My environment temperature calculation for https://github.com/srob/homebridge-sensehat

sensors.py

#!/usr/bin/python
from sense_hat import SenseHat
import os


def get_cpu_temp():
    res = os.popen('vcgencmd measure_temp').readline()
    return float(res.replace("temp=", "").replace("'C\n", ""))


def get_temp(sense):
    t1 = sense.get_temperature_from_humidity()
    t2 = sense.get_temperature_from_pressure()
    t = (t1 + t2) / 2
    t_cpu = get_cpu_temp()
    t_corr = t - ((t_cpu - t) / 15) - 3
    return t_corr

sense = SenseHat()

humidity = sense.get_humidity()
pressure = sense.get_pressure()

print("%s %s %s" % (get_temp(sense), humidity, pressure))

Install Sense Hat

My configuration (above photo is outdated)

Sense Hat
| 16mm Hex Brass Spacer
Geekworm X735 board (fan attached)
| 11mm Hex Brass Spacer
Raspberry Pi 4 board

Sense HAT - Raspberry Pi Documentation

sudo apt update
sudo apt install sense-hat -y
sudo reboot

Install homebridge-sensehat v0.1.0

sudo su
cd /home/homebridge
mkdir homebridge-sensehat
cd homebridge-sensehat
wget https://gist.github.com/HackingGate/9dc4434c3de17188a17844438fc38aff/raw/2d849a72f83a2643895eff5918f8f83d39bc33cf/sensors.py
wget https://github.com/srob/homebridge-sensehat/raw/master/leds.py
wget https://github.com/srob/homebridge-sensehat/raw/master/index.js
exit

Install homebridge-sensehat v0.1.0 plugin via web.

{
    "accessory": "SenseHat",
    "name": "SenseHat",
    "script_path": "~/homebridge-sensehat/"
}

Test if temperature correct when board overheat

Thermal testing Raspberry Pi 4 - Raspberry Pi Blog

At 21.13.00.

At 21.27.35.

My $1 cheap thermometer shows the same temperature. ✅

oh-my-zsh

Install oh-my-zsh

sudo apt update
sudo apt install git zsh -y
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

Install pi theme for on-my-zsh

mkdir $ZSH_CUSTOM/themes -p
wget -O $ZSH_CUSTOM/themes/pi.zsh-theme https://raw.githubusercontent.com/tobyjamesthomas/pi/master/pi.zsh-theme
sed -i.bak 's/^ZSH_THEME=.*/ZSH_THEME="pi"/' ~/.zshrc

Update omz

omz update

Bitcoin Core

Official Download Page: https://bitcoin.org/en/download

For 32-bit ARM Linux, the download link is:

https://bitcoin.org/bin/bitcoin-core-0.21.1/bitcoin-0.21.1-arm-linux-gnueabihf.tar.gz

Fore auto update, use snap store instead.

# From https://snapcraft.io/install/bitcoin-core/raspbian
# Install snap
sudo apt update
sudo apt install snapd
sudo reboot
sudo snap install core

# Install bitcoin-core
sudo snap install bitcoin-core

List info to see how can I launch bitcoin-core.

$ snap info bitcoin-core

...
commands:
  - bitcoin-core.cli
  - bitcoin-core.daemon
  - bitcoin-core.qt
...

Snaps are installed in /snap/bin but I get the error

$ /snap/bin/bitcoin-core.cli -version
ERROR: ld.so: object '/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so' from /etc/ld.so.preload cannot be preloaded (cannot open shared object file): ignored.
Bitcoin Core RPC client version v22.0.0

But this one works. Seems the binary published to snap store supports 32-bit but snap itself don't.

