README for minipc-router ======================== Introduction ------------ We have a few mini-pc boxes that we'll be using as routers. The boxes have an Intel CPU, 8 GiB RAM, 60 GB SSD, four Ethernet ports, and support for wifi, and where fairly cheap from China. (FIXME: Add hardware specifics: make, model number, etc.) This project is about installing and configuring the hardware so that they work as routers, firewalls, and provide other networking services. Image build process ------------------- Unless you've been given pre-built images, you need to build them youself. You need: * Debian (stretch works, jessie might). * vmdebootstrap You'll need edit `installer.yaml` and `router.yaml` to set the Debian mirror URL. `http://httpredir.debian.org/debian` should always work; the debmirror host is something Lars uses locally for more speed. You need to configure `authorized_keys` to contain only your own keys. The default has some other keys. The file is installed to the router for the `root` user and so those who have the corresponding private keys can log in as root to the router. Run sudo sh -x build.sh If this works, it produces `ìnstaller.img`. This will be put on a USB stick for installing the router image (`router.img.gz`) to the router SSD. The router image is included in the installer image. Installation process -------------------- The installation process is: * In the minipc UEFI settings, swich from UEFI+Legacy boot to UEFI only. * Write the installer image (`installer.img`) to a USB stick with `dd`. * Boot the minipc from the USB stick. * Log in as root (no password). * Copy the router system image to the SSD: `zcat /router.img.gz | dd of=/dev/sda of=16M` (it'll take a while and there's no progress bar, sorry). * Shutdown the system (run `poweroff`) and remove the USB stick. * Boot the minipc. This will boot it off the SSD. * Connect your laptop to the minipc using Ethernet, to the LAN4 port. This ports provide DHCP service. is for connecting to the Internet, and does not initially have any The other ports do not have network configured. * Log into the minipc as the ansible user (`ssh ansible@10.0.0.4`). * Use Ansible, or whatever you want, to configure the system to provide the services you want. (FIXME: Add the Ansible.) Note that if you want to re-install the system, you'll need to reboot from the install USB stick. This may require going to the BIOS/UEFI and choose the right boot disk.