sachathomet.ch

Application virtualization, IoT and Cloud Computing, Blog of Sacha Thomet

My Smart Home – Chapter 2: Home Assistant

After my smart mirror project which was exciting, I can still only see the values of the integrated sensors on the mirror. The problem that I can’t control my smart devices from one place still exists.

The conglomeration of smart devices in my home is very various, I need to work with something which is open for almost everything imaginable.

On Facebook, I saw a post of an acquaintance who adverted for Home Assistant (home-assistant.io). Home Assistant is an open-source home automation platform running on Python 3. Track and control all devices at home and automate control. Perfect to run on a Raspberry Pi.

Hass.io (Home Assistant) is still in development but works already good. I’ve started with version 0.48 or so and now in December 2017 we are on 0.60.

First I started with Hass.io on a Raspberry Pi 3, but then I’ve upgraded my Synology NAS and the new one is able to run Docker, so I moved my Home Assistant to a Container on my NAS.

I don’t write here now a post how to install and run Home Assistant, that you can find in Getting started on hass.io, the intention of this post is a short Intro for Home Assistant with some hints for the practice.

For Hass.io there is also a mobile app, you can use the App if you are in the same network as your Home Assistant server or you have a VPN connection in this network. It’s also possible to expose the server to the internet, it contains all you need for that like duck dns and Let’s Encrypt. But I won’t do that for security consideration.

Devices and Components

Home Assistant has a very broad range of supported smart devices, I added the following devices to my system:

A short demo of how that looks on my environment:

Automation

Before I used Home Assistant I automated some of my smart devices with IFTTT, with hass.io I can now do that “On Premises”.

I created the following “recipes” for my home automation:

  • If the IKEA lamp in my living room turns on, also turn on the lights in my vitrine (LED plugged in a MyStrom Smart Plug):
  • If my UniFi controller doesn’t see any Wifi Mac address of the mobile phones of my family members, the automation “Away-Mode” turns on. This procedure powers off some Smart Plugs, bring my Sonos Player to pause, and all Hue lights will be turned off.

In contrast to IFTTT it’s possible with hass.io to combine things almost indefinitely. It’s possible to define so-called Conditions.

Helpful Hints

If you try Home Assistant and you start to create and modify your *.yaml files, really use a text editor which shows you invisible characters! Python is very fussy for syntax errors even when only an invisible character.

Make backup from your files before you modify it, this can help to avoid some frustration.

If you intend to add a MyStrom Smart Button, I found out that this doesn’t work currently if your Home Assistant Web GUI is protected with a password.

Conclusion

A big benefit of Home Assistant is that it’s an open system with a large developer community, there are many components integrated and it’s possible to integrate by your own.

The downside of Home Assistant is that’s currently not yet a solution for an Enduser without any IT skills. More and more it’s now configurable via Web GUI but without any IT knowledge, it’s impossible to manage it.

+ Command center for your Smart Home
+ Cheap
+ Interaction with your smart components is possible
+ many Components integrated
+ App for your mobile phone or tablet computer
+ – Open Source (Open to integrate other things, improve code vs Security)
– Not an End-user product
– Needs Maintenance

A short preview for my third Smart Home article, I will show you something which is also usable for End-Users without IT Knowledge. I know the readers of my blog are mostly IT Pro’s but I’m sure you have also friends who want to play the Smart Home game and have no clue how to start.

My Smart Home – Chapter 1: The Mirror

A colleague complained that he has a 22-inch screen which he doesn’t use anymore but he can’t sell it for a valuable price. So I said he can give me the screen for free and I would convert it to something cool, I had already an idea what I want to do with it …

My intention was to display some measurement data of my home which I collect with Netatmo or WirelessTag . Furthermore, I had the idea to supersede the paper wall calendar with a digital calendar. We use already Google calendar but my wife has the opinion that she needs a calendar not only accessible with a computer or a mobile phone, there must be also something on the wall to get faster an overview about the upcoming events.

Mirror, Mirror, on the Wall …

So I told my wife that I plan to install a monitor screen in our entrance area, honestly, the enthusiasm was very limited. I found out that the WAF – the wife acceptance factor for a monitor screen in the apartment is pretty low. So I needed another idea, accidentally I saw the  MagicMirror² Project which is the solution for my Software Plattform and also the word “Mirror” solves the WAF-Problem.

