I thought I’d share my experience doing this, as it was quite a pain, and maybe this will help someone else. It contains the process I took to set it all up, and the workarounds, and solutions that I found along the way.
lsblk
(/dev/sdd
, in my case).podman-compose
(as seen here), and it lacked a desktop environment, which I wanted, as I was running it headless.dd if=<downloaded-raspbian-image> of=<drive-device> BS=50M status=progress
<downloaded-raspbian-image>
is the path to the file downloaded from step 3.<drive-device>
is the device that corresponds to the SD card, as found in step 2.2.BS=50M
I found that 50M is an adequately sized buffer size. I tested some from 1M to 100M.status=progress
is a neat option that shows you the live status of the command’s execution (write speed, how much has been written, etc.).ssh
at the “root of the SD card”. This is, unfortunately, rather misleading. What one must actually do is put that file in the root of the boot partition. That is not to say the directory /boot
contained in the root partition, rootfs
, but, instead, it must be placed within the boot partition, bootfs
(bootfs
, and rootfs
are the two partitions written to the SD card whe you flash the downloaded image). So the proper path would be <bootfs>/ssh
. I simply mounted bootfs
within my file manager, but, without that, I would have had to manually locate which partition corresponded to that, and mount it manually to be able to create the file. The ownership of the file didn’t seem to matter — it was owned by my user, rather than root (as was every other file in that directory, it seemed).<bootfs>/etc/ssh/sshd_config
PasswordAuthentication yes
(I just found the line that contained PasswordAuthentication
, uncommented the line, and set it to yes
).<rootfs>/etc/hostname
and replacing it with one that I wanted.<bootfs>/userconf.txt
— that is, create a file named userconf.txt
in the bootfs
partition (again, poorly documented here).<username>
is the chosen username for the user.<password>
is the salted hash of your chosen password, which is generated by running openssl passwd -6
and following its prompts.ping <hostname>.local
to see when it comes online (where <hostname>
is yor chosen hostname).ssh <username>@<hostname>.local
(You’ll of course need mDNS, like Avahi, setup on your device running SSH).sudo apt update && sudo apt upgrade
sudo apt install podman
(the socket gets automatically started by apt
).sudo apt install podman-compose
.compose.yaml
. Written using the official as reference, it contains the following:version: "3"
services:
pihole:
container_name: pihole
image: docker.io/pihole/pihole:latest
ports:
- "<host-ip>:53:53/tcp"
- "<host-ip>:53:53/udp"
- "80:80/tcp"
environment:
TZ: '<your-tz-timezone>'
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
<host-ip>
is the ip of the device running the container. The reason for why this is needed can be found in the solution of this post.<your-tz-timezone>
is your timezone as listed here.image: docker.io/pihole/pihole:latest
, docker.io
is necessary, as Podman does not default to using hub.docker.com.restart: unless-stopped
policy. Apparently, podman-compose currently doesn’t support restart policies. One would have to create a Systemd service (which I personally think is quite ugly to expect of a user) to be able to restart the service at boot.podman-compose --podman-pull-args="--arch=arm/v6" pull
--podman-pull-args="--arch=arm/v6"
is necessary as podman-compose
doesn’t currently support specifying the platform
in the compose file.
armv6
(you can see this architecture mentioned here under “latest”)./etc/sysctl.conf
, and add the line net.ipv4.ip_unprivileged_port_start=53
. This allows all non-priveleged users to access ports >=53. Not great, but it’s what’s currently needed. You can avoid this step by running step 12, and 14 as sudo.sysctl -p
podman-compose up -d
.
podman-compose ps
shows that the container is “unhealthy”. This should go away after about a minute, or so. I think it’s just in that state while it starts up.http://<host-ip>/admin
.
podman-compose logs | grep random
. The password is randomly generated everytime the container starts. If you want to set your own password, then you have to specify it in the compose file as mentioned here.A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
This is a great writeup of errata related to this configuration! I am curious what kind of performance you’re seeing for DNS requests considering how old and anemic the first gen Pi is
I haven’t done any rigorous tests to gather empirical data for an accurate comparison, but, annectdotally, it, at least, doesn’t feel any slower than when I had my router (Linksys E8450) resolving to Cloudflare.