MQTT Connection Failed Status Codes (Connack Return Codes)

If you’ve every played with MQTT you’ve probably had issues connecting to your broker. Whether it’s one you’ve setup or you’re using a 3rd party provider like AWS, they should all follow the MQTT protocol. This is mainly for my reference cause I can never find it, but below is a list of the standard connack codes that could be returned when you try to connect.

Note these have been directly copied from the official specification. You can see the original by clicking here.

Table 3.1 – Connect Return code values
Value Return Code Response Description
0 0x00 Connection Accepted Connection accepted
1 0x01 Connection Refused, unacceptable protocol version The Server does not support the level of the MQTT protocol requested by the Client
2 0x02 Connection Refused, identifier rejected The Client identifier is correct UTF-8 but not allowed by the Server
3 0x03 Connection Refused, Server unavailable The Network Connection has been made but the MQTT service is unavailable
4 0x04 Connection Refused, bad user name or password The data in the user name or password is malformed
5 0x05 Connection Refused, not authorized The Client is not authorized to connect
6-255 Reserved for future use

Possible fix for really slow tab auto completion on ubuntu (bash)

For days I’ve struggled with this new linux install on a virtual machine on my local network.  The SSH has been super unreliable and everytime I typed tab for an auto completion the whole thing seemed to lock up for ~30 seconds.  Turns out the autocompletion problem was the simplest fix ever!  After scouring the internet for ages I found this command.

sudo updatedb

It’s simple, all it does is update the auto completion database. (according to the forum I found it on) What was probably happening is the database got really big and was taking ages to scan through.  It beats me why a fresh ubuntu install had this problem, but at least it’s solved, for now.

3DR Solo DSLR & 1/4″ Tripod Mount Adaptor

If you’ve seen my 3DR Solo xtra large leg extenders post, you might be wondering what I used to attach my Sony a5100 to my Solo. Well I used the “pretty” face plate thing that comes with solo.  (for use without a gimbal)  It has a hard mounted GoPro adaptor on it and for now this will suffice. It’s basically a little right angle GoPro to 1/4″ tripod mount adaptor with an offset 1/4″ mount to roughly centre the a5100 and ensure it’s as small as possible.

You can download my STL file for the print via the link at the end of this post.  You can see this mount in action in the photo below.  I highly recommending that you take it slow and easy.  The “rubber stoppers” to help combat gello/vibrations are designed to take a ~85g GoPro, not a ~400g compact DSLR.  I highly recommend tethering the Sony to the Solo just in case the mount fails.

I recommend using leg extenders like these for some extra clearance!

It’s important to print the mount so that when you look down on the print bed from above you see an L shape.  This ensures the layers aren’t parallel to the camera body.  It’s extremely weak when printed this way.

Download the 3DR Solo 1/4″ Tripod Mount Adaptor STL file

3DR Solo Leg Extenders (XLarge!)

So I’ve just bought a Sony a5100 (awesome little camera) and am in the process of fitting it to my 3DR Solo drone. At the moment I have it attached via an adaptor to the hard mounted GoPro mount. It points straight down. However, with the stock legs the lens is dangerously close to the ground; this is not ideal.

Dangerously little clearance with stock leg extenders!

There are a few leg extenders floating around but most were either to small or unnecessarily complicated to print. I decided to just design my own. I call it, Simple Solo Leg Extender – super original name right? They don’t need any support and will print on basically any printer. Did I mention they’re also extra large? They add roughly 5cm of additional ground clearance to Solo. My a5100 is much happier now it’s less likely to get a scratched up lens.

And Fin !

Download the STL file here

 

3DR Solo GPS Spacer (“Cardboard Mod”)

I finally got around to 3D printing a GPS spacer for my 3DR solo.  This is also known as the “cardboard mod” around the forums/Facebook groups.  What this spacer does is puts some space between the copper foil and the GPS PCB.  3DR made a mistake when designing the GPS module and spaced it to close to the PCB, meaning it’s not as effective.

Note:  DO NOT use a “Revision A” GPS.  These have a known design flaw and are not reliable.  You can check what you have by the writing on the GPS PCB.

