46
submitted
8 months ago* (last edited 8 months ago)
by
Kalcifer@sh.itjust.works
to
c/selfhosted@lemmy.world
I thought I'd share my experience doing this, as it was quite a pain, and maybe this will help someone else. It contains the process I took to set it all up, and the workarounds, and solutions that I found along the way.
- Hardware that I used: Raspberry Pi 1 Model B rev 2.0, SanDisk Ultra SD Card (32GB).
- I had issues using the Raspberry Pi Imager (v1.8.5, Flatpak): It initially flashed pretty quickly, but the verification process was taking an unreasonably long time — I waited ~30mins before giving up, and cancelling it; so, I ended up manually fashing the image to the SD card:
- I connected the SD card to a computer (running Arch Linux).
- I located what device corresponded to it by running
lsblk
(/dev/sdd
, in my case). - I downloaded the image from here. I specifically chose the "Raspberry Pi OS Lite" option, as it was 32-bit, it had Debian Bookworm, which was the version needed for
podman-compose
(as seen here), and it lacked a desktop environment, which I wanted, as I was running it headless. - I then flashed the image to the SD card with
dd if=<downloaded-raspbian-image> of=<drive-device> BS=50M status=progress
<downloaded-raspbian-image>
is the path to the file downloaded from step 3.<drive-device>
is the device that corresponds to the SD card, as found in step 2.2.BS=50M
I found that 50M is an adequately sized buffer size. I tested some from 1M to 100M.status=progress
is a neat option that shows you the live status of the command's execution (write speed, how much has been written, etc.).
- I enabled SSH for headless access. This was rather poorly documented (which was a theme for this install).
- To enable SSH, as noted here, one must put an empty file named
ssh
at the "root of the SD card". This is, unfortunately, rather misleading. What one must actually do is put that file in the root of the boot partition. That is not to say the directory/boot
contained in the root partition,rootfs
, but, instead, it must be placed within the boot partition,bootfs
(bootfs
, androotfs
are the two partitions written to the SD card whe you flash the downloaded image). So the proper path would be<bootfs>/ssh
. I simply mountedbootfs
within my file manager, but, without that, I would have had to manually locate which partition corresponded to that, and mount it manually to be able to create the file. The ownership of the file didn't seem to matter — it was owned by my user, rather than root (as was every other file in that directory, it seemed). - One must then enable password authentication in the SSH daemon, otherwise one won't be able to connect via SSH using a password (I don't understand why this is not the default):
- Edit
<bootfs>/etc/ssh/sshd_config
- Set
PasswordAuthentication yes
(I just found the line that containedPasswordAuthentication
, uncommented the line, and set it toyes
).
- Edit
- To enable SSH, as noted here, one must put an empty file named
- I changed the hostname by editing
<rootfs>/etc/hostname
and replacing it with one that I wanted. - I created a user (the user is given sudo priveleges automatically)
- Create a file at
<bootfs>/userconf.txt
— that is, create a file nameduserconf.txt
in thebootfs
partition (again, poorly documented here). - As mentioned in that documentation, add a single line in that file of the format `:, where
<username>
is the chosen username for the user.<password>
is the salted hash of your chosen password, which is generated by runningopenssl passwd -6
and following its prompts.
- Create a file at
- Plug the SD card into the Pi, plug in power, and wait for it to boot. This is an old Pi, so it takes a good minute to boot fully and become available. You can ping it with
ping <hostname>.local
to see when it comes online (where<hostname>
is yor chosen hostname). - SSH into the Pi with
ssh <username>@<hostname>.local
(You'll of course need mDNS, like Avahi, setup on your device running SSH). - Make sure that everything is updated on the Pi with
sudo apt update && sudo apt upgrade
- Install Podman with
sudo apt install podman
(the socket gets automatically started byapt
). - Install Podman Compose with
sudo apt install podman-compose
. - Create the compose file
compose.yaml
. Written using the official as reference, it contains the following:
version: "3"
services:
pihole:
container_name: pihole
image: docker.io/pihole/pihole:latest
ports:
- "<host-ip>:53:53/tcp"
- "<host-ip>:53:53/udp"
- "80:80/tcp"
environment:
TZ: '<your-tz-timezone>'
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
<host-ip>
is the ip of the device running the container. The reason for why this is needed can be found in the solution of this post.<your-tz-timezone>
is your timezone as listed here.- For the line that contains
image: docker.io/pihole/pihole:latest
,docker.io
is necessary, as Podman does not default to using hub.docker.com. - Note that there isn't a
restart: unless-stopped
policy. Apparently, podman-compose currently doesn't support restart policies. One would have to create a Systemd service (which I personally think is quite ugly to expect of a user) to be able to restart the service at boot.
- (NOTE: if you wan't to skip step 13, run this command as sudo) Pull the image with
podman-compose --podman-pull-args="--arch=arm/v6" pull
--podman-pull-args="--arch=arm/v6"
is necessary aspodman-compose
doesn't currently support specifying theplatform
in the compose file.- Specifying the architecture itself is required as, from what I've found, Podman appears to have a bug where it doesn't properly recognize the platform of this Pi, so you have to manually specify which architecture that it is i.e.
armv6
(you can see this architecture mentioned here under "latest").
- Specifying the architecture itself is required as, from what I've found, Podman appears to have a bug where it doesn't properly recognize the platform of this Pi, so you have to manually specify which architecture that it is i.e.
- This took a little while on my Pi. The download rate was well below my normal download rate, so I assume the single threaded CPU is just being too bogged down to handle a high download rate.
- Don't be concerned if it stays at the "Copying blob..." phase for a while. This CPU is seriously slow.
- Allow podman to use ports below 1024, so that it can run rootless:
- Edit
/etc/sysctl.conf
, and add the linenet.ipv4.ip_unprivileged_port_start=53
. This allows all non-priveleged users to access ports >=53. Not great, but it's what's currently needed. You can avoid this step by running step 12, and 14 as sudo. - Apply this with
sysctl -p
- Edit
- (NOTE: if you wan't to skip step 13, run this command as sudo) Start the container with
podman-compose up -d
.- It will take a while to start. Again, this Pi is slow.
- Don't worry if
podman-compose ps
shows that the container is "unhealthy". This should go away after about a minute, or so. I think it's just in that state while it starts up.
- Access the Pihole's admin panel in a browser at
http://<host-ip>/admin
.- The password is found in the logs. You can find it with
podman-compose logs | grep random
. The password is randomly generated everytime the container starts. If you want to set your own password, then you have to specify it in the compose file as mentioned here.
- The password is found in the logs. You can find it with