ACNode Master: verschil tussen versies

Uit MakerSpace Leiden
Ga naar: navigatie, zoeken
(typical process in small steps)
 
(15 tussenliggende versies door 3 gebruikers niet weergegeven)
Regel 1: Regel 1:
[[Categorie:Notes]]
+
[[Category:ACNode]]
...
 
  
= Configuratie van de master node.
+
= Configuratie van de master node =
  
Requisite packages:
+
Configured on the [[MTA-Setup|MSL server]]. Requisite packages:
  
   sudo pkg install git sudo screen python34
+
   sudo apt install git sudo screen python3
   python3.4 -m ensure pip
+
   python3 -m ensure pip
   pip3.4 install configargparse
+
   pip3 install configargparse
   pip3.4 install paho-mqtt
+
   pip3 install paho-mqtt
   pip3.4 install pidfile daemon setproctitle
+
   pip3 install pidfile daemon setproctitle
  
 
Installatie:
 
Installatie:
Regel 17: Regel 16:
 
   git clone https://github.com/MakerSpaceLeiden/AccesSystem.git
 
   git clone https://github.com/MakerSpaceLeiden/AccesSystem.git
  
Initiele uitrollen configuratie (Not yet given its own UID):
+
Initiele uitrollen configuratie (mid 2023 verhuist naar /etc/master)
  
   mkdir /usr/local/master
+
   sudo mkdir /usr/local/master
   # Als root
+
   ... change to some neutered user ....
   cp acnode.ini /usr/local/etc/master
+
   cp acnode.ini /etc/master
   cp sample-keydb.txt /usr/local/etc/master/keydb.txt
+
   cp sample-keydb.txt /etc/master/keydb.txt
   chown master:master -R /usr/local/etc/master
+
   chown master:master -R /etc/master
   chmod -R go-rwx /usr/local/etc/master
+
   chmod -R go-rwx /etc/master
  cp master.sh /usr/local/etc/rc.d
 
  echo master_enable=YES >> /etc/rc.conf
 
  
Starten
+
Create a systemd config file:
  
/usr/local/etc/rc.d/master.sh start
+
  [Unit]
 +
  Description=Makerspace ACL/Node system
 +
  After=network.target
 +
 
 +
  [Service]
 +
  Type=simple
 +
  Restart=always
 +
  RestartSec=2
 +
  User=XX-NEUTERED-USER-YOU-INSTALLED-IT-AS-XXX
 +
  PIDFile=/var/db/master/master-prod.pid
 +
  ExecStart=/usr/local/AccesSystem/Master/master.sh
 +
 
 +
  [Install]
 +
  WantedBy=multi-user.target
 +
'''
 +
 
 +
= Starten, restart, stop, etc =
 +
 
 +
Usual systemd:
 +
 
 +
  sudo sudo systemctl restart master-access
 +
 
 +
= Rekeying an upgraded/replaced existing node =
 +
 
 +
After an upgrade or replacement - the node may need to re-generate its private key. In that case the master will no longer recognise/accept it. So you need to rekey the master.
 +
 
 +
Stop the sever; and edit
 +
 
 +
    vi /etc/master/trustdb.txt
 +
 
 +
and remove the line for that node; then restart the server. When in doubt - check that '''/etc/master/acnode.ini''' contains the name of the node (only known names are added (once) to the list).
 +
 
 +
== typical process in small steps ==
 +
 
 +
Het process om een geheel nieuwe te laten herkennen is (XXXX is de naam van de node)
 +
 
 +
# log in op de msl server
 +
# cd /etc/master
 +
#      check that XXXX voorkomt in acnode.ini
 +
# edit trustdb.txt
 +
# haal de regel met XXXXX .... weg
 +
# herstart de Service: sudo systemctl restart master-access.service
 +
# check of het goed ging: sudo systemctl status master-access.service
 +
# of voor meer detail -- dingen als sudo journalctl -a -u  master-access.service
 +
 
 +
En ondertussen kun je met
 +
 
 +
        mosquitto_sub -v -h space.makerspaceleiden.nl -t 'ac/log/#' -t 'test/log/#' -t 'log/#' -v
 +
 
 +
of
 +
 
 +
        mosquitto_sub -v -h space.makerspaceleiden.nl -t 'ac/log/#' -t 'test/log/#' -t 'log/#' -v | grep -i deur
 +
 
