Every time I replace an old hard disk by a newer or bigger one I think that I’ll wipe it later. Now I have a big amount of hard disks to wipe. Since wiping takes ages, I don’t want to use my personal computer for that. I would prefer a small device with low energy consumption just for wiping. That’s why I am going to build a “Nukestation”. Basically it’s just a Raspberry Pi with nwipe on it and a udev-rule for automatically wipe attached hard disks. But some extras would be nice…
Hardware
My setup is quite basic: a Raspberry Pi 3b+, a Disk-Docking-Station(USB), and a LED for signalling that the drive can safely removed/attached. I know, It would be much better to use a red LED for signalling when the Nukestation is wiping disks, but I had just green LED’s at home. That’s why I am gonna do that the way around.
This video shows my setup. As soon as I plugg in the harddisk, the green led turns dark for signalling that it is not safe to remove the disk now, and on the screen we can see that nwipe starts it’s job.
Little Extras
I wrote a bash-script called “nukestation.sh”. This script is a wrapper for nwipe and allows us to:
- Create Pre-run-hooks(like turn off the LED)
- Run nwipe with configurable settings
- Create Post-run-hoocks(like turn on the LED)
- Send a notification including the nwipe-log via email
Installation
I won’t use this Raspberry Pi only for wiping disks. That’s why I need a very easy to use installation routine for the nukestation. I used the configuration management sytem ansible for that. The sources of my nukestation ansible-role can be downloaded on Github and the role is available on ansible-galaxy too. On a freshly installed Raspbian the Nukestation can be installed using the follwing commands:
$ sudo apt-get install ansible
$ sudo ansible-galaxy install whotwagner.nukestation
$ cat > playbook.yml << EOF
---
- hosts: localhost
roles:
- whotwagner.nukestation
EOF
$ sudo ansible-playbook playbook.yml
The playbook above will just install Nukestation without mailsupport. If we want to install a mailsystem with a smarthost using authentication to automatically send notifications we can use another playbook:
$ sudo apt-get install ansible
$ sudo ansible-galaxy install whotwagner.nukestation
$ cat > playbook.yml << EOF
- hosts: localhost
roles:
- whotwagner.nukestation
vars:
nukestation_mailconf:
server: mail.example.conf:587
user: username@example.conf
pass: super-secret-password
from: from@example.com
to: to@example.com
EOF
$ sudo ansible-playbook playbook.yml
A detailed documentation about the playbook and the nukestation.sh-script can be found at Github.
Conclusio
Nukestation allows me to wipe disks easily and I’ll recieve notifications as soon as the wipejob is finished. “I love it when a plan comes together”
