Setting up a Pi with a NRF24L01+ Radio

I’m using my PI as the central hub running OpenHAB, a MQTT broker and other services for home automation. On the Pi I am using a NRF24L01+pa+lna SMA Antenna Wireless Transceiver, this provide more range (1000m) from my main unit. All the nodes in the network will be running on Arduino chips and using a Mesh network so the house should have good coverage. First, wiring in the NRF24L01 to the Pi.Using Female-to-Female dupont cables use the following table to connect the units, the NRF24L01 is ~3-3.6V.

Raspberry PI 1 - B+ to NRF24L01 Mapping Table

Raspberry PI 1 - B+


Ground (20)


3v3 (17)


BCM 8 /CE0 (24)


BCM 22 (15)


BCM 10 / MOSI (19)


BCM 11 / SCLK (23)



BCM 9 / MISO (21)


I recommend checking the connections twice. A good Pi Layout can be found here: Raspberry Pi GPIO Layout Worksheet Now we have the wiring in place time to get the pi working. This assume you have followed guides on this site or other site and you are running rasberian. As I am using the awesome work by TMRh20 we are installing the bits in his github repo. Connect to the pi using SSH and run the following commands.

chmod +x
for D in *; do echo “Building and Installing $D”; cd “$D”; sudo make install; cd ..; done

After you run the file it will prompt you to install components. Go ahead and select yes for all of them. If you ever need to do a update of the libraries in the future you will need to delete all the folders under rf24libs. Now the pi is ready to go with the RF unit and needed libraries.

Rooting the WINK Hub with Windows

I do have a Linux machine in the house but that is on a Pi running as a squeezelite client for my house music collection. So looking at the instructions on the web I have translated them for use in Windows. Of course I have use PowerShell! The only addition I have is I use Kitty as a SSH client. This uses the approach @

  1. Open up the box and plug in the WINK unit. Do not download any app or hook it up to the internet. If you do this the latest firmware will overwrite the ability to do the hack below without popping open the case and hitting the chip directly.

  2. When you have the pink flashing light open a laptop and connect to the WINK wireless network. It starts with WINKHUB….

  3. Open a browser and go to and you should see home page or a download prompt for a JSON file. If so all good!

  4. Open up a PowerShell instance.

  5. Run:

    Invoke-WebRequest -Uri\_dev\_value.php -Method Post -Body @{nodeId=’a’;attrId=”;dropbearkey -t rsa -f /root/.ssh/winkkey.dbprv.rsa > /root/.ssh/winkkey.rawpub.rsa;”}

    Invoke-WebRequest -Uri\_dev\_value.php -Method Post -Body @{nodeId=’a’;attrId=”;dropbearconvert dropbear openssh /root/.ssh/winkkey.dbprv.rsa /var/www/winkkey.rsa;”}

    Invoke-WebRequest -Uri\_dev\_value.php -Method Post -Body @{nodeId=’a’;attrId=”;grep ssh /root/.ssh/winkkey.rawpub.rsa > /root/.ssh/authorized_keys;”}

    Invoke-WebRequest -Uri -OutFile winkkey.rsa

  6. You now should have the rsa key locally. If you are using kitty/putty you need to get putty gen and open the rsa file up and then save it as a putty version of the key. You can then open up putty/kitty and access the WINK hub.

Reference Links:

Integrating ISY into OpenHAB

I am in the process of setting up OpenHAB for the extra functionality in my house. I have the ISY unit setup as the core brains for switches and scenes. All the other magic is in OpenHAB so if OpenHAB goes down the main functions of the house work. I wanted to get the OpenHAB system to be able to get the status from the ISY unit and also changes states. This was as not straight forward as I wanted. I still have a issue that the process is polling and not a subscriber model but I do not have time to create a ISY binding. Anyway, here’s the basic instructions.

