• Stars
    star
    898
  • Rank 50,853 (Top 2 %)
  • Language
    CSS
  • Created about 7 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A DIY IPMI / IP KVM system utilizing the Raspberry Pi

A DIY IPMI / IP KVM system utilizing the Raspberry Pi

A web-accessable IPMI / IP KVM system that provides full keyboard control, monitor view, and and the ability to reboot computers with standard motherboards remotely as if you were sitting in front of them with a keyboard and monitor.

Screenshot

Requirements

A full wishlist totaling under $120 at the time of this writing can be found at http://a.co/36FK9T8

Before assembling

On the Pi3, flash http://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2017-09-08/. As of this writing you may use the latest Stretch version, however this was the version used successfully.

On the Pi0, flash http://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2017-03-03/. You must use this version for this to work. There aren't really security implications since the Pi0 can only be accessed from a serial session on the Pi3.

Before putting the SD into the Pi0, add this to the end of /boot/config.txt:

dtoverlay=dwc2
enable_uart=1

Before putting the SD into the Pi3, create a blank file called SSH on the boot drive to enable SSH.

Also, if you will be connecting via Wifi, create a file in boot called wpa_supplicant.conf that uses unix based line feeds. To ensure that is the case, use Notepad++ or another editor that allows you to change line feed types (bottom right), or copy the config.txt file and rename it. Include the following:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

network={
    ssid="NETWORKNAME"
    psk="PASSWORD"
    key_mgmt=WPA-PSK
}

Setting up the hardware

Here is a diagram of how you connect all of the pieces:

Diagram

View the high resolution version

The detailed process is to:

Quick Install

The quick method of installation is to simply run the install script on the Pi3 as the pi user:

wget https://raw.githubusercontent.com/Fmstrat/diy-ipmi/master/install.sh
chmod +x install.sh
./install.sh

Everything will be done on the Pi3 and Pi0 automatically with the video input defaulting to s-video.

If you would like to manage multiple servers with one IPMI system, please see the Managing multiple servers section below.

Be sure to check the bottom of this README for Tips and Troubleshooting!

The long way

If you would like to do things step by step to understand how things work, the following instructions can be used.

Setting up the Pi 3

First, let's get all the software we need:

sudo apt-get update
sudo apt-get -y install libav-tools screen lighttpd php php-cgi git
cd /opt
sudo git clone https://github.com/Fmstrat/diy-ipmi
sudo chown pi diy-ipmi -R
chmod +x /opt/diy-ipmi/Pi3/*.py
chmod +x /opt/diy-ipmi/Pi3/*.sh

To test the ability to reboot the computer via the relay board, run:

/opt/diy-ipmi/Pi3/rebootServer.py

Test this script to see if it resets the computer. If you are interested, look in the python script to see the numbers associated with which of the 8 relays you could use for multiple computers.

Next, set up the HTTP server.


read -s -p "Password for web IPMI console (user 'ipmi'): " IPMIPASS
echo ""
echo "ipmi:${IPMIPASS}" | sudo tee --append /var/www/ipmipasswd

sudo lighty-enable-mod fastcgi-php
echo '' | sudo tee --append /etc/lighttpd/lighttpd.conf
sudo adduser www-data gpio
echo 'server.modules += ( "mod_auth" )' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo 'auth.debug = 2' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo 'auth.backend = "plain"' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo 'auth.backend.plain.userfile = "/var/www/ipmipasswd"' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo 'auth.require = ( "/" =>' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo '        (' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo '                "method" => "basic",' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo '                "realm" => "Password protected area",' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo '                "require" => "user=ipmi"' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo '        )' | sudo tee --append /etc/lighttpd/lighttpd.conf
echo ')' | sudo tee --append /etc/lighttpd/lighttpd.conf

cd /var/www/
sudo mv /var/www/html /var/www/html.orig
sudo ln -s /opt/diy-ipmi/Pi3/html /var/www/html

echo '[Server 1]' | sudo tee --append /etc/ipmi.conf
echo 'TTY=/dev/ttyUSB0' | sudo tee --append /etc/ipmi.conf
echo 'VID=/dev/video0' | sudo tee --append /etc/ipmi.conf
echo 'INP=1' | sudo tee --append /etc/ipmi.conf
echo 'PIN=2' | sudo tee --append /etc/ipmi.conf

sudo service lighttpd force-reload
sudo systemctl restart lighttpd
sudo systemctl enable lighttpd

