weissmall/athena-test
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs added

Browse Source
This commit is contained in:
Sviatoslav Tsariov Yurievich 2023-03-15 17:24:49 +03:00
parent 122b8ab361
commit a1d392d80b
7 changed files with 1316 additions and 0 deletions

58
Dipal/Backend/Fox/Database explanation.md Normal file

@ -0,0 +1,58 @@
The database stores all the information about the devices. It is stored inside the devices collection. Each device contains information and configuration with key-value pair.
Device information and configuration example:
```json
{
"info": [
{
"key": "TITLE",
"value": "Door lock"
},
{
"key": "CATEGORY",
"value": "smart_home"
},
{
"key": "TYPE",
"value": "door_lock"
},
{
"key": "SUBTYPE",
"value": "dipal_smart_lock"
},
{
"key": "EUI",
"value": "3F375BFEFFE20A68"
},
{
"key": "CONTRIBUTER_NAME",
"value": "Dipal"
},
{
"key": "DEVICE_MODEL",
"value": "Dipal Smart Lock"
},
{
"key": "SOFTWARE_VERSION",
"value": "v0.1"
},
{
"key": "PROTOCOL",
"value": "zigbee"
}
],
"config": [
{
"key": "ROOM_ID",
"value": "6217490c15e4d085ed463dd2"
},
{
"key": "OPENING_TIME",
"value": 3000
}
]
}
```
There is also outdated collections such as intercom and cameras. It's unknown if the akita collection will be used, but I need to notice that each akita should have own `mqtt_topic_suffix`.

11
Dipal/Backend/Fox/Microservices.md Normal file

@ -0,0 +1,11 @@
### Fawn
_**Fawn**_ is a local server gateway. At first, it claimed to work only with the admin panel, but soon it will be responsible for the `Kaiser <-> Fox` connection as well.
### Makaw
_**Makaw**_ is responsible for all communications between Fox and other services. It is now connected to an external MQTT broker (for communication with Kaiser) and an internal MQTT broker (for communication with devices). It also connects to the intercom via API, to Asterisk via ARI (Asterisk Restful Interface) and to the cameras (via Owl).
### Fox Crow
_**Fox Crow**_ is the only one microservice responsible only for connection with database (like Kaiser&#39;s Crow).

