First try
docker-compose exec storagenode /app/storagenode exit-status --identity.cert-path /app/identity/identity.cert --identity.key-path /app/identity/identity.key
or for older storj versions use
docker-compose exec storagenode /app/storagenode exit-status --identity-dir /app/identity
First, download the pre-configure OpenWRT buildroot from Teltonika.
Unzip it:
tar xzvf RUTX_R_GPL_00.07.04.1.tar.gz cd rutos-ipq40xx-rutx-gpl/
and now build using
./scripts/feeds update -a make -i
This will build not only the toolchain but also all packages etc, hence it will take a while.
Now create main.cpp, e.g.:
#include <iostream>
int main(int argc, char** argv) {
std::cout << "Hello World!" <<std::endl;
}
The build script build.sh looks like this:
#!/bin/sh
export STAGING_DIR=~/rutos-ipq40xx-rutx-gpl/staging_dir
export TOOLCHAIN=${STAGING_DIR}/toolchain-arm_cortex-a7+neon-vfpv4_gcc-8.4.0_musl_eabi
export CC=${TOOLCHAIN}/bin/arm-openwrt-linux-muslgnueabi-gcc
export CPP=${TOOLCHAIN}/bin/arm-openwrt-linux-muslgnueabi-g++
# Build !
${CPP} -o main main.cpp
This will produce main , an executable which you can copy to and run on your RUTX10.
You will see verbose output (compiler calls etc) during an OpenWRT build if you call make with the V=s flag:
make V=s
processor : 0 model name : ARMv7 Processor rev 5 (v7l) BogoMIPS : 96.00 Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x0 CPU part : 0xc07 CPU revision : 5 processor : 1 model name : ARMv7 Processor rev 5 (v7l) BogoMIPS : 96.00 Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x0 CPU part : 0xc07 CPU revision : 5 processor : 2 model name : ARMv7 Processor rev 5 (v7l) BogoMIPS : 96.00 Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x0 CPU part : 0xc07 CPU revision : 5 processor : 3 model name : ARMv7 Processor rev 5 (v7l) BogoMIPS : 96.00 Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt vfpd32 lpae evtstrm CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x0 CPU part : 0xc07 CPU revision : 5 Hardware : Generic DT based system Revision : 0000 Serial : 0000000000000000
When you have a fresh install of RouterOS or CHR (MikroTik Cloud Hosted Router), telnet access is enabled by default. Since you typically want to access the router using SSH, WinBox or WebFig instead of telnet, you can – and should – disable it entirely.
In order disable telnet, login to your router using SSH or WinBox and run the following command:
/ip/service/disable telnet
When you have a fresh install of RouterOS or CHR (MikroTik Cloud Hosted Router), the NTP client is not enabled by default.
In order to enable it, login to your router using SSH or WinBox and run the following command:
/system/ntp/client/ set enabled=yes servers=de.pool.ntp.org
Depending on your location, you might want to choose a suitable pool of NTP servers.
Once you’ve setup a Let’s Encrypt certificate on your MikroTik RouterOS or CHR router, you can configure the API service to use it.
Login to your router using ssh, e.g. ssh [email protected].
Now copy-and-paste the following:
/ip/service set api-ssl certificate=[/certificate find where name~"^letsencrypt.*"]
This has been tested only in the circumstance that one letsencrypt certificate exists. I will update this post once I get around to testing it with multiple (renewed) certificates.
Once you have installed your MikroTik CHR router on your server, you don’t want to access the webinterface using the unencrypted HTTP protocol.
Instead, follow these steps to enable HTTPS using Let’s Encrypt certificates which come built-in with recent RouterOS versions.
First, configure your DNS to point some domain name – e.g. chr.mydomain.com to your server’s IP address. TCP port 80 on the IP address the domain name points to must reach the CHR server.
Then, login to the CHR using ssh. This connection is encrypted. Run the following commands:
/certificate/enable-ssl-certificate dns-name=chr.mydomain.com
and
/ip/service/enable www-ssl
[admin@MikroTik] > /certificate/enable-ssl-certificate dns-name=chr.mydomain.com progress: [success] ssl certificate updated [admin@MikroTik] > /ip/service/enable www-ssl
After that (if the certificate could be generated successfully), your router will be reachable via https://chr.mydomain.com
Once you have installed python on your pfSense, you might notice that it is missing pip:
[2.6.0-RELEASE][[email protected]]/root: pip pip: Command not found.
and also python3.8 -m pip doesn’t work:
[2.6.0-RELEASE][[email protected]]/root: python3.8 -m pip /usr/local/bin/python3.8: No module named pip
Installing it is rather easy, however:
python3.8 -m ensurepip
After that, you can run pip using
python3 -m pip
First, login to your pfSense as root using ssh.
Then use
pkg search python
to show which python versions are available. Output on pfSense 2.6.0:
frr7-pythontools-7.5.1_3 Provide configuration reload functionality for FRR py38-gitpython-3.1.24 Python Git Library python38-3.8.12_1 Interpreted object-oriented programming language
Now run e.g.
pkg install python38-3.8.12_1
On my pfSense, python3.8 was already installed.
Remember that in order to run python, you need to explicitly run python3.8, just running python or python3 won’t work!
The default IP address for the Netgear MS108EUP PoE switch is 192.168.0.239.
The default password for the Netgear MS108EUP PoE switch is password.
The following command will disable (but not delete) all DHCP servers on MikroTik routers:
/ip/dhcp-server/disable [ find ]
You can remove all static firewall rules on a MikroTik router using
/ip/firewall/filter/remove [ find where !dynamic ]
This will delete all the rules and there will be no way to recover them!
ssh [email protected]
/etc/openwrt_release:cat /etc/openwrt_release
DISTRIB_ID='OpenWrt' DISTRIB_RELEASE='21.02.0' DISTRIB_REVISION='r16279-5cc0535800' DISTRIB_TARGET='ipq40xx/generic' DISTRIB_ARCH='arm_cortex-a7_neon-vfpv4' DISTRIB_DESCRIPTION='OpenWrt 21.02.0 r16279-5cc0535800' DISTRIB_TAINTS='no-all busybox'
As you can see in the DISTRIB_RELEASE line in the output, we’re running OpenWRT 21.02.0 on this router.
If you’re using statements in your nginx config such as
access_log off; error_log off;
this will not actually turn off the logging. it will just write the logs to /usr/share/nginx/off.
In order to actually turn off logging, use
access_log /dev/null; error_log /dev/null;
While trying to use TLS such as MQTTS or HTTPS on the ESP32, you see an error message like
E (333183) MQTT_CLIENT: mqtt_message_receive: transport_read() error: errno=119 [328153][E][MyMQTT.cpp:80] log_error_if_nonzero(): [MQTT] Last error reported from esp-tls: 0x8008 E (333191) MQTT_CLIENT: mqtt_process_receive: mqtt_message_receive() returned -1
0x8008 means ESP_ERR_ESP_TLS_TCP_CLOSED_FIN. In other words, a TCP connection had been established successfully but unexpectedly, the connection has been closed by the server.
This is often caused by the server software crashing, or restarting in some way. When a server process is terminated, the operating system will cleanup after it and close all connections.
In order to debug the issue, start by checking the log of your server message and/or system log to check for unintended crashes. If that doesn’t help, it’s sometimes helpful to packet capture the communication between the ESP32 and the server. You can also write a software script doing the same communication with the server as the ESP32. This will often allow you to try out changes much more easily than on the microcontroller and observe what’s happening using a debugger.
Your ESP32 running a MQTT client is printing the following error messages:
E (285025) TRANSPORT_WS: Sec-WebSocket-Accept not found E (285025) MQTT_CLIENT: Error transport connect
You’re using MQTT over websockets (ws:// or wss://) but on the given MQTT URL, no MQTT-over-websocket server is running.
This is often caused by using a wrong URL (possibly the URL is missing the path), but it might also be caused by a misconfiguraton of the server or the reverse proxy.
It’s often best to try using a software websocket client to test the correct settings.
While trying to use TLS such as MQTTS or HTTPS on the ESP32, you see an error message like
[MQTT] Last error reported from esp-tls: 0x8001
0x8001 means ESP_ERR_ESP_TLS_CANNOT_RESOLVE_HOSTNAME. In other words, the ESP32 is unable to resolve the hostname of the host you’re trying to connect to using DNS.
Typically, this is a DNS problem, so check the DNS settings of your network. Also check if the ESP32 has a correct DNS server set – for example, if the ESP32 has 0.0.0.0 as a DNS server, this explains why it isn’t able to resolve the hostname.
Sometimes this issue is also caused by the hostname not existing at all (i.e. there is no DNS entry for that hostname). You can easily check this by resolving the hostname you’re trying to connect
uint8_t mac[6]; WiFi.macAddress(mac);