In this little project I am going to explain how you can create your very own Private Cloud for the cost of an averaged monthly Cloud subscription. Utilising a Raspberry Pi 3 Model B and NextCloud you can sync all your devices and easily share files with friends, family and colleagues. If you don’t know what NextCloud is here is a overview link
Note: This is a beginners tutorial so encryption/ SSL will not be covered. Please don’t use this deployment to share/ host sensitive information.
- What you are going to need
- Getting Started
- Setting up SSH for remote configuration
- Installing Docker
- Installing Portainer (Web based docker/ container management)
- Installing NextCloud
- Installing Pi-Monitor (Web based performance monitoring)
- How to make your Pi externally accessible
- Final Thoughts
What you are going to need for a PiVateCloud:
- Raspberry Pi 3 Model B starter kit if you are completely new to Pi link
- Ideally a static IP and Domain name but can be achieved with a dynamic IP and a dynamic DNS service. This tutorial will assume you have a static IP and domain name.
- Most people are going to need additional storage my suggestion to keep this as cheap as possible would be a powered USB Drive but isn’t part of this initial tutorial.
First off plug your N00bs SD into your Raspberry Pi then get it in your case plug in your ethernet, mouse, keyboard, monitor and power. Once the power is plugged in the Pi will begin to boot. Your monitor will eventually show the following screen:
For this tutorial we are going to deploy the Raspbian OS (Full Desktop as this is designed more for beginners). Select and click install.
Once installed you will be prompted to reboot which will then boot into the desktop environment of Raspbian.
Changing the Default Password
So first things first, lets get the default password changed. Open the Terminal:
Once terminal is open type:
You will then be asked for the current password which is:
Now type in your password of choice two times.
So at least now your Pi is less likely to get instantly owned by hackers.
Settings a Static IP Address
Your Pi will probably now have a dynamically assigned IP address from the DHCP of your router. I would advise you change this to a static by typing the following in Terminal:
sudo nano /etc/dhcpcd.conf
This will open the file dhcpcd.conf in a Terminal based text editor. If you scroll down the page you will see something similar to the following:
Note the #’s these indicate when the Pi reads this line of code to ignore it. What you need to do is remove the #’s and add the details of your network.
IP Address is static IP I am assigning to my Pi (ensure this doesn’t conflict with any other device on the network) and /24 indicates its a class C IP address with the subnet mask of 255.255.255.0
‘routers’ is my routers IP address, ‘domain_name_servers’ is also set to my router.
Reboot your Pi
Updating your Pi
Lets now just make sure we are all up to date. Lets open up Terminal once again and type the following:
sudo apt-get update
sudo apt-get dist-upgrade
You now have the choice of doing the rest of this tutorial sat in front of your Pi or we can enable SSH and work on it remotely. For example for me I did the rest of the configuration sat in the living room watching TV rather than being in the office.
Setting up SSH
This is pretty straight forward thanks to Raspbian:
Click Menu –> Preferences –> Raspberry Pi Config
In the ‘Raspberry Pi Configuration’ App go to:
Interfaces –> Select ‘Enable’ on SSH
Note: you will probably want to disable SSH once you have finished all your configuration for security purposes.
To connect to your Pi remotely from a Windows machine I would advise Putty
For connecting from another Linux or Mac machine I would use Terminal with the SSH agent that is built into them.
Open Terminal and type:
ssh *Pi-IP-Address* -l pi
You should then be prompted for the password you set earlier in this tutorial.
Before installing Docker I’d advise taking a look at my brief overview of the technology here
sudo apt-get -y install docker-engine
Portainer gives you the ability to manage Docker via a web portal. As a beginner this is particularly useful as it allows you to visualise the commands you will be running.
sudo docker create --name portainer \ --restart=always \ -p 9000:9000 \ -v /var/run/docker.sock:/var/run/docker.sock \ portainer/portainer:arm
Lets explain the above a little
sudo docker create --name portainer \
to run as root administrator
to run the docker application
to create a new Docker container
What we are going to call this container, in the above instance it will be called ‘portainer’
to start a new line
this command means the container will reboot / launch when Docker runs
We are mapping the port 9000 of the host to the port of the container to 9000
We are allowing the container to talk with the Docker socket allowing us to administer Docker from the container
This is the base image we are going to use for the container and we are using the ‘arm’ version of the coding to run on the Pi.
