Pi setup basics

I have something I like to do with my Pi just for the quality of life. Some of these measures may be slightly different for you. You can securely skip this part and go directly to library dependency configuration if you already understand how to set up WiFi and adjust your Pi accordingly.

Connect directly your Pi to the HDMI.

I alter the font in my terminal to Monospace 14, depending on the monitor you are on or how old you are. Makes reading much easier. I also alter my keyboard layout in US->English preferences. The default is UK->English with unforeseen symbols to me.

If you use WiFi, one thing you certainly have to do is to be sure that your WiFi nation is set wherever you are in the Pi environments. If it’s set for Germany and you’re in the U.S., it probably won’t operate. Sometimes distinct country combinations operate, but it is quite random and better to simply put it in place.

The next step is to ensure that your Pi can connect to the web. Either a plugin for an ethernet cable or if you are using WiFi, your pi can scan for networks. Run it from a Pi terminal:

Pick the one you want to use, remember the SSID.

Note that this will override any existing WiFi settings, so transfer the file to be a backup if you want to save the present settings. This is possible with:

Then run:

You’re going to replace the contents of this file if there is one of two things in it. If your WiFi has a password, use the following:

If no password is available:

Now that you have a WiFi setup in there, you need to restart the WiFi service.

You should now be able to check by running WiFi:

You ought to have an IP address. It likely begins with 168.1 or 127.1 depending on the setup of your WiFi (unless 127.1.1 is not correct for this).

If it fails, and you don’t have an IP address. You can try:

This resets the WiFi difficult. If STILL doesn’t work, attempt to fully reboot the Pi with:

Now that you are a Pi, let’s get it set up to have all the dependence on Python we need.

Library dependency setup

If you are new to Linux, Pi, and all stuff apt-get, each step will make a change of spewing a lot of texts about what you are requesting and what dependence it has to give you what it will be installed on your Pi. If you want to understand what all this means, the websites for each library explain quite well what the library means. I’m just going to TL;DR each to blur on what a library is used for.

Make sure we’re up to date first:

This ensures that the list of locations from which your Pi gets its libraries is current. Sometimes these repositories move around, become deprecated and so on, so it’s always nice to start a project with that. Please note that if you use Raspbian, they also constantly update it, so some of these dependencies can just say that they’re already there. That’s all right, it’s just everything you need, for the sake of completeness.

The next step is to get the parts for the safe IoT Core connection. Authentication is carried out via JWT rather than the user/password because it is much safer. The library is pyjwt, which relies on a cryptographic library called Python. Why do I say this to you? Because you need certain basic libraries to install these parts. Run each of these instructions to get them:

We use MQTT for this demo, so we need the library to use this protocol, paho-mqtt. Run:

We use pyjwt for our encryption. Run:

The cryptography library depends on our JWT library for cryptography. Run:

And lastly I’m using my telemetry information with a Sense HAT. It’s lovely and simple because it offers telemetry sensors, a good API and the library is pre-installed on Pi Model 3. If you don’t have a Pi installed, simply run:

Preparing the Google Cloud Platform

When you haven’t done so before, go to the Google Cloud Platform landing page and press the “Try Now” button. It’s the most seamless if you have a Gmail address, but if you don’t have one, you can still do that. You can use any email address to go here to establish a Google account.

Once you’ve set up the account, head to the console. The first stage is the billing process. Be aware that, if you’re the first time you’re doing it, setting up the Cloud project will give you $300 in Cloud credits, and there’s a generous, free tier so you’ll probably not hit any paywalls while trying things.

The first step is to enable Cloud IoT. A number of ways to get there:

1) Put 

 into the search bar in the console
2) Select it from the top-left hamburger menu. IoT Core’s close to the bottom.
3)Click this link.

