Skip to content

ROCKPro64 - Kernel 5.6 und Wireguard 1.0

ROCKPro64
1 1 343
  • Nachdem ich ja jetzt den Release 0.9.16 mit Kernel 5.6 auf einer PCIe NVMe SSD am Laufen habe, geht es ans Testen von Wireguard. Den Server setze ich voraus.

    Kernel

    root@rockpro64:~# uname -a
    Linux rockpro64 5.6.0-1127-ayufan-g1bd266cae93f #ayufan SMP PREEMPT Sat Apr 4 11:14:08 UTC 2020 aarch64 GNU/Linux
    

    Wireguard installieren

    Users with Debian releases older than Bullseye should enable backports.

    Wir öffnen /etc/apt/sources.list

    nano /etc/apt/sources.list
    

    Ans Ende fügen wir folgende Zeile ein

    deb http://deb.debian.org/debian buster-backports main
    

    Das dann bitte speichern. Danach

    apt update
    

    Und jetzt installieren wir

    apt install wireguard
    

    Das hier ist interessant

    Setting up wireguard-dkms (0.0.20200318-1~bpo10+1) ...
    Loading new wireguard-0.0.20200318 DKMS files...
    Building for 5.6.0-1127-ayufan-g1bd266cae93f
    Building initial module for 5.6.0-1127-ayufan-g1bd266cae93f
    Error!  The dkms.conf for this module includes a BUILD_EXCLUSIVE directive which
    does not match this kernel/arch.  This indicates that it should not be built.
    Skipped.
    

    Er baut kein Kernelmodul mehr, weil es ja seit 5.6 im Kernel drin ist.

    Nach der Konfiguration und dem Aufruf von wg-quick kommt das hier.

    root@rockpro64:/etc/wireguard# wg-quick up wg0
    [#] ip link add wg0 type wireguard
    [#] wg setconf wg0 /dev/fd/63
    [#] ip -4 address add 10.10.1.13 dev wg0
    [#] ip -6 address add XXXXXXXXX:100::13 dev wg0
    [#] ip link set mtu 1420 up dev wg0
    [#] resolvconf -a tun.wg0 -m 0 -x
    /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /etc/resolvconf/run/resolv.conf
    [#] wg set wg0 fwmark 51820
    [#] ip -6 route add ::/0 dev wg0 table 51820
    [#] ip -6 rule add not fwmark 51820 table 51820
    [#] ip -6 rule add table main suppress_prefixlength 0
    [#] ip6tables-restore -n
    [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
    [#] ip -4 rule add not fwmark 51820 table 51820
    [#] ip -4 rule add table main suppress_prefixlength 0
    [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
    [#] iptables-restore -n
    

    Das hier scheint ein Problem zu sein, weil ich auch keine Verbindung hin bekomme.

    /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /etc/resolvconf/run/resolv.conf
    

    Ok, googlen. Und dann folgendes eingeben.

     dpkg-reconfigure resolvconf
    

    Und jetzt aber.... 🙂

    root@rockpro64:/etc/wireguard# wg-quick up wg0
       [#] ip link add wg0 type wireguard
       [#] wg setconf wg0 /dev/fd/63
       [#] ip -4 address add 10.10.1.13 dev wg0
       [#] ip -6 address add XXXXXXXXXXX:100::13 dev wg0
       [#] ip link set mtu 1420 up dev wg0
       [#] resolvconf -a tun.wg0 -m 0 -x
       [#] wg set wg0 fwmark 51820
       [#] ip -6 route add ::/0 dev wg0 table 51820
       [#] ip -6 rule add not fwmark 51820 table 51820
       [#] ip -6 rule add table main suppress_prefixlength 0
       [#] ip6tables-restore -n
       [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
       [#] ip -4 rule add not fwmark 51820 table 51820
       [#] ip -4 rule add table main suppress_prefixlength 0
       [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
       [#] iptables-restore -n
    

    Danach neustarten und dann steht die Verbindung.

    root@rockpro64:~# wg
    interface: wg0
      public key: gGBgs+jwmHYDNY8/JWARQ2Iu1TiYCH7vAozYoEexnhs=
      private key: (hidden)
      listening port: 51820
      fwmark: 0xca6c
    
    peer: Bda7jOcCqXKQerSJ5OkV/rM0cveqdo7kgPlUu2ow6mo=
      preshared key: (hidden)
      endpoint: 88.198.154.143:51820
      allowed ips: 0.0.0.0/0, ::/0
      latest handshake: 3 seconds ago
      transfer: 92 B received, 324 B sent
    

    Fertig!!

