BI5 Android Push Notification Issue

merkaba

Young grasshopper
Aug 4, 2017
99
20
Hey, I am brand new to BI5 and so far so good...except these push notifications. I can't seem to get any consistency from them. When i do get them, they are extremely delayed, and I've never gotten the thumbnails working. Hopefully I'm missing something simple. I've tried the stuff below. Let me know if anyone has any ideas.

  • I have opened ports 2195, 443, and the port i use for the webserver
  • Made a firewall rule for all LAN traffic using webserver port to go to BI based on this post
  • Tried unchecking and checking both "Send Rich 3D notifications" and "10 image GIF
  • Matched up both my LAN and WAN webserver ports to use the same port
This is what my notifications do look like when i happen to get them:
mqO3vpIl.png
 
Last edited:
It looks like push notification links back to the event thumbnail via URL that looks like this:

http://<BI-server-IP-address>/thumbs/@<thumb-id>?session=<session-id>

<BI-server-IP-address> is always resolved IP address of your externally visible BI server (like 101.202.101.202). If BI server is behind firewall, that will be your externally visible IP address of your firewall (firewall then needs to know how to internally forward request to your BI server - via NAT or otherwise)
<thumb-id> is some long decimal number, determined by BI
<session-id> is some long hexadecimal number, determined by BI

If you are exposing service via HTTPS protocol instead, you need to check "Stunnel is installed for HTTPS on port" option, and http in above example is going to be replaced with https. Even if you are not using Stunnel, but some other means of protecting server via SSL, like reverse proxy (nginx), you have to check that option. Bottom line is, something that looks like


has to resolve back to your BI server, so it can return the thumbnail to the caller.

In my case I'm using nginx as reverse proxy. Requests that come from the outside are analyzed by nginx and it determines where (to which of my multiple servers) it needs to proxy that request. Each of my servers has unique registered name, but they all point to the same externally visible address of my firewall. For example

bi.mydomain.org 101.202.101.202
automation.mydomain.org 101.202.101.202
www.mydomain.org 101.202.101.202
syslog.mydomain.org 101.202.101.202
etc.

When request to bi.mydomain.org comes in, nginx knows that it need to proxy that to my server with internal IP address of 10.1.1.10.

So, what happens when request comes in as ? Well, nginx does not know what server is request for, and responds with one of the standard HTTP codes like 404 Not Found, or 401 Not Authorized, etc. (depending on configuration). That's when you get big white block instead of the thumbnail.

I had to adjust my nginx configuration to analyze URL location (/thumbs/@391132345) and URL arguments (session=2c6b3959680f76012cd21e8550c13db7). When they conform to the above patterns, it knows that's request for BI thumbnail and proxies request to the Bi server. Now I get thumbnail with every push notification.

This is location block in my nginx default.conf that worked for me (server name and IP address are made up):

# Blue Iris push notification thumbnails
location ~ ^/thumbs/@[0-9]* {
proxy_set_header Host bi.mydomain.org;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
proxy_read_timeout 90;

if ($args ~ "^session=[0-9a-fA-F]*$") {
proxy_pass break;​
}​
}

I'm sure nginx experts can improve on it.
 
  • Like
Reactions: Nerds2You
got it work; now issue is in home assistant - the mjpeg cams do not show any images. Is there any trick to get this going?
 
I was having the same issue with not getting thumbnails and was also getting a 3 or 4 minute delay in getting notifications on my Android phone. Thanks to this thread and especially @753951 I have resolved the issue. I had the port forwarding on my firewall to have a different port on the WAN side and forward to the correct port on the LAN side.

ex forwarding was set to port 52145 on the WAN and the router forwarded it to the blue iris server on port 8080 on the LAN

I was able to access using the app and web just fine as long as I entered my WAN address and appended with port 52145 but the BI server was hard coded to look for the thumbnails using port 8080.

I changed my port forwarding rule to trigger on the same external and internal ports and it now gives me the thumbnails and the push notifications are instant.

Now to figure out how to use a signed certificate while using Stunnel
 
  • Like
Reactions: fenderman
Now to figure out how to use a signed certificate while using Stunnel

Easy. Go to the folder where stunnel is installed (like C:\Program Files (x86)\stunnel) and edit config\stunnel.conf file. Find [https] section and make sure you have line like

Code:
cert = mycert.pem

Pem file should be placed in the same folder and should contain full certificate chain. Restart stunnel and you are done.
 
It looks like push notification links back to the event thumbnail via URL that looks like this:
http://<BI-server-IP-address>/thumbs/@<thumb-id>?session=<session-id>

<BI-server-IP-address> is always resolved IP address of your externally visible BI server (like 101.202.101.202). If BI server is behind firewall, that will be your externally visible IP address of your firewall (firewall then needs to know how to internally forward request to your BI server - via NAT or otherwise)
<thumb-id> is some long decimal number, determined by BI
<session-id> is some long hexadecimal number, determined by BI

If you are exposing service via HTTPS protocol instead, you need to check "Stunnel is installed for HTTPS on port" option, and http in above example is going to be replaced with https. Even if you are not using Stunnel, but some other means of protecting server via SSL, like reverse proxy (nginx), you have to check that option. Bottom line is, something that looks like

or

has to resolve back to your BI server, so it can return the thumbnail to the caller.

In my case I'm using nginx as reverse proxy. Requests that come from the outside are analyzed by nginx and it determines where (to which of my multiple servers) it needs to proxy that request. Each of my servers has unique registered name, but they all point to the same externally visible address of my firewall. For example

bi.mydomain.org 101.202.101.202
automation.mydomain.org 101.202.101.202
www.mydomain.org 101.202.101.202
syslog.mydomain.org 101.202.101.202
etc.

When request to bi.mydomain.org comes in, nginx knows that it need to proxy that to my server with internal IP address of 10.1.1.10.

So, what happens when request comes in as ? Well, nginx does not know what server is request for, and responds with one of the standard HTTP codes like 404 Not Found, or 401 Not Authorized, etc. (depending on configuration). That's when you get big white block instead of the thumbnail.

I had to adjust my nginx configuration to analyze URL location (/thumbs/@391132345) and URL arguments (session=2c6b3959680f76012cd21e8550c13db7). When they conform to the above patterns, it knows that's request for BI thumbnail and proxies request to the Bi server. Now I get thumbnail with every push notification.

This is location block in my nginx default.conf that worked for me (server name and IP address are made up):

# Blue Iris push notification thumbnails
location ~ ^/thumbs/@[0-9]* {
proxy_set_header Host bi.mydomain.org;​
proxy_set_header X-Real-IP $remote_addr;​
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;​
proxy_set_header X-Forwarded-Proto $scheme;​
add_header Front-End-Https on;​
proxy_read_timeout 90;​
if ($args ~ "^session=[0-9a-fA-F]*$") {​
break;​

}​
}

I'm sure nginx experts can improve on it.

How did you find out the URL BI is using and how do you monitor it? I cant get consistent notifications with an image and nothing I try is working.