Remote access server in a private network

Cloud-based remote access services require your mobile devices to be connected to the Internet, which is not always possible. Many companies use private APNs, VPNs, or local networks so there mobile devices do not even have access to external resources.

Since aPuppet is a self-hosted service without cloud-based components, it can be deployed in a private network, and it will provide remote access to the Android devices to other users in that network.

The only issue of a private network is a HTTPS issue. Your (local) domain name requires an HTTPS certificate. Obtaining an HTTPS certificate for a local domain may be tricky.

Deploying aPuppet in LAN

For LAN-based deployment, we recommend using aPuppet Premium because it supports any HTTPS certificate (not only a free LetsEncrypt certificate).

We suggest the following deployment flow:

  1. Temporarily expose the aPuppet domain name in Internet.
  2. Purchase a certificate (for example, Comodo PositiveSSL) for a longest possible time span. To our knowledge, this kind of certificate can be purchased for 5 years. Make sure the root certificates are also valid within that time span! Note that a free LetsEncrypt certificate won’t work because it requires renewal each 3 months.
  3. Deploy aPuppet on a domain connected to Internet using this certificate (see README.md how to use a custom certificate chain), and make sure it is working well.
  4. Move the aPuppet host into your LAN.
  5. Set up a private domain name server (DNS) in your LAN so the aPuppet domain name now points to the local IP of the aPuppet host.
  6. Restart aPuppet by running ./install.sh in the project root directory.
  7. Test the aPuppet work; now it should work well in your LAN.

Is SSL required?

Note that it is not possible to get rid of the secure layer. aPuppet uses WebRTC which requires SSL so you need the certificate anyway, even if you decide to use plain HTTP (not recommended for security purposes!).