Category: Pi Shop

You can do it — Steve

If you can type you can create a website. If you have an artistic eye you can make a pretty website, or use the supplied proven themes. If you can take a picture with your cellphone, and use drag and drop to copy that picture, you can add it to your website. From there it’s up to your time & interest as to where you take it.

The cover photo above shows an image of the UI for creating this post. The left side has the blocks/widgets for laying out the elements. The right-side panel is for settings on some blocks and some additional manual styling.

There are lots of YouTube videos on using WordPress, from short overviews to hours long deep dives. Watch a few videos, play with WP, throw it all away, do it again and you will start to get comfortable building a post with images, quotes, columns, groups and be a web guru in no time.

Another one of those dashboards, this is the main one for WP where you can monitor site stats or jot down notes to start a future post, or of course navigate with the familiar left navigation to other features and functions to keep a site working.

I happened to read an article today about the co-creator of WordPress, President of Automattic, head of the WordPress Organization and owner of wordpress.org, who is in a tiff with wordpress.com; this has been in the news the past few months and not worth pursuing here other than to say he’s a great proponent of open source, the main thrust of WordPress Organization, but he’s not opposed to making a profit via plugins; that’s the reason things are so bare bones.

That explained quite a bit about my experience with WordPress. Everything on this site is done with the plane jane vanilla WordPress or a few free plugins, which are sorely needed and barely work. But, hey, it’s all free, shows what can be done and whets the appetite for that hidden feature that a few dollars will enable.

WP comes with a media library, but it’s one big bucket, no subdirectories. If you want that functionality there’s a plugin for that. Unfortunately, not only are the good features disabled without paying, but the other plugins won’t recognize the sorting and subdirectories you’ve added, because they don’t know about the plugin. So, when you want to add an image to a post you have to find a thumbnail from the ever-growing pile of thumbnails.

For the photographers out there with the multi-mega pixel sensors, wanting to highlight their work in pixel peeping splendor, be forewarned, the default maximum file upload to WordPress is a measly 2 meg. This setting is not easily changed, for the neophyte (me). It’s in a config file, that the default Docker install makes difficult to access.

I ended up removing and discarding the WP container and recreated the Docker script to install it, specifying the install path and adding a database management tool to the stack. About the time the new container was up and running I’d found a free WP plugin that would let me set the upload to a new minimum for the max threshold at 16MB with option for much larger. But I’m serving from a tiny underpowered Pi, so I won’t servr any large images.

In fact there’s another plugin Smush to squeeze and smush images even smaller for faster load times, I am using that plugin getting a whoping 8% compression.

My basic approach to this site has been that I’l put in the time to learn how to do what I want. I’ll use the free tools to see how far I can push them and how much I can get from them, before I throw money at it. There are several plugins that do the same or similar functions so you have to shop around.

From some articles found while researching a gallery to use with WP I was steered to two, I tried them both and have chosen the Modula gallery. It doesn’t recognize the subdirectories created by the media management plugin, but that plugin recognizes the gallery plugin structure, which are the same. I’ve found that importing directly into the gallery not only saves a step of loading the gallery, but the bigger task of finding the correct thumbnail to load from its one bucket view of all the media.

For Calendars there are several, but they all tend to be for ticketed events. For what I wanted they were overkill. I’ve chosen Sugar Calendar as the best fit for my needs; I just wanted something I could share date for good celestial photo ops, these typically occur for a few to several days. Reoccurrences are not part of the free calendar package, but with the help of the database management tool I added to the build script I looked into the database found the table with the calendar events and editing 3 fields on the event record to get it reoccurring on the calendar without being all day events. A sunrise from Portland Women’s Forum does reoccur, but isn’t an all day event on the calendar now.

There’s a lot of power & capability in WP that I have yet to utilize, first I have to learn how to wield it. That will occur on a needs basis, when I need it I’ll learn it; maybe by then I can just say, “make it so.”

The Pi shop is 3 Raspberry Pi 5s, the first model with PCIe so they can take real storage media, like NVMe M.2 drives found in modern computers.

The Pi devoted to public facing traffic, like this website only has 1 TB, so there is a limit to how much I can say or the number of pictures I can post, But not to worry, that is still more than I can fill.

The other two Pis have 2 TB each for my media server, private cloud and home file storage.

