Make your home smarter

Thursday, November 14, 2024

Update Home Assistant docker installation

In order to safely update your docker container in a Synology NAS. I assume you manage your docker containers via docker-compose

List the running containers
?
1
docker ps
Go to the docker folder
?
1
cd /volume1/docker
Copy the configuration (if needed)
?
1
cp -rp ha /volume2/backups/ha-bak.24.11
Stop the container
?
1
docker stop homeassistant
Make a backup
?
1
docker commit homeassistant homeassistant-backup:version-24.11
Pull the latest image
?
1
docker pull ghcr.io/home-assistant/home-assistant:stable

or if you want a specific version
?
1
docker pull ghcr.io/home-assistant/home-assistant:2024.11.3
Remove the container
?
1
docker rm homeassistant
If you have a specific version to use, edit the version of the image in the docker-compose file to the downloaded one (2024.11.3, default is stable)
?
1
vi docker-compose.yaml
Start up the new container
?
1
docker-compose --verbose up -d homeassistant

Checklist afterwards:

Check if configuration is loaded correctly:
?
1
docker exec homeassistant python -m homeassistant --script check_config --config /config
Check for version: Settings > About
Check for logs: Settings > System > Logs
Update HACS plugins if needed

For a full recovery of a container:

Stop and Remove the Current Container:
?
1
docker stop homeassistant

?
1
docker rm homeassistant
Run a New Container from the Backup Image (or edit your docker-compose.yaml and start with docker-compose):
?
1
docker run -d --name homeassistant \ --restart=unless-stopped \ -v /volume1/docker/ha:/config \ -e TZ=Europe/Paris \ --net=host \ homeassistant-backup:version-24.11

Monday, November 11, 2024

Home Assistant button with automation on your dashboard and state not always on

If you want to add a button to your dashboard that will trigger an automation once clicked, but you don't like the fact that by default the state will be always on, you can add an additional input_boolean. Below are the steps how to do this.

To define an input_boolean in Home Assistant, you can add it to your configuration.yaml file. Here’s how to do it:

Open your configuration.yaml file in Home Assistant.
Add the Input Boolean definition under the input_boolean section. If the section doesn’t exist yet, you can create it.
```
yaml
input_boolean:
  rain_water_pump_button:
    name: Rain Water Pump Button
    initial: off
```
- rain_water_pump_button: This is the entity ID for your input boolean.
- name: This is the name that will appear in the UI.
- initial: Setting this to off means the button will be off each time Home Assistant restarts.
Save the Configuration and Restart Home Assistant:
- After saving your changes, go to Settings > System > Restart to apply the new configuration.

Create a Combined Automation: This automation will:

Turn the rain_water_pump_button “on” for 2 seconds to confirm the button press.
Trigger switch.rain_water_pump for 3 minutes, then turn it off.

yaml
alias: Enable Rain Water Pump for 3 Minutes
trigger:
  - platform: state
    entity_id: input_boolean.rain_water_pump_button
    to: 'on'
action:
  - delay: "00:00:02"  # Keep button "on" for 2 seconds
  - service: input_boolean.turn_off
    target:
      entity_id: input_boolean.rain_water_pump_button
  - service: switch.turn_on
    target:
      entity_id: switch.rain_water_pump
  - delay: "00:03:00"  # 3 minutes delay for the pump
  - service: switch.turn_off
    target:
      entity_id: switch.rain_water_pump
mode: single

Update the Dashboard Button: Here’s the updated configuration for the dashboard button to trigger the input_boolean instead of the automation directly. This way, pressing the button will activate the whole process:
```
yaml
type: entity-button
entity: input_boolean.rain_water_pump_button
icon: mdi:av-timer
show_name: true
show_icon: true
show_state: true
icon_height: 25px
tap_action:
  action: toggle
```

With this setup:

The dashboard button will change to "on" for 2 seconds when pressed.
The input_boolean state change triggers the switch.rain_water_pump to turn on for 3 minutes and then turn off automatically.

