I use a PfSense rooter witch include a VPN server. So wen I leave home, tasker auto-connect my VPN and then update myPhone item to OFF. You could use a port fowarding setup but, it’s way less secure, because it expose your controller to the internet! I think the VPN is a more secure way because it’s strongly encrypt all communications from your phone, to your home, and it’s like if you are alway at home. 
2 Likes
Sorry I did’t know that Tasker was Android exclusive. That’s bad. 
Keeping thinks low on the controller is not the only reason why I’ve switch from NH to Tasker. I’m not linked to a security system, at least for now, so I can’t do a wasp-in-a-box-algorithm and using NH alone fail sometime. Probably because of some sort of sleep mode on the phone. Also, I ask a network security expert : How would you hack in my house? (When using NH) He said: Easy! The wifi can be craked! And when your in, you just need to emulate the MAC adresse to unlock your home. 
Sure I am not a network security expert, and i’m not sure which way is better, but It’s worth the time to think about it, because your phone, could be the key of your home (with a good lock-screen of course). 
@sc1982 I bought a DSC alarm for my new house and was also thinking of implementing an override switch into all rules triggered when the alarm is deactivated by the alarm panel. As I need to provide my wife with an easy way to over ride things. she often ignores me when I explain how things will work… either that or she listens and does the opposite, lol. She will actually be a fantastic destructive tester of my automation solution.
Anyway it looks like your actual system is year ahead of even my thinking. Would you be able to share some of your rules or configurations? It love to implement some of this logic myself.
In regards to the security, what your friend told you is true whether you are using the network health binding or not. If your locks can be controlled from a computer that is on your wifi what he described is possible. Frankly, whether or not you are using network health is irrelevant. It’s the fact that your locks are wirelessly controlled that is the security risk. BTW, I am a security expert by trade. An attacker doesn’t need network health to be running to break into your wifi and they don’t need it to spoof a trusted device and unlock your doors. It’s a complete non sequetor.
Setting your locks up where they can be controlled from your phone is the source of the security risk. But it isn’t because of your phone, it’s because the locks can be controlled wirelessly so anyone can spoof your phone it your OH server and unlock your doors.
Of course how much of a risk that if and whether you are willing to accept that risk is your decision.
That’s the piece I was missing!!! I didn’t know you can send the username and password like that in the URL. I’ve already created the NAT rules in my firewall for OH so I can access the sitemaps on my phone but even with that I could not get REST to work externally, I guess if I authenticate via the URL it’ll work. I like @Tomtibo approach better. I also have PFsense and I started down the road warrior VPN route but gave up after I realized I couldn’t use REST externally as that was my only driving force at the time. I will revisit this though as i’d like to close that hole in the firewall and the server essentials vpn solution i use is… well… Sometimes I really hate Microsoft!!!
I actually am also using a X minute timer before my presence switches actually turns off and i’m using it for almost all the same reasons. I’m using a modified version of the NH sample rule for presence detection. I’m using a number item as a variable for the timer so depending on the room/person/house mode the timed delay can be virtually anything. Since it’s applied to each technology i’m using for presence seperately i can adjust for the pit falls of each independently. Actually, you helped me with the syntax for that!!! Damn you’re awesome!!!
I found your BT script during my research and I was very interested but it looks like it’s meant for flavors of Linux so I dismissed it as i’m on windows. Am i incorrect in thinking that? When you say it works better on newer than older, how bad is it on older bluetooth dongles? I have a shit ton of older bluetooth dongles because on my previous automation system the plan was to use a bluetooth dongle in each room to help detect presence in that room. Since the range on the older stuff is weaker, in theory, which ever dongle is detecting you should be in the same room you’re in (provided you have the sq ft to make that statement true…).
If your phone is VPN’ed to your home network it should show up as a local device. If you set up OH with EXTERNAL security it will not require user/password for the REST calls.
I wrote it for Linux but there is nothing about it that would prevent it from running on Windows, beyond the generic issues with running Python scripts on Windows in general. I’ve not done so so what if any problems you might face are unknown, but the libraries you need are available for Windows Python. It will print warnings about the lack of some of the other libraries that don’t make sense on Windows like GPIO, but it will still run.
I wish I could quantify that with an answer. I’ve the script running on an old laptop with an embedded BT (BT 3?) and I’ve played around with tuning it and haven’t really come up with settings that reliable detects my and my wife’s iPhone AND detects when the phone goes away (i.e. it will keep “seeing” the phone even after it is gone). I have a BT 2 dongle plugged into a Pi in the basement that has a similar problem only it is even more prone to see phones when they are not really there. The Pi 3, however, and based on reports from the guy who wrote the module and added it to my script, it works really well.
NOTE: The script works by measuring the signal strength the dongle reports between itself and the BT device. It adds a count if the strength indicates it is near and a different count for when it is far or absent. To tune you adjust an if/elit near the bottom of bluetoothScanner.py that compares the far_cound and near_count with each other and a threshold. So you can make it more sensitive to the device being near and less sensitive to the device being far or visa versa.
