Setting Up Public Webserver on Raspberry Pi #
The instructions here assumes you’re using Raspberry Pi Lite as the OS on the Raspberry Pi. Other OS’ are largely similar though. The main difference will be the packages and package managers, and the firewall tool.
-
Setup the pi to host the server
- Flash disk with raspberry pi lite. Insert disk into pi and power them on.
- (follow the instructions here up to step 4)
-
Setup router to forward http/https/ssh requests to the Raspberry Pi
-
Obtain MAC address of Raspberry Pi e.g.,
$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 link/ether b8:27:eb:24:cb:98 brd ff:ff:ff:ff:ff:ff inet 10.0.0.1/8 brd 10.255.255.255 scope global noprefixroute eth0 valid_lft forever preferred_lft forever inet6 fe80::1209:6b01:5af1:d12b/64 scope link tentative valid_lft forever preferred_lft forever 3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether b8:27:eb:71:9e:cd brd ff:ff:ff:ff:ff:ff inet 192.168.0.104/24 brd 192.168.0.255 scope global dynamic noprefixroute wlan0 valid_lft 4773sec preferred_lft 3873sec inet6 fe80::9a0:b632:2b19:bb89/64 scope link valid_lft forever preferred_lft forever
and the MAC address is the first address following
link/ether
for the interface you’re using. If the Raspberry Pi is connected to the router via WiFi, then you use thewlan
address. If connected via ethernet cable, then you use theeth0
address. In the above example, I used the addressb8:27:eb:71:9e:cd
, because my Pi is connected to the router via Wifi. We use this MAC address to link the physical device to an IP address in the next step. -
On the router:
- Assign a static IP address to the Pi. Instructions are readily available online for most manufacturers. To do this on my routher (TP-Link AC1200), I browsed to
http://192.168.0.1
, signed in, and then went to “IP & MAC Binding” → “Binding Settings” → “Add New” and enter the MAC address collected from above and the desired IP to bind it to. - Setup port forwarding to forward packages to port 22, 80, 443, and 8443 to the IP address you’ve assigned the pi in the previous step. On my router, I navigated to “Forwarding” → “Virtual Server” → “Add New”. This step forward incoming requests matching those ports, to the Raspberry Pi.
- Test the setup. While on a machine connected to the router, you can test ssh and http connection from the command line with
ssh pi@<ip-address>
andcurl http://<ip-address>
. - You can also check http by entering the URL into your web browser:
http://<ip-address>
. Note that<ip-address>
is the static IP address you assigned to the Pi on the router.
- Assign a static IP address to the Pi. Instructions are readily available online for most manufacturers. To do this on my routher (TP-Link AC1200), I browsed to
-
Sign an SSL certificate to enable HTTPS connections. This requires signing an SSL certificate. There are many paid services out there, but the free Let’s Encrypt SSL certificate signing service is the best option (because it’s free). Using the automatic cert-bot option should be fine ( instructions for Ubuntu). You can test that the signed certificate works, by navigating to the Pi web server in a browser on another device i.e.,
https://<ip-address>
(note the “s”).
-
-
Get your ISP to open ports 22, 80, 443, and 8443 to your house. I had to send an online request to them and they followed up with me on the phone. Some ISPs may not be blocking any ports either.
-
Purchase a domain and setup resource records so that the domain points your IP address. I setup:
Host Name Type TTL Data ed-yang.com A 10 minutes <my IP> ed-yang.com CAA 10 minutes 0 issues "letsencrypt.org" www.ed-yang.com CNAME 10 minutes ed-yang.com
Setting up a development webserver on WSL2 #
If you’re on a Windows machine like I am, you can use WSL2 to test the html code. To setup WSL2, follow the instructions here.
You then need to setup systemd
so the Apache web server package will work properly. To set it up, follow the instructions below (reproduced from
these instructions in case the page disappears):
-
Inside the WSL2 instance, edit/create the
/etc/wsl.conf
file and add the following lines of code:[boot] systemd=true
-
Restart WSL by exiting WSL, opening a powershell terminal as administrator, and running the command
wsl --shutdown
. After doing so,systemd
should be running!
You can now go ahead and install the Apache web server packages:
sudo apt install apache2
and then copy your html code into /var/www/html
.