Friday, October 6, 2023

Connect to Fluvius smart energy meter via P1 and publish data via MQTT broker to Home Assistant

I created a python script that runs as a service to read out the Fluvius energy meter via the P1 port to USB on a Raspberry Pi. See installation notes here: https://github.com/smartathome/fluvius2mqtt/tree/main

The output into Home Assistant looks like this:

Monday, October 2, 2023

Install SBFSpot to read out SMA Sunny Boy data and make data available over MQTT for Home Assistant

I want to read out a SMA Sunny Boy data and make it available via MQTT to Home Assistant. Installation of SBFSpot on a Rasberry Pi is really easy. The tool to be used for this is SBFSpot. The SMA procotol used is proprietary and happens over 502/tcp.

Install command line:
?
1
curl -s https://raw.githubusercontent.com/sbfspot/sbfspot-config/master/sbfspot-config | sudo bash
Follow the configuration tutorial and setup wizard
Edit the configuration file for MQTT:

?
1
sudo vi cd /usr/local/bin/sbfspot.3/SBFspot.cfg
to change the MQTT configuration and set the following MQTT_Data:

?
1
MQTT_Data=Timestamp,SunRise,SunSet,InvSerial,InvName,InvSwVer,InvTime,InvStatus,InvTemperature,InvGridRelay,EToday,ETotal,PACTot,UDC1,UDC2,IDC1,IDC2,PDC1,PDC2,GridFreq
Test:

?
1
/usr/local/bin/sbfspot.3/SBFspot -v -finq -nocsv -mqtt
Note the SMA inverter serial for adding to your Home Assistant configuration
x
Configure Home Assistant and add these sensors to your configuration.yaml. Remember to replace the SERIAL with the actual serial number from your inverter.

Monday, September 25, 2023

Advanced installation of a Raspberry Pi with Raspbian Bullseye

When installing a Raspberry Pi, I have a checklist of steps I take each time to ensure my Raspberry Pi's are (mostly) configured in the same way. They have the same way to backup their data, use the same user configurations (ntp, syslog, sendmail...) and have the same security provisioning. We will also introduce logs into memory with Log2Ram, to avoid too much SD card writing/wearing, which will eventually break your RPi. Feel free to comment on any step that is documented here. Some steps might be optional or unnecessary in your case.

Do the physical installation, plugin the network and HDMI cables (except the power cable of course) and screw your RPi into a cover or box.
Prepare SD card on Mac with Raspberry Pi Imager
Plugin the SD card into your RPi and now also plugin the power cable. Boot your RPi for the first time now. Create a user with password for using later. (e.g. user:pi, password:raspberry)
When booted, you'll be provided with a prompt to login for the first time. Mind the QWERTY keyboard layout.
Run the setup tool

?
1
sudo raspi-config
Configure the setup tool

Set the hostname (1 System Options > S4 Hostname)
Expand Filesystem (6 Advanced Options > A1 Expand file system)
Change Timezone, set Keyboard Layout (if needed) and change Wifi Country (5 Localization Options > L2 Change Timezone, L3 Change Keyboard Layout, L4 Change Wi-fi Country)
Enable SSH (3 Interfacing Options > I2 SSH)
Press 'Finish' and Reboot

After reboot, login again via SSH and change your user password:
passwd
Generate a SSH key-gen pair, which is more robust than the default one.

?
1
ssh-keygen -o -a 100 -t ed25519
Change the root password

?
1
sudo passwd root

Set the ETH0 IP address to a fixed IP. I hardly ever use the Wifi module in a Raspberry Pi

1 2	`sudo` `vi` `/etc/network/interfaces`

Add at the end of the file the following:

# Added by user on 2023-XX-XX
auto eth0
iface eth0 inet static
        address 192.168.0.240/24
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        dns-nameservers 192.168.0.1 8.8.8.8
# End of Addition

1	`sudo` `systemctl restart networking.service`

And test with

1	`ip add show`

Reboot your RPi again (or do it later if you plan to reboot anyway)

Check for updates & upgrades for Bullseye, but first become root. Don't forget to reboot if kernel patches were installed.

