Install OSRAM’s devices on a Philips Hue bridge

Introduction

Folks, today the topic is all about domotic and more precisely how to add OSRAM’s devices on a Philips Hue bridge. I use since a while domotic devices of two brands, Philips Hue and OSRAM. Both use the ZigBee protocol and OSRAM devices are mostly compatible with the Hue bridge (surely the OSRAM SMART+ Plug) at least in Europe. OSRAM products seems to be labelled Sylvania in the US, moreover they seem to use ZigBee HA rather than the ZigBee LL. Thus this article would be more reliable for european users.

When you buy a new device, in this use case an OSRAM device, you’d first plug it and try to pair it with your Hue bridge. Sadly, it happens that the Hue bridge doesn’t find it. Let’s see how to fix that !

Hardware

It’s important to know that I won’t advise hardware I don’t use on a daily basis, so here’s what it’s working currently for me. You can have the information below from your Philips Hue bridge simply by doing a GET request on /api/[hash]/config (for the Bridge’s information) or /api/[hash]/lights (for the lights, plugs are seen as lights by Hue). It’s obvious you can’t check it if they are not paired it’s why I put links to check the products.

Model NameModel ID (Hue API)Software Version (Hue API)
Philips Hue bridge v2 BSB0021932126170
OSRAM LIGHTIFY Flex RGBWLIGHTIFY Indoor Flex RGBW V1.04.90
OSRAM SMART+ Plug Plug 01 V1.04.12

How to

First, if not done yet, install and configure the Hue App. You might be able to do it from the API directly but I won’t cover this.

Open up the app and do as follow:

  • Go to Settings
  • Move to Light setup
  • Press Add light
  • Do a Search
  • While it’s searching, plug the OSRAM device, if it’s the OSRAM SMART+ Plug turn it on !

Your search in progress should directly find the newly plugged device !

IMPORTANT: as a reminder, if you plug first your OSRAM device and do the search after, it will never work …

Drawback

The only drawback I can think of is simply that you cannot update your OSRAM devices with the Bue bridge. It’s one big problem for security purposes but the fact is that it’s cheaper to use the HUE bridge if you already have one, and it allows you to control everything from one app.

Conclusion

Well, there you go, it should work. There was nothing complicated it’s just a process to follow. If you have devices I have not listed feel free to contact me I’d be happy to update !

If you want to go further and secure your Philips Hue bridge I’d recommend you to follow my howto.

Build your own NAS/HTPC from scratch – part 1

A NAS/HTPC ?

In this article I’ll walk you through building your own NAS/HTPC, from hardware to software. Since it should be quite long, it should be broken down in several parts.

Let’s see first what I want as a NAS/HTPC, how much would it cost, what was chosen !

Wish list

Here goes my wish list:

  • Store a lot of data (movies, series, musics, ebooks, backups, …)
  • Store some data safely (at least RAID 1) such as family data (pictures, videos)
  • Export that data to different devices (Android tablet, other computers, …), for example ebooks
  • Watch all of the movies, series easily in HD on the NAS/HTPC but also on others devices within my LAN
  • Control most of it from WEB GUI and/or Android applications
  • Be cheap, in comparison to turnkey solutions
  • Low consumption / Low noise

Choices made

I’ve tried out several solutions, if I had been brighter, perhaps I would have listed the solutions and their drawbacks, but well I didn’t think about publishing an article. Let’s go through both hardware and software solutions, these are my choices, don’t follow blindly do your researches according to your wish list.

Hardware

On the hardware side, choices were clearly ruled by the price, I’ve tried to reduce the cost as much as possible without having to give up on quality.

