arriving, I've been looking at ways of integrating voice control into home automation. There's a certain amount that Alexa can do by herself but to really tailor things, it's necessary to build custom skills. To get these integrated with my emerging openHAB / Node-RED infrastructure, I set about setting up MediaServer8 to act as a host for the skills logic, thereby allowing me to hook sensors and devices into the skills via Node-RED. (My design objective is to run as much code and services as I can locally to minimise reliances on web services and allow everything to be glued together on my local server). The idea was to run the core skill logic on my Node-RED install running on my unRAID server. To acheive this, I largely followed this excellent guide which required me to set up an Amazon Developer account. Alexa skills can be configured to process on either the Amazon Lambda service or on a user-defined https endpoint.
I initially set about configuring the later and suceeded in getting Node-RED set up for SSL but due largely to my own inexperience, couldn't get Alexa talking to it. I then set about a different technique - setting up a proxy function on Lambda that the skill is configured to talk to but which in effect passes the requests on to a specified server. This bypasses the need for SSL on the endpoint and while everything is transmitted in the clear, is adequate for testing.
As my home network has a dynamic IP address, I needed to find a way of providing a permanent address to the Amazon services. I snagged a '.online' domain from goDaddy for <€3 for 12 months. Bargain. I also set up a duckDNS account and mapped the 'www' and 'skills' subdomains in the goDaddy DNS set up to mydomain.duckdyns.org. Finally, I installed the duckDNS docker on unRAID to periodically update the service with my changing IP address. Now, both 'www.mydomain.online' and 'skills.mydomain.online' arrive at my virtual front door.
Next, I needed to configure my network and server to handle this inbound traffic.
I ended up installing the LinuxServer.io Apache docker which is pre-configured for reverse proxies. This allows me accept a request such as skills.mydomain.online/echo and pass it to an http input node in Node-RED configured to process '/echo'. Any other requests can be rejected. In this way, I can permit specific requests from Amazon through to the skill logic in Node-RED. (I add a check for my application ID to this inbound traffic to provide an extra level of comfort but will probably add SSL or at least authentication at the Apache level soon).
The instructions on how to set Apache- up for reverse proxies are incorrecly linked in the unRAID docker support thread. The correct jumping off point is here.
With only http/https ports open on my router, the following Apache default.conf file acheives this (internal ntwork details obfuscated). This is neat in that it only allows traffic from a particular sub-domain (skills) through.
SetEnv proxy-initial-not-pooled 1
<VirtualHost *:80>
ServerName www.mydomain.online
ServerAlias www.mydomain.online
DocumentRoot /config/www/
<Directory "/config/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName skills.mydomain.online
ServerAlias skills.mydomain.online
<Location /echo>
ProxyPass http://192.168.xxx.xxx:port/echo
ProxyPassReverse http://192.168.xxx.xxx:port/echo
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
SSLEngine on
SSLCertificateFile "/config/keys/cert.crt"
SSLCertificateKeyFile "/config/keys/cert.key"
DocumentRoot /config/www/
<Directory "/config/www/">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</VirtualHost>An added bonus is that I have a localwebserver now on www.mydomain.online that I can use to eventually build a nice display of house status (power consumption, sensor status etc.)
This all works great. I can now set up one or more Alexa skills in Amazon Developer and build the skill logic with hooks into local hardware through Node-RED and openHab on my unRAID server.
UPDATE: I have since managed to direct the root domain as well.
No comments:
Post a Comment