KWh meter setup: verschil tussen versies

Uit MakerSpace Leiden
Ga naar: navigatie, zoeken
 
(13 tussenliggende versies door 3 gebruikers niet weergegeven)
Regel 1: Regel 1:
The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[MTA-Setup|MTA]].
+
[[Category:Servers network & websites]]
 +
The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[Server setup|server]]. Twee tunnels:
 +
 
 +
# Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
 +
# [[https://www.redhat.com/sysadmin/getting-started-socat socat]] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [[https://www.redhat.com/sysadmin/getting-started-socat socat]] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)
  
 
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
 
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
Regel 19: Regel 23:
 
     WantedBy=multi-user.target
 
     WantedBy=multi-user.target
  
and  
+
and as the systemd config service file
  
 
     [Unit]
 
     [Unit]
 
     Description=Local end of SNMP Tunnel to kWh meter.
 
     Description=Local end of SNMP Tunnel to kWh meter.
 
     After=network.target
 
     After=network.target
 
+
   
 
     [Service]
 
     [Service]
 
     ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
 
     ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
 
     RestartSec=30
 
     RestartSec=30
 
     Restart=always
 
     Restart=always
 +
   
 +
    [Install]
 +
    WantedBy=multi-user.target
 +
 +
and this is received by a SSH authorized key line on the space machine:
 +
 +
      no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \
 +
              ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
 +
 +
With localhost:9999 mapped in [https://mijn.makerspaceleiden.nl mijn.makerspaceleiden.nl] for those that need access. Some extra cruft has been added to this line for the [[Ultimaker Buildplate Camera]].
 +
 +
= MRTG setup =
 +
 +
This should be fixed - i.e. not run as root !!
 +
 +
    [Unit]
 +
    Description=Multi-router Traffic Grapher
 +
    After=syslog.target
 +
 +
    [Service]
 +
    Environment=LANG=C
 +
    ExecStart=/usr/bin/mrtg --daemon
 +
    Type=forking
 +
    SuccessExitStatus=0 1
  
 
     [Install]
 
     [Install]
 
     WantedBy=multi-user.target
 
     WantedBy=multi-user.target
  
and this is received by a SSH authorized key line on the space machine:
+
Config file:
 +
 
 +
      # This file is for use with mrtg-2.5.4c
 +
      WorkDir: /var/www/mrtg
 +
      WriteExpires: Yes
 +
                 
 +
      Title[L1]: Phase 1 power
 +
      PageTop[L1]: <H1>L1</H1>
 +
      Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
 +
      MaxBytes[L1]: 50000
 +
      YLegend[L1]: Ampere
 +
      ShortLegend[L1]: A
 +
      Options[L1]: gauge,nopercent,noo
 +
      Factor[L1]: 0.01
 +
      YTicsFactor[L1]: 0.01
 +
     
 +
      Title[L2]: Phase 2 power
 +
      PageTop[L2]: <H1>L2</H1>
 +
      Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
 +
      MaxBytes[L2]: 50000
 +
      YLegend[L2]: Ampere
 +
      ShortLegend[L2]: A
 +
      Options[L2]: gauge,nopercent,noo
 +
      Factor[L2]: 0.01
 +
      YTicsFactor[L2]: 0.01
 +
     
 +
      Title[L3]: Phase 3 power
 +
      PageTop[L3]: <H1>L3</H1>
 +
      Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
 +
      MaxBytes[L3]: 50000
 +
      YLegend[L3]: Ampere
 +
      ShortLegend[L3]: A
 +
      Options[L3]: gauge,nopercent,noo
 +
      Factor[L3]: 0.01
 +
      YTicsFactor[L3]: 0.01
 +
     
