From 6593c6a5714c3db59e635de13367ed09073e7775 Mon Sep 17 00:00:00 2001 From: Niko Date: Mon, 3 Nov 2025 13:29:04 +0000 Subject: [PATCH] safety commit --- flows/showroom_flow.json | 2 +- rpi5_lav_setup/lavadmin@192.168.1.34 | 75 ++++++++++++++++++++++++++++ rpi5_lav_setup/rpi5_lav_setup.txt | 75 ++++++++++++++++++++++++++++ 3 files changed, 151 insertions(+), 1 deletion(-) create mode 100755 rpi5_lav_setup/lavadmin@192.168.1.34 create mode 100755 rpi5_lav_setup/rpi5_lav_setup.txt diff --git a/flows/showroom_flow.json b/flows/showroom_flow.json index 7292edb..56aebda 100644 --- a/flows/showroom_flow.json +++ b/flows/showroom_flow.json @@ -1,4 +1,4 @@ -[ +ii[ { "id": "tabXilicaDash", "type": "tab", diff --git a/rpi5_lav_setup/lavadmin@192.168.1.34 b/rpi5_lav_setup/lavadmin@192.168.1.34 new file mode 100755 index 0000000..a5eced6 --- /dev/null +++ b/rpi5_lav_setup/lavadmin@192.168.1.34 @@ -0,0 +1,75 @@ +#!/usr/bin/env bash +set -euo pipefail + +# ==== EDIT THESE ==== +WIFI_SSID="Lav.Studio" +WIFI_PASS="0147258369" + +LIGHT_IP="192.168.50.10/24" # Pi's address on eth0 +LIGHT_NET_DNS="" # usually blank; no DNS on lighting net +# If you truly need a gateway on lighting (rare), set LIGHT_GW here and see notes below. +LIGHT_GW="" + +# Optional: if you want a static Wi-Fi IP instead of DHCP, set WIFI_STATIC="yes" +WIFI_STATIC="no" +WIFI_IP="192.168.10.20/24" +WIFI_GW="192.168.10.1" +WIFI_DNS="192.168.10.1" +# ===================== + +echo "[*] Updating system..." +sudo apt update +sudo apt full-upgrade -y + +echo "[*] Ensure NetworkManager is active (Bookworm default)..." +sudo systemctl enable --now NetworkManager + +echo "[*] Create Ethernet profile for lighting (static IP, NO gateway)..." +# Delete default connection if it exists, to avoid conflicts +nmcli -t -f NAME,TYPE con | grep -q "^Wired connection 1:ethernet$" && nmcli con delete "Wired connection 1" || true +nmcli con delete lighting >/dev/null 2>&1 || true + +nmcli con add type ethernet ifname eth0 con-name lighting ipv4.method manual ipv4.addresses "${LIGHT_IP}" ipv4.gateway "" ipv4.dns "${LIGHT_NET_DNS}" ipv6.method ignore +# Make sure this interface never installs a default route +nmcli con mod lighting ipv4.never-default yes +# Prefer Wi-Fi for routing by giving Ethernet a higher metric +nmcli con mod lighting ipv4.route-metric 300 + +echo "[*] Create Wi-Fi profile for Xilica..." +nmcli con delete xilica >/dev/null 2>&1 || true +if [ "${WIFI_STATIC}" = "yes" ]; then + nmcli con add type wifi ifname wlan0 con-name xilica ssid "${WIFI_SSID}" \ + ipv4.method manual ipv4.addresses "${WIFI_IP}" ipv4.gateway "${WIFI_GW}" ipv4.dns "${WIFI_DNS}" ipv6.method ignore +else + nmcli dev wifi connect "${WIFI_SSID}" password "${WIFI_PASS}" ifname wlan0 name xilica + nmcli con mod xilica ipv6.method ignore +fi +# Lower metric so Wi-Fi becomes preferred default route (if it has a gateway) +nmcli con mod xilica ipv4.route-metric 200 + +echo "[*] Disable IP forwarding to keep networks isolated..." +sudo bash -c 'cat >/etc/sysctl.d/99-no-forwarding.conf <:1880 and/or http://:1880" diff --git a/rpi5_lav_setup/rpi5_lav_setup.txt b/rpi5_lav_setup/rpi5_lav_setup.txt new file mode 100755 index 0000000..a5eced6 --- /dev/null +++ b/rpi5_lav_setup/rpi5_lav_setup.txt @@ -0,0 +1,75 @@ +#!/usr/bin/env bash +set -euo pipefail + +# ==== EDIT THESE ==== +WIFI_SSID="Lav.Studio" +WIFI_PASS="0147258369" + +LIGHT_IP="192.168.50.10/24" # Pi's address on eth0 +LIGHT_NET_DNS="" # usually blank; no DNS on lighting net +# If you truly need a gateway on lighting (rare), set LIGHT_GW here and see notes below. +LIGHT_GW="" + +# Optional: if you want a static Wi-Fi IP instead of DHCP, set WIFI_STATIC="yes" +WIFI_STATIC="no" +WIFI_IP="192.168.10.20/24" +WIFI_GW="192.168.10.1" +WIFI_DNS="192.168.10.1" +# ===================== + +echo "[*] Updating system..." +sudo apt update +sudo apt full-upgrade -y + +echo "[*] Ensure NetworkManager is active (Bookworm default)..." +sudo systemctl enable --now NetworkManager + +echo "[*] Create Ethernet profile for lighting (static IP, NO gateway)..." +# Delete default connection if it exists, to avoid conflicts +nmcli -t -f NAME,TYPE con | grep -q "^Wired connection 1:ethernet$" && nmcli con delete "Wired connection 1" || true +nmcli con delete lighting >/dev/null 2>&1 || true + +nmcli con add type ethernet ifname eth0 con-name lighting ipv4.method manual ipv4.addresses "${LIGHT_IP}" ipv4.gateway "" ipv4.dns "${LIGHT_NET_DNS}" ipv6.method ignore +# Make sure this interface never installs a default route +nmcli con mod lighting ipv4.never-default yes +# Prefer Wi-Fi for routing by giving Ethernet a higher metric +nmcli con mod lighting ipv4.route-metric 300 + +echo "[*] Create Wi-Fi profile for Xilica..." +nmcli con delete xilica >/dev/null 2>&1 || true +if [ "${WIFI_STATIC}" = "yes" ]; then + nmcli con add type wifi ifname wlan0 con-name xilica ssid "${WIFI_SSID}" \ + ipv4.method manual ipv4.addresses "${WIFI_IP}" ipv4.gateway "${WIFI_GW}" ipv4.dns "${WIFI_DNS}" ipv6.method ignore +else + nmcli dev wifi connect "${WIFI_SSID}" password "${WIFI_PASS}" ifname wlan0 name xilica + nmcli con mod xilica ipv6.method ignore +fi +# Lower metric so Wi-Fi becomes preferred default route (if it has a gateway) +nmcli con mod xilica ipv4.route-metric 200 + +echo "[*] Disable IP forwarding to keep networks isolated..." +sudo bash -c 'cat >/etc/sysctl.d/99-no-forwarding.conf <:1880 and/or http://:1880"