Lastly, get everything running right by completing some tasks and updating /etc/rc.local to ensure they happen at boot:

sudo chmod a+rw /dev/video0
sudo mkdir -p /mnt/ramdisk
sudo mount -t tmpfs -o size=3m tmps /mnt/ramdisk
sudo chown www-data /mnt/ramdisk
sudo v4l2-ctl -d /dev/video0 --set-input=1
sudo chmod a+rw /dev/ttyUSB0

sudo sed -i 's/exit 0//g' /etc/rc.local
echo "chmod a+rw /dev/video0" | sudo tee --append /etc/rc.local
echo "mkdir -p /mnt/ramdisk" | sudo tee --append /etc/rc.local
echo "mount -t tmpfs -o size=3m tmps /mnt/ramdisk" | sudo tee --append /etc/rc.local
echo "chown www-data /mnt/ramdisk" | sudo tee --append /etc/rc.local
echo "v4l2-ctl -d /dev/video0 --set-input=1" | sudo tee --append /etc/rc.local
echo "chmod a+rw /dev/ttyUSB0" | sudo tee --append /etc/rc.local
echo "exit 0" | sudo tee --append /etc/rc.local

Setting up the Pi 0

Make sure you can access the Pi0 from the Pi3 by running:

screen /dev/ttyUSB0 115200

Press enter until you see a login prompt. Do not login. Instead, exit the session by hitting Control-A then typing :quit and pressing enter.

On the Pi3, run:

/opt/diy-ipmi/Pi3/checkPi0Login.sh

echo "sudo systemctl enable [email protected]" >> /dev/ttyUSB0
echo "sudo cp /lib/systemd/system/[email protected] /etc/systemd/system/[email protected]" >> /dev/ttyUSB0
echo "sudo sed -i 's/agetty --keep-baud 115200/agetty -a pi --keep-baud 115200/g' /etc/systemd/system/[email protected]" >> /dev/ttyUSB0
echo "sudo systemctl daemon-reload" >> /dev/ttyUSB0

echo "sudo systemctl disable networking" >> /dev/ttyUSB0
echo "sudo apt-get -y remove dhcpcd5 isc-dhcp-client isc-dhcp-common" >> /dev/ttyUSB0
sleep 60

echo "rm -f /tmp/B64" >> /dev/ttyUSB0
for LINE in $(base64 /opt/diy-ipmi/Pi0/enableHID.sh); do echo "echo $LINE >> /tmp/B64" >> /dev/ttyUSB0; done
echo "base64 -d /tmp/B64 > /home/pi/enableHID.sh" >> /dev/ttyUSB0
echo "chmod +x /home/pi/enableHID.sh" >> /dev/ttyUSB0

echo "rm -f /tmp/B64" >> /dev/ttyUSB0
for LINE in $(base64 /opt/diy-ipmi/Pi0/sendkeys.c); do echo "echo $LINE >> /tmp/B64" >> /dev/ttyUSB0; done
echo "base64 -d /tmp/B64 > /home/pi/sendkeys.c" >> /dev/ttyUSB0
echo "gcc -o /home/pi/sendkeys /home/pi/sendkeys.c" >> /dev/ttyUSB0

sudo apt-get -y install libusb-dev
cd /opt/diy-ipmi/Pi0/
gcc -o hub-ctrl hub-ctrl.c -lusb
for LINE in $(base64 hub-ctrl); do echo "echo $LINE >> /tmp/B64" >> /dev/ttyUSB0; done
echo "base64 -d /tmp/B64 > /home/pi/hub-ctrl" >> /dev/ttyUSB0
echo "chmod +x /home/pi/hub-ctrl" >> /dev/ttyUSB0
cd -

echo "sudo /home/pi/enableHID.sh" >> /dev/ttyUSB0
echo "sudo sed -i 's/exit 0//g' /etc/rc.local" >> /dev/ttyUSB0
echo "echo /home/pi/enableHID.sh | sudo tee --append /etc/rc.local" >> /dev/ttyUSB0
echo "echo exit 0 | sudo tee --append /etc/rc.local" >> /dev/ttyUSB0

Access the IPMI

You should now be able to access the IPMI console at http://<RaspberryPi3IP>/. From here you can set up SSL and port forwarding to the device as your situation requires.

