Camera design and privacy

Hi arcologists, one challenge I see for upcoming houses and scaling our approach is keeping the construction sites secure at night and during the time we leave valuable tools, appliances, and belongings in the homes, before anyone lives there to keep an eye on things. Also, cameras would be key for things like monitoring garden growth, live-streaming construction progress, and other ways of engaging with a larger worldwide community and helping focus their attention on solving problems in Detroit. I think this would be the beginning of creating a sense of connection and shared struggle.

I have four Ring outdoor wired cameras at the house that need installing soon, and that would allow community members to help keep watch over all our houses, respond to intruders, and let our neighbors know we are committed to investing in the neighborhood and can also help safeguard the whole street.

I welcome concerns and discussions of privacy here as well, as we can and should mitigate many of those issues.

I’ve also asked Jason, a great local white hat hacker, to help adapt his open source camera system for Arcology, and I’d like to use this thread to discuss our requirements and brainstorm here. Welcome Jason!

The duties for this role are:

  • wire up existing Ring security cameras (requires some residential electrical wiring knowledge, I can help train)
  • design / prototype an open source camera system using inexpensive off-the-shelf parts that is documented with open formats (CAD, source code), on open platforms (instructables, hackaday, GitHub, etc), specs below
  • build and maintain two Arch Linux servers in the house to control light switches and plant watering remotely, via relays
  • create a website where community members can help monitor the cameras, water the plants, and interact with two way audio

Pay is $15 / hour, as an independent contractor, around 5 hours per week but negotiable, with preapproved materials list charged to a house credit card, until complete or either party wishes to end the arrangement. with a mutual work / collaboration / feedback log here in the forum, with some on-site installation work at 3731 Northwestern St, and potentially future Arcology houses. Most design and prototyping work can be done remotely.

Specs:
Essentially duplicate the Ring camera system

  • ideally power-over-Ethernet, okay for hardline power + WiFi
  • speaker system and microphone for 2-way audio
  • high power white LED lights that turn on with motion detection of humans (but not animals) at a range of about 6 feet
  • 3D printed custom case
  • recording of 1080p footage to a local server (triggered by motion detection)
  • time lapse camera mode, indefinite storage
  • mountable on a circular junction box plate interchangeable with Ring cameras
  • send text notifications, escalating to automated phone calls, when human motion is detected
  • log incidents to this forum using Discourse API

Most of the above requirements are open to discussion and flexibility. We hope you’ll have fun with this project, that it will be a valuable part of your portfolio, and you are welcome to duplicate and sell this system for other customers, of which we see a great need among community groups and owners managing farms and homes in Detroit. You own all copyright to your own work, which will be freely published here under an MIT or equivalent license.

I think I will take this on, pretty soon

1 Like

Let me know how I can help, in this thread @yfgame . These specs were started with conversation with @jjp with appreciation for his expertise and own system design in this area. They’re open to engineering input, and them’s that does the work makes the rules.

There are two ESP32 camera modules in an unopened plastic box in the middle cabinet of the second floor landing at 3731. You might have to dig around to find it, but I think you’ll find most of the equipment you uncover of interest for future projects :slight_smile: These cameras are only about $15 each, so much more affordable than Ring cameras, but just the video capture part. I think they are shields, so need to plug into an ESP32 board, which then provides the wifi, bluetooth, microphone, speaker, or any other features.

1 Like

So, the core of any system is something that can do frame analysis for motion and then decide what to do with the resulting alarm condition and put the evidence that triggered the alarm in various places for review and redundancy. Ideally this would include a constant stream of off-site backups without eating unnecessary bandwidth. The rest is just networking and access control. The extremely mature and open-source “ZoneMinder” project fits the bill, imho. I haven’t played with Arch, though it’s something I could attempt. I tend to stick with “enterprise” distros as they’re on a much longer EOL schedule, and I hate rebuilding servers every other year.

This is far from complete, but if anyone wanted to get a demo up and pointed at a camera locally, you could spin this up in a VM to take it for a spin and see if your cameras are going to be compatible;

--- INTRO:: 
Tested with Rocky Linux 8.5
Install from https://download.rockylinux.org/pub/rocky/8/isos/x86_64/Rocky-8.5-x86_64-boot.iso
If this is a VM, provisioning is highly dependant on how many cameras you hope to have it watching for you.  Try >=4-threads, ~4G and at least 20G storage, though it doesn't need to be preallocated for testing purposes.
Select "Server" meta, mostly default options, etc.  Post questions here if you get stuck and google isn't being your friend.  

