So I have a Synology server that I have a good deal of experience with, so this post will be through that lens.
What I’d like to do is set up a Raspberry Pi exclusively for pirating. So Qbittorrent and Proton VPN to get started, later Radarr, Lidarr, etc. I don’t think I’ll have a problem getting the Pi up and running, but I’d like to run it like my server, tucked away somewhere without a monitor or peripherals.
How do I access it? For my Synology box, I just put in a browser the local ip port 5000 and I have a whole desktop right there. But when I google about how I’d access a Pi, everything points to using SSH. I know a lot of people have Pis set up like this and surely they can’t be administering the whole thing through CLI, right? How do I get a similar setup to my Synology such that I can just get a desktop interface in a browser?
Since fin has already provided a decent answer, I’ll just say never underestimate how much some people do with CLI. For those who’ve memorised every command they need CLI is quicker than a high DPI setting and a twitchy wrist on a mouse.
Yes, most people do it over ssh.
- Tailscale for remote access
- Portainer for GUI docker management
- NGINX Proxy Manager running behind tailscale for accessing your services easier (can go into greater detail on this)
- SSH for anything else
IMO, trying to avoid CLI in server administration is doing yourself a long term disservice. Its not that challenging and you’ll learn a lot more about how everything works. Plus, you’re pretty much not going to be able to avoid the terminal forever.
Yeah, I’m not trying to avoid terminal completely, just for the day to day tasks I’m gonna use it for. But someone in another thread pointed out that most things, after they’re set up have a front end GUI, like your portainer example. I can get comfortable with such a situation.
Like others have said, running a DE with remote capabilities will be a lot of overhead.
If you set up portainer and watchtower using ssh, you can pretty much just manage everything from portainer while watchtower makes sure that portainer and the rest of your containers stay updated. It’s a very hands-off operation, especially if you set up auto updates on top of that for the pi OS. You’ll probably just have to ssh in periodically to run a system upgrade and maybe restart to update the kernel.
I would love a layman’s guide to NGINX. every guide I come across is filled with unexplained jargon
Sounds good! I’ll write something up & post on selfhosted
Just give me a couple days :)
https://lemmy.browntown.dev/post/1440768
Not sure if you getting mentioned in the post gives you a notification, but just wanted to drop the link here! Hope it helps, I tried to make the walkthrough pretty basic while still keeping it high level where it matters (like I assume anyone attempting this is familiar enough with selfhosting that they can install a docker container without me walking through the entire process)
appreciate it thanks, I’ll take a look
yes, I can run docker.
Tailscale is a good option.
Edit: I’m assuming you mean away from home, but if you mean in your local network just use SSH?
Home is fine for now. The problem with SSH is I don’t want to run everything with CLI
To answer your question more specifically, most people set up the pi with docker, using services which have a front end accessible in the browser. They basically use their browser to navigate to the front end of the service they want to use and administer it like that. For instance portainer to manage their docker containers, or pihole for managing their firewall, or even jellyfin for their media which is both the website to consume the media and has an administrator dashboard.
Edit: this is in complement to using something like tailscale which basically allows you to access these services away from home. They work in conjunction.
Ok, this is actually a helpful answer. I can appreciate what you mean by setting things up in docker and using a front end. I’ve done some of this on my Synology, but I try to avoid Docker because I don’t fundamentally understand what I’m doing, I’m mostly just following some tutorial I found online.
I understand your position. There is a learning curve to containers, but I can assure you that getting your basics on the topic will open a whole new world of possibilities and also make everything much easier for yourself. The vast majority of people run containers which make the services less brittle because they have their own tailored environment and don’t depend on the host libraries and packages and also brings increased security because the services can’t easily escape their boundaries rendering their potential vulnerabilities less of an issue compared to running those same services bare metal.
I started on synology too. There is a website called Marius hosting which focuses on tutorials for containers on synology, but his instructions have been updated the last few years to focus on spinning up containers manually rather than through the UI, which makes it more intimidating than it needs to be for beginners… I’ll link it here just as a reference. I’ll see if on the way back machine he shows the easier way and report back if I find something.
Edit: yes here is an original tutorial for Jellyfin (this method still works for me and is still how I use docker lately): https://web.archive.org/web/20210305002024/https://mariushosting.com/how-to-install-jellyfin-on-your-synology-nas/
Yes! I’m familiar with Marius for exactly this reason. Following his tutorials i feel like i understand what’s going on until I run into a problem that’s not addressed in the tutorial and then I’m stuck. I can’t figure out a work around because I don’t know what the error message is telling me. Then after googling it, I’m 15 browser tabs deep in stack exchange boards and I’m no closer to setting up the container.
I know what you’re talking about, happens to us all when we’re learning something new.
Want to share the details of a specific issue you’re facing, blocking you?
What a generous offer! Can I take a rain check? I haven’t worked on it in a while after giving up. I think I was trying to re-set up… Tautulli? Yes, I had already set it up but it stopped working. Then I tried to set it up again and I forget what issue I ran into. Do you mind if I get back to you later? Could be this weekend, next week, or in a few months. Whenever the motivation and available time align.
novnc?
noVNC follows the standard VNC protocol, but unlike other VNC clients it does require WebSockets support. Many servers include support (e.g. x11vnc/libvncserver, QEMU, and MobileVNC), but for the others you need to use a WebSockets to TCP socket proxy.
