KWh meter setup: verschil tussen versies
(→afval olie) |
|||
(11 tussenliggende versies door 3 gebruikers niet weergegeven) | |||
Regel 1: | Regel 1: | ||
− | The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[MTA- | + | [[Category:Servers network & websites]] |
+ | The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[Server setup|server]]. Twee tunnels: | ||
+ | |||
+ | # Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter) | ||
+ | # [[https://www.redhat.com/sysadmin/getting-started-socat socat]] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [[https://www.redhat.com/sysadmin/getting-started-socat socat]] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter) | ||
File in systemd at: /etc/systemd/system/kwh-tunnel.service: | File in systemd at: /etc/systemd/system/kwh-tunnel.service: | ||
Regel 19: | Regel 23: | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
− | and | + | and as the systemd config service file |
[Unit] | [Unit] | ||
Description=Local end of SNMP Tunnel to kWh meter. | Description=Local end of SNMP Tunnel to kWh meter. | ||
After=network.target | After=network.target | ||
− | + | ||
[Service] | [Service] | ||
ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 | ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 | ||
RestartSec=30 | RestartSec=30 | ||
Restart=always | Restart=always | ||
− | + | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
Regel 38: | Regel 42: | ||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel | ||
− | With localhost:9999 mapped in | + | With localhost:9999 mapped in [https://mijn.makerspaceleiden.nl mijn.makerspaceleiden.nl] for those that need access. Some extra cruft has been added to this line for the [[Ultimaker Buildplate Camera]]. |
= MRTG setup = | = MRTG setup = | ||
Regel 62: | Regel 66: | ||
WorkDir: /var/www/mrtg | WorkDir: /var/www/mrtg | ||
WriteExpires: Yes | WriteExpires: Yes | ||
− | + | ||
Title[L1]: Phase 1 power | Title[L1]: Phase 1 power | ||
− | PageTop[L1]: | + | PageTop[L1]: <H1>L1</H1> |
Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 | Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 | ||
MaxBytes[L1]: 50000 | MaxBytes[L1]: 50000 | ||
Regel 74: | Regel 78: | ||
Title[L2]: Phase 2 power | Title[L2]: Phase 2 power | ||
− | PageTop[L2]: | + | PageTop[L2]: <H1>L2</H1> |
Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 | Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 | ||
MaxBytes[L2]: 50000 | MaxBytes[L2]: 50000 | ||
Regel 84: | Regel 88: | ||
Title[L3]: Phase 3 power | Title[L3]: Phase 3 power | ||
− | PageTop[L3]: | + | PageTop[L3]: <H1>L3</H1> |
Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | ||
MaxBytes[L3]: 50000 | MaxBytes[L3]: 50000 | ||
Regel 94: | Regel 98: | ||
Title[Power]: Power | Title[Power]: Power | ||
− | PageTop[Power]: | + | PageTop[Power]: <H1>Power</H1> |
Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | ||
MaxBytes[Power]: 200000 | MaxBytes[Power]: 200000 | ||
Regel 102: | Regel 106: | ||
Factor[Power]: 0.01 | Factor[Power]: 0.01 | ||
YTicsFactor[Power]: 0.01 | YTicsFactor[Power]: 0.01 | ||
+ | |||
+ | Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf``` | ||
+ | |||
+ | Alias /mrtg /var/www/mrtg | ||
+ | |||
+ | DirectoryIndex index.html | ||
+ | <Directory /var/www/mrtg> | ||
+ | Options All +Indexes | ||
+ | order deny,allow | ||
+ | allow from all | ||
+ | Require all granted | ||
+ | </Directory> |
Huidige versie van 11 nov 2024 om 23:41
The remote access to the KWh meter depends on a SSH tunnel on the server. Twee tunnels:
- Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
- [socat] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [socat] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
[Unit] Description=Tunnel to kWh meter. After=network.target [Service] ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \ -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \ -L 9999:192.168.6.111:80 \ -L 1161:127.0.0.1:1161 \ 83.163.200.191 - RestartSec=30 Restart=always [Install] WantedBy=multi-user.target
and as the systemd config service file
[Unit] Description=Local end of SNMP Tunnel to kWh meter. After=network.target [Service] ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 RestartSec=30 Restart=always [Install] WantedBy=multi-user.target
and this is received by a SSH authorized key line on the space machine:
no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
With localhost:9999 mapped in mijn.makerspaceleiden.nl for those that need access. Some extra cruft has been added to this line for the Ultimaker Buildplate Camera.
MRTG setup
This should be fixed - i.e. not run as root !!
[Unit] Description=Multi-router Traffic Grapher After=syslog.target
[Service] Environment=LANG=C ExecStart=/usr/bin/mrtg --daemon Type=forking SuccessExitStatus=0 1
[Install] WantedBy=multi-user.target
Config file:
# This file is for use with mrtg-2.5.4c WorkDir: /var/www/mrtg WriteExpires: Yes Title[L1]: Phase 1 power PageTop[L1]: <H1>L1</H1> Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 MaxBytes[L1]: 50000 YLegend[L1]: Ampere ShortLegend[L1]: A Options[L1]: gauge,nopercent,noo Factor[L1]: 0.01 YTicsFactor[L1]: 0.01 Title[L2]: Phase 2 power PageTop[L2]: <H1>L2</H1> Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 MaxBytes[L2]: 50000 YLegend[L2]: Ampere ShortLegend[L2]: A Options[L2]: gauge,nopercent,noo Factor[L2]: 0.01 YTicsFactor[L2]: 0.01 Title[L3]: Phase 3 power PageTop[L3]: <H1>L3</H1> Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 MaxBytes[L3]: 50000 YLegend[L3]: Ampere ShortLegend[L3]: A Options[L3]: gauge,nopercent,noo Factor[L3]: 0.01 YTicsFactor[L3]: 0.01 Title[Power]: Power PageTop[Power]: <H1>Power</H1> Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 MaxBytes[Power]: 200000 YLegend[Power]: Ampere ShortLegend[Power]: A Options[Power]: gauge,nopercent,noo Factor[Power]: 0.01 YTicsFactor[Power]: 0.01
Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```
Alias /mrtg /var/www/mrtg DirectoryIndex index.html <Directory /var/www/mrtg> Options All +Indexes order deny,allow allow from all Require all granted </Directory>