Because of the recent myopenhab outages I’ve decided it would be better in the long run if I ran my own instance of the openhab-cloud. I spent a couple of hours walking through the setup to get it working and recorded how I did it incase someone wants to do the same.
Requirements
- A server or VPS somewhere exposed to the Internet that you can dedicate to running openhab-cloud. I’m using Linux and have no experience in Windows.
- A domain name you can use (subdomain is fine)
- Some knowledge of the software or system if issues come up.
Step 1
Read the official docs. Don’t follow them just yet, just read them so you understand what’s going on.
Step 2: Setup a new instance/server.
You’ll need somewhere to run openhab-cloud. I suggest a cheap VPS, you can get one from AWS, Google, Linode, Digital Ocean or Scaleway (which is what I’m using for this demo). I’m running it on a $3/month VPS and it’s running just fine. I won’t go into the details here on how to setup a server.
I suggest Ubuntu 16.04 because that’s what I used so I know it works. If you’re running on x86 hardware I can’t guarantee everything will go smooth since Scaleway is ARM but I see no reason why it wouldn’t.
While your server is being setup, continue to step3.
Step 3: Valid domain name so we can set up SSL
You can get domains as cheap as $5/year now or you could simple use a subdomain of a domain you already own. I’ll be using a subdomain for this demo, openhab.dxxd.net
Once your server is setup and you have an ip go ahead and create a new DNS A record for your domain. Get this going since it takes some time to propagate. I can’t explain this since every service is a little different but there are ton of tutorials online so just search “new dns a record in _____” fill in your domain registers name.
Step 4: Nginx
I’m assuming you have a running server with a subdomain pointed at it. I’m assuming Ubuntu so all commands are based on that, if you’re using something else you’ll have to adapt.
Update the server
sudo apt-get update && sudo apt-get upgrade
Change the server hostname to what you defined the domain to be so I have mine as openhab.dxxd.net
sudo hostname openhab.dxxd.net
setup nginx (could use apache too but the instructions below are for nginx)
sudo apt-get nginx
rm /etc/nginx/sites-enabled/default
create a new dir for your domain name
vim /etc/nginx/sites-enabled/openhab.dxxd.net
Copy this basic config below, make sure to change the server_name part and root to the directory you created in the last step.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name openhab.dxxd.net ;
root /var/www/openhab.dxxd.net;
index index.html index.htm;
location ~ /.well-known {
allow all;
}
}
add an index.html file to the root so we can test everything is working.
restart nginx and make sure you can see the index.html page using curl
curl openhab.dxxd.net
##Step 5: Letsencrypt
Instructions are here but I’ll go over everything
sudo apt-get install letsencrypt
Your webserver has to be up and running and the domain name has to work since it’s verified externally. If you can’t visit your index.html via your domain name you’ll have to wait to continue. Once you can visit http://openhab.dxxd.net and get your test page we can continue.
Change domain name and path
sudo letsencrypt certonly -a webroot --webroot-path=/var/www/openhab.dxxd.net -d openhab.dxxd.net
Should see a success message, if not might be a permissions issue or check to make sure your path is correct.
IMPORTANT NOTES:
- If you lose your account credentials, you can recover through
e-mails sent to _____@gmail.com. - Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/openhab.dxxd.net/fullchain.pem. Your cert
will expire on 2017-06-07. To obtain a new version of the
certificate in the future, simply run Let’s Encrypt again.
……
Follow the instructions to setup letsencrypt to auto renew, I’ll wait.
##Step 6: Setup SSL in nginx
Change the domain name and path.
vi /etc/nginx/sites-enabled/openhab.dxxd.net
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name openhab.dxxd.net;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name openhab.dxxd.net ;
ssl_certificate /etc/letsencrypt/live/openhab.dxxd.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/openhab.dxxd.net/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
root /var/www/openhab.dxxd.net;
index index.html index.htm;
location ~ /.well-known {
allow all;
}
}
Try out the domain, if you go to http it should redirect to https. Make sure you can still see the index.html file and it’s secure. You should not be able to see a non secure version.
##Step 7: Setup myopenhab
sudo apt-get install build-essential redis-server mongodb python git
clone repo (change to your root location)
cd /var/www/openhab.dxxd.net/
git clone https://github.com/openhab/openhab-cloud.git
install latest node and npm
sudo apt-get install python-software-properties
curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash -
sudo apt-get install nodejs
install npm packages
cd var/www/openhab.dxxd.net/openhab-cloud
npm install
Copy and edit config
cp config-development.json config.json
Open it up and change the first line, other settings are optional
Start the app make sure there are no errors.
sudo node app.js
starts up on port 3000, you can test if you use curl locally.
curl http://localhost:3000 and you shoul see an html openhab page.
More changes to nginx config to serve up static files and proxy to the node app
Change path locations as needed. Add this to the ssl/443 server block
location /css {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/css;
}
location /js {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/js;
}
location /img {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/img;
}
location /bootstrap {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/bootstrap;
}
location /font-icons {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/font-icons;
}
location /fonts {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/fonts;
}
location /js-plugin {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/js-plugin;
}
location /downloads {
alias /var/www/openhab.dxxd.net/openhab-cloud/public/downloads;
}
location / {
proxy_pass http://localhost:3000;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Forwarded-Proto https;
}
Go to the site and you should see the myopenhab signup/signup page. Just register like normal, add your uuid/secret keys from openhab to the settings page and then update the binding in the paper UI to point to your private server.
Next task, getting Alexa to work with a private server.
Patch Update
You probably want to apply this patch too so that other people can’t register on your instance.