A soft reset button for a raspberri pi

scenario

i have a raspberry pi that i want to be able to reboot cleanly without ssh-ing into it


sollution

we're going to use a GPIO pin with a button wired up like this

picture from adafruit's website

3.3 volt is pin 1 (the pin nearest to the port where you plug in the power addaptorGND  is pin 6 (2 down and one over from pin 1)
and i'll be using gpi 23 .. that's pin 16 (nr 8 on the same line as pin 6)

My buton is actually a different setup from the on in this picture (mine breaks contacet when pressed



next we make a script
$ sudo nano /etc/softresetbutton.py

#!/usr/bin/env python
from time import sleep
import os
import RPi.GPIO as GPIO
GPIO.setmode(GPIO.BCM)
GPIO.setup(23, GPIO.IN)
while True:
        if ( GPIO.input(23)== True ):
             # tue or false here depends on your button type
             # when in doubt replace 'reboot &' in the following line with 'echo "pushed" &'
                os.system('reboot &')
        sleep(0.1);

next we make this script executable
$sudo chmod +x /etc/softresetbutton.py

and test-run it
$sudo /etc/softresetbutton.py

push the button to test it
works ok ??
now we need to make it run at startup

$sudo nano /etc/rc.local

and add the line
/etc/softresetbutton.py &
just above the " exit 0 "


reboot and you'll have a soft-rest button

if you would prefer a "clean halt" button .. replace the reboot command in the script with  halt

Stupid but sometimes usefull IP-tables trick

OK so you want to secure your off-site server using IP tables .. this is always a good thing to do


on of the things that i highly recommend is to restrict the incomming IP's to  whatever port you are using for management so that you can only access it from your networks

but if you start messing with the iptables for port 22 (for example) and you make a tiny tiny slip-up you might lose connection yourself. if the machine is sitting next to you (under your desk or in your on-site server-rack, yu can walk over hook up a screen and keyboard and fix it .... but if it's in a datacenter somewhere... yu've got a problem. (with a physical machine all you can do is get an engineer to help you out (expensive) or hard reboot the machine (not nice))

the trick is .. let's say we're starting at 2 in the afternoon, and we think we might have 15 minutes of work.
so we'll shedule a restore f the current situation in 20 minutes
as root (obviously) do

$iptables-save > /home/user/iptables.conf
$at 14:20
at>iptables-restore < /home/user/iptables.conf
   ctrl-D to save the job and quit

now check your job is scheduled
$atq
1       Wed Sep 25 14:20:00 2013 a root


start messing with your iptables
if something goes wrong .. wait for the scheduled restore

if nothing goes wrong (congrats)
you can remve the job with
$atrm 1

Raspberry PI Checkin devices

the brief

We have a project at work called the "uitpas" it's sort of a point card for cultural events. (more info about the uitpas can be found at http://www.uitpas.be/ ) when you have a certain ammount of points, you can exchange it for ceratin prizes (movie tickets, hiking maps ... )

There are a lot of events however where people either buy their tickets before hand or where no tickets are needed. So  there was a need for a check-in device that could opperate without a person manning it. 

The Uitpas cards are rfi cards (DESfire mifare to be exact) 

the sollution  

hardware 

ingredients 

  * Raspberry pi (orignally i used the 256mb kind, currently we are using the the 512mb) 

  ** 4 gig SD card 

  ** case for the raspberry pi  (i chose this one because it still allows me access if one side is glued to the backplate of our setup)

  * usb smart card reader 

  * powerd usb hub 

  * a small screen that we got from adafruit http://www.adafruit.com/products/946 

  *  short micro usb cables 

   * short mini usb cables
Optional
  * sme small wifi adaptors (i got an edimax one from amazon , but i guess any would do .. check the raspberry pi wifi compatibility page for details)

testing setup

you can see everything (exept the screen) hooked to the left here. In this example it was hooked up via HDMI to a PC screen because that was easier to debug on (A 4 inch screen makes the console hard to read)

The raspberry pi is hooked up to the USB hub twice, once as it's host, and once in order to be fed some yummy yummy electricity
the reason for hooking up like this is that the raspberry pi does not supply enough amps on it's usb ports to power the RFID reader.

the card reader required these packages to be added

libccid : PC/SC driver for USB CCID smart card readers
libpcsclite1:armhf : Middleware to access a smart card using PC/SC (library)
pcscd : Middleware to access a smart card using PC/SC (daemon side)


we have a software partner ( lodgon ) that writes all the clients and they supplied us with a java application that reads the card does the oauth handshake with the server and writes directly to the frame buffer.

in order to run that software the PI user has to lgin automatically at boot-time

to do this you have to edit  /etc/inittab  end replace the line
1:2345:respawn:/sbin/getty --noclear 38400 tty1
with
1:2345:respawn:/bin/login -f pi tty1

/dev/tty1 2>&1

Autorunning the java application is done by adding the command that starts it to the end of the /home/pi/.bashrc file.

Accessing them remotely

They willl be dropped at locatios where they will not have a public IP adress. but i still need to be able to access them remotely. mainly for trouble-shoting, but also for monitoring them and seeing that they do OK.
i could set up VPN tunnels but that's a hasslte to maintain on my end and can cause "issues". So i requested a bunch of IPv6 tunnels from the nice people at Sixxs.
Because the raspberry pi does not have a battery for it's onboard clock the tunnels did not start reliably at bootup
so i have a script that runs at bootup that checks wether or not the tunnel is up. (by calling ifconfig and checking if the sixxs interface is present) .. if it is not i runt "ntpd -qg" and restart the tunnel. it's a little dirty, but it works.

The casing 

We have a previous version that's running an arduino ... the new Raspberry pi version should be recognizable and be able to use the "pedestals" of the arduino version, but obviously it should be bigger (more stuff inside, bigger screen ). and it should also solve a few "usability problems". 

I feel compelled to write here that the "industrial design" on the arduino version was done by an external partner .. all i did was the electronics. and they placed the rfid antenna behind 1 cm of plexy and a working 16*2 lcd screen .. so it does not read to well , and to add to the troubles your card blocks the screen if you present it to the reader. 

siblings

the small one on the right is the old version 

the one on the right is the new version. 

metal piece of the casing

so we made some basic design (in cardboard) had some meetings and found someone to build us a piece of metal as a frame. we also found someone to print and cut the frontplate as well as bend and cut a piece of plastic to cover the back.

screen and rfid reader inside

using some double-sided 3M tape to paste it all together. ANd adding some short USB cables where possible to keep it from becomming a big cable-knot.

All the electronics inside

So We've had about 10 of them in the field now and they seem to be performing well.

one Check-in device in the public library in Lede

watching a logfile and doing stuff

I needed to watcha logfile and trigger an action if a specific line appeared in the logs

    #!/bin/sh

    #tail the file you want to watch

    tail -fn0 /var/log/logfile | while read line ; do

            echo "$line" | grep 'line to react to' | grep -v 'things to block the reaction' 

            if [ $? = 0 ]

            then

                    # do things

                    echo "just saw $line"

                    mpg123 triomph.mp3

            fi

    done

save this as script.sh

make it exectuable (chmod +x script.sh) 

and let it run in the background ./script.sh &