+See OEM (Ozzmaker) [[https://ozzmaker.com/berrygps-berrygps-imu-quick-start-guide/][quickstart guide for the BerryGPS-IMU]].
+
+**** Physical Setup
+
+BerryGPS-IMU must be electrically connected to the correct pins on the
+GPIO header of a Raspberry Pi Zero W.
+
+*Optional*: stack together with PiZ Uptime 2.0 module. No GPIO pins
+conflict so a simple stacking and soldering with long header pins is
+possible.
+
+**** Software Setup
+***** Install Executables
+
+Install Raspbian 10 Buster onto an SD card image. See the Raspberry Pi
+Foundation [[https://www.raspberrypi.org/documentation/installation/installing-images/README.md][installation instructions]]. Configure WiFi to permit log
+file transfer. Configure SSH to permit remote administration via the
+command line interface.
+
+Make sure to install the ~unattended-upgrades~ package to make sure
+the latest security patches for packages are installed. See [[https://linux-audit.com/using-unattended-upgrades-on-debian-and-ubuntu/][this page]]
+for a description of how ~unattended-upgrades~ works.
+
+Install ~gpsd~, ~gpspipe~, ~git~, and this repository for location
+logging capability.
+
+Install ~syncthing~ for log file transfer capability.
+
+Place ~age~ binary (the one compiled for ARM CPU architecture for
+Linux) in ~$HOME/.local/bin~.
+
+***** Disable Swap File
+Since standard Raspbian 10 (Buster) install involves copying
+unencrypted file system image to SD card which is mounted by the
+Raspberry Pi, system memory may be written to disk in the form of a
+Swap file as described [[https://ideaheap.com/2013/07/stopping-sd-card-corruption-on-a-raspberry-pi/][here]]. In order to reduce the chance that
+location log data is ever written to disk, swap file functionality
+must be disabled[fn:ideaheap_20130731_disableswap].
+
+Raspbian 10 uses dphys-swapfile to manage a swap file. It may be
+disabled persistently[fn:rpf_20190702_disableswappersist] by running
+the following command:
+
+: sudo systemctl disable dphys-swapfile.service
+
+To view the status of the swap file in Raspbian 10, run ~free -m~:
+
+#+BEGIN_EXAMPLE
+pi@ninfacyzga-01:~$ free -m
+ total used free shared buff/cache available
+Mem: 432 86 36 21 309 268
+Swap: 99 0 99
+#+END_EXAMPLE
+
+After disabling the swap file and rebooting:
+
+#+BEGIN_EXAMPLE
+pi@ninfacyzga-01:~$ free -m
+ total used free shared buff/cache available
+Mem: 432 89 214 3 128 289
+Swap: 0 0 0
+#+END_EXAMPLE
+
+[fn:ideaheap_20130731_disableswap] Explanation:
+https://ideaheap.com/2013/07/stopping-sd-card-corruption-on-a-raspberry-pi/
+
+[fn:rpf_20190702_disableswappersist] Persistant disabling of swap in
+Raspbian 10 Buster:
+https://www.raspberrypi.org/forums/viewtopic.php?p=1490692&sid=5c596a124b7805d6b10dab8d3d7caf16#p1490692
+
+***** Automatic Start Configuration
+
+It is recommended to create a daily ~cron~ job that executes a bash
+script that starts ~bklog~ jobs to record location along with other
+types of data recording. An example of such a script is below:
+
+#+BEGIN_EXAMPLE
+#!/bin/bash
+
+# Log location
+gpspipe -r | /bin/bash "$HOME/.local/bin/bklog" -c -e -z "UTC" -t "/dev/shm" \
+ -r age1kza7pfshy7xwygf9349zgmk7x53mquvedgw9r98qwyyqhssh830qqjzlsw \
+ -r age1ce3pvzrqfcn2pc6zqzglc8ac8yjk3fzukpy08cesqjjwns53xywqmaq7xw \
+ -R "$HOME/.config/bklog/recipients" -w ".nmea" -b "300" -B "day" \
+ -o "$HOME/Sync/Evanescent_Location" -l "location" \
+ -p "gpsbabel -i nmea -f - -o gpx -F - " ".gpx" \
+ -p "gpsbabel -i nmea -f - -o kml -F - " ".kml" &
+# Log pressure
+python ~/.local/bin/bmp388.py | /bin/bash "$HOME/git-OC/ninfacyzga-01/exec/bklog" \
+ -c -e -z "UTC" -t "/dev/shm" \
