KWh meter setup: verschil tussen versies
(14 tussenliggende versies door 3 gebruikers niet weergegeven) | |||
Regel 1: | Regel 1: | ||
− | The remote | + | [[Categorie:Docs]] |
+ | [[Category:Servers network & websites]] | ||
+ | The remote access to the [[KWh meter]] depends on a SSH tunnel on the [[Server setup|server]]. Twee tunnels: | ||
+ | |||
+ | # Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter) | ||
+ | # [[https://www.redhat.com/sysadmin/getting-started-socat socat]] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [[https://www.redhat.com/sysadmin/getting-started-socat socat]] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter) | ||
File in systemd at: /etc/systemd/system/kwh-tunnel.service: | File in systemd at: /etc/systemd/system/kwh-tunnel.service: | ||
Regel 8: | Regel 13: | ||
[Service] | [Service] | ||
− | ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 - | + | ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \ |
− | + | -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \ | |
− | + | -L 9999:192.168.6.111:80 \ | |
+ | -L 1161:127.0.0.1:1161 \ | ||
+ | 83.163.200.191 - | ||
+ | RestartSec=30 | ||
+ | Restart=always | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
+ | and as the systemd config service file | ||
+ | |||
+ | [Unit] | ||
+ | Description=Local end of SNMP Tunnel to kWh meter. | ||
+ | After=network.target | ||
+ | |||
+ | [Service] | ||
+ | ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 | ||
RestartSec=30 | RestartSec=30 | ||
Restart=always | Restart=always | ||
Regel 19: | Regel 40: | ||
and this is received by a SSH authorized key line on the space machine: | and this is received by a SSH authorized key line on the space machine: | ||
− | + | no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \ | |
+ | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel | ||
+ | |||
+ | With localhost:9999 mapped in [https://mijn.makerspaceleiden.nl mijn.makerspaceleiden.nl] for those that need access. Some extra cruft has been added to this line for the [[Ultimaker Buildplate Camera]]. | ||
+ | |||
+ | = MRTG setup = | ||
+ | |||
+ | This should be fixed - i.e. not run as root !! | ||
+ | |||
+ | [Unit] | ||
+ | Description=Multi-router Traffic Grapher | ||
+ | After=syslog.target | ||
+ | |||
+ | [Service] | ||
+ | Environment=LANG=C | ||
+ | ExecStart=/usr/bin/mrtg --daemon | ||
+ | Type=forking | ||
+ | SuccessExitStatus=0 1 | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
+ | Config file: | ||
+ | |||
+ | # This file is for use with mrtg-2.5.4c | ||
+ | WorkDir: /var/www/mrtg | ||
+ | WriteExpires: Yes | ||
+ | |||
+ | Title[L1]: Phase 1 power | ||
+ | PageTop[L1]: <H1>L1</H1> | ||
+ | Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 | ||
+ | MaxBytes[L1]: 50000 | ||
+ | YLegend[L1]: Ampere | ||
+ | ShortLegend[L1]: A | ||
+ | Options[L1]: gauge,nopercent,noo | ||
+ | Factor[L1]: 0.01 | ||
+ | YTicsFactor[L1]: 0.01 | ||
+ | |||
+ | Title[L2]: Phase 2 power | ||
+ | PageTop[L2]: <H1>L2</H1> | ||
+ | Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 | ||
+ | MaxBytes[L2]: 50000 | ||
+ | YLegend[L2]: Ampere | ||
+ | ShortLegend[L2]: A | ||
+ | Options[L2]: gauge,nopercent,noo | ||
+ | Factor[L2]: 0.01 | ||
+ | YTicsFactor[L2]: 0.01 | ||
+ | |||
+ | Title[L3]: Phase 3 power | ||
+ | PageTop[L3]: <H1>L3</H1> | ||
+ | Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | ||
+ | MaxBytes[L3]: 50000 | ||
+ | YLegend[L3]: Ampere | ||
+ | ShortLegend[L3]: A | ||
+ | Options[L3]: gauge,nopercent,noo | ||
+ | Factor[L3]: 0.01 | ||
+ | YTicsFactor[L3]: 0.01 | ||
+ | |||
+ | Title[Power]: Power | ||
+ | PageTop[Power]: <H1>Power</H1> | ||
+ | Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 | ||
+ | MaxBytes[Power]: 200000 | ||
+ | YLegend[Power]: Ampere | ||
+ | ShortLegend[Power]: A | ||
+ | Options[Power]: gauge,nopercent,noo | ||