Managing multiple servers

Multiple servers can be managed by using multile USB capture devices (one per server), multiple USB-to-Serial adapters each with their own Pi0 (one per server), and using one of the 8 relays on the relay board as the reset button. Once installed, edit /etc/ipmi.conf. The format should be:

[My first server]
TTY=/dev/ttyUSB0
VID=/dev/video0
INP=1
PIN=2

[My second server]
TTY=/dev/ttyUSB1
VID=/dev/video1
INP=1
PIN=3
  • When hooking up multiple TV tuners and USB-to-Serial devices to Pi0s, it is recommended to use a powered USB hub.
  • The INP field is 1 for s-video or 0 for composite. You can actually use one capture device for two servers by using both inputs.
  • The PIN value is the pin on the relay board. The valid values are 2, 3, 4, 17, 27, 22, 10, 9.

Tips

If you're using this on a Linux headless machine that's not running X11, it's easier to read the console if things are nice and big. Disabling the video driver is an easy way to accomplish this as it will just default to a generic NTSC or PAL signal. For instance, with an nVidia card, you could follow these directoins: https://askubuntu.com/questions/481414/install-nvidia-driver-instead-of-nouveau

To enable SSL, you need a combined PEM file which can be created by:

cat myserver.key mycert.crt myca.ca-bundle > mypem.pem

Then add this into the /etc/lighttpd/lighttpd.conf file (editing as required):

$SERVER["socket"] == ":443" {
	ssl.engine = "enable"
	ssl.pemfile = "/opt/certs/mypem.pem"
	server.name = "host.domain.com"
	server.document-root = "/var/www/html"
	ssl.use-sslv2 = "disable"
	ssl.use-sslv3 = "disable"
	ssl.use-compression = "disable"
	ssl.honor-cipher-order = "enable"
	ssl.cipher-list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA"
	server.errorlog = "/var/log/lighttpd/serror.log"
	accesslog.filename = "/var/log/lighttpd/saccess.log"
}

Troubleshooting

If you're not getting video, here are some troubleshooting methods:

First make sure the INP field in /etc/ipmi.conf is set to the right input. Input 0 is usually Composite, and Input 1 is usually S-Video.

Connect a source and test to see if it's working.

apt-get install mencoder
mencoder tv:// -tv driver=v4l2:norm=NTSC:device=/dev/video0:input=1:fps=5 -nosound -ovc copy -o test.avi
v4l2-ctl -d /dev/video0 --set-input=1
avconv -f video4linux2 -i /dev/video0 -vframes 1 -s 720x480 test.jpg

Control-C that, and sftp the files to a host for viewing and playback:

sftp test.avi root@hostname:/folder/test.avi
sftp test.avi root@hostname:/folder/test.jpg

You can test keyboard control from the Pi0 with commands like:

/home/pi/sendkeys /dev/hidg0 keyboard

You will need to type things like "a" and press ENTER to send the "a." Other ways to send keys include things like:

echo 'a' | /home/pi/sendkeys /dev/hidg0 keyboard
echo 'return' | /home/pi/sendkeys /dev/hidg0 keyboard
echo 'shift a' | /home/pi/sendkeys /dev/hidg0 keyboard
echo 'left-meta space' | /home/pi/sendkeys /dev/hidg0 keyboard

To reset the keyboard controller run this on the Pi3:

/opt/diy-ipmi/Pi3/resetPi0HID.sh

If you get wierd USB errors, make sure your power brick is strong enough and that you're not trying to power the HDMI to S-Video converter via the Pi3.

More Repositories

1

winapps

Run Windows apps such as Microsoft Office/Adobe in Linux (Ubuntu/Fedora) and GNOME/KDE as if they were a part of the native OS, including Nautilus integration.
Shell
8,434
star
2

wintile

Windows 10 window tiling for GNOME
JavaScript
424
star
3

samba-domain

Samba Active Directory Domain Controller for Docker
Shell
262
star
4

ownnote

Notes app for ownCloud
PHP
168
star
5

plex-db-sync

Synchronizes the database watched status between two Plex servers. This includes watched times, and works for all users on the system without the need for tokens.
Shell
151
star
6