The first step is to head over to thingiverse and download the model designed by @Tunames.  The thingiverse page is here.  Just print it out and begin taking apart your solo.  I’ll briefly cover the installation procedure below.  It should go without saying, every time you take Solo apart no battery should be connected! (unless you know what you’re doing)  It’s also not a bad idea to take the GoPro off too.

Start by undoing all 4 screws underneath where the battery normally sits.  Then get a small flat-head screwdriver (ideally a rubber spudger) and gently pry off the GPS cover.  Underneath the GPS cover you should find 3 screws, undo all 3 and slowly lift up the battery tray.  Be careful of the GPS cable, unclip it as soon as you can.

Now flip the battery tray over and you should see a black tape looking cover.  Peel it off, being careful not to destroy it.  It’s copper shielding that’s really important for keeping out interference.  Undo all three screws holding the GPS in and sit them aside.  Place the 3D printed spacer with the flat side out.

Tip: If the tape loses it’s stickiness use a generous amount of glue stick to hold it in place.  You do not want the tape coming loose!

Now, put everything back together in the reverse order.  When you turn Solo back on you may not notice an immediate difference.  You might get a slightly faster lock, but in general the GPS should be more reliable.

DIY 3DR Solo Charger (also car charger)

So I bought a 3DR Solo “Smart Drone” and some spare batteries.  To charge them all faster I thought I’d make my own charger.  I’ve also made a little adaptor so I can charge them in my car.  (run another cable off the car battery or turn the current down when using a car)

First of all you must use a voltage and current limited power supply.  If you don’t you’ll damage the battery or worse, start a fire.  These may be “smart batteries” but they will happily accept more voltage and current than what’s good for them.

I’ve made lots of assumptions in this build log/tutorial.  if you can’t do some of the stuff it assumes then this project probably isn’t for you.

Before starting you should be comfortable with:

  • Using a multimeter for measuring voltage and current
  • Soldering
  • Reading basic circuit diagrams
  • Having a power supply of 12v at ~7A per charger

Parts:

Boost Converter ~$7 (link)

I used one of these boost converters off eBay.  They’re cheap and can be used for many things as you can set the exact output voltage and apply a current limit.  I ordered a couple to keep on hand.

Input Connector – XT60 (you can use anything)

I love the yellow XT60 connectors, they come on most LiPo batteries I buy and can handle 60 amps.  They are easy to solder and plug/unplug.  Anything I have that uses/supplies around 12v has an XT60 on it making lots of things interchangeable.  (like my glue gun that can be used on batteries, desk power supply and car) You can get these online or from HobbyKing.

Output Connectors – Copper Clad Board (link for Australia)

The output connectors are a bit tricky.  They don’t use a readily available connector.  I just found some copper clad board that fit snugly and cut out the correct size.  My calipers broke so I can’t measure it properly but I’d guess it’s the standard 1.5mm thick stuff.  I’m currently working on a 3D printed connector, at the moment you have to manually plug the +/- connectors in.  If you get the polarity wrong, you will blow up your boost converter and probably the battery controller.

Hint: shorten one side so it’s harder to short.

Optional Case/Fan

I also bought a plastic case for about $3 and used a random 12v fan I had lying around.  This makes for a clean setup that stays cool.

How to assemble

1) The Case/Fan

If you’re putting the boost converter inside a case like I did you need some form of active cooling.  I drilled a bunch of holes in the tops roughly the shape of where air blows from the fan.  I drilled about 1/3 of the holes on the side to force the air into the case then out the side.  I then use a rubber band to hold the fan in place.  I only put it over half so more of the blades were over the holes and so I can attach another charger.

2) Wiring

The wiring is pretty straight forward.  I’ve attached a diagram to help out.  Make sure you use cables capable of carrying 16.8v @ 5A on the output and 12v @ 7A on the input.

3) Setting Voltage/Current

If you got the same boost converter I did (or one that looks similar) you can probably use the diagram below for reference.  Turn the current limit all the way down to the minimum.  (you should hear clicking when the trim pot hits the min) Next, get your multimeter and check the voltage.  Keep twisting the voltage trim pot until it gets to exactly 16.8v.  If you go any higher you risk damaging the battery.