343
Dipal/Backend/Fox/Third-party services/Asterisk.md Normal file

@ -0,0 +1,343 @@
_**Asterisk**_ is a SIP server for telecomunications between IP devices. We use it to make a voice and video streams between the Dipal app user and the intercom. Makaw listens for events from Asterisk via ARI. When someone calls the flat from the intercom, Asterisk executes the _**stasis**_ application, which is implemented in our Makaw. We can get the flat number and send it as a notification to the user, after which Makaw returns control to Asterisk again. The frontend application connects directly to Asterisk as a SIP server and uses WebRTC to stream.
# Installation from package repository
> Each version of Asterisk is unstable and may contain many bugs. {.is-warning}
```text
sudo apt update
sudo apt install asterisk
```
> The package in APT is usually outdated, but rather stable. {.is-warning}
To restart the Asterisk service:
```text
sudo systemctl restart asterisk
```
To close the Asterisk service:
```text
sudo systemctl stop asterisk
```
## Testing
To test, let&#39;s connect to the Asterisk console:
```text
sudo rasterisk
```
Which will bring you into the Asterisk command-line client. You will see this prompt after the basic Asterisk information is displayed:
```text
asterisk*CLI>
```
To change the verbosity of the console, use the following:
```text
core set verbose 4
```
To check the version of Asterisk, enter:
```text
sudo rasterisk -V
```
If any error occurs, you can see the service log or logs from files:
```text
sudo journalctl -eu asterisk -f
sudo vim /var/log/asterisk/full
```
# pjsip.conf
res\_pjsip configuration is stored in pjsip.conf.
To activate PJSIP add chan\_sip to noload and delete res\_pjsip in modules.conf.
```text
noload => chan_sip.so
;noload => res_pjsip.so
```
## Intercom
```text
[domofon]
type=endpoint
direct_media=no
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
allow=alaw,h264
transport=transport-udp
context=internal
aors=domofon
auth=domofon
[domofon]
type=auth
auth_type=userpass
password=your_password
username=domofon
[domofon]
type=aor
max_contacts=1
```
### Endpoint
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Variable</th><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Description</th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">direct_media</td><td class="op-uc-p op-uc-table--cell">determines whether media may flow directly between endpoints (default: "yes")</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">rtp_symmetric</td><td class="op-uc-p op-uc-table--cell">user agents (UAs) use the same socket/port binding to send and receive RTP stream packets</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">force_rport</td><td class="op-uc-p op-uc-table--cell">causes Asterisk to always send responses back to the address/port from which it received requests</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">rewrite_contact</td><td class="op-uc-p op-uc-table--cell">allow contact header to be rewritten with the source IP address port (default: "no")</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">allow</td><td class="op-uc-p op-uc-table--cell">allow codecs in order of preference</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">transport</td><td class="op-uc-p op-uc-table--cell">set the default transports; the order determines the primary default transport</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">context</td><td class="op-uc-p op-uc-table--cell">default context for incoming calls (from extensions.conf); defaults to 'default'</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">aors</td><td class="op-uc-p op-uc-table--cell">AoRs to be used with the endpoint (default: "")</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">auth</td><td class="op-uc-p op-uc-table--cell">authentication objects associated with the endpoint (default: "")</td></tr></tbody></table></figure>
### Auth
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Variable</th><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Description</th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">auth_type</td><td class="op-uc-p op-uc-table--cell">may be "userpass" for plain text passwords or "md5" for pre-hashed credentials. (default: "userpass")</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">password, username</td><td class="op-uc-p op-uc-table--cell">credentials for registration</td></tr></tbody></table></figure>
### AoR
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Variable</th><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Description</th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">max_contacts</td><td class="op-uc-p op-uc-table--cell">maximum number of contacts that can bind to an AoR (default: "0")</td></tr></tbody></table></figure>
## Client
This configuration example is for registering a client application with Asterisk using WebRTC.
```text
[15]
type=endpoint
direct_media=no
context=from-external
allow=vp8,vp9,h264,alaw
transport=transport-wss
webrtc=yes
auth=15
aors=15
[15]
type=auth
auth_type=userpass
password=your_password
username=15
[15]
type=aor
max_contacts=10
```
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Variable</th><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Description</th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">webrtc</td><td class="op-uc-p op-uc-table--cell">when set to "yes" this also enables the following values that are needed for webrtc: rtcp_mux, use_avpf, ice_support, and use_received_transport</td></tr></tbody></table></figure>
> VP8/VP9 are the default codecs for WebRTC and the only codec for intercom is H264. In this case, a codec difference problem may occur. At the time of writing only Freeswitch can transcode video from one codec to another. {.is-warning}
> You can use any name for the client. I chose 15 because it is convenient to call from a smartphone with a fake client (I use Zoiper). {.is-info}
# extensions.conf
```text
;-------------------------------------------------------
; General Section
;-------------------------------------------------------
[general]
static=yes
writeprotect=yes
clearglobalvars=yes
autofallthrough=yes
[from-external]
exten => 200,1,Dial(PJSIP/domofon,120)
[invalid]
exten => _X,1,Stasis(hello)
same => n,Dial(PJSIP/${EXTEN}&PJSIP/comfortech/${EXTEN},120)
same => n,Hangup
exten => _XX,1,Stasis(hello)
same => n,Dial(PJSIP/${EXTEN}&PJSIP/comfortech/${EXTEN},120)
same => n,Hangup
exten => _1[0-3]X,1,Stasis(hello)
same => n,Dial(PJSIP/${EXTEN}&PJSIP/comfortech/${EXTEN},120)
same => n,Hangup
[default]
```
`static` if static is set to no, or omitted, then the pbx\_config will rewrite this file when extensions are modified.
`writeprotect` if static=yes and writeprotect=no, you can save dialplan by CLI command dialplan save too
`clearglobalvars` if clearglobalvars is set, global variables will be cleared and reparsed on a dialplan reload, or Asterisk reload.
`autofallthrough` if autofallthrough is set, then if an extension runs out of things to do, it will terminate the call with BUSY, CONGESTION if autofallthrough is not set, then if an extension runs out ofthings to do, Asterisk will wait for a new extension to be dialed
`_X`, `_XX`, `_1[0-3]X` it means that dialplans will work with 1-139 numbers
`${EXTEN}` variable equal to dialed number
# WebRTC
WebRTC requires **WSS (WebSocket Secure)** and we need a domain with a certificate. You can use a self-signed certificate, but you cannot use it with a browser and sipML5.
## Generate certificate
**Lets Encrypt** is a service offering free SSL certificates through an automated API. The most popular Lets Encrypt client is EFFs **Certbot**.
Install Certbot:
```text
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
```
Certbot needs to answer a cryptographic challenge issued by the Lets Encrypt API in order to prove we control our domain. It uses ports 80 (HTTP) or 443 (HTTPS) to accomplish this. Open up the appropriate port in your firewall:
```text
sudo ufw allow 80
```
Substitute 443 above if thats the port youre using. ufw will output confirmation that your rule was added:
> Output Rule added Rule added (v6) {.is-success}
