0. World Community Grid

本書はグリッド・コンピューティングプロジェクトのひとつ、World Community Gridを支援するマシンをRaspberry Piで構築する手順です

参加はこちらから https://join.worldcommunitygrid.org?recruiterId=703087
本稿は以下のアカウントを利用
https://www.worldcommunitygrid.org/verifyMember.do?name=icesword.org&code=da57846a88d204d2ca5b2b6b6dcdcd21
Weak Account Key : 1069089_3663b87e4245e8013ebbe73cee200e7b

1. 検証環境

シングルボードコンピュータ メモリ ストレージ
Raspberry Pi 3 Model B Rev 1.2 1GB microSDHC 32GB CLASS10
Raspberry Pi 3 Model B Plus Rev 1.3 1GB microSDHC 32GB CLASS10
Raspberry Pi 4 Model B Rev 1.4 2GB microSDHC 32GB CLASS10
Raspberry Pi 4 Model B Rev 1.2 4GB microSDHC 32GB CLASS10
Raspberry Pi 4 Model B Rev 1.4 8GB microSDHC 32GB CLASS10

2. OS

raspbian-buster-lite
https://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2020-02-14/2020-02-13-raspbian-buster-lite.zip

3. 操作環境

macOS, SSH

4. 書き込み

差し込んだmicroSDHCカードを diskutil list でマウント確認をmacOSのターミナルで行う

$ diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE  NAME                     SIZE       IDENTIFIER
   0:      GUID_partition_scheme                          *121.3 GB   disk0
   1:                        EFI  EFI                      314.6 MB   disk0s1
   2:                 Apple_APFS  Container disk1          121.0 GB   disk0s2

/dev/disk1 (synthesized):
   #:                       TYPE  NAME                     SIZE       IDENTIFIER
   0:      APFS Container Scheme -                        +121.0 GB   disk1
                                  Physical Store disk0s2
   1:                APFS Volume  Macintosh HD - Data      37.7 GB    disk1s1
   2:                APFS Volume  Preboot                  487.3 MB   disk1s2
   3:                APFS Volume  Recovery                 622.9 MB   disk1s3
   4:                APFS Volume  VM                       1.1 GB     disk1s4
   5:                APFS Volume  Macintosh HD             15.3 GB    disk1s5
   6:              APFS Snapshot  com.apple.os.update-...  15.3 GB    disk1s5s1

/dev/disk2 (external, physical):
   #:                       TYPE  NAME                     SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                          *31.9 GB    disk2
   1:                 DOS_FAT_32  BOOT                     268.4 MB   disk2s1
   2:                      Linux                           31.6 GB    disk2s2

結果 disk2 と判明

$ diskutil umountDisk /dev/disk2
Unmount of all volumes on disk2 was successful

書き込むイメージファイルが格納されている階層へ移動

$ cd desktop

書き込み

$ sudo dd bs=1m if=2020-02-13-raspbian-buster-lite.img of=/dev/disk2

書き込んだイメージに空の ssh ファイル配置

bcm2710-rpi-3-b-plus.dtb
bcm2708-rpi-b-plus.dtb
bcm2708-rpi-b.dtb
bcm2708-rpi-cm.dtb
bcm2708-rpi-zero-w.dtb
bcm2708-rpi-zero.dtb
bcm2709-rpi-2-b.dtb
bcm2710-rpi-2-b.dtb
bcm2710-rpi-3-b.dtb
bcm2710-rpi-cm3.dtb
bcm2711-rpi-4-b.dtb
bootcode.bin
cmdline.txt
config.txt
COPYING.linux
fixup_cd.dat
fixup_db.dat
fixup_x.dat
fixup.dat
fixup4.dat
fixup4cd.dat
fixup4db.dat
fixup4x.dat
issue.txt
kernel.img
kernel7.img
kernel7l.img
kernel8.img
LICENCE.broadcom
overlays
ssh
start_cd.elf
start_db.elf
start_x.elf
start.elf
start4.elf
start4cd.elf
start4db.elf
start4x.elf

5. SSH接続

Raspberry Pi へ microSDHCカード を差し込みLANケーブルを接続後、電源投入 Raspberry Pi 本体には電源スイッチが無いため、電源コードを接続する事で起動

Raspberry Pi のSSHリモート操作環境は Termius を利用
https://apps.apple.com/jp/app/termius-ssh-client/id1176074088

ホスト名 raspberrypi.local
ユーザー名 pi
パスワード raspberry

6. OS確認

$ more /proc/device-tree/model | sed "s/$/\n/";getconf LONG_BIT | sed "s/^/os: /" | sed "s/$/bit/";arch | sed "s/^/kernel: /"
$ lsb_release -a