$ /snap/bitcoin-core/current/bin/bitcoin-cli -version
Bitcoin Core RPC client version v22.0.0

So my PATH be like

export PATH=/snap/bitcoin-core/current/bin:/snap/bin:$PATH

Pi-hole

https://pi-hole.net/

Installation

Install pi-hole
https://github.com/homebridge/homebridge-raspbian-image/wiki/How-To-Install-Pi-Hole

Configuration

Homebridge local
http://homebridge.local:8581
Config: /etc/nginx/sites-enabled/homebridge.local
Restart: sudo systemctl restart lighttpd.service
Update: sudo hb-config

Pi-hole
http://homebridge.local
Config: /etc/lighttpd/lighttpd.conf
Restart: sudo systemctl restart lighttpd.service
Update: pihole -up
Custom port:
Edit /etc/lighttpd/external.conf
Edit /etc/lighttpd/conf-enabled/external.conf

server.port := 8080

Compatible with WireGuard VPN

https://gist.github.com/HackingGate/b75ac856397075756ea878380c5b848c?permalink_comment_id=3698253#gistcomment-3698253

Change to Respond only on interface eth0

Compatible with vlmcsd

https://gist.github.com/HackingGate/b75ac856397075756ea878380c5b848c?permalink_comment_id=3614094#gistcomment-3614094

Turn off DNSSEC

Update

https://tailscale.com/kb/1114/pi-hole#troubleshooting

Torjan-go
https://blog.chaos.run/dreams/debian-deploy-trojan-go-server/index.html

/etc/systemd/system/trojan-go.service

[Unit]
Description=Trojan-Go
Documentation=https://github.com/p4gefau1t/trojan-go
After=network.target nss-lookup.target

[Service]
User=nobody
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true
ExecStart=/usr/local/bin/trojan-go/trojan-go -config /usr/local/etc/trojan-go/config.json
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target

How to issue Let's Encrypt certificate
https://www.cyberciti.biz/faq/issue-lets-encrypt-wildcard-certificate-with-acme-sh-and-cloudflare-dns/

command

acme.sh --issue --dns dns_cf -d x4s.hackinggate.com

log

/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
[Sun Jan 30 23:55:49 JST 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Sun Jan 30 23:55:49 JST 2022] Creating domain key
[Sun Jan 30 23:55:50 JST 2022] The domain key is here: /home/pi/.acme.sh/x4s.hackinggate.com/x4s.hackinggate.com.key
[Sun Jan 30 23:55:50 JST 2022] Single domain='x4s.hackinggate.com'
[Sun Jan 30 23:55:50 JST 2022] Getting domain auth token for each domain
[Sun Jan 30 23:55:59 JST 2022] Getting webroot for domain='x4s.hackinggate.com'
[Sun Jan 30 23:55:59 JST 2022] Adding txt value: XsJ1KXrbdJspcrOl6Q3eRjfM3h913u_QfKrT6snqHA4 for domain:  _acme-challenge.x4s.hackinggate.com
[Sun Jan 30 23:56:01 JST 2022] Adding record
[Sun Jan 30 23:56:01 JST 2022] Added, OK
[Sun Jan 30 23:56:01 JST 2022] The txt record is added: Success.
[Sun Jan 30 23:56:01 JST 2022] Let's check each DNS record now. Sleep 20 seconds first.
[Sun Jan 30 23:56:22 JST 2022] You can use '--dnssleep' to disable public dns checks.
[Sun Jan 30 23:56:22 JST 2022] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
[Sun Jan 30 23:56:22 JST 2022] Checking x4s.hackinggate.com for _acme-challenge.x4s.hackinggate.com
[Sun Jan 30 23:56:23 JST 2022] Domain x4s.hackinggate.com '_acme-challenge.x4s.hackinggate.com' success.
[Sun Jan 30 23:56:23 JST 2022] All success, let's return
[Sun Jan 30 23:56:23 JST 2022] Verifying: x4s.hackinggate.com
[Sun Jan 30 23:56:26 JST 2022] Processing, The CA is processing your order, please just wait. (1/30)
[Sun Jan 30 23:56:31 JST 2022] Success
[Sun Jan 30 23:56:31 JST 2022] Removing DNS records.
[Sun Jan 30 23:56:31 JST 2022] Removing txt: XsJ1KXrbdJspcrOl6Q3eRjfM3h913u_QfKrT6snqHA4 for domain: _acme-challenge.x4s.hackinggate.com
[Sun Jan 30 23:56:33 JST 2022] Removed: Success
[Sun Jan 30 23:56:33 JST 2022] Verify finished, start to sign.
[Sun Jan 30 23:56:33 JST 2022] Lets finalize the order.
[Sun Jan 30 23:56:33 JST 2022] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/SDI4a-5pScPZITvOcZ7GWA/finalize'
[Sun Jan 30 23:56:37 JST 2022] Order status is processing, lets sleep and retry.
[Sun Jan 30 23:56:37 JST 2022] Retry after: 15
[Sun Jan 30 23:56:53 JST 2022] Polling order status: https://acme.zerossl.com/v2/DV90/order/SDI4a-5pScPZITvOcZ7GWA
[Sun Jan 30 23:56:56 JST 2022] Downloading cert.
[Sun Jan 30 23:56:56 JST 2022] Le_LinkCert='https://acme.zerossl.com/v2/DV90/cert/qe2eWCrc70AtJ_3U7O6iqQ'
[Sun Jan 30 23:57:02 JST 2022] Cert success.
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
[Sun Jan 30 23:57:02 JST 2022] Your cert is in: /home/pi/.acme.sh/x4s.hackinggate.com/x4s.hackinggate.com.cer
[Sun Jan 30 23:57:02 JST 2022] Your cert key is in: /home/pi/.acme.sh/x4s.hackinggate.com/x4s.hackinggate.com.key
[Sun Jan 30 23:57:02 JST 2022] The intermediate CA cert is in: /home/pi/.acme.sh/x4s.hackinggate.com/ca.cer
[Sun Jan 30 23:57:02 JST 2022] And the full chain certs is there: /home/pi/.acme.sh/x4s.hackinggate.com/fullchain.cer

