LAV/xilica-node-red-integration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

safety commit

Browse Source
This commit is contained in:
Niko
2025-11-03 13:29:04 +00:00
parent d24e7db503
commit 6593c6a571
3 changed files with 151 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
flows/showroom_flow.json
View File

@@ -1,4 +1,4 @@
[ ii[
{ {
"id": "tabXilicaDash", "id": "tabXilicaDash",
"type": "tab", "type": "tab",

75
rpi5_lav_setup/lavadmin@192.168.1.34 Executable file
View File

@@ -0,0 +1,75 @@
#!/usr/bin/env bash
set -euo pipefail
# ==== EDIT THESE ====
WIFI_SSID="Lav.Studio"
WIFI_PASS="0147258369"
LIGHT_IP="192.168.50.10/24" # Pi's address on eth0
LIGHT_NET_DNS="" # usually blank; no DNS on lighting net
# If you truly need a gateway on lighting (rare), set LIGHT_GW here and see notes below.
LIGHT_GW=""
# Optional: if you want a static Wi-Fi IP instead of DHCP, set WIFI_STATIC="yes"
WIFI_STATIC="no"
WIFI_IP="192.168.10.20/24"
WIFI_GW="192.168.10.1"
WIFI_DNS="192.168.10.1"
# =====================
echo "[*] Updating system..."
sudo apt update
sudo apt full-upgrade -y
echo "[*] Ensure NetworkManager is active (Bookworm default)..."
sudo systemctl enable --now NetworkManager
echo "[*] Create Ethernet profile for lighting (static IP, NO gateway)..."
# Delete default connection if it exists, to avoid conflicts
nmcli -t -f NAME,TYPE con | grep -q "^Wired connection 1:ethernet$" && nmcli con delete "Wired connection 1" || true
nmcli con delete lighting >/dev/null 2>&1 || true
nmcli con add type ethernet ifname eth0 con-name lighting ipv4.method manual ipv4.addresses "${LIGHT_IP}" ipv4.gateway "" ipv4.dns "${LIGHT_NET_DNS}" ipv6.method ignore
# Make sure this interface never installs a default route
nmcli con mod lighting ipv4.never-default yes
# Prefer Wi-Fi for routing by giving Ethernet a higher metric
nmcli con mod lighting ipv4.route-metric 300
echo "[*] Create Wi-Fi profile for Xilica..."
nmcli con delete xilica >/dev/null 2>&1 || true
if [ "${WIFI_STATIC}" = "yes" ]; then
nmcli con add type wifi ifname wlan0 con-name xilica ssid "${WIFI_SSID}" \
ipv4.method manual ipv4.addresses "${WIFI_IP}" ipv4.gateway "${WIFI_GW}" ipv4.dns "${WIFI_DNS}" ipv6.method ignore
else
nmcli dev wifi connect "${WIFI_SSID}" password "${WIFI_PASS}" ifname wlan0 name xilica
nmcli con mod xilica ipv6.method ignore
fi
# Lower metric so Wi-Fi becomes preferred default route (if it has a gateway)
nmcli con mod xilica ipv4.route-metric 200
echo "[*] Disable IP forwarding to keep networks isolated..."
sudo bash -c 'cat >/etc/sysctl.d/99-no-forwarding.conf <<EOF
net.ipv4.ip_forward=0
net.ipv6.conf.all.forwarding=0
EOF'
sudo sysctl --system
echo "[*] Install Node-RED via the official script..."
bash <(curl -sL https://raw.githubusercontent.com/node-red/linux-installers/master/deb/update-nodejs-and-nodered)
echo "[*] Enable Node-RED as a service..."
sudo systemctl enable nodered --now
echo "[*] (Optional) Lock down firewall to your subnets only..."
sudo apt install -y ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
# Allow Node-RED editor/UI from both subnets (adjust nets if different)
sudo ufw allow from 192.168.50.0/24 to any port 1880 proto tcp
sudo ufw allow from 192.168.10.0/24 to any port 1880 proto tcp
sudo ufw --force enable
echo "[*] Done. Current addresses:"
ip -4 addr show eth0 | sed -n 's/ *inet \([0-9.\/]*\).*/eth0: \1/p'
ip -4 addr show wlan0 | sed -n 's/ *inet \([0-9.\/]*\).*/wlan0: \1/p'
echo "Node-RED should be reachable at: http://<eth0-ip>:1880 and/or http://<wlan0-ip>:1880"