So there is now no more a monitor screen, instead, my project is a Mirror, a Smart Mirror to be precise. Behind the Mirror is a Raspberry Pi 2 located which is powered on 24/7, rather the power of the screen itself is controlled by a MyStrom Wifi Switch  in the early morning a motion detector turn the mirror on, at other hours in the day the screen can be activated with a push on a MyStrom Wifi Button. If the Mirror is powerless it looks like an ordinary mirror.

At the end this was how my prototype looks like:

It was a long journey and I invested a lot of hours until I was happy with the result of my project.

First I started to cover the screen with an acrylic glass laminated with a mirror foil. I was not satisfied with the result, I had inclusions of dust and air under the foil. Only the more expensive but high-grade real Spy-Glass from myspiegel.de made me happy.

It was also difficult to decide which content should appear on the display.

Content

Currently, my configuration shows this content:

Top left
– Date and Time
– Google calendar from my wife

Top right
– Weather forecast
– Hue Status
– Recent Calls (Fritzbox)

Bottom left
– Trello Task of our family

Bottom right
– Power meter of different Powerplugs (REST via MyStrom)
– battery state of charge of my EV

Bottom center
– Headlines of “Berner Zeitung” the local Newspaper (RSS)

Component List

  • 22″ Screen who has a Digital Input – Raspberry has only HDMI (I took an old one and removed the Case – on your own risk!)
  • Raspberry Pi & Power Supply
  • Spy Glass – I ordered on myspiegel.de
  • Smart Plug (optional)- e.g. I have this one MyStrom Wifi Switch 
  • Smart (IoT) Button (optional) – e.g. I have this one MyStrom Wifi Button.
  • Motion Sensor – e.g I have one from WirelessTag  (optional)
  • Some pieces of wood from your local DYO Store

(As Tools I used a hot glue gun, a saw, and some screwdriver )

Conclusion

The mirror definitely gives an added value, but it’s really only for DYO’er or Nerds … No Enduser-Friendly product. It also needs maintenance.
This is a device for consuming information but you cannot interact with your devices. Maybe in Some years possible with a “Touchscreen-Mirror”.

+ Added value in a Smart Home
+ Cheap
+ – Open Source (Open to integrate other things, improve code vs Security)
– Not an End-user product
– Needs Maintenance
– Only show information, no interaction with devices

Fatal error during installation (1603) on StoreFront upgrade to 3.12

Today I’ve upgraded Citrix StoreFront Server from 3.9 to 3.12

as every time first I shut down all of the following services:

net stop W3SVC
net stop CitrixConfigurationReplication
net stop CitrixCredentialWallet
net stop CitrixDefaultDomainService
net stop “Citrix Subscriptions Store”
net stop “Citrix Peer Resolution Service”
net stop CitrixServiceMonitor
net stop CitrixTelemetryService

then I run CitrixStoreFront-x64.msi, reboot the server and after that I do that on the second node. Most time this goes pretty flawless.

But this time, my upgrade failed with an error:

CitrixStoreFront-x64.msi’ failed with error code 1603. Fatal error during installation”

I remember I had this already one time before, but what the hell was the solution … a short search with Google showed me:

https://discussions.citrix.com/topic/371535-storefront-upgrade-to-301-from-300-fails

Well I’m on StoreFront 3.9 and when I have a look into “C:\Program Files\Citrix\Receiver StoreFront\Services\ProtocolTransitionService\Citrix.DeliveryServices.ProtocolTransition.ServiceHost.exe.config” I see in some lines “Version=3.8.0.0” – but I have 3.9, so I replace all “Version=3.8.0.0” to “Version=3.9.0.0”

Result: StoreFront upgrade to 3.12 is successful – All’s well that ends well.

No more able to start SOAP on PVS

After the last monthly Microsoft Security Updates one of my PVS Servers was no more able to start the SOAP service. I received an Event 7000 with the message:

The Citrix PVS Soap Server service failed to start due to the following error: The service did not respond the the start or control request in a timely fashion.

I live in Bern, and we are known as slow-paced people here in Bern, probably because of our slow sounding accent. So my idea is if the service need more time to start, I’ll give him more time.

I’ve created a new DWORD called ServicesPipeTimeout  with the value 120000 in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control which means the service has 2 minutes time to start. After a reboot my SOAP was again up and running.

By the way and additional tip according this service… SOAP is sometimes bitchy … it’s a good idea to set the service to auto restart after a crash.