install

acme.sh --install-cert -d x4s.hackinggate.com \
--key-file       ~/certs/x4s.hackinggate.com.key  \
--fullchain-file ~/certs/x4s.hackinggate.com.crt \
--reloadcmd     "bash ~/scripts/cert.sh && sudo service nginx force-reload"

Calibre Server

Install Calibre:

sudo apt install calibre

https://www.digitalocean.com/community/tutorials/how-to-create-a-calibre-ebook-server-on-ubuntu-20-04

Upgrade Raspberry Pi OS from buster to bullseye by ChatGPT

As of my last training data cut-off in September 2021, the process to upgrade your Raspberry Pi OS from "Buster" (Debian 10) to "Bullseye" (Debian 11) would follow similar steps to other Debian-based system upgrades.

Here is a general outline of the steps you'd take:

Step 1: Make a backup

Before you begin, it's essential to back up any important data. System upgrades have the potential to go wrong, and it's always better to be safe than sorry.

Step 2: Update your current system

First, update your existing system packages to their latest versions. To do this, open a terminal and type:

sudo apt update
sudo apt full-upgrade

This will update the package list and upgrade all packages to their latest version. The full-upgrade command will also handle any dependencies, removing obsolete packages if necessary.

Step 3: Modify your apt sources

You will need to modify the /etc/apt/sources.list file and change all instances of 'buster' to 'bullseye'. You can do this manually with a text editor or use the sed command in terminal:

sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak  # Backup your sources list
sudo sed -i 's/buster/bullseye/g' /etc/apt/sources.list

If you have additional software sources set up in separate files under /etc/apt/sources.list.d/, you should also update those files:

sudo sed -i 's/buster/bullseye/g' /etc/apt/sources.list.d/*.list

Step 4: Perform the upgrade

You can now proceed with the upgrade by running:

sudo apt update
sudo apt full-upgrade

This will update your package list with the Bullseye repositories and perform the upgrade.