We can now run Certbot to get our certificate. Well use the --standalone option to tell Certbot to handle the challenge using its own built-in web server. The --preferred-challenges option instructs Certbot to use port 80 or port 443. If youre using port 80, you want --preferred-challenges http. For port 443 it would be --preferred-challenges tls-sni. Finally, the -d flag is used to specify the domain youre requesting a certificate for. You can add multiple -d options to cover multiple domains in one certificate.
```text
sudo certbot certonly --standalone --preferred-challenges http -d example.com
```
## Configure Asterisk with cerificate
This certificate can only be accessed by the root user. Asterisk is executed by asterisk user. The way to fix this problem is to copy the certificate into Asterisk directory and change the owner.
If you use Asterisk as a Linux service:
```text
mkdir /etc/asterisk/keys
sudo cp -L /etc/letsencrypt/live/example.com/cert.pem /etc/asterisk/keys
sudo cp -L /etc/letsencrypt/live/example.com/privkey.pem /etc/asterisk/keys
sudo chown asterisk:asterisk /etc/asterisk/keys/cert.pem
sudo chown asterisk:asterisk /etc/asterisk/keys/privkey.pem
```
You need to enable TLS and add the certificate to http.conf:
```text
[general]
enabled=no
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/cert.pem
tlsprivatekey=/etc/asterisk/keys/privkey.pem
```
## Testing
You can use one of 2 sites to test WebRTC from your browser:
* https://www.doubango.org/sipml5/call.htm
* https://tryit.jssip.net/
# HTTP server (ARI)
The HTTP server in Asterisk is configured via http.conf. Note that this does not describe all of the options available via http.conf - rather, it lists the most useful ones for ARI.
Example:
```text
[general]
enabled = yes
bindaddr = 0.0.0.0
bindport = 8088
```
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Variable</th><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Description</th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">enabled</td><td class="op-uc-p op-uc-table--cell">Enable the HTTP server. The HTTP server in Asterisk is disabled by default. Unless it is enabled, ARI will not function!</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">bindaddr</td><td class="op-uc-p op-uc-table--cell">The IP address to bind the HTTP server to. This can either be an explicit local address, or 0.0.0.0 to bind to all available interfaces.</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">bindport</td><td class="op-uc-p op-uc-table--cell">The port to bind the HTTP server to. Client making HTTP requests should specify 8088 as the port to send the request to.</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">prefix</td><td class="op-uc-p op-uc-table--cell">A prefix to require for all requests. If specified, requests must begin with the specified prefix.</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">tlsenable</td><td class="op-uc-p op-uc-table--cell">Enable HTTPS</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">tlsbindaddr</td><td class="op-uc-p op-uc-table--cell">The IP address and port to bind the HTTPS server to. This should be an IP address and port, e.g., 0.0.0.0:8089</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">tlscertfile</td><td class="op-uc-p op-uc-table--cell">The full path to the certificate file to use. Asterisk only supports the .pem format</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">tlsprivatekey</td><td class="op-uc-p op-uc-table--cell">The full path to the private key file. Asterisk only supports the .pem format. If this is not specified, the certificate specified in tlscertfile will be searched for the private key.</td></tr></tbody></table></figure>
For creating a certificate, see [WebRTC configuration](http://194.226.0.195:32127/telecom/Asterisk/webrtc)
# Fail2Ban
To install fail2ban:
```text
sudo apt install fail2ban
```
The default settings of the program are in the /etc/fail2ban/jail.conf file, it is recommended to change the settings in /etc/fail2ban/jail.local, which is a copy of jail.conf.
The file contains a section of general settings \[DEFAULT\] and sections of specific settings for certain services (for example, the presence of the \[ssh\] section is demonstrated).
```text
[DEFAULT]
ignoreip = 127.0.0.1/8
ignorecommand =
bantime = 3600
findtime = 600
maxretry = 3
backend = auto
usedns = warn
destemail = root@localhost
sendername = Fail2Ban
sender = fail2ban@localhost
banaction = iptables-multiport
mta = sendmail
protocol = tcp
chain = INPUT
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s", sendername="%(sendername)s"]
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois-lines[name=%(__name__)s, dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s", sendername="%(sendername)s"]
action = %(action_)s
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 6
```
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Variable</th><th class="op-uc-p op-uc-table--cell op-uc-table--cell_head">Description</th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">ignoreip</td><td class="op-uc-p op-uc-table--cell">can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban will not ban a host which matches an address in this list. Several addresses can be defined using space (and/or comma) separator.</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">bantime</td><td class="op-uc-p op-uc-table--cell">the number of seconds that a host is banned.</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">findtime, maxretry</td><td class="op-uc-p op-uc-table--cell">a host is banned if it has generated "maxretry" during the last "findtime" seconds</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">backend</td><td class="op-uc-p op-uc-table--cell">specifies the backend used to get files modification</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">usedns</td><td class="op-uc-p op-uc-table--cell">specifies if jails should trust hostnames in logs, warn when DNS lookups are performed, or ignore all hostnames in logsyes: if a hostname is encountered, a DNS lookup will be performed</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">destemail</td><td class="op-uc-p op-uc-table--cell">destination email address used solely for the interpolations in jail.{conf,local,d/*} configuration files.</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">sender</td><td class="op-uc-p op-uc-table--cell">sender email address used solely for some actions</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">banaction</td><td class="op-uc-p op-uc-table--cell">default banning action (e.g. iptables, iptables-new, iptables-multiport, shorewall, etc) It is used to define a ction_* variables</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">protocol</td><td class="op-uc-p op-uc-table--cell">default protocol (tcp, udp, ...)</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">chain</td><td class="op-uc-p op-uc-table--cell">specify chain where jumps would need to be added in ban-actions expecting parameter chain</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">enabled</td><td class="op-uc-p op-uc-table--cell">enables the jails</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">port</td><td class="op-uc-p op-uc-table--cell">ports to be banned</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">filter</td><td class="op-uc-p op-uc-table--cell">defines the filter to use by the jail</td></tr><tr class="op-uc-table--row"><td class="op-uc-p op-uc-table--cell">logpath</td><td class="op-uc-p op-uc-table--cell">path to the logs</td></tr></tbody></table></figure>
## Asterisk configuration
1. Copy the configuration file to the local one.
```text
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
```
1. Add to ignoreip the addresses from which you are going to connect to the asterisk.
2. Add Asterisk jail (see below). You can set up variables however you like.
```text
[asterisk]
enabled = true
filter = asterisk
backend = auto
port = 5060,5061
action = iptables-allports[name=ASTERISK, protocol=all, blocktype=DROP]
logpath = /var/log/asterisk/messages
findtime = 1m
maxretry = 5
bantime = 30d
```
1. (optional) If you have ssh, it is more secure if you add it to the jail.
```text
[sshd]
enabled = true
bantime = 60m
findtime = 1m
maxretry = 5
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
```