  1. Generate a basic auth hash for your user/pass to access the ISY admin console. In PowerShell use the following command:

    $user = "usernameforisy"
    $pass = "passwordforusername"
    [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($("{0}:{1}" -f $user, $pass)))
  2. Edit the OpenHAB items file and add in your switch, replace with the IP of your ISY unit and change the word HASH to the auth hash generated in step one. You use the ID of the switch not the friendly name, replace any spaces with %20 so 11 22 33 1 becomes 11%2022%2033%201

    Switch NAMEOFSWITCH "Floor Lamp [%s]" (g\_FF,Lights,g\_FF\_Study) {http="<[{Authorization=Basic HASH}:10000:XSLT(isy\_node\_state.xsl)] >[ON:GET:{Authorization=Basic HASH}] >[OFF:GET:{Authorization=Basic HASH}]"}
  3. Save the following XSL code to the transform folder under configuration and name it isy_node_state.xsl

    <?xml version="1.0"?>
    <xsl:stylesheet xmlns:xsl=""  version="1.0">
    <xsl:output indent="yes" method="xml" encoding="UTF-8" omit-xml-declaration="yes" />
    <xsl:template match="/">
    <xsl:value-of select="translate(//nodeInfo/node/property/@formatted,'abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ')" />

Dealing with Internet Explorer ‘Continue to this website’ option missing

Found the work around here: To skip all the text on this page to the command one needs to unblock this restriction and for example set the minimum key length to 512; run the following in a elevated command line (cmd.exe ‘run-as-administrator’):

certutil -setreg chain\minRSAPubKeyBitLength 512

Now the “Continue to this website (not recommended).” is back If you want to revert this change and go back to the default of an 1024 bit key minimum, run:

certutil -delreg chain\MinRsaPubKeyBitLength

Home automation with ISY and PowerShell

I am playing with ISY and automation in my home, looking at the universal devices page today I found the API for working with the unit. Turning to trusty PowerShell I came up with the following code to enable you to start interacting with the unit remotely. Ill look at a proper module at some point in the future but this increases the possibilities of the unit! [code] function Invoke-IsyRestMethod { param ( $RestPath ) $isyEndPoint = “" $user = “user” $pass = “pass” $url = “{0}{1}” -f $isyEndPoint, $RestPath $headers = @{ Authorization = ‘Basic ‘ + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($(“{0}:{1}” -f $user, $pass))) } invoke-restmethod -Uri $url -Method Get -Headers $headers } # Get all the nodes and addresses you have in the system. (Invoke-IsyRestMethod “/rest/nodes”).nodes.node | select name, address # get information about a specific node. Invoke-IsyRestMethod -RestPath “/rest/nodes/28 2F 24 1” #Turn the node on, in this case my desk lamp! Invoke-IsyRestMethod -RestPath “/rest/nodes/28 2F 24 1/cmd/DON/“ #Turn the node off, in case my desk lamp. Invoke-IsyRestMethod -RestPath “/rest/nodes/28 2F 24 1/cmd/DOF/“ [/code] Next to make my desk lamp flash when I should go to bed ;)

Minecraft Mod Idea #284

It would be nice to have items sorted in chests, I have set it up with pipes before but as I am playing in Hexxit at the moment, I want a more ‘magical’ way for this to happen. What I am thinking is that you have a master chest and slave chests. The master chest is linked to the slave chests and the slave chests have the id/name of the items it automagically gets when they are put in the master chest. To power this redstone needs to be placed in the master chest, the system will always keep at least 64 pieces of redstone in there and for every 64 items one redstone is used to ‘power’ the system. Here is the walk through of the system.

  1. Craft a special chest which requires a normal chest, ender pearl and 64 redstone.
  2. This is then placed down.
  3. Looking at the chest type /magicchestsorter set master {name}
  4. On the backend this chest is marked as {userid}_{name} to uniquely call it out.
  5. Next you craft another special chest with a normal chest and a ender pearl.
  6. This is then placed down.
  7. Looking at the chest type /magicchestsorter set slave {name}
  8. On the backend this chest is marked as a slave to the master chest.
  9. Looking a the chest type /magicchestsorter set types {id},{id},{id} where id is the Minecraft id.
  10. On the backend this chest is marked as a destination for these types.
  11. Go to master throw in a stack of redstone and some items.
  12. When the events fire it takes the items out of the chests and routes them to the correct destination and consumes redstone.

Going to implement this in forge as it has custom block types, not intending to make a custom skin for the chest at this point in time.

