Category Archives: Uncategorized

m2ag-thing-builder alpha 6

January 23, 2021

The m2ag.labs thing builder has reached alpha 6. The jump in the number from 3 to 6 is because of some fast rework for the client, thing builder and modules. The installer currently installs functional code and several modules are available for download and use. This will be the last alpha before beta 1.

The biggest changes are:


  • The custom web components I had built for use on the config page ( service controllers and component map) have been replaced with vue.js components. Custom components are too hard to maintain, so vue is the way to go.
  • Even though vue.js is being used, there are still no build steps needed to modify the the client. The vue components that were created are for interfacing with the back end flask api, and not geared towards using with things.
  • Where ever possible jquery has been eliminated and vanilla javascript used. Bootstrap 4 and the jstree component still require jquery so it is still included. The goal is to completely eliminate jquery by transitioning to bootstrap 5 and a vue js version of jstree.

Thing Builder:

  • JWT authentication for thing access
  • generic classes for i2c devices and things
  • nginx to serve api, client and proxy other services (for example: provide internal ssl for the webthings gateway and use of pagekite).


  • Has been updated to install the current code. Text on Raspbian Full and Lite with the latest updates. Tested on a Raspberry PI 3 B+ but should work without issue on all current Raspberry PI (previous versions of framework are running on Pi Zeros and PI 3 A).
  • Extras installers for Node (arm7 only for now) and a lite version of the gateway.
  • Not all extras are ready, check the for each one


Several things and related components are available for download and use now. These include:

  • airnow – a thing that monitors air quality. An airnow api key is required
  • alert – a method of sounding a buzzer
  • bmp280 – a wrapper for adafruit’s circuitpython driver
  • buttons – an example for using buttons and events
  • htu21d – a wrapper for adafruit’s circuitpython driver
  • lis3dh – a wrapper for adafruit’s circuitpython driver that overrides the the generic i2c wrapper class to return x, y, z acceleration
  • raspi – a system monitor for Raspberry pi
  • veml7700 – a wrapper for adafruit’s circuitpython driver

Check the of each module.

Documentation and how to guides are the immediate focus, as well as adding more things.

Air Quality Sensor

Source code is on github. Ceramic cap is 104M, base resistor is 500 ohms, switch resistor is 1k. Electrolytic is 47 micro-farad

With the recent wildfires here in California and the on-going Covid crisis making us all stay indoors, indoor air quality has become a very important consideration. Working in a back bedroom all day can subject you to some really bad air. Mostly volatile organic compounds — you know the stuff that smells — can build up and make a room unhealthy.

What I want, ultimately, is to monitor the indoor and outdoor air quality and generate alerts and run automation to deal with bad air. This sensor project is a key component for indoor air quality monitoring. But I wanted the sensor to provide some limited stand alone functionality. By using the trinket’s dot star, a piezo buzzer and a button some basic functionality can be implemented.

The dot star on the Trinket serves as a visual indicator of the 10 minute rolling average of both pm 2.5 and eCo2 levels. Steady on is the current level of co2 — green, yellow, orange, red, purple, maroon. Flashing on is the current levels of pm 2.5.

The levels are set as follows:


Warning colorLevEL eCo2
green < 1000 ppm
yellow< 1500 ppm
orange< 2000 ppm
red< 3000 ppm
purple< 5000 ppm
maroon> 5000 ppm
If enabled the alert will sound on orange and above. Solid on led displays eCO2 level.

pm 2.5

Warning LEVELPm2.5 ppb
green< 12.1
yellow< 35.4
orange< 55.4
red< 150.4
purple< 250.4
maroon > 250.4
Blinking dot star is showing the pm25 warning level.

The button has 3 functions. If the alert is sounding 1 press will cancel it. Double click will toggle the alert buzzer on or off. Default is off. There is an increasing or decreasing tone to denote which happened. So a hi to low tone means the alert is off. A long press will set the brightness of the dotstar. Default brightness is 90%. These settings revert to defaults on reset/power on.

A buzzer provides audible feedback of button presses and alerts. If enabled an alert tone will sound for 1 minute when a level goes above level 2 for either monitored compound.