+ -r age1kza7pfshy7xwygf9349zgmk7x53mquvedgw9r98qwyyqhssh830qqjzlsw \
+ -r age1ce3pvzrqfcn2pc6zqzglc8ac8yjk3fzukpy08cesqjjwns53xywqmaq7xw \
+ -R "$HOME/.config/bklog/recipients" -w ".txt" -b "300" -B "day" \
+ -o "$HOME/Sync/Evanescent_Location" -l "pressure" &
+#+END_EXAMPLE
+
+This script, if it were saved at
+~"$HOME/.local/bin/cron/dailylog.sh"~ would then be added as a
+line in the ~crontab~ file as shown below:
+
+#+BEGIN_EXAMPLE
+$ crontab -e
+0 0 * * * /bin/bash ~/.local/bin/cron/dailylog.sh
+@reboot /bin/bash ~/.local/bin/cron/dailylog.sh
+#+END_EXAMPLE
+
+In the example script, the options are:
+
+: -c : tells bklog to compress output
+: -e : tells bklog log to encrypt output
+: -r : tells bklog to interpret the next argument as a pubkey string
+: -R : tells bklog to interpret the next argument as a directory
+: where public keys may be found (first line of each file is
+: read).
+: -o : tells bklog to write output files to the directory represented
+: -t : tells bklog to interpret the next argument as a directory
+: for storing temporary files
+: by the next argument
+: -p : tells bklog a command string through which output is piped
+: before being compressed and encrypted. Also expected is a
+: file extension to be appended before the compression and
+: encryption file extensions.
+: -w : tells bklog to save the unprocessed stdin with a specified
+: file extension (instead of the default '.stdin').
+: -b : tells bklog how long each buffer round (time between file
+: writes) lasts in seconds.
+: -B : specifies the time-to-live for the bklog script. A valid value may
+: one of the time elements such as "day" or "hour".
+: -l : specfies a custom string to be used in output file names to
+: help differentiate tar files produced via bklog from different
+: sources of data.
+: -z : specifies a time zone to be used to determine the script time-to-live.
+: By default, bklog uses whatever time is specified by the TZ
+: environment variable.
+
+***** Log Transfer Configuration
+Log files may be shared to other machines via ~syncthing~. See [[https://docs.syncthing.net/][this]]
+manual for how to set up a shared folder and add Ninfacyzga-01 as a
+device. Syncthing's directory synchronization capability allows a
+remote machine to delete files from Ninfacyzga-01 by deleting from the
+shared folder that they both share.
+
+When log files are removed from Ninfacyzga-01 is not within the scope
+of this document.
+
+***** Key Generation
+An ~age~ encryption key may be generated like so:
+#+BEGIN_EXAMPLE
+$ umask # Gets current umask
+0022 # Note: This is the default umask for Raspbian 10
+$ umask 066 # So key.txt will have no perms except for owner (you)
+$ umask # Confirm umask set to 066
+0066
+$ age-keygen > key.txt
+Public key: age1pu5usxm743sx7rf22985xv2f4s0luzv6r6yx4fa7p8c2zyvp9fvqus2xr5
+$ ls -al key.txt
+-rw------- 1 baltakatei baltakatei 184 Jun 29 18:28 key.txt
+$ umask 0022 # Return umask to default value
+$ umask
+0022
+#+END_EXAMPLE
+
+The resulting public/private keypair data looks like:
+#+BEGIN_EXAMPLE
+$ cat key.txt
+# created: 2020-06-29T18:01:56Z
+# public key: age1pu5usxm743sx7rf22985xv2f4s0luzv6r6yx4fa7p8c2zyvp9fvqus2xr5
+AGE-SECRET-KEY-1NEUU5U2XGZGL9UYWNPU5DL99TGJJHFSN4F2E2WCCSDJJ6L5ZMLESNTVTU0
+#+END_EXAMPLE
+
+The file ~key.txt~ is not password-protected by default and should be
+secured like an SSH public key should. The ~$ umask 066~ command run
+before the ~$ age-keygen > key.txt~ command ensures ~key.txt~ will not
+be readable, writeable, or executable to anyone except the owner
+(you).
+
projects / EVA-2020-02.git / blobdiff