7. 一時ユーザー作成

$ sudo useradd -M tmp
$ sudo gpasswd -a tmp sudo
Adding user tmp to group sudo
$ sudo passwd tmp
Enter new UNIX password:qwerty
Retype new UNIX password:qwerty
passwd: password updated successfully

一時ユーザー tmp のパスワードを qwerty で設定
パスワードは任意の文字列です

$ exit

SSH接続

ホスト名 raspberrypi.local
ユーザー名 tmp
パスワード qwerty

8. ユーザー名変更

$ sudo usermod -l overdroid pi

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for tmp:qwerty

pi ユーザーを overdroid に変更
変更ユーザー名は任意の文字列です

$ sudo usermod -d /home/overdroid -m overdroid
$ sudo groupmod -n overdroid pi
$ exit

SSH接続

ホスト名 raspberrypi.local
ユーザー名 overdroid
パスワード raspberry

9. 一時ユーザー削除

$ sudo userdel tmp

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for overdroid: raspberry

10. パスワード変更、ホスト名変更、名前解決追加

$ passwd
Changing password for overdroid.
(current) UNIX password:raspberry
Enter new UNIX password:qwerty
Retype new UNIX password:qwerty
passwd: password updated successfully

ユーザー overdroid のパスワードを qwerty で設定
パスワードは任意の文字列です

$ sudo passwd root
Enter new UNIX password:qwerty
Retype new UNIX password:qwerty
passwd: password updated successfully

管理者 root のパスワードを qwerty で設定
パスワードは任意の文字列です

$ sudo su -
# hostnamectl set-hostname icesword0x

ホスト名を icesword0x で設定
ホスト名は任意の文字列です

# sh -c 'echo 127.0.1.1 $(hostname) >> /etc/hosts'

11. hostsファイル編集

# vi /etc/hosts

6行目をコメントアウトもしくは dd で行を削除

127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

#127.0.1.1               raspberrypi
127.0.1.1 icesword0x

12. ログインメッセージ編集

# vi /etc/motd

既存記述を :%d で全て削除

Change the world a bit.
 _                                    _ 
(_) ___ ___ _____      _____  _ __ __| |
| |/ __/ _ / __\ \ /\ / / _ \| '__/ _` |
| | (_|  __\__ \\ V  V | (_) | | | (_| |
|_|\___\___|___/ \_/\_/ \___/|_|  \__,_|
                                        
Ignition to OVERDROID

13. 温度制御、電源ランプ点滅、Bluetooth無効化、Wi-Fi無効化、再起動

# vi /boot/config.txt

既存記述を :%d で全て削除

dtparam=pwr_led_trigger=heartbeat
temp_limit=75
dtoverlay=disable-bt
dtoverlay=disable-wifi
# reboot

SSH接続

ホスト名 icesword0x.local
ユーザー名 overdroid
パスワード qwerty

14. 各種アップデート、必要パッケージインストール、不要パッケージ削除、再起動

$ sudo su -
# apt-get update && apt-get -y upgrade && apt-get -y install boinc htop unattended-upgrades chkconfig && apt-get autoremove -y man manpages && reboot

18. SSH接続

ホスト名 icesword0x.local
ユーザー名 overdroid
パスワード qwerty

15. zram

$ sudo su -
# vi /usr/bin/zram.sh
#!/bin/bash
cores=$(nproc --all)
modprobe zram num_devices=$cores
swapoff -a
totalmem=`free | grep -e "^Mem:" | awk '{print $2}'`
mem=$(( ($totalmem * 2 / $cores)* 1024 ))
modprobe deflate
modprobe zlib
modprobe lz4hc_compress
core=0
while [ $core -lt $cores ]; do
  echo deflate > /sys/block/zram$core/comp_algorithm ||
   echo zlib > /sys/block/zram$core/comp_algorithm ||
   echo lz4hc > /sys/block/zram$core/comp_algorithm ||
   echo lz4 > /sys/block/zram$core/comp_algorithm
# not sure which one this kernel has
  echo $mem > /sys/block/zram$core/disksize
  mkswap /dev/zram$core
  swapon --discard -p 5 /dev/zram$core # reclaim memory better
  let core=core+1
done
# chmod +x /usr/bin/zram.sh

16. HDMI無効化、USB無効化、zram

# apt install libusb-1.0-0-dev git
Do you want to continue? [Y/n] y
# git clone https://github.com/mvp/uhubctl
# cd uhubctl
# make
# make install
# cd ~
# vi /etc/rc.local

20行目に tvservice --off を追記
21行目に uhubctl -l 1-1 -p 2 -a 0 を追記
22行目に /usr/bin/zram.sh & を追記

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# Print the IP address
_IP=$(hostname -I) || true
if [ "$_IP" ]; then
  printf "My IP address is %s\n" "$_IP"
fi

tvservice --off
uhubctl -l 1-1 -p 2 -a 0
/usr/bin/zram.sh &

exit 0

17. journald

# vi /etc/systemd/journald.conf

15行目に Storage=none を追記

#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See journald.conf(5) for details.