The CCS811 measures VOC that are normally found indoor environments and provides an equivalent CO2 level. VOC levels vary by the atomic weight of the compound in question so it is hard to pin down levels that require actions to be taken. But CO2 has well defined levels (such as this) that can be used for triggers.

For pm 2.5 measurement I chose the PMSA003I sensor. Adafruit sells this sensor on a breakout board which would be the way to go it you can get them. Otherwise you will need to either solder some wires on the very fine pitch connector Adafruit includes or you can use a swd breakout connector and a cable like I did. You will need to use a dremel to cut the connector to fit the PMSA003I. It’s really easy:

Start with this
Grind it down to this. The key has to go.
Ready for test. Can be glued and mounted as is or moved to another board.

A BME280 completes the package. The temperature and humidity are passed to the CCS811 to compensate the measurements.

This is sort of a stew — the project takes advantage of components I had on hand as much as possible. If I were buying all the parts for this I would probably go with a BME680 and reduce the component count.

To utilize the project as a sensor for an HVAC system, we connect to it via the USB serial port. Command Messenger is used to pass messages to the device and retrieve data from the device. A python app is included that can help set measurement offsets and monitor data. It requires PyCmdMessenger. The m2ag.labs thing maker can make aqsensor things for this to allow integration with home automation. Otherwise the data can be retrieved from the device in json format:

See the python source to see how offsets can be set for sensor readings. These are stored in flash when changed and will be valid after restarts.

The Arduino code is set up as a project. Change trinket_aqs.cpp to trinket_aqs.ino to use in Arduino ide. See the source for required libraries.

m2ag-thing-framework alpha 3

The m2ag-thing-framework (formerly m2ag-iot-framework) has reached alpha 3. The functionality of this release represents MVP for the project. The framework generates (RFC?) compliant webthings and is compatible with the Mozilla IoT gateway.

Designed with security and privacy in mind the m2ag-thing-framework comes out of the box pre-configured for ssl for every thing and http basic auth for the api and management app. Coming in beta one will be a jwt implementation for the webthing security to provide peace of mind that devices can not be easily hijacked.

The device side implementation can happily run inside your firewall and never connect to the internet after the initial install. All data is kept locally. Data logging and rules engine support can be provided by the Mozilla IoT gateway. All files needed to run the thing are local after configuration.

The html5 management app is used to configure and monitor the device. Custom devices pages are automatically generated for installed things allowing debug and monitoring. The pages can be individually addressed to they can be used as ui’s for simple cases. The management app needs to be connected to the cloud while modules are being added to a thing, but afterwards does not.

The project consists of four separate projects :

The framework consist of custom python, html as well as nginx, flask and other services.

Work has already started on beta 1. This will bring a jwt implementation for securely accessing things.

m2ag.labs webthing framework alpha2

The m2ag.labs webthing framework now has enough example functionality to enable a demo. A new Raspberry PI can be setup as web thing with no coding (not much coding) required.

The alpha expects self signed certificates in .m2ag-labs/ssl. The installer currently only will install the system to use ssl. If you need to learn how to create self signed certificates checkout this post –> .

Start the install with:

/bin/bash -c “$(curl -fsSL”

Installer ends with enabling services. The rest-api is running.
Browsing to the device home page shows the thing is not running.
Use the helper to add and remove modules
Components are the hardware implementation. Device drivers are installed when possible.
Things are the webthing implementation A thing will be associated with a component.
With things and components available a component map is created.
Add things and associated component.
When the map is complete start the thing
The thing is configured and running.
Add to the Mozilla webthings gateway like any other web thing

Configurations can be modified with ease. The things git hub repo will contain predefined things and components that can used. Custom modules can be created by following a simple pattern. Alpha 2 will only support making properties available. Future releases will address events and actions.

m2ag.labs iot framework reloaded

I realize it has been quite sometime since my last post detailing how to install the m2ag.labs iot framework. After that post I looked over my progress and goals and did research in to existing projects. I came across Mozillia’s IoT project and was happy to find something I can work with.

