# Freeheat LINKS: - Gateway User Linking definition on notion [LINK](https://www.notion.so/freeheat/Gateway-User-Linking-2a93976cc9594015b92f7d4011fb1f72) - Application repository [LINK](https://gitlab.com/freeheat/gw/pv/gateway-user-linking) ## Credentials **hub and fleet credentials:** username: `freeheat-fleet` password: ``*nP#qQGr56hL5hZ@`` **freeheat credentials**: username: `sergio.marin@pantacor.com` password: `qkt3unx!yhk4DFA8dvp` **freeheat api credentials**: Client ID: `fe1qlyxbliuyIBVHZOu8FkDO46MfypZOIKlkGbRc` Client secret: `2aO5R3V3SpWoV2C1mHKZAgFWtBXvAcqBsQuqnfMq7Hsv2QahofV8dZdgMmBmQe4XRGI0t5eFxHqFp1IrR7dYqdHKW1VVz58LFvpiAirPH3HILQWFOC4LCN5jsSqGPEDK` ## Gateway User Linking APP The User Linking application is a go application built using container-ci for arm32v5, arm32v7 and arm64. Gitlab CI builds the container of the application, but it doesn't push to the source device on hub yet. The source device for this package is [THIS](https://pvr.pantahub.com/freeheat-fleet/gateway_user_linking_latest). This device is going to be merge with the gateway_base_latest to the fleet channel [gateway_latest](https://fleet.pantacor.com/channels/65563f18b2f0c50c7dc069c2) and push to all devices in that channel. The application start at `0.0.0.0:5000` (this port can be change later) and it will remember previous device selection. If the user is not login will trigger an user/pass login with freeheat credentials. The application save: - user data in `/pantavisor/device-meta.freeheat/user` - auth data in `/pantavisor/device-meta.freeheat/token` - user device selection data in `/pantavisor/device-meta.freeheat/selected_devices` All the data is storage as json User content example: ```json { "id": "c5c1ea0e-b5b1-4e4f-8031-7d39924292e5", "organization_id": "1009bb71-7f7d-4a33-8ff2-2d84c911e52b", "external_user_id": "", "role": "admin", "email": "sergio.marin@pantacor.com", "first_name": "Sergio", "last_name": "Marin", "is_onboarded": false } ``` Selected devices content example: ```json [ { "id": "5fc13699-553c-42e6-bd35-b9038f26e183", "device_model": { "manufacturer": "Nibe", "model": "S-Series", "device_type": { "short_name": "hp_atw", "long_name": "Heat Pump (Air-to-Water)" } } } ] ``` Token content example: ```json { "access_token": "FQeHpcRhU2O42VlfQaEQ2G2rqKChx8", "expires_in": 3600, "token_type": "Bearer", "scope": "read write", "refresh_token": "8gdHM5uFTXCOBsgf55yM5QznBMQXtj" } ``` **Application features:** - Session Cookie managment - Login - Save user data in device-meta - Save token data in device-meta - Show user pumps, user can select the pumps to be used by the gateway - Save user selection on device-meta ###### Things we needed: - Configurate the pantavisor package in order to adjust memory and storage usage. **700MB** - Push containers to source devices for thingsboard-gateway and gateway-user-link (NOTE 3) - Container/App for gateway user linking (onboarding). (NOTE 1) - Container/App for device discovery. (NOTE 1) ###### NOTES: 1. Maybe those application should be the same container? 3. Container CI has push to hub already i think
Last changed by  
Sergio Marin
88

Read more

Crypt disks

Pantavisor offers a way to define the physical storage medium by setting up disks. This will allow pantavisor containers to access to does disks directly. There are currently 4 disks types supported: Non-encrypted directory Device Mapper crypt using without hardware acceleration (dm-crypt-versatile) Device Mapper crypt using i.Mx CAAM (dm-crypt-caam) Device Mapper crypt using i.Mx DCP (dm-crypt-dcp) Each disk that is defined in the state JSON can then be privately used by the containers. They can also be internally used by Pantavisor, as in the case of metadata.

2/27/2023
How to manage drivers with pantavisor

Let's do a quick refresh on Pantavisor Linux architecture, the idea behind Pantavisor Linux is to build the full OS using containers as the building blocks. This will allow the creation of a reproducible state for the device system. In that way the system will look something like this: In this image we can see the network management is done by a container, then there is the pvr-sdk which is a container used in development to manage the device in the local network environment, ssh into the device, and another couple of development tasks that can be run on the device. Then we have in an upper layer the main app that is running the device functionality. How pantavisor manages drivers Pantavisor offers a mechanim for BSPs to define which (abstract) drivers they support. For that the bsp can specify a list of such abstract drivers and - if needed - map each of those to a list of kernel modules that can be loaded by pantavisor as needed. Driver loading can parameterized and those parameters can be dynamically sources from user-meta. Containers on the other hand can express what drivers they need by referencing one of such driver names and pantavisor will mediate loading the drivers as needed. By offering this alias mechanism, product and platform builders can add level of abstraction that allows multiple BSP to suffice the requirements of containers by loading the appropriate modules.

2/24/2023
Pantavisor by Chat GPT

Pantavisor is a firmware and software solution for embedded Linux devices that provides a number of features to improve the security, reliability, and manageability of these devices. At its core, Pantavisor is a lightweight, custom Linux distribution that is designed to run on embedded devices. It provides a number of features that are typically not found on standard Linux distributions, such as: Secure boot: Pantavisor uses a secure boot process to ensure that only authorized firmware and software can run on the device. This helps prevent malicious software from running on the device. Over-the-air updates: Pantavisor provides a built-in mechanism for over-the-air (OTA) updates, which allows you to easily update the firmware and software on the device without having to physically access it. Remote management: Pantavisor provides a web-based management interface that allows you to remotely monitor and control the device. You can view device information, configure settings, and even reboot the device remotely. Secure communication: Pantavisor provides secure communication channels that allow devices to communicate with each other and with the cloud securely. Sandboxing: Pantavisor uses sandboxing technology to isolate different parts of the system, which helps to prevent malware from spreading and to contain any potential damage.

1/13/2023
Real-Time Embedded Linux Observability with Pantavisor and InfluxDB

Presently organizations are unable to monitor millions of embedded Linux devices in real-time. With so many different architectures and device types, aggregating telemetry and metrics and viewing that data in a centralized analysis tool is problematic. Onboarding embedded Linux devices into a telemetry service so that metrics can be easily observed is a significant challenge. But now you can automatically and quickly onboard large IoT fleets with Pantavisor-powered devices, and InfluxDB’s Telegraf plugin, and stream metrics to a centralized monitoring dashboard with minimal effort. This post describes how to onboard and configure devices for the Telegraf plugin service to monitor Pantavisor-powered embedded Linux fleets. Device onboarding is streamlined and fast with a single sign-on process where Pantacor Hub automatically acquires InfluxDB credentials. Telegraf and Pantacor Hub overview Telegraf is an open-source server agent that collects telemetry and other metrics from your stacks, sensors, and systems. Pantacor Hub is our open source SaaS for remote device firmware and software lifecycle management and cloud service integration. We containerized the telegraf plugin and made it available as a service from Pantacor Hub. Telegraf sends metrics to any InfluxDB server, including on-premise, cloud, or hosted. In this guide, we'll use the cloud service for InfluxDB found at https://cloud2.influxdata.com/.

8/25/2022
Read more from Sergio Marin
Published on HackMD