[Journal]
Storage=none
#Storage=auto
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitIntervalSec=30s
#RateLimitBurst=10000
#SystemMaxUse=
#SystemKeepFree=
#SystemMaxFileSize=
#SystemMaxFiles=100
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#RuntimeMaxFiles=100
#MaxRetentionSec=
#MaxFileSec=1month
#ForwardToSyslog=yes
#ForwardToKMsg=no
#ForwardToConsole=no
#ForwardToWall=yes
#TTYPath=/dev/console
#MaxLevelStore=debug
#MaxLevelSyslog=debug
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
#LineMax=48K
#ReadKMsg=yes

18. fstab

# vi /etc/fstab

4行目に tmpfs /tmp tmpfs defaults,noatime,nodiratime,mode=1777 0 0 を追記

proc            /proc           proc    defaults          0       0
PARTUUID=738a4d67-01  /boot           vfat    defaults          0       2
PARTUUID=738a4d67-02  /               ext4    defaults,noatime  0       1
tmpfs    /tmp                              tmpfs    defaults,noatime,nodiratime,mode=1777  0       0
# a swapfile is not a swap partition, no line here
#   use  dphys-swapfile swap[on|off]  for that

19. folder2ram

# wget -O /sbin/folder2ram https://raw.githubusercontent.com/bobafetthotmail/folder2ram/master/debian_package/sbin/folder2ram
# chmod +x /sbin/folder2ram
# folder2ram -configure
# vi /etc/folder2ram/folder2ram.conf

17行目に tmpfs /var/log を追記
18行目に tmpfs /var/tmp を追記
19行目に tmpfs /var/spool を追記
20行目に tmpfs /var/lib/boinc-client/slots を追記

#############################
#folder2ram main config file#
#############################
#
#PROTIP: to make /var/lock or /tmp available as ram filesystems,
#        it is preferable to set the variables RAMTMP, RAMLOCK
#        in /etc/default/tmpfs.
#
#TYPE: options available are "tmpfs" (for a ram folder)
#
#OPTIONS: mount option (will be passed as options to mount), if left blank "defaults" will be used
#
#IMPORTANT: use 2 Tabs to separate "type" from "mount point" from "options", the script needs them to read correctly the configuration.
#
#[type]         [mount point]                   [options]
#tmpfs          /var/log
tmpfs           /var/log
tmpfs           /var/tmp
tmpfs           /var/spool
tmpfs           /var/lib/boinc-client/slots
# folder2ram -mountall
# folder2ram -enablesystemd

20. アップデート自動化(セキュリティのみ)

# dpkg-reconfigure -plow unattended-upgrades
[YES]

YES を選択

# vi /etc/apt/apt.conf.d/50unattended-upgrades

既存記述を :%d で全て削除

// Unattended-Upgrade::Origins-Pattern controls which packages are
// upgraded.
//
// Lines below have the format format is "keyword=value,...".  A
// package will be upgraded only if the values in its metadata match
// all the supplied keywords in a line.  (In other words, omitted
// keywords are wild cards.) The keywords originate from the Release
// file, but several aliases are accepted.  The accepted keywords are:
//   a,archive,suite (eg, "stable")
//   c,component     (eg, "main", "contrib", "non-free")
//   l,label         (eg, "Debian", "Debian-Security")
//   o,origin        (eg, "Debian", "Unofficial Multimedia Packages")
//   n,codename      (eg, "jessie", "jessie-updates")
//     site          (eg, "http.debian.net")
// The available values on the system are printed by the command
// "apt-cache policy", and can be debugged by running
// "unattended-upgrades -d" and looking at the log file.
//
// Within lines unattended-upgrades allows 2 macros whose values are
// derived from /etc/debian_version:
//   ${distro_id}            Installed origin.
//   ${distro_codename}      Installed codename (eg, "jessie")
Unattended-Upgrade::Origins-Pattern {
        // Codename based matching:
        // This will follow the migration of a release through different
        // archives (e.g. from testing to stable and later oldstable).
//      "o=Debian,n=jessie";
//      "o=Debian,n=jessie-updates";
//      "o=Debian,n=jessie-proposed-updates";
//      "o=Debian,n=jessie,l=Debian-Security";
 
