Sonoff T1 Wireless Wall Switch

I’ve spent recent weeks (months even!) looking at how I can bring simple automation and voice control to my home. In my quest to create a “Smart Home” I came across the Sonoff T1 UK-specification wall switch. At just ~£15 and when coupled with Tasmota, an Open Source firmware (from what I have read, I wouldn’t consider using the native firmware) that is suitable for a variety of ESP powered devices, this wi-fi connected switch becomes a very compelling product.

I’ve now got a bunch of these around the house, integrated with the Node Red Alexa Smart Skill v3 Bridge. Over the last three months these have proven to be very reliable (faultless actually) and very effective when paired with the custom multi-sensors I have built using ESP8266 NodeMCU boards to drive automation. I figured I would share my experience/ how I got them up and running.

Note that this guide assumes you have a secure MQTT server available for use, and Node-RED deployed should you want to take advantage of the Node Red Alexa Smart Skill v3 Bridge. If you’ve not got either of these in-place watch this space – further guides to follow.

Continue reading “Sonoff T1 Wireless Wall Switch”

Node-RED Alexa Home Skill Updated

Last week I posted about the Node-RED Alexa Home Skill / bridge. I’ve spent the week on ensuring the majority of device types or “capabilities” are are now supported by the bridge. It’s now possible to define devices that support:

  • Playback controls (Play, pause, stop)
  • Input changing (such as HDMI1, Audio1)
  • Volume (in steps)
  • Power (on /off)
  • Brightness (in %)
  • Colour (Red, Green, Blue etc)
  • Colour temperature (in Kelvin or warm-white through to daylight)
  • Temperature (in °C or °F)

Hopefully this means you’re now able to use commands that are more “natural” to interact with Node-RED flows that control your Smart Devices.

To further the usability of the service it is now possible (required!) to set minimum and maximum values on thermostats (in °C or °F) and smart bulbs (in Kelvin).  Any commands that fall “out of range” will not be processed by the bridge and you will get the appropriate feedback from Alexa. Again, hopefully this makes interaction with the service more intuitive.

Finally, I’ve simplified the response node. Use logic in your flows to return a “true” or “false” value as an input to this node. Any flow that starts with a Node-RED Alexa v3 node should return a payload of “true” where the command/ request is processed successfully and “false” where it is not.

I’ll be updating the documentation with more flow examples in the coming week.

Want to get involved, contribute or start testing the service as outlined in the documentation!

Node-RED Alexa Home Skill

It’s been a while since I posted, but I’ve been busy… Somehow, despite having no interest in it six months ago, I got into Home Automation, or setting up a “Smart” Home. Over the last 6 months I have:

  • purchased a variety of sensors and electronic components, Fresnel lenses and NodeMCU boards from China
  • designed/ modified circuits, learnt to solder (badly!)
  • written firmware for NodeMCU based multi-sensors
  • modified 3D designs in TinkerCAD
  • printed 3D models via 3D Hubs
  • flashed firmware of wi-fi light switches
  • (re)written a NodeJS/ MQTT and Amazon Lambda function that drive a Node-RED Alexa add-on

Lots more posts to come, but I wanted to share the latter of these activities with you first.

In my quest to enable voice control over a variety of devices I came across a Ben Hardill’s Node Red Alexa Home Skill Bridge. Ben created a Node-RED Alexa Smart Home  Skill API version 2 add-on that enables Alexa interaction with flows. No sooner had I found this and started to use it I wanted more… ! This is where the Smart Home Skill API version 3 comes in – it allows for a swathe of new voice commands to control playback, volume, inputs and other devices that version 2 did not cater for.

Unfortunately (for me at least) the API syntax has fundamentally changed. This meant figuring out Ben’s service and re-writing elements of it to work with the new API. Whilst I was at it I also updated the web interface to Bootstrap 4, and remediated some NodeJS/ Mongoose functions that were no longer supported in the original service.

The net result… My wife and kids love the fact they can turn on/ off the TV, pause, play and stop video, increase/  decrease and mute volume as well as control the lights with their voice. Couple the lighting control with Alexa “room awareness” and the whole system becomes very user friendly – i.e. “Alexa, turn on the lights.” The multi-sensors add some additional functionality/ capabilities, but I’ll save that for another day.