--- FIRST LOGIN:: {adds webadmin panel on port 9090 and installs / enables GUI on boot if desired}
# systemctl enable --now cockpit.socket
# dnf update -y && dnf groupinstall Workstation -y
# systemctl set-default graphical.target

--- READY ENVIRONMENT:: {installs my standard monitoring packages and repositories}
# dnf install epel-release && dnf update -y
# dnf install sysstat screen htop glances bpytop
# systemctl enable --now sysstat
# rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
# rpm -ivh https://download1.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm

--- PRE - FIXES:: {fixes inability to install "mod_ssl" rpm}
# nano /etc/yum.repos.d/Rocky-PowerTools.repo 
	(CHANGE LINE:: "enable=1")

--- INSTALL ZoneMinder and Database packages::
# dnf update && dnf install mariadb-server zoneminder mod_ssl

--- FIXES:: {fixes fonts not loading in "dark" theme}
# cp -r /usr/share/zoneminder/www/fonts/ /usr/share/zoneminder/www/skins/classic/css/fonts

--- MOVE "Default" STORAGE:: {customize path to your liking}
# rsync -ar /var/lib/zoneminder/ /mnt/nvme/zoneminder/
# nano /etc/zm/conf.d/01-system-paths.conf 
	(update any reference to the destination path of last line)

--- READ ZoneMinder Reference Documentation:: {good practice}
# less /usr/share/doc/zoneminder-common/README.httpd

--- DATABASE Setup and Import ZoneMinder Tables::
# systemctl enable --now mariadb
# mysql_secure_installation
	"Enter current password for root (enter for none) : {press enter}
	Set root password? [Y/n] {press enter}
	New password: {type "zmpass" and press enter}
	Re-enter new password: {type "zmpass" and press enter}
	Remove anonymous users? [Y/n] {press enter}
	Disallow root login remotely? [Y/n] {press enter}
	Remove test database and access to it? [Y/n] {press enter}
	Reload privilege tables now? [Y/n] {press enter}

# mysql -uroot -p < /usr/share/zoneminder/db/zm_create.sql
	Enter password: {type "zmpass" and press enter}

# mysql -uroot -p -e "grant all on zm.* to 'zmuser'@localhost identified by 'zmpass';"
	Enter password: {type "zmpass" and press enter}

# mysqladmin -uroot -p reload
	Enter password: {type "zmpass" and press enter}

--- Configure ZoneMinder's "/zm" Website::
# ln -sf /etc/zm/www/zoneminder.httpd.conf /etc/httpd/conf.d/

--- Enable and Start Apache and ZoneMinder::
# systemctl enable --now httpd
# systemctl enable --now zoneminder

--- FIREWALL Configuration::
# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --permanent --zone=public --add-service=https
# firewall-cmd --permanent --zone=public --add-port=3702/udp
# firewall-cmd --reload

--- FIX SSL Certificate:: {optional}
# less /usr/share/doc/zoneminder-common/README.https

--- DISABLE SELinux and reboot::
# sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
# shutdown -r now

--- Access ZoneMinder Web Console::
Open Browser to: "https://<ip.of.the.server>/zm"
Agree to privacy agreement
Options - Storage - fix default storage path /mnt/nvme/zoneminder/events  {match custom path from earlier}
1 Like

I misplaced my onesheet for setting up wireguard, but I’ll add it here when I get around to it;

This is one of the ways to use the system on a mobile device more easily;

One other thing I’ve found useful in diagnostic / monitoring for WiFi cameras is called “ping plotter”
https://www.pingplotter.com/


You also may need to monitor the database threads during initial camera setup if the WiFi is spotty enough to cause problems (like in my Ping Plotter image);

# nano threadcount.sh {create simple bash script; uber-nested "mysql -e" is iffy)
-------> cut
#!/bin/bash
mysql -e"SHOW STATUS LIKE 'threads_connected%'" -uzmuser -pzmpass
-------> paste between lines, save
# watch -n0.5 bash -x ./threadcount.sh

--- Example::
Every 0.5s: bash -x ./threadcount.sh         hostname: Mon Mar 14 02:57:29 2022

+ mysql '-eSHOW STATUS LIKE '\''threads_connected%'\''' -uzmuser -pzmpass
Variable_name   Value
Threads_connected       26

The threads should be mostly stable at double your camera count. If it’s higher, then you have connectivity issues between your cameras and ZoneMinder that need sorting.

Regarding this desired feature:

I think the easiest way to get it up and running would be the upload to (s)ftp feature in ZoneMinder. Once you have your zones tuned and you know it isn’t going to flood the forum with false positives, it could be automatic. Otherwise you’d likely have it only upload archived video clips of particular concern that someone has visually audited and selected for upload through a ZoneMinder interface. You’d be able to quickly write a script that just waits for files to show up in a particular directory on whatever / wherever server and glue it together with a mix of API skillz and the cron daemon.

I’m interested in the hardware design, plus implementing MQTT or whatever for intercom features, including hardware design with some kind of Raspberry Pi or other SBC, but @yfgame was the last person involved that could handle CAD and printing afaik. It’ll likely be a bit before I can contribute again directly in this department. I’m here for consulting and testing anyway.

Thanks @jjp this is incredibly helpful and thorough. I’ll take a look through and would enjoy organizing a hack night around it, and if the system works well, offering it to the neighborhood.

The Ring cameras have been working great, but I don’t want to rely on them going forward.

1 Like