438
Dipal/Backend/Fox/Third-party services/Intercom.md Normal file

@ -0,0 +1,438 @@
An _**intercom**_ is the device installed near the front door to protect residents from strangers. People outside can call people inside the building, and the latter decide to open the door or not. Each intercom provides its own API. Now we work only with intercoms manufactured by Beward. Makaw is responsible for direct communication with the intercom.
> You can access the intercom logs with `http://<INTERCOM_IP_ADDRESS>/log0.asp`
#### Docs
**Request the parameters:** 
`/cgi-bin/intercom_cgi?action=get`
```text
HandsetUpLevel=%d\n
DoorOpenLevel=%d\n
CMSOffset=%d\n
DoorOpenTime=%d\n
CallTimeout=%d\n
TalkTimeout=%d\n
ConciergeApartment=%d\n
AlertNoUSBDisk={on|off}\n
CmdTimeout=%d\n
SamplingTime=%d\n
VoltageDelta=%d\n
DoorOpenMode={on|off}\n
DoorCode=%d\n
DoorCodeActive={on|off}\n
AutoCollectKeys={on|off}\n
```
**Kind of relay commutation:**
```text
RelayType=1 - NC ,
RelayType=0 - NO ;
DoorOpenSipFail={on|off}\n Keep the doors open while the sip server is unavailable
```
**Set parameters:** 
`/cgi-bin/intercom_cgi?action=set¶m1=value1¶m2=value2...`
**Line Level Query:** 
`/cgi-bin/intercom_cgi?action=linelevel&Apartment=100`
> Apartment - an apartment number
**Request for receiving apartment parameters:** `/cgi-bin/apartment_cgi?action=get&Number=100`
```text
Number=%d\n
DoorCode=%d\n
DoorCodeActive={on|off}\n - The door opening code is active
RegCode=%d\n - RFID Registration Code
RegCodeActive={on|off}\n RFID registration code is active
BlockCMS={on|off}\n Block call on the CMS
PhonesActive={on|off}\n Calling numbers are active
Phone1=%s\n Number to call number №1
Phone2=%s\n Number to call number №2
Phone3=%s\n Number to call number №3
Phone4=%s\n Number to call number №4
Phone5=%s\n Number to call number №5
```
**Request for setting apartment parameters:** 
`/cgi-bin/apartment_cgi?action=set¶m1=value1¶m2=value2...`
**Request for door opening code regeneration:** 
`/cgi-bin/apartment_cgi?action=set&DoorCode=generate`
**RFID Registration Code Regeneration Request:** 
`/cgi-bin/apartment_cgi?action=set&RegCode=generate`
**Request cleaning apartments:** 
`/cgi-bin/apartment_cgi?action=clear&FirstNumber=100[&LastNumber=100]`
> FirstNumber - the number of the first apartment for cleaning LastNumber - the last apartment number for cleaning, you can not specify if one apartment is being cleaned.
**Request for receiving a list of RFID keys:** 
`/cgi-bin/rfid_cgi?action=list[&IndexFrom=0][&IndexTo=100][&Apartment=100]`
> IndexFrom - the initial key index IndexTo - final key index Apartment - get a list of keys for a specific apartment
**Request to add RFID key:** 
`/cgi-bin/rfid_cgi?action=add&Key=412FFFEBA2F3[&Index=2][&Apartment=99]`
> Key - RFID key Index - key index Apartment - apartment number
**RFID key removal request:** 
`/cgi-bin/rfid_cgi?action=delete&Key=412FFFEBA2F3[&Index=2][&Apartment=99]`
> Key - delete RFID key Index - delete key by index Apartment - remove all keys for apartment number
**Request binding / decoupling RFID key to the apartment:** 
`/cgi-bin/rfid_cgi?action=update&Key=412FFFEBA2F3[&Apartment=122]`
> if you do not set Apartment, then unlinked
**Open the main door:** 
`/cgi-bin/intercom_cgi?action=maindoor`
**Open an additional door:** 
`/cgi-bin/intercom_cgi?action=altdoor`
**Request getting display parameters:** 
`/cgi-bin/display_cgi?action=getTickerEnable={on|off}\n On/off running line`
```text
TickerText=%s\n Ticker Text
TickerTimeout=%d\n Ticker timeout
LineEnable1={on|off}\n
LineText1=%s\n
LineEnable2={on|off}\n
LineText2=%s\n
LineEnable3={on|off}\n
LineText3=%s\n
LineEnable4={on|off}\n
LineText4=%s\n
LineEnable5={on|off}\n
LineText5=%s\n
LinesTimeout=%d\n Timeout for changing lines
```
**Request to set display parameters:** 
`/cgi-bin/display_cgi?action=set¶m1=value1¶m2=value2...`
**Request getting the settings of the RFID key scanning mode:** 
`/cgi-bin/rfid_cgi?action=get`
```text
RegCode=%d\n Code to run the scan mode of RFID keys
RegCodeActive={on|off}\n On/Off code to run the scan mode of RFID keys
RegKeyValue=%012llX\n RFID key to start the scan mode of RFID keys
RegModeActive={on|off}\n Is the RFID key scanning mode active now
```
**Request to change the settings for scanning RFID keys:** 
`/cgi-bin/rfid_cgi?action=set¶m1=value1¶m2=value2...`
**To run the mode:** 
`/cgi-bin/rfid_cgi?action=set&RegModeActive=on`
**To stop the mode:** 
`/cgi-bin/rfid_cgi?action=set&RegModeActive=off`
**Request code regeneration to run the scan mode of RFID keys:** 
`/cgi-bin/rfid_cgi?action=set&RegCode=generate`
**Request getting alarm parameters:** 
`/cgi-bin/intercom_alarm_cgi?action=get`
```text
MDoorMaxTime=%d\n Time of long opening of the main door
MDoorLongOpenCallActive={on|off}\n On/off alarm of long opening of the main door
MDoorLongOpenCallNumber=%s\n Number to call for a long opening of the main door
MDoorBreakInCallActive={on|off}\n On/off alarm hacking the main doorMDoorBreakInCallNumber=%s\n Number to call for breaking the main door
ADoorMaxTime=%d\n Long opening time for an additional door
ADoorLongOpenCallActive={on|off}\n On/off alarm for long opening additional door
ADoorLongOpenCallNumber=%s\n Number to call for a long opening additional door
ADoorBreakInCallActive={on|off}\n On/off alarm break-in additional door
ADoorBreakInCallNumber=%s\n Number for calling an additional door to break
SOSCallActive=%s\n On / off call by pressing the SOS button
SOSCallNumber=%s\n Number to call by pressing the SOS button
IntercomBreakInEmailActive={on|off}\n On / off send e-mail when the doorphone is hacked
```
**Request setting alarm parameters:** 
`/cgi-bin/intercom_alarm_cgi?action=set¶m1=value1¶m2=value2...`
**Request getting device name:** 
`/cgi-bin/systeminfo_cgi?action=get`
```text
HostName=%s\n
```
**Request setting the door opening code:** 
`/cgi-bin/apartment_cgi?action=set&DoorCode=000000204A16`
**RFID registration code setting request:** 
`/cgi-bin/apartment_cgi?action=set&RegCode=000000204A16`
**Request setting code to run the scan mode RFID keys:** 
`/cgi-bin/rfid_cgi?action=set&RegCode=000000204A16`
**Request for forced saving of settings:** 
`/cgi-bin/config_cgi?action=forcesave`
**Request to display a list of apartments:** 
`/cgi-bin/apartment_cgi?action=list[&FirstNumber=1][&LastNumber=9999]`
> FirstNumber - the number of the first apartment, you can not specify LastNumber - the number of the last apartment, you can not specify
**Request getting HTTPS settings:** 
`/cgi-bin/https_cgi?action=get`
```text
Type={0-2}\n 0 - only HTTP, 1 - only HTTPS, 2 - both types
