As I mentioned in previous posts, I run a Raspberry Pi application server in my office. The primary role of this system is to run regularly scheduled chores (e.g. the Message of the Day service on this website), or perform actions if specific conditions arise. Obviously, I could run these services on an external host, such as Linode or Amazon AWS, but being an old nerd, I enjoy the intellectual challenge of doing it myself. I still treat the server like a production machine, patching regularly and using standard security precautions, but having no ports open to the Internet is one less thing to worry about.
There are plenty of other “How To” guides out there for setting up a Raspberry Pi. In this post, I’ll describe the particular steps I follow and my preferred options when setting up a Pi as a server. In future posts, I’ll detail some of the services and agent applications I run on the system. So, here we go:
As this is a “headless” system, I recommend the Raspbian “Lite” image from RaspberryPi.org. The “Lite” version is a minimal image without any of the GUI components included.
Once downloaded, write the Raspbian image to an SD card following the steps from this page at RaspberryPi.org. When selecting an SD card to use, a faster card is preferred (see the Class 10 card pictured below). For general applications, any SD card will do, but the faster write speeds will improve performance for a development server.
For security reasons, SSH is disabled by default on newer Raspbian images. To enable SSH on initial boot, create a file named
sshin the /boot/ directory of the SD card. On most Unix based systems, this can be done using the
touchcommand (e.g. on a Mac, if the SD card volume is named KINGSTON, use
Eject the SD card then insert into the Raspberry Pi, connect a network cable and power, then wait about a minute for it to boot.
In newer versions of Raspbian, the
avahi-daemonservice should be pre-installed and already running, which allows the Pi to be found on your network using the hostname
raspberrypi.local. If this is not the case, you may need to login to your router or use a network scanning tool (e.g. nmap) to confirm the IP address.
Once you have confirmed the Pi is accessible, login using ssh (e.g.
ssh [email protected]). The default password for the pi user is raspberry.
After logging in successfully, use the Raspberry Pi Configuration Tool to perform the initial configuration (e.g.
- Change User Password
- Localization Options
- Change Locale
- Change Timezone
- Interfacing Options
- Enable SSH
- Enable Modest overclock
- Advanced Options
- Expand Filesystems
- Memory Split: 16MB
Upon completing all the changes noted above, you will be prompted to reboot when exiting
raspi-config. Select YES (the default) and the system will reboot.
After rebooting, you should now be able to login with ssh as in step 5. If you changed the system hostname, you will need to use the new name to login (e.g.
ssh [email protected]). Once logged in, run
apt-getand apply all necessary package updates.
sudo apt-get update
sudo apt-get upgrade
As this is a development server, I install the essential Raspbian build tools.
sudo apt-get install build-essential libz-dev
If this system is to be used as a LAMP (Linux, Apache, MySQL, PHP) server, follow these steps (personally I only install Apache, as I rarely use PHP or MySQL).
sudo apt-get install apache2
sudo apt-get install php5 libapache-mod-php5
sudo apt-get install mysql-server php5-mysql
sudo service apache2 restart
As one of the primary uses of my personal server is for Ruby development, I install the following Ruby and Git packages.
sudo apt install git ruby ruby-dev
Although not recommended on a public production web server, I change the permissions on the Apache root directory to allow updates by the pi user without requiring root privileges.
chown -R pi:pi /var/www/html
At this point, you will now have a basic Raspbian development server. Previously, I would perform additional setup, such as locking down the ssh configuration and a setting a static IP address. With more recent Raspbian releases, the out-of-the box security configuration is fairly robust and requires few changes to start using in a development environment. In posts, I’ll discuss additional specifics for tools such as Git and Jekyll.