jason schaefer . com

"arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say."

Category: hardware

  • Meshtastic solar repeater and client node setup

    ** this post is under construction **

    == Repeater setup ==

    Requisites:

    – solar charged
    – battery powered
    – low temp Li-ion charge cutoff
    – low power
    – no gps module due to fixed location
    – advantageous location
    – reliable/durable
    – medium gain antenna

    Materials:

    Soldering iron. Whatever you have should work, no fancy soldering required

    Heatshrink tubing https://www.amazon.com/Wirefy-180-Heat-Shrink-Tubing/dp/B084GDLSCK/

    RAKwireless WisBlock Meshtastic Starter Kit US915 https://store.rokland.com/products/rak-wireless-wisblock-meshtastic-starter-kit

    Optional GPS module https://store.rokland.com/products/rak-wireless-rak12500-gnss-gps-location-module-u-blox-zoe-m8q

    Outdoor, 915mhz, dipole antenna https://www.mouser.com/ProductDetail/712-ANT-8-9-IPW1SMA

    18650 Battery holder https://www.amazon.com/dp/B098SS1XYG

    Nitecore low temp battery https://www.18650batterystore.com/products/nitecore-nl1835lthp-18650-3500mah-8a-low-temperature-battery

    JST 2.0 Ph 2-Pin Connector Plug Male with 150mm Cable & Female https://www.amazon.com/dp/B01DUC1O68

    JST ZH1.5mm 2PIN Micro Electrical Male and Female Connector Plug with 150mm Wire Cables **this is only needed if you want to bypass the low temp charge controller and plug in direct to the onboard RAK solar plug** https://www.amazon.com/dp/B0B58M7D49

    5w solar panel https://www.amazon.com/Dzees-USB-C-Solar-Panel-360%C2%B0Adjustable/dp/B0CT355XFY/

    Adafruit solar charger with low temp cutoff https://www.adafruit.com/product/4755

    10k thermistor https://www.adafruit.com/product/372

    Male DC Power adapter – 2.1mm plug to screw terminal block https://www.adafruit.com/product/369

    Insulated enclosure https://www.harborfreight.com/brands/apache/1800-weatherproof-protective-case-small-black-64550.html

    Camo the PV and Enclosure https://www.rustoleum.com/product-catalog/consumer-brands/specialty/camouflage-spray-paint

    The Rak Wisblock is the perfect choice for a repeater. Its low power, modular and extremely reliable. You can purchase the starter kit which comes with the base board (RAK19007) and the Lora + bluetooth chip (RAK4631). It comes with PCB antennas (0.8dBi) that we won’t use for this fixed repeater. Always keep the antennas connected before powering the radio! Lack of antenna load will result in damage to the radio chip.

    Lets start by setting up the Rak wisblock for Meshtastic firmware

    Download the version of Meshtastic that suites you. Go through the change log to help you decide https://github.com/meshtastic/firmware/releases

    Here is the link to the latest stable https://github.com/meshtastic/firmware/releases/latest

    unzip firmware-2.3.10.d19607b.zip

    locate the firmware file for the wisblock 4631. Its called “firmware-rak4631-2.3.10.d19607b.uf2” (replace the 2.3.10…. with whatever fw version your using)

    plug the wisblock into your computer and double tap the button shown below.

    This will expose a mountable filesystem that you can copy the firmware image into.

    copy “firmware-rak4631-2.3.10.d19607b.uf2” onto the RAK4631 mount point. It might have current.uf2, index.htm and info_uf2.txt, don’t mess with those. Just copy and paste the “firmware-rak4631-2.3.10.d19607b.uf2” file into the RAK4631 partition. The green light will flash while its transferring and it will reboot when done. The firmware is now loaded and we move onto programming the radio with meshtastic software.

    We will be using the CLI (command line interface) meshtastic python script. https://meshtastic.org/docs/getting-started/initial-config/

    start by creating your python environment for interfacing with the RAK firmware operating system. https://meshtastic.org/docs/getting-started/initial-config/

    We will use pip to install meshtastic and create a python virtual environment to control the version of binaries and all the dependencies needed. These instructions are for Debian, of course ;-)

    sudo apt-get update
sudo apt-get install python3
sudo apt-get install python3-pip

    lets create a working directory for meshtastic

    mkdir meshtastic

cd meshtastic

    Now create the virtual environment for python

    mkdir python

    python3 -m venv python/

    Enter the virtual environment and install meshtastic esptool and all its dependencies

    source python/bin/activate

    pip install --upgrade esptool meshtastic

    Anytime in the future when you need to use meshtastic you will enter the python virtual environment with 

    source meshtastic/python/bin/activate

    This way you can control the versions of meshtastic and esptool without affecting any other versions of the python scripts, binaries and dependencies on your system.