Certificate={0-1}\n 0 - no certificate, 1 - there is a certificate
Request=%d\n 0 - no certificate request, 1 - there is a certificate request
```
**Request HTTPS settings:** 
`/cgi-bin/https_cgi?action=set&Type={0-2}`
**Request to get the contents of the HTTPS certificate request:** 
`/cgi-bin/https_cgi?action=printreq`
**Request to get HTTPS certificate content:** 
`/cgi-bin/https_cgi?action=printcert`
**HTTPS certificate request creation request:** 
`/cgi-bin/https_cgi?action=createreq&Country=RU&State=Krasnoyarsk&Locality=Krasnoyarsk&Organization=Beward&Unit=RnD&CommonName=DKS15121&KeyLength=512`
**Request to create a self-signed HTTPS certificate:** 
`/cgi-bin/https_cgi?action=createcert&Country=RU&State=Krasnoyarsk&Locality=Krasnoyarsk&Organization=Beward&Unit=RnD&CommonName=DKS15121&Days=365`
**Request to delete an HTTPS certificate request:** 
`/cgi-bin/https_cgi?action=deletereq`
**Request to delete an HTTPS self-signed certificate:** 
`/cgi-bin/https_cgi?action=deletecert`
> HTTPS certificate setting request: POST /cgi-bin/https\_cgi?action=install&amp;filename=cert.pem
**Request getting syslog settings:** 
`/cgi-bin/rsyslog_cgi?action=get`
```text
Enable={on|off}\n
Protocol={tcp|udp}\n
ServerAddress=%s\n
ServerPort=%d\n
LogLevel={0-7}\n
```
**Request setting syslog settings:** 
`/cgi-bin/rsyslog_cgi?action=set&Param1=Value1&...`
**Request getting NTP settings:** 
`/cgi-bin/ntp_cgi?action=get`
```text
Enable={on|off}\n
ServerAddress=%s\n
ServerPort=%d\n
Timezone={0-34}\n
```
**Request setting NTP parameters:** 
`/cgi-bin/ntp_cgi?action=set&Param1=Value1&...`
**Request for getting the status of limit switches:** 
`/cgi-bin/intercom_cgi?action=status`
```text
MainDoorButtonPressed={on|off}\n Status of the main door button
AltDoorButtonPressed={on|off}\n Alternative Door Button StatusMainDoorOpened={on|off}\n The status of the main door switch
AltDoorOpened={on|off}\n Status of additional door switch
IntercomBreakIn={on|off}\n The status of the end switch of the intercom
```
**Request serial number:** 
`/cgi-bin/systeminfo_cgi?action=get`
```text
DeviceID=%u\n
```
**Request for obtaining the MC firmware version:** 
`/cgi-bin/intercom_cgi?action=fwversion`
```text
FWVersion=%s\n
```
**Request for SIP Registration Status:** 
`/cgi-bin/sip_cgi?action=regstatus`
```text
AccountReg1={0|1}\n
AccountReg2={0|1}\n
```
**Request to reset the settings while maintaining the network and apartment settings:** 
`/cgi-bin/factorydefault_cgi`
**Request a full reset:** 
`/cgi-bin/hardfactorydefault_cgi`
**Request getting gate settings:** 
`/cgi-bin/gate_cgi?action=get`
```text
Enable={on|off}\n This intercom is installed on the gate
MainDoor={on|off}\n Open the main door
AltDoor={on|off}\n Open additional door
PowerRely={on|off}\n Run off the power relay output
EntranceCount=%d\n Number of entrances
Address%d=%s\n Doorphone Address
BegNumber%d=%d\n Apartment no. From
EndNumber%d=%d\n Apartment no. To
Mode = {0 | 1} \ n Gate mode: 0 - mode 1, 1 - mode 2;
Prefix%d=%04d\n Home Prefix
```
**Request setting gate settings:** 
`/cgi-bin/gate_cgi?action=set&Param1=Value1&...`
**Request to get a list of configuration files on a USB drive:** 
`/cgi-bin/config_cgi?action=list`
```text
20180306_083144\n
20180306_083145\n
```
**Request to delete configuration files on a USB drive:** 
`/cgi-bin/config_cgi?action=remove&name=20180306_083144`
**Request to download configuration files on a USB drive:** 
`/cgi-bin/config_cgi?action=download&name=20180306_083144`
**Request getting user settings:** 
`/cgi-bin/pwdgrp_cgi?action=get`
```text
username:password:level:blockdoors\n
admin::1:0\n
user1::2:1\n
user2::2:0\n
```
**Request setting user preferences:** 
`/cgi-bin/pwdgrp_cgi?action=update&username=user1&blockdoors={0|1}` 
`/cgi-bin/systeminfo_cgi?action=get` 
uptime work and other system parameters 
**Comment Edit** **Request for obtaining compliance of the apartment:** 
`/cgi-bin/intercomdu_cgi?action=get&Index=0&Dozens=0&Units=0`
**Answer:**
```text
%d\r\n Apartment Number
```
**Request for setting of apartment matching:** 
`/cgi-bin/intercomdu_cgi?action=set&Index=0&Dozens=0&Units=0&Apartment=20`
**Request for obtaining a list of matching apartments:** 
`/cgi-bin/intercomdu_cgi?action=list&Index=-1`
**Answer:**
```text
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
\r\n
%d %d %d %d %d %d %d %d %d %d\r\n
...
```
**Request for setting of apartment preset matching:** 
`/cgi-bin/intercomdu_cgi?action=fill&Type=0&FirstApartment=1`
> Type - preset type: 0 - Visit, Digital, Eltis; 1 - Metacom 80 100 160 220; 2 - Metacom 25.
**Request export of the apartment matching table:** 
`/cgi-bin/intercomdu_cgi?action=export`
**Request for importing apartment matching tables:** 
`/cgi-bin/intercomdu_cgi?action=import`
**1) Configuration update via TFTP server:** 
`/cgi-bin/config_cgi?action=restore&filename=20180825_062523.bck&server=192.168.0.55&port=69` 
The file can be either an extension of bak and bck
**2) Audio tube CMS settings and microphone / intercom speaker:** 
Getting parameters: 
`/cgi-bin/audio_cgi?action=get`
```text
MicSensitivity=8
SpeakerVolume=8
KmnMicSensitivity=8
KmnSpeakerVolume=8
```
interval \[1 - 16\]
**Setting parameters:** 
`/cgi-bin/audio_cgi?action=set&MicSensitivity=15`
**Download DSP Parameters File:** 
Speaker / Microphone POST 
`/cgi-bin/audio_cgi?action=dsp1CMS`
tube POST 
`/cgi-bin/audio_cgi?action=dsp2`
**File name** 
filename=\*.bin
**Model change:** 
`/cgi-bin/config_cgi?action=lens&Type=Dome` 
`/cgi-bin/config_cgi?action=lens&Type=Pinhole` 
where:
> Dome - dome camera (DKS15120, DKS15122), Pinhole - pinhole camera with a false lens. (DKS15100, DKS15102)
`/cgi-bin/textoverlay_cgi?action=get` 
**Parameter**
> DateFormat=\[0-2\] Corresponds to order in the web 0 - yyyy-mm-dd 1 - mm-dd-yyyy 2 - dd-mm-yyyy
Example: 
[`http://192.168.0.144/cgi-bin/textoverlay_cgi?action=set&DateFormat=2`](http://192.168.0.144/cgi-bin/textoverlay_cgi?action=set&DateFormat=2)
**Changed CGI request pwdgrp\_cgi:** 
action=get returns data in the form of &quot;name: access rights separated by comma&quot;, example: `user1:1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1`
**Change Request:** 
`action=update&username=user1&capabilities=1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1`
**Alert for add. reader (if enabled, the intercom responds to the key with the add. reader as well as from its internal)** 
`/cgi-bin/intercom_cgi?action=get`
```text
ExtReaderNotify={on|off}\n
```
**Request for filling apartments:** 
`/cgi-bin/apartment_cgi?action=fill&FirstNumber=100[&LastNumber=100]`
> FirstNumber - the number of the first apartment to fill LastNum

