RFLink (RTS) to MQTT via NodeMCU

This page is about configuring an RFLink RTS capable device to be able to connect to a HomeAssistant server through MQTT, using a NodeMCU for the interface.

Hardware requirements:

  • RFLink 433 (Somfy RTS) / Arduino Mega / Dipole / USB cable
  • A NodeMCU
  • Some straps to connect your Arduino Mega and NodeMCU

Software requirements:

  • Homeassistant
  • Arduino IDE

Configure NodeMCU

This part is based on Mr Seb82 and you can check his original work here: https://github.com/seb821/espRFLinkMQTT

For convenience / archive I will put the zip file version of what I used here:

espRFLinkMQTTDownload

Unzip it on your computer, edit the config.h file and edit the Wifi parameters especially:

The first three lines are the information of your IoT Wifi network, you can set them here if you know them already. Be careful though, if your password is too complex, you will see nothing after you flashed your NodeMCU. So keep is simple, unfortunately… I would also recommend to check the 5ghz capability of your NodeMCU if you want to use this band.

If you know about your SSID config, you can comment the last line. If you don’t the NodeMCU will boot as an access point, connect to it (IP is 192.168.4.1) then go to the system tab. Note this tab won’t show up on a smartphone unless you switch your browser into Desktop Mode.

Once this is configured, open espRFLinkMQTT.ino with Arduino IDE, and load it to your NodeMCU (You might need to install a library for that, depending on your configuration)

After two minutes you should see the NodeMCU either connected to your router (if the last line was commented) or its SSID appearing on your available Wifi network list.

You can now access it via http://itsIP and configure the MQTT part on the system tab.

Here is an example with MQTT properly configured:

RFLink configuration

  • Download the RFLink loader and the RFLink firmware from here: https://www.rflink.nl/download.php
  • Open the loader, connect your Mega to your computer and load the firmware you got

So, you must have the Arduino Mega, a gateway board (the one with the antenna plug) and a small board with the 433Mhz module on it. Assemble everything + connect your NodeMCU like in this image, with one specification:

  • Use the 3.3v connector from the Mega card to connect your NodeMCU because it does not work with 5v

Plug your Mega on a USB interface and both the Mega and NodeMCU might turn on, you should now be able to test the communication, for that reach your NodeMCU IP address with your browser, and on the first page, click the STATUS button:

Mosquitto

This page won’t explain how to configure Mosquitto, but you must have a broker like this to interface between your NodeMCU and Home assistant.

Homeassistant

Enabling MQTT

  • Go to settings, Devices & services
  • Click the button to Add integration, search for MQTT
  • Configure it depending on your Mosquitto (or any broker you have set)

Configuring a test automation

  • Settings, automation and scenes, create automation
  • Trigger:
    • MQTT
    • Topic: rflink/uptime
  • Action
    • Whatever you want 😀 but if you have a Google Home:
    • Call service
    • Text-to-Speech
    • Entity: your google home
    • Message: ESP Online

This will shout ESP online every 5 minutes, when your NodeMCU publish its uptime.

Replace Biticino interphone

For the records, interphones are configured through specific resistors (looks like fuses)

Each appartement has its own number (mine is 7) and then I got a fuse with a 7 written on it.

keep the fuse / fuses from the old device, it must have a number on it and a position on the plate (pick a picture to remember). For me I had one fuse with the number 7 written on it, it was placed on the right of the N pin place.

the right position is for the unit (1 to 9 then) and the left position for the dozen (10and above)

now on your new Biticino you have to find the pin board with the N label and put back your fuses on it, in the same order.

I had to put the fuse number 7 on the right position where the N label was written.

Angular journey – locally serve your app

This page focuses on how to run your Angular application locally, during the development phase.

The following command will compile and re-compile live each time you update the code, plus this will be accessible from anywhere in your network (think about allowing ingress traffic, on your Windows firewall, for port 4200) with some additions:

  • –host set to 0.0.0.0 will allow any device on the network to access your server
  • –public-host set the URL you wanna access your app with, when using a reverse proxy (and I do)
ng serve --host 0.0.0.0 --public-host https://core-dev.fevio.fr/

As we are going to work with tokens, authentication, and service workers, we are going to need HTTPS. If not already done, you should configure your reverse proxy for a dev URL. Here we are going to use:

  • https://core-dev.fevio.fr

This will allow us to access our application from any local device (192.168.1.0/24) using a proper domain name, saving us headache caused by a lack of HTTPS.

