Join the "Danske ZenseHome Brugere" Facebook grooup

To use the ZenseHome installation from outside, we need some "service manager" at the home LAN to send API commands to the ZenseHome box.

This is a POC - Proof Of Concept - It has various security problems and stupid static scripts - that could be improved and parameter parameterized (so much...)

A Pre-requsite is reading / installing from ZenseHome API interfacing

Installing the basics

As I have an Ubuntu server (with PLEX) in the house already (located at IP 10.0.0.150), I add the webserver apache2 to the installation. :

sudo apt-get install apache2
sudo a2enmod cgi
sudo service apache2 restart

then changing the default Apache2 config file:

/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        ScriptAlias /cgi-bin/ /var/www/cgi-bin/
        <Directory "/var/www/cgi-bin/">
                Options +ExecCGI
                AddHandler cgi-script .cgi .pl .sh .exp
        </Directory>

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
</VirtualHost>


Adding Zensehome /expect scipts

In the /var/www/cgi-bin/ I place 2 files:

turnon-office.exp
#!/usr/bin/expect
spawn telnet 10.0.0.110 10001
expect "'^]'."
send ">>Login 32010<<\r"
expect ">>Login Ok<<"
sleep .1;
send ">>Set 10604 1<<"
sleep .1;
send ">>Logout<<\r"
expect ">>Logout Ok<<"
exit
turnoff-office.exp
#!/usr/bin/expect
spawn telnet 10.0.0.110 10001
expect "'^]'."
send ">>Login 32010<<\r"
expect ">>Login Ok<<"
sleep .1;
send ">>Set 10604 0<<"
sleep .1;
send ">>Logout<<\r"
expect ">>Logout Ok<<"
exit

And now its possible to turn on the Office light at the URL: http://10.0.0.150/cgi-bin/turnon-office.exp

And off at http://10.0.0.150/cgi-bin/turnoff-office.exp

As there is not output, the Apache will return a 500 Error. Theres room for improvement - https://docstore.mik.ua/orelly/linux/cgi/ch03_03.htm



Access from outside

The next step is to make a port forward in my Icotera Router:

And now its accessible from the world!!

Here, we should consider to make some (at least) IP restrictions in the Apache. Currently, the whole world can potentionally turn the office light on/off

<Location />
    Order deny,allow
    Deny from all
    Allow from 77.243.62.62
    </Location>