Jump to content

Welcome to Smart Home Forum by FIBARO

Dear Guest,

 

as you can notice parts of Smart Home Forum by FIBARO is not available for you. You have to register in order to view all content and post in our community. Don't worry! Registration is a simple free process that requires minimal information for you to sign up. Become a part of of Smart Home Forum by FIBARO by creating an account.

 

As a member you can:

  •     Start new topics and reply to others
  •     Follow topics and users to get email updates
  •     Get your own profile page and make new friends
  •     Send personal messages
  •     ... and learn a lot about our system!

 

Regards,

Smart Home Forum by FIBARO Team


  • 0

External watchdog for HC2


drboss
 Share

Question

Because i had the same problems after last 3 or 4 upgrades i write small simple external watchdog.

Why?

- After message about successful upgrade my HC display error 503 with button to restart services and wait.

- After several hours of working my HC2 display screen without any switch, dimmer, scenes only static info and stop working 

Because the proxy Apache still work on HC2 in case of this two error my script use for check and restart php and api pages on HC2.

Script work without problem on openwrt or dd-wrt routers, Windows 10 linux shell. qnap nas.

 

 

Please login or register to see this code.

 

Link to comment
Share on other sites

9 answers to this question

Recommended Posts

  • 0

Nice!

 

Maybe I can try your way to check status of the HC2 and rewrite it for using it in Node-Red. :>

Link to comment
Share on other sites

  • 0

Question,

 

I noticed that many of scripts that are run on raspi or other devices contains HC super user credentials that are not encrypted. What impact to the security this can have?

Link to comment
Share on other sites

  • 0

That's what I asked for, for a very, very, very long time. But hey, you know how hard it is to convince Fibaro they should implement https.... ]:->

 

For the time being I only use https from the HC2 (which can be done by scenes). If you want to be safe as possible, you can use a dedicated HC2 user with limited userrights. Didn't try if it also have limited access to the API also.

 

I'm thinking of creating some kind of webhook from the HC2 to my Node-RED Raspberry Pi configuration, like;

- Let HC2 check a every 5 (or what ever) seconds a Node-RED variable with a scene using https and dedicated login credentials

- Get Node-RED variable content and store to a HC2 variable

- Depending the content trigger scenes to handle HC instructions.

 

When I have more time I have to try this kind of solutions.

Link to comment
Share on other sites

  • 0

Hi @Lambik,

 

thanks for the answer. But I'm not concerned only that credentials are sent over the network without encryption, but also saved on devices in scripts that are not encrypted and therefore represent also security risk. Am I right?

Link to comment
Share on other sites

  • 0

Sorry for the late response :oops:.

 

Do you mean scripts which are executed by other devices and communicate to the HC2 by API?

As far as I know there is no way to have secure communication to the HC2, so yes you're right.

 

Link to comment
Share on other sites

  • 0
1 hour ago, Lambik said:

Sorry for the late response :oops:.

 

Do you mean scripts which are executed by other devices and communicate to the HC2 by API?

As far as I know there is no way to have secure communication to the HC2, so yes you're right.

 

 

 

Hi @Lambik,

 

thanks for the answer and yes I meant scripts that are executed on other devices and contain credentials needed to communicate with HC.

This is unfortunate and then I will have to revise some of my future projects since I don't want to use extra user on HC2.

Link to comment
Share on other sites

  • 0

@Sankotronic, as far as I know, when API commands are send the user credentials are not encrypted.

 

That's why I use scenes, with https encryption possibilities, to communicate with other devices. I send https-commands to a Raspberry Pi with Node-Red installed. My Node-RED communicates encrypted with all other devices and services with different (device) accounts (separate user and passwords).

 

This way I can use my own (dedicated) mailserver, access IP-cameras (for i.e. snapshots), push messages, Telegram messages, other IoT devices/services etc. All this is only accessible by local LAN or private VPN, communication can be logged and, when something strange happens, I will be notified. Also it all can be backed up the way I want.

 

The next thing I want to explore is to make a HC2 scene which checks (encrypted) a variable in my Node-RED setup. When changed it should be triggering an action by the HC2.

Link to comment
Share on other sites

  • 0

Hi @Lambik and thank you again for explanation. If I understood you correctly Node-RED is not sending any calls to HC2 but only HC2 to Node-RED via https in scenes. I will have to study Node-RED and how to set it up. Still much to learn.

 

Link to comment
Share on other sites

  • 0

So do I!! ;D

 

Check

Please login or register to see this link.

to get you started. If you have any questions, please ask, and I will try to help you. But beware, I also just started to explore Node-RED...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...