HTTPS Certificates allows to replace manually generated certificate by Let’s encrypt with similar certificate generated by Tailscale for specific server in tailnet name.
Generate Certificate from Tailscale
To generate SSL certificate, connect to server / PC:
Open PowerShell / CMD with Run as Administrator
Move to folder where the certificate will be created CD C:\Certificate
Generate the certificate using tailscale command: tailscale cert "<server_name>.<tailnet_name>.ts.net"
Certificate file <server_name>.<tailnet_name>.ts.net.crt and Private Key file <server_name>.<tailnet_name>.ts.net.key will be created in the current folder
Convert certificate in Windows
To be able to use certificate in IIS running in Windows 10 or 11, the certificate file must be in PFX format which include the certificate and private key together.
Windows has certutil tool capable to generate PFX file using CER and KEY file (with the same name in the same folder), but the CRT file format isn’t recognized correctly:
[Update 10/7] Added OneDrive Backup and RaspberryPi shutdown page
This project logs baby’s bodily functions and displays them on a webpage. Many pediatricians recommend tracking your baby’s feeding patterns, wet and dirty diapers to help know if he/she are eating enough – at least for the first few weeks. This is valuable information if there is a problem early on. The doctor can use this information to help with a diagnosis.
For the tech/geek parents, Baby Logger is Raspberry Pi based on Python and PHP using 3 switches.
Here is some photo of the result, 100% Reduce – Reuse – Recycle approach: 😊
Here is the video of testing version, with 5sec delay in the script between switch activation and LED turning on:
Hardware Configuration
3 pin switch with LED
LED Switch configuration has 3 pin used as reported below:
Pin Number
Pin Color
Role
Connection
State
1
Gold
GND
GND (-)
Stable at GND
2
Silver
Switch OUT
VCC (+) Float
Closed = LED ON = VCC Open = LED OFF = Float
3
Silver
Switch IN
VCC (+)
Stable at VCC
pinout switch configuration
Base hardware and engine is based on Raspberry PI Zero W pre-assembled and Electronics Fun kit or anything else to simplify cables and connectors between switch, LED and Pi with correct 10kΩ pull down resistor.
Pull Down switch configuration
Finally, RGB LED part of fun kit to report the status of the 3 switch back to user. Remember to add 220 Ohm resistor on the V+ wire:
Raspberry Pi Zero W – GPIO configuration
Raspberry Pi Zero W
List of GPIO pins used for the project. There 2 main groups:
Group #1 to control RGB Led
Group #2 to read status of switches for pee, fed and poo
#Install MariaDB
sudo apt install mariadb-server
#Answer Y to all questions for best security
sudo mysql_secure_installation
Once MariaDB is installed, login, create user and configure DB and Table
#Login to MariaDB as root
sudo mysql -u root -p
#Create User
CREATE DATABASE babylogger;
USE babylogger;
CREATE USER 'logger'@'localhost' IDENTIFIED BY 'YourPassword!';
GRANT ALL PRIVILEGES ON babylogger.* TO 'logger'@'localhost';
FLUSH PRIVILEGES;
quit
#Create Table
USE babylogger;
CREATE TABLE buttondata
(
id INT PRIMARY KEY auto_increment,
created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
category TEXT,
state TEXT
);
SHOW TABLES;
quit
After initial DB setup, you can login to DB using this:
mysql -u logger -p -D babylogger
#Show existing table
SHOW TABLES;
#Show existing records
SELECT * FROM buttondata;
#Instal GIT
sudo apt install git
>>> git is already the newest version (1:2.30.2-1).
