KWh meter setup: verschil tussen versies
| (14 tussenliggende versies door 3 gebruikers niet weergegeven) | |||
| Regel 1: | Regel 1: | ||
| − | The remote | + | [[Categorie:Docs]] |
| + | [[Category:Servers network & websites]] | ||
| + | The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[Server setup|server]]. Twee tunnels: | ||
| + | |||
| + | # Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter) | ||
| + | # [[https://www.redhat.com/sysadmin/getting-started-socat socat]] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [[https://www.redhat.com/sysadmin/getting-started-socat socat]] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter) | ||
File in systemd at: /etc/systemd/system/kwh-tunnel.service: | File in systemd at: /etc/systemd/system/kwh-tunnel.service: | ||
| Regel 8: | Regel 13: | ||
[Service] | [Service] | ||
| − | ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 - | + | ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \ |
| − | + | -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \ | |
| − | + | -L 9999:192.168.6.111:80 \ | |
| + | -L 1161:127.0.0.1:1161 \ | ||
| + | 83.163.200.191 - | ||
| + | RestartSec=30 | ||
| + | Restart=always | ||
| + | |||
| + | [Install] | ||
| + | WantedBy=multi-user.target | ||
| + | |||
| + | and as the systemd config service file | ||
| + | |||
| + | [Unit] | ||
| + | Description=Local end of SNMP Tunnel to kWh meter. | ||
| + | After=network.target | ||
| + | |||
| + | [Service] | ||
| + | ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 | ||
RestartSec=30 | RestartSec=30 | ||
Restart=always | Restart=always | ||
| Regel 19: | Regel 40: | ||
and this is received by a SSH authorized key line on the space machine: | and this is received by a SSH authorized key line on the space machine: | ||
| − | + | no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \ | |
| + | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel | ||
| + | |||
| + | With localhost:9999 mapped in [https://mijn.makerspaceleiden.nl mijn.makerspaceleiden.nl] for those that need access. Some extra cruft has been added to this line for the [[Ultimaker Buildplate Camera]]. | ||
| + | |||
| + | = MRTG setup = | ||
| + | |||
| + | This should be fixed - i.e. not run as root !! | ||
| + | |||
| + | [Unit] | ||
| + | Description=Multi-router Traffic Grapher | ||
| + | After=syslog.target | ||
| + | |||
| + | [Service] | ||
| + | Environment=LANG=C | ||
| + | ExecStart=/usr/bin/mrtg --daemon | ||
| + | Type=forking | ||
| + | SuccessExitStatus=0 1 | ||
| + | |||
| + | [Install] | ||
| + | WantedBy=multi-user.target | ||
| + | |||
| + | Config file: | ||
| + | |||
| + | # This file is for use with mrtg-2.5.4c | ||
| + | WorkDir: /var/www/mrtg | ||
| + | WriteExpires: Yes | ||
| + | |||
| + | Title[L1]: Phase 1 power | ||
| + | PageTop[L1]: <H1>L1</H1> | ||
| + | Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 | ||
| + | MaxBytes[L1]: 50000 | ||
| + | YLegend[L1]: Ampere | ||
| + | ShortLegend[L1]: A | ||
| + | Options[L1]: gauge,nopercent,noo | ||
| + | Factor[L1]: 0.01 | ||
| + | YTicsFactor[L1]: 0.01 | ||
| + | |||
| + | Title[L2]: Phase 2 power | ||
| + | PageTop[L2]: <H1>L2</H1> | ||
| + | Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 | ||
| + | MaxBytes[L2]: 50000 | ||
| + | YLegend[L2]: Ampere | ||
| + | ShortLegend[L2]: A | ||
| + | Options[L2]: gauge,nopercent,noo | ||
| + | Factor[L2]: 0.01 | ||
| + | YTicsFactor[L2]: 0.01 | ||
| + | |||
| + | Title[L3]: Phase 3 power | ||
| + | PageTop[L3]: <H1>L3</H1> | ||
| + | Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | ||