In practice, even the BT 2 dongle I have reaches at least to the three rooms around the device so it really isn’t great at determining a specific room so much as detecting which floor I’m on (e.g. if the main floor detector and top floor detector is on I’m probably on the main floor). Now you could potentially aggregate the sensor info in one location and which ever dongle in which room has the strongest signal would be a good indicator the device at least is in that room.
Of course that would only work if you keep your phone on you while you are home. This isn’t true for me at least so it would have limited utility though it could be useful to figure out where I left my phone (or the toddler has taken it).
If you want room by room presence detection, and have Android devices (iOS locks down the APIs needed for this program to work), you might be interested in this thread.
1 Like
HA, I think wifes were put on this earth to either ignore us or do the opposite of what we ask of them. You’re very correct in that they make great testers. My wife is completely responsible for the reliability of my automation. All the time that went into error checking, confirmation sweeps, manual and auto over-rides, etc - all because of her! Now when I roll out something new, one of my primary objective is to be able to roll this out without her noticing. 1st - she’s not a geek so she really don’t care, 2nd - she’s not really paying attention to instructions, 3rd - even if she was listening she’ll forget, and 4th - If she doesn’t forget she’d complain about the extra steps. Great automation is automation where no special instructions are needed. The house just auto-magically does what needs to be done around the users before they even realize that it had to be done, and manual overrides look no different than what everyone on the planet already does so instructions really isn’t necessary. However with that said i’m in the process of mentally designing a way to send loaded questions to our mobiles so our yes or no responses trigger an action. Sounds like tasker is where i want to be for that but i’d like it to not be os specific.
To finally get your question (As you can probably tell, in person i’ll literally talk your ear off, it’s who I am, I’ve come to accept it), I’ll absolutely share what I have. I’m all about that shit. I’m far from a programmer so for all I know you or someone else will see it and turn it from okay to F’in awesome. All I ask is if such changes are made share it back so we all benefit. Not to mention that a lot of my rules and such was taken from the samples on the wiki or snippets i stumble across while surfing the forum. Then I changed them to make them work for what I need. I’ll have to post it later or over the weekend as I don’t have access to my system at the moment.
1 Like
Exactly! I advocate this strongly and follow it to such an extent that I will not implement a home automation unless it
- just works, no interaction is required
- if interaction is required, that interaction is as simple and intuitive to do as the traditional non-automated approach
- can be controlled by guests to the house who may or may not have a smartphone to interact with the system
If I can’t achieve the above it doesn’t get implemented.
If you have to give someone instructions that are more involved than “the switch for the light is over there” it is a home automation failure.
You might check out the SMS channel in IFTTT. Coupled with my.openhab and the openHAB channel you should be able to achieve something like this in an OS neutral manner. Should being the operative word as I don’t know for sure it will support a two-way communication like that.
I wrote a posting about how I would implement the question response processing in rules somewhere on this forum but I can’t find the magic search term to bring it up right now and that was months and hundreds of postings ago. Maybe I need to reimplement it and add it as a design pattern so I can find it next time.
Puh, the thread is quite long already (tl;dr 
)
There’s a number of techniques available. I’ve tried almost all of them - none of these is perfect.
You need to combine them. Apply your consolidation logic using openHAB rules, examples see above.
Nowadays, I’m still using owntracks, combined with network binding, and have found that to be rather reliable.
Here’s my comments and findings:
- owntracks
They’ve said to have recently rewritten a major part of owntracks to improve reliability and I’m inclined to believe that it does. Also, it’s worth spending some time on optimizing owntracks parameters. Don’t be afraid of small update intervals - it doesn’t really eat that much battery. - network binding
Just have your router assign fixed IPs.
In principle, that’s the same as having your WiFi router queried via some script or to use Tasker.
They all rely on WiFi connectivity,
To have multiple WiFi networks (WiFi repeater plus 2.4 GHz plus 5GHz) improves reliability.
For Fritz!Boxes (popular at least in Germany), there’s a binding to detect MAC addresses - use FIND app
kewl stuff!
It’s working passively (thus little battery drain).
For precise indoor detection, you need a couple of WiFi networks around, so this may not apply to someone living in the Outback.´But if you’re part of the civilized world, it even tells you the room you’re in ! (with reasonable reliability). - bluetooth beacon
haven’t used, so no comment - door sensor, motion sensors, wasp-in-a-box algorithm
Use them, but remember they just tell you about ‘presence’ but no personalization.
1 Like
NOTE; FIND only works with Android unless something has changed recently.
The application is split into a server and the clients. There has been some work to port the client algorithm that generates the fingerprints to the Proton and other WiFi devices so the range of clients should grow (more IoT devices maybe). It was noted that it was difficult to produce an iPhone app due to Apple’s WiFi API.
Hi,
I use Locative with Geofences to track if I’m home. This is a free Android and iOS App in the stores and available on Github.
Since I run some services at home with docker, I wrote a very simple Java program and packaged it up as container (but you can run it as standalone jar as well).
See: https://github.com/oliverwehrens/locative-openhab
It triggers switches (enter/leave a fence) in openhab and then you can do rules based on that. I have a caddy server with let’s encrypt running in front of that.