At this point the skill is in “Dev” – meaning it is not a publicly available Alexa Skill – however, get in touch and I can add you to the list of people able to test the service out.

You can read the intricate detail about the service on GitHub, or request access and get testing.

 

CamJam EduKit 1 – A Raspberry Pi Electronics/ GPIO Starter Kit

No soldering required! A young children friendly introduction to IT/ Computing.

Getting young kids into IT/ Computing can be a challenge, especially when it comes to doing something “constructive” i.e. not playing video games. I’ve been looking at accessible and interesting ways I can get my kids working with computers/ technology. Unsurprisingly, the Raspberry Pi came out top of the list.

I really liked the idea of doing something on-screen that would provide feedback in the real world, making the experience more interesting.

What was clear, was that as a beginner in this space, beyond selecting the SBC (single board computer), the number of add-ons/ (p)HATs is simply mind-boggling. I then came across the “CamJam EduKit” packs that were for sale at PiHut, specifically the “EduKit 1” pack, available here. So whats in the £5.00 kit?

> A 400-point breadboard
> 3 LEDs (Red, Yellow and Green)
> A button
> A buzzer
> Resistors and jumper cables
> (Online) Sample code and learning material

Comprised of eight well-written, clear and understandable modules (see here for more details), EduKit 1 provides a great introduction to building simple circuits via a breadboard and interacting with them using Python/ GPIO Zero. Within a few minutes my son had created his first circuit and, using the supplied code samples, was able to light-up the LEDs as outlined under Module 2, he then modified the supplied code for this module to change which LEDs lit-up, the order way in which the LEDs lit-up and how long they stayed on. All-in-all we’d covered basic programming/ coding in Python, circuits design, electronics and components in what was a fun and interesting 30 mins.

I was so impressed with the kit and learning material I’ve got EduKit 2 and EduKit 3 on my workbench, ready to go. The promise of building a Pi-powered robot seems to have piqued my sons interest!

I’ll state, for the record, that I am in no-way affiliated with PiHut or CamJam, the kits I have were purchased by me to try new ways to make IT interesting and exciting for my kids.

Creating a new Raspberry Pi/ Raspbian User with GPIO Access

Creating a new user in Raspbian, or any Linux distribution, is simple, just use the commands below:

sudo adduser <username>
sudo adduser <username> gpio

If you fail to add the user to the “gpio” group you will get the following Python error when trying to perform GPIO-related tasks:

No access to /dev/mem. Try running as root!

If you want the user to be a “Super User” i.e. have access to run commands with root privileges via sudo (see here for more info), add the user to the “sudo” group as well:

sudo adduser <username> sudo

Removing Rakuten TV/ SyncPlus Channels from 2017/ 2018 Samsung Smart TVs

I recently purchased a Samsung Smart TV and every time, every time my kids watched anything on it via Plex they would hit the “Exit” button on the remote and end-up with Rakuten TV / SyncPlus channels blaring out occasionally inappropriate content.

Thanks to this post I was able to remove these annoying channels/ adverts by performing the following steps:

  1. Press CH-LIST on the remote
  2. Press up on the remote and select “Edit Channels” then press OK on the remote
  3. Select “4001” and “4002”
  4. Press right on the remote and select “Delete” then press OK on the remote

Browse to an alternative source, that’s Rakuten TV gone, for good.

Why Samsung are including this annoying service with their new TVs is beyond me. As consumers we are already paying a premium for the brand, it would appear the cash extraction opportunities now just begin at time of purchase.

Content Filtering for Kid-safe Internet at Home via Pi-Hole and OpenDNS

Its worth noting that Pi-Hole can be deployed on an x86 or ARMHF (Raspberry Pi) Linux platform (i.e. no Windows deployments). That said, any device/ client type can *use* the service once deployed/ configured as outlined below.

If like me you have young kids, as they learn to use technology protecting them from inappropriate content online is a real concern.

I was already using OpenDNS Family Shield to provide DNS-based filtering via my Internet router (functionality integrated into modern ASUS routers, but you can manually set your DNS servers as outlined here) but this wasn’t sufficient when reviewing search engine results, especially image search results.

I started looking at web content filters such as Privoxy, SquidGaurd, E2Guardian etc. but when it came to HTTPS/ SSL filtering these all suffer from very limited capabilities or were complex to setup/ configure (requirement for custom CA certificates on devices for starters). As more and more of the Internet goes SSL-only this meant that using one of these options was, potentially, a “depreciating” solution.

