Remote web server for backyard camera
What is in this article
- Can be the most secure option listed here, but requires you to configure a web server on a VPS and involves more work than other methods.
- This article only discusses the rclone config. There are many existing documents on how to configure a web server to serve static files and/or enable SSH/SFTP access.
- For the
copymotionscript below it is assumed that the directory from which the web server is configured to serve the files is
/var/www/html/motionand that is writable by the user used to SFTP the files to the server. You should adapt the script as appropriate if you configure the web server with a different directory.
- We further assume that the
rclone‘remote’ is called
remotewebfor this server.
- You also need to configure SFTP as described below.
Configuring SFTP for use with rclone
- Create a passwordless SSH key for the
motionuser to upload to the VPS (it is recommended the user on the VPS only have permissions required to upload motion files to the correct directory. This is known as the principle of least privilege).
sudo -H -u motion ssh-keygen -N '' -C motion@$(hostname -s) -t rsa
Make sure the
.sshdirectory and contents are only accessible to
sudo chown -R motion:motion /var/lib/motion/.ssh && sudo chmod 0700 /var/lib/motion/.ssh
The public key to copy to the VPS
$HOME/.ssh/authorized_keysin this case would be
- Make sure
/var/www/html/motionis has read, write, and execute permissions for the user with which you use SFTP (usually the same as your SSH user). For the purposes of this documentation we will assume the username is
- For example:
sudo mkdir -p /var/www/html/motion && sudo chown -R motion-uploader:motion-uploader /var/www/html/motion.
- For example:
- Add an SSH public key for the Pi
$HOME/.ssh/authorized_keysfile for the
motion-uploaderuser on the VPS.
Configuring the Pi
To create an new rclone remote as the
motion user, execute:
sudo -H -u motion rclone config
SFTP as the backend and answering the prompts appropriately.
copymotion script for copying to a remote web server directory when using the above autocopy configuration in
Copy this script to
#!/bin/sh ( rclone copy /var/lib/motion/data remoteweb:/var/www/html/motion & )
NB This script assumes you have configured the destination for videos and photos to be
/var/lib/motion (which is the default). This is because the rclone config lives in
/var/lib/motion/.config and we do not want to copy it to the web server.