Deck Lights

Deck the Halls with Code

In the holiday spirit, a buddy of mine and I decided to build a project that would bring joy to the world (no pun intended … errrrr … okay, pun intended) and fulfill our need to do something nerdy. As with most of us nerds, our “home” projects usually get left unfinished.

We DID NOT want that to happen this time.

After some thinking on his part, he sends me a message with the idea … Let everyone in the world play with his holiday lights. Me … well I really don’t need much convincing to do any fun programming, and honestly, I really liked the idea. It seemed like a great way to incorporate his love for holiday lights and also brighten up an otherwise light-less street in Easton, PA.

But how were we gonna accomplish this?

My buddy, Christopher Poplawski, is more of a hardware/networking guy and I am a programmer/developer.  No matter what we decided, I was sure we could handle it. But, I didn’t have to think about it too long before he sent me another message that he already ordered a relay board for his Raspberry Pi and he was gonna start wiring something up soon. I got comfortable and really didn’t put too much thought into it, until a few days later when I get this picture sent to me along with the message “Wiring is done.”


Time for a Nerd playdate

Dang, I didn’t think he was gonna get it done that fast. Now we had to setup a playdate to start some initial programming to test the relay switches. All of that went pretty smoothly, and we threw together a quick web API on the Raspberry Pi so that each switch could be controlled from a form on a website. The only thing left at that point was the webcam (huge headache) and figuring out where to host this. The idea was to have it running on a Raspberry Pi from his house, but have an external website hosted somewhere else to make sure his home network would still be secure.

Here is the tech we decided on:

    • Webcam/Netcam Studio
      Uqiquity G3 running in a VM to host a live stream of the front of his house. (running at his house)
    • Hosting
      An Azure instance running CentOS, because he is a Windows guy and wanted to incorporate Azure
    • Raspberry Pi 2
      Running the Relay Switch controller and hosting the web API that will receive remote commands. (running at his house)
    • Relay Board with 16 120V relay switches
      Hooked up to the Raspberry Pi
    • Security
      A DMZ network on Chris’ PFSense firewall with all unnecessary ports locked down, same for the Azure instance. Complicated passwords … check. SSL everywhere using Certbot. DMZ network keeps all traffic from touching his internal network (Read below to find out why that was a smart move).

The website itself is straight forward.  However, we needed to make sure that any connection to his house was masked or “proxied” so that his internal network wasn’t exposed to the outside world. 

It is easier than it seems

Of course, to everyone else this seems like a real chore. But I assure you, it is simple. 

The website (hosted on Azure) displays 12 holiday display elements (we are not using all 16 relay switches). Each option is displayed alongside a status that indicates if it is currently off or on. By simply clicking the element you send a request back to website’s server, telling it to send a request to the Pi (and that is how we mask the Pi’s real endpoint) to either turn on or turn off the associated relay switch. After some toying around, we ended up with something as close to “real-time” as possible.

The website also showcases a live RTSP feed of the front of The Poplawski house, which must be retrieved from his home network as well (Netcam studio). We do this by having a job constantly running on the website’s server. This job continuously stays logged into the webcam software at his house, retrieving a new image … waiting ¼ of a second and then getting the next one … and so on and so on. The image the job retrieves is stored in 1 file on the server. So, basically the image on the website loads, and when it is done, it refreshes itself … wash, rinse, repeat. 

A dumb website, so to speak. It is basically a “housing” for the project intended to proxy connections to the real heavy lifters that are located at his house.

Holiday Lights

Holiday in Easton

And Voila!

A fully functional remote control Holiday Light display. Now, we needed to get people to come play with the lights. We created a Facebook page, and started posting our little hearts out on Google+, LinkedIn, Facebook, Reddit and a couple other places.

It was running for about a week with moderate traffic, until … BAM … suddenly it really took off (and I mean “took off”, literally 3,300 new visitors in one night). A few properly placed Tweets and Facebook Comments and we started seeing some real traffic. 

The initial goal was to get all 50 states to come and play with the lights. But, after posting on Reddit, that goal was accomplished rather quickly. Our new goal became “World Domination.” 

As of 12/20 this is where we stand globally:


Looks like we might get every country by New Year’s … fingers crossed.

For every action, there is an equal but opposite reaction

This is true, and man have we been seeing the reaction.  Both positive and negative. We have been attacked by “Script Kiddies” on multiple occasions. Which has required us to add “human detection” to the website and also add some rules to the server to forbid certain actions.


Each attack was following a milestone for us. For instance, we were featured on the WFMZ website. And immediately attacked following the release of that article.

Other mentions of this project came directly from and via some social media posts from the makers of The Raspberry Pi themselves. We managed to get pinned to the top of a Reddit board as well, which has been providing steady traffic since.

The traffic keeps pouring in, and we couldn’t be any happier about it. Finally, a nerdy home project that got completed. Well, mostly completed, until another Script Kiddie comes along with another type of attack. 


As of 12/20, the individual light elements have been turned on or off 97,760 times and the live feed image has been refreshed 264,728 times.  This has far exceeded what we thought we would do. And as it turns out, the site has become a battlefield for people. The feedback consists of people having fun “protecting” the inflatables from other visitors who want to turn them off, and a couple epic Icicle Light battles have taken place that have lasted for hours. 

Happy Holidays!!!