I have 2 raspberry pi devices -
- The first one is running the openHAB server and sitemap to control the alarm
- The second is setup to run my home alarm python application.
Currently, the only way I have of rebooting the alarm is via MQTT. If the broker were to hang on the openHAB server or the alarm application were to become unresponsive then I wouldn’t be able to reboot to clear any issues. To solve this problem I decided it would be a good idea to setup an openHAB rule to issue a remote reboot as an alternative option.
rule "Reboot PI (OpenHAB)"
when
Item RebootPI_FromOpenHAB received command
then
if (receivedCommand == 100)
{
var String results = ""
results = executeCommandLine("ssh openhab@192.168.0.82 sudo shutdown -r now", 5000)
logInfo("OpenHAB Reboot Alarm", "results=" + results)
sendNotification("xxxx@xxx.com", "OpenHAB Re-boot request has been sent !")
}
end
The info provided from this point on is what I’ve understood from the advice given by the other posters in this thread. What I have implimented has worked but perhaps Rich could do a sanity check on the text that follows just to make sure Im not misleading anyone here I’ve had to document this processs after the event but I’m confident that the steps below will achieve the desired result.
As pointed out to me, Its worth noting that “executeCommandLine” uses the openhab account ( not openhabian ) to run its payload.
DO THIS FROM THE OPENHAB SERVER
The step that follows may or may not be necessary but I did it anyway. I added openhab to the sudo group. You can ommit this step and see what results you get once you have finished the rest of the steps below. If you have an issue then come back here and do this step.
sudo usermod -a -G sudo openhab
Now we need to login as the openhab account. Since the password is not exposed you can use the following command below. NOTE : I’ve read somewhere that the password is “habopen” but I’ve had no luck logging on as openhab with this password.
sudo -u openhab /bin/bash
Now you can run
ssh-keygen -t rsa -b 4096
when prompted, use the path below to store the keys. If the .ssh directory does not already exist you will have to create it.
/var/lib/openhab2/.ssh
Its worth pointing out that “/var/lib/openhab2” is the home drive path for the openhab account. For all other accounts you would normally expect to see the home drive located in “/home”
DO THIS ON THE REMOTE SERVER
We now need to ensure that there is a matching openhab account residing on the remote device. After creating this user I then made changes to the sudoers.d file to ensure it could perform the command “shutdown -r now”.
sudo visudo -f /etc/sudoers.d/010_pi-nopasswd
I then added the entry
openhab ALL=(ALL) NOPASSWD: /sbin/shutdown
The next step is to create an “.ssh” directory in the openhab home directory. We will then need to copy in the file “/var/lib/openhab2/.ssh/id_rsa.pub” from the openHAB server.
Login as the openhab user you have just created
su openhab
when prompted, enter the password you gave the account and then enter
cd
This will ensure you are taken to your home directory. From here you will enter
mkdir .ssh
All we need to do now is copy in the public key file that we created from the openHAB server.
DO THIS FROM THE OPENHAB SERVER
Ensure you are logged on with
sudo -u openhab /bin/bash
then run the following substituting xxx.xxx.xxx.xxx for your remote server ip address.
scp /var/lib/openhab2/.ssh/id_rsa.pub openhab@xxx.xxx.xxx.xxx:/home/openhab/.ssh/key_upload.pub
Enter your openhab password on the remote machine when prompted.
DO THIS ON THE REMOTE SERVER
Ensuring you are still logged in as openhab, do the following -
cd /home/openhab/.ssh
cat key_upload.pub >> authorized_keys
At this point you should be all done.
Hopefully this will help point someone in the right direction if they are trying to do a similar task.
Cheers
Karl.