git --version
#configure your login information
git config --global user.name "username
git config --global user.email "username@email.com"
git config --list
#close repo
cd ~
git clone https://github.com/inglele/Baby-logger.git
cd Baby-logger/
ls
If you need to get an updated copy of the repo:
cd ~/Baby-logger/
git pull origin master
Set parameters files
Once all software is installed and repo downloaded in ~/Baby-logger, update the 2 files holding configuration for MySQL DB:
#Edit MySQL settings for Python
nano ~/Baby-logger/script/mysql_variables.py
#Edit MySQL settings for PHP
nano ~/Baby-logger/website/mysql_variables.php
Testing HW, Script and Website
Raspberry PI + Python Testing
Test Raspberry PI configuration with switch_test.py, it’s a simple script used to test Switch and LED without writing to DB with all log printed in console:
python3 ~/Baby-logger/script/switch_test.py
Web Server + PHP Testing
Copy the website folder in the GitHub repo to /var/www/html/ so NGINX can execute it
Fldigi is multi platform software to send and receive msg Flmsg or file Flamp via Analog two-way radio using Mic/Speaker connectors with no special HW.
It can be use as NBEMS – Narrow Band Emergency Messaging Software on VHF/UHF and on HF.
Bootloader must be unlocked to install the new firmware.
MTK CLIENT will allow you to read stock firmware off from phone, except with this phone the manufacture has enabled security and authorization files to block sp flash tool.
To verify that ADB in installed correctly and is able to connect to the device:
CD C:\Test\Tools
adb version
Android Debug Bridge version 1.0.41
Version 33.0.1-8253317
Installed as C:\Test\Tools\adb.exe
adb devices
List of devices attached
AYMB5PKZCUEUUOSC device
Boot into fastboot with the following command adb reboot bootloader or reboot while holding the volume up button and select fastboot.
Install Google ADB FastBoot driver in Windows 11
Download Google USB Driver | Android Developers as they will be needed to connect the device via fastboot. To install the driver, we need to force the installation in Device Manager with these steps:
Open Device Manager
Right click on Other Devices \ Android device
Select “Update Driver” -> “Browse my computer for drivers” -> “Let me pick from the list of available driver“
Select “Show All Devices” -> “Have Disk“
Navigate to “C:\Test\Tools\usb_driver_r13-windows” and let Windows load the drivers
Select “Android Bootloader Interface” as driver name
Test that Fastboot tool is able to interact with the phone
CD C:\Test\Tools
fastboot devices
AYMB5PKZCUEUUOSC fastboot
Next step is to disable vbmeta verification with the following steps:
Firmware update via Fastboot
While the phone is in the FastBoot mode, type the following:
CD C:\Test\Tools
fastboot devices
fastboot --disable-verity --disable-verification flash vbmeta "C:\Test\Firmware\Original\vbmeta.bin"
target reported max download size of 134217728 bytes
sending 'vbmeta' (8192 KB)... OKAY [ 0.204s]
writing 'vbmeta'... OKAY [ 0.189s]
finished. total time: 0.393s
After vbmeta image is flashed, perform:
fastboot rebootfastboot to restart the phone and enter fastbootd
Check the phone is connecting correctly with fastboot devices and force the installation of Android Bootloader Interface in Device Manager if needed.
The following step delete product partition so system partition has enough space:
Best way to leverage your existing camera(s) on UDR or Unifi Protect is via Unifi Cam Proxy on GitHub.
It will create a dummy Unifi G3 Micro camera and enable you to use your RTSP (Real Time Streaming Protocol) enabled cameras even if they are not Unifi.
Remember that if you are doing a clean install of OS on Pi, you will need to have keyboard and screen via HDMI to enable SSH, or you can edit the SSH file before you turn PI on.
Putty
Putty is the easiest and best tool to connect to Pi via SSH.
