#as user cat < ~/.tmux.conf # Rebind to Ctrl-a set -g prefix C-a unbind C-b bind a send-prefix bind C-a last-window bind '"' choose-window # Rebind pane splitting unbind % bind - split-window -v bind _ split-window -h # Set status bar set -g status-bg colour236 set -g status-fg white set -g status-left '#[fg=green]#H' # Highlight active window setw -g window-status-style fg=cyan,bg=colour164,dim setw -g window-status-current-style fg=white,bg=red,bright # Force 256 colors set -g default-terminal "screen-256color" EOF ###################### # set auto login ssh public key mkdir ~/.ssh echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCydiLwWmO+qfZ7o9jVC6PlosuZUAcQzQwLhlVUbrSSPQV6Mww7VOa4nV+vufHe6R9bcWq/TntE9oNPpmqfXcHc2xIevVWsAroBWEzQz54YHDkWRpq3aSBhoDn0DBYVT83qnE8hQc6btmz9g3h7lXvSZo7gIpDKwMT3RFSENYbRFzzXDkwhTNMDB0fGonm2O4vwscC9JBD3+mmk5w/F/Q4MHHw9wh4MWFsniIem5f8lnhMoZOyAVInbLnSxxFoO8VRY4t7ZDOUK6m40q9gAlVBSOZ405VOLJbYOq8gaZ0DfGA9OITy45W8lNlvaGOYtkW0O3YHBRL4yi5c8SOO7GITwOQEEHLFbHBSr9x1/ue091NNpb/m5AmVEnRrBNYRZPx1tLKUmGieoZHTyLd2P7PTFMRp20s/DFoyRRVchyptNYsgEjENeQvl0scpbiZKJY5QsfjP+xiVqgZcotd4NxFwJodGQ5L8hY0l6aHTqLFnvfiMN2b1bETD7WDqOW1S7xxfQAfBWJW8lEnaVoXxUVxDdVnO7JGYly3105eVm+MLadpTgdwpkchmH19kliFMtHlPxvbeHaLkliAIBd/GFc2WjSsGvghhh6s2atcpXZMuSu0al0YDxGfuTA3CGs6V4Cw7hYr3wok+G9vtFuztrTwVDZ+5xFtlL4X2ALpdM6vJDyw== dth@imac27" >> ~/.ssh/authorized_keys ###################### #change to root sudo -s #add this to /etc/hosts on every machine: cat <> /etc/hosts 192.168.42.138 swfollower2 192.168.42.139 swfollower1 192.168.42.140 swmaster 192.168.42.141 swv1 192.168.42.142 swv2 192.168.42.143 swv3 192.168.42.144 swv4 192.168.42.145 swv5 192.168.42.146 swv6 192.168.42.147 swv7 EOF echo "" > /etc/motd mkdir /etc/sweaweedfs #use cache to speedup download cat <> /etc/apt/apt.conf Acquire::http::Proxy "http://cache:3142/"; Acquire::https::Proxy "DIRECT"; EOF #install swapfile #dd if=/dev/zero of=/swapfile1 bs=2048 count=524288 #chmod 600 /swapfile1 #mkswap /swapfile1 #echo "/swapfile1 none swap defaults 0 0" >> /etc/fstab #swapon -a apt update apt -y dist-upgrade #apt -y install vim xfsprogs procinfo mosh tmux hdparm hddtemp iperf3 rsync #since bookworm no more hddtemp, use smartctl instead apt -y install vim xfsprogs procinfo mosh tmux hdparm smartmontools iperf3 rsync btop htop apt -y install curl wget zip git build-essential autoconf automake libffi-dev zlib1g-dev libssl-dev #remove odroidxu4 reference from /etc/hosts sed -i "s/odroidxu4//" /etc/hosts #edit hostname vi /etc/hostname #Tuning mv /etc/sysctl.conf /etc/sysctl.conf.ORIG cat < /etc/sysctl.conf ## ARM Tuning kernel.printk = 3 4 1 3 vm.min_free_kbytes = 16384 ## Out-of-the-box Raspbian Hardening fs.protected_hardlinks = 1 fs.protected_symlinks = 1 ## Out-of-the-box Debian Hardening vm.mmap_min_addr = 32768 kernel.kptr_restrict = 1 kernel.yama.ptrace_scope = 1 net.ipv4.conf.default.rp_filter=1 net.ipv4.conf.all.rp_filter=1 net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2 ## Security / Hardening kernel.sysrq = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv6.conf.eth0.disable_ipv6 = 1 net.netfilter.nf_conntrack_tcp_loose = 0 ## Performance over security net.ipv4.tcp_syncookies = 0 net.ipv4.tcp_timestamps = 0 ## Network Performance net.ipv4.tcp_window_scaling = 1 net.core.rmem_max = 268435456 net.core.rmem_default = 67108864 net.core.wmem_max = 268435456 net.core.wmem_default = 67108864 net.core.optmem_max = 2097152 net.ipv4.tcp_rmem = 1048576 67108864 268435456 net.ipv4.tcp_wmem = 1048576 67108864 268435456 net.ipv4.tcp_mem = 1048576 67108864 268435456 net.ipv4.udp_mem = 1048576 67108864 268435456 net.core.netdev_max_backlog = 10000 net.ipv4.tcp_no_metrics_save = 1 ## Memory / Cache Management vm.overcommit_memory = 1 # vm.dirty_background_ratio = 3 vm.dirty_ratio = 10 vm.vfs_cache_pressure = 120 EOF #time synchronisation #cat <> /etc/systemd/timesyncd.conf #NTP=192.168.42.1 #EOF #timedatectl set-ntp true #initialize the disk #wipe old data <- destructive command ! dd if=/dev/zero of=/dev/sda bs=512 count=4096 #use either parted or gdisk to make GPT partition table parted --align optimal /dev/sda mklabel gpt y mkpart seaweedfs 0% 100% #control-d to exit parted #####format with XFS filesystem #without encryption #format partition sudo mkfs.xfs -f /dev/sda1 #find uuid UUID=$(blkid -o value -s UUID "/dev/sda1") #blkid -o value -s UUID "/dev/sda1" | tee /tmp/UUID mkdir -p /data/data1 #make things right in /etc/fstab echo "UUID="$UUID" /data/data1 xfs rw,noexec,nodev,noatime,nodiratime,largeio,inode64 0 2" >> /etc/fstab #now is a good to reboot to see if login ssh without password works ################## SMARTMONITORING ########### apt -y install smartmontools sed -i "s/#start_/start_/" /etc/default/smartmontools systemctl enable smartmontools sed -i "s/exit 0//" /etc/rc.local echo "sleep 10;" >> /etc/rc.local echo "service lizardfs-chunkserver restart" >> /etc/rc.local echo "exit 0;" >> /etc/rc.local ############ install go language cd /tmp wget -c https://golang.org/dl/go1.21.6.linux-amd64.tar.gz -O - | sudo tar -xz -C /usr/local #amd64 wget https://go.dev/dl/go1.21.6.linux-armv6l.tar.gz -O - | sudo tar -xz -C /usr/local #arm32 cd /usr/local/bin/ ln -s ../go/bin/go #check version of binary in $PATH go version ############ install seasweedfs cd /usr/src/ git clone https://github.com/chrislusf/seaweedfs.git cd seaweedfs/ time make install #HC2 results on armbian #real 6m36.486s #user 29m4.738s #sys 4m13.646s #amd64 results on VM under proxmox #real 2m52.892s #user 2m24.860s #sys 0m14.915s #filer5 #real 1m2.810s #user 4m56.561s #sys 0m37.509s cp ~root/go/bin/weed /sbin/ weed version # -> version 30GB 3.61 linux arm ############ master server #create directory where store the maximum of generated volume id's are stored: mkdir /var/lib/seaweedfs cat < /etc/systemd/system/seaweedmaster.service [Unit] Description=SeaweedFS Master After=network.target [Service] Type=simple User=root Group=root ExecStart=/sbin/weed master -defaultReplication="001" WorkingDirectory=/usr/local/go/bin/ SyslogIdentifier=seaweedfs-master [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl start seaweedmaster.service systemctl enable seaweedmaster.service ############ volume server cat < /etc/systemd/system/seaweedvolume.service [Unit] Description=SeaweedFS volume After=network.target [Service] Type=simple User=root Group=root ExecStart=/sbin/weed volume -dir="/data/data1" -max=10 -mserver="swmaster:9333" -port=8080 WorkingDirectory=/usr/local/go/bin/ SyslogIdentifier=seaweedfs-volume [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl start seaweedvolume.service systemctl enable seaweedvolume.service