XenApp & XenDesktop Avoid CEIP

Already in February when I updated my Citrix environment to 7.13 I’ve seen that it’s difficult to avoid call home on the license server from now, I made a short message on twitter:

Now when I updated to 7.14 I had the issue again, because my license server and my delivery controller cannot communicate outside there is also a ugly message in Studio:

It’s pretty easy to complete turn off Customer Experience Improvement Program (CEIP):

Just add this line to the Citrix.opt file on the license server:

#CITRIX CEIP NONE

How to bring your network back online in minutes with Ubiquiti UniFi gear

Less than a month ago I decided to buy a new WiFi Access Point to increase the quality and possibilities of my Home Wifi. Until now I just had a “Fritzbox” which is already very nice for home use. Fritz does anything, Fast WiFi, Modem, Router, VoIP, Call answer machine, DECT Gateway and it’s stable and easy to configure. Of course, I wished to have a more enterprise-like network setup, especially because also my lab environment is in my home network and a lot of IoT stuff. But honestly the components I had known that allows enterprise features were not in my budget.

So the first plan was to just increase WiFi. I just bought a Ubiquiti UniFi AP-AC-Pro without any ulterior motive. But to be honest, the new AP was like a starter drug. I saw what all is possible and for a price which is also payable for home use and with no extra license costs. I don’t want to write a review here about my new awesome Ubiquiti gear if you wish to know more about that stuff see here the blog post from my fellow CTP Jason Samuel: Building a secure high visibility WiFi network using Ubiquiti Networks UniFi gear

Just to say, now, some weeks later I have a Router (UniFi Security Gateway 3P), a managed Switch (UniFi Switch 16 POE-150W) and two WiFi AccessPoints (UniFi AP-AC-Pro and UniFi AP-AC-LR) in my Network from Ubiquiti. Finally, I’m able to segment my home network in virtual networks (VLANs) and to make all more transparent, hopefully, more secure and of course easier to manage for me. Currently, I have 3 different WiFi SSIDs and 4 VLANs. The software-defined network is great and let me do things I just dreamed of before. When I think about all the “use cases” I’m now really sure that a lot of Security considerations should be made for improvements in the network segment should be done … but that’s another topic …

The USG 3P, UniFi Security Gateway comes with 3 Ports, WAN, LAN, and VoIP. The Software of these devices will be always further developed and new features come with every new version. Some features are also implemented as beta features, e.g also to make out of the VoIP a WAN2 port:

With this feature, it’s possible to have a Second WAN link and to use it as Failover or as Weighted LB. Of course for home use, a second WAN link is not common. But definitely interesting for some small companies or maybe branch offices which need a reliable connection to the internet.

I have currently only one connection to the Internet, a cable connection with 250M down and 25M up from “Quickline”. Until now when I had an outage I was still able to use my 4G WiFi Hotspot from Huawei to access the Internet with my Laptop.

Last Saturday my Cable Internet connection was interrupted exactly at that moment where I was doing some lab works with my network components. So I decided to have a closer look at this WAN 2 Feature. I connected a Zyxel travel router (NBG2105) with the Cat5 cable to the USG and with WLAN to my 4G WiFi router, I configured the VoIP Port for WAN2. Wow after 30 minutes I was back online with my whole network.

On WAN2 there can just be anything that is providing an Internet link and give an IP address via DHCP in my case. Of course, first I connected the Zyxel NBG2105 with the cable to my laptop and connected with it to my WiFi router. The most important thing here with the NBG2105 is that the Switch is set to Client:

Of course the Speed of 4G is not near my cable connection but it’s still better than be offline:

And now I have not just the solution to “How to get back online” but rather also to “Stay always online”.

Sacha’s blog now also in German

I started my blog in 2013 in English with the idea to reach more readers worldwide. Now I decided to provide my information also in German because I know I have some readers from Germany, Austria and of course my home country Switzerland.

Win10 to Win10 with a Citrix VDA

Intro – my relationship with Windows 10

The company I’m working for, Die Mobiliar, started early with Windows 10, we rolled out in spring 2016 Windows 10 to all our physical devices and also to our virtual Desktops. We have two different kind of VDIs, pooled Win10 Desktops provided by Citrix PVS and also classical installed dedicated VDIs. Both with Citrix XenDesktop 7.x.

To be in the role as early-adopter with such a new operating systems is interesting but also nerve-racking on some days… Especially when you add Citrix XenDesktop on top to Windows 10 and then also special requirements like physical and virtual Smart Cards.
I talked about this adventure on E2EVC in Rome: The stony road of a VDI migration from Win7 to Win10

Next chapter

Now our story goes into the next round, we installed Windows 10 last year with the 1511 Release and we want to go now to the anniversary update (1607). For our pooled desktops it’s no question, fresh install on the new build. But an fresh install of the dedicated desktops where users have installed their own stuff will get me into big troubles … it’s really not an option!