This will now download the image and assign the variables we have set above to the container.
We now just need to start the ‘Portainer’ Containers
sudo docker start portainer
Now in your web browser go to:
You will be asked to provide an admin password. Set this and click continue. You will be greeted by the follow page click ‘Manage the Docker instance where Portainer is running’ as you can see the command
will allow us to manage the system locally
This should now give you a good web interface to review your Docker environment.
Continuing in the terminal type the following
sudo docker create \ --name=nextcloud \ --hostname=*.*.com \ --net=bridge \ -p 443:443 \ -p 80:80 \ -e PUID=1001 -e PGID=1001 \ -v /home/docker/nextcloud/config:/config \ -v /home/docker/nextcloud/data:/data \ armhero/nextcloud
Lets explain the above a little:
I would advise using something like cloud.yourdomain.com you will need to create an A Record with your provider and point this at your external IP address.
The above will put the container within the bridge network.
-p 443:443 \ -p 80:80
This will map the host’s ports of 443 and 80 to the containers ports of 443 and 80. You can use an alternative host port that will port forward to the containers port if you have another service utilising these ports on the host already.
-v /home/docker/nextcloud/config:/config -v /home/docker/nextcloud/data:/data
This is going to create some persistence data locations for NextCloud. Docker and Containers by design deal will its application and the data is stores/ produces as being temporary. So by design Containers are not meant to have data left over once you remove/ shut down. The way around this is by mounting a shared location on the host that will remain persistence. The reason we do this is so when we update/ recreate the container the Config and the Data will remain on the system. A more in-depth overview of persistent and non-persistent storage in Docker see here.
sudo docker start nextcloud
This will start your new NextCloud container.
In your web browser go to: https://*piIPAddress* and you should see the following:
Create your username and Password.
If /data isn’t already set as the Data folder enter it now. Click Finish Setup.
Once the setup is complete you will be redirected to the following screen
You can now download the NextCloud Desktop and Mobile apps so you can begin syncing your devices. Thats it… You should be able to now sync all devices on your internal network. For external access we will review ways of achieving this below.
Raspberry Pi Monitoring
I personally always like the ability to know how my machines are performing. I found a cool little Docker Container that will allow you to do this via a web portal.
sudo docker create --name=monitor \ -p 8888:8888 \ -e PUID=1001 -e PGID=1001 \ -v /home/docker/monitor/config:/config \ neoraptor/rpi-monitor sudo docker start monitor
Now go to http://*PiIPAddress*:8888 and you will see the following:
How to Access Externally
I personally would start with opening up the ports we want to access NextCloud from on your router. This will be done by port forwarding port 443 and 80 to the internal IP address of your Pi. All routers do this a little bit differently just google your router and the words ‘port forwarding’ and you will find a overview on how to do this.
To test if you have successfully opened your ports I would recommend doing an external port scan from mxToolBox of your external IP. https://mxtoolbox.com/PortScan.aspx
As mentioned earlier in this tutorial you will need to create an A record and point this to your external IP address. Most domain providers make this process really straight forward these days. But once again a quick google search will point you in the right direction for your particular provider.
Encryption – NextCloud offers you the ability to encrypt all your data, my advice is I wouldn’t enable this as the Pi doesn’t have enough grunt to have this always enabled.
The Pi will give you a great learning environment for NextCloud and setting up you own private cloud. But if you are planning on storing a lot of data I would suggest a more powerful device would be your better option. See my Review of the Intel Skull Canyon device, as this might be more fitting.