Nucleus .Net Core CMS

Use Nucleus to host your IOT application on a Raspberry Pi

12/19/2022 7:04 AM
Featured
The features of Nucleus are a good fit for IOT applications running in Linux on Raspberry Pi. This article describes some extra steps which make your Raspberry/Linux/Nucleus IOT setup work even better.

You will need:

  • A Raspberry Pi 3B+, Raspberry Pi 4 or another 64 bit Raspberry Pi which can run Ubuntu Linux and ASP.NET core.
  • A high-performance 32GB SD card.
  • A PC which with an SD card slot.

  1. Download the Raspberry Pi imager application from https://www.raspberrypi.com/software/

  2. Run the Raspberry Pi imager. Click "Choose OS", and select "Other general-purpose OS" -> Ubuntu -> Ubuntu Server 22.04.1 LTS (64 bit), or a later version.

  3. Insert your SD card, the click "Choose Storage" and select your SD card.

  4. Click the advanced settings button (at the bottom right, with a "gear" icon). Enter a host name, select Enable SSH and enter a username and password.

  5. Click "Write", and wait for the Ubuntu image to be copied to your SD card.

  6. Insert the SD card in your Raspberry Pi and switch it on. Ubuntu creates your user after about 2 minutes, so you must wait a couple of minutes before you log in for the first time. If you know your Raspberry Pi IP address, you can use SSH to connect, otherwise you will need to connect a HDMI monitor and USB keyboard.

  7. Follow the instructions to install Nucleus in Linux

Extended Setup

Enable mDNS

You can enable mDNS so that you can connect to your Raspberry Pi using its host name, by using Avahi.  Enabling mDNS lets you access your device without configuring your DNS server, or needing to know its IP address.  Avahi is installed by default in Ubuntu Linux.

sudo systemctl enable --now avahi-daemon.service

You don't need to configure anything, the default Avahi configuration will work as-is.

Create a self-signed Certificate

This command will create a self-signed certficate with no subject defined. A self-signed certificate is useful in a testing or development environment, but is not useful for a production environment. When you browse to your site, you will have to ignore or disable security warnings, or "trust" the certificate in your browser, as it is not issued by a recognized certification authority.

sudo openssl req -nodes -new -keyout nucleus.key -x509 -days 365 -out nucleus.crt -subj "/"

sudo chown :nucleus-service nucleus.key nucleus.crt
sudo chmod g+rw nucleus.key nucleus.crt
sudo cp nucleus.crt /home/nucleus/certs
sudo cp nucleus.key /home/nucleus/certs

Nginx

Nginx can be configured as a reverse proxy server. This will allow you to use Nucleus using the conventional HTTP ports 80 and/or 443.

Install Nginx:
sudo apt install nginx

Create a configuration file:
sudo nano /etc/nginx/sites-enabled/nucleus

Insert these settings:

server {
    listen        80;
    listen        443 ssl default_server;
    listen        [::]:443 ssl default_server;
    ssl_certificate     /home/nucleus/certs/nucleus.crt;
    ssl_certificate_key /home/nucleus/certs/nucleus.key;

    server_name _;
    location / {
        proxy_pass         http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

Press CTRL-O to save the file, CTRL-X to exit.

Remove the default configuration file:
sudo rm /etc/nginx/sites-enabled/default

Restart nginx:
sudo systemctl restart nginx

Configure a Firewall

Allow SSH connections:
sudo ufw allow "OpenSSH"

Allow http and https connections.
sudo ufw allow proto tcp from any to any port 80,443

Allow FTP:
sudo ufw allow 22

Enable firewall on next boot:
sudo ufw enable

Review settings:
sudo ufw status

Restart to enable the firewall:
sudo shutdown -r now

Privacy Policy