Running an ASP.NET Core 2.0 app on Raspbian Stretch Linux on a Raspberry Pi with HTTPS

Today’s challenge: Serve a public API over HTTPS from a Raspberry Pi. I’ll follow up with an article about containerising the app and running it from docker on the Pi.

This article is a fast-paced guide to getting started without stopping to dwell on the details.

Some details will be mopped up in the last section for those wanting to know more.

Prepare the Pi

On your development machine (you won’t need to interact with the Pi directly, so no 2nd keyboard or monitor required):

  • Grab an 8Gb or larger microSD card and use Etcher to flash the Raspbian Lite image to the card.
  • Create an empty file in the root of the microSD card called “ssh”, with no extension, this will enable ssh on Raspbian.
  • Put the microSD card in the Pi, plug in a network cable and then plug in the power
  • After a minute attempt to ping the pi:
ping raspberrypi
  • If you get a response, ssh into the pi from a Bash shell (on Windows, you can use the bash shell that comes with Git):
ssh pi@raspberrypi
  • The “pi@” means you’re logging in as the “pi” user account. The default password is “raspberry”.

Installing the .NET Core prerequisites

This bit looks hard but is quite easy (thanks Dave).

At the ssh prompt, install the .NET dependencies by running each of the following commands (you can copy and paste these commands straight into bash):

sudo apt-get install curl libunwind8 gettext
curl -sSL -o dotnet.tar.gz https://dotnetcli.blob.core.windows.net/dotnet/Runtime/release/2.0.0/dotnet-runtime-latest-linux-arm.tar.gz
sudo mkdir -p /opt/dotnet && sudo tar zxf dotnet.tar.gz -C /opt/dotnet
sudo ln -s /opt/dotnet/dotnet /usr/local/bin

you can check if the .NET Core runtime has been installed by running:

dotnet --help

You should now see some the runtime command line options.

Configuring the App

If you don’t already have an ASP.NET Core app:

  • Download the SDK for your platform (Mac, Linux, Windows) from https://dot.net and install it
  • Make a new directory and navigate to that directory at the command line.
  • Run:
dotnet new react

By default, a new ASP.NET Core application will be set to only listen to requests only from the TCP/IP loopback address (127.0.0.1 or localhost), so:

Open up Program.cs in your ASP.NET Core app and change the BuildWebHost method to add the following:

public static IWebHost BuildWebHost(string[] args) =>
    WebHost.CreateDefaultBuilder(args)
        .UseKestrel(options => {
            options.Listen(System.Net.IPAddress.Any,
                5000,
                listenOptions => {
                    listenOptions.UseHttps("raspberrypi.pfx", "<your-password>");
                }
            );
        })
        .UseStartup<Startup>()
        .Build();

This means that when the app runs on the Pi it will accept requests to port 5000 from external clients.

Please note, Kestrel is not a supported edge server, it is designed to run behind a reverse proxy such as nginx, Apache HTTP Server or Microsoft IIS when exposed to the outside world. Read and understand this before you open up your Pi to the big bad interwebs.

Deploying the App to the Pi

I’m not offering DevOps perfection here, I’m afraid we’re just going to FTP the app across to the pi. But first we need to compile the app so it works with the Raspberry Pi’s low-power ARM processor.

On your development machine, drop to the command line, navigate to your project directory and publish your app so it works on Raspbian by executing the following command:

dotnet publish -r linux-arm

This creates a bin/Debug/netcoreapp2.0/linux-arm/publish directory that contains the binaries for your ASP.NET Core app.

Grab your favourite FTP client. If you don’t have one, FileZilla will do the trick.

Connect your FTP client to your Pi by entering the following details:

Host: raspberrypi
Username: pi
Password: raspberry
Port: 22

The FTP client should show you the directory structure on the Pi. Copy the contents of your linux-arm/publish directory to any path on the pi (I chose /home/pi/piservice/) using the FTP client.