 +
alles zien.
 +
 
 +
= Adding a new node =
 +
 
 +
A new node won't be recognised (And allowed to (re)key) if it is not in acnode-prod.ini. So add it there
 +
 
 +
    vi /etc/master/acnode.ini
 +
 
 +
And edit the line in acnode.ino in /etc/master
 +
 
 +
    secrets = [ woodlathe, lintzaag, tablesaw, planer, jointer, lights, compressor, tussendeur, voordeur, spacedeur, byebye, XXXX ]
 +
 
 +
where XXXX is the name of the node you are adding. Then restart the server; and it should repair (power cycle the node to speed this up).
 +
 
 +
Check '''trustdb.txt''' to see it getdding added. It needs write permissions for the user that python runs as.
 +
 
 +
= Debugging =
 +
 
 +
Watch the MQTT log to see what is going on. Or watch
 +
 
 +
 
 +
      tail -F /var/log/master/master.log
 +
 
 +
Note the '-F' - as the log rotates every 24 hours; only a month is kept.

Huidige versie van 4 nov 2023 om 15:39


Configuratie van de master node

Configured on the MSL server. Requisite packages: 

 sudo apt install git sudo screen python3
 python3 -m ensure pip
 pip3 install configargparse
 pip3 install paho-mqtt
 pip3 install pidfile daemon setproctitle

Installatie: 

 cd /usr/local
 git clone https://github.com/MakerSpaceLeiden/AccesSystem.git

Initiele uitrollen configuratie (mid 2023 verhuist naar /etc/master) 

 sudo mkdir /usr/local/master
 ... change to some neutered user ....
 cp acnode.ini /etc/master
 cp sample-keydb.txt /etc/master/keydb.txt
 chown master:master -R /etc/master
 chmod -R go-rwx /etc/master

Create a systemd config file: 

 [Unit]
 Description=Makerspace ACL/Node system
 After=network.target

 [Service]
 Type=simple
 Restart=always
 RestartSec=2
 User=XX-NEUTERED-USER-YOU-INSTALLED-IT-AS-XXX
 PIDFile=/var/db/master/master-prod.pid
 ExecStart=/usr/local/AccesSystem/Master/master.sh

 [Install]
 WantedBy=multi-user.target

Starten, restart, stop, etc

Usual systemd: 

 sudo sudo systemctl restart master-access

Rekeying an upgraded/replaced existing node

After an upgrade or replacement - the node may need to re-generate its private key. In that case the master will no longer recognise/accept it. So you need to rekey the master.

Stop the sever; and edit 

   vi /etc/master/trustdb.txt

and remove the line for that node; then restart the server. When in doubt - check that /etc/master/acnode.ini contains the name of the node (only known names are added (once) to the list).

typical process in small steps

Het process om een geheel nieuwe te laten herkennen is (XXXX is de naam van de node)

  1. log in op de msl server
  2. cd /etc/master
  3. check that XXXX voorkomt in acnode.ini
  4. edit trustdb.txt
  5. haal de regel met XXXXX .... weg
  6. herstart de Service: sudo systemctl restart master-access.service
  7. check of het goed ging: sudo systemctl status master-access.service
  8. of voor meer detail -- dingen als sudo journalctl -a -u master-access.service

En ondertussen kun je met 

       mosquitto_sub -v -h space.makerspaceleiden.nl -t 'ac/log/#' -t 'test/log/#' -t 'log/#' -v

of 

       mosquitto_sub -v -h space.makerspaceleiden.nl -t 'ac/log/#' -t 'test/log/#' -t 'log/#' -v | grep -i deur

alles zien.

Adding a new node

A new node won't be recognised (And allowed to (re)key) if it is not in acnode-prod.ini. So add it there 

   vi /etc/master/acnode.ini

And edit the line in acnode.ino in /etc/master 

   secrets = [ woodlathe, lintzaag, tablesaw, planer, jointer, lights, compressor, tussendeur, voordeur, spacedeur, byebye, XXXX ]

where XXXX is the name of the node you are adding. Then restart the server; and it should repair (power cycle the node to speed this up).

Check trustdb.txt to see it getdding added. It needs write permissions for the user that python runs as.

Debugging

Watch the MQTT log to see what is going on. Or watch 


     tail -F /var/log/master/master.log

Note the '-F' - as the log rotates every 24 hours; only a month is kept.

Overgenomen van "https://wiki.makerspaceleiden.nl/mediawiki/index.php?title=ACNode_Master&oldid=12490"