330
Dipal/Backend/Fox/Third-party services/Kamailio.md Normal file

@ -0,0 +1,330 @@
# Installation from package repository
You can install Kamailio from APT repos:
```text
sudo apt-get install kamailio kamailio-websocket-modules kamailio-mysql-modules kamailio-tls-modules kamailio-presence-modules mysql-server
```
# Configuration Files
Configuration files are located in /etc/kamailio/ folder. Copy: kamailio into /etc/kamailio/ rtpengine into /etc/rtpengine fail2ban into /etc/fail2ban
`kamctlrc` The /etc/kamailio/kamctlrc is the configuration file for kamctl and kamdbctl tools. You need to edit it and set the SIP\_DOMAIN to your SIP service domain (or IP address if you don&#39;t have a DNS hostname associated with your SIP service).
Set also the DBENGINE to be MYSQL and adjust other setting as you want. Very important are the passwords to connect to MySQL server, respectively DBRWPW and DBROPW. By default, their values are kamailiorw and kamailioro. You should change them before executing kamdbctl create (step detailed the section Create Database).
`kamailio.cfg` The /etc/kamailio/kamailio.cfg is the configuration file for kamailio. Edit it to enable some of the features shipped with it.
To enable use of MySQL server backend, user authentication and persistent user location, add after the first line:
```text
#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_USRLOCDB
```
For a more detailed configuration, see [our Kamailio docs](http://194.226.0.195:32127/telecom/kamailio).
## Create Database
To create the database structure needed by Kamailio, run:
```text
kamdbctl create
```
The database name created in MySQL is kamailio. Two access users to MySQL server were created:
`kamailio` - (with password set by DBRWPW in kamctlrc) - user which has full access rights to kamailio database
`kamailioro` - ((with password set by DBROPW in kamctlrc) - user which has read-only access rights to kamailio database
The access for the two users is restricted to localhost, but as advised above, it is recommended to change their default passwords.
If you changed the value of DBRWPW in kamctlrc, you must update the value of DBURL define inside kamailio.cfg.
```text
#!define DBURL "mysql://kamailio:_NEW_DBRWPW_@localhost/kamailio"
```
> Alternavely, you can use [our SQL script](http://194.226.0.195:32127/telecom/kamailio/db) to configure database. {.is-info}
## Startup Scripts
### Init.d Scripts
Depending on startup system, you may have an /etc/init.d/kamailio script that you can use to start/stop kamailio.
First you should edit /etc/default/kamailio and adjust the setting for kamailio startup script, in particular the one that enables kamailio to start.
```text
sudo /etc/init.d/kamailio start
sudo /etc/init.d/kamailio stop
```
### Systemd Scripts
If the default startup system is systemd, then kamailio can be managed via systemctl:
```text
sudo systemctl start kamailio
sudo systemctl stop kamailio
```
First you may also need to edit /etc/default/kamailio and adjust the setting for kamailio startup script, in particular the one that enables kamailio to start.
## Adding Subscribers
To add subscribers (users), you can use the kamctl command:
```text
kamctl add userid password
```
Then you can configure your phone to register to Kamailio using the username and password set in the above command.
## Reading logs
You can print Kamailio logs from journalctl into file:
```text
sudo journalctl -eu kamailio -f > kamailio.log
vim kamailio.log
```
# Installing RTPengine
1. Clone the RTPengine repo:
```text
git clone https://github.com/sipwise/rtpengine.git
cd rtpengine
```
1. Install the necessary dependencies:
```text
sudo apt install debhelper-compat libmysqlclient-dev gperf libavcodec-dev libavfilter-dev libavformat-dev libavutil-dev libbencode-perl libcrypt-openssl-rsa-perl libcrypt-rijndael-perl libcurl4-openssl-dev libdigest-crc-perl libdigest-hmac-perl libevent-dev libglib2.0-dev libhiredis-dev libio-multiplex-perl libio-socket-inet6-perl libiptc-dev libjson-glib-dev libjson-perl libmosquitto-dev libnet-interface-perl libopus-dev libpcre3-dev libsocket6-perl libspandsp-dev libswresample-dev libsystemd-dev libwebsockets-dev libxmlrpc-core-c3-dev libxtables-dev markdown python3-websockets
```
1. Install the bcg729 library:
```text
VER=1.0.4
curl https://codeload.github.com/BelledonneCommunications/bcg729/tar.gz/$VER >bcg729_$VER.orig.tar.gz
tar zxf bcg729_$VER.orig.tar.gz
cd bcg729-$VER
git clone https://github.com/ossobv/bcg729-deb.git debian
dpkg-buildpackage -us -uc -sa -b -rfakeroot
cd ../
dpkg -i libbcg729-*.deb
```
1. Check the RTPengine dependencies again:
```text
dpkg-checkbuilddeps
```
1. Bulid the deb packages:
```text
dpkg-buildpackage --no-sign
```
> To fix the installation error:
>
> ```text