  • Motherboard: ASUSTeK Computer INC. P5K-E I got it for free from a friend. It’s enough for my needs.
  • CPU: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz, free too it really costs nothing nowdays.
  • CPU FAN: Noctua NH-U9B SE2 (~50€)
  • RAM: 4GB DDR2 800MHZ, also free, it’s consuming right now 1.3GB
  • DISKS: 4TB SATA3 WG40EZRZ (~ 80€ on special sales) // 500GB HITACHI // 500GB TOSHIBA, both I had bought years before
  • CASE: Cooler Master N300 (KKN1) (~50€)
  • FANS: 2 x 120mm front Noctua NF-S12B redux (~30€)+ 1 x 120mm side + Rheobus Lian Li PT-FN01 (10€)
  • GPU: GeForce GT 630, I got it back from an old computer, you’ll see in the hardware part how I fixed its well known noise problem, bit hackish. It doesn’t cost much and can do 1080p HD.
  • POWER SUPPLY: LDLC QS-460 FLP Quality Select 80PLUS Platinum (~50€ on special sales)
  • EXTRAS: anti noise screws for hard drive (~10€), HDMI cables, ethernet cables …

The overall cost is ~300€. So yes most of the hardware is old but my main goal is only to do a decent NAS/HTPC without putting much money on it. Conclusion is that it’s cheaper than turnkey solutions and is more flexible. I can go up to seven hard drives with my current case (6 only with my motherboard but well PCI SATA exists), 8GB RAM (or more), the GPU is decent enough for my needs. I strongly recommand to reuse components from older computers as I did, not only to save the bill but also the environment.

Software

As the base OS, openmediavault is my choice, it’s the perfect “NAS software” solution to me, it’s easy to use/install and quite light. You can manage your disks, RAID arrays, shares without effort (WEB GUI but also SSH hopefully). There are also plugins like Let’s Encrypt or Domoticz that come handy. It has no x server but we will see how to configure one with nodm.

For the HTPC part, kodi is clearly the right choice. An entire article is dedicated to kodi so I won’t say much about it now, but you’ll be able to start a video on your HTPC and continue it on your tablet at the timestamp you stopped, theming, control from your Android devices with Yatse.

Everyone downloads; so after many tests with several torrent clients, rtorrent is my choice ! What weight in the balance is the fact that you can use a WEB GUI, Deluge too, but that last one caused me many problems.

No cost at all except a long amount of time, but these articles should save you some time.

What’s next ?

In the next articles I’ll show you how the hardware takes place, it won’t be a step by step tutorial but it will show you the final product.

Duplicity to backup safely your data

A good backup tool ? Duplicity

I’ve tried many tools to backup, from bare rsync to tools such as restic or borg. Although they’re all good solutions, my requirements were never fully met. It’s why I chose to test and use duplicity. In this post I’ll focus on full server backup.

Here are my requirements for a good backup tool:

  • compression: I don’t have much to backup but I don’t want to use much either.
  • encryption: I only have a basic FTP that I don’t own, there it’s using GnuPG.
  • incremental backup: Also to save disk space.
  • on a FTP: with restic or borg directly I had lock problems over a curlftpfs mount, any backup would fail, it’s not related to these tools but to my usage.
  • easy to use and restore, it keeps ownership and rights.

Install duplicity

It’s pretty straightforward, install the duplicity package through your package manager on your server. You may also install ncftp if you want to backup over FTP.

# apt-get install duplicity ncftp
Install duplicity and ncftp

Generate your keys

Let’s generate your GNuPG key pair so we can encrypt our backup. This time, on your own computer, and not on your server, do the following.

# gpg --gen-key
Generate your GnuPG key pair

Take a 4096 bits length key, most of the default values should be enough.

