molezz BAR

molezz BAR

记录下那些感想 #book #biotech #software

N1 box updates Armbian and installs PVE.

Recently, the router provided by the mobile company unexpectedly came with VLAN transparent functionality, so I no longer need to use AiKuai dial-up. Therefore, I decided to save some electricity and stop using Hyperv, and instead re-enable the N1 box.

After looking into it, I found that there is already a very mature Armbian solution created by experts, so there is no longer a need to burn and replace files like before.

Download the image from and choose amlogic_s905d_bullseye_6.1.59_server.

Use balenaEtcher-Portable-1.18.11 to burn the image to a USB drive. I tried multiple times to boot from a mobile hard drive during the process, but all attempts failed (both mechanical hard drives and SSDs).

Plug the USB drive into the USB port near the HDMI port and power on. The new version automatically expanded the USB drive to utilize all 256GB, so there is no longer a need to use "armbian-tf" for expansion. Update the latest script "armbian-sync". Change the source to a domestic one.

Use "armbian-software" for settings and installation. After checking the list, I found that there is no OMV, but surprisingly there is PVE. I directly selected the corresponding number and installed it to try it out. After all, PVE's LXC and VM management is still very convenient. After installation, I checked and found that the memory usage was over half, which was quite exaggerated. Therefore, I reduced some services and enabled IPV6.

systemctl stop pve-ha-lrm.service
systemctl stop pve-ha-crm.service
systemctl disable pve-ha-lrm.service
systemctl disable pve-ha-crm.service
systemctl disable pve-firewall.service
systemctl stop pve-firewall.service
systemctl stop pvescheduler.service
systemctl disable pvescheduler.service
systemctl stop spiceproxy.service
systemctl disable spiceproxy.service
# Enable IPV6
# Add the following configurations to /etc/sysctl.conf
sysctl -p

Set up dynv6, run on startup, and use cron to prevent disconnection. Add .ssh\authorized_keys for easy login.

Install Tailscale for a large internal network, set up subnet routing, install AdGuardHome, and disable the system's built-in resolver.

Following this guide, disabling log services seems to improve the lifespan of the USB drive.

The default LXC template is for amd64, but you can download the arm64 LXC template from here, such as Alpine, and place it in /var/lib/vz/template/cache/.

Use the certificate.crt and certificate.key obtained from the command tailscale cert domain and upload them to PVE's certificates for easy login and password retention. They can also be used for AdGuardHome, but they are only for use within the large internal network.

This power consumption and price are still the best on the market.



Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.