KWh meter setup: verschil tussen versies

Uit MakerSpace Leiden
Ga naar: navigatie, zoeken
(afval olie)
 
(11 tussenliggende versies door 3 gebruikers niet weergegeven)
Regel 1: Regel 1:
The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[MTA-Setup|MTA]].
+
[[Category:Servers network & websites]]
 +
The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[Server setup|server]]. Twee tunnels:
 +
 
 +
# Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
 +
# [[https://www.redhat.com/sysadmin/getting-started-socat socat]] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [[https://www.redhat.com/sysadmin/getting-started-socat socat]] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)
  
 
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
 
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
Regel 19: Regel 23:
 
     WantedBy=multi-user.target
 
     WantedBy=multi-user.target
  
and  
+
and as the systemd config service file
  
 
     [Unit]
 
     [Unit]
 
     Description=Local end of SNMP Tunnel to kWh meter.
 
     Description=Local end of SNMP Tunnel to kWh meter.
 
     After=network.target
 
     After=network.target
 
+
   
 
     [Service]
 
     [Service]
 
     ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
 
     ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
 
     RestartSec=30
 
     RestartSec=30
 
     Restart=always
 
     Restart=always
 
+
   
 
     [Install]
 
     [Install]
 
     WantedBy=multi-user.target
 
     WantedBy=multi-user.target
Regel 38: Regel 42:
 
               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
 
               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
  
With localhost:9999 mapped in the CRM for those that need access.
+
With localhost:9999 mapped in [https://mijn.makerspaceleiden.nl mijn.makerspaceleiden.nl] for those that need access. Some extra cruft has been added to this line for the [[Ultimaker Buildplate Camera]].
  
 
= MRTG setup =
 
= MRTG setup =
Regel 62: Regel 66:
 
       WorkDir: /var/www/mrtg
 
       WorkDir: /var/www/mrtg
 
       WriteExpires: Yes
 
       WriteExpires: Yes
           
+
                 
 
       Title[L1]: Phase 1 power
 
       Title[L1]: Phase 1 power
       PageTop[L1]: <H1>L1</H1>
+
       PageTop[L1]: &lt;H1>L1&lt;/H1>
 
       Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
 
       Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
 
       MaxBytes[L1]: 50000
 
       MaxBytes[L1]: 50000
Regel 74: Regel 78:
 
        
 
        
 
       Title[L2]: Phase 2 power
 
       Title[L2]: Phase 2 power
       PageTop[L2]: <H1>L2</H1>
+
       PageTop[L2]: &lt;H1>L2&lt;/H1>
 
       Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
 
       Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
 
       MaxBytes[L2]: 50000
 
       MaxBytes[L2]: 50000
Regel 84: Regel 88:
 
        
 
        
 
       Title[L3]: Phase 3 power
 
       Title[L3]: Phase 3 power
       PageTop[L3]: <H1>L3</H1>
+
       PageTop[L3]: &lt;H1>L3&lt;/H1>
 
       Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
 
       Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
 
       MaxBytes[L3]: 50000
 
       MaxBytes[L3]: 50000
Regel 94: Regel 98:
 
        
 
        
 
       Title[Power]: Power
 
       Title[Power]: Power
       PageTop[Power]: <H1>Power</H1>
+
       PageTop[Power]: &lt;H1>Power&lt;/H1>
 
       Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
 
       Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
 
       MaxBytes[Power]: 200000
 
       MaxBytes[Power]: 200000
Regel 102: Regel 106:
 
       Factor[Power]: 0.01
 
       Factor[Power]: 0.01
 
       YTicsFactor[Power]: 0.01
 
       YTicsFactor[Power]: 0.01
 +
 +
Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```
 +
 +
      Alias /mrtg      /var/www/mrtg
 +
     
 +
      DirectoryIndex index.html
 +
      <Directory /var/www/mrtg>
 +
      Options All +Indexes
 +
      order deny,allow
 +
      allow from all
 +
      Require all granted
 +
      </Directory>

Huidige versie van 11 nov 2024 om 23:41

The remote access to the KWh meter depends on a SSH tunnel on the server. Twee tunnels:

  1. Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
  2. [socat] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [socat] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)

File in systemd at: /etc/systemd/system/kwh-tunnel.service:

   [Unit]
   Description=Tunnel to kWh meter.
   After=network.target
   
   [Service]
   ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \
        -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \
        -L 9999:192.168.6.111:80 \
        -L 1161:127.0.0.1:1161 \
        83.163.200.191 -
   RestartSec=30
   Restart=always
   
   [Install]
   WantedBy=multi-user.target

and as the systemd config service file

   [Unit]
   Description=Local end of SNMP Tunnel to kWh meter.
   After=network.target
   
   [Service]
   ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
   RestartSec=30
   Restart=always
   
   [Install]
   WantedBy=multi-user.target

and this is received by a SSH authorized key line on the space machine:

      no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \
             ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel

With localhost:9999 mapped in mijn.makerspaceleiden.nl for those that need access. Some extra cruft has been added to this line for the Ultimaker Buildplate Camera.

MRTG setup

This should be fixed - i.e. not run as root !!

   [Unit]
   Description=Multi-router Traffic Grapher
   After=syslog.target
   [Service]
   Environment=LANG=C
   ExecStart=/usr/bin/mrtg --daemon 
   Type=forking
   SuccessExitStatus=0 1
   [Install]
   WantedBy=multi-user.target

Config file:

     # This file is for use with mrtg-2.5.4c
     WorkDir: /var/www/mrtg
     WriteExpires: Yes
                 
     Title[L1]: Phase 1 power
     PageTop[L1]: <H1>L1</H1>
     Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
     MaxBytes[L1]: 50000
     YLegend[L1]: Ampere
     ShortLegend[L1]: A
     Options[L1]: gauge,nopercent,noo
     Factor[L1]: 0.01
     YTicsFactor[L1]: 0.01
     
     Title[L2]: Phase 2 power
     PageTop[L2]: <H1>L2</H1>
     Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
     MaxBytes[L2]: 50000
     YLegend[L2]: Ampere
     ShortLegend[L2]: A
     Options[L2]: gauge,nopercent,noo
     Factor[L2]: 0.01
     YTicsFactor[L2]: 0.01
     
     Title[L3]: Phase 3 power
     PageTop[L3]: <H1>L3</H1>
     Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
     MaxBytes[L3]: 50000
     YLegend[L3]: Ampere
     ShortLegend[L3]: A
     Options[L3]: gauge,nopercent,noo
     Factor[L3]: 0.01
     YTicsFactor[L3]: 0.01
     
     Title[Power]: Power
     PageTop[Power]: <H1>Power</H1>
     Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
     MaxBytes[Power]: 200000
     YLegend[Power]: Ampere
     ShortLegend[Power]: A
     Options[Power]: gauge,nopercent,noo
     Factor[Power]: 0.01
     YTicsFactor[Power]: 0.01

Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```

     Alias /mrtg      /var/www/mrtg
     
     DirectoryIndex index.html
     <Directory /var/www/mrtg>
     Options All +Indexes
     order deny,allow
     allow from all
     Require all granted
     </Directory>