Domespic [5] Extensions
December 13, 2016
Previous: Part 4 - Domoticz  

Transfer Files by SFTP with FileZilla

As I began writing scripts on the Raspberry Pi, I quickly tired of using the nano and pined for my usual text editor. Since the Raspberry Pi is running an SSH server, files can be transferred back and forth using the SSH file transfer protocol (SFTP). And there is no change to be made to the Raspberry Pi. Its all on the desktop computer.

You can do SFTP transfers from a terminal window. The following will download all the Domoticz Lua scripts to the Documents directory in my account

michel@hp:~$ sftp pi@ pi@'s password: remember nothing is shown not even '*'s Connected to sftp> get domoticz/scripts/lua/*lua Documents Fetching /home/pi/domoticz/scripts/lua/JSON.lua to Documents/JSON.lua /home/pi/domoticz/scripts/lua/JSON.lua 100% 49KB 49.4KB/s 00:00 ... sftp>quit
Its all very old school FTP and not particularly friendly.

I prefer to use FileZilla which can be installed on Linux, Mac OS X and Windows. It was a snap to install on my Linux desktop using Ubuntu Software Center

Once it is installed, start FileZilla and open the Site Manager in the File menu. Click on the New Site button and then give the site (the Raspberry Pi) a meaningful name. Go on to fill Host, User and Password fields the values used to log into an SSH session on the Raspberry Pi. Set the Protocol to SFTP. Finally click on the Ok button to save the settings.

From now on, to start a session, go back to the Site Manager and click on the Connect button.

I use FileZilla to copy the important files, including the script files, from the Raspberry Pi to my desktop computer. When I need to add a script or modify one, I do it on the desktop using my preferred text editor, and copy the new or modified files back to the Raspberry Pi.

Luckily, FileZilla makes it easy to synchronize the files on the desktop (local computer when in FileZilla) and the Raspberry Pi (remote computer). Go to the Site Manager, click on the Advanced tab and fill in the default directories.

If you check Use synchronized browsing, it will be easier to navigate both directory trees:
If your FielZilla freezes, uncheck that option and look into updating to the latest version.

Timers and Notification

Much like in the original X10 home automation software and in Home Automation Vista which is an alternate program, Domoticz makes it very easy to add "timers" which can control when a device is turned on or off. To add, review and edit the timers associated with a device, click on the Timers button to the right of its icon (and to the right of the Edit Button). The following screen capture shows the table containing four timers associated with the dresser lamp.
Dresser lamp's timers

Its a simulation of what happens when I go to sleep at night. There are two weekday timers, one that turns the dresser light on at around 22:39, plus or minus 15 minutes (that's what the Randomness field means) and one that turns the lamp of at 23:15 give or take 15 minutes. Then there are the weekend timers that are somewhat later.

Its probably a very good idea to have the off timer at least 35 minutes latter than the on timer if both are random. With a shorter interval, the off command could be sent before the on command!

Note that the timers are not active. I will activate them manually when I will be absent from the house. I am sure there is a better way of doing this, but this is a first experiment after all.

Sometimes it be useful to be notified somehow when Domoticz turns an appliance on or off, especially when not a home. The software supports a great many notification methods. I enabled the most basic: sending emails. I find that is enough since my Android tablet and my Ubuntu portable make noises and display a notification message on the screen when mail comes in.

To add, review and edit the notifications associated with a device, click on the Notifications button to the right of its icon (and to the right of the Timers Button). The following screen capture shows the table containing two notifications: one associated with turning on the lamp and the other when turning off the lamp.
Dresser lamp's notifications

There's a rub. You have to tell Domoticz where to send the email. That's done in the Setup/Settings/Email page
Email settings

Adjust the values of the fields to correspond to your email address. Notice that all three boxes at the bottom are checked. Send Camera snapshots... only makes sense if a camera is attached to the Raspeberry Pi and if a Google mail account is the destination.

Add a Web Camera

As setup so far, Domoticz will send you emails each time it turns on or off a device (assuming its Timers and Notifications are enabled). But this is X10; do the lights actually turn on or off?

I had a spare web cam doing nothing and there remained a spare USB port on the Raspberry Pi. Why not use the camera to send pictures with the notification to check if a lamp is turned on or not. Turns out, something like this is very easy in Domoticz. See section 1.3 of Camera Setup in the Domoticz wiki.

First the UVC package must be added to Raspian:

pi@rpi2b:~ $ sudo apt-get install uvccapture

Then Domoticz must be informed of the presence of the USB camera. To add a camera click on Setup/More Options/Cameras/Add Camera. Fill in the fields as shown below:
Camera settings

Then each scene that is to be photographed must be specified. Select the web cam at the top of the window (it will be shown in a blue background), and then use the bottom Device/Scene area to select the device (Dresser lamp) and which scene (When: On). I also added a delay of 3 seconds, to wait after the command to turn on the lamp is sent before taking the picture; remember X10 is slow. I did the same thing for When: Off.
Adding a scene

With this setup, a message is sent to my google account with a picture taken by the camera whenever Domoticz turns the lamp on or off. The picture is sent as an attachment. With other email accounts, this may not necessary.

What I got were two notifications: the first when the on or off command is sent, the second, 3 seconds later, with the picture. That seemed like overkill, I decided to turn off the first notification and I reduced the delay to two seconds.

Finally, you can change the UVC parameters in the Setup/Settings/Other page. In particular, you may want to adjust the width (-x) and height (-y) to the camera's native resolution.