For security purpose, I have added the following lines to limit this access only to local devices (this is specific to my architecture and written here as a reminder)

location / {
  # allow subnet 192.168.1.0/24
  allow   192.168.1.0/24;

  # drop the rest
  deny    all;
}

Angular journey – Visual Studio configuration

In order to develop faster, better and easier, it’s a good practice to take a moment to setup your dev environment. Her I am talking about how I configured my Windows 10 environment for Angular.

Visual Studio Code

Here we are cheap, meaning we won’t go with a non free solution like Angular-IDE, but using Visual Studio Code, you can do great things too!

To install VSCode using chocolatey: 

choco install vscode

Now we can add extensions to VSCode in order to make things easier:

To install those extensions quickly, let’s open VSCode then hit ctrl+shift+` to open a terminal

Type the following command to install our extensions (unfortunately you can’t put all in one line):

code --install-extension johnpapa.Angular2
code --install-extension Angular.ng-template 
code --install-extension eg2.tslint 
code --install-extension steoates.autoimport 
code --install-extension alexiv.vscode-angular2-files 
code --install-extension infinity1207.angular2-switcher 
code --install-extension PKief.material-icon-theme

Angular journey – NodeJS, NPM and Angular installation

This time we will focus on installing all the necessary tools on our Windows system in order to start developing with Angular.

NodeJS installation

Run the following command on an admin PowerShell prompt. We are using the LTS version

chocolatey install nodejs-lts

Installing NodeJS should also add NPM, to check, run npm -v to see if it’s present on your system.

NPM and Angular CLI installation

We will need to install the Angular CLI as well, this tool will be handy to create our Angular projects, application and code. To do so, run the following code

npm install -g @angular/cli

You might have some warnings, they seem not important, so do not worry.

Angular project initialization

When it’s done, you can now initialize your Angular application using the following command

ng new my-project

They will ask you some questions

  • Would you like to add Angular routing?
    • This will help you routing your user requests, if you new to Angular, choose this option
  • Which stylesheet format would you like to use? SCSS [ https://sass-lang.com/documentation/
    syntax#scss
    • This will let you choose which kind of style sheet you want to use, I decided to try SCSS which is way more powerful than regular CSS, but this part is totally up to you

Finally, run ng version to show which version of Angular you have actually installed

Angular journey – Introduction + Gitea server configuration

Recently my dear was looking for an application to manage her wine cellar. As a former web developer, I immediately wanted to create the best app for her needs. However, I was a PHP developer, and it was not the best language to develop such a tool. So, I decided to learn Angular, I did that for a month, ended up with a nice structure then I had to stop, because of my new position which was too intense to let me continue.

Now, I have been able to keep some time for me, so here I am starting over with Angular 12, yes, many updates were released since my first iteration and as a newbie, I think it would be better to start everything over…

Anyway, first thing first, I need to setup my workspace and this is the page to start with. Let’s go…

Infrastructure

Gitea server – code management

In order to keep track of my code, I will try to use Gitea which was highly recommended on the web, using a Docker container.

Docker compose

Here the docker compose file I used to create a very basic server

version: "3"

networks:
  gitea:
    external: false

services:
  server:
    image: gitea/gitea:latest
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - gitea
    volumes:
      - gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "8010:3000"
      - "222:22"
volumes:
  gitea:

Then launch docker-compose up -d to start the container in background mode

Browse your Docker server IP address on the 8010 port, for me it is http://192.168.1.24:8010/ you should arrive on the configuration page:
Here my configuration:
  • Database: SQLite3 to avoid having a separated SQL server for my own small projects
  • Gitea Base URL: you can use the current IP mode, or use a reverse proxy with Let’s encrypt to make things more secure/professional, it’s up to you.
  • Email settings: think about adding the port in the end, for instance: smtp.gmail.com:465

Once your done, you can access and authenticate to your brand new Gitea server.

Configure the repository

Use Gitea web interface to create a new Organization then a new repository, there is nothing complex here. Once it’s properly setup you should end up with a single file project (the README.md) on your repo. On the project’s page, locate the HTTPS part and copy the URL on its right.

Install GIT client on Windows

In order to get Git command, install the following chocolatey package

chocolatey install git

Next, open a PowerShell client, browse to your project repository, then run the following commands, using the HTTPS URL you got just before

git init
git remote add my-project https://git.yourdomain.ca/MyOrganization/my-project.git

To pull your repository content, which is actually only your README.md file, run the following command

git pull my-project master

You should now see the README.md file on your computer’s local folder.

If you want to push, this is the command

git push my-project master

This is it for this introduction, next time I will discuss about installing NodeJS, NPM and eventually Angular!

