project:brmdoor:start
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
project:brmdoor:start [2018/10/06 19:48] – Remote access abyssal | project:brmdoor:start [2023/01/14 20:03] – Brmdoor - outside view of PN532 shield update abyssal | ||
---|---|---|---|
Line 32: | Line 32: | ||
* Lock specs say 12-24V should be used, but from experience 12 V is not enough. Use 24 V. | * Lock specs say 12-24V should be used, but from experience 12 V is not enough. Use 24 V. | ||
- | Communication is over SPI: both SEL0 and SEL1 are shorted which turns communication to be over SPI. | + | Communication is over SPI: both SEL0 and SEL1 are shorted which turns communication to be over SPI. Docs say SEL1 closed, board says both closed, both closed work. |
Documentation of Adafruit PN532 shield (our revision is 1.2): | Documentation of Adafruit PN532 shield (our revision is 1.2): | ||
Line 43: | Line 43: | ||
Source repository: https:// | Source repository: https:// | ||
+ | ===== Raspberry support ===== | ||
+ | |||
+ | Brmdoor was tried on: | ||
+ | |||
+ | * Raspberry 1B (very slow import, but works ok) | ||
+ | * Raspberry 3B+ | ||
+ | * Raspberry 4B | ||
+ | |||
+ | Tested Raspbian 9 and 10 (Raspi OS 2021-03-04). | ||
+ | |||
+ | Make sure you enable SPI in device tree or '' | ||
===== List of authorized cards ===== | ===== List of authorized cards ===== | ||
Line 67: | Line 78: | ||
< | < | ||
- | cd brmdoor_libnfc/; | + | cd brmdoor_libnfc/; |
</ | </ | ||
Line 80: | Line 91: | ||
< | < | ||
git commit -m "Added card for member Ctulhu" | git commit -m "Added card for member Ctulhu" | ||
+ | </ | ||
+ | |||
+ | ===== Adding a new Desfire with authentication to JendaSAP and import to brmdoor ===== | ||
+ | |||
+ | This is similar to above, but has extra step in programming the Desfire. | ||
+ | |||
+ | <note important> | ||
+ | The Desfire needs to be programmed with correct signature first, otherwise brmdoor will reject it. | ||
+ | </ | ||
+ | |||
+ | Writing a signature on a Desfire card (can be done on raspi or using PN532 reader that is in the lab). You must know the private Ed25519 key matching the public key in brmdoor' | ||
+ | |||
+ | < | ||
+ | ./ | ||
+ | </ | ||
+ | |||
+ | Similar to above, but you add line " | ||
+ | |||
+ | < | ||
+ | desfire 04631982cc2280 | ||
+ | </ | ||
+ | |||
+ | The parse.py mentioned above will also create '' | ||
+ | |||
+ | < | ||
+ | cd brmdoor_libnfc/; | ||
+ | </ | ||
+ | |||
+ | <note important> | ||
+ | If you are using old libfreefare 0.4.x, you will need to patch the hardcoded infinte timeouts, otherwise Desfire stuff may deadlock. | ||
+ | </ | ||
+ | |||
+ | In general, set the timeout param in '' | ||
+ | |||
+ | So '' | ||
+ | |||
+ | < | ||
+ | DEB_BUILD_OPTIONS=' | ||
+ | </ | ||
+ | |||
+ | ==== Fixed Raspbian libfreefare .deb files ==== | ||
+ | |||
+ | Link to zip with the rebuilt .deb files for current brmdoor (Raspian 9), just install with dpkg -i like usual: | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | Latest versions of libfreefare have this fixed, there is either non-infinite timeout or configurable timeout in very latest versions. | ||
+ | ==== Checking that the signature on Desfire ==== | ||
+ | |||
+ | Can be done with brmdoor, PN352 reader on PC or also on mobile app that can show NFC NDEF data: | ||
+ | |||
+ | < | ||
+ | cd brmdoor_libnfc/; | ||
+ | </ | ||
+ | |||
+ | You should see something like: | ||
+ | |||
+ | < | ||
+ | {" | ||
+ | </ | ||
+ | ===== Restarting brmdoor remotely ===== | ||
+ | |||
+ | If brmdoor stops responding for some reason, restart it using: | ||
+ | |||
+ | < | ||
+ | systemctl restart brmdoor.service | ||
+ | </ | ||
+ | |||
+ | In order to get to brmdoor from outside, you'll need to find a hop server accessible from outside, like bbs.brmlab.cz | ||
+ | |||
+ | Sample entry in '' | ||
+ | |||
+ | < | ||
+ | Host = bbs.brmlab.cz | ||
+ | VerifyHostKeyDNS = yes | ||
+ | User = root | ||
+ | IdentityFile = ~/ | ||
+ | ForwardX11 = no | ||
+ | UsePrivilegedPort = no | ||
+ | Protocol 2 | ||
+ | |||
+ | Host = brmdoor-external | ||
+ | ProxyCommand = ssh bbs.brmlab.cz nc %h 22 | ||
+ | Hostname = 192.168.77.30 | ||
+ | Port = 22 | ||
+ | User = root | ||
+ | IdentityFile = ~/ | ||
+ | ForwardX11 = no | ||
+ | UsePrivilegedPort = no | ||
+ | Protocol 2 | ||
</ | </ | ||
Line 137: | Line 238: | ||
General GPIO PIN assignments are configurable, | General GPIO PIN assignments are configurable, | ||
- | pinouts. Raspi pinouts for all versions: | + | pinouts. Raspi pinouts for all versions: |
+ | |||
+ | (Follow whatever Rpi is installed for pinout as power sources keep killing them time to time) | ||
