Every five minutes, the Raspberry Pi system at the lake sends a short timelapse segment to Scootercam’s webserver. Here’s what happens next.<\/p>\n\n\n\n
A PHP-based timelapse video management system that receives video segments from cameras and combines them into daily period videos with automatic 8-hour rotation and comprehensive security controls.<\/p>\n\n\n\n
This system manages timelapse videos from multiple cameras with enterprise-grade security by:<\/p>\n\n\n\n
Cameras<\/strong>: 2 (Amcrest, Reolink) Edit Add to POST<\/strong> Authentication<\/strong>: Upload or Admin API key required<\/p>\n\n\n\n Parameters:<\/strong><\/p>\n\n\n\n Response:<\/strong><\/p>\n\n\n\n Example:<\/strong><\/p>\n\n\n\n Security Validations:<\/strong><\/p>\n\n\n\n GET<\/strong> Authentication<\/strong>: Admin API key required<\/p>\n\n\n\n Moves all active videos to archive directory.<\/p>\n\n\n\n Response:<\/strong><\/p>\n\n\n\n Example:<\/strong><\/p>\n\n\n\n GET<\/strong> Authentication<\/strong>: Admin API key required<\/p>\n\n\n\n Response:<\/strong><\/p>\n\n\n\n GET<\/strong> Authentication<\/strong>: Admin API key required<\/p>\n\n\n\n Deletes archive files older than specified days (1-30 day range enforced).<\/p>\n\n\n\n Response:<\/strong><\/p>\n\n\n\n Example:<\/strong><\/p>\n\n\n\n Uses FFmpeg’s concat demuxer with security controls:<\/p>\n\n\n\n Active Videos:<\/strong> Archived Videos:<\/strong> Cameras must now include API keys in their upload requests:<\/p>\n\n\n\n Amcrest Camera:<\/strong><\/p>\n\n\n\n Reolink Camera:<\/strong><\/p>\n\n\n\n Cause:<\/strong> Invalid or missing API key Cause:<\/strong> Too many requests from same IP Cause:<\/strong> File validation failure Check:<\/strong><\/p>\n\n\n\n Solution:<\/strong> Force rotation<\/p>\n\n\n\n Solution:<\/strong> Clean old archives<\/p>\n\n\n\n Monitor Complete System Reset:<\/strong><\/p>\n\n\n\n
Periods<\/strong>: 3 per day (Night: 00:00-08:00, Day: 08:00-16:00, Evening: 16:00-24:00)
Total Videos<\/strong>: Maximum 6 active videos at any time
Rotation<\/strong>: Every 8 hours via cron (00:00, 08:00, 16:00)
Security<\/strong>: Two-tier API key authentication, rate limiting, comprehensive validation<\/p>\n\n\n\nDirectory Structure<\/h2>\n\n\n\n
\/home\/scootercam\/public_html\/timelapse\/\n\u251c\u2500\u2500 upload.php # Main secure script\n\u251c\u2500\u2500 videos\/ # Active videos (max 6 files)\n\u2502 \u251c\u2500\u2500 amcrest_day_20250901.mp4\n\u2502 \u251c\u2500\u2500 amcrest_evening_20250901.mp4\n\u2502 \u251c\u2500\u2500 amcrest_night_20250902.mp4\n\u2502 \u251c\u2500\u2500 reolink_day_20250901.mp4\n\u2502 \u251c\u2500\u2500 reolink_evening_20250901.mp4\n\u2502 \u2514\u2500\u2500 reolink_night_20250902.mp4\n\u251c\u2500\u2500 videos\/archive\/ # Archived videos\n\u2502 \u251c\u2500\u2500 amcrest_day_20250831_235959.mp4\n\u2502 \u2514\u2500\u2500 reolink_evening_20250831_235959.mp4\n\u251c\u2500\u2500 temp\/ # Temporary processing files\n\u251c\u2500\u2500 security.log # Security audit trail\n\u2514\u2500\u2500 rate_limit.json # Rate limiting data\n<\/code><\/pre>\n\n\n\nSecurity Features<\/h2>\n\n\n\n
