Skip to content

FIDO RockPi Controller

This page contains documentation related to the RockPi controller. In order to configure a RockPi with the necessary operating system, you first need to download the correct SD Card image from the AWS S3 Bucket located here:

AWS mbari-readinet-images.

Note

Note that you need to be logged into the 706008-readinet AWS account and have permissions to view this S3 bucket. Please consult with MBARI Team to get access if you need it.

Once you download the image that you want to install on the SD Card, you want to push that image onto the card. The easiest is to use the graphical interface Balena Etcher but you can use the command line using the dd command. Detailed instructions on how to do this are not listed here, check with the Balena docs or the dd docs for your operating system.

Once the image is installed on the SD Card, insert the card into the RockPi and power it on. The device can take up to 3 minutes to complete it's initialization routine. Once the initialization is complete, a new WiFi network will appear named readinet-mgmt (each device will have a different suffix for this wifi address).

The device serves it's own user interface that you can access by connecting to the above local WiFi using the password readinet and then connecting to the application by browsing to https://10.42.0.1.

Connecting the Instrument to the Cloud Application

In order to connect your device to the remote cloud management service, you will need to perform some additional steps.

  1. Connect to the readinet-mgmt wifi address using the steps above
  2. SSH into the device by running ssh root@10.42.0.1 on the machine that is connected to the readinet-mgmt wifi network. The password is readinet.
  3. Once you are ssh'd in to the RockPi, initiate a vpn connection by issuing tailscale up --login-server https://vpn.prod.readinet.org (or tailscale up --login-server https://vpn.dev.readinet.org for the development server). This will generate a code that you will need in the next step.
  4. The node key generated in the previous step must then be accepted on the server. This needs to be done by a system administrator that has ssh access to the server you are trying to connect the instrument to. They need to ssh to the production or development server and issue headscale nodes register --user readinet --key nodekey:THE_NODEKEY_PRESENTED_BY_THE_CLIENT.
  5. On the RockPi, the VPN connectivity can be verified by issuing tailscale status or by pinging the server through the VPN with ping server.readinet.local.
  6. On the RockPi, restart readinet-web with systemctl restart readinet-web.

Note

NOTE: any time you change the VPN configuration, you must restart readinet-web, otherwise sync events won't work.

Note

There are two separate VPNs: Dev (vpn.dev.readinet.org) and Prod (vpn.prod.readinet.org). You can only be connected to one at a time.

Configure the Device

In order for the RockPi controller to effectively interact with the sampler and operate correctly, it's need to be configured. To do this:

  1. SSH into the device using ssh root@10.42.0.1. The default password is readinet

  2. The main configuration for the web interface is found in /opt/web/.env. You can edit the file by issuing vim /opt/web/.env or nano /opt/web/.env.The configuration options are as follows:

    Property Description
    SAMPLER_TTY The device location of the sampler on the linux box. Should start with /dev
    SAMPLER_BAUD Baud rate for the sampler serial connection. Should be a positive integer
    SAMPLER_TIMEOUT_SECONDS The number of seconds before a sampler operation would be cancelled. Note: this value can be overridden in code for some sampler operations
    SAMPLER_SELF_CHECK_SECONDS The number of seconds between running self checks for the sampler. This will temporarily lock the sampler.
    CONNECTIVITY_PING_CHECK_SECONDS The number of seconds between sending heartbeat pings to tell the server that the RockPi is online.
    THIS_DEVICE_ID The unique identifier for the device. This should match /etc/machine-id. Changing this value is not recommended.
    APP_VERSION The version of the application displayed in the lower left hand corner of the interface. Generated through the OS build process.
    MQTT_BROKER_URL The location of the MQTT Broker. In normal scenarios, it should be server.readinet.local.
    ROLE The role of the system. Must be either device or server. There should only be one server in the deployment.
    SECRET_KEY This is a web-server specific item to deal with cross site forgery. Do not change this value
    FLASK_ENV This is signifier for what environment the application is running in. It should be prod unless otherwise specified.
    SQLALCHEMY_DATABASE_URI A sqlite URI that points to the database in use
    REMEMBER_COOKIE_HTTPONLY A web-server specific item
    SESSION_COOKIE_SAMESITE A web-server specific item
    RUN_BACKGROUND_THREADS Background threads provide MQTT-syncing and device status reporting. This should be true unless debugging.
    APP_VERSION A text string that will get displayed as the current version. This should be automatically templated from the OS build.

  3. After making changes, you must restart the interface by issuing systemctl restart readinet-web

Hardware Specs

Below is some information on the hardware that is used on the RockPi controller.

Core Package (Need one for every system)

  1. RocPi Controller Board
  2. RockPi Housing
  3. RockPi WiFi Antenna
  4. 32 GB SD Card
  5. Power Supply

Additional Debug Tools (Not needed, but helpful)

  1. USB TTL Debug Cable
  2. USB Power Meter