> invoke-rc.d: syntax error: unknown option "--skip-systemd-native"
> dpkg: error processing package ngcp-rtpengine-daemon (--install):
> ```
>
> You need to put the init-system-helpers from bionic-backports to do this by adding the source to /etc/apt/sources.list:
>
> ```text
> deb http://archive.ubuntu.com/ubuntu bionic-backports main restricted universe multiverse
> ```
>
> Create the file /etc/apt/preferences.d/init-system-helpers with following content:
>
> ```text
> Package: init-system-helpers
> Pin: release a=bionic-backports
> Pin-Priority: 500
> ```
>
> Install the package:
>
> ```text
> apt update
> apt install init-system-helpers
> ```
{.is-warning}
1. Install the RTPengine:
```text
dpkg -i ngcp-rtpengine-daemon_*.deb
dpkg -i ngcp-rtpengine-iptables_*.deb
dpkg -i ngcp-rtpengine-kernel-dkms_*.deb
dpkg -i ngcp-rtpengine-kernel-source_*.deb
dpkg -i ngcp-rtpengine-recording-daemon_*.deb
dpkg -i ngcp-rtpengine-utils_*.deb
dpkg -i ngcp-rtpengine_*.deb
```
## Configure RTPengine
```text
[rtpengine]
table = -1
interface = pub/<YOUR LOCAL ADDRESS>
listen-ng = 127.0.0.1:16400
listen-udp = 16401
timeout = 60
silent-timeout = 3600
tos = 184
port-min = 16384
port-max = 16485
log-level = 7
log-facility = daemon
log-facility-cdr = local0
log-facility-rtcp = local1
```
## Reading logs
You can print RTPengine logs from journalctl into file:
```text
sudo journalctl -eu ngcp-rtpengine-daemon -f > rtpengine.log
vim rtpengine.log
```
# Kamailio configuration
## Preprocessor directives
Kamailio configuration supports preprocessor directives to set constants.
See about configuration language on [official site](http://www.kamailio.org/wiki/cookbooks/devel/core).
At first we should define constants which activate some Kamailio features:
```text
#!define WITH_DEBUG
#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_WEBSOCKETS
#!define WITH_LOCALHOST_WS
#!define WITH_NAT
#!define WITH_LOCALHOST_SIP
#!define WITH_TLS
#!define WITH_RTPENGINE
#!define WITH_ANTIFLOOD
```
After that we can define the constants we are going to use in our configuration (adresses, ports, etc.):
```text
#!substdef "!MY_SIP_PORT!5060!g"
#!substdef "!MY_SIPS_PORT!5061!g"
#!substdef "!MY_WS_PORT!8080!g"
#!substdef "!MY_WSS_PORT!8089!g"
#!substdef "!MY_IP4_ADDR!<YOUR EXTERNAL ADDRESS>!g"
#!substdef "!MY_IP4_LOCAL_ADDR!<YOUR LOCAL NETWORK ADDRESS>!g"
#!substdef "!IP4_LOCALHOST!127.0.0.1!g"
#!substdef "!MY_WS4_ADDR!tcp:MY_IP4_ADDR:MY_WS_PORT!g"
#!substdef "!MY_WSS4_ADDR!tls:MY_IP4_ADDR:MY_WSS_PORT!g"
#!substdef "!LOCALHOST_WS4_ADDR!tcp:IP4_LOCALHOST:MY_WS_PORT!g"
#!substdef "!LOCALHOST_WSS4_ADDR!tls:IP4_LOCALHOST:MY_WSS_PORT!g"
```
## Addresses
Set up listening IP addresses:
```text
#listen=MY_IP4_ADDR
#!ifdef WITH_LOCALHOST_SIP
listen=IP4_LOCALHOST
#!endif
#!endif
##!ifdef WITH_NAT
#listen=udp:MY_IP4_LOCAL_ADDR:5060
#listen=tcp:MY_IP4_LOCAL_ADDR:5060
#listen=udp:MY_IP4_LOCAL_ADDR:5060 advertise MY_IP4_ADDR:5060
#listen=tcp:MY_IP4_LOCAL_ADDR:5060 advertise MY_IP4_ADDR:5060
##!endif
#!ifdef WITH_WEBSOCKETS
listen=MY_WS4_ADDR
#!ifdef WITH_LOCALHOST_WS
listen=LOCALHOST_WS4_ADDR
#!endif
#!ifdef WITH_TLS
listen=MY_WSS4_ADDR
#!ifdef WITH_LOCALHOST_WS
listen=LOCALHOST_WSS4_ADDR
#!endif
#!endif
#!endif
```
Do not forget to configure alias:
```text
/* add local domain aliases */
alias="your.domain.com"
```
## Generate certificate
**Lets Encrypt** is a service offering free SSL certificates through an automated API. The most popular Lets Encrypt client is EFFs **Certbot**.
Install Certbot:
```text
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
```
Certbot needs to answer a cryptographic challenge issued by the Lets Encrypt API in order to prove we control our domain. It uses ports 80 (HTTP) or 443 (HTTPS) to accomplish this. Open up the appropriate port in your firewall:
```text
sudo ufw allow 80
```
Substitute 443 above if thats the port youre using. ufw will output confirmation that your rule was added:
> Output Rule added Rule added (v6) {.is-success}
We can now run Certbot to get our certificate. Well use the --standalone option to tell Certbot to handle the challenge using its own built-in web server. The --preferred-challenges option instructs Certbot to use port 80 or port 443. If youre using port 80, you want --preferred-challenges http. For port 443 it would be --preferred-challenges tls-sni. Finally, the -d flag is used to specify the domain youre requesting a certificate for. You can add multiple -d options to cover multiple domains in one certificate.
```text
sudo certbot certonly --standalone --preferred-challenges http -d example.com
```
Add cerificates to Kamailio:
```text
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /etc/kamailio/keys/privkey.pem
certificate = /etc/kamailio/keys/cert.pem
```

