Skip to content
/ phat-pager Public

eInk pager that prints a message received from MQTT in an encrypted and authenticated Yggdrasil tunnel

License

GPL-3.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

benhylau/phat-pager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
pub
pub
 
 
sub
sub
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
phat-pager.gif
phat-pager.gif
 
 

Repository files navigation

pHAT Pager

A toy pager that receives messages from a MQTT broker when it can connect via WiFi, and prints the most recent message on an eInk display. Messages are published from the same server running the MQTT broker, which is only accessible from authenticated devices via an encrypted tunnel. Communication between Server and Pager is end-to-end encrypted using Yggdrasil, and permissioned by iptables firewall pinning to the persistent Yggdrasil IPv6 address.

phat-pager

Pager hardware from Adafruit:

Configuring the Server

Start with a Debian Stretch VM with a publicly accessible IP address and configure MQTT:

  • Install Mosquitto with the mosquitto and mosquitto-clients Debian packages and ensure the MQTT broker's systemd service is running
  • Install jq for JSON processing in bash
  • Copy the send-message script and publish a message like this: 
    ./send-message "pHAT PAGER" "featuring" "+ indexed-colour PNGs" "+ _extra_ Entropy"

Configure end-to-end encryption and IP address authentication with Yggdrasil:

  • Install Yggdrasil and ensure its systemd service is running
  • Install iptables-persistent
  • Add a rule to /etc/iptables/rules.v6 that exposes the MQTT port 1883 only to PAGER_YGGDRASIL_IPv6: 
    -A INPUT -p tcp -s PAGER_YGGDRASIL_IPv6 --dport 1883 -j ACCEPT
  • Apply the firewall rule with: 
    ip6tables-apply /etc/iptables/rules.v6

Configuring the Pager

Prepare your Raspberry Pi Zero W:

  • Flash Raspbian Stretch Lite on SD card
  • Enable SSH access and connect to device via SSH
  • Use sudo raspi-config to enable WiFi and set a new password

Install drivers for eInk display:

Configure Yggdrasil and peer with the Server:

  • Install the Yggdrasil build for armhf
  • Enable and start the yggdrasil service in systemd
  • Add the Server as a peer in /etc/yggdrasil.conf and restart the service
  • Install haveged (otherwise Yggdrasil may wait a long time to start after a reboot waiting for sufficient entropy)
  • Try to ping6 SERVER_YGGDRASIL_IPv6 to ensure the Pager can reach the Server over the Yggdrasil encrypted tunnel

Configure MQTT and pHAT Pager script:

  • Install the Python MQTT client with sudo pip install paho-mqtt
  • Copy the contents of sub to /home/pi/phat-pager/ on device
  • In /home/pi/phat-pager/phat-pager.py, change the MQTT_HOST to SERVER_YGGDRASIL_IPv6
  • In /home/pi/phat-pager/phat-pager.service, change the colour on the ExecStart line to that of your Inky pHAT model
  • Move the phat-pager.service file to /etc/systemd/system/ then daemon-reload, enable, and start the service
  • The eInk display should refresh and show the most recent message
  • Push a new message from the Server and the Pager eInk display should refresh immediately
  • Reboot the Pager and verify that the Pager eInk display refreshes immediately after boot and each time a new message is published to the MQTT broker

About

eInk pager that prints a message received from MQTT in an encrypted and authenticated Yggdrasil tunnel

Resources

Readme

License

GPL-3.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages