PiVateCloud - NextCloud + Raspberry Pi

PiVateCloud – A Private Cloud for less than £60 quid

In this little project I am going to explain how you can create your very own Private Cloud for the cost of an averaged monthly Cloud subscription. Utilising a Raspberry Pi 3 Model B and NextCloud you can sync all your devices and easily share files with friends, family and colleagues. If you don’t know what NextCloud is here is a overview link

Note: This is a beginners tutorial so encryption/ SSL will not be covered. Please don’t use this deployment to share/ host sensitive information.

  1. What you are going to need
  2. Getting Started
    1. Installing Raspbian
    2. Changing default password
    3. Setting a Static IP Address
    4. Updating your Pi
  3. Setting up SSH for remote configuration
  4. Installing Docker
  5. Installing Portainer (Web based docker/ container management)
  6. Installing NextCloud
  7. Installing Pi-Monitor (Web based performance monitoring)
  8. How to make your Pi externally accessible
  9. Final Thoughts

What you are going to need for a PiVateCloud:

  • Raspberry Pi 3 Model B starter kit if you are completely new to Pi link
  • Ideally a static IP and Domain name but can be achieved with a dynamic IP and a dynamic DNS service. This tutorial will assume you have a static IP and domain name.
  • Most people are going to need additional storage my suggestion to keep this as cheap as possible would be a powered USB Drive but isn’t part of this initial tutorial.

Getting Started

First off plug your N00bs SD into your Raspberry Pi then get it in your case plug in your ethernet, mouse, keyboard, monitor and power. Once the power is plugged in the Pi will begin to boot. Your monitor will eventually show the following screen:

Installing Raspbian

N00bs Installation Menu

For this tutorial we are going to deploy the Raspbian OS (Full Desktop as this is designed more for beginners). Select and click install.

Once installed you will be prompted to reboot which will then boot into the desktop environment of Raspbian.

Raspbian Desktop

Changing the Default Password

So first things first, lets get the default password changed. Open the Terminal:

Once terminal is open type:

passwd

You will then be asked for the current password which is:

raspberry

Now type in your password of choice two times.

So at least now your Pi is less likely to get instantly owned by hackers.

Settings a Static IP Address

Your Pi will probably now have a dynamically assigned IP address from the DHCP of your router. I would advise you change this to a static by typing the following in Terminal:

sudo nano /etc/dhcpcd.conf

This will open the file dhcpcd.conf in a Terminal based text editor. If you scroll down the page you will see something similar to the following:

Note the #’s these indicate when the Pi reads this line of code to ignore it. What you need to do is remove the #’s and add the details of your network.

 

IP Address is static IP I am assigning to my Pi (ensure this doesn’t conflict with any other device on the network) and /24 indicates its a class C IP address with the subnet mask of 255.255.255.0
‘routers’ is my routers IP address, ‘domain_name_servers’ is also set to my router.

Reboot your Pi

Updating your Pi

Lets now just make sure we are all up to date. Lets open up Terminal once again and type the following:

sudo apt-get update
sudo apt-get dist-upgrade

You now have the choice of doing the rest of this tutorial sat in front of your Pi or we can enable SSH and work on it remotely. For example for me I did the rest of the configuration sat in the living room watching TV rather than being in the office.

Setting up SSH

This is pretty straight forward thanks to Raspbian:

Click Menu –> Preferences –> Raspberry Pi Config

In the ‘Raspberry Pi Configuration’ App go to:

Interfaces –> Select ‘Enable’ on SSH

 

 

 

 

 

 

Note: you will probably want to disable SSH once you have finished all your configuration for security purposes.

To connect to your Pi remotely from a Windows machine I would advise Putty

For connecting from another Linux or Mac machine I would use Terminal with the SSH agent that is built into them.

Open Terminal and type:

ssh *Pi-IP-Address* -l pi

You should then be prompted for the password you set earlier in this tutorial.

Installing Docker

Before installing Docker I’d advise taking a look at my brief overview of the technology here

sudo apt-get -y install docker-engine

Installing Portainer

Portainer gives you the ability to manage Docker via a web portal. As a beginner this is particularly useful as it allows you to visualise the commands you will be running.

sudo docker create --name portainer \
--restart=always \
-p 9000:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
portainer/portainer:arm

Lets explain the above a little

sudo docker create --name portainer \
sudo

to run as root administrator

docker

to run the docker application

create 

to create a new Docker container

--name portainer

What we are going to call this container, in the above instance it will be called ‘portainer’

\

to start a new line

--restart=always

this command means the container will reboot / launch when Docker runs

-p 9000:9000 

We are mapping the port 9000 of the host to the port of the container to 9000

-v /var/run/docker.sock:/var/run/docker.sock

We are allowing the container to talk with the Docker socket allowing us to administer Docker from the container

portainer/portainer:arm

This is the base image we are going to use for the container and we are using the ‘arm’ version of the coding to run on the Pi.