I needed to find an effective way to filter content presented by search engines whilst maintaining the excellent block-list functionality that OpenDNS Family Shield provides.  Further reading led me to discover that popular search engines/ YouTub provide Safe Search/ Restricted Search-only URLs that have to be set/ configured using DNS CNAMEs – some links that will explain this in more detail (you can skip these if you are looking to configure this capability within PiHole):

Sadly, despite being requested multiple times, OpenDNS Family shield does not provide this functionality – interestingly this seems like a fairly simple capability to offer considering that DNS itself is the mechanism to force Safe Search. Enter Pi-Hole and dnsmasq.

PiHole is not a web content filter, it is an Ad blocker.

However, you can use the built-in dnsmasq service to force Safe Search URLs against popular search engines/ YouTube and continue to leverage DNS-based filtering such as OpenDNS Family shield. The two combined seem to provide a comfortable level of protection for my home network.

This guide assumes you have Docker installed/ running on Linux, this guide was tested on Ubuntu 17.10.

Docker Containers are immutable – i.e. if you delete the container its contents (including your configuration/ customisation) will be lost. We can use Docker volumes/ mount functionality to persist some data.

sudo mkdir /var/kvm/images/docker/pihole
sudo mkdir /var/kvm/images/docker/pihole/dnsmasq.d

Now create required dnsmasq configuration to force Safe Search (note most guides I found on this neglect to mention requirement to add regional Google URL, in the UK when browsing to www.google.com you redirect to www.google.co.uk):

sudo vi /var/kvm/images/docker/pihole/dnsmasq.d/05-restrict.conf

# YouTube Restricted
cname=www.youtube.com,restrict.youtube.com
cname=m.youtube.com,restrict.youtube.com
cname=youtubei.googleapis.com,restrict.youtube.com
cname=youtube.googleapis.com,restrict.youtube.com
cname=www.youtube-nocookie.com,restrict.youtube.com

# Google SafeSearch
cname=www.google.com,forcesafesearch.google.com
cname=www.google.co.uk,forcesafesearch.google.com

# Bing Family Filter
cname=www.bing.com,strict.bing.com

# DuckDuckGo
cname=www.duckduckgo.com,safe.duckduckgo.com
cname=duckduckgo.com,safe.duckduckgo.com

Now create the Docker Container, be sure to change your upstream DNS servers set using the DNS1/ DNS2 arguments and change WEBPASSWORD value. Also, note the host-file entries that are passed through to the Docker Container using the “–add-host” Docker run argument.

You can also set DNS1/ DNS2 to be the OpenDNS servers, as outlined here.

Finally, on Ubuntu I had to specify the LAN IP address of the Docker host for tcp/ udp port 53 port exposure. This is because Docker has a built-in DNS resolver. Be sure to change the script/ replace 192.168.0.7 with your Docker host IP address.

IP_LOOKUP="$(ip route get 8.8.8.8 | awk '{ print $NF; exit }')" # May not work for VPN / tun0
IPv6_LOOKUP="$(ip -6 route get 2001:4860:4860::8888 | awk '{ print $10; exit }')" # May not work for VPN / tun0
IP="${IP:-$IP_LOOKUP}" # use $IP, if set, otherwise IP_LOOKUP
IPv6="${IPv6:-$IPv6_LOOKUP}" # use $IPv6, if set, otherwise IP_LOOKUP

sudo docker run -d \
--name pihole \
-p 192.168.0.7:53:53/tcp -p 192.168.0.7:53:53/udp -p 8081:80 \
-v /var/kvm/images/docker/pihole/:/etc/pihole/ \
-v /var/kvm/images/docker/pihole/dnsmasq.d/:/etc/dnsmasq.d/ \
-e ServerIP="${IP}" \
-e ServerIPv6="${IPv6}" \
-e WEBPASSWORD={your password} \
-e DNS1=192.168.0.254 \
-e DNS2=192.168.0.254 \
--add-host=restrict.youtube.com:216.239.38.120 \
--add-host=restrictmoderate.youtube.com:216.239.38.119 \
--add-host=forcesafesearch.google.com:216.239.38.120 \
--add-host=strict.bing.com:204.79.197.220 \
--add-host=safe.duckduckgo.com:34.243.144.154 \
--restart=unless-stopped \
diginc/pi-hole:latest

You can now browse to http://<Docker Host IP>:8081, this should bring up the Pi-Hole Web Interface.