Guacamole server using Docker 

version: "2"
services:
  postgresql:
    image: 'postgres:latest'
	container_name: guacamole_db
	ports:
      - 5432:5432
	environment:
      POSTGRES_USER: guacamole_postgres # The PostgreSQL user (useful to connect to the database)
      POSTGRES_PASSWORD: YourOwnPassword # The PostgreSQL password (useful to connect to the database)
      POSTGRES_DB: guacamole # The PostgreSQL default database (automatically created at first launch)
  guacd:
    image: "guacamole/guacd"
    container_name: guacd
    hostname: guacd
    restart: always
    volumes:
      - "/data/shared/guacamole/guacd/data:/data"
      - "/data/shared/guacamole/guacd/conf:/conf:ro"
    expose:
      - "4822"
    ports:
      - "4822:4822"
    network_mode: bridge

  guacamole:
    image: "guacamole/guacamole"
    container_name: guacamole
    hostname: guacamole
    restart: always
    volumes:
      - "/data/shared/guacamole/guacamole/guac-home:/data"
      - "/data/shared/guacamole/guacamole/conf:/conf:ro"
    expose:
      - "8080"
    ports:
      - "8088:8080"
    network_mode: bridge
    environment:
      - "GUACD_HOSTNAME=localhost"
      - "GUACD_PORT=4822"
      - "POSTGRES_PORT=5432"
      - "POSTGRES_DATABASE=guacamole"
      - "GUACAMOLE_HOME=/data"
      - "POSTGRES_USER=guacamole_postgres"
      - "POSTGRES_PASSWORD=YourOwnPassword"
      - "POSTGRES_HOSTNAME=localhost"

Go ahead and spin it

docker-compose up -d

Now we need to init the database

docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgresql > initdb.sql
docker container cp initdb.sql guacamole_db:/
docker container exec -it guacamole_db psql --dbname=guacamole --username guacamole_postgres -f /initdb.sql

Below the old way version (not working properly regarding the guacacd part)

Here a really quick draft to setup a Guacamole RDP server using a docker container and PostgreSQL

# Get the latest image
docker pull guacamole/guacamole

# Create volumes to persist data
docker volume create guacamole-vol-app
docker volume create guacamole-vol-db

# Create the dedicated network
docker network create --driver bridge guacamole-net

Configure the database:

# Spin up the container
docker run --detach --restart unless-stopped -v guacamole-vol-db:/var/lib/postgresql/data --network guacamole-net --name gcm-db-01 -e POSTGRES_PASSWORD=aRandomPasswd postgres

# Connect to the container
docker exec -it gcm-db-01 bash

# Then to PostgreSQL
psql -U postgres

# Create the DB
CREATE DATABASE guacamole WITH ENCODING 'UTF8' LC_COLLATE='en_US.UTF-8' LC_CTYPE='en_US.UTF-8' TEMPLATE=template0;

create user guacamole_postgres with password 'randomPassword';
GRANT ALL PRIVILEGES ON DATABASE guacamole to guacamole_postgres;

# Quit
\q

# Quit the container
Ctrl+p then q

# The following command will generate a file to be used for DB initialization
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql


# Copy the file to the container
docker container cp initdb.sql gcm-db-01:/

# Execute the file
docker container exec -it gcm-db-01 psql --dbname=guacamole --username postgres -f /initdb.sql

Configure your container:

# Pull GuacaCD
docker pull guacamole/guacd

# Generate the GuacaCD proxy
docker run --name gcm-cd-01 --network guacamole-net -d guacamole/guacd 

docker run --name gcm-app-01 --network guacamole-net \
     -e POSTGRES_HOSTNAME=gcm-db-01 \
     -e POSTGRES_DATABASE=guacamole  \
     -e POSTGRES_USER=guacamole_user    \
     -e GUACD_HOSTNAME=gcm-cd-01 \
     -e TOTP_ENABLED=true \
     -e POSTGRES_PASSWORD=aRandomPasswd \
     -d -p 8003:8080 guacamole/guacamole

TOTP_ENABLED=true enable a WhateverAuthenticator app to add another level of security.

Adguard Home with Docker

Following some issues with Pihole, I decided to check around for other solutions. I appears to me Adguard Home was here since a while, providing more features and some enhancements at the same time. So here I am, creating a small tutoriel to deploy it on a Docker container, please have a seat.