@rlkoshak Rich, i am trying this script out and getting the following when trying to run directly:
`pi@raspberrypi:/opt/sensorReporter/config $ sudo python sensorReporter sensorReporter.ini
File "sensorReporter", line 14
DIR=/opt/sensorReporter
^
SyntaxError: invalid syntax
I have the scripts installed in /opt/sensorReporter, am I missing something?
Threw me for a loop for a second.
The sensorReporter script is what you would use for having it start as a service on an upstart based sytem (e.g. Ubuntu 14, Raspbian before Jesse).
To start the program manually like this you run:
sudo python sensorReporter.py sensorReporter.ini
Or to use the sensorReporter script you would run
sudo sensorReporter start
See the install.sh script for how to install and configure these start scripts so it runs as a service.
@tpmcleod24 I’m not sure how rikoshak’s script works because I’ve never use it, but it seems that you are executing the wrong file. The python script that you are trying to execute is in your “/opt/sensorReporter” folder, and the file called sensorReporter that is located at the “/opt/sensorReporter/config” folder is a bash file, so you should simply launch it with “sudo ./sensorReporter sensorRepoter.ini”. But this last sentense wont’ work because there is no .ini file in the “/opt/sensorRepoter/config” folder, the .ini file must be located at “/opt/sensorReporter”. I hope that you are understanding what I’m trying to tell you 
Let’s see what Rich has to say!
I had an idea but not sure how it can be done. A few people mentioned using iBeacons to improve the accuracy of owntracks. Looking into this I found a way to build some ibeacons using cheap HM-10 Bluetooth modules and I thought that was quite good.
But I then realized this really requires the phone to be on and with you all the time and was thinking of another idea.
My question is can iBeacons report back to the openhab server the presence detection of a Bluetooth keyfob (rather than a phone)? I might be conceptually talking about creating a bluetooth mesh network, I don’t know exactly though. Would this only be possible using a HM-17 (BLE 4.1) or using a HM-10 connected to an ESP8266 that would send messages back via MQTT be an alternative option?
I figure if I have 3 quite cheap iBeacons in each room I should confidently be able to know which room someone was in and build rules accordingly.
This might be what I’m looking for. It is called Happy Bubbles, Only looks recent as in the last couple of weeks.
They have some server software to configure BLE devices and the detectors seem to bu built with an ESP or a NodeMCU and a PTR5518.
The iBeacons do not report to anything. They periodically broadcast a BLE “advertisement” that identifies the specific beacon. Some other device, like a phone or a Happy Bubble, receives the advertisement and does something with the information. In the case of OwnTracks, the phone receives beacon advertisements and the software publishes beacon information to MQTT.
So you could have fixed beacons and someone with a phone will receive the advertisements from those beacons as they pass and then relay the beacon info to some other system like openHAB via MQTT. You could also have several statically located beacon receivers, like Happy Bubbles, in various locations and have them receive advertisements from a beacon (for example, in a keyfob or a phone configured as a beacon). Yet another possibility is to have mobile beacons and mobile beacon receivers. I have an iBeacon in my car and my phone will notify openHAB (via OwnTracks) any time I’m in my car wherever the car may be at the time.
I wonder if it would be possible to adapt what is done in FIND with triangulation of the signal, only using BT. The advantage there is that one could move the detector of the signals off of the phone and on to stationary BT sensors reporting on the signal strength from the user’s phones or other BT device.
To put another way, install BT sensors which detect and report on the signal strength of BT devices as they move through the home. Then apply FIND’s triangulation algorithm using those signal strengths reported from the BT sensors. This would not require anything to run on the phone and therefore would work cross platform. Of course it requires setting up the BT sensors across the home.
1 Like
Im using whis code instaled on Tomato router to track users via WIFI.
It works on any phone, android Nexus 5 in my case.
#!/bin/sh
OHIPPORT="192.168.0.212:8081"
function fcomp() {
awk -v n1=$1 -v n2=$2 'BEGIN{ if (n1<n2) exit 0; exit 1}'
}
RET=`brctl showmacs br0|grep $1`
if [ "$RET" = "" ]
then
echo 'FAIL'
curl --header "Content-Type: text/plain" --request PUT --data "OFF" http://$OHIPPORT/rest/items/$2/state
else
ATIME=`echo $RET | awk '{print $4}'`
echo $ATIME
if fcomp $ATIME 200; then
echo "OK"
curl --header "Content-Type: text/plain" --request PUT --data "ON" http://$OHIPPORT/rest/items/$2/state
else
echo "EXP"
curl --header "Content-Type: text/plain" --request PUT --data "OFF" http://$OHIPPORT/rest/items/$2/state
fi
fi
Phone must periodicaly contact to the internet (eg. mail/whatsup check), this is normal in out times.
Execution:
maccheck.sh mirek 00:00:00:00:00
where:
mirek - is the name of switch that represents person in openhab (need to be declared in items)
00:00:00:00:00 - is the mac address of phone
Add this script to cron to be run in every minute:
cru a " * * * * * maccheck.sh mirek 00:00:00:00:00"
1 Like