    Kamil will das mit resolvconf im nächsten Release ändern.

    (21:08:50) ayufanWithPM: OK, I changed how I handle /etc/resolv.conf

  • Forgejo Installation mit Podman Quadlet auf Hetzner VM

    Podman forgejo podman quadlet linux
    1
    0 Stimmen
    1 Beiträge
    23 Aufrufe
    Niemand hat geantwortet
  • Restic v0.16.2

    Linux restic linux
    1
    0 Stimmen
    1 Beiträge
    159 Aufrufe
    Niemand hat geantwortet
  • NodeBB - v3.3.0

    NodeBB nodebb linux
    1
    0 Stimmen
    1 Beiträge
    149 Aufrufe
    Niemand hat geantwortet
  • ZFS - Wichtige Befehle

    Linux zfs linux
    3
    0 Stimmen
    3 Beiträge
    963 Aufrufe
    FrankMF
    Heute mal drüber gestolpert, das es auch so was geben kann. root@pve2:~# zpool status pool: pool_NAS state: ONLINE status: Some supported and requested features are not enabled on the pool. The pool can still be used, but some features are unavailable. action: Enable all features using 'zpool upgrade'. Once this is done, the pool may no longer be accessible by software that does not support the features. See zpool-features(7) for details. scan: scrub repaired 0B in 00:20:50 with 0 errors on Sun Apr 13 00:44:51 2025 config: NAME STATE READ WRITE CKSUM pool_NAS ONLINE 0 0 0 mirror-0 ONLINE 0 0 0 ata-WDC_WDS100T1R0A-68A4W0_230520800733 ONLINE 0 0 0 ata-WDC_WDS100T1R0A-68A4W0_230520801376 ONLINE 0 0 0 errors: No known data errors Was machen? Als erstes mal ein Backup angestoßen. Danach root@pve2:~# zpool get all pool_NAS | grep feature pool_NAS feature@async_destroy enabled local pool_NAS feature@empty_bpobj active local pool_NAS feature@lz4_compress active local pool_NAS feature@multi_vdev_crash_dump enabled local pool_NAS feature@spacemap_histogram active local pool_NAS feature@enabled_txg active local pool_NAS feature@hole_birth active local pool_NAS feature@extensible_dataset active local pool_NAS feature@embedded_data active local pool_NAS feature@bookmarks enabled local pool_NAS feature@filesystem_limits enabled local pool_NAS feature@large_blocks enabled local pool_NAS feature@large_dnode enabled local pool_NAS feature@sha512 enabled local pool_NAS feature@skein enabled local pool_NAS feature@edonr enabled local pool_NAS feature@userobj_accounting active local pool_NAS feature@encryption enabled local pool_NAS feature@project_quota active local pool_NAS feature@device_removal enabled local pool_NAS feature@obsolete_counts enabled local pool_NAS feature@zpool_checkpoint enabled local pool_NAS feature@spacemap_v2 active local pool_NAS feature@allocation_classes enabled local pool_NAS feature@resilver_defer enabled local pool_NAS feature@bookmark_v2 enabled local pool_NAS feature@redaction_bookmarks enabled local pool_NAS feature@redacted_datasets enabled local pool_NAS feature@bookmark_written enabled local pool_NAS feature@log_spacemap active local pool_NAS feature@livelist enabled local pool_NAS feature@device_rebuild enabled local pool_NAS feature@zstd_compress enabled local pool_NAS feature@draid enabled local pool_NAS feature@zilsaxattr disabled local pool_NAS feature@head_errlog disabled local pool_NAS feature@blake3 disabled local pool_NAS feature@block_cloning disabled local pool_NAS feature@vdev_zaps_v2 disabled local Das kommt von neuen Funktionen, die zu ZFS hinzugefügt wurden und bei Erstellung des Pools nicht vorhanden waren. Dann upgraden wir mal root@pve2:~# zpool upgrade pool_NAS This system supports ZFS pool feature flags. Enabled the following features on 'pool_NAS': zilsaxattr head_errlog blake3 block_cloning vdev_zaps_v2 Kontrolle root@pve2:~# zpool status pool: pool_NAS state: ONLINE scan: scrub repaired 0B in 00:20:50 with 0 errors on Sun Apr 13 00:44:51 2025 config: NAME STATE READ WRITE CKSUM pool_NAS ONLINE 0 0 0 mirror-0 ONLINE 0 0 0 ata-WDC_WDS100T1R0A-68A4W0_230520800733 ONLINE 0 0 0 ata-WDC_WDS100T1R0A-68A4W0_230520801376 ONLINE 0 0 0 errors: No known data errors Features kontrollieren root@pve2:~# zpool get all pool_NAS | grep feature pool_NAS feature@async_destroy enabled local pool_NAS feature@empty_bpobj active local pool_NAS feature@lz4_compress active local pool_NAS feature@multi_vdev_crash_dump enabled local pool_NAS feature@spacemap_histogram active local pool_NAS feature@enabled_txg active local pool_NAS feature@hole_birth active local pool_NAS feature@extensible_dataset active local pool_NAS feature@embedded_data active local pool_NAS feature@bookmarks enabled local pool_NAS feature@filesystem_limits enabled local pool_NAS feature@large_blocks enabled local pool_NAS feature@large_dnode enabled local pool_NAS feature@sha512 enabled local pool_NAS feature@skein enabled local pool_NAS feature@edonr enabled local pool_NAS feature@userobj_accounting active local pool_NAS feature@encryption enabled local pool_NAS feature@project_quota active local pool_NAS feature@device_removal enabled local pool_NAS feature@obsolete_counts enabled local pool_NAS feature@zpool_checkpoint enabled local pool_NAS feature@spacemap_v2 active local pool_NAS feature@allocation_classes enabled local pool_NAS feature@resilver_defer enabled local pool_NAS feature@bookmark_v2 enabled local pool_NAS feature@redaction_bookmarks enabled local pool_NAS feature@redacted_datasets enabled local pool_NAS feature@bookmark_written enabled local pool_NAS feature@log_spacemap active local pool_NAS feature@livelist enabled local pool_NAS feature@device_rebuild enabled local pool_NAS feature@zstd_compress enabled local pool_NAS feature@draid enabled local pool_NAS feature@zilsaxattr enabled local pool_NAS feature@head_errlog active local pool_NAS feature@blake3 enabled local pool_NAS feature@block_cloning enabled local pool_NAS feature@vdev_zaps_v2 enabled local So, alle neuen Features aktiviert. Jetzt kann der Pool weiterhin seine Arbeit machen.
  • Benchmark Script

