
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.20 192.168.2.40;
option routers 192.168.2.100;
}
Save and exit the file
sudo systemctl start isc-dhcp-server
sudo systemctl enable isc-dhcp-server
sudo systemctl status isc-dhcp-server
weather Station – nanopi 2 zero
sudo apt install i2c-tools device-tree-compiler