One thing I’ve learned in learning how to build every part of the Pi shop is to ask for help. I am not a trailblazer, someone has done this before, and most likely made a YouTube video about it, certainly a blog post. So, there is no reason to feel stuck or get frustrated, watch a video, read a blog post. Still stuck, ask Google, which will probably point you to a subreddit post on your exact predicament & solution, or ask the new young turks, Copilot & Gemini, they have each been very helpful on a wide range of topics from philosophy to software configuration scripts.

The Pi shop is built from free Open Source software; that’s free as in air & beer. It does come with a cost and that is born by teams of dedicated people with vision about the success of a piece of software; there are ways to provide support. Those teams may be a small handful to hundreds of individuals, typically geographically dispersed, checking in changes to a common repository.

Git is the de facto standard repository for source code control, a way to track changes to a body of code to accomplish a task. Source code control is a requirement for a multi-programmer project to eliminate bugs or identify when and where they were introduced.

Github is a repository of source code repositories. In days of old you would go to the soda fountain or mall to hang out and be cool. Today, one way to show your creds and be cool is to have, or be involved with, one or more code projects on github. Anyone and everyone is free to look at the code in open source, so bugs get caught and little chance of malicious code being inserted, when downloaded from a reputable source. If others like what you are doing they can join the effort.

Think of it as a form of digital busking (playing for change$) or a digital jam session.

With that out of the way, here are the apps/services currently on the Pi shop:

Jellyfin, the media server currently holds 128 movies ripped from my DVD collection, they take 113GB of space, about 1GB per. The music collection has 500+ artists performing more than 2,000 songs. Family photos span the past 75 years, with more being added. Home videos and time lapses get there own space.
There are several plugins available for Jellyfin, from adding closed captions to scouring the web for more content.

Immich is the replacement for Google Photos. With a 2TB sandbox for my cellphone images to automatically upload to I no longer hit a 15GB ceiling that Google imposes before the meter starts running on paid storage. A very powerful image program that now with a domain name it’s easy to share albums selectively with anyone anywhere

Nextcloud is the private cloud space for the Pi shop. Here, notes, files, images, video, links and all the other digital debris & cyber dust balls of the modern connected life can be kept safely and securely. This is also touted as a collaborative environment for working with others on projects. I haven’t looked into that aspect of it yet, been just a bit busy on related endeavors.
Nextcloud also has plugins to extend the functionality, white boards, Talk (an in the app Zoom), image galleries, and many many more.

Pi hole was my very first Pi app. I got it to address my desire for add free browsing. For print/display media this works great across my entire Lan. Not so much for YouTube, but there may be solutions there too, stay tuned.

The Pi shop is running three different image gallery/album apps for evaluation, Pi Gallery2, Piwigo & Photoprism. Each are strong contenders with some great features. However, now with the website, Jellyfin & Immich I’m not sure where or how they might fit in the solution, but that’s where I thought I was going when I started, a supercalifragilisticexpialidocious digital memory display thingamabob. (when was the last time you fit that into your discussion correctly)

To maintain the Pi shop there are a handful of services running on each Pi. The Docker framework to host the containers providing the various services. Portainer to administer Docker and the Containers. Grafana with its supporting cast to provide a graphical look into the inner workings of each Pi. Then Homer as the dashboard for each Pi and Homarr as the dashboard for the network services mentioned.

I had the above in place and working, mostly, when I started realizing using Tailscale, while working, didn’t have the ease or elegance I hoped for. The Immich and Nextcloud apps didn’t like using the internal IP. Getting a domain name (Dec. 1) and Cloudflare tunnel (Dec. 2) were the next steps taken. This made the apps happy when at home and away.

The domain name also meant, for the price of learning WordPress (oh Joy, another learning opportunity), copying a few image files and trying my hand at writing content to inform and entertain. I too could be a publishing mogul. Or was that midget?

WordPress is the publishing app of choice for nearly half the web. It’s sort of a ménage à trois between a word processor, a spreadsheet (range selections & grid matrix) and a publishing program, except that’s what it is. (this is slated for one or more upcoming posts)

Over the course of a week, in my spare time, I became productive enough to create a basic no frill website. In the two weeks since then I’ve been correcting beginner mistakes and creating some content for visitors, i.e. is this page and site.

How can I securely and safely run a self-hosted website from my home office you may ask? In a word, curiosity.

The Pi serving this page has no original data, only copies. So there isn’t a concern with data loss. The first line of defense is a strong password, done. Second is a strong firewall and no unnecessary ports opened, done & done. Next use secure connections, note you are on HTTPs, just like shopping or banking online.

