The CORS test

I have a lot of photographs and saved in the cloud which I would like to share with you all! The problem is that I don’t want to do this in a way which will cost a fortune!

At the moment all my travel pics and so on are stored in a few different places.

  • Google Drive
    It was the most convenient service to use when I was on the move in 2014. Unfortunately there aren’t easy options for sharing. I can share all of my pictures one by one, but the total space is limited to 100GB (I won’t pay for a Terabyte!) and I have to share them one by one.
  • Amazon S3
    This is a fantastic storage service offered by Amazon, you can store unlimited amounts of data in a bucket manage sharing permissions centrally using a bucket policy, and I can even host them directly out of S3 using the web hosting feature.

The image above is shared directly from my AWS account over a secure SSL connection using S3. By offloading the static assets of my website to S3 I am reducing the amount of traffic (and therefore the load) that my Raspberry Pi has to service!

To stop other people from linking to my S3 images (I would have to pay for the traffic) I used a CORS configuration in my S3 bucket to allow only my own WordPress site.

(I will install the code snippet WP plugin when I have time!)

<CORSConfiguration>
 <CORSRule>
 <AllowedOrigin>https://wp.luke.plaus.in</AllowedOrigin>
 <AllowedMethod>GET</AllowedMethod>
 <AllowedHeader>*</AllowedHeader>
 </CORSRule>
</CORSConfiguration>

Hello World!

Hi, and welcome to the launch of my personal site.

I’ve decided to create this site for a few different reasons:

  • As a fun technical project to occupy myself on Sundays.
  • Because recently I’ve been frustrated with Facebook and other social media sites, but would still like some way of sharing content with my friends.
  • To have my own little piece of cyberspace.

So, maybe you’re wondering how I created this site?

I’m going to elaborate on this a little bit, in case you were curious, or interested in creating one also.

Luke’s Website: The making of

That’s right! My site is self hosted on my own hardware – a Raspberry Pi model 1. It’s just sitting in my living room, connected directly to the router via ethernet. I have the router set up to always give the raspberry pi the same IP address when the pi retrieves its IP via DHCP, and I have port forwarding set up so that the pi can service web requests from the public internet.

These features are available on most routers so you should be able to do this yourself. If anyone wants a look at how I set this up, I’ve scripted some of the setup. You can find it on my Github page here:

https://github.com/lukeplausin/raspberry-pi-scripts

My Raspberry Pi is running standard Raspbian (Debian), with a wordpress site served on PHP via Apache web server. There is an onboard MySQL database all running on the same hardware. I used letsencrypt for the SSL certificates and let the certbot do the SSL setup and configuration for me.

Since I take security seriously, SSL is required to view the site. I also have some security modifications enabled, such as fail2ban and the ModSecurity web application firewall.

Not bad for a 2011 model with 256 MB of RAM! Any techy people reading this blog will know that its not a high powered set up and can’t take that much load, but I don’t expect there will be that many visitors to the site. If it goes down due to overload or trollery then I’ll take a look at putting it into the cloud instead.

If you enjoyed reading this blog then let me know about it! Write a comment! And don’t be shy about asking questions!