Now set up your multimeter to measure the amps going into the battery from the charger.  Hook it all up, start charging the battery and measure the current.  Adjust the current up to a maximum of 5 amps.  Any more than 5 amps will damage the battery and be a fire/explosion risk as it can’t safely charge that fast.  I recommend doing this on a half charged battery for optimal results.

 

4) Fin.

Congratulations, you just made a $10-$15 solo battery charger.  Also at 5A, this charges approximately 50% faster than the original charger.

Connect to armbian (orange pi) without the IP

There are many reasons why you may not have a static IP configured for your orange pi/armbian installation.  Maybe it needs to be portable to different networks or your network doesn’t allow static IPs.  Whatever the reason it is a pain to find the IP, often you have to use a scanning tool like nmap.

We’re going to install a popular Linux implementation of zerconf.  These steps should work on any flavour of Ubuntu but I specifically used armbian on an orange pi zero.  It’s simple to install, just follow these steps:

Change your hostname from default

While not mandatory, it’s generally a good idea.  If another device running raspbian for example pops onto the network you’ll have two devices with the same hostname!  Edit /etc/hostname using the vim text editor (if you don’t know vim install it then type “vimtutor”):

sudo vim /etc/hostname

In that file you’ll see the current hostname, simply remove it and replace it with the new one.  Now edit the hosts file.  Make sure you replace every instance of the old hostname with the new one to make sure it resolves properly

sudo vim /etc/hosts

Now reboot your system to apply all of the changes.

sudo reboot

Install the Avahi Daemon

Something to note is most full versions of Ubuntu come with avahi-daemon installed out of the box, so give hostname.local a try first.  Simply type the following command and it’ll install avahi-daemon.  You shouldn’t need to restart but if it doesn’t work right away you know what to do.

sudo apt-get install avahi-daemon

In the case of my orange pi, after setting the hostname to “homeassistant” and installing the avahi daemon, it’s now accessible via homeassistant.local – much more convenient than an IP.

Restart button for Home Assistant on the front end

This is a pretty simple tip, but handy nonetheless.  When you’re busy configuring Home Assistant you’ll probably find yourself restarting it all the time.  So I decided to add a convenient button onto the front end to do it for me.

Basically, you just need to add a switch to the configuration file.  If you’ve set up Home Assistant with systemd according to the official documentation, this snippet should work nicely for you.  I found it gave an error “Failed to call service homeassistant/turn_on” when used.  That’s probably because the server has just been restarted and can’t “confirm” the action has been completed to the front end.

Note:  Do NOT use this unless you’re confident no one else is able to read your configuration file as it contains your password in plain text!
switch:
  platform: command_line
  switches:
    restart:
      command_on: "echo '<password>' | sudo -S systemctl restart home-assistant@<username>.service"
      command_off: "echo '<password>' | sudo -S systemctl restart home-assistant@<username>.service"

My home automation system overview (main components)

I’ve been working on my home automation system quite a bit recently.  So far I’ve automated a few things, namely my work room’s light and power, and my bedroom’s light and fan.  When I get around to it I’ll be automating all the outside lights and some more power points.  In this post I’ll quickly go over all the components you need for my home automation system and what they do.

The main components are:

  1. MQTT Broker (Server) – this is the “communications mainframe”
  2. Home Assistant Server – a nice interface/automation server
  3. Server Hardware – I use an orange pi zero
  4. Automation hardware – WiFi relays, sensors etc

1) Mosquitto (The MQTT Broker)

Mosquitto is an open source MQTT broker.  Now the first thing to explain is what is MQTT?  I mentioned it’s like a communications mainframe, well it kind of is.  If you aren’t familiar with the publish subscribe concept I suggest you read up on it.  However, the main concepts are you have clients that connect to a broker.  (MQTT terminology in bold) A client can subscribe or publish a message to a topic.  A topic might look like “sensors/kitchen/temperature”.  When a client is subscribed to a specific topic, that client will receive all messages published to that topic.