Finally, you’ll need to modify the DHCP configuration for your network to ensure that clients are provided with the IP address of the Docker host running Pi-Hole as their DNS server. I’ll state that you don’t *need* to use Pi-Hole to force Safe Search, any local DNS service that you can configure CNAME/ A-Records to override default IPs returned for Search Engines outlined in this post will do. You can then set the upstream DNS server(s) to be Open DNS Family Shield, or anything else. Pi-Hole provides the added benefit of Ad blocking, and my kids love clicking on Ads…

Getting Analogue Sound Working on Raspberry Pi 3B+ / Raspbian Stretch

I’ve been testing the Raspberry Pi 3B+ with Raspbian Stretch recently. I have a few older Raspberry Pi 3 devices around the house, but these are all running RasPlex and connected via HDMI to a TV – these devices have always worked perfectly (and impressively  well considering their cost) when playing high bit-rate 1080p video with lossless HD surround sound.

The same cannot be said for getting analogue audio working in Raspbian O/S- to say this has been a “journey of discovery” for something so simple would be an understatement. Out of the box I could not get Chromium, omxplayer or any applications to play sound via the Analogue audio jack.

Nevertheless, with some “tweaking” I now have analogue audio working across  Chromium, omxplayer and other applications. Instructions follow…

First we will set configuration in /boot/config.txt

# Force HDMI to operate in DVI mode
hdmi_drive=1
# Pretends all audio formats are *unsupported* by HDMI display, i.e. use analogue jack
hdmi_ignore_edid_audio=1
hdmi_force_edid_audio=0
# Force use of newer audio driver for RPi, not sure actually needed on stretch/ 3B+
audio_pwm_mode=2

With the above in-place, following a reboot, I had sound in omxplayer, but Chromium and other applications continued to be silent.

The final piece of the puzzle was to use the command below to set output to the Analogue jack:

# Force audio through analogue jack, needed for audio_pwm_mode=2 driver
amixer -c 0 cset numid=3 1

Next challenge, hardware acceleration for video in Chromium itself… this looks like a mess on Linux at the moment, so I am unlikely to sort this with a few config file changes!

Improving Raspberry Pi 3B+ Chromium Performance

I recently added a Raspberry Pi3B+ to my ever-increasing Raspberry Pi devices . I have a few of the Model 3’s running as RasPlex clients throughout the house. This new Pi was destined for a different purpose – trying to get the kids into coding!

I downloaded and deployed the March 2018 Raspbian OS, deployed it to an 8GB micro-SD card and fired the device up. I very, very quickly ran into performance issues when using Chromium, to the point of it crashing the Pi, and needing to pull the power to hard reset.

I’ve since dramatically improved this situation by extending the swap size, as below. Note that this solution will likely cause increased wear/ performance degradation over time on the SD card – at £6.00 for a 16GB card I am not too concerned.

# Modify the swap config
sudo vi /etc/dphys-swapfile

# Change the CONF_SWAPSIZE value to 1024, or greater if you have a larger SD card/ sufficnet space.
CONF_SWAPSIZE=1024

# Now save your changes and reboot the Pi
sudo reboot

Whilst not perfect, this has made the Pi 3B+ acceptable when using Chromium and multiple tabs.

Deploying Guacamole (and Duo MFA) via Docker Containers on Ubuntu

This guide replaces any previous guacamole docker deployment guides on cb-net and will be kept up-to-date as new releases emerge.

Updated: 22/01/18 : New Guacamole release 0.9.14

Use this guide to deploy a fresh/ new install of guacamole on Ubuntu using Docker containers, instructions include Docker CE installation, Duo MFA configuration (if wanted, can be skipped) and Guacamole/ pre-requisite container deployment to get you up and running. Scenarios:

  • No Docker, and want to use Duo MFA: follows sections one, two and three
  • No Docker, but don’t want to use Duo MFA: follow section one and three only
  • Already have Docker and want to use MFA: follow sections two and three only
  • Already have Docker and don’t want to use MFA: follow section three only

Continue reading “Deploying Guacamole (and Duo MFA) via Docker Containers on Ubuntu”