Securing the Lan is on me. I’ve enlisted one of the web’s bigger players, Cloudflare with their zero trust account, to create a secure encrypted tunnel from my Lan to their servers. They also provide the secure connection between your browser and their servers before putting you into my secure tunnel.

I’m less than a gnat on the behind of the elephant that Cloudflare is. I’m hiding in their shadow while they keep the internet safer. The Pi shop holds no secrets and is an underpowered computer well suited to small time serving needs. I doubt I am of much interest to nefarious players and have little to lose, at worst reformat and rebuild the Pi.

Part of the zero trust account is that Cloudflare takes care of the malicious traffic. Supposedly only legitimate web requests get sent to my server, time will tell.

In order to create a zero trust account with Cloudflare requires having a domain name. A website was not on my radar when I started my Picture Pi project but became easily possible with the groundwork already laid.

As I built out the Pi shop I realized accessing it from the wider web would be more than cool, it would be helpful. How can you use a private cloud if you can’t get to it when out and about?

Your ISP has provided you with a public IP address for your home Lan/router. Unlike the phone company or the post office, who don’t change your number or address, your ISP does change your public IP address periodically, unless you pay extra to have it not change.

What address or phone number would you give out if it changed once a year? That has been the problem trying to access self-hosted services from the internet; here today, gone tomorrow, because the address changed.

One of the earlier ways to get around this change of address was through the use of a third party who would listen to a periodic ping from your system, when it noticed the Dynamic IP address changed it would update it’s records to the new address. This way it could route traffic intended to your network correctly. Duck DNS is one provider for this type of access. I didn’t start there.

I started with Tailsscale. This is a node based architecture requiring a small piece of software be installed all the computers or smart devices you want to connect with, up to 1000 of them per user. And you can add two friends, all for free, after you create a Tailscale account.

Tailscale uses that installed app to create secure encrypted tunnels, but these are node to node (device to device). I’m using this as a secondary access for my Pi shop services now, relying on Cloudflare for primary access.

If I encounter problems I can always lock things down, page by page, the entire site, the entire tunnel or a combination of each of those means. My preference is to leave the website open as it is, while keeping the rest of the Pi shop locked down for my use. I’ll see where usage leads.

What is the dash in dashboard? As a verb it means to travel in a great hurry. When a horse dashes off (noun), there is often debris flung behind. The debris from the horse’s dashing is also called dash.

In carts and wagons boards were placed behind the horse to protect riders from getting a load of dash in their lap, hence dashboard. This became a great place to rest your feet, hang your cup-holder, even mount a chalk board to monitor how many horsepower you were using.

The evolution and standardization of system control & monitoring, climate adjustment and entertainment selection has meant that just about anyone can get into just about any vehicle and make use of the ‘dashboard’ to control the vehicle.

In computers it’s much the same, a dashboard let’s you monitor & control a system without knowing how to build it, just know if it’s working properly. My Pi shop has several dashboards, they too are fairly standardized so just about anyone can understand their use.

Doing things in triplicate helps me better remember how to do something; standardization also helps. In this case all of my Pi have the same base build up through Docker, Portainer, Homer, the Grafana monitoring stack, and the dashboard above . From there each Pi has a different set of apps and services to spread the load.

This is the Grafana monitoring dashboard, the top row gives me, at a glance, the status of key indicators for the system. The lower panels provide information on specific resource usage by container, either in aggregate of any one of them can be isolated by simply clicking the container label in the panel. The data is available from minutes to weeks or months at a glance. This Pi-hosted YT video goes through the set up,. one of the few with preconfiguration steps

One common interface is a navigation pane on the left and a detail pane on the right, this has been used by the file explorer for decades and it is still common today because it is somewhat intuitive.

Cloudflare uses the 2-pane, left nav, right detail user interface. I’m writing this about 2 weeks after getting a Cloudflare account and tunnel, the domain name & URL have not been published. I believe most of this traffic is from bots; although there have been more than 90 attempts to log into the WordPress admin account during this time as well, and that isn’t from bots.

Portainer, the Docker container mangers also uses the left nav, right detail panes. These are a few of the 200+ templates available with the Novaspirit Tech’s template file. Most, with one click, will deploy the container(apps & services); some are noted with pre-work to ensure a smooth install, mostly by creating an install directory.

Immich, my Google Photos replacement, works much like everything else, left nav, right detail. I’m still figuring out the workflow, but no issues so far.