 +
      Title[Power]: Power
 +
      PageTop[Power]: <H1>Power</H1>
 +
      Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
 +
      MaxBytes[Power]: 200000
 +
      YLegend[Power]: Ampere
 +
      ShortLegend[Power]: A
 +
      Options[Power]: gauge,nopercent,noo
 +
      Factor[Power]: 0.01
 +
      YTicsFactor[Power]: 0.01
  
no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1s6ePMM/1s1idGDDygrcGmoeWwEgKiOqBw663uN6JmXluBE4dTn2ux2Mn/ATmp5nwbAPPpSa3wp2p4WPoM0gdNZyaOEHxYjz9RyRgdsa6zUS5GsQviVThnF50guzvVH9stNy/KIleAB7eSGXZHqs16tuAJV3v4AVVZFVuxbplzfTw6mruzTbikrDNBKpvIZ37tctbn8frTiz6GjdbAR8PA0vVIfoyv+VXXXPbRGsHBdxTArsqJhfkxSB4pOveewEyawhLKTKprRO7ZspKcxuzWLRQl2+tJCYK3gw+YMefX9WMKEHDHrY83Wyj+JVNFlObjqxPGezJYI0wMNlI9XiP kwh tunnel
+
Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```
  
With localhost:9999 mapped in the CRM for those that need access.
+
      Alias /mrtg      /var/www/mrtg
 +
     
 +
      DirectoryIndex index.html
 +
      <Directory /var/www/mrtg>
 +
      Options All +Indexes
 +
      order deny,allow
 +
      allow from all
 +
      Require all granted
 +
      </Directory>

Huidige versie van 11 nov 2024 om 23:41

The remote access to the KWh meter depends on a SSH tunnel on the server. Twee tunnels:

  1. Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
  2. [socat] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [socat] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)

File in systemd at: /etc/systemd/system/kwh-tunnel.service:

   [Unit]
   Description=Tunnel to kWh meter.
   After=network.target
   
   [Service]
   ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \
        -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \
        -L 9999:192.168.6.111:80 \
        -L 1161:127.0.0.1:1161 \
        83.163.200.191 -
   RestartSec=30
   Restart=always
   
   [Install]
   WantedBy=multi-user.target

and as the systemd config service file

   [Unit]
   Description=Local end of SNMP Tunnel to kWh meter.
   After=network.target
   
   [Service]
   ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
   RestartSec=30
   Restart=always
   
   [Install]
   WantedBy=multi-user.target

and this is received by a SSH authorized key line on the space machine:

      no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \
             ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel

With localhost:9999 mapped in mijn.makerspaceleiden.nl for those that need access. Some extra cruft has been added to this line for the Ultimaker Buildplate Camera.

MRTG setup

This should be fixed - i.e. not run as root !!

   [Unit]
   Description=Multi-router Traffic Grapher
   After=syslog.target
   [Service]
   Environment=LANG=C
   ExecStart=/usr/bin/mrtg --daemon 
   Type=forking
   SuccessExitStatus=0 1
   [Install]
   WantedBy=multi-user.target

Config file:

     # This file is for use with mrtg-2.5.4c
     WorkDir: /var/www/mrtg
     WriteExpires: Yes
                 
     Title[L1]: Phase 1 power
     PageTop[L1]: <H1>L1</H1>
     Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
     MaxBytes[L1]: 50000
     YLegend[L1]: Ampere
     ShortLegend[L1]: A
     Options[L1]: gauge,nopercent,noo
     Factor[L1]: 0.01
     YTicsFactor[L1]: 0.01
     
     Title[L2]: Phase 2 power
     PageTop[L2]: <H1>L2</H1>
     Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
     MaxBytes[L2]: 50000
     YLegend[L2]: Ampere
     ShortLegend[L2]: A
     Options[L2]: gauge,nopercent,noo
     Factor[L2]: 0.01
     YTicsFactor[L2]: 0.01
     
     Title[L3]: Phase 3 power
     PageTop[L3]: <H1>L3</H1>
     Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
     MaxBytes[L3]: 50000
     YLegend[L3]: Ampere
     ShortLegend[L3]: A
     Options[L3]: gauge,nopercent,noo
     Factor[L3]: 0.01
     YTicsFactor[L3]: 0.01
     
     Title[Power]: Power
     PageTop[Power]: <H1>Power</H1>
     Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
     MaxBytes[Power]: 200000
     YLegend[Power]: Ampere
     ShortLegend[Power]: A
     Options[Power]: gauge,nopercent,noo
     Factor[Power]: 0.01
     YTicsFactor[Power]: 0.01

Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```

     Alias /mrtg      /var/www/mrtg
     
     DirectoryIndex index.html
     <Directory /var/www/mrtg>
     Options All +Indexes
     order deny,allow
     allow from all
     Require all granted
     </Directory>