I was curious who is in the same boat, so I created this poll:


36% are doing fresh install of dedicated desktops? Wow … BOFH? 🙂

I tell you now 2 secrets:

  • It’s not possible to update Windows 10 from one version to the other when a Citrix Virtual Desktop Agent (VDA) is installed!
  • Uninstall of Citrix VDA fails most of the times!

    Good News:
    Citrix knows that uninstall of the VDA is a problem, for that reason there exists the
    VDACleanupUtility.exe (https://support.citrix.com/article/CTX209255)
    Bad News: VDACleanupUtility.exe (VCU) should run as a User, need a reboot and login with the same user, what means it’s not in a easy way to automate that.

With some hints of the CTP colleague Stephane Thirion and my collegues at “Die Mobiliar” I was able to create this guide to automate the Windows 10 Update with an automated removal of the VDA.

Task Sequence for SCCM

We are doing this with Microsoft System Center but with the following infos it’s also possible to fulfil this challenge with other ESDs.

Upgrade Steps – Overview 
The Citrix VDI specific things highlighted in yellow, in this guide I’ll focus on that. We are using one task sequence to update all our Windows 10 installation, thats the reason we need to made a decision if the installation is a VDI or not.

After the OS upgrade we just install the VDA again with our existing software package.

Because the Windows upgrade kills the Citrix receiver we also re-install the receiver at the end.

The really hard part is the proper automated removal from the VDA, and thats where I go a bit into the deep in this article.

VDI or not – thats the question
Because we will use one TaskSequence for Win10 with and whiteout Citrix VDA we just check if the VDA is installed, we are doing that by query the Key which has been written by the Software package for VDA
A reboot to start is always smart

Sometimes the VDACleanupUtility ask for a reboot, it’s good to start with a reboot before any other steps are done.

first step of the VDA removal

The VDACleanupUtility should be started in silent mode and with a suppressed reboot:

cmd /c VDACleanupUtility.exe /silent /noreboot

The VDACleanupUtility.exe is the only thing in the Package you see on the screenshot.

Remove an action which would be done after the suppressed reboot in order of the VCU 

cmd.exe /c REG DELETE HKLM\Software\Microsoft
\Windows\CurrentVersion
\RunOnce /v CitrixVdaCleanup /f

 Now you can reboot 

Start the VCU again

this time with the switch silent and reboot – reboot doesn’t mean that it will do a reboot, it’s just the info for VCU that it’s now in phase after the reboot 

cmd /c VDACleanupUtility.exe /silent /reboot

 Now do all the Windows Upgrade steps you want to do,
here you also need to think about drivers or in virtualized environments XenTools, VMwareTools, etc. 
As a next Step install the VDA again
Re-install the Citrix Receiver

Update of Win10 will destroy your Citrix Receiver installation, for this reason install it again at the end

I want to thank here to Stephane Thirion  (https://www.archy.net) for the hints about automate the uninstall of the VDA. Also thanks to my colleagues Stefan Moser and Thomas Hahnel at Die Mobiliar with more Knowhow about SCCM Task Sequences and patience on testing.


Update Fall 2017: 

The Version of the Cleanup tool in September 2017 is able to run in unattend mode, see https://support.citrix.com/article/CTX209255 .
Also I’ve found out that the Update from 1607 to 1703 or 1709 works even when a VDA is installed.

Update November 2017: 

Now exists and article by Citrix: “How to Run the VDA Cleanup Utility with SCCM Task Sequences”: https://support.citrix.com/article/CTX229801 

IoT – ideology of technology | new MyStrom Smart Devices

Those who know me in person are aware that my life is not only controlled by Citrix technology, I’m also fascinated by Smart Home stuff and Internet of Things, IoT. Since years I use Philips Hue, Netatmo and other gadgets to make my life easier – or to solve problems which I won’t have without this Smart Home devices… Some of my neighbours believe that I have a girlfriend called “Alexa” and I’m very rude to her.

Anyway, I already wrote about the MyStrom Smart plugs in the article Control MyStrom smart plug by a trigger or Another LaMetric IoT script – power control .

The special thing about the MyStrom WiFi Switch is that they are only for Switzerland, we have here not the same wall sockets like they are common in Europe. For this reason in my point of view MyStrom is a niche product, even when it’s a very very good product.

