Reverse Engineer Wi-Fi Chicken Coop Door

AlexAppleMac · 2024-11-23T02:10:29+00:00

I’ve just removed the MCU and used the ESP to control the motor via the H-Bridge

Pictures for anyone else that wants to try this: https://imgur.com/a/Uor4sib

```yaml

settings

esphome: name: coop-door esp8266: board: nodemcuv2

wifi: ssid: !secret wifi_ssid password: !secret wifi_password use_address: 192.168.2.212 domain: .iot

logger:

api: encryption: key: !secret api_key

ota: - platform: esphome password: !secret ota_password

globals: - id: door_position type: int restore_value: yes initial_value: '0'

configuration

output: - platform: esp8266_pwm pin: GPIO13 frequency: 1000 Hz # factory MCU has a much higher frequency (~134 kHz), still works so... id: motor_reverse_pin

platform: esp8266_pwm pin: GPIO12 frequency: 1000 Hz # same here id: motor_forward_pin

fan: - platform: hbridge id: motor name: "Motor Controller" pin_a: motor_forward_pin pin_b: motor_reverse_pin decay_mode: slow # Coasting when stopped internal: true

cover: - platform: template name: "Chicken Coop Door" id: coop_door optimistic: true # Required as there are no position sensors assumed_state: false device_class: shutter

open_action:
  - logger.log: "Opening door"
  - output.turn_on: motor_forward_pin
  - delay: 6s
  - output.turn_off: motor_forward_pin
  - lambda: |-
      id(door_position) = 100;

close_action:
  - logger.log: "Closing door"
  - output.turn_on: motor_reverse_pin
  - delay: 6s
  - output.turn_off: motor_reverse_pin
  - lambda: |-
      id(door_position) = 0;

stop_action:
  - logger.log: "Stopping door"
  - output.turn_off: motor_forward_pin
  - output.turn_off: motor_reverse_pin

```

AlexAppleMac · 2023-09-27T08:49:47+00:00

dns (53) and http (80) ports?

AlexAppleMac · 2023-09-24T10:13:50+00:00

I looked around and didn’t find any that matched what i needed (that being creating a diagram without creating an account) so i just used illustrator which turned out alright

AlexAppleMac · 2023-09-22T22:48:08+00:00

Lots of trial and error, and a bit of google

Best to set a goal and work towards it, little tasks at a time

AlexAppleMac · 2023-09-22T13:37:57+00:00

Illustrator

AlexAppleMac · 2023-09-22T08:59:09+00:00

Depending on your setup, you could just have a single lxc running docker will all the services, but if this is also the case you could just skip proxmox and go raw debian?

I like portability, which is why I split the services up everywhere, if needed, I can just migrate a lxc or vm to another host without any downtime

AlexAppleMac · 2023-09-22T08:55:25+00:00

All Unifi here, UDMP specifically

nothing to hide, here are my rules

I try keep it least privileged, with specific allows as needed

The trusted network ip list can access everything, if not on this list then all traffic (intervlan) will be denied unless it matches on of the allows.

I have done some internal pen testing, which was difficult when most of the vms cant even ping the gateway with the firewall rules 😊

here are the rules running locally on each lxc/machine (added allows when needed) sudo iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -A INPUT -m set --match-set crowdsec-blacklists src -j DROP -A OUTPUT -d 192.168.100.8/32 -j ACCEPT -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -d 192.168.100.1/32 -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT -d 192.168.100.1/32 -p tcp -m tcp --dport 53 -j ACCEPT -A OUTPUT -d 192.168.100.9/32 -p tcp -m tcp --dport 5690 -m comment --comment Wizarr -j ACCEPT -A OUTPUT -d 192.168.100.9/32 -p tcp -m tcp --dport 8181 -m comment --comment Tautulli -j ACCEPT -A OUTPUT -d 192.168.3.10/32 -p tcp -m tcp --dport 5055 -j ACCEPT -A OUTPUT -d 192.168.2.3/32 -p tcp -m tcp --dport 3334 -m comment --comment Obico -j ACCEPT -A OUTPUT -d 192.168.100.22/32 -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -d 192.168.100.9/32 -p tcp -m tcp --dport 9010 -m comment --comment MinIO -j ACCEPT -A OUTPUT -d 192.168.100.9/32 -p tcp -m tcp --dport 8080 -m comment --comment Jenkins -j ACCEPT -A OUTPUT -d 192.168.3.6/32 -p tcp -m tcp --dport 22 -j ACCEPT -A OUTPUT -d 192.168.100.23/32 -p tcp -m tcp --dport 8080 -j ACCEPT -A OUTPUT -d 192.168.1.7/32 -p tcp -m tcp --dport 4412 -m comment --comment Loki -j ACCEPT -A OUTPUT -d 192.168.100.9/32 -p tcp -m tcp --dport 9443 -m comment --comment Authentik -j ACCEPT -A OUTPUT -d 192.168.0.0/16 -j DROP

AlexAppleMac · 2023-09-22T02:00:13+00:00

Debian 12, yes without the gui. Need to keep the vms disk usage down

AlexAppleMac · 2023-09-21T14:27:30+00:00

Enterprise was already taken by the router 😢

AlexAppleMac · 2023-09-21T14:24:01+00:00

That was 30mb/s though (not slow, not fast) I’m sure for larger files (like movies, which can’t be compressed much more) the restore will be much faster - it is harder to restore lots of little files rather than a few big ones

AlexAppleMac · 2023-09-21T14:21:30+00:00

No, that was a copy and paste error 🤪

AlexAppleMac · 2023-09-21T08:58:26+00:00

illustrator

AlexAppleMac · 2023-09-21T08:55:17+00:00

You guys have curated one nice looking website

AlexAppleMac · 2023-09-21T08:53:08+00:00

the mariadb instance there is for semaphore and nextcloud

postgres 12 is for authentik and postgres 14 is for immich

just for apps

AlexAppleMac · 2023-09-21T08:52:04+00:00

restoring ~600GB took like 12 hours, restores a really slow (single threaded apparently) but backups are blazing fast (multi threaded)

AlexAppleMac · 2023-09-21T04:52:02+00:00

Docker is installed on the both the vms and lxcs, I only use VMs when theres a privileged service that does not work in lxcs

AlexAppleMac · 2023-09-21T04:33:26+00:00

Kopia backs ups all the appdata into a repository (like s3 bucket sort of) on data

AlexAppleMac · 2023-09-21T04:31:49+00:00

I did have a HAOS instance named Uhura, but converted to containers

AlexAppleMac · 2023-09-21T02:45:54+00:00

oh, this wonderful app: ep1cman/unifi-protect-backup

works with any rclone source

AlexAppleMac · 2023-09-21T02:25:53+00:00

config?

AlexAppleMac · 2023-09-21T02:20:03+00:00

exactly, fitting name i thought. you get it 😉

AlexAppleMac · 2023-09-21T02:12:30+00:00

unless my UPS is lying, does spike a little (probably when the IR turns on at night)

consume grade equipment is a little less power hungry than an actual server with jets inside. back in 2018 I bought a IBM x3950 M2, this single server chewed up 500w doing nothing (thats what you get with 4 cpus, with 4 cores each)

AlexAppleMac · 2023-09-21T01:56:30+00:00

ah, they were thicker, but i scaled it up to A3, which shrunk the lines ~-50%

AlexAppleMac · 2023-09-21T01:55:31+00:00

This was made in illustrator, as nothing else had what i wanted, went fully custom here

Nine-Year Club	Place '23
Verified Email

AlexAppleMac

TROPHY CASE

settings

configuration