The next section in the Camera wiki page, "Using your camera as motion sensor", could be worth investigating

Add Tor Onion Remote Access

Of course, there is a problem. What if the camera shot shows that the lamp did not respond to the Domoticz message and I am away from home? I need to be able to log on to the server to initiate an on or off command manually.

This usually involves forwarding port at the router and for security sake setting up a VPN and messing with SSL/TLS certificates. However it is possible to have secure remote access to the Domoticz web server without all that using the MyDomoticz service or Tor Onion remote access. Unfortunately, the first option, discussed in the Domoticz wiki MyDomoticz seem to no longer be available (as of 27 Nov. 2016). This section discusses the second method.

Opening up the home server to the outside world does raise some security considerations. At the very least, the website should be protected by a password. Look at basic Domoticz setup again.

Adding Tor remote access means that the Raspberry Pi running the Domoticz server must also run a Tor Onion service. It will also be necessary to install a Tor browser on each remote device that will be used to log onto the Domoticz server.

Installing the Tor service

Following instructions found at Home Assistant, install the daemon and edit its configuration file as follows.

pi@raspberry:~ $ sudo apt-get install tor pi@raspberry:~ $ sudo nano /etc/tor/torrc
HiddenServiceDir /var/lib/tor/domoticz/ HiddenServicePort 80 XXXX=8080 or whatever port was chosen on setup HiddenServiceAuthorizeClient stealth somename
Here somename can be any name you want for the Tor node created.

The restart the Tor service and read the generated authentication cookie from the hostname file generated by Tor.

pi@raspberry:~ $ sudo /etc/init.d/tor restart pi@raspberry:~ $ sudo more /var/lib/tor/domoticz/hostname abcdef1234567890.onion ABCDEF1122334455667789 # client: somename

The dot onion part of the host name is the address to be used in a Tor browser. The part to the right is an authentication cookie used by the Tor browser to find the hidden service running to the Raspberry Pi. The cookie must be added to the Tor browser's configuration file.

Installing the Tor browser

Follow the instructions at the Tor Browser Project to install the browser on a computer running Windows, OS X or Linux.

Making sure that the Tor browser is not running, use a text editor to add the authentication cookie at the end of the configuration file named torrc as follows:

# This file was generated by Tor; if you edit it, comments will not be preserved # The old torrc file was renamed to torrc.orig.1 or similar, and Tor will ignore it ControlPort "unix:/home/michel/T\303\251l\303\251chargements/tor/tor-browser_fr/Browser/TorBrowser/Data/Tor/control.socket" DataDirectory "/home/michel/T\303\251l\303\251chargements/tor/tor-browser_fr/Browser/TorBrowser/Data/Tor" GeoIPFile "/home/michel/T\303\251l\303\251chargements/tor/tor-browser_fr/Browser/TorBrowser/Data/Tor/geoip" GeoIPv6File "/home/michel/T\303\251l\303\251chargements/tor/tor-browser_fr/Browser/TorBrowser/Data/Tor/geoip6" HiddenServiceStatistics 0 HidServAuth abcdef1234567890.onion ABCDEF1122334455667789

You can add other authentication cookies to the file if need be. The directory containing the configuration file is <tor browser install directory>/Browser/TorBrowser/Data/Tor/torrc-defaults

Start the Tor browser and enter the “dot onion” site address ( abcdef1234567890.onion as per the above example) to connect to the Domoticz server.

After some time, you will be disappointed to see a blank page:
Blank page

It is necessary to enable Javascript for this page. First it is necessary to check that needed permissions for trusted sites are enabled. To do this, click on the crossed out NoScript (S) icon to the left of the address bar. Make sure the correct options for trusted sites are enabled: click the Options menu, select the Advanced tab and then select the (S) Trusted sub-tab. Two boxes should be checked: Show the <NOSRIPT... and Allow local links. Click on the OK button at the bottom of the window. This needs to be done only once.

Now, the Domoticz onion site must be declared trusted. Again click on the (S) icon, and then click on the (S) Allow all this page menu choice. If the browser does not automatically refresh the page, click on the refresh icon at the end of the address bar. Eventually, the Domoticz login screen should appear.
Login page

If all goes well, consider adding the server's dot onion site address to NoScript's whitelist. Its in the Options menu. Do that while not logged in to the server. There is more information about NoScript at it's web page:

Installing Orbot and Orfox

There is no Tor browser for Android devices. So on my tablet I installed two applications, Orbot and Orfox, found in Google's Play Store.
install Orxxx The first runs in the background, the second is a web browser.

The settings in Orbot have to be changed. Click on the vertical ellipsis ︙ at the top right corner:

The click on Settings:

Then, you can uncheck Start Orbot on Boot as I did or decide that you want it in the app in the background at all times.

Then scroll down the settings and click on Torrc Custom Config in the Debug section:

Just as for the Tor browser, add the onion address of the hidden Tor service on the Raspberry Pi and its authentication cookie such as HidServAuth abcdef1234567890.onion ABCDEF1122334455667789. In the screen shot below, you can see that two entries have been made:
and then press the OK. Since KHANSELA looks a lost like CANCEL, I assume KULUNGILE means OK or Accept.

To log in to the Domoticz web page, start Orbot and click on the START button. The white and grey onion will change to a yellow and green shade once Orbot is started. The BROWSE button will become enabled; click on it. The Orfox browser will appear. Enter the onion address at the top of the window. It will take a while to get to the web page and chances are that nothing will show. Click on the vertical ellipsis ︙ at the top right corner and select NoScript near the bottom of the screen. Check the onion address in the NoScript whitelisted sites. Refresh the page and eventually, the login screen should be visible.

Previous: Part 4 - Domoticz