Today many of the developers use shared hosting for hosting projects online for business or learning purpose but we do not get to configure it as per our needs and requirements. Directly shifting to cloud services for more flexibility like Amazon AWS can become costly if security is kept unchecked due to unauthorized usage or hackers. This is a common scenario for people using Amazon AWS services who neglect security measures and land up getting a bill for several hundred dollars. Developers often forget security is to be managed by them and not Amazon, they are responsible for servers in use. For developers who want to start with web development on such servers, I would recommend starting small from IOT device like Raspberry Pi 2B or greater.
I would be using Raspberry Pi 2B throughout this article as an example and a small website project written in Python Django to be deployed. Raspberry Pi 2B provides 900MHz quad-core processor, 1GB RAM shared with GPU, ethernet port and 4 USB ports for external peripherals. This is not the full specs but as essential ones with respect to building a home based web server, full specs can be found here. First, you need to install an Operating System (OS) on an SD card, recommended is Raspbian (Debian based) as it is lightweight and fast compared to other distros available for it. You can download the distro from Raspberry Pi official website and follow the instructions there to install the OS.
Let us cover the web development on Raspberry Pi or any other cloud services like Amazon AWS, DigitalOcean Droplets, etc in following parts.
- Accessing device via Secure Shell
- Install Virtual Environment
- Install requirements
- Deploying Website
- Configuring Nginx
- Configuring Router
1. Accessing device via Secure Shell (SSH) with a public key
The OS has Secure Shell (SSH) enabled out of the box and can be connected by a default password 'raspberry'. If you have already generated a public key and access your device with the same, you can skip to the next step. You should shift to a much secure key based login than a password. Connect to your Raspberry Pi via SSH and generate a secure key for controlled access on your device. The same is implemented by Amazon AWS when you create a new instance of Amazon EC2. Once you SSH to your Raspberry Pi, follow the procedure below to generate a public key for access.
$ ssh-keygen -t rsa -b 4096 -C "email@example.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/<user>/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/<user>/.ssh/id_rsa.
Your public key has been saved in /home/<user>/.ssh/id_rsa.pub.
The key fingerprint is:
The key's randomart image is:
+--[ RSA 4096]----+
| .oo. |
| . o.E |
| + . o |
| . = = . |
| = S = . |
| o + = + |
| . o + o . |
| . o |
Entering the passphrase is not compulsory, you can leave it empty and doesn't provide any more security than the default. Your public key will be generated in /home/<user>/.ssh/ folder as id_rsa.pub. You need to copy the content of this key in your local device to get SSH access next time to your device instead of the password. You can copy the content by simply opening the file in a text editor, in this case, vim and copy the content.
$ vim /home/<user>/.ssh/id_rsa.pub
Copy and paste the content in your local system in a <filename>.key file and give it permissions as 400 via chmod. You now need to disable password access to you Raspberry Pi, to disable open /etc/ssh/sshd_config SSH config file and find the line containing "PermitRootLogin".
$ sudo vim /etc/ssh/sshd_config
Find the line that includes "PermitRootLogin" and modify it to ensure that users can only connect with their SSH key
Save and close the SSH config file and put the above rule in effect by reloading the SSH service.
$ reload ssh
You can access your Raspberry Pi via SSH using your key by the following command from your local device.
$ ssh <user>@<local_ip_address> -i <path_to_key>/<filename>.key
Securing your device is important as this will prevent intrusion from unauthorized usage and getting connected to your network, in this case, our home network where other devices like desktop, laptops, smartphones, etc will also be connected. This just a basic security measure and we will cover other measures as we go ahead in setting up Raspberry Pi for web development. Other parts will be out soon to get your Raspberry Pi fully configured for web development.
If you are planning to buy a Raspberry Pi 2B/3 here are few links from where you buy the device.
The next part of this tutorial is now live and will help you install and configure virtual environments and how to install project dependencies in your custom virtual environment. - Setting up virtual environment and requirements for Python projects