Part of my goal was to provide for automatic ui configuration of common controls, easy web access and standard way of defining IoT devices. Mozilla’s project does that and more while supporting proposed w3c standards. This covers a large part of my development effort so I am definitely adopting the webthings and gateway for my project.

I still have the management interface to workout, including a point and click configuration mechanism and easy certificate generation and installation. These will be my milestone 1 goals. I will also be developing examples and documentation for the project.

The new architecture will use webthings as a standard

m2ag.lab iot framework

Installing the pre-alpha m2ag.labs IoT framework

The m2ag.labs IoT framework currently targets the Raspberry PI and Raspbian. The framework is in pre-alpha but us useable with custom modules installed. Custom modules will be the topic of next weeks post, along with some example code.

The usual warnings apply — this framework may not be compatible with the alpha or later versions of the framework. Some the of the internals need some work, but the framework can be made to work for you now.


  1. Install Raspbian Lite
  2. Perform initial start up
  3. Configure WIFI, SSH, i2c,  change password and hostname
  4. Reboot and login via SSH
  5. Update OS via apt
  6. Generate and place X509 certificates
  7. Get  installer and run

Install Raspian:

Use the Raspberry PI imager  to write Raspbian Lite to your sd card. I use 32 gb Samsung Evo cards. There is direction for choosing a micro sd at the Raspberry PI site.

I use Raspbian Lite unless there is a need for desktop UI on the device. Generally the stuff I do runs headless and is controlled via a web app.

After the image is written do the initial start up for the PI. The easiest way is to add a ssh file to the boot directory of the image we just created and connect the device to an ethernet hub. Just ssh to pi@raspberrypy.local and go. Another way is to plug in a monitor and keyboard but I am too lazy to go get one. The RaspberryPI  site has  instructions on setting up headless with wifi but I haven’t had much luck getting this to work lately (the wifi won’t start) .

After we get logged in (pi/raspberry) we need to configure wifi and enable ssh (if we haven’t already) It’s a good idea to go a head a change:

  •  the default password
  • the time zone
  • enable i2c

Next –  install the X509 certificates. This has been discussed previously on I haven’t decided if I will add a configuration option to run without ssh. I’m not thinking it is a good idea. But — ssh can be turned off with a little manual file editing. For the device, it is in the file device/comm/ The logger is just one file. For the client look in device/api/static/js/comm.js. I don’t think it is a good idea to not use ssh, even in a controlled network.

To create and deploy the certificates follow the instructions in this link or use the tool at to generate the certs. Remember — the root CA has to be imported to each OS that wants to access the IoT device securely. The blog post at contains links to instructions for the most common systems. I use Mac, IOS and Linux around here but Windows and Android are all good.

After the certificates are generated place them in the pi users home directory in a .certs subdirectory. Both the Flask app and Mosquitto MQTT server will access them from here. We are looking for the filenames server.crt and server.key.

Next – cd to home/pi and get the with wget :

chmod +x

This script does apt update and upgrade first, then the install. It can take quite a while to complete. When the script is complete the system should be installed and running. Check the script results for errors. Then navigate to your device on port 5000 (raspib.local:5000) and get the client page opened (be sure to have imported the root CA so ssl will work.

You will get a warning about no user name password. Click on ‘credentials’ in the upper right and enter the default username/password (pi/raspberry).

provide default credentials (pi/raspberry) and click ‘close’

The device will use the hostname as a login for mqtt, default password is raspberry. When we get the page and the login we can see that the api app is running and ssl is correctly recognized by the browser.

Click on ‘Get Device’ list to populate the list. You should see a listing for the device that you can click on:

Select the device to proceed.

This selects the device setup us up for an mqtt connection to the IoT core of or device. Commands can be sent via the Communications tab:

command to sound a sample alert

If you have a piezo buzzer attached to pin 13 the preceding command will make it play a tone. In the command — the prm object can carry your custom command to your IoT device. Returned data will be available in the output area. I have a post here that details how I set my buzzer up.

Limited DB access via Database tab,

registry and users are currently implemented.