75
rpi5_lav_setup/rpi5_lav_setup.txt Executable file
View File

@@ -0,0 +1,75 @@
#!/usr/bin/env bash
set -euo pipefail
# ==== EDIT THESE ====
WIFI_SSID="Lav.Studio"
WIFI_PASS="0147258369"
LIGHT_IP="192.168.50.10/24" # Pi's address on eth0
LIGHT_NET_DNS="" # usually blank; no DNS on lighting net
# If you truly need a gateway on lighting (rare), set LIGHT_GW here and see notes below.
LIGHT_GW=""
# Optional: if you want a static Wi-Fi IP instead of DHCP, set WIFI_STATIC="yes"
WIFI_STATIC="no"
WIFI_IP="192.168.10.20/24"
WIFI_GW="192.168.10.1"
WIFI_DNS="192.168.10.1"
# =====================
echo "[*] Updating system..."
sudo apt update
sudo apt full-upgrade -y
echo "[*] Ensure NetworkManager is active (Bookworm default)..."
sudo systemctl enable --now NetworkManager
echo "[*] Create Ethernet profile for lighting (static IP, NO gateway)..."
# Delete default connection if it exists, to avoid conflicts
nmcli -t -f NAME,TYPE con | grep -q "^Wired connection 1:ethernet$" && nmcli con delete "Wired connection 1" || true
nmcli con delete lighting >/dev/null 2>&1 || true
nmcli con add type ethernet ifname eth0 con-name lighting ipv4.method manual ipv4.addresses "${LIGHT_IP}" ipv4.gateway "" ipv4.dns "${LIGHT_NET_DNS}" ipv6.method ignore
# Make sure this interface never installs a default route
nmcli con mod lighting ipv4.never-default yes
# Prefer Wi-Fi for routing by giving Ethernet a higher metric
nmcli con mod lighting ipv4.route-metric 300
echo "[*] Create Wi-Fi profile for Xilica..."
nmcli con delete xilica >/dev/null 2>&1 || true
if [ "${WIFI_STATIC}" = "yes" ]; then
nmcli con add type wifi ifname wlan0 con-name xilica ssid "${WIFI_SSID}" \
ipv4.method manual ipv4.addresses "${WIFI_IP}" ipv4.gateway "${WIFI_GW}" ipv4.dns "${WIFI_DNS}" ipv6.method ignore
else
nmcli dev wifi connect "${WIFI_SSID}" password "${WIFI_PASS}" ifname wlan0 name xilica
nmcli con mod xilica ipv6.method ignore
fi
# Lower metric so Wi-Fi becomes preferred default route (if it has a gateway)
nmcli con mod xilica ipv4.route-metric 200
echo "[*] Disable IP forwarding to keep networks isolated..."
sudo bash -c 'cat >/etc/sysctl.d/99-no-forwarding.conf <<EOF
net.ipv4.ip_forward=0
net.ipv6.conf.all.forwarding=0
EOF'
sudo sysctl --system
echo "[*] Install Node-RED via the official script..."
bash <(curl -sL https://raw.githubusercontent.com/node-red/linux-installers/master/deb/update-nodejs-and-nodered)
echo "[*] Enable Node-RED as a service..."
sudo systemctl enable nodered --now
echo "[*] (Optional) Lock down firewall to your subnets only..."
sudo apt install -y ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
# Allow Node-RED editor/UI from both subnets (adjust nets if different)
sudo ufw allow from 192.168.50.0/24 to any port 1880 proto tcp
sudo ufw allow from 192.168.10.0/24 to any port 1880 proto tcp
sudo ufw --force enable
echo "[*] Done. Current addresses:"
ip -4 addr show eth0 | sed -n 's/ *inet \([0-9.\/]*\).*/eth0: \1/p'
ip -4 addr show wlan0 | sed -n 's/ *inet \([0-9.\/]*\).*/wlan0: \1/p'
echo "Node-RED should be reachable at: http://<eth0-ip>:1880 and/or http://<wlan0-ip>:1880"