20 lines
2.7 KiB
Typst
20 lines
2.7 KiB
Typst
#import "/metadata.typ": *
|
|
|
|
#let physical_diagram = [
|
|
#figure(
|
|
image("physic.png", width: 90%),
|
|
caption: [Physical diagram]
|
|
) <fig:diagram_physic>
|
|
]
|
|
|
|
Before to be able to implement and up any service, an important part was to be able to host everything. For this project, as a academic project that don't have specific requirements, we use the Rémi's homelab server. This server is base on Proxmox, so we get a virtual machine for this project with a traefik router on \*.e.kb28.ch. We have several service as show on the figure bellow. The main stack is composed by a RabbitMQ node for the @mqtt broker, an Influx DB 3 stack and a Go service that act as a gateway between the @mqtt broker and the database and the @rest @api. All this stack run on a single docker node: The "server" on @fig:diagram_physic
|
|
|
|
#physical_diagram
|
|
|
|
As this server is used to deploy the project but also for the development phase, it was important to give secure access to several member of the team. For the connexion to the server, we used @ssh certificates. Unlike regular @ssh key, here we have a server certificate that sign the key of each member for a certain period of time for a specific username. That avoid to add public key of all user on the server and only have the public key of the server's certificate.
|
|
|
|
Another security point was to add authentication around the data. An @sso middleware for the web interface of Influx by Authentik, a standard token for the @rest @api and encapsulate @mqtt connexion in @tls as describe in @sec:design:gateway:security.
|
|
|
|
When the server with both broker and database are available, we can concentrate of developing the service that connect the database to other system. This service was developed in Go as it's a efficient language for server side services. Some initial part of this service as the mqttGateway and influxGateway was reuse from an hobby project made with friends in parallel of this @pi. Concerned commits are clearly identified as are those more or less assisted by @llm.
|
|
|
|
The service is implemented as the design. A slight change concerning the mapping process was made during the implementation. It was initially to static for support our development phase. It was decided 2 changes. First, we look for mapping node to room on the retrieval trough the @rest @api instead of doing the mapping when we push data to the database from the broker. It was because some node was placed in Provence without correctly identify with node id was placed on wich room. So we decided to push the node id in the database and map on the retrieval. Second change was to load info from this mapping fil dinymacally to avoid restarting the container after a change. Despite the lost of performance, it allow us more flexibility during our development phase. |