My name is Jelle and I'm on a almost year long cycling tour.
I developed some hard and software that allows you see the things that I'm seeing on my trip.
// How it works //
The website is hosted from my bike and is getting power directly from my hub-dynamo. The fact that you are reading this now means that I am cycling now! Neat right? To convert the AC power that is coming from my dynamo to DC power that the Raspberry Pi 4 needs to host the website I am using the Forumslader V3 made by Jens During. It is a clever device that converts the energy very efficiently. One of the two USB outputs of the Forumslader is used to power a Raspberry Pi 4 and I'm using the other output to charge my phone, GPS, earbuds and laptop.
The Raspberry Pi gets an internet connection via my phone's hotspot. Although it is easy to access website in this way it turned out to be quite complicated to actually host a website over a cellular network. The problem lies in the fact that the cellular network doesn't have a static IP address which is needed to point a domain to. To solve this problem I'm using a VPS which does have a static IP and I'm using a SSH-tunnel to route all requests on port 443 (https) and 80 (http) to the Raspberry Pi. Jeff Geerling wrote a very comprehensive guide on how to accomplish this --> link to Jeff Geerlings guide. This worked almost 100% for me but I noticed that it would sometimes have trouble starting the tunnel. One of the problems was that the SSH-tunnel would occasionally be binded to the wrong IP address. The raspberry pi apparently has more than one IP addresses sometimes. To mediate this problem I added "-b
Using my phone's hotspot works but I'm quite limited by the amount of data that I have available per month. I wanted the Raspberry Pi to use as little data as possible serving the website and sending all the pictures over the cellular network every time the website would be loaded would be a bad idea. Therefor I'm using the webspace from my other website jellereith.nl to store all the images. When the button to take an image is pushed/clicked the Raspberry Pi send's that image to that webspace, after the file has been successfully uploaded it tells the client to load the image from the webspace by proving a link to the image.
The images that the Raspberry Pi makes are 16mp (the camera could do 64mp but the rolling shutter is too bad in most cases so I reduced it to 16mp). The JPG files are about 2.2 mb in size. Using images of this size on the website would make it very heavy to load and serve as well so I'm scaling them down to 200x160 pixels with a file size of about 25kb. It is however possible to access the full resolution image by paying me 1 euro via the PayPal link. When a payment has been made the high resolution file is uploaded to my server and is available to everyone to see.
//Logs//
Here I will try to keep a log of things I learned / did to make the system more reliably
//MTU size problem//
Problem:
I was getting this error on my ssh-tunnel --> SSH2_MSG_KEX_DH_GEX_REPLY
This error is related to the MTU size of my network. By default it was set to 1500 but somewhere between the raspberry pi and my VPN there is a router which can't handle this packet size. This problem occured after I moved from Sardinia to Barcalona so it might have to do with the cellular towers in Barcalona.
Fix:
I added this --> 'ifconfig wlan0 mtu 1200' to rc.local after --> '_IP=$(hostname -I) || true'
//Renewing certbot certificates//
Problem:
Certbot needs port 443 and 80 to renew certificates but on startup those are claimed & after renewal node doesn't have the rights to use the certificates.
Fix:
Stop node --> pm2 stop 0
Renew certificates --> sudo certbot renew
Give rights to node --> sudo chown raspberrypi_node_u ser -R /etc/letsencrypt
Reboot pi --> sudo reboot now
//Using tailscale instead of ssh-tunnels//
Problem:
The ssh-tunnel takes a long time to reconnect when it closes down unexpectedly.
Fix:
Currently I'm using tailscale to solve the GC-NAT problems. My VPS is running a ngnix server configured as a reverse proxy. It is also handling the ssl certificates. Traffic coming in on port 443 is forwarded to the tailnet IP of this raspberry pi. I had to remove the custom MTU settings from rc.local in order to make the connection fast(er).