Step 5: Clean up

After the upgrade, you may want to remove unnecessary packages:

sudo apt autoremove
sudo apt autoclean

Step 6: Reboot your Raspberry Pi

Finally, reboot your Raspberry Pi to make sure everything is working as expected:

sudo reboot

NOTE: This is a general guide. The specific steps may vary based on your particular configuration and the specific versions of the OS. It's crucial to back up your data before performing an OS upgrade, as things can occasionally go wrong. Proceed with caution and consult the official documentation and community if you encounter problems or have concerns. It's often also a good idea to test this process on a secondary device first, if one is available.

1. Install QEMU:

sudo apt update
sudo apt-get install qemu-system-arm qemu-efi

2. Download the Raspberry Pi OS image and Kernel image:

wget https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2023-05-03/2023-05-03-raspios-bullseye-arm64-lite.img.xz
xz -d 2023-05-03-raspios-bullseye-arm64-lite.img.xz

wget https://raw.githubusercontent.com/dhruvvyas90/qemu-rpi-kernel/master/kernel-qemu-5.10.63-bullseye
wget https://github.com/dhruvvyas90/qemu-rpi-kernel/raw/master/versatile-pb-bullseye-5.10.63.dtb

Migrating to 64-bit OS (aarch64)

Why?
https://www.linuxserver.io/blog/a-farewell-to-arm-hf

How?

Reflash the image

Official Raspberry Pi OS

Download Raspberry Pi OS

https://www.raspberrypi.com/software/operating-systems/

Install Raspberry Pi OS using Raspberry Pi Imager

brew install raspberry-pi-imager

Flash with SSH enabled

sudo dpkg-reconfigure locales

Install Docker

https://docs.docker.com/engine/install/debian/

Configure Docker

https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user

sudo usermod -aG docker $USER

Relogin the user

Calibre web with docker compose

docker-compose.yml

---
version: "2.1"
services:
  calibre-web:
    image: lscr.io/linuxserver/calibre-web:latest
    container_name: calibre-web
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - DOCKER_MODS=linuxserver/mods:universal-calibre
      - OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional
    volumes:
      - /home/pi/calibre/config:/config
      - /home/pi/calibre/library:/books
    ports:
      - 8083:8083
    restart: unless-stopped

Crontab

crontab -e

@reboot (sleep 30s ; cd calibre ; /usr/bin/docker compose up -d --build)&

Basic Configuration

Calibre web

Install https://github.com/janeczku/calibre-web

Create /etc/systemd/system/calibre-web.service

[Unit]
Description=Calibre-Web
After=network.target

[Service]
Type=simple
User=pi
Group=pi
WorkingDirectory=/home/pi/calibre
ExecStart=/home/pi/.local/bin/cps
Restart=on-failure

[Install]
WantedBy=multi-user.target

Enable and start

sudo systemctl enable calibre-web
sudo systemctl start calibre-web

Cloudflare tunnel

For SSH, RDP, SMB

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/

tailscale

https://tailscale.com/kb/1114/pi-hole/

fileserver

Install

curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bash

Init

filebrowser config init

Change listen port from default 8080 to 8780 (Optional)

filebrowser config set --port 8780

Test

filebrowser -r .

Add user

filebrowser users add admin admin

Update user

filebrowser users update admin --username pi
filebrowser users update pi --password pass1234

Add /etc/systemd/system/filebrowser.service with the following content.

[Unit]
Description=filebrowser
After=network.target

[Service]
Type=simple
WorkingDirectory=/home/pi
ExecStart=/usr/local/bin/filebrowser -r /home/pi
Restart=on-failure
User=pi
Group=pi

[Install]
WantedBy=multi-user.target

Load, enable and run

sudo systemctl daemon-reload
sudo systemctl enable --now filebrowser.service

Xray

https://www.v2ray-agent.com/archives/1708584312877