openHAB Cloud setup on Google Cloud Platform

tutorial
google
openhab-cloud
Tags: #<Tag:0x00007f014561d418> #<Tag:0x00007f014561d030> #<Tag:0x00007f014561cea0>

(Flavio Costa) #1

Hello,

This is a guide on how to setup a openHAB Cloud instance on the Google Cloud Platform. I was initially following the instructions on the Quick start guide, and while it was mostly successful, it still has some issues to be resolved. I am recreating the VM there (basically because I want to make the disk smaller, and CGP does not allow one to easily do this), so I will be rewriting and improving the instructions.

VM setup

Sizing: micro (1 vCPU, 0.6 GB memory) - it may give you occasional performance warnings, but it could run mostly well enough
Disk: 10 GB HDD - minimum size required by the OS image, it should be more than sufficient
Firewall: Allow HTTPS traffic
Preemptibility: Off (recommended)
OS: Ubuntu 17.10

Before starting anything else, after connecting to the VM via SSH, get the latest packages:

sudo apt-get update
sudo apt-get upgrade

DNS configuration

A record created, pointing “mydomain.com” to the public IP of the VM instance. One option is to assign a static IP to the instance (but then you must keep it constantly running, otherwise you will be charged). To avoid that, you may want to use ddclient and configure it to regularly push your ephemeral IP to your DNS configuration:

sudo apt-get install ddclient
sudo vi /etc/ddclient.conf

openHAB Cloud install

sudo apt-get install build-essential redis-server mongodb nginx python git
cd /opt
sudo git clone https://github.com/openhab/openhab-cloud.git
cd openhab-cloud
sudo apt-get install npm
node --version
sudo npm install (lots of warnings while installing the dependencies)
redis-cli ping

Redis answered “PONG”, so let’s move to the web server setup.

Nginx configuration

sudo cp /opt/openhab-cloud/etc/nginx_openhabcloud.conf /etc/nginx/sites-available/default
cd /etc/nginx/sites-available
sudo sed -i 's/opt\/openhabcloud/opt\/openhab-cloud/g' default
sudo sed -i 's/your-openhab-cloud-host/mydomain.com/g' default

Here we have defined the domain name, and replaced /openhabcloud with /openhab-cloud, as the nginx default configuration does not match the installation directory name. If you don’t do this, the login page will load, but without any formatting:

Before restarting the web server, we can generate the SSL certificate. To keep it simple for now, you may generate a self-signed cert (or use Let’s Encrypt as described further below) and then restart the service:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/openhabcloud.key -out /etc/nginx/ssl/openhabcloud.crt
sudo service nginx restart

Final configuration and service startup

You first need to configure the application:

sudo cp config-production.json config.json
sudo vi config.json

    "system": {
      "host": "mydomain.com",
     [...]
    "mongodb": {
        "hosts": ["127.0.0.1"],
        "db": "openhab",
    },
    [...] Plus SMTP settings for "mail" and "mailer"

<ESC> :wq!

Please notice that mongodb come with a (blank) user and password, you need to remove these in order for the connection to work. You may also want to remove the password from redis, as leaving the blank entry could cause a warning in the logs. In a nutshell, besides removing these credentials, I only changed the domain name and defined SMTP configuration.

It is finally time to try to start openHAB Cloud as follows:

sudo node app.js

After trying to restart openHAB Cloud again, got an error, “Cannot find module ‘…/build/Debug/addon’”. After some additional searching on the web, this is how I could fix the issue and finally start it successfully:

npm rebuild (you may also need to upgrade nodejs to +7.10.1) 
sudo node app.js 
2018-01-04T05:38:43.539Z - info: openHAB-cloud: Backend service is starting up...
2018-01-04T05:38:43.548Z - info: openHAB-cloud: Backend logging initialized...
2018-01-04T05:38:44.071Z - info: openHAB-cloud: Initializing XMPP connection to GCM
2018-01-04T05:38:44.286Z - info: openHAB-cloud: Connecting ro Redis at 127.0.0.1:6379
2018-01-04T05:38:47.103Z - info: openHAB-cloud: Mailer will emulate sending in development environment
2018-01-04T05:38:47.304Z - info: opneHAB-cloud: Trying to connect to mongodb at: mongodb://127.0.0.1/openhab?poolSize=100
2018-01-04T05:38:47.361Z - info: openHAB-cloud: Scheduling a statistics job (every 5 min)
2018-01-04T05:38:48.220Z - info: openHAB-cloud: IFTTT is configured, app handling IFTTT capabilities...
Option polling duration is not valid. Please refer to the README.
2018-01-04T05:38:48.272Z - info: openHAB-cloud: express server listening on port 3000
2018-01-04T05:38:48.280Z - info: openHAB-cloud: Redis connect response: OK
2018-01-04T05:38:48.281Z - info: Redis is ready
2018-01-04T05:38:48.459Z - info: openHAB-cloud: Successfully connected to mongodb
2018-01-04T05:38:48.462Z - warn: openHAB-cloud: GCM XMPP error: XMPP authentication failure

(Matthias Fetzer) #2

Location directives in the nginx config file are in the form of /opt/openhabcloud and your openHAB cloud folder is /opt/openhab-cloud. I think the dash could be the problem.