Today I received a package from MyStrom with two very cool new products inside, the MyStrom Bulb and the MyStrom WiFi button. I have already similar products, for the Smart Bulb from Philips Hue and SengLed Boost. For the button I have currently an Amazon IoT button, which I have connected to IFTTT that I can trigger some things.

In this post I want to compare this new MyStrom devices to other existing devices on the market.

Comparison Smart Bulb:

myStrom WiFi Bulb

  • 39.- CHF (Color)
  • Color
  • E27

+ Has a HTTP Rest API
+ Show power consumption
+ great colors!
–  only 600 lm
– Bulb becomes pretty hot, 52,9°C after 30min test.

Philips Hue

  • 69.- CHF (Color)
  • 20.- CHF (White)
  • E27 and GU10 available (Update: Now also E14)

+ Use the ZigBee protocol
+ Up to 806 lm
– An additional device, called “Bridge” is required
– Colors not so saturated
– Range is limited, I was not able to have a Hue Bulb in my garage, why I added a SengLed Boost.
– Bulb becomes pretty hot, 62,5°C after 30min test.

SengLed Boost

  • 59.- CHF
  • E27

+ Works as an Wireless Wifi Repeater
–  only 470 lm

IKEA TRÅDFRI
LED-Bulb E27 1000 lm White

  • 14.95 CHF (White)
  • Color also available  but not with 1000lm
  • Uses 12,4 Watt
  • Is compatible with Hue-Bridge after latest firmware and perhaps 3rd party Software

+ brightest and cheapest Bulb
– Bulb becomes pretty hot, on some parts 84,9°C after 30min test!

 

Conclusion: It really depends on your needs which Smart Bulb is the best for you, if you have already a Philips Hue ecosystems it makes no sense to Switch to MyStrom. But if you start on green field, you really have to consider to go for MyStrom. With MyStrom you have Bulbs, Plugs and Buttons from one brand. The MyStrom Bulbs are cheaper than Hue and for me very important every MyStrom device has his Webserver which allows you to toggle the power state. If you want o extend you Wifi Range, have a look to SengLED Boost Bulb, but wit this it’s not easy to toggle the light with something other than the existing app.

Comparison Smart Button:

MyStorm WiFi Button

  • 25.- CHF

+ Availible in Switzerland – for everyone (soon …)
+ Battery rechargeable
+ Native IFTTT compatible
+ 3 Push Patterns
+ Fast reaction time (< 2sec to toggle a Switch) Amazon IoT Button

  • 19.90$

– Only for Amazon Prime customers
– Battery not replaceable
– Reaction time pretty long
+ IFTTT with an “special setup” possible
+ 3 Push patterns

Hue Tap

  • 69.-
    NOT TESTET!

– need the Brigde
+ No need for battery
+ 3 buttons

Hue Dimmer Switch

  • 29.-
    NOT TESTET!

– need the Brigde (?)

Conclusion: For most “Home-automater” the MyStrom Wifi button will be the best choice, the way to configure an AWS IoT button is an “advanced expierience”. I don’t like that the Amazon IoT Button has a non replaceable/rechargeable battery inside. If you have already a large huge Philips Hue ecosystem maybe the Hue Tap / Dimmer Switch is the best for you.

StoreFront – Allow relogin without browser close

Citrix StoreFront is able to handle Logins with SmartCards, and after a successful SmartCard Login you cannot Logoff and Login again before you close the Browser, you will see this message:

You have logged off successfully. Please close your browser to protect your account. Sie haben sich erfolgreich abgemeldet. Schliessen Sie den Browser, um Ihr Konto zu schützen.

You have logged off successfully. Please close your browser to protect your account.

According the message, this is a feature and not a bug … Not in every case a Re-Login is a security problem as for example if SmartCards are mandatory in general you need to logon also on the VDI or the application with your SmartCard.
Especially as an Admin working with multiple accounts it can be very annoying.

In scope of the CTP program I’ve asked Citrix to improve that and give Citrix admins the possibility to configure this security feature in future versions. Now when StoreFront 3.8 was released I complained that this is still not implemented.

Feng Huang then gave me the hint that this is actually configurable but not yet implemented into the GUI.

All what must be done is to add the line CTXS.allowReloginWithoutBrowserClose = true in the file C:\inetpub\wwwroot\Citrix\YOURSTORE\custom\script.js

THANKS Citrix for Listening to special requests!

Follow me on Twitter