HTTPS

We’re going to use a self-signed certificate to show HTTPS is possible. In a real-world scenario you’d sign a relatively short-lived RSA keypair with a certificate signed by a trusted root cert (and also, you’d probably not use a Raspberry Pi and publicly-exposed Kestrel Web Server to run your services, but hey ho).

SSH into your Pi again and run the following command to create a public and private key pair that will be valid for a year.

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Next, generate a .PFX file from the two generated PEM files (thanks to Pete S Kelly):

openssl pkcs12 -export -out raspberrypi.pfx -inkey key.pem -in cert.pem

This creates the “raspberrypi.pfx” file that your ASP.NET Core app now refers to in Program.cs.

Running the app

At the SSH prompt, tell the .NET Core runtime on teh pito start your app:

dotnet <yourappname>.dll

<yourappname> will be the name of the project you created if you used Visual Studio, or the name of directory you created that you ran dotnet new in. Typically this will be something like HelloWorld.dll or Acme.Web.dll, etc.

If all has been successful you’ll see the following echoed in your SSH session on the Pi:

pi@raspberrypi:~/piservice $ dotnet src.dll
Hosting environment: Production
Content root path: /home/pi/piservice
Now listening on: https://0.0.0.0:5000
Application started. Press Ctrl+C to shut down.

(My emphasis). From your development machine you should now be able to begin making requests to your app hosted on the Pi, https://raspberrypi:5000/

You will get errors about the certificate being untrusted, this is expected as your development machine has no reason to trust the little $30 computer, but you can skip past them – or read the final section of Peter Kelly’s article to learn how to trust the Pi’s self-signed certificate.

Making it Public

This is where things turn a bit vague as it’s up to you how you set up your network.

At the most basic level you need to tell your router to send traffic to port 5000 on your Pi. This usually involves adding a Port-Forwarding Rule. You’ll need to know your Pi’s IP address to set up the rule, so it makes sense to either give the Pi a static DHCP lease. Please refer to your router’s user guide for specific information.

To call your Pi from the outside world you’ll need your router’s public IP address – of course it’s best if this is static, ask your ISP if this is an option – and then you can set up a domain name to point to this IP address.

You can get a proper SSL certificate for your domain name from LetsEncrypt, or any other certificate provider.

Note: You’ll get SSL certificate errors when using a self-signed certificate, and browsers may stop allowing access to sites where the certificate doesn’t match the public domain name.

Follow Up

I’ll follow up soon with an article on containerising the ASP.NET Core app and running it on Docker on the Pi.

 

Learn to Code (An Intermission): Code.org

The founders of Facebook, Microsoft, Dropbox, Twitter and many more top tech companies have provided their voices and recognisable fizzogs to this latest video from Code.org. Code.org promotes the principle that nobody is born with the ability to code, or play basketball, or drive a racing car: it is a learned skill. The biggest hurdle is that first step overcoming the apprehension of the unknown. That’s something that all of these people have done. From humble beginnings and all that jazz…

 

Learn to Code: Chapter 2 – Black Tie Function

She only wants you for your brain…

This is the third part of my Learn to Code series. The previous part is here: Chapter 1 – Meet Bob.

 

See Bob. See Bob Run. Run Bob, Run!

We last spoke about making Bob run 5 miles. We were going to do that by performing an action – a “function” in programmer parlance – called “run”, and give the number 5 (meaning the miles he is to run) to the function. We do that like this:

bob.run(5);

 

The problem is, we haven’t said what “run” actually means or does. Later we’ll use code that already exists but this time it’s all up to us. We’re going to have to write this “run” function ourselves. Again, this is a very easy thing to do once you understand the pattern you use.

function (miles) {
}

 

Here we say we want to create a “function” and that the function will take some information in brackets that we can refer to by the name “miles”. You see, when information (such as the number 5) is “passed” into the function, it is important that we can get to it because we can use it to change how the function operates. You can write a function once, but pass different things to it each time and it will behave differently every time. That is the real beauty of programming.

You will notice there aren’t any semi-colons in the bit of code above, this is because we are using a pattern that the computer will understand – those curly brackets (called “braces”) tell the computer when you’re starting and stopping to describe your function. However, when we write code inside those braces, we still must use semi-colons to differentiate one .