I’ll end my missive on dashboards with this screen shot from Jellyfin my home media server. The base interface is similar to Netflix & Prime. It also has the hidden, fly-in left nav pane to fall back on.

In olden days it was the backside of the dashboard that was the working side catching all the debris. Now it’s the front side, often in a slap-dash form that displays all the debris so we can try to control it. Sorry , I have to dash.

TLDs are no longer limited to .com, .net or .org.

The .sky is not the .limit. TLDs now go from A to Z with hundreds of stops along the way and more added all the time.

To get an idea of some TLDs and who controls them this wikipedia page lists several hundred. Most professions & sports are covered, here is a small sample:

Another thing you will see is that corporations have locked in their names as TLDs. I don’t know if there are any checks & balances to this or not, but .camera is available as a TLD, but .Canon & .Nikon are not. Potentially I could get a domain “canon.camera”, but not “camera.canon”

One thing to note, not all registrars can register all domains, some domains are limited to specific registrars. That is not a big deal.

First I registered my .space domain through namecheap.com. Then, after creating an account with cloudflare.com I used the the DNS records provided by Cloudflare back on namecheap so my domain would use the Cloudflare DNS servers.

Another inexpensive registrar I seen mentioned to get your domain is Porkbun.com

When a domain name is registered a valid name, address and contact information has to be provided for the responsible party. Namecheap and porkbun hide this from inquires by default for free; GoDaddy and others charge for this service. You will want to hide this from prying eyes, but why pay extra.

Over the past 10 years there’s been a continual growth in the number of domain names issued, although it has slowed. In the US, there are 133 domain names almost 100 million more than the next closest country at 35 million. The new TLDs might cause an influx of new domains and websites, and there is not a 1:1 connection between the two, subdomains count as one domain and one domain can host multiple websites.

Practice makes perfect

You can teach an old dog new tricks, but the dog has to want to learn, and it’s still harder to do. One way to help is practice, practice, practice. That was all the justification needed to add a 2nd Pi to my Pi shop.

With two Pis I had to start thinking about what apps or services would be hosted on which Pi. My choices for some must-have apps were narrowing down.

• Immich as the image backup and album sharing replacement for Google Photos was a slam dunk.
• Jellyfin as the media server for movies, music, home video and pictures was also a slam dunk
• Nextcloud is groupware, software for you & your family to share file, calendars, to do lists, etc. your personal cloud storage

One reason to go down the self-hosted route is to avoid storage fees. After the first 15-20GB you have to pay. I now have TBs of storage at no additional cost. And my images and data won’t be used to train AI.

After that short list trying to select a photo album/gallery software is proving more difficult. There are three main contenders left after the first round.

• Pi Gallery2 — The main thing with this app is that it just uses the subdirectories and images to create the galleries; they call it directory first. This is something important to me. Another nice thing is that it is fast.
• Photoprism — This too uses the directory structure and has a great facial recognition, but it only allows one user, so not a program to use for public viewing, bummer.
• Piwigo — I have yet to install or play with this software to complete the evaluation of which to use

There are a few downsides to online galleries and that’s users. Not the users themselves, managing there accounts; how granular do you need/want to go? A guest account for all to use to see everything, or a per user account so the hoi poli can’t see your family holiday pictures, or some combination of guest & specific users. Either way it means administering accounts.

Now that I have this site, photo gallery services may go by the way side, they’ve been set aside for now. to get the site out. I’ll revisit later.

All aboard

Raspberry Pis run a Linux Operating System, probably the most used OS in the world, and it’s open source, meaning (in general) anyone can use it, modify it and redistribute it, all for free.

So far the software for my Pi shop has been completely free, there are opportunities to pay to support the developers, but no requirement to do so. WordPress, the software to create this site and used by almost half of all websites, is also free. It uses many plugins that are free in a minimalist version with desired features available in a paid version, but that’s a tale for another post, today’s is about Docker.

Docker is a framework that sits on the OS (Windows, Mac, Linux) and supports containers. Containers hold isolated and secure installations of software apps & services. Prior to containerization of software & services there could be contention issues on libraries & resources, as well as security issues where malware could access data from other apps. By using containers these issues are no longer of concern. Software install and set up is fairly simple & standardized, after all, even I’ve been successful building my Pi shop.