\ud83d\udd10 Two-Tier API Authentication<\/strong><\/h3>\n\n\n\n
\n
\ud83d\udee1\ufe0f Comprehensive File Validation<\/strong><\/h3>\n\n\n\n
\n
\u26a1 Rate Limiting<\/strong><\/h3>\n\n\n\n
\n
\ud83d\udcca Security Monitoring<\/strong><\/h3>\n\n\n\n
\n
\ud83d\udd12 Input Sanitization<\/strong><\/h3>\n\n\n\n
\n
Setup<\/h2>\n\n\n\n
1. Generate API Keys<\/h3>\n\n\n\n
# Generate secure upload key (64 characters)\nopenssl rand -hex 32\n\n# Generate secure admin key (64 characters) \nopenssl rand -hex 32\n<\/code><\/pre>\n\n\n\n2. Configure Script<\/h3>\n\n\n\n
upload.php<\/code> and replace the placeholder API keys:<\/p>\n\n\n\nprivate $api_keys = [\n 'upload' => 'your_64_char_upload_key_here',\n 'admin' => 'your_64_char_admin_key_here'\n];\n<\/code><\/pre>\n\n\n\n3. Set File Permissions<\/h3>\n\n\n\n
chmod 755 \/home\/scootercam\/public_html\/timelapse\/upload.php\nchmod 750 \/home\/scootercam\/public_html\/timelapse\/videos\nchmod 750 \/home\/scootercam\/public_html\/timelapse\/temp\nchmod 640 \/home\/scootercam\/public_html\/timelapse\/security.log\nchown -R scootercam:scootercam \/home\/scootercam\/public_html\/timelapse\/\n<\/code><\/pre>\n\n\n\n4. Update Cron Job<\/h3>\n\n\n\n
# Replace with your actual admin API key\n0 0,8,16 * * * \/usr\/bin\/curl --silent \"http:\/\/scootercam.net\/timelapse\/upload.php?action=rotate&api_key=YOUR_ADMIN_KEY_HERE\" > \/dev\/null 2>&1\n<\/code><\/pre>\n\n\n\n5. Configure Web Server Security<\/h3>\n\n\n\n
.htaccess<\/code>:<\/p>\n\n\n\n# Deny access to sensitive files\n<Files \"security.log\">\n Deny from all\n<\/Files>\n\n<Files \"rate_limit.json\">\n Deny from all\n<\/Files>\n\n# Optional: Basic DDoS protection\n<IfModule mod_evasive24.c>\n DOSPageCount 5\n DOSPageInterval 1\n DOSBlockingPeriod 300\n<\/IfModule>\n<\/code><\/pre>\n\n\n\n6. Verify FFmpeg<\/h3>\n\n\n\n
which ffmpeg\n# Should return: \/bin\/ffmpeg\n<\/code><\/pre>\n\n\n\nAPI Endpoints<\/h2>\n\n\n\n
Upload Video Segment<\/h3>\n\n\n\n
upload.php?action=receive<\/code> (default)<\/p>\n\n\n\n\n
camera<\/code> (POST): amcrest<\/code> or reolink<\/code><\/li>\n\n\n\napi_key<\/code> (POST): Valid upload or admin API key<\/li>\n\n\n\nvideo<\/code> (FILE): MP4 video segment (max 50MB)<\/li>\n<\/ul>\n\n\n\n{\n \"status\": \"success\",\n \"message\": \"Segment appended\",\n \"period\": \"day\",\n \"camera\": \"amcrest\"\n}\n<\/code><\/pre>\n\n\n\ncurl -X POST \\\n -F \"camera=amcrest\" \\\n -F \"api_key=your_upload_key_here\" \\\n -F \"video=@segment.mp4\" \\\n http://scootercam.net\/timelapse\/upload.php\n<\/code><\/pre>\n\n\n\n\n