?
1
2
sudo -i
apt-get update -y && apt-get upgrade -y
Fix a common issue with Syslog flooding your logs

?
1
2
sudo sed -i '/# The named pipe \/dev\/xconsole/,$d' /etc/rsyslog.conf
sudo service rsyslog restart
Alternatively, you could also install Syslog-NG

?
1
sudo apt-get install -y syslog-ng
Install Git

?
1
sudo apt-get install -y git dirmngr
Install Log2Ram as this will allow us to keep logs in memory and reduce the SD card writing significantly. From time to time, the logs are still made persistent to disk.

?
1
2
3
4
5
6
7
cd /home/pi
git clone https://github.com/azlux/log2ram.git
cd log2ram
chmod +x install.sh
sudo ./install.sh
Change the log size value to 128M
sudo vi /etc/log2ram.conf
Reboot

Install Sendmail and configure to work with a local mail relay server, or alternatively Gmail.

sudo apt-get install -y sendmail mailutils sendmail-bin
sudo mkdir -m 700 /etc/mail/authinfo/
sudo cd /etc/mail/authinfo/

Create a Sendmail authentication file:

1	`sudo` `vi` `sendmail-auth`

And paste the following info:

1	`AuthInfo:` `"U:root"` `"I:YOUR LOGIN"` `"P:YOUR PASSWORD"`

Save and exit vi. Next do the makemap:

1 2	`sudo` `makemap` `hash` `sendmail-auth < sendmail-auth` `sudo` `chmod` `400 sendmail-auth`

Change the Sendmail configuration now

sudo vi /etc/mail/sendmail.mc
Add the following below right above first "MAILER_DEFINITIONS" line:
# Added by yourname on 2018-XX-XX
define(`SMART_HOST',`[192.168.Y.XX]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash -o /etc/mail/authinfo/sendmail-auth.db')dnl
# End of Addition

Apply the changes to the configuration and restart Sendmail:

1 2	`sudo` `make` `-C` `/etc/mail` `sudo` `/etc/init.d/sendmail` `reload`

Test if you can send an email to yourself:

1	`echo` `"Just testing my Sendmail email relay"` `\| mail -s` `"Sendmail email relay"` `you@here.com`

Setup NTP sync

?
1
2
sudo apt-get install -y ntp ntpdate
sudo vi /etc/ntp.conf
And replace the XX with your country code

?
1
2
0.XX.pool.ntp.org
sudo /etc/init.d/ntp stop
And query to see NTP being in sync

?
1
2
3
sudo ntpd -gq
sudo /etc/init.d/ntp start
sudo ntpd -pn
Setup SNMP

?
1
2
sudo apt-get install snmp snmpd
sudo vi /etc/snmp/snmpd.conf
And put the following configuration lines

?
1
2
agentAddress udp:161
rocommunity public 192.168.X.0/24
Restart your SNMP daemon

?
1
sudo /etc/init.d/snmpd restart
And test on your local machine

?
1
snmpwalk -Os -c public -v 1 localhost

Setup NFS backup share, install a backup tool, rsnapshot and configure
Fix rpcbind issue (Make yourself root first)

su -
cat >/etc/systemd/system/nfs-common.service <<\EOF
[Unit]
Description=NFS Common daemons
Wants=remote-fs-pre.target
DefaultDependencies=no
 
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/etc/init.d/nfs-common start
ExecStop=/etc/init.d/nfs-common stop
 
[Install]
WantedBy=sysinit.target
EOF

cat >/etc/systemd/system/rpcbind.service <<\EOF
[Unit]
Description=RPC bind portmap service
After=systemd-tmpfiles-setup.service
Wants=remote-fs-pre.target
Before=remote-fs-pre.target
DefaultDependencies=no
 
[Service]
ExecStart=/sbin/rpcbind -f -w
KillMode=process
Restart=on-failure
 
[Install]
WantedBy=sysinit.target
Alias=portmap
EOF

cat >/etc/tmpfiles.d/rpcbind.conf <<\EOF
#Type Path        Mode UID  GID  Age Argument
d     /run/rpcbind 0755 root root - -
f     /run/rpcbind/rpcbind.xdr 0600 root root - -
f     /run/rpcbind/portmap.xdr 0600 root root - -
EOF
 
systemctl enable rpcbind.service
systemctl enable nfs-common 

Install raspiBackup (from this website)

