Differences

This shows you the differences between two versions of the page.

--- project:brmdoor:start [2018/06/07 21:11] – [BrmDoor Firmware] Fix github link abyssal
+++ project:brmdoor:start [2020/08/05 18:45] – [Adding a new Desfire to JendaSAP and import to brmdoor] abyssal
@@ Line 67: / Line 67: @@
 <code>
-cd brmdoor_libnfc/; ./import_jendasap_cards.py /path/to/cards.txt brmdoor.sqlite''
+cd brmdoor_libnfc/; ./import_jendasap_cards.py /path/to/cards.txt brmdoor.sqlite
 </code>
@@ Line 82: / Line 82: @@
 </code>
-===== OPEN/CLOSED switch with update of topic on IRC =====
+===== Adding a new Desfire with authentication to JendaSAP and import to brmdoor =====
+This is similar to above, but has extra step in programming the Desfire.
+<note important>
+The Desfire needs to be programmed with correct signature first, otherwise brmdoor will reject it.
+</note>
+Writing a signature on a Desfire card (can be done on raspi or using PN532 reader that is in the lab). You must know the private Ed25519 key matching the public key in brmdoor's config to be able to program the Desfire correctly.
+<code>
+./write_signed_ndef_on_desfire.py private_key_in_hex
+</code>
+Similar to above, but you add line "desfire" instead of "card" in JendaSAP:
+<code>
+desfire 04631982cc2280
+</code>
+The parse.py mentioned above will also create ''cards_desfire.txt''. Copy the ''cards_desfire.txt'' to brmdoor and run on brmdoor raspi:
+<code>
+cd brmdoor_libnfc/; ./import_jendasap_cards.py --desfire /path/to/cards_desfire.txt brmdoor.sqlite
+</code>
+===== OPEN/CLOSED switch with update of topic on IRC and SpaceAPI format on VPS =====
 In ''brmdoor_nfc.config'', look at the section ''[open_switch]''. IRC must be enabled in ''[irc]'' section for status
@@ Line 122: / Line 148: @@
 until the physical switch changes the value.
+==== Reporting/uploading status in SpaceAPI format ====
+Currently since v 0.2 brmdoor can upload the status and information in [[http://spaceapi.net/ | SpaceAPI.net format]].
+The status JSON is mapped currently is mapped to [[https://brmlab.cz/spaceapi/status.json]]. The interesting non-static part
+of json is in under "state" key - "open" (boolean) and "lastchange" (Unix timestamp).
+Currently to be compatible with old URL (https://status.brmlab.cz/brmd/brmstatus.json)
+for the spaceAPI.net since we can't change it and can't submit new, there is alias
+in ''/etc/apache2/sites-available/status.brmlab.cz.conf'' to directory ''/home/brmdoor-web/spaceapi-status'' where status file is
+uploaded by brmdoor (it's over SFTP with internal-sftp chroot, ssh-key login, so that in case of compromise of brmdoor there
+is not much the attacker could do with it (and password can't be bruteforced).
 ===== PIN assignments =====
@@ Line 222: / Line 260: @@
   * Setting topic is not finished (python-irc has fairly bad API to retrieve topic)
+===== Remote access from outside brmlab =====
+Add following to your ~/.ssh/config, edit your key if necessary (the key needs to be added on brmbar and on brmdoor):
+<code>
+Host = brmbar-external
+VerifyHostKeyDNS = no
+Hostname = hrach.eu
+Port = 22715
+User = brmlab
+IdentityFile = ~/.ssh/id_rsa
+ForwardX11 = no
+UsePrivilegedPort = no
+Protocol 2
+Host = brmdoor-external
+ProxyCommand = ssh brmbar-external nc -q1 %h 22
+Hostname = 192.168.77.247
+Port = 22715
+User = root
+IdentityFile = ~/.ssh/id_rsa
+ForwardX11 = no
+UsePrivilegedPort = no
+Protocol 2
+</code>
+Then ssh brmdoor-external will get you brmdoor shell.