Sometimes we may need a specialized data logging platform for our IoT devices.
So, for that Phant is here, an open source data logging platform with highly customizable data fields.
It's a node.js based application, developed by SparkFun. Here we'll install and configure Phant on a fresh Ubuntu 16.04 server, logged in as root, so we'll not use the sudo command.
Contents
Update the system and install NodeJS
First we've to update all the packages to make sure old packages are not conflicting with something later.
apt-get update apt-get upgrade
Now we'll install nodeJS and Npm, the default version available in the Ubuntu's default repository works pretty well here.
apt-get install nodejs npm
The above command will take a little time to complete. A little tweak is still needed, symlinking nodejs binary to node.
ln -s /usr/bin/nodejs /usr/bin/node
Check the node and npm version to be sure.
node --version npm --version
Install Phant
As stated before, it's a node.js based application, so we can install it easily with npm.
npm install -g phant
That's all we need to do.
Testing Phant
You need to know the public IPv4 address of your server. Most probably you already know it, if not just run curl -s v4.ident.me We'll not be using IPv6 to keep this tutorial simple.
To start the test server, just run the phant command.
Now point your browser to the http://your_public_IP:8080 URL, you should be able to see the front page of Phant.
Now you can create a stream for testing purpose, It's very easy, and save the Data stream details in some safe place.
Everything is explained in detail in the final data stream configuration page, pretty self-explanatory. So we won't be discussing much about how to use the Phant platform.
Now we can post some data through the cURL command, An example below.
curl -s 'http://your_server_IP:8080/input/[publicKey]?private_key=[privateKey]&temp=[value]&time=[value]'
You should get 1 success message after successfully completing a data submission.
Instead of cURL, you can use any command or application which is capable of sending HTTPS or HTTP requests. A sample of logged data in the screenshot below.
Starting Phant automatically on boot
As it's a Linux JavaScript based application, the official guide suggests to use the forever application to start Phant. But here we'll be using a simple systemd service, which is more convenient, I think.
nano /etc/systemd/system/phant.service
Below the systemd service file, just copy paste it.
[Unit] Description=Start Phant server [Service] Type=simple ExecStart=/usr/bin/phant Restart=always RestartSec=10 [Install] WantedBy=multi-user.target
If the phant server killed by something, it will be started automatically As we're using the Restart option in the systemd service file.
You might be interested more about how to write systemd rules, follow the link.
Finally start the phant server and enable auto startup through systemd.
systemctl start phant.service systemctl enable phant.service
Systemd and Phant logs are available in the /var/log/syslog file, if you need to debug.
SSL and NGINX reverse proxy
This step is totally optional, but I think a public facing NodeJS based server isn't a great idea.
So, for that we'll be using the NGINX web server to act as a reverse proxy for the Phant application.
apt-get install nginx
Edit the default nginx configuration.
cd /etc/nginx/sites-available mv default default.bac nano default
Below a sample NGINX configuration, don't just copy-paste it, modify it according to your need.
server {
listen 80 default_server;
server_name example.com;
# access_log /var/log/nginx/yourdomain.tld.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
}
}
If you have a domain name, then enabling SSL with Let's Encrypt is easy. But there another way, a self signed SSL certificate. Though there's nothing wrong with them, but browsers love to show a warning page.
I'll be using a previously registered domain for this test, but you can register a .tk domain for free.
There's no generic way that how you setup your domain's name servers. But the ultimately at least one A record of the domain should be pointed to your server's external IP address.
However I prefer to use CloudFlare, it also provides an extra layer of security to the application, and it's super easy. Here's more details.
Enabling Let's Encrypt SSL
add-apt-repository ppa:certbot/certbot apt-get update apt-get install python-certbot-nginx certbot --nginx
The above commands will automatically fetch the valid SSL certificates and add extra configurations to the default nginx config file.
Finally we need to reload NGINX server with the service nginx reload command.
To automatically renew the certificates, add a cron job entry with crontab -e command.
30 2 * * 1 /usr/bin/certbot renew
After setting up all of this, we can access our Phant server over HTTPS. If everything was done properly, we should be able to access the secured Phant application just by typing the domain name in the browser's URL bar.
Securing the server a bit
Of course we don't need the port 8080 open to use the Phant server through NGINX. So it's better to hide it.
We'll be using the pre-installed ufw firewall app for this purpose.
- Check if ufw is running or not with
ufw status verbose - If it's running, disable it,
ufw disable - Block access to port 8080,
ufw deny 8080 - Allow access to port 22, 80 and 443,
ufw allow 22,ufw allow 80,ufw allow 443 - Start ufw again with
ufw enable
As the OpenSSH server is white listed, there's a very little chance of loosing SSH access after enabling UFW.
So, that's all about how to install Phant on Ubuntu server, and secure it with SSL, NGINX and ufw.
I hope it's simple enought ho understand, leave your suggestions and questions below.
Leave a Reply