Raspberry Pi Tutorial | Build Your Own Internet

📖 Overview & Shopping List ESSENTIAL

What You'll Build

A complete home server that runs 24/7 in your house, providing:

Personal cloud storage (Nextcloud)
Password manager (Vaultwarden)
Media streaming (Jellyfin)
Photo management (PhotoPrism)
Ad-blocking for your whole network (Pi-hole)
VPN server for secure remote access

💰 Cost Breakdown

One-time hardware cost: ~$150-200
Monthly electricity: ~$2-3
Break-even vs VPS: 3-4 months
5-year savings: $800+ compared to cloud services

🛒 Complete Shopping List

Essential Components (~$150):

Raspberry Pi 4 Model B (8GB RAM) - $75-85
Case with active cooling fan - $15-20
Official 15.3W USB-C Power Supply - $8-12
High-quality microSD card (64GB+) - $12-18
Ethernet cable (Cat6) - $5-8

Recommended Additions (~$50):

1TB USB 3.0 External HDD - $45-55 (for bulk storage)
Heatsink kit - $5-8 (extra cooling)

Optional Pro Upgrades (~$100):

UPS battery backup - $30-50
USB 3.0 SSD (500GB) - $45-60 (faster than HDD)

🤔 What is a Raspberry Pi?

Simple: A credit card-sized computer that can run a full operating system.

Technical: Single-board computer with ARM processor, designed for education and DIY projects.

Why it's perfect for servers: Low power (5W vs 100W+ for PC), always-on operation, and costs under $100.

Wikipedia Official Guide

💡 Why Raspberry Pi?

Extremely low power consumption (5-10W vs 100W+ for PC)
Silent operation (no fans in basic setup)
Compact size (fits in your palm)
Strong community support and tutorials
ARM processor teaches you different architecture
Perfect learning platform for Linux and networking

What You Need to Know

Basic computer skills (copy/paste, follow instructions)
Comfort with trying new things and troubleshooting
Access to your router (to configure port forwarding)
Willingness to learn - this is more educational than VPS route

🔧 Hardware Assembly ESSENTIAL

Prepare your workspace

Clean, static-free surface
Good lighting
Small screwdriver if case requires it
Have your smartphone ready for photos (documentation)

Install heatsinks (if purchased)

Clean the CPU and GPU chips with alcohol wipe
Remove heatsink backing and apply firmly
Largest heatsink goes on the main CPU chip
Apply gentle pressure for 10 seconds

Install Pi in case

Open your case (usually top and bottom pieces)
Gently place Pi in bottom part
Ensure all ports align with case openings
Don't force anything - should fit easily

Connect cooling fan (if included)

Find GPIO pins 4 (5V) and 6 (Ground) on the Pi
Red wire to pin 4, black wire to pin 6
Refer to case instructions for exact placement
Fan should start spinning when powered on

Close case and prepare connections

Close case carefully - don't pinch any wires
Insert microSD card (we'll write to it next)
Connect ethernet cable
Don't connect power yet!

⚠️ Static Electricity: Touch a grounded metal object before handling the Pi. Static can damage sensitive electronics.

✅ Assembly Complete! Your Pi should be neatly housed with proper cooling, ready for software installation.

💿 Install Operating System ESSENTIAL

🤔 What is DietPi?

Simple: A streamlined version of Linux specifically designed for small computers like Raspberry Pi.

Technical: Lightweight Debian-based distribution with automated software installation and optimization.

Why choose it: Uses less resources than standard Linux, has one-click installers for 100+ server applications.

Official Site What is a Linux Distribution?

Why DietPi?

Pre-configured for Raspberry Pi
Built-in software installer for 100+ applications
Automated optimization and security
Excellent documentation and community
Minimal resource usage

Download DietPi image

Go to DietPi Download Page
Select "Raspberry Pi" from the hardware list
Download the latest stable image (.img file)
File will be ~400MB compressed

Download and install Raspberry Pi Imager

Visit Raspberry Pi Imager
Download for your OS (Windows/Mac/Linux)
Install and run the application

Flash DietPi to SD card

Insert microSD card into your computer
Open Raspberry Pi Imager
Click "Choose Image" → "Use custom" → select DietPi .img file
Select your SD card as destination
Click gear icon for advanced options

