How to control Duet from outside local network

  • Hi everyone,

    I tried researching this and came across a post from wcj97 bout accessing the duet board from anywhere. This is what I would like to do as well with a webcam, but that thread was locked and lacking information.

    I understand I need to figure out how to setup a reverse proxy. Are there any good recommendations to figure out how to do this for this purpose? The google results on a broad "how to set up reverse proxy" search were a bit much to take in.

    I found the wiki post on webcams:

    This is great, but one thing I would like to do is make an octolapse like video. Is this possible going through the duet web control?

    Thank you all in advance for helping point me in the right direction!

  • "making octolapse like video" and "access duet from outside local network" are completely different things, with different solutions.

    Accessing from outside:

    • Most home routers will let you set one internal IP and one port on that IP to be accessed via your public IP and a different (configured) port. DO NOT DO THIS directly to a Duet. Even with a password on the Duet, it is just way too dangerous to semi-permanently expose a computer to the internet. Unless that computer has been specifically hardened (like, say, a reverse proxy).

    • My choice for RP would be a Raspberry PI running nginx. There are a TON of examples, like here and here and many more.

    Yes, they are complex. There is no "easy" or "pre-built" way to do this.

    • It is ESSENTIAL that you set up the PI to self-update every night. Zero-Day exploits are no fun. Attackers compromise one thing (in this case the Pi) and use it to get into everything else on your network.

    Time Lapse Video

    • Easiest way is simply to buy a camera that does this on its own, fire it up before the print, and let it run. Edit out the useless "before" and "after".

    • If you want one of the videos where the head is paused out of the way, that's a little more complex. The basic idea is to run a G-Code post-process script in your slice, or just run it by hand on the G-Code file. You could even modify the G-Code with a good text editor instead of a script.

    Nearly all slicers put a comment like ";Layer:22" at each layer change in the G-code. Insert after each of these comments G-code that moves the head out of the way, triggers the camera, and pauses for a short time, then move the head back and go on with the print.

    "Triggers the camera" is usually raising or lowering an IO pin that is, in turn, hooked up to the shutter release on the camera. This can be anything from a super-simple digital to a high-end Canon or Nikon DSLR. The better the camera, the better the resulting video.

    After the print, use any one of several free tools to make all the individual pics into a vid.

  • this may sound harsh.
    if you dont know how to do this, its a good indication that you should not do this.
    as danal said as soon as something is accessible from the internet, its under constant attack.
    the chance that you set up something incorrectly and allow other people to take over your hardware is not small.
    just look at the stories of thousands of mongodb set up according to a guide, that allowed the information to be accessible by anyone.

  • At least, use a non standard port, like 43267; there is very little chance they scan it, as they focus on standard ports with security breach!

Log in to reply