odm

ODM: Open Device Manager for Android
Java
111
star
7

loffice-365

An electron wrapped Office 365 application integrated into your file manager as if it was a native application.
Shell
91
star
8

lcs

Lemmy Community Seeder (LCS)
JavaScript
70
star
9

gam

GitHub Application Manager
Shell
69
star
10

easywildcard

A single-command docker container that makes it easy for anyone to utilize a wildcard SSL certificate from Let's Encrypt.
Shell
55
star
11

plex-cluster

Synchronizes the watched and timeline status between any number of Plex servers all using standard Plex APIs.
JavaScript
53
star
12

odm-web

ODM: Open Device Manager for Android - Web Interface
PHP
49
star
13

glassit-linux

Adds transparency to VSCode in Linux.
JavaScript
39
star
14

plex-ssl

A guide to using NGINX to secure Plex via SSL
Shell
39
star
15

shorten

A URL Shortening and Privacy Tool for ownCloud
PHP
30
star
16

youtube-dl-api

A server application with bookmarklet that allows you to tell a server to download videos.
Python
29
star
17

ffmkv

A bash wrapper for FFMPEG with an Inquirer menu interface and progress monitoring.
Shell
25
star
18

ultimatebackup

A backup script for Linux that can back up an entire system, including KVMs, and then break it up into pieces to be backed up onto multiple external hard drives.
Shell
23
star
19

server-monitor

Checks if ips:ports are up and running.
Python
20
star
20

pushover-desktop

An electron wrapped Pushover.net desktop application.
Shell
20
star
21

lpp

Lemmy Post Purger (LPP)
JavaScript
20
star
22

sshtunnel

Docker SSH Tunnel
Shell
11
star
23

webbian

A web accessible Virtual Machine powered by Docker, Debian, and noVNC.
Shell
11
star
24

traccar-notifier

A node app/docker container to enable push notifications from Traccar to multple platforms.
Pug
11
star
25

google-voice

An electron wrapped Google Voice application with light and dark themes.
JavaScript
9
star
26

spcs

SPCS, or Simple PHP Content Server, is a PHP based content server that reads directly from the Calibre metadata.db file.
PHP
8
star
27

agriget

A Feedly styled RSS reader with TT-RSS functionality.
PHP
8
star
28

lds

Lemmy Defederation Sync (LDS)
JavaScript
6
star
29

plex-sync

Docker container for plex-sync that allows you to synchronize remote servers across the internet via SSL with dynamic DNS hostnames.
Shell
5
star
30

User-Profiles-for-iPad

From http://nowsci.com
5
star
31

dnsexit

DNSExit dynamic IP client for Docker
Shell
5
star
32

upload

An auto-uploader via SSH to a web URL for Linux, OSX, and WSL.
Shell
4
star
33

zcashd

A docker image for zcashd with Payment Disclosure and Tor.
Shell
4
star
34

cloudstomp

Automated deployment of instances on EC2 via plugin for high CPU/GPU applications at the lowest price.
Python
3
star
35

article-attachment

Tiny Tiny RSS Plugin to put the largest media attachment at the top of feed content.
PHP
3
star
36

agriget-docker

Docker container for Agriget, a Feedly styled RSS reader with TT-RSS functionality.
Dockerfile
3
star
37

nowgallery

A simple web-app gallery for desktops, iOS, and Android
PHP
3
star
38

page-check

Watches a web page and sends an email when a string is detected (or not).
JavaScript
3
star
39

message-archive

A web-based message archive viewer for Signal and Google Voice.
Python
3
star
40

selenium

Docker container for python selenium scripts with Firefox
Dockerfile
2
star
41

linux-gaming

Linux game guides
2
star
42

platform_vendor

Vendor files and extra for android
Shell
1
star
43

ownnote-mobile

Mobile app for ownNote
HTML
1
star
44

homegenie

Docker implementation of HomeGenie
Shell
1
star
45

kali-profiles

A profile and network manager for Kali VMs to keep client information encrypted and seperate on a single VM
Shell
1
star
46

docker-ttrss

Tiny Tiny RSS in Docker with LDAP and International Support.
Dockerfile
1
star
47

amico

Timesheet Management
1
star
48

cloudstomp-plugins

Plugins for Cloudstomp
Shell
1
star
49

owncloud-zips

Zip archives for apps.owncloud.org
1
star
50

temperate

A Material Design Weather Application
Java
1
star