1. Self-signed certificate generationcreated from another UniFi camera or directly from Raspberry Pi OS. These are steps to generate /tmp/client.pem certificate:
Extract the token above UDR IP in the ‘Raw Text’ field
Adoption token looks like this: cpZaMhfzmBgAqLIHPR0psvoMp3mvCDtu
Adoption token extraction
3. Confirm RTSP support for your cameras using VideoLan Client VLC -> Network Stream. For Amcrest cameras, the default local credential is admin / admin and RTSP standard URL has this format rtsp://[username]:password@CAM_IP:554/cam/realmonitor?channel=1&subtype=0
RTSP test in VLC
Docker configuration
Make sure you have all pre requirements completed before you move fwd with the docker configuration file:
Certificate /home/pi/Documents/client.pem
Adoption Token cpZaMhfzmBgAqLIHPR0psvoMp3mvCDtu
RTSP URL for your camera rtsp://[username]:password@CAM_IP:554/cam/realmonitor?channel=1&subtype=0
Docker is working properly and you have permission to run container
Create Docker Compose YAML file in /home/pi/Documents/docker-cameras.yaml using VI docker-cameras.yaml
Start Docker Compose with docker-compose -f /home/pi/Documents/docker-cameras.yaml up -d --remove-orphans
Wait for download and extract of all the components needed.
Connect to UDR https://{UDR_IP}/protect/devices/ and verify you can see the cameras:
Amcrest cameras added to UniFi Protect
Stop Docker Compose with docker-compose -f docker-cameras.yaml down
Please note that CPU load is high on Raspberry PI during live streaming, monitor it with top command:
Optimize CPU load
Amcrest cameras stream using H.265 codec for video and AAC codec for audio as you can review in VLC -> Tools -> Codec Information:
Amcrest streaming information
Unifi Cam Proxy settings expect H.264 codec which causes a lot of overload on Raspberry Pi CPU and ffmpeg library to transcode from H.265 to H.264 codec.
Docker command in YAML file provides arguments to ffmpeg library --ffmpeg-args '-c:v copy -vbsf "h264_metadata=tick_rate=50"' and according to ffmpeg documentation:
-c:v copy define the codec name and specifically, set FFmpeg to copy the bitstream of the video to the output
-vbsf"h264_metadata=tick_rate=50" set the video bitstream and codec to H264 [deprecated]
Reducing frame rate and resolution
Amcrest cameras have 2 substreams on channel #1 you can connect:
According to u/jwvo (John van Oppen – VP of Network at Ziply), the new Nokia ONT is able to support XGS and GPON
Power Supply – CyberPower CA25U16V2
The power supply is CyberPower CA25U16v2 is a 25.6 Watt power supply at 16 Volt able to provide 1.6 Amps and it’s designed to work with the new ONT
Some nice photos by Andrew of the ONT, Power Supply and new waterproof enclosure.
Power Outage overall backup plan
To continue to have internet during power outages, which are become more frequent and longer, best way is to have ONT and home router under UPS.
Home Router – Backup plan
12V UPS with 58Wh of battery
For standard home router using 12V power supply, the easier solution is to use an online, always-on UPS based on 12V Li-Ion battery pack which will continue to provide power to it for ~9h, considering 0.5A usage (9.62h =57.72 Wh / 12v / 0.5A).
ONT – “Basic” Backup plan
CyberPower CA25U16v2 has an auxiliary input port which support from 9.5V to 19.5V, so a similar 12V UPS can be used or a standard UPS like APC Back-UPS 425VA.
Power Supply is rated for 25W maximum power, which translate to 16V @ 1.6A.
APC Back-UPS 425VA can provide 25W continuously for ~1.5h if UPS is connected on 110V AC side.
Leveraging the auxiliary input port, you will need a 16VDC / 1.6A power supply with a 4.5mm plug (NOTE: Default plug of standard 12V power supply is 5.5mm and it’s too large).
ONT – “Advanced” Backup plan
10A Solar Charger Controller
Previous Power Supply supported a 12v 8Ah battery which could be re-used in this scenario.
Export certificate from UDM to Windows to use in your IIS server
Create a free domain name
Choose the top level domain http://www.mysite.tk from Freenom.com and configure URL Forwarding to mysite.duckdns.org in the Management Tool of freenom.