1	`sudo` `mkdir` `-p` `/backup`

Avoid accidental file storage, when folder is not mounted
And put the following configuration lines

1 2	`sudo` `chattr +i` `/backup` `sudo` `vi` `/etc/fstab`

And add

1 2	`server.yourdomain.com:/volume1/backups/host.yourdomain.com/backup` `nfs rsize=8912,wsize=8912,timeo=14 0 0` `sudo` `mount` `/backup`

Now install the raspiBackup tool

1	`curl -s https://raw.githubusercontent.com/framps/raspiBackup/master/installation/install.sh \|` `sudo` `bash`

<span style="font-family: Times New Roman;"><span style="white-space: normal;">Go through the configuration tool, later on you can go back to it via: raspiBackupInstallUI.sh
</span></span><pre class="brush:bash"><span style="font-family: Times New Roman;"><span style="white-space: normal;">-Backup versions: smart strategy</span></span></pre><pre class="brush:bash"><span style="font-family: Times New Roman;"><span style="white-space: normal;">-Backup to tar</span></span></pre><pre class="brush:bash"><span style="font-family: Times New Roman;"><span style="white-space: normal;">-No compression</span></span></pre><pre class="brush:bash"><span style="font-family: Times New Roman;"><span style="white-space: normal;">-Backup mode standard</span></span></pre><pre class="brush:bash"><span style="font-family: Times New Roman;"><span style="white-space: normal;">-Email notification set
Uncomment the crontab (backup will run every Sunday at 5am):
</span><pre class="brush:bash" style="white-space: normal;">sudo vi /etc/cron.d/raspiBackup </pre><span style="white-space: normal;">And finally test</span></span></pre><pre class="brush:bash">sudo raspiBackup</pre>

Generate an SSH keypair for easy login <pre class="brush:bash">ssh-keygen

ssh-copy-id -p 22 admin@server.yourdomain.com </pre>Log into your server, make yourself root and copy the public key into the raspberry

1	`cat` `/root/.ssh/id_rsa.pub \|` `ssh` `user@hhost.yourdomain.com` `"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"`

Test if it's working by using:

1	`ssh` `user@host.yourdomain.com`

Setup unattended upgrade based on <a href="https://linuxiac.com/how-to-set-up-automatic-updates-on-debian/">this tutorial</a> <pre class="brush:bash">sudo apt update

sudo apt install unattended-upgrades </pre>Configure unattended upgrades and uncomment:

sudo vi /etc/apt/apt.conf.d/50unattended-upgrades
 
"origin=Debian,codename=${distro_codename}-updates";
"origin=Debian,codename=${distro_codename}-proposed-updates";
"origin=Debian,codename=${distro_codename},label=Debian";
"origin=Debian,codename=${distro_codename},label=Debian-Security";
"origin=Debian,codename=${distro_codename}-security,label=Debian-Security"; 

And uncomment:

1	`Unattended-Upgrade::Remove-Unused-Dependencies` `"false";`

Now enable Automatic Updates (and press Yes)

1	`sudo` `dpkg-reconfigure --priority=low unattended-upgrades`

To view the unattended upgrades:<pre class="brush:bash">sudo systemctl status unattended-upgrades.service</pre><pre class="brush:bash">-</pre>

?
1
2
?
1
2
?
1
2

Thursday, September 21, 2023

Watchtower not working on Synology DSM 6.0.x as a Docker container

When installing the standard Watchtower container onto DSM 6.0 with Docker, I ran into 2 issues which caused the container not to run and constantly restart itself (see container logs for the error messages):

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Error response from daemon: client is newer than server (client API version: 1.24, server API version: 1.23

Both issues have a solution. First being that an older docker image has to be used, second being that DSM UI somewhere filters out a file mapping when creating the container.

