Setting up a public web server using a Raspberry Pi 3

Very recently, I got hold of a Raspberry Pi 3 Model B. With the desire to setup a home automation system I first wanted to see if I could access the Pi publicly through my home’s internet connection. This would have been the easiest task by just port forwarding if not for my ISP locking down the router behind a NAT-1 switch. This crushed my dreams of being able to do what I wanted.

I started looking at online solutions to securely tunnel from the Pi to the internet and obtain a publicly accessible domain. This is where I came across Ngrok, a service that allows you to tunnel a port on a machine and expose it publicly. Their use case surrounds demos and testing without deployments. However I tried to re-purpose it to setup a webserver on my Raspberry Pi.

Setting up the Raspberry Pi

Here are the key components needed and steps to set up remote access to a Raspberry Pi:

Materials Needed:

Raspberry Pi 3
Micro SD card (8GB minimum, 16GB recommended)
SD card reader
Raspbian OS image
Etcher software to write the image
Internet connection (wired or wireless)

Download the Raspbian Stretch with Desktop image Use Etcher to write the Raspbian image to the micro SD card Insert the micro SD card into the Raspberry Pi and power it on On first boot, connect the Pi to a monitor, mouse, and keyboard Go to Preferences > Raspberry Pi Configuration Configure timezone, locale, and keyboard settings Go to Interfaces and enable SSH and VNC Open a terminal and use the ‘passwd’ command to change the default password This allows accessing the Pi remotely once it’s connected to a network, without any peripherals by using SSH or VNC over the internet/network connection.

Configuring remote access

Open a new terminal session and run ifconfig and note down the IP address

Run the following commands:

$ sudo apt-get update
$ sudo apt-get install realvnc-vnc-server
$ reboot
$ sudo systemctl enable vncserver-x11-serviced.service
$ sudo systemctl start vncserver-x11-serviced.service

At this point, remote access to the Raspberry Pi should be fully configured, both for graphical and terminal sessions.

You can now disconnect any unneeded peripherals like the monitor, mouse and keyboard. The Pi will still be accessible remotely over the network.

To connect graphically via VNC, download and install RealVNC Viewer on your local machine.

Open VNC Viewer and go to File > New Connection. Enter the Pi’s IP address in the “VNC Server” field. Give the Pi a friendly name for easy identification later.

Click “Connect” and you should see the Pi’s desktop interface load in a new window on your machine. This confirms graphical remote access is working as intended via VNC over the network connection.

The Raspberry Pi is now remotely operable from any device on the same network without any local monitors, mice or keyboards attached to the board itself. This makes the Pi much more flexible for various applications.

Enter pi as the username and the password you set earlier as the password.

You should now have a remote connection to the Pi.

Setting up a web server

For hosting the web app files, I chose to use Nginx given its low system resource utilization. However, Apache would work as well if additional web server capabilities are required.

To setup Nginx:

$ sudo apt-get install nginx
$ sudo systemctl enable nginx.service
$ sudo systemctl start nginx.service

Browse to in the browser within the Raspberry Pi and you should see a Welcome to Nginx page.

To change the contents of the site, navigate to /var/www/nginx and change the contents to the site you want to deploy.

Making the site publicly accessible

Now that our web server is configured locally, we need to expose it publicly via the internet. This is where Ngrock can help.

Head over to the Ngrock website at and sign up for a free account. They will provide an authentication token once you register – make sure to note this down, as we will need it shortly.

Ngrock allows us to establish secure tunnels between local developer resources and public endpoints, perfect for our use case.

$ cd /tmp 
$ wget
$ sudo mkdir /etc/ngrok
$ unzip ./ -d /etc/ngrok/
$ rm ./
$ ln -s /etc/ngrok/ngrok /usr/local/bin/ngrok

Create a new file ~/.ngrok2/ngrok.yml with the content below. This is the configuration file Ngrok looks at to begin tunneling. If you want to protect access to the site you can add an auth option auth: "username:password" and this will protect your site via basic auth

authtoken: your-auth-token
    proto: http
    addr: 80

Once we have Ngrok configured, we need to set it up to run as a service. This is so that we don’t need to keep a terminal session running.

Source: Setting up a public web server using a Raspberry Pi 3

About The Author

Ibrar Ayyub

I am an experienced technical writer holding a Master's degree in computer science from BZU Multan, Pakistan University. With a background spanning various industries, particularly in home automation and engineering, I have honed my skills in crafting clear and concise content. Proficient in leveraging infographics and diagrams, I strive to simplify complex concepts for readers. My strength lies in thorough research and presenting information in a structured and logical format.

Follow Us:
Scroll to Top