July 7, 2020
The m2ag.labs iot framework reaches alpha 1.
The m2ag.labs iot framework is intended as a way to remove tedium from the iot development experience as well as make low cost diy IoT projects feasible for people who may not otherwise pursue them.
Given that a majority of projects are generally geared towards similar ends, a lot of boilerplate can be automatically generated to take care of the basics. These basics include security, communication, installation and remote control.
Security first architecture. With the prevalence of network connected devices making it into the wild there is a good chance one will be a trojan. Any connected device could monitor network traffic and poke at ports on discovered devices. With that in mind this framework defaults to ssl and at least minimal authentication. For alpha 1 there is ssl on all external connections, and HTTP basic auth on the framework api. JWT auth for the webthing will be coming in alpha2.
Self signed certificates must be used. I understand this can be difficult for some users to tackle but it will have to be diy for alpha 1. This will entail generating the certificate authority and distributing a root certificate to all systems/browsers/node apps/ that need to verify thing connections. I have a post here about that — and a good link to follow is here. There will be an option for m2ag.labs to manage this in the future (probably beta 1 or 2 — a couple of months).
Configure your device without coding (well kinda). This is done by specifying configuration and then dynamically constructing the needed classes at runtime. Each things element will get a thing description. This description will include all things related entries to generate a w3c compliant webthing. Each thing will take a component class that will provide an interface to the actual device drivers. The component class is really just a wrapper around the actual device library to provide a standard interface for exchanging data. Adafruit circuit python libraries and gpio zero will be favored in my implementations, but most python driver libraries and i/o access can be used.
The above configuration builds these things:
Common things/components will be available in a repo (coming soon) but it is pretty simple to create the required files. The needed circuit python files need to be installed separately for now.
The m2ag.labs IoT framework will be MIT licensed.
Preliminary installer available. After placing your self singed certificates in .m2ag-labs/ssl run:
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/m2ag-labs/m2ag-iot-installer/master/install.sh)"
The installer is a rough version, and will run for quite some time. Check the console for errors. If all goes well you can browse to https://(your thing) and load the config page. The installer assumes a fresh install of Raspbian Buster. It will do an update before starting.
The framework can be installed on the Mozilla Gateway image, but will conflict with the iptables the image implements. The config page expects to be at 443, so the gateway has to move to use it’s default port. In the m2ag-labs/installer/extras/nginx folder there is a config to run the gateway on 8443 using your self signed certificates. The external Mozilla connection (via page kite) is not affected by this. Alpha 2 installer will look for the gateway image and adjust things accordingly. Alpha 2 will also implement stricter control over the systems ports to only allow those needed. No insecure connections will be allowed.
Does not load down the device. Resource usage is relatively light. The framework and things do not over tax even the Raspberry PI zero w.
A B3+ barely notices the framework:
There is plenty of head room to add other services. Any thing that runs on a PI can be used as a thing (a little coaxing maybe required).
It’s all on github:
I have to use a slightly modified version of server.py for the webthing framework to get things to work behind a proxy. I’ll be following up with the webthing folks about this for alpha 2. You can see those tweaks here:
You are welcome to try the framework out. It’s totally at your risk, and expect breaking changes until we hit beta. But I find the framework useful in its current state. Support will be limited to the comments section here for now.
Currently the use of properties is only supported by the dynamic thing builder. Events and actions will have to be added by hand. Dynamically generated events are slated for Alpha 2, actions will be addressed in beta 1.
Code quality: It’s a little of the hack and burn variety. Future releases will see the ui become more componentized with webcomponents and more abstraction of the generated python classes.