02 May 2022

DIY Syncthing Cloud from Old Raspberry PIs

I used to use dropbox, but having only 5-6 gigs is not really enough if I want to back up my music and or pictures. I had a few raspberries and hard drives from old computers lying around and I though I'd make use of them to store my data redundantly on these, so it's private and I never have to worry about consistency, and what happens if one of them dies on me, nor I have to pay 50+bucks a month for a VM with sufficient storage, nor I have to pay any other cloud services. That said, the places I have these hooked up all have their separate internet addresses, so in case of a blackout I still have other machines to take over. I own 5 of these machines, but I believe 1-2 would already be enough.

I used this article for reference a lot.

What you need?

• HDD case with a drive or a HDD with usb interface
• proper power source that does not die on booting up a hard drive
• raspberry pi, any model
• micro sd card reader

Setup

Write the Image

• download pi imager from here then open it

• select headless Raspbian OS Lite for base image

• hit Advanced (cog on the bottom right)

• name your device something unique

• set up wireless network interface if needed

• enable ssh

• add your public key authentication info under settings and enable SSH (you'll need your id_rsa.pub file - but if you are writing it from linux it puts it there automatically)

• How To Linux/Raspberry Pi Secturity?

Start it up

• plug the SD card in and give the panel power
• wait until it boots and does the first boot jobs (resizes the main partition, root). It usually takes up to 5 minutes for it to be done with startup the first time.
• find the raspberry on the network, looking up the address with nmap -sP 192.168.0.0/24 or via the router configuration interface
  • check your own IP address with running ifconfig in linux/mac or ipconfig in windows
  • usually the address for your router's configuration page is the gateway address you are seeing in the output of the former command
  • also you'll need to authenticate it, the credentials are usually written on somewhere on your router
• connect to it with ssh pi@192.168.0.155

Install packages

SSH_PORT=3456
sudo apt update && sudo apt install syncthing hdparm ufw
# syncthing: keep your files synced for all devices
# hdparm: spin down drive after a few minutes when not needed to preserve it
# ufw: since this is out on the open web, only allow one port to be open

# allow the SSH port!
sudo ufw allow $SSH_PORT
sudo ufw enable

Configure SSH

• edit /etc/ssh/sshd_config file to change the default port to the desired one (Look for the line Port 22, uncomment it and change the number)
  • do not forget to add this port to your ufw rules!
    • e.g.: ufw allow 333
• you can run sudo service ssh restart if you want to run the app

Connect a hard drive

• Use gparted on your desktop Linux to create a simple ext4 partition on the hard drive
• plugit into the raspberry
• check if it connected with lsusb
• copy the hard drive's ID from blkid
• create mount directory with sudo mkdir /media/hdd
• add a line to sudo nano /etc/fstab UUID=[uuid-you-copied-from-the-line-above] /media/hdd ext4 defaults, nobootwait 0 0
• save the file, reboot.
• set up hdparm
  • more under hard drive setup on a Raspberry Pi

Find your device on the internet

In order to log into your device from anywhere, you need to find it on the internet. As most ISPs regularly change your IP address, you can not just save it as it'll change. You need to use a third party service that tracks your IP and maps it to an actual address, like whatever-you-like.dynv6.net . We need to set up a crontab job that runs regularly and keeps the third party - in this case dynv6.net up to date.

Set up dynamic DNS dynv6.net

• create dnsupdate.sh from Dynamic DNS update scripts and add running permissions with chmod +x dnsupdate.sh
• register to the DNS server and enter data to script
• create cron tab crontab -e */5 * * * * /home/pi/dnsupdate.sh
• run ~/dnsupdate.sh -> see if it updates on dynv6.net status page

Create syncthing service

sudo nano /lib/systemd/system/syncthing.service with the content:

[Unit]
Description=SyncthingSynchronization
Documentation=man:syncthing(1)
After=network.target

[Service]
User=pi
ExecStart=/usr/bin/syncthing -no-browser -no-restart -logflags=0
Restart=on-failure
RestartSec=5
SuccessExitStatus=3 4
RestartForceExitStatus=3 4

# Hardening
ProtectSystem=full
PrivateTmp=true
SystemCallArchitectures=native
MemoryDenyWriteExecute=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

enable and run it with

sudo systemctl enable syncthing
sudo systemctl start syncthing

GUI through SSH Tunnel

If you are using linux, there is a simple way to log into the UI: just add a port redirect into your SSH config file ~/.ssh/config:

Host piname
   HostName piname.dynv6.net
   User pi
   Port 3456
   IdentityFile ~/.ssh/id_rsa
   LocalForward 3333 127.0.0.1:8384

• now if you ssh piname it should properly connect if everyithing works fine.
• type in localhost:3333 and you should now have access to the interface
• add your devices already on

Caveats, Bugs, Look out for this

Constant conflicts? Probably becvause you have multiple file systems! This has to do with permissions. Fix: Folder -> Edit -> Advanced -> Ignore permissions: true

tech raspberry pi syncthing personal cloud storage

---

• MySQL 5.7 on Ubuntu-Debian installation troubleshooting ▶