Configure advanced options

Enable SSH: Check this box
Set username/password: dietpi/yourpassword
Configure WiFi: Only if you won't use ethernet
Set locale: Your timezone and keyboard layout
Click "Save" then "Write"

Wait for flashing to complete

Process takes 5-10 minutes
Imager will verify the write automatically
Safely eject SD card when complete
Insert SD card into your Pi

💡 Alternative OS Options:

Raspberry Pi OS: Official OS, good for learning Linux
Ubuntu Server: More mainstream, extensive documentation
OpenMediaVault: Specialized for NAS functionality
CasaOS: Can be installed on any of the above

🚀 Initial Setup ESSENTIAL

First boot

Connect ethernet cable to Pi and router
Connect power supply (Pi will boot automatically)
Wait 2-3 minutes for initial boot
LEDs should show activity (red power, green activity)

Find your Pi's IP address

Method 1: Check your router's admin page (usually 192.168.1.1)
Method 2: Use network scanner like Advanced IP Scanner
Method 3: Use command: nmap -sn 192.168.1.0/24
Look for device named "DietPi" or "raspberrypi"

Connect via SSH

🤔 What is SSH?

Simple: A way to control a computer remotely using text commands.

Technical: Secure Shell protocol that provides encrypted remote access to command line.

Why use it: Control your Pi from your computer without needing a monitor or keyboard connected.

Wikipedia SSH Academy

Windows: Use built-in SSH or PuTTY
Mac/Linux: Use terminal
Command: ssh dietpi@192.168.1.XXX (replace with your IP)
Default password: dietpi

Complete DietPi first-run setup

DietPi will run automatic setup on first login
Change default passwords when prompted
Select your locale and timezone
Choose serial console options (usually defaults are fine)
Wait for system updates to complete

🔧 Can't Connect?

No IP address: Check ethernet cable and router connection
SSH refused: Wait longer, Pi might still be booting
Wrong password: Try default dietpi/dietpi
Network issues: Try connecting monitor and keyboard directly

✅ Initial Setup Complete! You now have a running Linux server on your network.

⚙️ Configure DietPi ESSENTIAL

Understanding DietPi Software Tool

DietPi's main feature is its software installation tool that can install and configure popular applications with zero manual setup.

Launch DietPi-Software

# Main DietPi configuration tool dietpi-software

This opens a menu-driven interface for software installation.

Configure basic settings

Select "DietPi-Config" from main menu
Network Options: Set static IP if desired
Security Options: Change SSH port (optional)
Performance Options: Enable all CPU cores
Advanced Options: Enable I2C if you plan hardware additions

Optimize system performance

Go to "DietPi-Config" → "Performance Options"
Set CPU governor to "performance" for consistent speed
Increase GPU memory split to 128MB (helps with media)
Enable all CPU cores
Set swappiness to 10 (reduces SD card wear)

Setup external storage (if using USB drive)

Connect your USB drive
Go to "DietPi-Drive_Manager"
Select your USB drive
Format as ext4 (recommended for Linux)
Set as user data directory

💡 Storage Strategy:

SD Card: OS and small configs only
USB Drive: All user data, databases, media
Why: SD cards wear out with heavy writes, USB drives are more durable

📦 Install Services ESSENTIAL

Essential Services Installation

We'll install core services that replace major cloud platforms. Each service is installed with one click in DietPi.

Install Nextcloud (Google Drive replacement)

In dietpi-software, go to "Browse Software"
Category: "Cloud & Backup" → "Nextcloud"
Select it (space bar) and install
DietPi handles database setup, web server, PHP, etc.
Access at: http://your-pi-ip/nextcloud

Install Vaultwarden (Password Manager)

Category: "Social & Search" → "Vaultwarden"
Lightweight Bitwarden server
Stores all passwords encrypted
Works with Bitwarden mobile/desktop apps
Access at: http://your-pi-ip:8080

Install Pi-hole (Network Ad Blocker)

Category: "DNS Servers" → "Pi-hole"
Blocks ads for your entire network
Speeds up browsing and saves bandwidth
Provides network analytics
Access at: http://your-pi-ip/admin

Install Jellyfin (Media Server)

Category: "Media Systems" → "Jellyfin"
Your personal Netflix
Streams movies, TV shows, music
Works on all devices (phones, TVs, browsers)
Access at: http://your-pi-ip:8096

Optional but Recommended Services

Install PhotoPrism (Photo Management)

AI-powered photo organization
Face recognition and auto-tagging
Replaces Google Photos
Note: Resource intensive, consider Pi 4 8GB only

Install Home Assistant (Smart Home)

Central hub for smart home devices
Works with hundreds of brands
Local control (no cloud dependency)
Automation and scheduling

⚠️ Resource Management: Don't install everything at once! Start with 2-3 services, monitor performance, then add more. Pi 4 8GB can handle 5-8 services comfortably.