By clicking the Enable button, the user can use IoT Core with suitable permissions for the default safety guidelines. If you want to do this by hand, make sure your IoT user is authorized to publish in Pub / Sub. IoT Core bridges Pub / Sub device emails for you, meaning that you need to have written approval. These permissions are processed in the console portion of the IAM. Dragons. There are dragons. I’d just suggest that if you’re comfortable with the Google Cloud Platform.

We will then generate your registries to live on your IoT devices. Registries are logical device groupings. So if you do like an intelligent construction infrastructure, each database could constitute device value for a construction.

The easiest way is to generate the device registry from the IoT core console page and, as part of this method, you can choose to generate a Pub / Sub topic inline in the dropdown to a default telemetry topic. Select the region nearest you and enable MQTT and HTTP protocols by default. It’s easily left alone unless you know you’re only going to use one versus the other. This blog’s instance code uses MQTT.

Now in IoT Core we need to generate ‘ out ‘ device representation. Click the DeviceButton on the page opened when you built your registry.

Give it an id and leave them all alone. Here we will generate an RSA with x509 wrapper for the SSL certificate, but you can see how to generate the other choices here, if you want to view them. Make sure you pick the suitable cert type radio button. By default, the radio button RS256 can be selected, so, if you just create the cert using the code snippets below, select a public key format RS256 X509 radio button.

Openssl has been installed for the default Raspbian installation. If you run a custom OS on the Pi and there is no Openssl installed, you should be able to execute the Pi and put the private key on it later. Run the following to generate the key:

You can either immediately upload the key or copy / paste the important contents. There are two radio buttons on the device page to select how you want to do that.

To upload, please press the radio button on the Upload Device page. Browse the demo.pub key and pick it. Click the Create button and scroll down. The freshly generated device should then be seen in the list on the registration details page.

On a computer that can’t operate the webpage, when you run Openssl instructions, leave the radio button on the manual and operate on your device:

And all (including tags) are copied between:

Paste it into the text box for the Public key value.

This covers the Google authors confirming that your device is all right to speak to Google. The last piece of safety is to take Google roots.pem file so that your device understands that it’s Google speaking. Again, if possible on Pi and off Pi and if not transfer it, run:

One last thing to configure. Pub / Sub is effective in that any emails sent to that subject will not be saved when nothing is listening to the pub / sub subject. Since subscriptions are not used in the past to collect emails, if no one is listening, then there is no reason to store them. Then enter Pub / Sub on the Cloud Platform console search field, or choose Pub / Sub from the hamburger menu to open the Pub / Sub page. You should at least see the subject mentioned above.

Click the 3-point menu on the right and select New subscription. Give it an I d. Give it an I d.

Now you have all the components configured to talk to your computer on Google Cloud. Just a few final bits with the code itself. We’re nearly there!


basics.py is the fundamental code you want to operate and get. As I stated earlier, Sense HAT is used to collect telemetry information. If you have one, you can change the variable block in the code to indicate and run the multiple parts you have set up.

The full path to the personal half of the main we’ve developed: demo private.pem is the ssl private key filepath. The root cert filepath is the complete route to the roots.pem which we took with wget above. Proje I d is the project I d of your computer linked to Google Cloud Platform. gcp location is the region you selected for registry creation. Registry I d and device I d are the ids that you gave to create those parts above.

If you want to use something other than Sense HAT, comment on any meaning reference and replace anything you wish.

Finally, I’ve commented on the real publishing line, so you can check to make sure ELSE works all over the cloud before spamming is started. That’s about line 100 (as of the moment this blog was published). I would suggest first running, then uncomment the line.

You should be able to run:

You should see messages on the console like:


If everything is working properly, then go ahead and uncomment the publish lines, restart and then after a bit (It’s a delay to Pub / Sub to return values by SDK, but the current publish time is quicker), you can confirm that the gcloud SDK is installed by executing this command everywhere (if you do not, go here for guidance to install it).

If everything has gone well, you should see your messages there!

Thank you for reading, connect your computer to the cloud now! Tell me your thoughts, think about a project.