FUN WITH LINUX

HackADay: Lets make a Nukestation

15 April 2018

Every time I replace an old hard disk by a newer or bigger one I think that I’ll wipe it later. Now I have a big amount of hard disks to wipe. Since wiping takes ages, I don’t want to use my personal computer for that. I would prefer a small device with low energy consumption just for wiping. That’s why I am going to build a “Nukestation”. Basically it’s just a Raspberry Pi with nwipe on it and a udev-rule for automatically wipe attached hard disks. But some extras would be nice…

Hardware

My setup is quite basic: a Raspberry Pi 3b+, a Disk-Docking-Station(USB), and a LED for signalling that the drive can safely removed/attached. I know, It would be much better to use a red LED for signalling when the Nukestation is wiping disks, but I had just green LED’s at home. That’s why I am gonna do that the way around.

This video shows my setup. As soon as I plugg in the harddisk, the green led turns dark for signalling that it is not safe to remove the disk now, and on the screen we can see that nwipe starts it’s job.

Little Extras

I wrote a bash-script called “nukestation.sh”. This script is a wrapper for nwipe and allows us to:

  • Create Pre-run-hooks(like turn off the LED)
  • Run nwipe with configurable settings
  • Create Post-run-hoocks(like turn on the LED)
  • Send a notification including the nwipe-log via email

Installation

I won’t use this Raspberry Pi only for wiping disks. That’s why I need a very easy to use installation routine for the nukestation. I used the configuration management sytem ansible for that. The sources of my nukestation ansible-role can be downloaded on Github  and the role is available on ansible-galaxy too. On a freshly installed Raspbian  the Nukestation can be installed using the follwing commands:

$ sudo apt-get install ansible
$ sudo ansible-galaxy install whotwagner.nukestation
$ cat > playbook.yml << EOF
---
- hosts: localhost
  roles:
        - whotwagner.nukestation
EOF
$ sudo ansible-playbook playbook.yml

The playbook above will just install Nukestation without mailsupport. If we want to install a mailsystem with a smarthost using authentication to automatically send notifications we can use another playbook:

$ sudo apt-get install ansible
$ sudo ansible-galaxy install whotwagner.nukestation
$ cat > playbook.yml << EOF
- hosts: localhost
  roles:
        - whotwagner.nukestation
  vars:
        nukestation_mailconf:
                server: mail.example.conf:587
                user: username@example.conf
                pass: super-secret-password
                from: from@example.com
                to: to@example.com
EOF
$ sudo ansible-playbook playbook.yml

A detailed documentation about the playbook and the nukestation.sh-script can be found at Github.

Conclusio

Nukestation allows me to wipe disks easily and I’ll recieve notifications as soon as the wipejob is finished. “I love it when a plan comes together”

[ Linux  Tricks  HackADay  Raspberry  Hardware  Ansible  ]
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti