Onion Information

Page Clicks: 0

First Seen: 03/11/2024

Last Indexed: 10/22/2024

Domain Index Total: 337

Kontakt Owntracks Update to E-Book: Home Assistant - Open Source Home Automation Platform for IoT (Internet of Things) & more In 2017 I wrote “Home Assistant - Open Source Home Automation Platform for IoT (Internet of Things) & more” and “Mosquitto - MQTT BROKER FOR IoT (Internet of Things)” which both sold really well and people especially liked the secure MQTT setup. The eBooks are available at DigitalBooks24 Since 2017 a lot of Thing happened and I though it is time to get some update out.The servers already was updated to FreeBSD 12.2 and all the installed software was upgraded to the last version. Home Assistant is version 2021.1.5 running on Python 3.7. Things I wanted to have I was forced to change from Owntracks to Traccar ( http://wmv7y4tehgsvghaabiqvrm76uag7c6vdxufzoorjso3escefkiwo4tid.onion/2018-09-15-self-hosted-open-source-car-tracking-enterprise-ready/ ) in 2018 because the Owntracks client needed Google Apps and Nexttrack without Google depencies was not available at this time, but I was not fully satisfied. The client made some problems on LineageOS, lot of times not reporting positions. On LineageOS 16 it fully failed later. I also tried uLogger ( http://wmv7y4tehgsvghaabiqvrm76uag7c6vdxufzoorjso3escefkiwo4tid.onion/ULogger:%20Selbst%20gehostete%20datenschutzfreundliche%20Open%20Source%20Tracking%20L%C3%B6sung/ ) at the beginning of 2021. Even start/stop worked fine with Easer, which I use to start OpenVPN for my VoIP setup ( http://wmv7y4tehgsvghaabiqvrm76uag7c6vdxufzoorjso3escefkiwo4tid.onion/Professionelle%20Enterprise-Grade%20VoIP%20Telefonie%20mit%20Home-Office%20und%20Mobiltelefon%20Support%20%28Kostenlos,%20Open%20Source%29/ ) when leaving my home WLAN too, the tracks was not well organized and I missed some too. After rechecking Owntracks / Nexttracks I wanted to redesign my Home Assistant Setup and retry these two. I want Home Assistant Web IF accessible without password if client is in home WLAN. Because all mobile Phones are degoogeled using LineageOS ( http://wmv7y4tehgsvghaabiqvrm76uag7c6vdxufzoorjso3escefkiwo4tid.onion/Am%20Android%20Tablet%20oder%20Smartphone%20mit%20LineageOS%20f%C3%BCr%20Sicherheit%20und%20Privatsph%C3%A4re%20sorgen%20%28Teil%206%29/ ) without gapps and a very secure setup, Nexttrack makes it possible to report without any depencies to Google services and libraries. I do not even have a Google account. Links: https://www.home-assistant.io/ https://www.home-assistant.io/integrations/owntracks https://owntracks.org/ https://codeberg.org/nexttracks https://owntracks.org/booklet/guide/clients/ https://owntracks.org/booklet/features/android/ The Todo’s First of all, I setup Nexttrack via F-Droid on two devices to have some test equipment for the next steps. The Home Assistant main screen currently looks like this: The Nextrack screen on mobile was default: Now the MQTT servers needs a recheck to have something the Nexttrack clients can report to. But first we should look for a MQTT.fx alternate. MQTT.fx was a cool tool for debugging MQTT stuff, but now is not more available as Open Source it looks like. So I checkout https://mqtt-explorer.com/ https://kamilfb.github.io/mqtt-spy/ will and more infos later here. Authentication In the book i used client certificated to authenticate the devices to the public broker. I decided to got to TLS1.2 using the CA created with XCA and passwords. That way communication is encrypted, but new devices are easier to add. It is a must to import the CA.crt (CA Cert of the public MQTT Broker) into the devices. Just mail it to you and add it. We should remove the old devices from the pwfile on the public broker and create new passwords for the new devices: mosquitto_passwd /usr/local/etc/mosquitto/pwfile username Furthermore there is need to redo the aclfile on the public broker. Details about the topics can be found here: https://owntracks.org/booklet/guide/topics/ As an example, suppose Jane (username jjolie) should be able to publish to her OwnTracks MQTT topics and Fred (username fred) should be allowed to see Jane’s location, we could configure something like this: user jjolie topic owntracks/jjolie/# user fred topic read owntracks/jjolie/5s topic owntracks/fred/nexus/# But do not delete the Bridge config as described in the book! Connect the first clients Now we are ready to configure Nexttrack on the first device. I love to use the tablet with keyboard for testing. This makes things easier then typing on the small phone screen. Set MQTT, Hostname and Port in Nexttrack Set username, password, device id (name the topic) and tracker id (I use K1 and K2) After both devices publish to the broker, they are both visible on both devices on the map too. This works really nice. Setup Owntracks Recorder To be able to record the trips it looks like Owntracks recorder would be a nice thing. https://owntracks.org/booklet/guide/clients/#recorder https://github.com/owntracks/recorder We run on FreeBSD and there isn no package on their links, but it is available as ot-recorder in the FreeBSD packages. So a pkg install ot-recorder and #OT Recorder otrecorder_enable="YES" in /etc/rc.conf on the LAN broker which also holds Home Assistant, is enough to get it installed. We add a user for otrecorder and the fitting ACL’s: ########################################################### # configurations ot-recorder ########################################################### # user otrecorder topic read $SYS/# topic read owntracks/# # in aclfile. Do not delete other stuff! Finally create the ot-recorder.conf which is realls easy. Add hostname, port, username and password. Then start ot-recorder. NOTES TO MYSELF to have working TLS on localhost change from localhost to FQDN of the host and set require_certificate false to avoid need for client certs on LAN broker. BOTH IS REQUIRED OTHERWISE WE FAIL! There is a bug in the current package /var/run/ot-recorder is created but should be named /var/run/otrecorder as named in the rc script. a ln -s ot-recorder otrecorder solves out problem. After we have ot-recorder running we should place it behind the reversed proxy which is already running for Home Assistant. ################################################################################ # OWNTRACKS Recorder ################################################################################ # WebSocket URL endpoint # a2enmod proxy_wstunnel ProxyPass /owntracks/ws://127.0.0.1:8083/ws keepalive=on retry=60 ProxyPassReverse /owntracks/ws://127.0.0.1:8083/ws keepalive=on # Static files ProxyPass /owntracks http://127.0.0.1:8083/ ProxyPassReverse /owntracks http://127.0.0.1:8083/ Owntracks shows you lot of interesting pages: Find lot of details here https://github.com/owntracks/recorder . Everything Google free, using Open Street Maps! The “Last” view is updated via Websocks ass soon as a device repostrs changes via the MQTT Bridge. Nice to follow things. I finally chenged /usr/local/www/ot-recorder/index.html to fit my personal preferences: -- index.html.01.KMJ 2021-04-10 15:27:21.456933000 +0200 +++ index.html.03.KMJ 2021-04-10 15:51:43.333785000 +0200 @@ -80,12 +80,12 @@ d['f30d'] = f30d; var line = " {{ username }} / {{ device }} " + - " 12h " + - " 7d " + + " 12h " + + " 7d " + - " 12h " + - " 7d " + - " 30d " + + " 12h " + + " 7d " + + " 30d " + " "; Changing Home Assistant As final thing to do I want to change the Home Assistant views and also open it inside the home WLAN to be password free. The configuration has changed a little bit over the years, I added Bitcoin displays and local Weather stuff, but the basics are still the same as written in the book. We want to have the devices visible in the map of HA. Some docu is found here https://www.home-assistant.io/integrations/owntracks . NOTE: Devices that are currently at home won’t show on the map. This was hard to find : ) To disable Auth based on IPs there is a good docu here: https://www.home-assistant.io/docs/authentication/providers/ e.g. Trusted Users Examples homeassistant: auth_providers: type: blog trusted_networks: 192.168.0.0/24 - 192.168.10.0/24 - fd00::/8 trusted_users: 192.168.0.1: user1_id 192.168.0.0/24: user1_id - user2_id "fd00::/8": user1_id - group: system-users Now it already looks pretty nice For now we are done. This will be continued with setting events on entering zones and other stuff. Have fun with your privacy respecting, self hosted setup! Join my public room in the Matrix If you like this blog entry feel free to join my public room by entering /join #kmj:matrix.ctseuro.com anywhere in the Element Messenger ( https://element.io ) box to send a message! Or follow this Link: https://matrix.to/#/#kmj:matrix.ctseuro.com Help or answering questions ONLY in this room! Commercial support is available in English or German at https://ctssupport.at