This tutorial by Digital Ocean is a fantastic resource for setting up the basics of an MQTT broker.  It’s a great introduction on how to set up a working broker, and how to secure it.  However, I reccomend that you go one step further.  See how to use ACLs and multiple user accounts to limit what topics each client can subscribe and publish to.  This ensures if an account is ever compromised, the damage can be contained.

2) Home Assistant

Home Assistant is an open source, python 3 based home automation hub.  They had me at open source and python 3. 😉 It is fairly easy to use but the killer feature is it’s integration.  It integrates with everything!  I can almost guarantee if you want something integrated it already has a compatible component.

The main components I use are WeMo (curse thee belkin, I should never have wasted my money on a WeMo), chromecast, MQTT, owntracks and pushbullet.  I’m still adding more when I have the time so this list will probably be out of date quickly.  It’s configured with a single yaml file, which is a little annoying and will definitely get convoluted fast.

To see the ever expanding list of built in components check out this link.  In my opinions its the best one out there.  It also has by far the nicest looking interface, it comes with a mobile friendly web app.

3) Server Hardware

This title is slightly misleading as you don’t really need a server.  I bought a few Orange Pi Zeros and have been pleasantly suprised at how well they work.  In Australia, I could get 2 for a similar price as a single raspberry pi zero.  The raspberry pi is also only available in quantities of one at the moment.  But the main reason I like them better for this purpose is the full size ethernet and USB port on board, and the built in WiFi.

The full sized ethernet port is a big plus, makes it so much easier to work with.  However, with great price comes terrible software support.  I didn’t feel that comfortable with a dodgy looking baidu cloud/google drive link for the operating system.  I ended up trying it on only to find out it wouldn’t boot from any “official” image.  However, armbian to the rescue!  They support the orange pi zero and it booted up straight away.  I could see it on my network so I went ahead and installed mosquitto and home assistant.

Here is the official armbian page and download links for the orange pi zero.  I like ubuntu so that what I went ahead with.  Note, neither of these operating systems contains a desktop environment so you’ll have to get familiar with the command line.

4) Automation Hardware

A couple years ago I bought a belkin WeMo for my 3D printer; I wanted to be able to turn it off when it was done and I wasn’t home.  However, it’s a terrible product.  Sorry Belkin, you tried, but it just doesn’t work.  It’s slow, laggy and never stays connected properly.  The only thing going for it is it’s price tag, oh wait I forgot it’s $70.  But at least they make an api available – actually nevermind they don’t do that either.  To be fair it was one of the first plug and play WiFi relays around so I’ll give them that.

My favourite piece of hardware at the moment is the sonoff by itead.  It needs a bit of hacking to get going.  But once you’ve loaded TASMOTA onto it they’re awesome.  TASMOTA is basically plug and play; upload, configure and you’re done.  Basically, you wire a sonoff in between any device/appliance you want to control wirelessly.  I’m renting and have decided not to modify any of the wiring in my house because I value our insurance validity.

NOTE: Do not try this unless you know what you’re doing and you have a qualified electrician look over your work.  Something as simple as mixing up the colour of the wire can cause someone in the  future to shock, injure or kill themselves! (electrical standards exist for a reason)

What I’ve decided to do is buy some slampher‘s to go on my lights where they fit.  You can modify the button and wire one into a blank faceplate.  This means you’ve still got a manual butotn but it’s WiFi connected.  For all other appliances I’m making up power boards and extension boards with a sonoff built in.  This means I can plug anything in and make it WiFi connected – all without voiding my house insurance and upsetting my landlord.

Another option for lightswitches is the sonoff touch.  However I don’t like it’s price tag or the fact I legally have to get an electrician to install it for me.  I’d rather a slampher and DIY button for a fraction of the cost. That being said, they do look really nice.

 

That’s my brain dump for tonight.  I’ve gone into more detail of my MQTT setup and will eventually do the same for all the other topics. (see what I did there 😉 )  Hopefully this is a good overview of all the major components needed and will point you in the right direction.