9
Dipal/Backend/Fox/Third-party services/Microcontrollers.md Normal file

@ -0,0 +1,9 @@
The Dipal system connects to devices through a gateway called Akita. Physically, this is a microcomputer (it may be a router) with Linux and our software installed on it. Mosquitto is an MQTT broker. Z3Gateway is a utility compiled by us to connect to Zigbee devices. Akita should have Zigbee transmiter (for example, ESP32 chip with NCP).
We make custom microcontroller devices such as:
Smart lock.
Light device.
Meters.
Also we work with Xiaomi smart home devices.

127
Dipal/Backend/Fox/Third-party services/Owl.md Normal file

@ -0,0 +1,127 @@
_**Owl**_ is a service that converts RTSP stream to WebRTC. We store direct links to Owl in the Fox database.
Configuration:
```json
{
"channel_defaults": {},
"server": {
"debug": true,
"http_debug": false,
"http_demo": true,
"http_dir": "web",
"http_login": "demo",
"http_password": "demo",
"http_port": ":8083",
"https": false,
"https_auto_tls": false,
"https_auto_tls_name": "",
"https_cert": "server.crt",
"https_key": "server.key",
"https_port": ":443",
"ice_credential": "",
"ice_servers": [
"stun:dipal.ru:3478"
],
"ice_username": "",
"log_level": "debug",
"rtsp_port": ":5541",
"token": {
"backend": "http://127.0.0.1/test.php",
"enable": false
},
"webrtc_port_max": 0,
"webrtc_port_min": 0
},
"streams": {
"08f03b1e-63dd-489c-8fdd-72ae5a4d2115": {
"channels": {
"0": {
"on_demand": true,
"url": "rtsp://admin:asdfGH89@10.10.20.3:554/cam/realmonitor?channel=1\u0026subtype=0"
}
},
"name": "camera1"
},
"11182273-7b5a-4897-b05d-0fc798862de3": {
"channels": {
"0": {
"url": "rtsp://user1:PoI456ZxC@89.223.87.146:5554/av0_1"
}
},
"name": "intercom office"
},
"18be8642-7ed6-4617-b629-6796b5c85f79": {
"channels": {
"0": {
"on_demand": true,
"url": "rtsp://admin:asdfGH89@10.10.20.8:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera6"
},
"54dd40df-e0b7-43a4-b20f-d90c42367347": {
"channels": {
"0": {
"url": "rtsp://admin:asdfGH89@10.10.20.9:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera7"
},
"6a2dc231-cc63-4cf7-811c-a08c82158d2a": {
"channels": {
"0": {
"url": "rtsp://admin:asdfGH89@10.10.20.7:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera5"
},
"8a561408-76dd-47d3-a71c-7f0b2c48f5f8": {
"channels": {
"0": {
"on_demand": true,
"url": "rtsp://admin:asdfGH89@10.10.20.5:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera3"
},
"94f25efb-c4f5-4be2-aec3-b7e2bcbea3d0": {
"channels": {
"0": {
"on_demand": true,
"url": "rtsp://admin:asdfGH89@10.10.20.4:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera2"
},
"a235270a-1ab8-4423-a450-6b6f5114f55b": {
"channels": {
"0": {
"on_demand": true,
"url": "rtsp://admin:asdfGH89@10.10.20.10:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera8"
},
"be79ccc2-bbc0-4d4c-85d0-9f88a0b3f038": {
"channels": {
"0": {
"debug": true,
"on_demand": true,
"url": "rtsp://user1:asdfGH89@10.10.20.11:554/av0_1"
}
},
"name": "intercom"
},
"c29c073f-d818-4298-b59f-a8f3af752e49": {
"channels": {
"0": {
"audio": true,
"url": "rtsp://admin:asdfGH89@10.10.20.6:554/cam/realmonitor?channel=1\u0026subtype=1"
}
},
"name": "camera4"
}
}
}
```