    Now we can program the RAK radio

    to see whats currently programmed run

    meshtastic --info

    If this radio has been used before or you want to be sure of a blank slate run a factory reset

    meshtastic --factory-reset

    Now the radio can be setup from scratch. “Region US” sets the radio up for use in the USA at 915mhz

    meshtastic --set lora.region US

    set the name of this node

    meshtastic --set-owner [name]

    I like to set a preset bluetooth pin so I can easily access it locally over bluetooth from android phone using the meshtastic app.

    meshtastic --set bluetooth.mode FIXED_PIN

    the pin must be 6 characters long

    meshtastic --set bluetooth.fixed_pin 123456

    designate this as a router. Here is a description of what this means https://meshtastic.org/docs/configuration/radio/device/

    meshtastic --set device.role ROUTER

    Since this wisblock does not have the gps module (since its fixed location and conserves power) you will need to set its location manually. You can add a GPS module with the RAK12500 GNSS GPS Location Module.

    meshtastic --set position.fixed_position true --setlat 38.88987 --setlon -77.00971
    meshtastic --ch-set name family --ch-index 0

    use “psk random” for high encryption aes256

    meshtastic --ch-set psk random --ch-index 0

    Add a admin channel to this repeater so you can remotely administer the hardware. Unfortunately, this admin channel needs to be added to both nodes in order for administration features to work. This means that if someone physically gains access to this device they will have access to your channels encryption key and the admin key. So communications can be decrypted and they can remotely administer other nodes that have this admin channel. 

    meshtastic --ch-add admin

    run –info again to confirm changes

    meshtastic --info

    you should see things like

    
Owner: raktest (49aa)
....
  "device": {
    "role": "ROUTER",
....
    "position": {
      "latitudeI": 388898700,
      "longitudeI": -770097100,
      "latitude": 38.88987,
      "longitude": -77.00971

....
  "bluetooth": {
    "enabled": true,
    "mode": "FIXED_PIN",
    "fixedPin": 123456
....
Channels:
  Index 0: PRIMARY psk=secret { "psk": "McyfwZfTvif/Ig6KTf5zWX0JxzFdYLPJeKYi91lhxpA=", "name": "family",
....
Index 1: SECONDARY psk=secret { "psk": "w5idYjeyhw1e5jHL5EjjQuDwEH6iqZckSbzXgZNSfGA=", "name": "admin",

    And finally the channels URL. These URL’s hold the encryption key and name of the channel. Use these to add future devices to the mesh. The last “Complete URL” additionally contains the admin channel so only use that for nodes that you want to use for remote administration and devices that you want to be able to remotely administer. I will go over client configs later in this post using a tbeam.

    Primary channel URL: https://meshtastic.org/e/#Ci4SIDHMn8GX074n_yIOik3-c1l9CccxXWCzyXimIvdZYcaQGgZmYW1pbHk6AgggEgoIAUADSAFQHmgB

Complete URL (includes all channels): https://meshtastic.org/e/#Ci4SIDHMn8GX074n_yIOik3-c1l9CccxXWCzyXimIvdZYcaQGgZmYW1pbHk6AgggCikSIMOYnWI3socNXuYxy-RI40Lg8BB-oqmXJEm814GTUnxgGgVhZG1pbhIKCAFAA0gBUB5oAQ

    copy and paste the channel URL’s into your notes, for later.

    Now we move on to the hardware needed to turn this into a robust, long term outdoor repeater

    The RAK repeater is very tolerant to extreme temperatures but the li-ion battery is not so forgiving. It is sensitive to very hot and cold conditions. The most limiting factor is charging li-ion in freezing conditions. This will quickly destroy a battery. To help minimize temperature swings I opted for a larger container with some insulation to smooth out the hot and cold transitions. This case was cheap, insulated and decent quality. So far its survived a few years in the harshest of conditions. https://www.harborfreight.com/brands/apache/1800-weatherproof-protective-case-small-black-64550.html

    This case is not enough to keep the battery above freezing. Winter months are long and very cold and my batteries would get trashed within a few months of use in winter conditions. To solve this problem I used a low temp-cutoff charge controller from adafruit. https://www.adafruit.com/product/4755 in conjunction with a 10k thermistor https://www.adafruit.com/product/372

    This charge controller is far superior to the internal charge controller of the RAK and with the added low temp cutoff I haven’t had to replace a battery since.