There are lots of people making YouTube videos and posting blogs that helped with guidance on my journey.
One of the most helpful was Novaspirit Tech and their Pi Hosted series. The Github repository where the scripts and resources to setup and configure the self-hosted services mentioned in the videos are kept and you will become familiar with if you go down this path. This is also a great way to learn more about Docker, containers & Portainer, oh my.

After installing Docker, which is a command line tool (CLI) the first container to install is Portainer, a GUI to manage Docker and the rest of the containers you will install.

Pi hole is a network-wide ad blocking service and must have on every home network IMHO. Simply grab a few lists from the firebog collection to add to your Pi hole and you will see no more ads, yipee.

If you watch the Pi-hosted series you will soon find that there are more than 200 free apps in the template to select from, with hundreds more on the docker hub (library) of container images. In subsequent posts I will identify the one’s I’ve selected to be on my home lab.

Here is a sample Docker yaml script I’m using to install two containers; the first is piwigo, a photo display app, which depends on the 2nd container for the maria database to hold all the data for the photo album. There are some users, some port settings and some paths defined (volumes). This is typical of settings for every container in Docker.

services:
  piwigo:
    image: lscr.io/linuxserver/piwigo:latest
    container_name: piwigo
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Los_Angeles
    volumes:
      - /portainer/Files/AppData/Config/piwigo/config:/config
      - /uppercrust/firstcut/Keepers:/gallery
    ports:
      - 8083:80
    restart: unless-stopped
    depends_on:
      - maria_db

  maria_db:
    image: linuxserver/mariadb:latest
    container_name: piwigo_db
    ports:
      - 3306:3306
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=MySqlPassword
      - TZ=America/Los_Angeles
      - MYSQL_DATABASE=piwigo_db
      - MYSQL_USER=myuser
      - MYSQL_PASSWORD=mypassword
    volumes:
      - /portainer/Files/AppData/Config/piwigo/DB:/config
    restart: unless-stopped

As you can see, not much to it and nothing to be intimidated by. If things don’t go right, or later you decide you want to change or remove it’s simply a matter of stopping the service and deleting the container. Modifying the script as needed and rerunning it will recreate the container with it’s software.

Whether you are interested in monitoring your home (home automation) or your network (intrusion & threat detection) or your computer (CPU temp & activity) or serve your media, there is a free container that will help you do that.

Don’t reinvent the wheel.
It’s probably been done before.
Check YouTube.

I wanted a way to show & share images across my local network without having to start my main PC. I started with 1 Raspberry Pi 5 (some assembly required); the free Raspberry PI Imager (OS); and some websites & YouTube channels for guidance.

Little did I know the door that opened or how glad I’d be I took that first step. One unanticipated side benefit(?) is this website. It is operating on the first Pi, sitting on the corner of my office desk, sipping power and providing services 24×7, but that’s a story for later, this story is about getting that first Pi up and running.

The Pi 5 is the first Pi with a PCIe bus that you can plug real storage hardware into, like SSDs. Thankfully Pis are well supported and have an active community. One Pi guru, Jeff Greeling has a great step by step tutorial on booting your Pi from an NVME drive or you can watch it on his YouTube channel

At this point I had a Pi that could boot up and had lots of storage, but no apps and no way to access the storage. I knew I wanted to “show” my pictures from the Pi, but first I had to get them there.

Some research showed that Samba was what I needed to drag and drop from my Windows PC to a file-share location on the Pi. One speed bump in this was finding out the hard way the ‘root’ user on the Pi, the first logged in user, cannot be used as the owner of the connection or storage target on the Pi, this is for security reasons; a new user is required.

This is also a good time to point out that Linux has a totally different security structure for files and ownership & permissions. When something doesn’t go right, the first place to start is with permissions. Either the user doesn’t have permission to write to the location or doesn’t have permission to read or execute the file. These will stop you in your tracks every time.

Thankfully, if an internet search or YouTube video doesn’t enlighten you there are a couple of personal assistants you can call on, they have been immensely helpful to me; Microsoft Copilot and Google Gemini.

I’ve typed and spoken my queries; I’ve even taken screen shots with my cell phone and pasted the resulting image into the AI prompt. It was able to ‘read’ the lines of error code in the picture and tell me the problem and offer a solution.

I’ve given it a few variables like database name, user and password and it will use those to produce a script to install an application.

I would be much closer to my beginning steps than I am to my end steps without the help of AI. If you haven’t tried, download one of the apps from your app store and give it a whirl, much better than doom scrolling.