Access Control AC Node Master: verschil tussen versies

Uit MakerSpace Leiden
Ga naar: navigatie, zoeken
(Configuratie van de master node)
Regel 16: Regel 16:
 
   git clone https://github.com/MakerSpaceLeiden/AccesSystem.git
 
   git clone https://github.com/MakerSpaceLeiden/AccesSystem.git
  
Initiele uitrollen configuratie (Not yet given its own UID):
+
Initiele uitrollen configuratie:
  
   mkdir /usr/local/master
+
   sudo mkdir /usr/local/master
   # Als root
+
   ... change to some neutered user ....
 
   cp acnode.ini /usr/local/etc/master
 
   cp acnode.ini /usr/local/etc/master
 
   cp sample-keydb.txt /usr/local/etc/master/keydb.txt
 
   cp sample-keydb.txt /usr/local/etc/master/keydb.txt
Regel 27: Regel 27:
 
Create a systemd config file:
 
Create a systemd config file:
  
'''
+
  [Unit]
[Unit]
+
  Description=Makerspace ACL/Node system
Description=Makerspace ACL/Node system
+
  After=network.target
After=network.target
 
  
[Service]
+
  [Service]
Type=simple
+
  Type=simple
Restart=always
+
  Restart=always
RestartSec=2
+
  RestartSec=2
User=dirkx
+
  User=XX-NEUTERED-USER-YOU-INSTALLED-IT-AS-XXX
PIDFile=/var/db/master/master-prod.pid
+
  PIDFile=/var/db/master/master-prod.pid
ExecStart=/usr/local/AccesSystem/Master/master.sh
+
  ExecStart=/usr/local/AccesSystem/Master/master.sh
  
[Install]
+
  [Install]
WantedBy=multi-user.target
+
  WantedBy=multi-user.target
 
'''
 
'''
  

Versie van 26 jan 2020 om 21:54


Configuratie van de master node

Configured on the MSL server. Requisite packages:

 sudo apt install git sudo screen python3
 python3 -m ensure pip
 pip3 install configargparse
 pip3 install paho-mqtt
 pip3 install pidfile daemon setproctitle

Installatie:

 cd /usr/local
 git clone https://github.com/MakerSpaceLeiden/AccesSystem.git

Initiele uitrollen configuratie:

 sudo mkdir /usr/local/master
 ... change to some neutered user ....
 cp acnode.ini /usr/local/etc/master
 cp sample-keydb.txt /usr/local/etc/master/keydb.txt
 chown master:master -R /usr/local/etc/master
 chmod -R go-rwx /usr/local/etc/master

Create a systemd config file:

 [Unit]
 Description=Makerspace ACL/Node system
 After=network.target
 [Service]
 Type=simple
 Restart=always
 RestartSec=2
 User=XX-NEUTERED-USER-YOU-INSTALLED-IT-AS-XXX
 PIDFile=/var/db/master/master-prod.pid
 ExecStart=/usr/local/AccesSystem/Master/master.sh
 [Install]
 WantedBy=multi-user.target

Starten, restart, stop, etc

Usual systemd:

 sudo sudo systemctl restart master-access

Rekeying an upgraded/replaced existing node

After an upgrade or replacement - the node may need to re-generate its private key. In that case the master will no longer recognise/accept it. So you need to rekey the master.

Stop the sever; and edit

   vi /usr/local/AccesSystem/Master/trustdb.txt

and remove the line for that node; then restart the server.

Adding a new node

A new node won't be recognised (And allowed to (re)key) if it is not in acnode-prod.ini. So add it there

   vi /usr/local/AccesSystem/Master/trustdb.txt

And edit the line

   secrets = [ woodlathe, lintzaag, tablesaw, planer, jointer, lights, compressor, tussendeur, voordeur, spacedeur, byebye, XXXX ]

where XXXX is the name of the node you are adding. Then restart the server; and it should repair (power cycle the node to speed this up). Check trustdb.txt to see it getdding added.


Debugging

Watch the MQTT log to see what is going on.