blob: 28ea69b534f663135851ad9b6b5276a157a69034 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
Contains:
- Bash script generating rrd database and generating graphs from it
- Python script readding from MQTT and updating rrd database
- Settings for the Python script
- Python script regenerating certificates within grace period of their expiry.
DEPENDENCIES:
- configparser
- paho
- rrdtool
kernel support ( amongst others (: ):
- CONFIG_USB_VIDEO_CLASS
Steps to get going:
- Generate rrd file with ./generate_rrd_db.sh -c -i <rrd-file>
- Set up MQTT broker.
- Set up Raspberry Pi pico (Pico project in Micropython section)
- Fill in settings.cfg with your data
- Set up certificates (Check out Pico project for Bash script generating them)
- Run Python script.
- Set up cron job regenerating graphs with frequency to your liking.
- Set up SSL/TLS certificates with scripts provided. Certificate directory structure shall adhere to the schema below.
(So that I don't forget:)
What is still missing:
- Python script should run as a daemon.
- Python script could generate more graphs based on averages from rrd database showing long term trends.
- Graph generation could be done with rrdcgi (not sure it is needed though)
- Documentation is lacking detailed step by step setup guide.
- In order to prevent a rougue client from publishing to a certificate renewal channel, Access Controll List needs to be implemented.
- There should be a script generating ACL file.
- Before adding a certificate for a user ACL file shall be updated.
Certificate directory structure:
$ tree -d /etc/mosquitto/certs
├── CA
├── DH
├── clients
│ ├── onge
│ └── pico
├── csr_files
└── server
The acl file shall be located at:
$ /etc/mosquitto/mosquitto.acl
An entry shall be present in the acl file:
$ pattern readwrite cert_reneval/%c/#
|