    == Roaming mobile nodes ==

    Requisites:

    – Small/portable
    – low power
    – battery powered
    – GPS
    – waterproof
    – low gain antenna
    – easily re-charged (usb)

    Materials:

    Lilygo TBeam v1.2 https://store.rokland.com/products/lilygo-ttgo-meshtastic-t-beam-v1-1-esp32-lora-915-mhz-wireless-module-wifi-gps-neo-6m-with-oled-display-soldered-for-arduino-q349

    cable gland pg9 https://www.amazon.com/dp/B07VT317NT

    39/64″ drill bit https://www.amazon.com/Drill-America-High-Speed-Reduced-Shank-64/dp/B01BKTNHPY/

    Pelican 1010 micro enclosure https://www.pelican.com/us/en/product/cases/micro/1010

    TO BE CONTINUED…

  • Flashing om1p with stock openwrt

    I have many open-mesh OM1P units laying around from failed wireless projects. Needless to say I’m not a big fan of open-mesh and have some other projects in mind for this hardware. It was a painful process but well worth it. Now I have nice little OpenWRT units for any hacking pleasure.

    I have made a concise synopsis of the openwrt wiki page for flashing proper firmware on the OM1p/Fon/Fonera/Accton/etc. Please visit http://wiki.openwrt.org/toh/fon/fonera#openwrt for more detail.

    Begin with serial access
    serial-ttl-om1p
    You will need a TTL serial to usb or similar like this https://www.adafruit.com/products/284

    Consult the openwrt wiki for pinout of om1p

    Use minicom or screen to access it.

    We need a tftp server (don’t worry its super easy if your using Debian :-).
    I tried with http (apache) and it doesn’t work.

    apt-get install atftpd

    cd /srv/tftp/
    wget http://downloads.openwrt.org/backfire/10.03.1/atheros/openwrt-atheros-vmlinux.lzma
    wget http://downloads.openwrt.org/backfire/10.03.1/atheros/openwrt-atheros-root.squashfs

    (don’t install anything newer than 10.03.1, this little thing is old)

    stop network manager so we can assign static ip:
    /etc/init.d/network-manager stop
    assign static ip:
    ip address add 192.168.0.2/24 dev eth0

    connect to the usb serial:
    screen /dev/ttyUSB0 9600

    a few seconds into the boot you will see the following:

    Board: ap51 
RAM: 0x80000000-0x82000000, [0x8003f640-0x80fe1000] available
FLASH: 0xa8000000 - 0xa87f0000, 128 blocks of 0x00010000 bytes each.
== Executing boot script in 3.000 seconds - enter ^C to abort

    You have 3 seconds to press ctrl+c to interrupt the boot process and enter into redboot boot loader

    On the om1p, in RedBoot, run the following commands.

    Set the ip of redboot and the tftp server:
    (Don’t forget to connect them with ethernet cable.)

    RedBoot> ip_address -h 192.168.0.2 -l 192.168.0.1/24

    IP: 192.168.0.1/255.255.255.0, Gateway: 0.0.0.0
Default server: 192.168.0.2

    download linux onto the om1p:
    RedBoot> load -r -b %{FREEMEMLO} openwrt-atheros-vmlinux.lzma

    Using default protocol (TFTP)
Raw file loaded 0x8003f800-0x8011f7ff, assumed entry at 0x8003f800

    initialize the current flash partition, this will erase openmesh firmware, yay!:
    RedBoot> fis init

    About to initialize [format] FLASH image system - continue (y/n)? y
*** Initialize FLASH Image System
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .

    Now flash the kernel image to memory:
    RedBoot> fis create -e 0x80041000 -r 0x80041000 vmlinux.bin.l7

    ... Erase from 0xa8030000-0xa8110000: ..............
... Program from 0x8003f800-0x8011f800 at 0xa8030000: ..............
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .

    Now load the rootfs:
    RedBoot> load -r -b %{FREEMEMLO} openwrt-atheros-root.squashfs

    Using default protocol (TFTP)
Raw file loaded 0x8003f800-0x8021f7ff, assumed entry at 0x8003f800

    And then flash the rootfs:
    RedBoot> fis create rootfs

    ... Erase from 0xa8110000-0xa82f0000: ..............................
... Program from 0x8003f800-0x8021f800 at 0xa8110000: ..............................
... Erase from 0xa87e0000-0xa87f0000: .
... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .

    Reboot the om1p:
    RedBoot> reset

    You will see OpenWRT booting and creating filesystems and such.

    ...
jffs2_scan_eraseblock(): End of filesystem marker found at 0x0
jffs2_build_filesystem(): unlocking the mtd device... done.
jffs2_build_filesystem(): erasing all blocks after the end marker... done.
mini_fo: using base directory: /
mini_fo: using storage directory: /overlay
BusyBox v1.15.3 (2011-11-24 02:38:24 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.
  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 Backfire (10.03.1, r29592) ------------------------
  * 1/3 shot Kahlua    In a shot glass, layer Kahlua 
  * 1/3 shot Bailey's  on the bottom, then Bailey's, 
  * 1/3 shot Vodka     then Vodka.
 ---------------------------------------------------
root@OpenWrt:/#

    Now we need to set a heartbeat for the hardware watchdog otherwise the om1p reboots every 5 minutes.

    vi /etc/config/om1pwatchdog

    #!/bin/sh
gpioctl dirout 3 ; gpioctl clear 3
sleep 1
gpioctl set 3

    Make it executable:
    chmod 755 /etc/config/om1pwatchdog

    Run every 2 minutes:
    crontab -e
    add the following and save
    */2 * * * * /etc/config/om1pwatchdog

    Start NM again, you will now get an ip from the om1p openwrt dhcp server.
    /etc/init.d/network-manager start

    connect with firefox at http://192.168.1.1

    yay, no more crap open-mesh!

  • Flashing a BIOS update using only free tools (FreeDOS, etc)

    The wonderful world of motherboard BIOS updates, is still old fashioned. Updates are often still built for Microsoft Windows environments. Those of us who don’t have MS Windows, DOS, a floppy drive, an install of Windows 98 to create a bootable floppy, or cheesy Pâté for that matter ….. Here is a way one can flash that BIOS of your mobo using, our favorite free software licensed, operating systems and tools.

    DISCLAIMER: Don’t attempt this unless you know what you are doing. I have never had problems doing this, BUT many things can go wrong and you CAN easily “brick” your hardware. Proceed at your own risk!!

    We will be using FreeDOS, a wonderfully free and royalty exempt Microsoft DOS compatible operating system. Licensed under the General Public License (GPL).
    Note: As usual, my posts require some knowledge of the command line.

    ======================
    UPDATE: Because the 1.4mb and 2.8mb FreeDos disk images are not large enough for most modern BIOS flashing utilities and payloads you will need to build a custom disk image of freeDos.

    The easiest way to do this is to write freeDos onto a usb flash drive. Here is an example of how to do this.

    1. download the Lite USB version and unzip
    2. write the FD12LITE.img to a USB stick. I used gnome-disks (right click and open with “Disk Image Writer” or you can use dd.
    3. mount the usb stick and copy the bios update onto it. If your bios update is too large to fit you will need to resize.
    4. run “sudo gparted” resize the fat16 partition. I chose 100mb. Apply
    5. now copy the bios update and boot from the usb. Don’t run the DOS installer, instead run DOS. Now you can execute the bios update. Done!

    Another option would be to install FreeDOS using qemu. This is more complicated but I’ll leave the instructions here for reference.

    Download FreeDOS Standard CDROM Installer at http://www.freedos.org/download/

    sudo qemu-system-x86_64 -cdrom FD12CD.iso /dev/sdb -boot d

    Go through the DOS installer. You can use it to partition the usb stick. I made a 700MB fat 16 partition and marked it “active”. I said no to the fat32 LBA because I had issues, the first time I tried this, reading files that I had put on the fs while booted into DOS. Fat32 should be ok, try it and let me know your experience. After this it will ask to restart the install. Install to hard disk again and now you partition the c: drive. Then install the full version. Done.
    If you need more space you can always run cfdisk, gparted or fdisk to add a large fat32 partition on the usb stick. This would show up as d:\ while booted up in FreeDOS. You can copy your BIOS files to the usb DOS partition and boot into FreeDos to run them. Yay! No more floppy space issues!
    ======================

