Raspberry Pi 4 headless installation with housekeeping (firmware update, zsh, zerotier, x2go, backup)

I have a Raspbian Pi 4 and I want to use it as gateway for my HomeLab server.

Let’s do it together with zerotier networking so wherever you take your server, You will not be in need of dealing with network issues.

Preparing SD Card or USB Disk

Using Raspbian Pi imager burn your Raspberry Pi OS

In my case I downloaded new 64bit beta version of Raspberry Pi OS

I burned the image using Raspberry Pi Imager v.1.4

If you want to get rid of SD cards like me, after first installation on SDcard and back up your system, update firmware of your Raspberry Pi which will allow you booting from USB.

I highly recommend usb boot and 64 bit OS to utilize your Raspberry in a better way. But for now if you still didn’t complete installation you can skip this part

Updating firmware

You can check your existing firmware version with this command

vcgencmd bootloader_version

You can check your following folder for your lastest stable firmware

ls -al /lib/firmware/raspberrypi/bootloader/stable/

if you want to update here is the command

sudo rpi-eeprom-update -d -f /lib/firmware/raspberrypi/bootloader/stable/pieeprom-YYYY-MM-DD.bin

Setting ssh access and WiFi connection for headless installation

After burning image, mount your media again to you computer. You should see a disk with a name boot.

For a headless (without connecting your rpi to monitor, keyboard & mouse ) start we will create 2 new files

Create an empty file named ssh (this will allow us to ssh to our rpi)

Create a file named wpa_supplicant.conf

You need to write following in wpa_supplicant.conf file.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=NL

network={
ssid=”Your_SSID”
psk=”Your_Password”
}

Don’t forget to replace your WiFi SSID and password

You can now unmount your SdCard or USB disk and attach it to your Raspberry Pi.

Before Powering you Pi please run this command on your computer

arp -an

You can see existing IP addresses available, If you want take a note of this list. After powering your Pi you will run the same command again. You should catch a new IP which is your Pi. Wee will ssh to that IP

Now poeruo you Pi and wait around a minute until it boots up and attaches WiFi
Run arp -an command again

You should see a new IP if all went ok. If not check previous steps and make sure that you did all in the right way.

If you are struggling finding IP address you log in to your dhcp server (your access point in most cases)

When you get you new IP run following command. pi is default user and raspberry is default password

ssh pi@12.34.56.78

Replace the IP with the one you found from arp -an command

Accept key fingerprint with yes

And type raspberry when you have been asked for password

You should be logged in congrats. now lets proceed with housekeeping

Update your system

sudo apt update && sudo apt dist-upgrade

dist-upgrade is a smart version of upgrade which manages dependencies and removes if necessary

/etc/apt/sources.list file contains a list of locations

Change default password

passwd

if you need additional users you can check this link

https://www.raspberrypi.org/documentation/linux/usage/users.md

Passwordless SSH Access

I’m on MacOS it will be similar for Linux as well

if you have existing SSH key you don’t need to generate a new one. Check following folder

~/.ssh

if you have id_rsa and id_rsa.pub you don’t to create one

I will generate one with following command

ssh-keygen

now I have my Keys id_rsa and id_rsa.pub

I choose no passphrase

now copy your SSH key to raspberry

ssh-copy-id pi@12.34.56.78

this will be last time that you will be asked a password

now connect your pi passwordless with SSH

ssh pi@12.34.56.78

change SSH host keys cause images are preconfigured with same keys

sudo rm /etc/ssh/ssh_host_*
sudo dpkg-reconfigure openssh-server
sudo systemctl restart ssh

Your available services are in /etc/systemd folder

I like to use vim as text editor and zsh as shell lets install them

sudo apt install vim zsh

chsh -s /bin/zsh

disconnect from pi with following command to connect again to our new shell with new ssh_host_key

exit

Open ~/.ssh/known_hosts file on your computer.