✅ Services Installed! You now have multiple cloud services running on your own hardware.

🌐 Network Configuration ESSENTIAL

Setting Up Remote Access

Configure your network so you can access your services from anywhere, securely.

Set static IP address

🤔 What is a Static IP Address?

Simple: A permanent address for your Pi on your home network that never changes.

Technical: Fixed IP address assignment instead of dynamic allocation via DHCP.

Why needed: Your services need a consistent address that doesn't change when your Pi reboots.

IP Address Basics Static vs Dynamic

In dietpi-config → "Network Options: Adapters"
Select "Ethernet" → "Change to static"
Set IP (e.g., 192.168.1.100)
Set gateway to your router IP
DNS servers: 1.1.1.1, 8.8.8.8

Configure router port forwarding

🤔 What is Port Forwarding?

Simple: Telling your router to send internet traffic to your Pi when someone tries to access your services.

Technical: NAT rule that forwards external network requests to internal IP addresses and ports.

Why needed: Your router blocks external access by default. Port forwarding creates secure pathways to your services.

Wikipedia How-to Guide

Access your router admin panel (usually 192.168.1.1)
Find "Port Forwarding" or "Virtual Servers"
HTTP: External 80 → Internal 192.168.1.100:80
HTTPS: External 443 → Internal 192.168.1.100:443
SSH: External 2222 → Internal 192.168.1.100:22

Setup dynamic DNS (DDNS)

Your home IP changes periodically
Use DuckDNS for free subdomain
Install DuckDNS from DietPi software
Configure your subdomain (e.g., myhouse.duckdns.org)
Automatic IP update every 5 minutes

Install reverse proxy (advanced)

Install "Nginx" from DietPi software
Configure subdomains for each service
nextcloud.yourdomain.com → Nextcloud
vault.yourdomain.com → Vaultwarden
Enables SSL certificates for each service

⚠️ Security Warning: Port forwarding exposes your Pi to the internet. Ensure you complete the security section before enabling external access!

💡 Alternative: VPN Access
Instead of port forwarding, consider setting up WireGuard VPN:

Install WireGuard from DietPi software
Access your services through VPN tunnel
More secure than exposing services directly
One port forward (51820) for all services

🔒 Security Hardening ESSENTIAL

⚠️ Critical Security Steps: Your Pi is now accessible from the internet. These steps are mandatory, not optional!

Update system and enable automatic security updates

# Update everything apt update && apt upgrade -y # Enable automatic security updates apt install unattended-upgrades -y dpkg-reconfigure unattended-upgrades # Select "Yes" when prompted

Configure firewall (UFW)

🤔 What is a Firewall?

Simple: A security guard that decides which network traffic is allowed to reach your Pi.

Technical: Network security system that monitors and controls incoming/outgoing traffic based on rules.

Why critical: Blocks malicious access attempts while allowing legitimate connections to your services.

Wikipedia Ubuntu UFW Guide

# Install and configure firewall ufw default deny incoming ufw default allow outgoing # Allow essential services ufw allow 22/tcp ufw allow 80/tcp ufw allow 443/tcp # Enable firewall ufw enable

Install and configure Fail2Ban

# Install fail2ban apt install fail2ban -y # Create custom configuration nano /etc/fail2ban/jail.local

Add this configuration:

[DEFAULT] bantime = 3600 findtime = 600 maxretry = 3 [sshd] enabled = true port = 22 filter = sshd logpath = /var/log/auth.log

Setup SSH key authentication (highly recommended)

Generate SSH key pair on your computer
Windows: ssh-keygen -t ed25519
Copy public key to Pi: ssh-copy-id dietpi@your-pi-ip
Test key authentication works
Disable password authentication in SSH config

Change default SSH port

# Edit SSH configuration nano /etc/ssh/sshd_config # Change Port 22 to Port 2222 # Restart SSH service systemctl restart ssh # Update firewall ufw allow 2222/tcp ufw delete allow 22/tcp

