User Tools

Site Tools


project:brmdoor:start

This is an old revision of the document!


BrmDoor

DIY Access Control
and Burglar alarm
pir.jpg
founder: crowdsourcing
depends on:
interested: harvie
niekt0
pasky
blackhead
b00lean
swez
stick
sargon
ruza
software license:
hardware license:

~~META: status = active &relation firstimage = :project:pir.jpg ~~

For hackerspace more secure and without the annoyance of physical keys. DIY digital lock control, open/closed space status monitor and burglar alarm.

Status: Currently, we have digital lock control and open/closed space status monitor, doorbell. Burglar alarm is TODO long-in-the-future.

System Architecture: Digital lock, card reader and Club Mate panel are hooked up on an Arduino. The Arduino needs just power - it unlocks the door autonomously, the list of allowed cards is stored internally. The Arduino is further (optionally) reporting to brmd daemon which provides web, IRC interface to the status and unlock notifications.

Unlocking the Door

Executive summary, how to get in without a key - arrange registering your RFID card (ISO-14443A, e.g. Mifare Classic, Mifare Desfire) with council at meetup (or over mail rada _at_ brmlab.cz). After adding your card to brmdoor DB, you will be able to unlock door by placing the card next to the reader.

BrmDoor Hardware

  • Simple token-based Identity Check device (we just rely on serial numbers for starters):
  • Lock device:
    • [DONE] BERA-E electromagnetic clock, sponsored by b00lean!
      • From inside, it is possible to open the door anytime by just pushing the handle.
      • From outside, it is possible to open the door by turning the lock by the key, OR by pushing the handle if +15V is fed in.
      • We have it wired up and can control it fine. The wires are routed off the door through UTP cable.
      • AxTheB breadboarded a Darlington IC that switches the 15V based on 5V TTL input. The power source used to be first an old ATX PSU (unreliable, 12V sometimes cannot unstuck the lock), then PoE adapter, now a dedicated DC adapter.

Communication is over SPI: both SEL0 and SEL1 are shorted which turns communication to be over SPI.

Documentation of Adafruit PN532 shield (our revision is 1.2):

BrmDoor Firmware

List of authorized cards

Card list is on brmlab VPS (vps.brmlab.cz) are exported from JendaSAP, on /root/sap/cards.txt.

GitHub, last commits

Photos (location Ke kaplicce 18)

Brmdoor HOWTO (displayed after you login as root, in /etc/motd)

Current brmdoor directory is `/root/brmdoor_libnfc`
Config is in the file: `/root/brmdoor_libnfc/brmdoor_nfc.config`

Full README is at https://github.com/hiviah/brmdoor_libnfc/blob/master/README.md

## Adding card by UID

- find out the UID:
  1. put the card near the reader,
  2. as root, look into the log, currently in screen: `screen -r brmdoor` (run as root)
- look into log for the unknown UID, look for `Unknown UID` message
- the following command will add card as authenticated by UID, for other methods see full README

    cd brmdoor_libnfc/
    ./brmdoor_adduser.py -c brmdoor_nfc.config -a uid 1234ABCD SomeUserName

## Import cards.txt from JendaSAP's cards.txt (WARNING: THIS WILL OVERWRITE THE TABLE WITH UIDS)

    cd brmdoor_libnfc/
    ./import_jendasap_cards.py cards.txt target_db.sqlite

If `target_db.sqlite` does not exist, it will be created. If it exists, the `authorized_uids`
table will be replaced with UIDs/nick pairs from `cards.txt` (other tables are not touched).

## List authorized cards UIDs + nicks from DB

    sqlite3 ~/brmdoor_libnfc/brmdoor.sqlite 'select nick, uid_hex from authorized_uids;'

## Start/stop daemon

systemctl start brmdoor.service
systemctl stop brmdoor.service
Systemd unit location: `/etc/systemd/system/brmdoor.service`

Features

Source: brmdoor_libnfc

Requires libnfc, libfreefare and WiringPi2

Features:

  • Clean, documented and extensible code
  • Authentication data is stored in SQLite DB - no need to restart daemon to make any change; extensible DB schemas
  • NFC smartcard communication support (ISO 14443-4)
  • Multiple authentication schemes supported
  • Dedicated configuration file and logging facilities

Missing features:

  • No sound produced (can be fixed via WiringPi)
  • Setting topic is not finished (python-irc has fairly bad API to retrieve topic)
project/brmdoor/start.1524238992.txt.gz · Last modified: 2018/04/20 15:43 by abyssal