Tag Archives: IoT

m2ag.labs iot framework alpha 1

July 7, 2020

The m2ag.labs iot framework reaches alpha 1.

The m2ag.labs iot framework is intended as a way to remove tedium from the iot development experience as well as make low cost diy IoT projects feasible for people who may not otherwise pursue them.

Given that a majority of projects are generally geared towards similar ends, a lot of boilerplate can be automatically generated to take care of the basics. These basics include security, communication, installation and remote control.

Security first architecture. With the prevalence of network connected devices making it into the wild there is a good chance one will be a trojan. Any connected device could monitor network traffic and poke at ports on discovered devices. With that in mind this framework defaults to ssl and at least minimal authentication. For alpha 1 there is ssl on all external connections, and HTTP basic auth on the framework api. JWT auth for the webthing will be coming in alpha2.

Self signed certificates must be used. I understand this can be difficult for some users to tackle but it will have to be diy for alpha 1. This will entail generating the certificate authority and distributing a root certificate to all systems/browsers/node apps/ that need to verify thing connections. I have a post here about that — and a good link to follow is here. There will be an option for m2ag.labs to manage this in the future (probably beta 1 or 2 — a couple of months).

Configure your device without coding (well kinda). This is done by specifying configuration and then dynamically constructing the needed classes at runtime. Each things element will get a thing description. This description will include all things related entries to generate a w3c compliant webthing. Each thing will take a component class that will provide an interface to the actual device drivers. The component class is really just a wrapper around the actual device library to provide a standard interface for exchanging data. Adafruit circuit python libraries and gpio zero will be favored in my implementations, but most python driver libraries and i/o access can be used.

The above configuration builds these things:

Common things/components will be available in a repo (coming soon) but it is pretty simple to create the required files. The needed circuit python files need to be installed separately for now.

Opensource implementation:

The m2ag.labs IoT framework will be MIT licensed.

Preliminary installer available. After placing your self singed certificates in .m2ag-labs/ssl run:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/m2ag-labs/m2ag-iot-installer/master/install.sh)"

The installer is a rough version, and will run for quite some time. Check the console for errors. If all goes well you can browse to https://(your thing) and load the config page. The installer assumes a fresh install of Raspbian Buster. It will do an update before starting.

The framework can be installed on the Mozilla Gateway image, but will conflict with the iptables the image implements. The config page expects to be at 443, so the gateway has to move to use it’s default port. In the m2ag-labs/installer/extras/nginx folder there is a config to run the gateway on 8443 using your self signed certificates. The external Mozilla connection (via page kite) is not affected by this. Alpha 2 installer will look for the gateway image and adjust things accordingly. Alpha 2 will also implement stricter control over the systems ports to only allow those needed. No insecure connections will be allowed.

Does not load down the device. Resource usage is relatively light. The framework and things do not over tax even the Raspberry PI zero w.

A B3+ barely notices the framework:

There is plenty of head room to add other services. Any thing that runs on a PI can be used as a thing (a little coaxing maybe required).

It’s all on github:

https://github.com/m2ag-labs/m2ag-iot-client

https://github.com/m2ag-labs/m2ag-iot-thing

https://github.com/m2ag-labs/m2ag-iot-installer

I have to use a slightly modified version of server.py for the webthing framework to get things to work behind a proxy. I’ll be following up with the webthing folks about this for alpha 2. You can see those tweaks here:

https://github.com/m2ag-labs/webthing-python

You are welcome to try the framework out. It’s totally at your risk, and expect breaking changes until we hit beta. But I find the framework useful in its current state. Support will be limited to the comments section here for now.

Currently the use of properties is only supported by the dynamic thing builder. Events and actions will have to be added by hand. Dynamically generated events are slated for Alpha 2, actions will be addressed in beta 1.

Code quality: It’s a little of the hack and burn variety. Future releases will see the ui become more componentized with webcomponents and more abstraction of the generated python classes.

m2ag.labs iot framework reloaded

I realize it has been quite sometime since my last post detailing how to install the m2ag.labs iot framework. After that post I looked over my progress and goals and did research in to existing projects. I came across Mozillia’s IoT project and was happy to find something I can work with.

Part of my goal was to provide for automatic ui configuration of common controls, easy web access and standard way of defining IoT devices. Mozilla’s project does that and more while supporting proposed w3c standards. This covers a large part of my development effort so I am definitely adopting the webthings and gateway for my project.

I still have the management interface to workout, including a point and click configuration mechanism and easy certificate generation and installation. These will be my milestone 1 goals. I will also be developing examples and documentation for the project.