Manual Rotation<\/h3>\n\n\n\n
upload.php?action=rotate&api_key=ADMIN_KEY<\/code><\/p>\n\n\n\n{\n \"status\": \"success\",\n \"message\": \"Rotated 6 videos\"\n}\n<\/code><\/pre>\n\n\n\ncurl \"http:\/\/scootercam.net\/timelapse\/upload.php?action=rotate&api_key=your_admin_key_here\"\n<\/code><\/pre>\n\n\n\nSystem Status<\/h3>\n\n\n\n
upload.php?action=status&api_key=ADMIN_KEY<\/code><\/p>\n\n\n\n{\n \"status\": \"success\",\n \"current_period\": \"day\",\n \"videos\": [\n {\n \"camera\": \"amcrest\",\n \"period\": \"day\",\n \"exists\": true,\n \"size\": 15728640,\n \"modified\": \"2025-09-01 14:30:15\"\n }\n ]\n}\n<\/code><\/pre>\n\n\n\nArchive Cleanup<\/h3>\n\n\n\n
upload.php?action=cleanup&days=7&api_key=ADMIN_KEY<\/code><\/p>\n\n\n\n{\n \"status\": \"success\",\n \"message\": \"Deleted 12 old archive files\"\n}\n<\/code><\/pre>\n\n\n\ncurl \"http:\/\/scootercam.net\/timelapse\/upload.php?action=cleanup&days=5&api_key=your_admin_key_here\"\n<\/code><\/pre>\n\n\n\nHow It Works<\/h2>\n\n\n\n
1. Secure Upload Process<\/h3>\n\n\n\n
\n
2. Video Concatenation<\/h3>\n\n\n\n
ffmpeg -f concat -safe 0 -i concat_list.txt -c copy -avoid_negative_ts make_zero output.mp4\n<\/code><\/pre>\n\n\n\n3. Automatic Rotation<\/h3>\n\n\n\n
\n
\/videos\/<\/code> moved to \/videos\/archive\/<\/code> with timestamp<\/li>\n\n\n\n4. Security Monitoring<\/h3>\n\n\n\n
\n
security.log<\/code> with timestamps and IP addresses<\/li>\n\n\n\nrate_limit.json<\/code><\/li>\n\n\n\n5. File Naming Convention<\/h3>\n\n\n\n
{camera}_{period}_{date}.mp4<\/code><\/p>\n\n\n\n\n
amcrest_day_20250901.mp4<\/code><\/li>\n<\/ul>\n\n\n\n{camera}_{period}_{date}_{time}.mp4<\/code><\/p>\n\n\n\n\n
amcrest_day_20250901_160002.mp4<\/code><\/li>\n<\/ul>\n\n\n\nCamera Configuration<\/h2>\n\n\n\n
Update Camera Upload Scripts<\/h3>\n\n\n\n
#!\/bin\/bash\nAPI_KEY=\"your_upload_key_here\"\nCAMERA=\"amcrest\"\nSEGMENT=\"\/path\/to\/segment.mp4\"\n\ncurl -X POST \\\n -F \"camera=${CAMERA}\" \\\n -F \"api_key=${API_KEY}\" \\\n -F \"video=@${SEGMENT}\" \\\n http://scootercam.net\/timelapse\/upload.php\n<\/code><\/pre>\n\n\n\n#!\/bin\/bash\nAPI_KEY=\"your_upload_key_here\" \nCAMERA=\"reolink\"\nSEGMENT=\"\/path\/to\/segment.mp4\"\n\ncurl -X POST \\\n -F \"camera=${CAMERA}\" \\\n -F \"api_key=${API_KEY}\" \\\n -F \"video=@${SEGMENT}\" \\\n http://scootercam.net\/timelapse\/upload.php\n<\/code><\/pre>\n\n\n\nMonitoring<\/h2>\n\n\n\n
Security Log Monitoring<\/h3>\n\n\n\n