| + | MaxBytes[L3]: 50000 | ||
| + | YLegend[L3]: Ampere | ||
| + | ShortLegend[L3]: A | ||
| + | Options[L3]: gauge,nopercent,noo | ||
| + | Factor[L3]: 0.01 | ||
| + | YTicsFactor[L3]: 0.01 | ||
| + | |||
| + | Title[Power]: Power | ||
| + | PageTop[Power]: <H1>Power</H1> | ||
| + | Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | ||
| + | MaxBytes[Power]: 200000 | ||
| + | YLegend[Power]: Ampere | ||
| + | ShortLegend[Power]: A | ||
| + | Options[Power]: gauge,nopercent,noo | ||
| + | Factor[Power]: 0.01 | ||
| + | YTicsFactor[Power]: 0.01 | ||
| + | |||
| + | Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf``` | ||
| − | + | Alias /mrtg /var/www/mrtg | |
| + | |||
| + | DirectoryIndex index.html | ||
| + | <Directory /var/www/mrtg> | ||
| + | Options All +Indexes | ||
| + | order deny,allow | ||
| + | allow from all | ||
| + | Require all granted | ||
| + | </Directory> | ||
Huidige versie van 29 jul 2024 om 21:55
The remote access to the KWh meter depends on a SSH tunnel on the server. Twee tunnels:
- Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
- [socat] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [socat] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
[Unit]
Description=Tunnel to kWh meter.
After=network.target
[Service]
ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \
-o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \
-L 9999:192.168.6.111:80 \
-L 1161:127.0.0.1:1161 \
83.163.200.191 -
RestartSec=30
Restart=always
[Install]
WantedBy=multi-user.target
and as the systemd config service file
[Unit] Description=Local end of SNMP Tunnel to kWh meter. After=network.target [Service] ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 RestartSec=30 Restart=always [Install] WantedBy=multi-user.target
and this is received by a SSH authorized key line on the space machine:
no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
With localhost:9999 mapped in mijn.makerspaceleiden.nl for those that need access. Some extra cruft has been added to this line for the Ultimaker Buildplate Camera.
MRTG setup
This should be fixed - i.e. not run as root !!
[Unit] Description=Multi-router Traffic Grapher After=syslog.target
[Service] Environment=LANG=C ExecStart=/usr/bin/mrtg --daemon Type=forking SuccessExitStatus=0 1
[Install] WantedBy=multi-user.target
Config file:
# This file is for use with mrtg-2.5.4c
WorkDir: /var/www/mrtg
WriteExpires: Yes
Title[L1]: Phase 1 power
PageTop[L1]: <H1>L1</H1>
Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161
MaxBytes[L1]: 50000
YLegend[L1]: Ampere
ShortLegend[L1]: A
Options[L1]: gauge,nopercent,noo
Factor[L1]: 0.01
YTicsFactor[L1]: 0.01
Title[L2]: Phase 2 power
PageTop[L2]: <H1>L2</H1>
Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161
MaxBytes[L2]: 50000
YLegend[L2]: Ampere
ShortLegend[L2]: A
Options[L2]: gauge,nopercent,noo
Factor[L2]: 0.01
YTicsFactor[L2]: 0.01
Title[L3]: Phase 3 power
PageTop[L3]: <H1>L3</H1>
Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
MaxBytes[L3]: 50000
YLegend[L3]: Ampere
ShortLegend[L3]: A
Options[L3]: gauge,nopercent,noo
Factor[L3]: 0.01
YTicsFactor[L3]: 0.01
Title[Power]: Power
PageTop[Power]: <H1>Power</H1>
Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161
MaxBytes[Power]: 200000
YLegend[Power]: Ampere
ShortLegend[Power]: A
Options[Power]: gauge,nopercent,noo
Factor[Power]: 0.01
YTicsFactor[Power]: 0.01
Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```
Alias /mrtg /var/www/mrtg
DirectoryIndex index.html
<Directory /var/www/mrtg>
Options All +Indexes
order deny,allow
allow from all
Require all granted
</Directory>