Find your raspberry pi IP address and delete that raw be careful not to delete any other known hosts

now connect back again to raspberry

ssh pi@12.34.56.78

you will have a zsh config screen to use it for the first time just press q to quit cause we will install 0h-my-zsh and it will configure zsh

We need to install fonts for the theme

mkdir ~/.fonts
cd $_
wget https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Regular.ttf
wget https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Bold.ttf
wget https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Italic.ttf
wget https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Bold%20Italic.ttf

sh -c “$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

Plugins and themes installation for oh-my-zsh

plugins
zsh-syntax-highlighting
zsh-autosuggestions
zsh-completions
themes
powerlevel10k

git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting

git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions

git clone https://github.com/zsh-users/zsh-completions ${ZSH_CUSTOM:=~/.oh-my-zsh/custom}/plugins/zsh-completions

git clone — depth=1 https://github.com/romkatv/powerlevel10k.git ${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k

vi .zshrc

Go INSERT mode

uncomment following line to modify PATH

export PATH=$HOME/bin:/usr/local/bin:$PATH

Modify plugins

plugins=(git zsh-completions zsh-autosuggestions zsh-syntax-highlighting)
autoload -U compinit && compinit

Set theme

Set ZSH_THEME=”powerlevel10k/powerlevel10k”

Add following lines at the end of .zshrc file for a better handling on history in case you don’t use oh-my-zsh, if you use please ignore them

You can check oh-my-zsh history handling from this link https://github.com/ohmyzsh/ohmyzsh/blob/master/lib/history.zsh

export HISTFILE=~/.zsh_history # set zsh history file
export HISTFILESIZE=1000000000 # its not like bash, we cannot just leave blank for unlimited // Refers to the number of commands that are stored into the history file
export HISTSIZE=10000 # its not like bash, we cannot just leave blank for unlimited // Refers to the number of commands that are loaded into memory from the history file
setopt INC_APPEND_HISTORY # to add commands immediately to zsh_history
export HISTTIMEFORMAT=”[%F %T] “ # to format them properly
setopt EXTENDED_HISTORY # adding timestamp // history command has -E option as well

Following are optional choose one of them I recommend second one if system is not a mission critical system

setopt HIST_FIND_NO_DUPS # You add all commands to history but ctrl+R will not offer you dublicates when you go through history with UP and DOWN keys
setopt HIST_IGNORE_ALL_DUPS # You don’t add dublicate commands to history

esc :wq!

exit

reconnect to Pi

ssh pi@12.34.56.78

This time Powerlevel10k configuration wizard will welcome you

set it regarding your taste

Disable login with user/password

please make sure you can login passwordless before doing this

sudo vim /etc/ssh/sshd_config

we will add in between 2 commented lines PasswordAuthentication no as follows

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
PasswordAuthentication no
#PermitEmptyPasswords no

Install zerotier and configure

For those who don’t know about zerotier, It’s an opensource project to create VPN within your devices. They are providing cloudbased management for your network and its absolutely free up to 100 devices.

curl -s ‘https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg — import && \
if z=$(curl -s ‘https://install.zerotier.com/' | gpg); then echo “$z” | sudo bash; fi

Install also for your computer in my case I installed for MacOS

https://www.zerotier.com/download/

Create a network for yourself

https://my.zerotier.com/login

I used my gmail account for login

I created my network and joined to network from MacOS and raspberry pi

You can see your network id in your https://my.zerotier.com/network/...

sudo zerotier-cli join your_network_id

Don’t forget to authorize devices you added from https://my.zerotier.com/network/...

You can add your devices from https://my.zerotier.com/network/... as well then you need to get your id from your devices whit this command

sudo zerotier-cli info

Give names and descriptions also

I added my android and ios ipad os devices also to the network. you can download client apps from app stores.

Install x2go

sudo apt install x2goserver

before we connect install some desktops

sudo tasksel

I enabled MATE cause it is lightweight

I installed x2goclient for MacOS also

enjoy your remote desktop with x2go through zerotier network from anywhere around the world even without using your password

Bear in mind you have single application as an option for session type which can be very useful for example running a browser locally with remote network

One more thing…

Backup your system

Save your usb drive or sd card as an image so that you dont need to go through all the steps above I will write steps for MacOS it will be similar for linux as well

Attach your usb drive or sd card to your computer and use following command to see your disks

df

Find your usb drive or sd card, in my case it is /dev/disk2s1

Then execute following command

sudo dd bs=4m if=/dev/rdisk2 of=raspbian.img

It will take some time don’t worry

In Windows you can use https://sourceforge.net/projects/win32diskimager/

You can restore your system from this image anytime using Raspberry

Cheers