        // Archive or Suite based matching:
        // Note that this will silently match a different release after
        // migration to the specified archive (e.g. testing becomes the
        // new stable).
      "o=Debian,a=stable";
//      "o=Debian,a=stable-updates";
//      "o=Debian,a=proposed-updates";
        "origin=Debian,codename=${distro_codename},label=Debian-Security";
};
 
// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
//      "vim";
//      "libc6";
//      "libc6-dev";
//      "libc6-i686";
};
 
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
 
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "true";
 
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";
 
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";
 
// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";
 
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
 
// Automatically reboot *WITHOUT CONFIRMATION* if
//  the file /var/run/reboot-required is found after the upgrade
Unattended-Upgrade::Automatic-Reboot "true";
 
// Automatically reboot even if there are users currently logged in.
//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
 
// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
//  Default: "now"
Unattended-Upgrade::Automatic-Reboot-Time "02:00";
 
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";
 
// Enable logging to syslog. Default is False
// Unattended-Upgrade::SyslogEnable "false";
 
// Specify syslog facility. Default is daemon
// Unattended-Upgrade::SyslogFacility "daemon";

21. ログ最小限化

# vi /etc/rsyslog.conf

既存記述を :%d で全て削除

#  /etc/rsyslog.conf    Configuration file for rsyslog.
# Some "catch-all" log files.
#                       For more information see
#.=debug;\              /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
        auth,authpriv.none;\
        news.none;mail.none     -/var/log/debug
#################;*.=warn;\
#### MODULES ####priv.none;\
#################on.none;\
        mail,news.none          -/var/log/messages
module(load="imuxsock") # provides support for local system logging
module(load="imklog")   # provides kernel logging support
#module(load="immark")  # provides --MARK-- message capability

# provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="514")

# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")


###########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog

#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf


###############
#### RULES ####
###############

#
# First some standard log files.  Log by facility.
#
auth,authpriv.*                 /var/log/auth.log
*.*;auth,authpriv.none          -/var/log/syslog
#cron.*                         /var/log/cron.log
#daemon.*                       -/var/log/daemon.log
#kern.*                         -/var/log/kern.log
#lpr.*                          -/var/log/lpr.log
#mail.*                         -/var/log/mail.log
#user.*                         -/var/log/user.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
#mail.info                      -/var/log/mail.info
#mail.warn                      -/var/log/mail.warn
#mail.err                       /var/log/mail.err

#
# Some "catch-all" log files.
#
#*.=debug;\
#       auth,authpriv.none;\
#       news.none;mail.none     -/var/log/debug
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg                         :omusrmsg:*

22. 不要サービス停止、再起動

# systemctl stop rsyslog
# systemctl disable rsyslog
# systemctl stop hciuart bluetooth
# systemctl disable hciuart bluetooth
# chkconfig triggerhappy off && chkconfig alsa-utils off && chkconfig off && reboot

SSH接続

ホスト名 icesword0x.local
ユーザー名 overdroid
パスワード qwerty

23. SWAP無効化

$ sudo su -
# swapoff --all
# systemctl stop dphys-swapfile
# systemctl disable dphys-swapfile
# systemctl status dphys-swapfile
# rm /var/swap

24. BOINC起動

# boinccmd --project_attach https://www.worldcommunitygrid.org 1069089_3663b87e4245e8013ebbe73cee200e7b

25. 確認

# free
              total        used        free      shared  buff/cache   available
Mem:         946392      189168      628156         368      129068      705628
Swap:             0           0           0

# chkconfig dphys-swapfile -list
dphys-swapfile            0:off  1:off  2:off  3:off  4:off  5:off  6:off
# zramctl
NAME       ALGORITHM DISKSIZE DATA COMPR TOTAL STREAMS MOUNTPOINT
/dev/zram3 deflate     462.1M   4K   68B    4K       4 
/dev/zram2 deflate     462.1M   4K   68B    4K       4 
/dev/zram1 deflate     462.1M   4K   68B    4K       4 
/dev/zram0 deflate     462.1M   4K   67B    4K       4 
# swapon --show
# htop
htop [CTRL]+[C]で終了

CPU温度確認

$ while true; do vcgencmd measure_temp; sleep 1s; done
[CTRL]+[C]で終了

CPU周波数表示

$ while true; do vcgencmd measure_clock arm; sleep 1s; done
[CTRL]+[C]で終了

CPU電圧表示

$ while true; do vcgencmd measure_volts; sleep 1s; done
[CTRL]+[C]で終了

BOINCホスト情報取得

$ boinccmd --get_host_info

BOINC一時停止

$ boinccmd --quit

シャットダウン

$ sudo shutdown -h now

戻る