Headless Raspberry Pi with VNC Browser


#1

I have a remote setup at a location that is about 3 hours drive away on a mountain peak. The setup looks as follows:

Huawei B315 LTE router -----ethernet----- Laird RG186
                               |
                               +--------- Laird RG186
                               |
                               +--------- Raspberry Pi (Resin.io)

Both the Huawei B315 and the Laird RG186 can only be configured via a web browser, not via telnet or SSH.

I am looking for a resin.io setup I can run on the Raspberry Pi that will allow me to access the other devices over an HTTP/HTTPS connection. I guess this would be possible using the resin.io SSH terminal and a CLI web browser. It would however be much nicer if I can get a full GUI web browser connected to the other devices.

Is there any way to do a port forward (SSH -D socks proxy), or some VNC setup on the Raspberry Pi? I know this is possible without resin.io and doing port forwarding on the LTE router - but I would like to have the stability of resin.io and without touching the LTE router’s current configuration.

Update:
Elinks from the resin.io online terminal doesn’t work, as Elinks doesn’t support javascript, which the Huawei B315’s web interface requires.


#2

Hi JP,

In situations like this you could run a reverse proxy on the device and configure it to connect certain paths to internal network locations – ie you could configure it that {public_url}/router goes to your Huawei device, and {public_url}/someOtherDevice goes to, well, some other device :slight_smile:

You can enable the public url for a device via the resin.io dashboard, which will be available online and transported over the encrypted VPN connection to resin.io

You would want to make very sure you have proper security setup for those url’s – Either via using strong passwords or certificates.


Hope that helps!


#3

Interesting that you mention a reverse proxy. I was trying to set up a Squid server on the resin device, and trying to use the Public Url to connect to Squid, and via Squid to the other devices. This failed unfortunately, likely because port 80 is translated to https port 443 on Resin’s side.

You reverse proxy idea makes sense, but the problem is that one will need to know the IP addresses of the other devices. I guess I can find this out via ARP in the resin terminal and then set some Environment Variables to reconfigure the reverse proxy with them.


#4

Squid is a fine option as well – The one reason I recommended ngix is because it’s slightly easier to configure and uses less memory – However either one would be fine.

You’re correct that you have to make sure the reverse proxy configuration works with listening on port 80, but the actual request headers thinking it came in on 443

As far as device discovery goes, it really depends on how much you want to engineer it vs a manual configuration – if it’s a one off setup manual configuration via ENV variables is indeed the way to go.

If on the other hand you’re considering deploying a similar setup in other locations., you could build a script that connects to a central internet connected server and posts it’s IP and device name to it (along with a ssl signature to verify it’s indeed from one of your devices) and use that database to list the other local devices.


#5

I finally found a working way to do this. Only one device can be proxied at a time, because many webinterfaces relies on the fact that the content is hosted on the root. So it fails when proxying it under a path. This is fine as I only want to access one device at a time, and changing only an environment variable to access another device is easy enough and allows one to add other endpoints without having to update the container on the raspberry pi.

Code is on Github: