Plugin request: Apt-get or shell plugin for Octo-pi

Would be nice to be able to keep my Octo-pi fully updated from Octo-print without having to SSH. Just trying to keep everything in one place for ease of use and to promote more frequent updates for those not as comfortable with Linux or SSH.

I suppose...

But an easier solution might be to use the Gcode Systems Commands plugin then add a new... OCTO 211 which runs a ~/scripts/octo211 script.

The contents of the script might be...

#!/usr/bin/sh

sudo apt-get update
sudo apt-get upgrade -y

If you wanted to be fancy, you could route the output of those to a particular log file like ~/.octoprint/logs/octo211.log or similar.

Just make sure to run chmod a+x ~/scripts/octo211 so that it can be executed.

1 Like

Thanks, I'll look at that.

And for the win, add an update button on your OctoPrint's Control tab by editing the ~/.octoprint/config.yaml file to add/edit a section for controls (noting that the indentation is important):

controls:
- children:
  - command: OCTO211
    name: Upgrade Raspbian
    type: command
  name: Custom Controls
  type: section
1 Like

Why go the route of abusing custom controls for this when these kinds of tasks are what the system menu was added for? :thinking:

Alternatively it could also be achieved through a custom update configuration for OctoPrint's own software update plug-in. I'll look into writing something up for that if there's interest.

1 Like

I think it would go a long way having the System Menu Commands expandable from the UI where you can add additional ones other than the defaults without having to go into the config.yaml manually.

On a side note, it is possible to install something like web-console or gate one or shellinabox on your pi and then use the "Hello World" plugin example and point the tab to the newly installed web-based ssh client. I've done this before with shellinabox, but would recommend against making that available publicly in any way. It would require a little tweaking on the haproxy config if you wanted to access it via a sub-path of your octoprint url, something like http://ip/ssh would be achievable.

Of course, there is the system command editor plugin for that...forgot about that one it's been so long since I used it.

Just installed it and used the following to add a system command and it seems to work great, creates log file that can be retrieved from the Logging section of OctoPrint.

sudo apt-get update && sudo apt-get -y upgrade >> /home/pi/.octoprint/logs/aptget.log

So after some further searching I found achilterm that is functional, but I think I might be integrating this into a plugin eventually. There is some work to do, but here are the steps I took to at least getting a web-based ssh client to my pi.

ssh to your pi and run these commands.

cd oprint/bin
sudo pip install achilterm
sudo nano /etc/haproxy/haproxy.cfg

Find the line in your haproxy.cfg file for accessing the webcam that looks like this

		use_backend webcam if { path_beg /webcam/ }

and add the line just after it to make it look like this.

		use_backend webcam if { path_beg /webcam/ }
		use_backend achilterm if { path_beg /term/ }

Then at the end of the file after the backend webcam section add this.

backend achilterm
        reqrep ^([^\ :]*)\ /term/(.*)     \1\ /\2
        server achilterm1  127.0.0.1:8022

Once finished editing haproxy.cfg enter ctrl+x, followed by y for yes to save, followed by enter to accept the original file name and then restart haproxy with the following command.

sudo service haproxy restart

To test run the following command.

./achilterm

Now if everything worked right you can go to your octoprint's url and add "term" at the end like http://192.168.0.2/term/ replacing the ip address with your octoprint's ip.

If all is good then you can press ctrl+c to stop the program and then add it to crontab to automatically run on boot up using these commands.

crontab -e

if this is the first time you've edited crontab select your editor of choice, I used nano. Then add the following to the end of the file.

@reboot /home/pi/oprint/bin/achilterm --daemon

Press ctrl+x, y for yes to save, enter to keep default filename and then reboot the pi.

sudo reboot now

Once the pi is rebooted the previous test url should be active again at http://192.168.0.2/term/

For security you could improve your haproxy.cfg with additional settings to require a username/password etc. for access. In my case I actually have certificate based access restrictions that require a personal certificate that was signed by my own personal certificate authority. If you don't have the right user cert you can't connect at all.

Personally I'd seriously recommend against adding terminal functionality to OctoPrint or the reverse proxy in front of OctoPrint in any way, considering how many people happily expose it through port forwards to everyone on the internet.

1 Like

That's why I mentioned it originally and the part about additional haproxy steps.

Shell in a box...

Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins.

Just make that webpage have a second layer of passwording or something (or only available to "admin" accounts on octoprint) (and only talks to 127.0.0.1)
https://www.tecmint.com/shell-in-a-box-a-web-based-ssh-terminal-to-access-remote-linux-servers/

I don't expose anything to the web...I build a OpenVPN with PiVPN on an Orange Pi Zero...VPN in..then use my LAN ip's...works great...best part is...completely secure and only one port open...and it won't even respond unless the client has the correct key (plus I can then use my PLEX server :smiley: )

Why not just make unattended-upgrades a package that is activated automatically...have it download and patch security...only if application upgrades are needed then an apt update && apt upgrade -y is needed
https://help.ubuntu.com/community/AutomaticSecurityUpdates