User:Pedro Sá Couto/Prototyping 5th/Flask App/Raspberry Pi into NGINX server
01 Format SDcard to FAT32
02 Flash SDcard with Linux ISO
- Raspbian Buster Light, https://www.raspberrypi.org/downloads/raspbian/
- you can use dd or a mounter like etcher https://www.balena.io/etcher/
03 Default login
- Login: pi
- Password: raspberry
04 SSH config
$ cd /boot
$ sudo touch ssh
$ sudo reboot
05 Check IP address
$ hostname -i
06 Change hostname
$ sudo raspi-config
- Item no. 2 on the menu: Network Options
- Renamed hostname to: <hostname>
07 Add user
$ sudo adduser <username>
08 Add new user to sudo $ sudo adduser <username> sudo
09 Change su/root password
$ sudo passwd root
10 Setting locale $ su $ echo "LC_ALL=en_US.UTF-8" >> /etc/environment $ echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen $ echo "LANG=en_US.UTF-8" > /etc/locale.conf $ locale-gen en_US.UTF-8
09 Generate public/private keys on your machine
(https://www.raspberrypi-spy.co.uk/2019/02/setting-up-ssh-keys-on-the-raspberry-pi/)
$ cd ~
$ mkdir .ssh
$ cd .ssh
$ touch authorized_keys
$ touch config
$ chmod 700 ~/.ssh
$ chmod 600 ~/.ssh/authorized_keys
$ cd ~/.ssh
$ ssh-keygen
$ cat id_rsa.pub >> authorized_keys
$ sudo apt-get install putty-tools
$ puttygen id_rsa -o id_rsa.ppk
10 Get the public key onto RPi
Copy the contents of id_rsa.pub from you machine
$ cat <path to id_rsa.pub>
Paste and save them into authorized_keys file on RPi
$ cd ~/.ssh
$ sudo nano authorized_keys
11 Set static IP address
(https://pimylifeup.com/raspberry-pi-static-ip-address/)
Retrieve the currently defined router and IP
$ ip r | grep default
Modify the dhpcd.conf configuration
$ sudo nano /etc/dhcpcd.conf
- Change this part only
# Example static IP configuration:
interface eth0
static ip_address=192.168.1.119/24
#static ip6_address=fd51:42f8:caae:d92e::ff/64
static routers=192.168.0.1
static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1
12 Setup fast ssh on your machine
$ cd ~/.ssh
$ nano config
- Host nginxhost
- User <username>
- Hostname 192.168.1.119
- Port 22
- Identityfile /path/to/.ssh/id_rsa
- Serveraliveinterval 30
13 Disable pwd and root login
- Uncomment PasswordAuthentication and set it to no
- Uncomment PermitRootLogin prohibit-password
$ sudo nano /etc/ssh/sshd_config
- Reload SSH
$ sudo /etc/init.d/ssh restart
- Reboot RPi
$ sudo reboot
14 Remove pi user
$ sudo pkill -u pi
$ sudo deluser pi
15 Install NGINX
$ sudo apt install nginx