# Get the last version
docker pull adguard/adguardhome

# Create volumes to persist data
docker volume create adguard-vol-data
docker volume create adguard-vol-conf

# Create the dedicated network
docker network create --driver bridge adguard-net

Then create the actual container, for my setup, I decided to bind port 8001 to 3000 for the admin access. For a weird reason, during the wizard, if you choose to configure the admin pannel to port 3000 as described below, it will fails. So I had to start with the following Container’s definition, setup Adguard with port 80 as admin panel port access, then remove the container (data are persistant so no worries) then create it again with the next configuration.

docker run --name adg-01 \
     -v adguard-vol-data:/opt/adguardhome/work \
     -v adguard-vol-conf:/opt/adguardhome/conf \
     -p 53:53/tcp -p 53:53/udp \
     -p 8001:3000/tcp \
     --network adguard-net \
     -d adguard/adguardhome

As mentioned above, after the setup is done using the wizard (And telling it to listen on port 80 for your admin access), remove the container and rerun it with the following:

docker run --name adg-01 \
     -v adguard-vol-data:/opt/adguardhome/work \
     -v adguard-vol-conf:/opt/adguardhome/conf \
     -p 53:53/tcp -p 53:53/udp \
     -p 8001:80/tcp \
     --network adguard-net \
     -d adguard/adguardhome

Mattermost installation using Docker

Notice : despite the application quality, using it without licenses is barely viable. Why that, you ask? Because despite the two roles provided by the opensource (free) version – admin and regular user – none of those can prevent any user to update and even archive public channels. If you plan to grow a friends and family community, good luck preventing to put everything upside-down! For this reason, I highly recommend you to use Rocket.Chat instead, for which I will write a similar article.

This post will try to best describe the way to deploy a Mattermost app using Docker, PostgreSQL and Centos Stream 8. This documentation is meant to be really easy to understand and apply, only two containers are going to be deployed: DB and APP.

Network consideration

First, we are going to create a dedicated network to put our two containers, this way we are isolating the whole Mattermost architecture from the rest of the world. A more production-ready approach would require segregating the DB from the APP, and add a reverse proxy at the front.

# Create our mattermost dedicated network using Bridge mode
docker network create --driver bridge mattermost-net

# To see your networks
[supertanker@docker ~]$ docker network ls
 NETWORK ID     NAME                 DRIVER    SCOPE
 e2f6f37df707   bridge               bridge    local
 b1f6b243e90a   host                 host      local
 ddaac33f0860   network-mattermost   bridge    local
 2b0615c84b42   none                 null      local

PostgreSQL container

# Get the image from the repository
docker pull postgres
# Create a new volume on the host, in order to persist data.
docker volume create mattermost-vol-db
# Spin up the container, including the network and volume we have created above:
docker run --detach --restart unless-stopped -v mattermost-vol-db:/var/lib/postgresql/data --network mattermost-net --name mmt-db-01 -e POSTGRES_PASSWORD=y5g9Z24%SDcwi7u^2gcH*T%5aJz7Z postgres

–detach will put the container in the background while –restart unless-stopped will start the container at host startup or if it crashes.

Your container should be now up and running in the background, here some basic though useful commands: 

# Check if your container is running
docker container ls

# Check if data were actually created (sudo is required):
sudo ls /var/lib/docker/volumes/mattermost-vol-db/_data/

# Check the allocated IP address:
docker network inspect mattermost-net

Now we need to connect to our container in order to create our mattermost database

# Connect to the container
docker exec -it mmt-db-01 bash

# Then to PostgreSQL
psql -U postgres

# According to Mattermost documentation, create the DB
CREATE DATABASE mattermost WITH ENCODING 'UTF8' LC_COLLATE='en_US.UTF-8' LC_CTYPE='en_US.UTF-8' TEMPLATE=template0;

# Create a DB user
CREATE USER mmuser WITH PASSWORD 'ApassWordWithoutspecialChars';

# Grant the user access to the Mattermost database
GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser;

# Exit
\q

# Quit the container using CTRL+P then CTRL+Q

Additionally but it should be mandatory when running in production, we need to think about backink up the database. To do so, the following command will create a full dump on the host temp directory 

docker exec -t mmt-db-01  pg_dumpall -c -U postgres | gzip > /tmp/dump_$(date +"%Y-%m-%d_%H_%M_%S").gz

Up to you to use that command with a cron task or whatever suits you, in order to backup your Mattermost DB regularly.

Mattermost application container

Create a directory called mattermost, this folder will be use to create our custom image only.

