| author | date | title |
|---|---|---|
Vance |
2023-08-09 |
Setting up Home Assistant on a Raspberry Pi using Docker |
Download Raspberry Pi Imager, and use it to install Pi OS on your SD Card.
Run the Imager then:
Choose OS -> Raspberry Pi OS (other) -> Raspberry Pi OS Lite (64-bit)
Choose Storage -> <your SD Card>
Click the cog and fill in details for Wifi and SSH, then click `write`Once the card has been written and verified put it into the Raspberry Pi and boot it. First time boot can take a little while, but once booted you should be able to SSH in to the Pi using the credentials you set up in the Pi Imager.
Expand the file system to the full size of the SD card.
sudo raspi-config
Advanced Options -> A1 Expand FilesystemThen reboot
sudo apt update && sudo apt upgradeGuides:
Watch Out! Because you installed the 64-bit Pi OS, you need to follow the Debian install and not the Raspberry Pi Install which only works for the 32-bit OS
Use the second option in this guide for installation, namely "Use Docker's apt repository"
Install nginx
sudo apt install nginxSet up proxy entries for access to all of the installed components web pages
Install certbot and certbot-dns-route53 using snapd for both
certbot certonly --dns-route53 -d weyhill.geo-fun.orgCertbot sets up a renewal task automatically. Check it with:
sudo systemctl list-timersIn order to access this Pi from outside the home network we need an IP address. AWS Route53 is hosting my domain geo-fun.org, so we are going to add a server to this list and allow the Pi to update the IP as it changes. DNS name for the Pi is weyhill@geo-fun.org
Install aws_cli. Tweak /root/bin/r53_weyhill.sh
Create a crontab job to check for updated IP address.
The only port that I intend to open is for wireguard. Once we are connected to the wireguard VPN we should be able to access the rest of the network.
In order to contact the Pi behind the BT Hub is to configure the BT Hub to forward the necessary ports to the Pi.
At a minimum this will be the wireguard port 33187
Install PiVPN using this guide
I changed the port away from the default to 33187. I also set up the dns name of the server to weyhill.geo-fun.org
Password authentication configured during the writing of the SD card. To make access more secure I have uploaded my key and turned off password authentication in /etc/ssh/sshd_config
We are aiming for the following docker contaners:
The above containers are going to be configured in a docker-compose.yaml file so that all of the containers can be brought up at together with dependencies respected.