The new architecture will use webthings as a standard

m2ag.lab iot framework

Installing the pre-alpha m2ag.labs IoT framework

The m2ag.labs IoT framework currently targets the Raspberry PI and Raspbian. The framework is in pre-alpha but us useable with custom modules installed. Custom modules will be the topic of next weeks post, along with some example code.

The usual warnings apply — this framework may not be compatible with the alpha or later versions of the framework. Some the of the internals need some work, but the framework can be made to work for you now.

Steps:

  1. Install Raspbian Lite
  2. Perform initial start up
  3. Configure WIFI, SSH, i2c,  change password and hostname
  4. Reboot and login via SSH
  5. Update OS via apt
  6. Generate and place X509 certificates
  7. Get  installer and run

Install Raspian:

Use the Raspberry PI imager  to write Raspbian Lite to your sd card. I use 32 gb Samsung Evo cards. There is direction for choosing a micro sd at the Raspberry PI site.

I use Raspbian Lite unless there is a need for desktop UI on the device. Generally the stuff I do runs headless and is controlled via a web app.

After the image is written do the initial start up for the PI. The easiest way is to add a ssh file to the boot directory of the image we just created and connect the device to an ethernet hub. Just ssh to pi@raspberrypy.local and go. Another way is to plug in a monitor and keyboard but I am too lazy to go get one. The RaspberryPI  site has  instructions on setting up headless with wifi but I haven’t had much luck getting this to work lately (the wifi won’t start) .

After we get logged in (pi/raspberry) we need to configure wifi and enable ssh (if we haven’t already) It’s a good idea to go a head a change:

  •  the default password
  • the time zone
  • enable i2c

Next –  install the X509 certificates. This has been discussed previously on m2aglabs.com. I haven’t decided if I will add a configuration option to run without ssh. I’m not thinking it is a good idea. But — ssh can be turned off with a little manual file editing. For the device, it is in the file device/comm/comm.py. The logger is just one file. For the client look in device/api/static/js/comm.js. I don’t think it is a good idea to not use ssh, even in a controlled network.

To create and deploy the certificates follow the instructions in this link or use the tool at  https://github.com/dakshshah96/local-cert-generator to generate the certs. Remember — the root CA has to be imported to each OS that wants to access the IoT device securely. The blog post at m2aglabs.com contains links to instructions for the most common systems. I use Mac, IOS and Linux around here but Windows and Android are all good.

After the certificates are generated place them in the pi users home directory in a .certs subdirectory. Both the Flask app and Mosquitto MQTT server will access them from here. We are looking for the filenames server.crt and server.key.

Next – cd to home/pi and get the install.sh with wget :

wget https://raw.githubusercontent.com/m2ag-labs/m2ag-iot-installer/master/install.sh
chmod +x install.sh
/install.sh

This script does apt update and upgrade first, then the install. It can take quite a while to complete. When the script is complete the system should be installed and running. Check the script results for errors. Then navigate to your device on port 5000 (raspib.local:5000) and get the client page opened (be sure to have imported the root CA so ssl will work.

You will get a warning about no user name password. Click on ‘credentials’ in the upper right and enter the default username/password (pi/raspberry).

provide default credentials (pi/raspberry) and click ‘close’

The device will use the hostname as a login for mqtt, default password is raspberry. When we get the page and the login we can see that the api app is running and ssl is correctly recognized by the browser.

Click on ‘Get Device’ list to populate the list. You should see a listing for the device that you can click on:

Select the device to proceed.

This selects the device setup us up for an mqtt connection to the IoT core of or device. Commands can be sent via the Communications tab:

command to sound a sample alert

If you have a piezo buzzer attached to pin 13 the preceding command will make it play a tone. In the command — the prm object can carry your custom command to your IoT device. Returned data will be available in the output area. I have a post here that details how I set my buzzer up.

Limited DB access via Database tab,

registry and users are currently implemented.

The code is pre-alpha so there are plenty of warts. There is a problem with the HTML5 app that make the initial mqtt connection a little contrary but it can be made to work. Just try sending a command a couple of times if you can’t get the initial command to work. Much work needs to be done to HTML5 app ( would you like to help? ).

The UI and accompanying API are going to get some usability improvements next, followed by some work on the IoT device.

The repos are here.

If you are working on COVID related projects and would like to use this framework to boot strap your effort I would be happy to assist in getting you going. Contact me here.

If you find this work helpful perhaps you would consider supporting m2ag.labs open source efforts by buying us coffee. Any amount would be appreciated. Please use this link to do so:

Small Donate Button

Thanks for stopping by.