# Real-time security monitoring\ntail -f \/home\/scootercam\/public_html\/timelapse\/security.log\n\n# Check for suspicious activity\ngrep \"WARNING\\|ERROR\" \/home\/scootercam\/public_html\/timelapse\/security.log\n\n# Monitor rate limiting\ngrep \"Rate limit\" \/home\/scootercam\/public_html\/timelapse\/security.log\n<\/code><\/pre>\n\n\n\nSystem Status Monitoring<\/h3>\n\n\n\n
# Check current system status (requires admin key)\ncurl \"http:\/\/scootercam.net\/timelapse\/upload.php?action=status&api_key=your_admin_key_here\"\n\n# Verify active video count (should be \u22646)\nls -la \/home\/scootercam\/public_html\/timelapse\/videos\/*.mp4 | wc -l\n<\/code><\/pre>\n\n\n\nDisk Usage Monitoring<\/h3>\n\n\n\n
# Check active videos disk usage\ndu -sh \/home\/scootercam\/public_html\/timelapse\/videos\/\n\n# Check archive disk usage\ndu -sh \/home\/scootercam\/public_html\/timelapse\/videos\/archive\/\n\n# Overall system disk usage\ndf -h\n<\/code><\/pre>\n\n\n\nPerformance Monitoring<\/h3>\n\n\n\n
# Check recent uploads (last 24 hours)\nfind \/home\/scootercam\/public_html\/timelapse\/videos\/ -name \"*.mp4\" -mtime -1 -ls\n\n# Monitor temp directory (should be empty most of the time)\nls -la \/home\/scootercam\/public_html\/timelapse\/temp\/\n<\/code><\/pre>\n\n\n\nTroubleshooting<\/h2>\n\n\n\n
Problem: Upload Rejected (401 Unauthorized)<\/h3>\n\n\n\n
Solution:<\/strong><\/p>\n\n\n\n\n
security.log<\/code> for failed authentication attempts<\/li>\n\n\n\nupload.php<\/code><\/li>\n<\/ol>\n\n\n\nProblem: Upload Rejected (429 Rate Limited)<\/h3>\n\n\n\n
Solution:<\/strong><\/p>\n\n\n\n\n
security.log<\/code><\/li>\n\n\n\nProblem: Upload Rejected (400 Bad Request)<\/h3>\n\n\n\n
Solution:<\/strong><\/p>\n\n\n\n\n
amcrest<\/code> or reolink<\/code>)<\/li>\n\n\n\nsecurity.log<\/code> for specific validation errors<\/li>\n<\/ol>\n\n\n\nProblem: FFmpeg Concatenation Failures<\/h3>\n\n\n\n
\n
which ffmpeg<\/code><\/li>\n\n\n\nls -la temp\/<\/code><\/li>\n\n\n\nProblem: Too Many Active Videos (>6)<\/h3>\n\n\n\n
curl \"http:\/\/scootercam.net\/timelapse\/upload.php?action=rotate&api_key=your_admin_key_here\"\n<\/code><\/pre>\n\n\n\nProblem: Large Archive Directory<\/h3>\n\n\n\n
curl \"http:\/\/scootercam.net\/timelapse\/upload.php?action=cleanup&days=5&api_key=your_admin_key_here\"\n<\/code><\/pre>\n\n\n\nSecurity Incident Response<\/h2>\n\n\n\n
Suspicious Activity Detection<\/h3>\n\n\n\n
security.log<\/code> for these indicators:<\/p>\n\n\n\n\n
Immediate Response Actions<\/h3>\n\n\n\n
\n
API Key Compromise Response<\/h3>\n\n\n\n
# 1. Generate new API keys\nopenssl rand -hex 32 # New upload key\nopenssl rand -hex 32 # New admin key\n\n# 2. Update upload.php with new keys\n# 3. Update camera configurations\n# 4. Update cron job with new admin key\n# 5. Clear rate limiting data\nrm -f \/home\/scootercam\/public_html\/timelapse\/rate_limit.json\n<\/code><\/pre>\n\n\n\nMaintenance<\/h2>\n\n\n\n
Daily Tasks<\/h3>\n\n\n\n
\n
Weekly Tasks<\/h3>\n\n\n\n
\n
Monthly Tasks<\/h3>\n\n\n\n
\n
Emergency Procedures<\/h3>\n\n\n\n