Skip to content

Install

Jump to bottom Edit New page
Carl Karsten edited this page Feb 15, 2026 · 14 revisions

How to install the server (where everything gets installed to) on bare metal.

Summary:

  1. build base Debian box ready for Ansible.
  2. Ansible part 1: Everything needed to netboot a pi, and the public facing server bits.
  3. Put server into maintenance mode (pi has RW access to the NFS files.)
  4. Boot a pi, do more Ansible.
  5. Put server into production mode.

Step 1

Install the OS using the DebCof Video team box building process:

https://github.com/CarlFK/veyepar/wiki/System-Stack#what-to-do-first

When the setup process asks for hostname: voctotest (default) replace voctotest with base. (we don't want a video mixer, we want a simple base Debian box.)

Step 2

Once the base install is done: setup ssh keys, ip address, hostname.

ssh in:

sudo apt-get update --allow-releaseinfo-change; sudo apt upgrade

sudo apt install ssh-import-id
sudo ssh-import-id carlfk # give root your own public key

sudo vim /etc/hostname /etc/hosts

Use your inventory parameters and the DC Video Team playbook to setup a pxe server:

Clone this repo and the dc-video team ansible next to each other:

git clone https://github.com/CarlFK/pici
git clone https://salsa.debian.org/debconf-video-team/ansible dc_a

(in the following examples, replace negk with your hostname)
  • put your machine's hostname in ansible/inventory/hosts under [pxe] and [xyz]
  • put your machine's 2 MACs into ansible/inventory/host_vars/negk.yml
  • your admin user in ansible/inventory/group_vars/all/all.yml
  • maybe put your box's IP to ansible/inventory/hosts
ansible-playbook dc_a/site.yml --inventory-file pici/ansible/inventory/hosts --user root --limit negk
ansible-playbook pici/ansible/site.yml --inventory-file pici/ansible/inventory/hosts --user root --limit negk

Now you should have a dhcp/dns/tftp server on the local nic.

Step 3

  1. Put the system into maintenance mode so the pi can update the server.
sudo maintenance.sh

End of maintenance.sh boots the maintenance Pi.

  1. Log into pi as root to verify ssh keys are set and populate known_hosts.
ssh root@${mpi_ip}

This repo has been checked out on the server. tmux and use it to update the pi. (It takes over an hour.)

tmux
ansible-playbook ansible/site.yml -vv --inventory-file ansible/inventory/hosts --user root --limit pi

Step 4

Put the system into production mode (nfs is ro, enable overlayroot on pi) and turn on every pi:

sudo production.sh

The system is ready for public consumption.

Add a custom footer
Add a custom sidebar

Clone this wiki locally