This is my full homeserver setup.

• ROCK 4 Model A+ (4GB RAM, 32GB EMMC) - allnet - radxa wiki
• M.2 extension board
• Samsung SSD 980 M.2 1TB
• SDSQXA2-064G-GN6MA
• Heatsink
• RTC battery

This setup allows powering down both 12V and 5V lines of the HDD using a single smart plug. Both The 5V and the 12V power supplies are connected to it.

• WD Red WD40EFRX 4TB
• benon multi-socket
• 1m deleyCON USB 3.0 extension (cut open to disconnect 5V and power it through a USB charger)
• Samsung USB charger (as the 5V power source, soldered to the cable above)
• TRÅDFRI smart plug
• EasyULT USB3 to SATA adapter
• Cheap 12V DC power adapter

• deleyCON 4 Port USB 3.0 HUB (connected through a USB2 extension cable to prevent 2.4GHz interference)
• CC2652P USB dongle

I'm using the internal MMC just for the firmware because:

• mainline linux had IO errors with the MMC
• The reserved partition of CoreOS is too small for rk3399

Installation:

• compile u-boot with rock-pi-4-rk3399_defconfig
• boot into any OS from the microSD so we can write to the MMC
• dd if=u-boot-rockchip.bin of=/dev/mmcblk0 seek=64

Convert ignition config

podman run --interactive --rm quay.io/coreos/butane:release --pretty --strict < coreos/homeserver.bu > coreos/homeserver.ign

Download current OS image:

podman run --privileged --rm -v .:/data -w /data quay.io/coreos/coreos-installer:release download --architecture aarch64

Write to micro SD:

sudo podman run --privileged --rm -v /dev:/dev -v /run/udev:/run/udev -v .:/data -w /data quay.io/coreos/coreos-installer:release install --offline --image-file fedora-coreos-37.20221106.3.0-metal.aarch64.raw.xz --ignition-file coreos/homeserver.ign /dev/mmcblk0

sudo rpm-ostree install htop inotify-tools python3

• htop: it's just very useful
• inotify-tools: required for my syncthing rsyncd setup
• python3: for ansible

These could be done with ansible but I found them a little too specific to my setup so I did them manually.

Ignore router DNS to prevent adding the search-domain to containers /etc/hosts:

nmcli con mod 'Wired connection 1' ipv4.ignore-auto-dns yes
nmcli con mod 'Wired connection 1' ipv6.ignore-auto-dns yes

Use the routers DNS server instead of pihole:

/etc/systemd/resolved.conf

[Resolve]
DNS=192.168.43.1

The gotify client needs this.

create /etc/pki/ca-trust/source/anchors/m1cha-main.pem
run update-ca-trust

arp-reply:

git clone tools/arp-reply
sh -c 'cd tools/arp-reply && cross build --release --target aarch64-unknown-linux-gnu'

std2pipe:

./tools/std2pipe/build_release.sh linux/arm64

ansible-playbook main.yml