Numbering scheme used by brmdoor for lock and open switch (based on BCM GPIO numbering, different from P1 | Numbering scheme used by brmdoor for lock and open switch (based on BCM GPIO numbering, different from P1 | ||
Line 145: | Line 248: | ||
PIN assignemnts (physical PINs on P1 header, with BCM GPIO numbers used in config): | PIN assignemnts (physical PINs on P1 header, with BCM GPIO numbers used in config): | ||
- | * 5V power into Raspberry: physical #1 | + | * Raspberry power - via USB |
- | * Ground from power source to Raspberry: physical #9 | + | |
* 5V power out into Adafruit PN532 reader: #4 | * 5V power out into Adafruit PN532 reader: #4 | ||
* Ground for Adafruit PN352: physical #6 | * Ground for Adafruit PN352: physical #6 | ||
* BERA-E lock open/close: physical #22, BCM GPIO #25 | * BERA-E lock open/close: physical #22, BCM GPIO #25 | ||
- | * Open/close switch input PIN: physical #15, BCM GPIO #22 | + | * Open/close switch input PIN: physical #15, BCM GPIO #22 (/sys/ |
- | * Ground for open/close switch: physical #25 | + | |
* SPI pins for Adafruit PN532 reader - SPI PINs on Raspberry - physical #19, #21, #23, #24 | * SPI pins for Adafruit PN532 reader - SPI PINs on Raspberry - physical #19, #21, #23, #24 | ||
+ | * electrical measurement (ask Jenda) : physical #12 signal, ground physical #14 | ||
+ | * grounds not mentioned just connect to any ground | ||
+ | |||
+ | ===== microSD card extra vs Sandisk Extra USB experiment (2021-05-20) ===== | ||
+ | |||
+ | I'e bought a 16 GB USB flash that should theoretically be more stable than SD card. | ||
+ | |||
+ | I've copied the 32-GB card, extended the filesystem to 16 GB (from original 4 GB). | ||
+ | |||
+ | The copy is available in my trezor. I benchmarked SD card and the USB boot device, did not find any significant differences. We did thought with rainbof limit the max CPU/GPU freq. | ||
+ | |||
+ | To this day I am not sure whether that " | ||
+ | |||
+ | Nevertheless, | ||
+ | |||
+ | Jenda/Mrkva were politely asked whether they want to design a single board for all future brmdoors. Since there is like 10 parts and foundries will make the poplated boards at $10/piece. | ||
===== GitHub, last commits ===== | ===== GitHub, last commits ===== | ||
{{rss> | {{rss> | ||
- | ===== Photos of cable connections of Raspi + PN532 shield (location Ke kaplicce | + | ===== Photos of cable connections of Raspi + PN532 shield (location Ke kaplicce |
{{: | {{: | ||
Line 170: | Line 287: | ||
{{: | {{: | ||
+ | ===== Updated photos after replacing Raspi 1 rev B2 with Raspi 3B+ (18 May 2021) - OBSOLETE ===== | ||
+ | |||
+ | Power source fried the Raspi 3B+ sometimes in 2022, replaced again with Raspi 2B | ||
+ | |||
+ | Added on left side is a stepdown that works with Raspi 3B+ power consumption. | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | ===== Updated photos after replacing fried Raspi 3B+ for old Raspi 2B and changing casing (14 Jan 2022) ===== | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | ==== Outside view of PN532 shield (14 Jan 2022) ==== | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
===== Brmdoor HOWTO (displayed after you login as root, in /etc/motd) ===== | ===== Brmdoor HOWTO (displayed after you login as root, in /etc/motd) ===== | ||
< | < | ||
Line 236: | Line 378: | ||
===== Remote access from outside brmlab ===== | ===== Remote access from outside brmlab ===== | ||
- | Add following to your ~/ | + | Add following to your ~/ |
+ | |||
+ | You need to have access to '' | ||
+ | |||
+ | You need ssh that supports '' | ||
< | < | ||
- | Host = brmbar-external | + | |
- | VerifyHostKeyDNS = no | + | Host data.brmlab.cz |
- | Hostname = hrach.eu | + | User root |
- | Port = 22715 | + | Port 22 |
- | User = brmlab | + | IdentityFile = ~/.ssh/whatever_your_key_is |
- | IdentityFile = ~/.ssh/id_rsa | + | |
- | ForwardX11 = no | + | |
- | UsePrivilegedPort = no | + | |
Protocol 2 | Protocol 2 | ||
- | Host = brmdoor-external | + | Host = brmdoor-via-data |
- | ProxyCommand | + | ProxyJump |
- | Hostname = 192.168.77.247 | + | Hostname = 192.168.77.30 |
- | Port = 22715 | + | Port = 22 |
User = root | User = root | ||
- | IdentityFile = ~/.ssh/id_rsa | + | IdentityFile = ~/.ssh/whatever_your_key_is |
ForwardX11 = no | ForwardX11 = no | ||
UsePrivilegedPort = no | UsePrivilegedPort = no | ||
Protocol 2 | Protocol 2 | ||
+ | </ | ||
+ | Then using | ||
+ | |||
+ | < | ||
+ | ssh brmdoor-via-data | ||
</ | </ | ||
- | Then ssh brmdoor-external | + | will get proxyjump over data into brmdoor. |
project/brmdoor/start.txt · Last modified: 2023/09/17 20:35 by abyssal