back to home

how to repurpose your old phone into a web server

this webpage is hosted on a drawer-bound fairphone 2 from 2015, running postmarketos

in this tutorial you will be guided through the steps taken to get there

you will need

step 1: installing postmarketos

first step is installing postmarketos on your phone

find your device in the devices page and keep that page throughout the installation

install pmbootstrap, the main command-line application for postmarketos

we'll first generate the image, then flash it to the device

generate the image

update the ports and initialize your device information:

$ pmbootstrap pull
$ pmbootstrap init

when asked for the codename for your device, provide the one listed in your device's page you opened above

when asked for which user interface to use, you can choose console (which should be the most minimal option) or fbkeyboard to have a minimal keyboard on-screen (which you shouldn't have to use thanks to ssh, but just in case, it's fun)

generate the image:

$ pmbootstrap install

flash the image

check your device's page for how to boot your device in flash mode

connect the phone into your computer and boot it in flash mode

next, check the Installation section of the page and follow any instructions listed there

finally, if you have not already, flash the image to the device:

$ pmbootstrap flasher flash_rootfs

then, reboot the device and verify that postmarketos starts-up correctly

step 2: setting up your server

now that your phone is postmarketos'ed, let's log into it

keep the phone connected to your computer and ssh into it:

$ ssh username@172.16.42.1

make the phone connect to your wifi network

$ nmcli device wifi connect your_wifi_network --ask

congrats, you now officially have your little local phone server

step 3: serving a web page

the built-in http server (busybox httpd) does not support tls (https) so i've opted for lighttpd instead

$ sudo apk add lighttpd

TODO i guess i should tell them to create the /var/www/html/ directory

write a webserver.conf in your home directory:

server.indexfiles    = ("index.html")
server.document-root = "/var/www/html/"

write a simple hello world html file:

$ sudo sh -c 'echo "<h1>hello, world</h1>" > /var/www/html/index.html'

add nftables rules to allow incoming and outgoing packets on port 80:

sudo nft add rule inet filter input tcp dport 80 ct state new,established accept
sudo nft add rule inet filter output tcp sport 80 ct state established accept

write a systemd service file for the webserver in /etc/systemd/system/webserver.service:

[Unit]
Description=Simple lighttpd webserver

[Service]
ExecStart=/usr/sbin/lighttpd -D -f /home/your_username/webserver.conf

[Install]
WantedBy=default.target

run the following to launch your webserver and start it on boot:

$ systemctl start webserver
$ systemctl enable webserver

running this command should show you the phone's local ip address:

$ ip -4 addr show wlan0 | grep inet | awk '{print $2}' | cut -d'/' -f1

on a typical home router it will have the form 192.168.1.x

test out the server by curling the website from your computer:

$ curl 192.168.1.x

you should see the <h1>hello world</h1> text from above

now type the ip address in the web browser of any device connected to the same wifi network, and marvel at your own tiny local digital garden

step x: tighten security

you'll be allowing the whole internet to see your device, so you'd better make sure not to leave the door open

(TODO setup ssh keys)

$ sudo nano /etc/ssh/sshd_config

add the following to the file

PasswordAuthentication no
KbdInteractiveAuthentication no

as a preemptive measure, i would recommend not to open port 22 (used for ssh) to the wider internet

this restricts you to accessing the phone only when connected to the local network, but you can set-up a vpn on most router boxes these days if you really need the remote access

step x+1: monitoring

TODO web monitoring, vitals monitoring

extra: maintenance

to update the packages on your server, run:

$ sudo apk update
$ sudo apk upgrade