The devil is very much in the details when programming. Different programming languages have different requirements for WHERE those curly braces go. Sometimes they should be on the same line as the start of your function, and sometimes they go on the next line down. Like this:

function (miles)
{
}

 

But the language we are learning needs them to be on the same line as the word “function”.

Here’s an example of combining curly braces and semi-colons. Gosh it’s getting complicated… but stick with it, this is as complex as it gets. let’s write some code inside the function that uses that number 5 that was passed in, which we can refer to as “miles”:

function (miles) {
    return miles + miles;
}

 

This is now a fully-functioning function. If you’ll pardon the pun. Although… not a particularly useful one. Yet.  Continue Reading “Learn to Code: Chapter 2 – Black Tie Function”

Learn to Code: Chapter 1 – Meet Bob

You understand that, right?

This is the second part of a series of articles called Learn to Code. Click here to go to Chapter 0, “Wax on, Wax off”.

 

Learn to Code

Well done. You’re now a World class programmer! And you’ve been given a brief  by your customer who wants you to write some software for them. The following sentence is the first line of their brief to you:

“Bob is a man. He is 30 years old. He can run 5 miles.”

What a peculiar start!! But bear with me. Remember, in order to start programming, we have to fully understand the real-world thing we are transforming into some computer code. Let’s take that sentence apart and write some bullet points about what we know about Bob:

  • Bob is a “something”.  A real thing. A proper object.
  • That thing is categorised as a “man” (whatever that is).
  • Bob has something called an “age”. The value of his “age” thing is “30”.
  • Bob can perform an action known as “running”.
  • Bob can do that action for “5 miles”.

 

Sorry for all the quotation marks and playing-dumb, but all will become clear as we move through this lesson.

Like pretty much anything in the universe, Bob can be defined by a set of “properties” (like his age, height, inside leg measurement) and the actions that he can perform (like “run”). In proper programming, we call these “properties”, “properties” (hahaha, surprise! I slipped a programming term into your vocabulary!). Slightly more complex, we call the actions he is capable of performing, “methods” or “functions”, depending on which programming “language” you’re using. We’ll use the term “functions” to start with because the first programming language you’ll use demands this terminology.

The programming language we’ll start with also prefers things to start with a lowercase letter. For now, just accept that, we’ll cover why later. Let’s start by creating Bob in code.  Continue Reading “Learn to Code: Chapter 1 – Meet Bob”

Learn to Code: Chapter 0 – Wax on, Wax off

Warning! Programming might not make you rich. On a completely different topic, here’s Paul Allen’s private yacht, “Octopus”. (He’s a programmer).

So you want to learn to code? Well this is the right place. I assume no prior knowledge, except knowing how to turn on a computer, open a text editor such as Notepad, and have some idea of the operation of a keyboard. It may not be immediately obvious WHY I’m covering some of the topics in this article, but rest assured that, like Daniel-san painting fences or waxing Myagi’s car, it is all about preparing your state of mind.

Actually, while we’re on the subject of films, before you begin, make sure you watch The Social Network and The Pirates of Silicon Valley. They’re essential viewing for wannabe programmers!

 

Basic Mathematics

WAIT! Stop! Don’t be afraid, we’re only going to touch the absolute basics. Primary school stuff. Nothing else. That’s all you need!

Really? I hear you ask. Yes!! You don’t need to be a maths whiz to be a great programmer. Leave all that business to the computer!!

If you’ve ever written this:

1 + 1

…you’ve written a “program”. A program is simply a set of “instructions” for the computer to perform. Even if it’s just 1 + 1! Sure, most programs are a lot more complicated than adding 1 to 1, but at its most basic, that’s it. Easy!

Computer programming (also known as “coding”) is usually done to replace human effort with automation. The first step in any coding project is usually to break the real world problem down to its smallest parts. That way you can better understand what it really is that you’re turning into code.  Continue Reading “Learn to Code: Chapter 0 – Wax on, Wax off”