Fix for issue 1: Create a symlink

sudo ln -s /var/run/docker.sock /volume1/docker/docker.sock

Fix for issue 2: Create a new docker container

sudo docker run -d --name watchtower-new -v /volume1/docker/docker.sock:/var/run/docker.sock centurylink/watchtower --interval 82800 --cleanup

Thanks to these links for finding a solution

Monday, September 18, 2023

ipmitool not working on Supermicro server with Debian 12

I have a server with a Supermicro X7SBI motherboard. It has a dedicated IPMI port but I could no do anything with it, as this was a second hand server and the IPMI had a fixed IP address in the 83... range and the admin password was unknown to me. I thought that resetting it was straightforward, but ran into a few issues:

First issue: Could not open device at /dev/ipmi0 or /dev/ipmi/0 or /dev/ipmidev/0: No such file or directory

So at first, I thought that the device itself was broken. I unplugged it, checked it, but I could see the IP address and the webserver was accessible, so that seems ok. So I tried to factory reset the BIOS, still no help. Then, after some Googling, I found out that 2 fixes were needed.

1. Adapt the GRUB boot parameters for this type of board

1	`//add` `logs`

These articles explain what needs to be done: different ipmi_si port address and add kernel boot parameter

Run everything as root:

vi /etc/default/grub and change GRUB_CMDLINE_LINUX_DEFAULT="quiet" to

1	`GRUB_CMDLINE_LINUX_DEFAULT="quiet ipmi_si.type=kcs ipmi_si.ports=0xca2"`

Save and exit, then update your GRUB

1	`update-grub`

Reboot your sever, now the device should be found under /dev/ipmi0

Second issue: Still, there is a second problem with this version of ipmitool for Debian 12

root@debian:~# ipmitool raw 0x6 0x46 0x02
IANA PEN registry open failed: No such file or directory
 61 64 6d 69 6e 00 00 00 00 00 00 00 00 00 00 00
root@debian:~# lsmod | grep ipmi
ipmi_si                73728  0
ipmi_devintf           20480  0
ipmi_msghandler        77824  2 ipmi_devintf,ipmi_si
root@debian:~# ipmitool lan set 1 ipsrc static
IANA PEN registry open failed: No such file or directory

`2. Copy missing enterprise numbers`

After some Googling, I found out there is some config missing for ipmitool. This command will solve that:

1	`wget -O` `/usr/share/misc/enterprise-numbers.txt https://jff.email/cgit/ipmitool.git/plain/debian/enterprise-numbers.txt?h=debian/1.8.19-5`

After which I could reset the ipmi ADMIN password and set the static IP address. Yeehaa!

root@debian:~# ipmitool user set name 2 ADMIN
root@debian:~# ipmitool user set password 2
Password for user 2: 
Password for user 2: 
Set User Password command successful (user 2)
root@debian:~# ipmitool lan set 1 ipsrc static
root@debian:~# ipmitool lan set 1 ipaddr 192.168.0.199
Setting LAN IP Address to 192.168.0.199
root@debian:~# ipmitool lan set 1 defgw ipaddr 192.168.0.1
Setting LAN Default Gateway IP to 192.168.0.1
root@debian:~# ipmitool lan print
Set in Progress         : Set Complete
Auth Type Support       : NONE MD2 MD5 PASSWORD 
Auth Type Enable        : Callback : 
                        : User     : MD5 
                        : Operator : MD5 
                        : Admin    : MD5 
                        : OEM      : MD5 
IP Address Source       : Static Address
IP Address              : 192.168.0.199
Subnet Mask             : 255.255.255.0
MAC Address             : 00:30:48:95:76:55
SNMP Community String   : public
IP Header               : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10
BMC ARP Control         : ARP Responses Enabled, Gratuitous ARP Enabled
Gratituous ARP Intrvl   : 2.0 seconds
Default Gateway IP      : 192.168.0.1
Default Gateway MAC     : 00:00:00:00:00:00
Backup Gateway IP       : 0.0.0.0
Backup Gateway MAC      : 00:00:00:00:00:00
RMCP+ Cipher Suites     : 0,1,2,3,6,7,8,11,12
Cipher Suite Priv Max   : uuuOXXuuOXXuOXX
                        :     X=Cipher Suite Unused
                        :     c=CALLBACK
                        :     u=USER
                        :     o=OPERATOR
                        :     a=ADMIN
                        :     O=OEM