All posts by mlapaglia

Displaying Plate Numbers on ALPR Cameras

I’ve been running OpenALPR on Unraid for about 6 months. Since January I’ve been working on a tool that replaces the limited closed-source OpenALPR web ui with my own OpenALPR Webhook Processor. I pointed the OpenALPR agent at my tool instead of the OpenALPR web ui. The agent sends a JSON payload defined here.

After the JSON payload is processed it is displayed through an Angular web app running on Core backend. It uses a SQLite database to store plate information, and retrieves images from the agent on the fly. It records a small amount of statistics, allows searching based on make/model and plate numbers including regular expressions, and can both ignore and alert on plates.

The home plate screen

The tool can also manage individual cameras day/night toggling and zoom/focus based on the camera GPS location:

Modifying ALPR and regular cameras

When the tool receives a webhook from the agent, it parses the plate information and overlays the text on the camera:

The agent tries to determine the make/model of the vehicle, it’s not always correct (especially at night), but it does get a fair amount of accurate results.

So far it has been working pretty well! I am currently working on a method for “scraping” the agent’s debug web ui for information instead of using webhooks. This will be useful for people with the “Homeowner” membership that requires the webhook to come from the OpenALPR cloud website.

Self Hosted Email Server With Unraid and Poste.IO

I use NginxProxyManager as the main entry point of web traffic onto my local server. I exclusively use it as a proxy host for multiple subdomains. Each subdomain managed by NPM gets proxied to a docker container. Adding new services is mostly setting up the docker container and using NPM to create a ssl certificate with letsencrypt and directing the traffic from that subdomain to the container.

A few weeks ago I randomly discovered through the community apps page of unraid. It’s an all-in-one dockerized email server. Since Unraid has a template for it, installing was a breeze:

Community Applications plugin has a template ready to go

Email requires more ports than just 443/80, but following their documentation I was able to get it up and running. Thanks to my local ISP I am able to have port 25 and all the rest unblocked, normally ISPs don’t allow these ports.

slick looking admin console

The docker container comes complete with an admin site for managing users, domains, and server settings. The mail app isn’t half bad either:

Once I tried to connect Thunderbird though I got SSL verification errors. I soon found out even through NPM handles the SSL offloading for port 443 (HTTPS web traffic), it doesn’t do the same for the mail ports (143, 993, etc). Thunderbird was getting a generic SSL certificate instead of! does support LetsEncrypt, but trying to run LE validation behind another LE instance (NPM) is problematic. When the Poste.IO LE tries to validate domain ownership the LE server ends up calling the NPM LE, which says “uh, what, 404 for me I guess”.

LE servers not able to validate that I own the domain name 🙁

I tried getting the LE functionality in to work with the NPM LE but couldn’t come up with a solution that would result in automatic SSL certificate renewals in the future. Then I thought to myself, “NPM LE stores the certificates in the AppData folder of Unraid, I could use that!”

I went back to the docker configuration page and added 4 paths to map:

  • ca.crt
  • server.key
  • server.crt
  • server-combined.crt

I mapped them from the NPM appdata folder to the Poste container.

  • /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-33/chain.pem
  • /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-33/privkey.pem
  • /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-33/cert.pem
  • /mnt/user/appdata/NginxProxyManager/letsencrypt/live/npm-33/fullchain.pem

were mapped to:

  • /etc/ssl/ca.crt
  • /etc/ssl/server.key
  • /etc/ssl/server.crt
  • /etc/ssl/server-combined.crt

After this I was able to successfully connect to the email server from my computer and other devices! Now when NPM updates the domain name automatically, poste will directly reference the new certificates without any manual intervention.