+ | Factor[Power]: 0.01 | ||
+ | YTicsFactor[Power]: 0.01 | ||
+ | |||
+ | Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf``` | ||
− | + | Alias /mrtg /var/www/mrtg | |
+ | |||
+ | DirectoryIndex index.html | ||
+ | <Directory /var/www/mrtg> | ||
+ | Options All +Indexes | ||
+ | order deny,allow | ||
+ | allow from all | ||
+ | Require all granted | ||
+ | </Directory> |
Huidige versie van 29 jul 2024 om 21:55
The remote access to the KWh meter depends on a SSH tunnel on the server. Twee tunnels:
- Tunnel vanaf de MTA/server in Duitsland - 127.0.0.1:9999 via de firewall in de space naar port 80 van 192.168.6.111 (de kWh meter)
- [socat] UDP listen op poort 2161 op de MTA/server in Duitsland, ingepakt als TCP, naar localhost TCP:1161; dan via de firewall op de space naar poort 1161 (tcp); vandaar naar [socat] - dan door naar UDP en naar port 161 van 192.168.6.111 (de kWh meter)
File in systemd at: /etc/systemd/system/kwh-tunnel.service:
[Unit] Description=Tunnel to kWh meter. After=network.target [Service] ExecStart=/usr/bin/ssh -i /etc/kwh-meter-tunnel -l dirkx -p 222 -T \ -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes \ -L 9999:192.168.6.111:80 \ -L 1161:127.0.0.1:1161 \ 83.163.200.191 - RestartSec=30 Restart=always [Install] WantedBy=multi-user.target
and as the systemd config service file
[Unit] Description=Local end of SNMP Tunnel to kWh meter. After=network.target [Service] ExecStart=/usr/bin/socat -T15 udp4-recvfrom:2161,bind=127.0.0.1,reuseaddr,fork tcp:127.0.0.1:1161 RestartSec=30 Restart=always [Install] WantedBy=multi-user.target
and this is received by a SSH authorized key line on the space machine:
no-pty,permitopen="192.168.6.111:80",permitopen="127.0.0.1:1161",command="/usr/local/bin/socat tcp4-listen:1161,reuseaddr,fork UDP:192.168.6.111:161" \ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1...xPGezJYI0wMNlI9XiP kwh tunnel
With localhost:9999 mapped in mijn.makerspaceleiden.nl for those that need access. Some extra cruft has been added to this line for the Ultimaker Buildplate Camera.
MRTG setup
This should be fixed - i.e. not run as root !!
[Unit] Description=Multi-router Traffic Grapher After=syslog.target
[Service] Environment=LANG=C ExecStart=/usr/bin/mrtg --daemon Type=forking SuccessExitStatus=0 1
[Install] WantedBy=multi-user.target
Config file:
# This file is for use with mrtg-2.5.4c WorkDir: /var/www/mrtg WriteExpires: Yes Title[L1]: Phase 1 power PageTop[L1]: <H1>L1</H1> Target[L1]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 MaxBytes[L1]: 50000 YLegend[L1]: Ampere ShortLegend[L1]: A Options[L1]: gauge,nopercent,noo Factor[L1]: 0.01 YTicsFactor[L1]: 0.01 Title[L2]: Phase 2 power PageTop[L2]: <H1>L2</H1> Target[L2]: 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 MaxBytes[L2]: 50000 YLegend[L2]: Ampere ShortLegend[L2]: A Options[L2]: gauge,nopercent,noo Factor[L2]: 0.01 YTicsFactor[L2]: 0.01 Title[L3]: Phase 3 power PageTop[L3]: <H1>L3</H1> Target[L3]: 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 MaxBytes[L3]: 50000 YLegend[L3]: Ampere ShortLegend[L3]: A Options[L3]: gauge,nopercent,noo Factor[L3]: 0.01 YTicsFactor[L3]: 0.01 Title[Power]: Power PageTop[Power]: <H1>Power</H1> Target[Power]: 1.3.6.1.4.1.31034.2.8.1.5.1&1.3.6.1.4.1.31034.2.8.1.5.1:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.2&1.3.6.1.4.1.31034.2.8.1.5.2:public@127.0.0.1:2161 + 1.3.6.1.4.1.31034.2.8.1.5.3&1.3.6.1.4.1.31034.2.8.1.5.3:public@127.0.0.1:2161 MaxBytes[Power]: 200000 YLegend[Power]: Ampere ShortLegend[Power]: A Options[Power]: gauge,nopercent,noo Factor[Power]: 0.01 YTicsFactor[Power]: 0.01
Webserver config in ```/etc/apache2/sites-enabled/mrtg.conf```
Alias /mrtg /var/www/mrtg DirectoryIndex index.html <Directory /var/www/mrtg> Options All +Indexes order deny,allow allow from all Require all granted </Directory>