Two-Factor Authentication and your Microsoft Account

I have just moved to Two-Factor authentication, there was a bit of work to get everything signed in again but the additional security is worth it. I use my Microsoft account as a central hub for everything, it is on all my PCs at home and work, I have a WP8 that I log into with it, I use it to log into Skype. Basically if someone takes it you have access to everything I have. In addition I have lots of photos and file on SkyDrive now and do not feel like having to deal with the issues if that is compromised. The process is fairly easy and I have the simple steps below so if you have a Microsoft Account I would recommend enabling it.

  1. Install the Authenticator App on your Phone if it is a Windows Phone
  2. Got to the account page for your account.
  3. Click on the link to enable two factor authentication (two-step)
  4. The page will give you a nice bar code that you can scan using the Authenticator application, this makes setup a breeze.
  5. Not this is done you will need to reset up your devices and accounts on your machines. If you have already trusted your accounts on your desktops you are good to go and only need to deal with things like SkyDrive by providing the Auth from your phone.
  6. Not everything likes the passcodes created so for other apps and devices such as Xbox 360, Windows Phone, or mail apps on your other devices you will need a App Password, you use this instead of your regular password to log into your account. More details can be found at the following link to setup different apps

With that you are done, all your apps now have two factor auth, if you choose to trust an account or remember the code then you are back to single access if the device is stolen, if that happens head straight to your manage page and remove the app passwords and un-trust all your devices. What was on the device my be compromised but any new information will be secured from that point on. Also you do have BitLocker enabled on your desktop hard drives, don’t you?

MYN/1MTD and setting the Start Date in Outlook automagically.

If you are using Outlook and want to force the start date to be set with a due date in the future by default you can use a macros which automatically runs for any new task item. In the VBA editor (Alt+F11) open up ThisOutlookSession In the code window add the following: [code lang=”vb”] Option Explicit Public WithEvents Items As Outlook.Items Private Sub Application_Startup() Initialize_handler End Sub Public Sub Initialize_handler() Dim objNS As Outlook.NameSpace Set objNS = GetNamespace(“MAPI”) Set Items = objNS.GetDefaultFolder(olFolderTasks).Items End Sub Private Sub Items_ItemAdd(ByVal Item As Object) On Error GoTo errHandler Dim objNS As Outlook.NameSpace Set objNS = GetNamespace(“MAPI”) If TypeOf Item Is Outlook.TaskItem Then Dim Task As Outlook.TaskItem Set Task = Item ‘1/1/4501 is None in the Outlook world. If Task.StartDate = #1/1/4501# Then Task.StartDate = Now() Task.DueDate = Now() + 3000 ‘ A due date a long way into the future. Task.Save End If End If Exit Sub errHandler: MsgBox “Error “ & Err.Number & “: “ & Err.Description & “ in “, vbOKOnly, “Error” End Sub [/code]

From Web Archive: Mirroring SVN repository to GitHub

The site seems to be down. This was handy for something I was playing with. References: So, I’m gearing up to work on some Java+Ruby (via JRuby) stuff. The Java world still seems fairly entrenched in the cult of Subversion, while the Rubyists have gone with Git lately. I’m still wrapping my mind around Git, but with GitHub, it’s fairly easy and straight-forward. I paid my $7 for the micro account, to give me room to screw around. There’s quite a few posts about mirroring SVN to a Git repository, but I feel the need to add my own, of course. My goal is mirror the trunk of the JRuby project from Codehaus SVN to my account on GitHub. By doing this, I can track the trunk development, and also work on my own patches. I started by creating an empty repository on my GitHub account, called ‘jruby’.

Now, over on my always-on, Contegix-powered server, I create a brand new local git repository, also called jruby.

mkdir jruby cd jruby git init

Next I use ‘git svn init’ to setup the SVN repository as a remote code source to track. Using the -T switch points git to the trunk, and ignores branches and tags, which is fine for my purposes.

git svn init -T

That does not pull any code, but it lets my local working tree know that I’m going to be pulling from an SVN repository at some point. This setup only occurs in your local repository, and does not seem to ever get pushed to GitHub once we get to that point. So, now we do the initial pull. Once again, this is on my always-on, Contegix-powered server, not my local laptop. I’m doing this on a server because towards the end, we’ll be setting up a cronjob to accomplish it all.