The code is pre-alpha so there are plenty of warts. There is a problem with the HTML5 app that make the initial mqtt connection a little contrary but it can be made to work. Just try sending a command a couple of times if you can’t get the initial command to work. Much work needs to be done to HTML5 app ( would you like to help? ).

The UI and accompanying API are going to get some usability improvements next, followed by some work on the IoT device.

The repos are here.

If you are working on COVID related projects and would like to use this framework to boot strap your effort I would be happy to assist in getting you going. Contact me here.

If you find this work helpful perhaps you would consider supporting m2ag.labs open source efforts by buying us coffee. Any amount would be appreciated. Please use this link to do so:

Small Donate Button

Thanks for stopping by.

sqlite.remote version 1.0

March 22, 2020

A while back I released some simple code to allow access to a SQLite database on my embedded devices. A python/html5 app that provided an HTML5 interface to a python api. My goal is a simple to use method that allows quick and easy access to  databases on raspberry pi (or similar) used for configuration and logging on my IoT devices. The requirements are minimal :

  1. User login via http auth
  2. The ability to change a user password.
  3. SSL via self signed certificates
  4. Basic database access via a browser based app

Today version 1.0 of the sqlite.remote tool is being released. Available via git hub, the app meets the goals specified above.

Some assembly is required — mainly in the form of generating self signed certificates for the devices and browsers that will be used to access them. Check out my previous post about securing local IoT devices.  Generate the certs that you need before installing the sqlite.remote tool.


Since I use this on the Raspberry PI it is installed in the pi user’s home directory. Any system that supports python should work, as should any user.

First clone the git hub repository:

 git clone

Then cd to the install directory and chmod the installer script:

chmod +x

Then ./ to install dependencies. This app requires flask and flask_httpauth. Depending on your current update status the dependencies may already be installed.

After the install is completed the install can be tested by changing to the project root and running:

python3 sqlite-remote.sqlite

This should start the api server and show a  message like this in the console:

As you can see we are using the barebones development server to run our api. Despite the message to not use this in production, I am using this in production. My usage only calls for one or two users at a time infrequently hitting the api. I decided to trade a simple implementation for a more robust web server and more complicated install. Plus, the web server would generally sit idle for day to day use.

It should also be noted that the api is being served over https. This is requires a self signed certificate to be installed on the device. This is configured at the bottom of

Adjust the paths to the correct certificate files. The api can be run without ssl if desired. For me, I want to provide at least a minimal level of security to my IoT devices. I intend this to be a config and control interface, but the devices will generally be inside a controlled firewall. Self signed certs  and a basic login meets my needs.

As part of the install a service a file is and copied to the systemd system directory. If the default location (/home/pi/m2ag-sqlite-remote) is changed, change it in this file.  To enable the service:

sudo systemctl m2ag-sqlite-remote enable
sudo systemctl m2ag-sqlite-remote start

After the api is running navigate to your device at:

https://your-device.local:5001  to get the app page:

The default user is “pi” and the password is “raspberry”. These can be set in the credentials popup:

Select close to get back to query screen. If the query button is pressed with an empty query an “Ok” message will be returned. This tells us the configuration is correct:

To change the password use e the credentials popup:

‘Ok’ will appear in the status on a successful change.

To add new users first select * from users and get the hash for pi’s password and then insert a user using the same password hash. You can then use the new user’s credentials and change the password with the set password dialog.

General usage:

This app should handle most updates and edits to tables. Since the services setup specifies the database at startup additional tables to be added to the sqlite-remote.sqlite database. The only requirement for the app is the user table with a text username and password fields. This table could be added to any database. Just insert the pi user (or any other user) into the user tables via the command line app or some other tool.

It is hoped that you find this app useful, please feel free to open issues on github or comment here if there are problems with the app. Keep in mind it is barebones on purpose, all I need it to do is update tables remotely for me. If more complex usage is envisioned it may be modifications will need to be made.

If you find this work helpful perhaps you would consider supporting m2ag.labs open source efforts by buying us coffee. Any amount would be appreciated. Please use this link to do so:

Small Donate Button

Thanks for stopping by.