# gpg --gen-key
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: keyring `/home/floreo/.gnupg/secring.gpg' created
gpg: keyring `/home/floreo/.gnupg/pubring.gpg' created
Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Floreo Backup
Email address: xxx@floreo.info
Comment: Floreo Backup
You selected this USER-ID:
    "Floreo Backup (Floreo Backup) <xxx@floreo.info>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
........+++++
.............+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.+++++
.......+++++
gpg: /home/floreo/.gnupg/trustdb.gpg: trustdb created
gpg: key 1A6F2256 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   4096R/1A6F2256 2017-11-11
      Key fingerprint = CC2D 8FF5 9BB2 8D88 0E30  0056 FC84 663E 1A6F 2256
uid                  Floreo Backup (Floreo Backup) <xxx@floreo.info>
sub   4096R/874F94F5 2017-11-11
Generate your GNuPG key pair

Now export both the private and public keys, the first one you will keep it safely on a USB drive or anywhere safe, it would be used to decrypt your data, the other one will be required on your server. First find out your key UID.

# gpg --list-key
/home/floreo/.gnupg/pubring.gpg
-------------------------------
pub   4096R/1A6F2256 2017-11-11
uid                  Floreo Backup (Floreo Backup) <xxx@floreo.info>
sub   4096R/874F94F5 2017-11-11
List your GnuPG keys

There the UID is 1A6F2256, you can export the keys.

# gpg --output backup_pub.gpg --armor --export 1A6F2256
# gpg --output backup.gpg --armor --export-secret-key 1A6F2256
Export both the pub and private keys

Import your public key

SSH to your server so you can import your key only, first upload the public key through scp for example.

# scp backup_pub.gpg xxx.xxx.xxx.xxx:/home/toto/.
SCP your public key to your server

Your public key being on your server you need to import it to gpg.

# gpg --import backup_pub.gpg
Import your public key.

You would think it’s over but you have to change the trust of the key, do the following command.

# gpg --edit 1A6F2256
Change the trust of your key

One you have the GNuPG prompt, type trust, select optimal, say yes and you’re done !

First server backup

Duplicity allows you to do full backups or incremental ones. Of course the first one is a full backup. One cool thing is that you don’t have to tell it explicitly to do an incremental one once the first one is made.

I suggest you use that very simple script to do your backup, you can edit it to your needs, mostly the exclude part. It backups fully on Monday, following days of the week are incremental. On Monday it also removes old backups, it’s done this dirty way since you cannot use duplicity’s cleanup function without the private key and the passphrase which I refuse to use online. It keeps two weeks of backup which is enough for me. You need to set an autofs mount to erase old backups since I didn’t script the FTP deletion yet.

Now run it, it may take a while so I recommend that you do that in a screen or tmux.

Rather than doing it manually, don’t forget to set a cron task to backup every night your data.

0 2 * * * root bash /root/scripts/backup.sh &>/dev/null
/etc/cron.d/backup

Restore your data

Obviously if you backup anything, you need to restore it some day soon. This time this operation requires the private key so you can decrypt the data ! Do what’s best for you, but it’s safer to keep your private key on your computer, you have to import your private key in gpg first.

# gpg --import backup.gpg 
gpg: key 1A6F2256: secret key imported
gpg: key 1A6F2256: public key "Floreo Backup (Floreo Backup) <xxx@floreo.info>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
Import your private key to your local computer

Next step is really simple you have to revert the duplicity command to restore.

# export PASSPHRASE=<PASSPHRASE>
# export FTP_PASSWORD=<FTP PASSWORD>
# duplicity  ftp://<USER>@<HOST>/<REMOTE_DIRECTORY>/ <LOCAL_DIRECTORY>
# unset PASSPHRASE FTP_PASSWORD
Restore your encrypted data locally

Finally rsync your data to your server, I know it looks complicated but it makes sure that your private key is never on your server.

Do not forget to remove your private key from your computer, it’s safer too.

gpg --delete-secret-key 1A6F2256
Delete your imported private key

A word of advice if you have several backup chains, for example I backup fully on Monday and do incremental ones for other days and keep two weeks top, duplicity will show you only the last full backup even if you restore stuff before the last full backup. It’s weird, but your restoration would work, it would just display the wrong date. To be sure I check the last mail.log, you might do it as well.

Check that your backups are good quite often. For further details, you can find some more explanations following the Ubuntu documentation.