Having got OctoPi working, used PuTTY to access the Pi and can view using the camera everything is setup to play. I'm sure I read that access is possible over the web, but I assume this needs a change my router?
1. Conf unique port for OctoPrint in your router under portforwarding section (let say we use port 1000), and forward it to your local OctoPrint IP adress. Local IP adress is the same you use to access it with Putty. 2. Get free Dynamic Dns name. Like MyOctoPrinter.freedns.com. Google it. 3. Now you access you Octo from anywhere at this adress: Http://MyOctoPrinter.freedns.com:1000/ Good luck!
BUTTT make sure You have credential setup for your Octopi web interface with kind of strong password. Or some stupid troll can do bad stuff with your printer/ prints.
@Old_Tafr , let set up a me know if you get this working, and how you managed. I have had no luck with it. I was unable to forward port 5000, or any other port, successfully to the internal IP of the OctoPi.
Do you have a Internet connection which can be reached from outside? I have a so called ds-lite (dual stack- lite), in Germany, which is a ipv6 with some tunnel/proxy thing on the ISP side for ipv4. So I can not access or port forward with ipv4. Maybe with IPv6 but my other devices and Internet accesses (work) do not have IPv6.
hmm almost, but it is kind of dictionary based, so not the strongest... "004234r2nmkr92rjp23~$2323423##423423ahhhhhh" would be good
And change default raspberry pi username and password if your exposing it to Web as well! Also look up raspberry pi vpn server for some other guides of how you could do this
I have not tried yet as I have a somewhat simple router (so config may not be possible) and need to be away from home to try it. I have another router but this means lots of changes which will affect others at home unless I can have both running (router and modem are separate in my case so it may be possible to have two routers on at the same time, more trawling of forums ! ) Things I would look for are putting the Pi in the "DMZ" this is a zone between the Internet and your home network so access is not given to ALL your network when you do the port forwarding. This was not mentioned in the original instructions. Separately (WiKi will get updated) not only give OctoPrint a strong password and login name but also change the default password for login on the Pi too (the bit when using PuTTY in the instructions gets to this) Some routers don't allow the protocol for some types of remote access (I need to check on this) Let me know what make and type of router you have. Did you setup a "dynamic DNS" name with a free service? (OR get a fixed IP address from your ISP?) Don't tell me what the address is as this ends up being a security risk for you, especially with robots connecting to forums. Did you put the port number after the name? like ........myhomeaddress.com:5000 (see the original example above. the :5000 is the port you have forwarded. You may or may not need the / after the port number.
Also check that your Pi IP address remains the same (otherwise the port forwarding won't go anywhere other than the ether) Depending on how you feel about configuring your router and/or your Pi it is better to give the Pi a fixed IP address (a little simple Linux) OR extend the lease time for DHCP on the router (weeks) so the Pi always gets the same IP address. If you give the Pi a fixed address then choose one outside the DHCP range of the router. Shout if you need help on this.
Setting up a VPN is not too difficult depending on your skill level and the ability of software and if the router supports the protocol you use, but it may complicate the issue at the moment Simpler just to sort out the port forwarding, get the Pi in the DMZ, get a fixed IP address and or use dynamic DNS so all these things known and then sort out why it isn't working.
One other thing to be aware of if you are going to make it accessible from outside. Out of the box when I tested it, octopi seems to have an issue in that your print queue (including download capability of gcode/stl's) and the camera feed are accessible even when the user is not logged in. That's a nasty design decision IMO but likely easily fixed through configuration or modification.
That's correct but I do not think it's nasty. It was decided so it is. You're free to develop an admin that adds more sophisticated user management. TO sum up the rights again: Everyone can access OP and see what is printing, see the stream, see the files, download them. (If you got access to OP, that means know the IP or DNS, if you routed through your firewall then everyone who knows your public IP or if you have a dynamic DNS then that name.) A registered user can print and control the printer, delete files, delete time lapse videos I think. An admin can configure OctoPrint aka change the settings. That's it. I do not know an admin which improves that at the moment. Maybe someone else has an idea?
Taking a neutral view, it is possibly the lack of awareness that is the "problem" Most people I guess would not know that such information and control was accessible by anyone, albeit only accessible to people with a reasonable knowledge of the Internet IP and DNS. The fact that someone could be accessing at least part of your network would more than irritate most people. The fact that no one had informed them that this was possible would be more irritating. The difficulty then becomes that most of us with a limited knowledge of Linux don't have the skills to restrict access via a login. The way the WiKi is written implies that OP is secure if you set a username and password. Maybe if there was information on how OP was configured and a choice of which you wanted?
As I say just IMO but it isn't restricted to people that know your ip or dns, there is little to no security to obscurity. It took me all of a minute to write a custom search query for one of the device search engines out there and discover a good number of machines sitting online. Hell there are even machines being indexed by Google if you know what to search for. Admittedly do it on a non standard port and it becomes a lot harder to find, you are probably in the realm of more targeted attacks and not just discoverable then. Certainly mine will be behind another layer of authentication if I put it online.
I access OPrint only via VPN. I have a snapshot pic on my homepage though and I am thinking about using the OPrint API to show stats or what model is printing... A little work but definitely the safest option...