MQTT – How to use ACLs and multiple user accounts

I’ve previously written about how awesome MQTT is and how it’s an integral part of my home automation system.  This tutorial will show you how to make your MQTT broker more secure.  In any sort of information technology you should always use the principle of least privileges.  Basically, only give each account the bare minimum access that they actually need.

1) Define Needs

Lets use my home automation system as an example.  I’ll limit to just a few clients in this example.  I have my automation server (home assistant), a WiFi light (a sonoff) and a light sensor.  Lets state the minimum needs of each client:

Home Assistant

  • Process all MQTT messages to allow full control of devices and to run automation scripts

WiFi light (sonoff)

  • Subscribes to “cmnd/light/POWER” for control
  • Subscribes to “cmnd/light/UPDATE” for OTA updates
  • Publishes to “stat/light/POWER” for status and confirmation

Light Sensor

  • Subscribes to “cmnd/sensor/kitchen/light” for a manual sensor reading
  • Subscribes to “cmnd/sensor/kitchen/light/set” to change settings
  • Subscribes to “cmnd/sensor/UPDATE” for OTA updates
  • Publishes to “stat/sensor/kitchen/level” with current light level

2) Create User Accounts

We can now see we have three clients with distinct, separate needs.  This is a good case where three MQTT user accounts would be beneficial.  Let’s say our Light Sensor has a security flaw that accidentally exposes the password, we don’t want to give someone full access to our system!

If you haven’t already, follow Digital Ocean’s tutorial on setting up and securing Mosquitto.  To add a new user account is quite easy.  Simply run the following command and follow the prompts to enter a password.

sudo mosquitto_passwd /etc/mosquitto/passwd <new-user>

So in total, you should run 3 commands that look something like these, note how I like to obscure the usernames a little.  Call me paranoid, but it makes them just a little bit harder to guess.

sudo mosquitto_passwd /etc/mosquitto/passwd homeassist
sudo mosquitto_passwd /etc/mosquitto/passwd sonoffswitch
sudo mosquitto_passwd /etc/mosquitto/passwd lightsense
Note: make sure you use a very secure password for the home assitant account as it will have full access!

3) Tell Mosquitto to use ACLs

Open your mosquitto configuration file:

sudo vim /etc/mosquitto/conf.d/default.conf

Add the following line, specifying where you put your ACL file.  (I put mine in the same directory as the passwd file)

acl_file /etc/mosquitto/acl

MQTT has two types of wildcards:

  1. “#” means literally everything and is “recursive” so can only be used on the end of a topic.
    1. example “cmnd/light/#” will receive every message from topics that start with “cmnd/light“.
  2. “+” meanse literally everything but only one level, so one or more may be used inside a topic.
    1. example “stat/+/POWER” could receive the “POWER” message from every device.

Generate your ACLs

Open your ACL file and add your topics and user accounts to it like below.  Note the three types of permissions; there are read, write and readwrite.  Wild cards may also be used. Also, please for the sanity of future you document what each one does!

# Give Home Assitant full access to everything
user homeassist
topic readwrite #

# Allow the sonoffs to read/write to cmnd/# and stat/#
user sonoffswitch
topic readwrite cmnd/#
topic readwrite stat/#

# Allows the light sensor to read/write to the sensor topics
user lightsense
topic cmnd/sensor/#
topic stat/sensor/#

Notice how the light sensors have a similar permission level as the sonoffs?  The sensors don’t need to read/write to the sonoffs so they shouldn’t be allowed.  However, we may want the sonoffs to be able to directly read the sensors.

4) Save and profit ??

Save all the settings and make sure they’re right.  Normally I wouldn’t reccomend it, but it may be useful to right down the usernames and passwords of all the accounts.  This could save a lot of confusion with all the different accounts.  (of course you should destroy the passwords after)

Be sure to restart both home assitant if you’ve got it running and the Mosquitto server so that the changes can be applied.

sudo service mosquitto restart
sudo service homeassistant restart

 

Let me know how you go or if you run into trouble in the comments below.  I couldn’t find much documentation on actually implementing ACLs and multiple user accounts so hopefully this makes it easier for others.