git svn fetch

It’ll think for a while, it’ll slurp down the SVN revision history, it’ll stop and ponder occasionally, and eventually, it’ll be done. Woo-hoo! Our local working tree is now up-to-date with the subversion HEAD as of that moment. To reduce disk-space used by your local repository, go ahead and run the garbage collector

git gc

On my system, that reduced the space from over 600mb to under 70mb. Now, that’s great, but it’s still just on my local repository. Time to push it to GitHub. We’re not going to follow their directions exactly, since this will ultimately be a cronjob and needs to use ssh. And I’m slightly paranoid about my ssh keys. So, the first thing I do is create another keypair, for used only by my mirroring process, and only for pushing changes to github. It has no passphrase. This allows me to keep my top-secret keys off my shared, always-on server. If these keys are compromised, all an attacker can use them for is to push changes to GitHub. Which, being revision-control, is more annoying than dangerous. (Hooray for “git reset”).

ssh-keygen -t dsa -f .ssh/id_dsa_github_mirroring

Next, I edit my .ssh/config to add a “fake host” so that ssh connections invoked by git will use this new key. As with all previous bits, this is still on my always-on server, not my local laptop.

Host githubmirror User git Hostname IdentityFile /home/bob/.ssh/id_dsa_github_mirroring

This will cause any invocation of “ssh githubmirror” into “ssh -i .ssh/id_dsa_github_mirroring”. I then installed into my GitHub account. Now, GitHub’s instructions say to run this command to add the GitHub repository as a remote named “origin”

git remote add origin

Instead, we teak it to use the “fake host” we added to .ssh/config

git remote add origin git@githubmirror:bobmcwhirter/jruby.git

We’re almost done, I promise. Next, we need to do the first push from my server up to GitHub. We first push to the ‘master’ branch, since the repo really wants to have a master branch.

git push origin master

Now, GitHub doesn’t allow you to fork a repository you own, and since this mirror is owned by me, where can I do my own hacks and patches? The ‘master’ branch of course. But I still want an unmolested, straight-from-subversion mirror. So, I create a ‘vendor’ branch in my workspace. It’s initialized to match ‘master’ exactly.

git checkout -b vendor

Now, I push that to GitHub, too.

git push origin vendor

Awesome. I now have two branches, identical at the moment, called “vendor” and “master”. Now, as far as I can tell, all the Subversion setup that we did only lives in the local repository on my always-on server. Anyone who clones from the GitHub repository will not have that stuff. They can of course do a ‘git svn init’ themselves, to add it to their local repository. But it doesn’t flow through GitHub. But that’s fine, since I’ve been doing this on my always-on server anyhow. My workspace is sitting in the ‘vendor’ branch that’s tracking the vendor branch from github. I can pull the latest changes from Subversion by typing

git svn rebase

The ‘rebase’ command is neat, in that any changes that exist in the git repository are floated to be applied to whatever the latest HEAD is. But since I’m only concerned with a one-way SVN-to-Git mirror, there will never be any changes to float, and this will just tack on subsequent SVN commits as Git commits onto the ‘vendor’ branch. It’ll leave the ‘master’ branch un-touched. After rebasing, you gotta push the ‘vendor’ branch up to GitHub.

git push origin vendor

Now, type that every 15 minutes, and your ‘vendor’ branch will stay mostly up-to-date. Or use cron. I’ve cronned a script that fires every 15 minutes

#!/bin/sh cd /home/bob/github-svn-mirrors/$1 git svn rebase git push origin vendor

It’s run with the repository name as the first (and only) argument

*/15 * * * * /home/bob/github-svn-mirrors/bin/mirror jruby

Now, over on my laptop, finally, I can clone the repository, work on topic branches, push to master and have my own controlled environment and fork, while knowing the ‘vendor’ branch reflects the pure SVN state which I can also pull into my hackings as-desired. When I submit a patch, if it ultimately floats back to me through the vendor branch, git is supposedly smart enough to realize that the same changes have arrived in my ‘master’ (assuming it’s applied verbatim) and keep things nice and tidy. Else, I can force a merge, trampling my half-assed patch with the official JRuby code.

Loading message from the API: ...