Raspberry Pi - the headless web server

Headless config

After having completed your raspberries initial setup, you need a wpa_supplicant.conf to automatically connect to a WiFi network after the boot process. Just create the file in the boot folder, edit the information according to your system environment and make a reboot. The system will move the file to the correct place.

sudo nano /boot/wpa_supplicant.conf

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country="Insert 2 letter ISO 3166-1 country code here"

network={
 ssid="YOUR_WIFI_SSID"
 psk="YOUR_WIFI_PASSWORD"
}

Activate VNC and/or SSH via sudo raspi-config for easy remote control - running the Raspberry in a LAN without direct access from outside, the default configuration is safe enough.

Installation prerequisites

Before we start with the installation, we're going to update our sources list and the system itself. Open the source list file and add the following line after editing the Rasbian version (in my case "buster"):

sudo nano /etc/apt/sources.list

deb http://mirrordirector.raspbian.org/raspbian/ buster main contrib non-free rpi

If packages exist in multiple apt repositories, you can easily mess your system up. To solve this problem before it even occurs, we're setting a higher priority than the default (500) one.

sudo nano /etc/apt/preferences

Package: *
Pin: release n=buster
Pin-Priority: 600

After setting up your sources list, update your system:

sudo apt-get update
sudo apt-get upgrade

Install and configure MariaDB

Start the installation with the first line and complete the configuration with the 2nd command. Answer the questions during the mysql_secure_installation process with "Y".

sudo apt-get -y install mariadb-server mariadb-client
sudo mysql_secure_installation

Deactivate the root plugins and reload the privileges via MariaDB shell:

sudo mysql -u root
MariaDB [(none)]> use mysql;
MariaDB [mysql]> update user set plugin='' where User='root';
MariaDB [mysql]> flush privileges;
MariaDB [mysql]> exit

Install and configure Apache2 with PHP7.x

I'm installing PHP 7.3 with FastCGI Process Manager (FPM) which requires buster. With a2enmod we enable the FastCGI apache2 module, the following a2enconf command is going to enable the specified configuration file.

sudo apt-get -y install apache2
sudo apt-get -t buster -y install php7.3 php7.3-mysql php7.3-curl php7.3-gd php7.3-zip php7.3-fpm php7.3-cli php7.3-opcache php7.3-json php7.3-mbstring php7.3-xml libapache2-mod-php7.3
a2enmod proxy_fcgi setenvif
a2enconf php7.3-fpm
systemctl restart apache2

Test your Apache2/PHP7 installation. Create a PHP-file in your web servers root folder (/var/www/html/) and test the output of the following one-liner: <?php phpinfo(); ?>.

Install and configure PhpMyAdmin (pma)

Download the sources and unpack them into the folder "pma" located in your web servers root structure.

cd /var/www/html/
sudo wget https://files.phpmyadmin.net/phpMyAdmin/5.0.4/phpMyAdmin-5.0.4-all-languages.zip
sudo unzip phpMyAdmin-5.0.4-all-languages.zip 
sudo mv phpMyAdmin-5.0.4-all-languages pma

Insert a blowfish_secret in the sample file called config.sample.inc.php and uncomment all pma lines in the two blocks "storage manipulation" and "tables/db storage" except the controlport-line. After successfull file manipulation, rename the sample file to config.inc.php. Save the password somewhere safe and don't use the default one.

sudo nano pma/config.sample.inc.php
sudo mv pma/config.sample.inc.php pma/config.inc.php

After the pma installation, I had a problem with the missing tmp folder and the default pma user and database weren't created as well. Created the tmp folder by hand and changed ownership via chown. Moved to the sql folder where the create_tables.sql is located and executed it with root privileges.

# fixing tmp problem
sudo mkdir /var/www/html/pma/tmp
sudo chown www-data.root /var/www/html/pma/tmp
# fixing missing pma user and database
cd pma/sql/
mysql -u root -p < create_tables.sql
CREATE USER 'pma'@'localhost' IDENTIFIED BY 'YOUR_PMA_PASSWORD';
GRANT ALL PRIVILEGES ON `phpmyadmin`.* TO 'pma'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;

Backup your hard work

During my years in IT I learned it the hard way - nothing is more important than regular backups. Do the same with your private projects. It's always very frustrating to start from scratch multiple times. My Raspberry projects are always kept safe on my old NAS. With an image shrinker like pishrink you don't need a lot of space to store your data on a 2nd device.

# create the mount folder
sudo mkdir /mnt/NAS 
sudo mount -t cifs -o user=YOUR_USER,password=YOUR_PASSWORD,rw,file_mode=0777,dir_mode=0777,nodfs,vers=1.0 //YOUR_SERVER /mnt/NAS/
# get pishring shell-script and make it executable and accessible from CLI
wget https://raw.githubusercontent.com/Drewsif/PiShrink/master/pishrink.sh
sudo chmod +x pishrink.sh
sudo mv pishrink.sh /usr/local/bin
# write uncompressed image while running to mounted NAS folder
sudo dd if=/dev/mmcblk0 of=/mnt/NAS/myimg.img bs=1M
# shrink the image with pishrink
sudo pishrink.sh -z /mnt/NAS/myimg.img

Hope you enjoyed the small guide and everything works as intended!