This will now download the image and assign the variables we have set above to the container.

We now just need to start the ‘Portainer’ Containers

sudo docker start portainer

Now in your web browser go to:

http://*PI-IPADDRESS*:9000

You will be asked to provide an admin password. Set this and click continue. You will be greeted by the follow page click ‘Manage the Docker instance where Portainer is running’ as you can see the command

-v /var/run/docker.sock:/var/run/docker.sock

will allow us to manage the system locally

This should now give you a good web interface to review your Docker environment.

Portainer - Docker Dashboard
Portainer – Docker Dashboard

Installing NextCloud

Continuing in the terminal type the following

sudo docker create \
--name=nextcloud \
--hostname=*.*.com \
--net=bridge \
-p 443:443 \
-p 80:80 \
-e PUID=1001 -e PGID=1001 \
-v /home/docker/nextcloud/config:/config \
-v /home/docker/nextcloud/data:/data \
armhero/nextcloud

Lets explain the above a little:

--hostname=*.*.com

I would advise using something like cloud.yourdomain.com you will need to create an A Record with your provider and point this at your external IP address.

--net=bridge \

The above will put the container within the bridge network.

-p 443:443 \
-p 80:80 

This will map the host’s ports of 443 and 80 to the containers ports of 443 and 80. You can use an alternative host port that will port forward to the containers port if you have another service utilising these ports on the host already.

-v /home/docker/nextcloud/config:/config
-v /home/docker/nextcloud/data:/data

This is going to create some persistence data locations for NextCloud. Docker and Containers by design deal will its application and the data is stores/ produces as being temporary. So by design Containers are not meant to have data left over once you remove/ shut down. The way around this is by mounting a shared location on the host that will remain persistence. The reason we do this is so when we update/ recreate the container the Config and the Data will remain on the system. A more in-depth overview of persistent and non-persistent storage in Docker see here.

sudo docker start nextcloud

This will start your new NextCloud container.

In your web browser go to: https://*piIPAddress* and you should see the following:

NextCloud Install Menu
NextCloud Install Menu

Create your username and Password.

If /data isn’t already set as the Data folder enter it now. Click Finish Setup.

Once the setup is complete you will be redirected to the following screen

NextCloud Welcome Screen
NextCloud Welcome Screen

You can now download the NextCloud Desktop and Mobile apps so you can begin syncing your devices. Thats it… You should be able to now sync all devices on your internal network. For external access we will review ways of achieving this below.

Raspberry Pi Monitoring

I personally always like the ability to know how my machines are performing. I found a cool little Docker Container that will allow you to do this via a web portal.

sudo docker create --name=monitor \
-p 8888:8888 \
-e PUID=1001 -e PGID=1001 \
-v /home/docker/monitor/config:/config \
neoraptor/rpi-monitor
sudo docker start monitor 

Now go to http://*PiIPAddress*:8888 and you will see the following:

Raspberry Pi Monitoring
Raspberry Pi Monitoring

How to Access Externally

Port Forwarding

I personally would start with opening up the ports we want to access NextCloud from on your router. This will be done by port forwarding port 443 and 80 to the internal IP address of your Pi. All routers do this a little bit differently just google your router and the words ‘port forwarding’ and you will find a overview on how to do this.

To test if you have successfully opened your ports I would recommend doing an external port scan from mxToolBox of your external IP. https://mxtoolbox.com/PortScan.aspx

DNS

As mentioned earlier in this tutorial you will need to create an A record and point this to your external IP address. Most domain providers make this process really straight forward these days. But once again a quick google search will point you in the right direction for your particular provider.

Parting Advice

Encryption – NextCloud offers you the ability to encrypt all your data, my advice is I wouldn’t enable this as the Pi doesn’t have enough grunt to have this always enabled.

The Pi will give you a great learning environment for NextCloud and setting up you own private cloud. But if you are planning on storing a lot of data I would suggest a more powerful device would be your better option. See my Review of the Intel Skull Canyon device, as this might be more fitting.