Setup SSL certificates with Let's Encrypt

# Install certbot apt install certbot python3-certbot-nginx -y # Get certificate (replace with your domain) certbot --nginx -d yourdomain.duckdns.org # Setup automatic renewal crontab -e # Add line: 0 12 * * * /usr/bin/certbot renew --quiet

🛡️ Additional Security Measures:

Setup intrusion detection with AIDE
Configure log monitoring with logwatch
Install ClamAV antivirus
Setup VPN-only access to services
Regular security audits with tools like nmap

💾 Backup Strategy ESSENTIAL

Multi-Layer Backup Approach

Protect your data with multiple backup layers. Remember: RAID is not backup, it's availability.

Setup SD card imaging

Create full SD card image monthly
Use Win32DiskImager or dd command
Store images on separate device
Test restore process periodically

Configure automated file backups

# Install backup tools apt install rsync rclone -y # Setup daily backup script nano /usr/local/bin/backup.sh

Create backup script:

#!/bin/bash # Backup important directories rsync -av /mnt/dietpi_userdata/ /backup/daily/ rsync -av /etc/ /backup/config/ # Upload to cloud storage rclone sync /backup/ remote:pi-backup/

Setup cloud backup destination

Configure rclone with cloud provider
Options: Google Drive, Dropbox, OneDrive, B2
Encrypt backups before upload
Test restore from cloud regularly

Install Duplicati for advanced backups

Install from DietPi software catalog
Web-based backup configuration
Incremental backups save space
Built-in encryption and compression
Access at: http://your-pi-ip:8200

Create recovery documentation

Document your configuration settings
List all installed services and their configs
Create step-by-step recovery procedures
Store documentation offline (printed copy)

📋 Backup Checklist (3-2-1 Rule):

3 copies: Original + 2 backups
2 different media: SD card + USB drive + cloud
1 offsite: Cloud storage or physical location

📊 Monitoring & Maintenance ESSENTIAL

Install system monitoring

Install "Netdata" from DietPi software
Real-time system monitoring
CPU, RAM, disk, network graphs
Access at: http://your-pi-ip:19999

Setup uptime monitoring

Install "Uptime Kuma" from DietPi software
Monitor all your services
Email/SMS alerts when services go down
Public status page for family/friends

Configure log monitoring

# Install log monitoring apt install logwatch -y # Configure daily email reports nano /etc/logwatch/conf/logwatch.conf # Set your email address MailTo = your@email.com

Create maintenance schedule

Daily: Check service status (automated)
Weekly: Review logs, update packages
Monthly: Full system backup, security audit
Quarterly: Hardware check, replace SD card if needed

Weekly Maintenance Routine (10 minutes)

# Weekly maintenance script #!/bin/bash # Update system apt update && apt upgrade -y # Clean up apt autoremove -y && apt autoclean # Check disk space df -h # Check system load uptime # Check failed services systemctl --failed

⚠️ SD Card Lifespan: SD cards wear out with heavy use. Monitor write cycles and replace annually for critical systems. Consider moving to USB SSD for better reliability.

🚀 Expanding Your Setup ADVANCED

Hardware Upgrades

Add more storage

USB 3.0 SSD for better performance
Multiple USB drives for RAID setup
Network Attached Storage (NAS) integration
Consider upgrading to Pi 5 when available

Cluster setup (multiple Pis)

Kubernetes cluster for learning
Load balancing across multiple Pis
High availability service setup
Distributed storage with GlusterFS

Advanced Services

Communication platforms

Matrix server for secure messaging
Jitsi Meet for video conferencing
Mastodon for social media
Email server (advanced users only)

Development tools

GitLab for code hosting
Jenkins for CI/CD
Docker registry for containers
Wiki.js for documentation

IoT and automation

MQTT broker for IoT devices
Node-RED for automation flows
InfluxDB + Grafana for time series data
Security camera system with MotionEye

Learning Opportunities

Linux Administration: Deep dive into system management
Networking: VLANs, routing, network security
Containerization: Docker and Kubernetes
Database Management: MySQL, PostgreSQL, MongoDB
Web Development: Host your own websites and applications
Security: Penetration testing, hardening, monitoring

Raspberry Pi Home Server

📋 Progress Tracker