KWh meter setup: verschil tussen versies

Uit MakerSpace Leiden
Ga naar: navigatie, zoeken
k (MarkKlaauw heeft de pagina MTA-Setup kWh hernoemd naar KWh meter setup zonder een doorverwijzing achter te laten)
 
(3 tussenliggende versies door dezelfde gebruiker niet weergegeven)
Regel 1: Regel 1:
 
[[Categorie:Docs]]
 
[[Categorie:Docs]]
The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[MTA-Setup|MTA]]. Twee tunnels:
+
[[Category:Servers network & websites]]
 +
The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[Server setup|server]]. Twee tunnels:
  
 
# Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
 
# Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
Regel 42: Regel 43:
 
               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
 
               ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
  
With localhost:9999 mapped in the CRM for those that need access. Some extra cruft has been added to this line for the [[UltimakerBuildplateCamera]].
+
With localhost:9999 mapped in [https://mijn.makerspaceleiden.nl mijn.makerspaceleiden.nl] for those that need access. Some extra cruft has been added to this line for the [[Ultimaker Buildplate Camera]].
  
 
= MRTG setup =
 
= MRTG setup =

Huidige versie van 29 jul 2024 om 21:55

The remote access to the KWh meter depends on a SSH tunnel on the server. Twee tunnels:

  1. Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
  2. [socat] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [socat] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)

File in systemd at: /etc/systemd/system/kwh-tunnel.service:

   [Unit]
   Description=Tunnel to kWh meter.
   After=network.target
   
   [Service]
   ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \
        -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \
        -L 9999:192.168.6.111:80 \
        -L 1161:127.0.0.1:1161 \
        83.163.200.191 -
   RestartSec=30
   Restart=always
   
   [Install]
   WantedBy=multi-user.target

and as the systemd config service file

   [Unit]
   Description=Local end of SNMP Tunnel to kWh meter.
   After=network.target
   
   [Service]
   ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161
   RestartSec=30
   Restart=always
   
   [Install]
   WantedBy=multi-user.target

and this is received by a SSH authorized key line on the space machine:

      no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \
             ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel

With localhost:9999 mapped in mijn.makerspaceleiden.nl for those that need access. Some extra cruft has been added to this line for the Ultimaker Buildplate Camera.

MRTG setup

This should be fixed - i.e. not run as root !!

   [Unit]
   Description=Multi-router Traffic Grapher
   After=syslog.target
   [Service]
   Environment=LANG=C
   ExecStart=/usr/bin/mrtg --daemon 
   Type=forking
   SuccessExitStatus=0 1
   [Install]
   WantedBy=multi-user.target

Config file:

     # This file is for use with mrtg-2.5.4c
     WorkDir: /var/www/mrtg
     WriteExpires: Yes
                 
     Title[L1]: Phase 1 power
     PageTop[L1]: <H1>L1</H1>
     Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
     MaxBytes[L1]: 50000
     YLegend[L1]: Ampere
     ShortLegend[L1]: A
     Options[L1]: gauge,nopercent,noo
     Factor[L1]: 0.01
     YTicsFactor[L1]: 0.01
     
     Title[L2]: Phase 2 power
     PageTop[L2]: <H1>L2</H1>
     Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
     MaxBytes[L2]: 50000
     YLegend[L2]: Ampere
     ShortLegend[L2]: A
     Options[L2]: gauge,nopercent,noo
     Factor[L2]: 0.01
     YTicsFactor[L2]: 0.01
     
     Title[L3]: Phase 3 power
     PageTop[L3]: <H1>L3</H1>
     Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
     MaxBytes[L3]: 50000
     YLegend[L3]: Ampere
     ShortLegend[L3]: A
     Options[L3]: gauge,nopercent,noo
     Factor[L3]: 0.01
     YTicsFactor[L3]: 0.01
     
     Title[Power]: Power
     PageTop[Power]: <H1>Power</H1>
     Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
     MaxBytes[Power]: 200000
     YLegend[Power]: Ampere
     ShortLegend[Power]: A
     Options[Power]: gauge,nopercent,noo
     Factor[Power]: 0.01
     YTicsFactor[Power]: 0.01

Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```

     Alias /mrtg      /var/www/mrtg
     
     DirectoryIndex index.html
     <Directory /var/www/mrtg>
     Options All +Indexes
     order deny,allow
     allow from all
     Require all granted
     </Directory>