Create a file called Dockerfile with the following content

FROM alpine:3.12
 # Some ENV variables
 ENV PATH="/mattermost/bin:${PATH}"
 ARG PUID=1000
 ARG PGID=1000
 ARG MM_PACKAGE="https://releases.mattermost.com/5.35.2/mattermost-5.35.2-linux-amd64.tar.gz?src=docker"
 # Install some needed packages
 RUN apk add --no-cache \
   ca-certificates \
   curl \
   libc6-compat \
   libffi-dev \
   linux-headers \
   mailcap \
   netcat-openbsd \
   xmlsec-dev \
   tzdata \
   wv \
   poppler-utils \
   tidyhtml \
   && rm -rf /tmp/*
 # Get Mattermost
 RUN mkdir -p /mattermost/data /mattermost/plugins /mattermost/client/plugins \
   && if [ ! -z "$MM_PACKAGE" ]; then curl $MM_PACKAGE | tar -xvz ; \
   else echo "please set the MM_PACKAGE" ; fi \
   && addgroup -g ${PGID} mattermost \
   && adduser -D -u ${PUID} -G mattermost -h /mattermost -D mattermost \
   && chown -R mattermost:mattermost /mattermost /mattermost/plugins /mattermost/client/plugins
 USER mattermost

 # Healthcheck to make sure container is ready
 HEALTHCHECK --interval=30s --timeout=10s \
   CMD curl -f http://localhost:8065/api/v4/system/ping || exit 1

 # Configure entrypoint and command
 COPY entrypoint.sh /
 ENTRYPOINT ["/entrypoint.sh"]
 WORKDIR /mattermost
 CMD ["mattermost"]
 EXPOSE 8065 8067 8074 8075

# Do not add Volumes, it was making the container unable to see changes on volumes files...

Replace the value ARG PUID= and ARG PGID= by the ID of the supertanker user, to get it, run the following command

id supertanker

Create a file called entrypoint.sh with the following content

#!/bin/sh
 if [ "${1:0:1}" = '-' ]; then
     set -- mattermost "$@"
 fi
 exec "$@"

Update its permissions

chmod 755 entrypoint.sh

Build the custom image

docker image build . --tag mmt-app

Eventually, create our container using our custom image

docker run --detach --restart unless-stopped -v mattermost-vol-app:/mattermost --network mattermost-net -p 8065:8065 -p 8067:8067 -p 8074:8074 -p 8075:8075 --name mmt-app-01 mmt-app

Our container is now running, however, as we didn’t set the PostgreSQL user, password and DB, you should see the following logs:

docker logs mmt-app-01
{"level":"error","ts":1623228282.1595657,"caller":"sqlstore/store.go:294","msg":"Failed to ping DB","error":"dial tcp 127.0.0.1:5432: connect: connection refused","retrying in seconds":10}

Stop the container

docker container stop mmt-app-01

Go to its volume (using a sudo enabled user)

cd /var/lib/docker/volumes/mattermost-vol-app/_data/config/

Edit the file called config.json and fix the following line according to your DB server

"DataSource": "postgres://mmuser:passwordWithouSpecialChars@mmt-db-01/mattermost?sslmode=disable\u0026connect_timeout=10"

Start the container

docker container start mmt-app-01

And eventually, enjoy the view: http://yourserverip:8065/

Pihole server with Docker

This short article will help you running Pihole in a simple container.

Notice: You can go with Pihole depending on your needs, but I would now recommend switching to Adguard which is more evolved. If you are interested, take a look at my similar tutorial: https://blog.fevio.fr/2021/06/adguard-home-with-docker/

# First, create two dedicated volume (This is mandatory because how dmasq works)
docker volume create pihole-vol-app
docker volume create pihole-vol-dmasq

# A dedicated network for isolation
docker network create --driver bridge pihole-net

The next step will download and setup the actual Pihole container:

docker run -d \
     --name phl-01 \
     --network pihole-net \
     -p 53:53/tcp -p 53:53/udp \
     -p 8001:80 \
     -e TZ="Europe/Paris" \
     -v pihole-vol-app:/etc/pihole \
     -v pihole-vol-dmasq:/etc/dnsmasq.d \
     --dns=127.0.0.1 --dns=1.1.1.1 \
     --restart=unless-stopped \
     --hostname phl-01 \
     -e VIRTUAL_HOST="phl-01" \
     -e PROXY_LOCATION="phl-01" \
     -e ServerIP="127.0.0.1" \
     pihole/pihole:latest

Once it’s done, we need to get the random password generated during the setup

docker logs phl-01 2> /dev/null | grep 'password:'

# Should return something like:
Assigning random password: uHU7dwWE

Password update

As usual, it’s best to change the password you got, to do so, run the following command

docker exec -it phl-01 pihole -a -p

Now you can access your Pihole container using the host IP address and the port :8001 and should see Pihole interface as expected, for example: http://192.168.1.200:8001/admin/index.php