    And feel free to try the old floppy way. I’ll leave it up here for reference.

    wget http://www.fdos.org/bootdisks/autogen/FDOEM.144.gz
gunzip FDOEM.144.gz
mkdir floppy
sudo mount -o loop FDOEM.144 floppy/
ls floppy

    you should see these files:
    AUTOEXEC.BAT COMMAND.COM CONFIG.SYS KERNEL.SYS README sys.com

    Download your BIOS update file from the manufacturer or vendor.
    Note: Sometimes, the update will be distributed as a .exe (Windows Executable) file. Most likely it will actually be a compressed zip archive. You can use unzip to extract the .exe file.

    Download the update using wget, then unzip the resulting image file “FDOEM.144” into the mounted folder: “floppy/”

    wget http://path-to-your-bios-update/BIOS_UPDATE.zip
sudo unzip BIOS_UPDATE.zip -d floppy/

    In this case, the following files are extracted from the BIOS_UPDATE.zip file:
    inflating: BIOS.WPH
    inflating: OEMPHL.EXE
    inflating: OPTIONS.BAT
    inflating: PHLASH16.EXE
    inflating: releasenotes.txt
    inflating: 1.BAT

    now, move to the previous directory (cd ..), and un-mount the FDOEM.144 image:

    cd ..
sudo umount floppy/

    generate an el torito bootable iso image:

    genisoimage -o flashboot.iso -b FDOEM.144 FDOEM.144

    Now burn flashboot.iso to CD using wodim:

    wodim flashboot.iso

    Now you can boot from that cd and run your flash utility!! Read the BIOS update instructions on how to do this..

  • Transition away from MBR to GPT booting

    Recently, I was installing debian on a new server and grub2 would not install gave me this error:

    “This GPT partition label has no BIOS Boot Partition; embedding won’t be possible! grub-setup: error: Embedding is not possible, but this is required when the root device is on a RAID array or LVM volume.”

    Of course, it being grub2, I jumped to the conclusion that grub2 was the problem. I installed legacy grub and got nowhere.
    Doing the usual
    grub> root (hd0,0)
    grub> setup (hd0)
    produces this error:
    “file /boot/grub/stage1 not read correctly”

    No matter what I did, it would not install. So, I went back to the original message and gave grub2 its due process. Turns out this Dell T410 uses GPT (GUID Partition Table) which is an extension of EFI. The “BIOS Boot Partition” is an actual partition on the hard drive. Grub2 embeds the core.img (multiboot boot kernel) into this BIOS boot partition instead of the MBR.
    Here are two great resources on this subject:
    http://www.rodsbooks.com/gdisk/index.html and
    http://grub.enbug.org/BIOS_Boot_Partition

    So, the solution:
    I had to re-install Debian with a small partition. Apparently it can be under a few hundred KiB. Space is cheap and I didn’t want to have more problems, so I made mine 5MB and put it at the beginning of the disk. In the Debian partitioner, set the partition under “use as:” to “Reserved BIOS boot area“. Then continue with the rest of your partitions and install. Grub2 installed with no problems this time!

    If using an older version of Debian, lenny (v5) or older. The “use as:” does not have an option for Reserved BIOS boot area. So, I booted into expert install mode, when you get to “Load installed components from CD” select parted. This will install parted in the install environment. Before you get to detect disks, do ctrl+alt+f2. On the command line you can manually create a bios boot area.

    The following parted commands.

    parted -a optimal /dev/sda mkpart 1 1 6

    The above command creates the first (1) partition from 1MB of the drive to 6MB. -a optimal sets the block alignment for best performance. If you start the partition at 0 the alignment is wrong and parted will Warn: “The resulting partition is not properly aligned for best performance. Ignore/Cancel?”

    parted /dev/sda set 1 bios_grub on

    This sets /dev/sda1 as GPT grub bios partition. This partition will be found and used by grub on install.

    Now, ctrl+alt+f1, and continue the install. Select manual partitioning and be sure not to delete the primary partition (gpt, grub bios) when creating your new partitions.

    Do this to all drives in a raid!

    After you boot into the fresh install, you can manually install to the other disks.

    grub-install /dev/sdb

    Now its installed on sda and sdb. In case sda fails, it should be able to boot from sdb.