This is gibberish to me. Is this something I can set up in Ubuntu which is what I’m planning to run on the Pi?
I have a Raspberry Pi myself, and after the initial setup there’s not much maintenance needed. it just works as expected. the services hosted on it have their own respective Web Pages or APIs or mobile apps, depending on the service.
note that installing additional software to access your Pi will take up system resources like memory, storage, and bandwidth. So take that into consideration, and how much the other services consume.
What OS is it running?
And what about when a service stops or crashes and you can’t access through the app or front end? Or updates, either for the OS itself and for all of the services it’s running? Do you SSH in every time you need to do any of that?
I think it’s running Raspberrian. I wanted something Debian based, and thought the official image will do (it does).
Specifically on my Pi, I’ve set it up in such a way that even if it loses power or internet, I won’t need to do anything for it to be back up.
But I did have lottts of problems on my VPS. programs crashed, Out Of Memory crashed the OS… really, no shortage of errors. And I had service there I used all the time like music.
So what I did is use Termux on my phone. this way I could SSH to it from anywhere. Just click the button, run a few commands and be back on with my day. It’s the most convenient way I’ve found. being able to do it from my phone on the go. And since it’s CLI it was much easier to do. Just run the command needed and leave.
If you want I can elaborate on what Termux is and how I used it here.
If you’re gonna run docker, dockge might be what you’re looking for.
I know a lot of people have Pis set up like this and surely they can’t be administering the whole thing through CLI, right?
We are, indeed. I use a combination of SSH (for quick stuff), and Ansible for stuff I need to do repeatedly.
How do I get a similar setup to my Synology such that I can just get a desktop interface in a browser?
The tool you’re looking for is a ’VNC’ solution. There’s lots of them, and the best ones are free.
You can enable VNC on your Raspberry Pi through Raspi-Config. You’ll also need a VNC client on each device you want to connect from. Fin linked one above, I think.
And now some un- requested advice from me:
You mention running Ubuntu on the Raspberry Pi.
If you choose Ubuntu, I believe you will encounter many recipes online that will not work, because Ubuntu does not come with various Raspberry Pi specific tools pre-installed, such as
raspi-config
.Raspbian and Ubuntu are extremely similar (this is intentional).
But I have found:
- Many Raspberry Pi recipes will not work on Ubuntu, because Ubuntu does not include Pi specific software that is included in Raspbian.
- Most Ubuntu recipes work perfectly on Raspbian.
I think the Raspbian software can be added on top of Ubuntu, but I’ve never cared enough about the minor differences to even try.
The Ubuntu recipes I have found that don’t work on Raspbian also don’t work on Pi hardware at all, until I compile additional tools from source code. (A Raspberry Pi uses an ARM chip, which is cool, but makes it harder install some software that doesn’t support it.)
So the primary reason I’m going with Ubuntu is because my VPN is Proton and
So I’m afraid it might not run on anything else. The other stuff I want to run, Qbittorrent and eventually the *arrs, will probably run on anything. And it looks like I’ll probably need Docker anyway. So the real constraint right now driving the OS choice is Proton.
You do not need the ProtonVPN App. You can simply use OpenVPN logins provided by ProtonVPN, they should have a section telling you how you can do it.
Go it!
https://protonvpn.com/support/linux-openvpn/
This is shaping up to be a much harder project than I thought
If you use docker with portainer (for the GUI), you can set up the gluetun container with your protonvpn account and run all your other containers through that as their network. It’s as simple as adding
network_mode: service:gluetun
to your stack configuration for each container.
Makes sense. I suspect it may still not work due to Proton likely being compiled for Intel, rather than ARM chips.
If you run into that, you may be able to work around it by logging into the Raspberry Pi, cloning the source code and installing: (if you’re able to get that to work, it’ll likely work equally well on Ubuntu or Raspbian). But it’s not for the faint of heart, they (Proton) don’t include many details, so it looks like there will be a lot of learning about their tool chain. https://github.com/ProtonVPN/proton-vpn-gtk-app#installation
(Edit: Since ProtonVPN is Python based, it may be fine, as long as there’s not too much C in the project. If it works immediately, my gut feeling is it will also work fine on Raspbian, if you need to switch for any other reasons.)
Since Jellyfin, qbitTorrent-nox and the arr-suite are available as docker containers, you could try one of the many docker web UIs. I never used one of them since I’m happy with my one file docker compose configuration, so I can’t recommend one.
I use Portainer to manage Docker. It’s really easy.
My are stack is just one big docker config except in Portainer it’s called a “Stack”
Check out Yunohost for GUI and ease of setup and maintenance
I’ve been a happy user for years
Raspberry Pi runs their own Connect service, which is free for personal use. Includes remote ssh and vnc sessions through a browser.
You could use either VNC or RDP to access your computer remotely through the GUI. I’d recommend RDP because it’s more secure. You should also enable SSH just in case something goes wrong with the GUI connection or something.
Tailscale?