    ROCKPro64 rockpro64
    2
    0 Stimmen
    2 Beiträge
    671 Aufrufe
    FrankMF
    Mainline Mein gekürztes Ergebnis auf einem ROCKPro64 v2.0 mit 4GB RAM und 4.18er Kernel, dieser ROCK benutzt eine SD-Karte! Gekürzt Distributor ID: Ubuntu Description: Ubuntu 18.04.1 LTS Release: 18.04 Codename: bionic Architecture: arm64 Uptime: 16:14:56 up 4 min, 1 user, load average: 0.08, 0.02, 0.01 Linux 4.18.0-rc5-1048-ayufan-g69e417fe38cf (rockpro64) 07/27/18 _aarch64_ (6 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 0.54 0.00 0.74 0.39 0.00 98.33 Device tps kB_read/s kB_wrtn/s kB_read kB_wrtn mmcblk0 20.63 634.58 48.26 168380 12804 nvme0n1 0.14 4.01 0.00 1064 0 total used free shared buff/cache available Mem: 3.8G 241M 3.4G 19M 201M 3.5G Swap: 0B 0B 0B ########################################################################## Komplett -> http://ix.io/1ix7
  • Image 0.7.8 - Latest release

    ROCKPro64 rockpro64
    1
    0 Stimmen
    1 Beiträge
    571 Aufrufe
    Niemand hat geantwortet
  • nodejs & NodeBB

    ROCKPro64 rockpro64
    1
    1
    0 Stimmen
    1 Beiträge
    543 Aufrufe
    Niemand hat geantwortet
  • Redis Datenbank sichern

    Verschoben Redis linux redis
    1
    0 Stimmen
    1 Beiträge
    814 Aufrufe
    Niemand hat geantwortet