(Flavio Costa) #3

Matthias, right on the spot, thank you for your reply! This indeed fixed the problem:

sudo vi /etc/nginx/sites-available/default
Occurrences of alias /opt/openhabcloud/... replaced with alias /opt/openhab-cloud/...
sudo service nginx restart

The static content now loads fine:

2018-01-04 10_00_03-openHAB Cloud - Home

As I still have warnings some warnings on the logs, I will try to fix them and implement some improvements such as making openHAB Cloud start as a service. I will report the steps here to serve as a reference for other users.


(Flavio Costa) #4

I think I have enough meat to close this topic, as I’ve finally got a fully working system - here is how I got there:

Google Cloud Messaging

To get rid of the “GCM XMPP error: XMPP authentication failure” warning, I went ahead to generate Google Cloud Messaging credentials via Firebase:

  1. https://console.firebase.google.com/
  2. [+] Add project
  3. Select an existing Google Cloud project where Firebase will be added - as per the current rules, billing should be disabled on that project so you can use Firebase’s free tier
  4. Project settings > Cloud Messaging tab

There you will find the values you will need to update on config.json, Sender ID and Server key. You should copy these and add to openHAB Cloud’s config.json as shown below. We will also make another change that will be useful later on:

  "gcm": {
    "jid": "<Sender ID>@gcm.googleapis.com",
    "password": "<Server key>"
  },
[...]
  "registration_enabled": true

Further changes to have notifications actually working would be another topic, but once the process is restarted with the configuration in place, that will get rid or the warning:

info: openHAB-cloud: GCM XMPP connection is online

SSL Certificate powered by Let`s Encrypt

This is also a good opportunity to replace the self-signed certificate, which is actually not that difficult to do for free with Certbot:

sudo apt-get install -y certbot
sudo apt install python-certbot-nginx
sudo certbot certonly --nginx -d mydomain.com

 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/mydomain.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/mydomain.com/privkey.pem
   Your cert will expire on 2018-04-05. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"

If you skipped the self-signed certificate and want to start with the Let’s Encrypt certificate, running the commands above would generate errors due to the missing certificates being referenced in the nginx config. You should comment out the line ssl on and the lines for ssl_certificate and ssl_certificate_key, before executing the commands above. You will also need to Allow HTTP traffic on the GCP firewall - you may disable it after the certs are generated.

Now we need to point Nginx configuration to where these certificates are located, and then restart the web server:

sudo vi /etc/nginx/sites-available/default (and then update the lines below)
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
<ESC> wq!
sudo service nginx restart

Since Let`s Encrypt certificates expire every few months, you may want to check on Certbot documentation how to use cron to have certificates updated automatically.

openHAB Cloud Connector

Next step is to configure the openHAB Cloud Connector on our local openHAB instance. Go to Paper UI > Add-ons > MISC > openHAB Cloud Connector > Install. After the service is installed, go to Configuration > Services to adjust the settings:

  • Base URL for the openHAB Cloud server should point to https://mydomain.com
  • Select items you want to expose to external integrations (e.g. IFTTT)

We now need to connect to your local server via SSH to retrieve the “UUID” and “Secret” credentials that will be used to configure the remote openHAB Cloud instance:

cat /var/lib/openhab2/uuid
cat /var/lib/openhab2/openhabcloud/secret

You should copy the output of these commands that will be used to configure our Cloud instance. Now go to https://mydomain.com/ on your browser and create a new user, supplying the “UUID” and “Secret” you just copied from your local openHAB. If you don’t plan creating additional users, you can now disable registration on config.json:

  "registration_enabled": false

Production readiness

One requirement for a stable production-ready system is that it doesn’t generate too many logs, so we should adjust the openHAB Cloud configuration’s logging level from the default “debug” to a less verbose “info”:

sudo vi /opt/openhab-cloud/logger.js
 transports: [
        new (winston.transports.Console)({json: false, timestamp: true, level: "info"})
    ],

I am leaving the exceptionHandlers definition as debug, since I may want more details in the logs in case something goes wrong.

We now need to keep openHAB Cloud running even if we hit ^C or if we close the SSH session. The powerful PM2 process manager can be installed on our VM to accomplish this goal:

sudo npm install pm2 -g
pm2 start app.js --name="myopenhab"

You may refer to the PM2 documentation to see how to stop, restart and see logs openHAB Cloud and any other Node.js applications that PM2 is asked to keep running as a daemon.

One of the last steps to finalize the configuration is to restart your local openHAB instance, so it tries to connect to openHAB Cloud using the previously configured UUID and Secret credentials:

sudo systemctl restart openhab2

Connection should be working now! Finally, you may want to configure the Remote URL on your mobile clients (Android, iOS).

  • Remote URL: https://mydomain.com
  • Username and Password: email and password for the user created on openHAB Cloud (it’s not the UUID and Secret!)

This completes the initial configuration of openHAB Cloud on a Google Compute Engine VM and the adjustments needed on the client-side to connect to it.


(Michael Ingraham) #6

@Flavio_Costa

What is the purpose of this integration vs. the Official Google Assistant Integration for openHAB?

Thanks.

Mike


(Rich Koshak) #7

This is for those users who want to run their own openHAB Cloud instance instead of using myopenhab.org.