Tuesday, May 11, 2021

Geeking with Gary - Cloud Server on a Raspberry Pi



[Editor's note: This has little to do with photography.  I do this from time to time.]

Two Christmases ago someone gave me a Raspberry Pi.  You know, a full single-board computer which runs Linux and can pretty much do anything for a whopping $35 U.S. dollars.  “Hey, I’m a geek, and I hate that Dropbox' free account limits me to only three computers.  I have this single-board computer and a 2 TB hard drive lying around.  I’ll turn that little board into my own personal cloud server, so I can access my files from anywhere in the world - for free!  AND I can configure it to be my own personal Virtual Private Network (VPN) - also for free!  Muahahaha!!  What could possibly go wrong?” 

I had to wait until the pandemic until I had time to actually learn to use the board, install NextCloud (tm) cloud server software (they make a version specifically for the Pi), and then figure out to have it accessible outside my router (which changes IP addresses once you pass through it). 

It took me over a month to get everything working.  I won’t bore you with all the technical challenges (like the software insists on using a physical Ethernet port instead of Wi-Fi during setup, or my ISP changes external IP addresses every so often making things unreachable when I’m traveling), nor will I complain that the documentation was written by both geeks AND nerds and therefore completely unclear and scattered all across the internet.  

I have about 20 pages worth of notes detailing ridiculously minute problems I ran into and their solutions.  Here are some of the highlights of the lessons learned:

  • Just flashing the OS image to a microSD card was impossible because Microsoft writes a few bytes of info to all external drives it sees, making it fail a final checksum test.  (Solution: Ignore the checksum results and assume it burned just fine.)
  • You have to configure the board for Wi-Fi when you first boot up using a local keyboard and monitor.
  • You have to configure it for ssh (secure shell) at this point as well via Control Panel.  
  • You have to give it a fixed IP (local IP) in the configuration and also at the local router.  Use the control panel and go to nc-static-IP.
  • You have to set up FreeDNS to point to the EXTERNAL IP address being supplied to your ISP.
  • You have to open TCP ports 80 and 443 (IPv4 only).
  • Through control panel, you have to set nc-httpsonly.
  • In order to have your FreeDNS domain name visible within the local network and outside of it, you have to enable the dnsmasq (DNS Server with Cache) and then program the router to use the fixed IP of the NextCloud server as the Primary DNS.  (But I keep the secondary server set to 8.8.8.8 in case the Raspbery Pi blows up.)
  • Only THEN can you successfully activate letsencrypt.
  • Last step is to have the FreeDNS automatically update in case the cable company decides to change the external IP address.  For this you need the small program ddclient on your NextcloudPi which periodically checks if your IP address has changed and in that case updates your FreeDNS entry.  (All of this was a pain to test.  I used my cell phone as a hotspot to simulate logging in from the "outside" and my home's router to access the Pi from the "inside".)
  • NextCloud Windows 10 client was buggy.  Had to use an older version.
  • Same with the Android music player.  I tried about 8 different ones before I found one that worked reliably AND was Android Auto compatible called Cloudplayer.  

Once I got all of that working, I got ambitious and installed a VPN on top of the NextCloud software and spent another 3 weeks learning and configuring the clients and poking holes in my firewall to accommodate it.    

It all worked great until it didn’t.  And after 3 more weeks, I realized that I was spending my time solving never-ending technical problems instead of living my life.  I may have been a great geek in my youth, but no longer.  I stuck a crowbar in my wallet and gave Microsoft Onedrive $2 per month for 100 GB.  Always works, whether I’m home or away.  Don’t have to worry about power outages or backups.  I’m now almost the same as normal people.  (Although OneDrive's Android client is hardly bug-free - it has sync and versioning problems.  Leave it to me to be the first to discover them.)

Because of that failed experience, I’ve now abandoned my other goal of setting up my own ZFS file server (which has a self-healing file system, unlike NTFS).  This entire episode put me spiritually closer to Jerry Pournelle, Sci-Fi writer and regular columnist for BYTE magazine in the 80’s.  Nothing was ever straightforward for him, either.

===

Postscript: Since our move to Plymouth, MA, our Comcast Xfinity internet upload speed is an abysmal 1-3 Mbps - barely enough to give a Zoom lecture, and definitely insufficient to run a cloud server from.  Upgrading to the next tier of internet speed ("Gigabit internet", which I'm sure won't deliver gigabit speeds) would cost significantly more than the $2/mo I'm paying Microsoft for Onedrive hosting.  So now this project really WAS a waste of time (although I did get to relive my geeky youth for a few months, so there's that.)  

Until next time,
Yours Truly, Gary Friedman

7 comments:

  1. For PiVPN (a VPN on the Raspberry Pi), Wireguard is a much better choice than the outdated OpenVPN, as you may have discovered during setup.

    ReplyDelete
  2. A quick thought - if you subscribe to Microsoft 365 (gets access to all the Microsoft programs including word, excel, and PowerPoint for 4 users) you will get 1 terabyte of one drive storage for "free"

    ReplyDelete
  3. I have a bunch of Pi's, one is for a cloud for file sharing in the home. I'm not keen on exposing a Pi to the internet

    ReplyDelete
  4. If you take the US Family edition each of the (up to 6) family members get the 1tb as well as an hours free Skype 'chargeable calls' ie to international land and mobile lines, and the Office programs.

    ReplyDelete
  5. You sure have a wide variety of interests...

    ReplyDelete

Thank you for your comment! All comments must be approved by a moderator before they will appear.