Octanis Racks


nightly reboot 0 4 * * * /sbin/shutdown -r +5


sudo apt-get install wiringpi gpio -g mode 21 out gpio -g write 21 1

use this! https://github.com/Unitech/pm2

Software & Services

scripts run as user rack@discovery



0. create IAM user for AWS IOT and note access key and secret. have the root CA for AWS ready. 1. sudo apt-get install pip 2. sudo pip install awscli 3. aws configure 4. nano /home/pi/.aws/rootca.cert → paste root CA here

5. pip install AWSIoTPythonSDK 6. /home/pi$ git clone rack-service 7. change IAM username in rack-service script

IAM credentials

For the Websocket with Signature Version 4 authentication type. You will need IAM credentials: an access key ID, a secret access key, and an optional session token. You must also download the AWS IoT root CA. You can specify the IAM credentails by:

Passing method parameters

The SDK will first call the following method to check if there is any input for a custom IAM credentials configuration:

# AWS IoT MQTT Client AWSIoTPythonSDK.MQTTLib.AWSIoTMQTTClient.configureIAMCredentials(obtainedAccessKeyID, obtainedSecretAccessKey, obtainedSessionToken) # AWS IoT MQTT Shadow Client AWSIoTPythonSDK.MQTTLib.AWSIoTMQTTShadowClient.configureIAMCredentials(obtainedAccessKeyID, obtainedSecretAccessKey, obtainedSessionToken) Note: We do not recommend hard-coding credentials in a custom script. You can use Amazon Cognito Identity or another credential provider.

Exporting environment variables

If there is no custom configuration through method calls, the SDK will then check these environment variables for credentials:


The access key for your AWS account.


The secret key for your AWS account.


The session key for your AWS account. This is required only when you are using temporary credentials. For more information, see here.

You can set your IAM credentials as environment variables by using the preconfigured names. For Unix systems, you can do the following:

export AWS_ACCESS_KEY_ID=<your aws access key id string> export AWS_SECRET_ACCESS_KEY=<your aws secret access key string> export AWS_SESSION_TOKEN=<your aws session token string> For Windows, open Control Panel and choose System. In Advanced system settings choose Environment Variables and then configure the required environment variables.

Configuring shared credentials file

If there are no such environment variables specified, the SDK will check the default section for a shared credentials file (in Unix, ~/.aws/credentials and in Windows, %UserProfile%\.aws\credentials) as follows:

[default] aws_access_key_id=foo aws_secret_access_key=bar aws_session_token=baz You can use the AWS CLI to configure the shared credentials file <http://aws.amazon.com/cli/>`__:

aws configure

Rack Shadow Document
    "state" : {
        "desired" : {
          "rgb_led": "green", 
          "power_switch0" : "on",
          "power_switch1" : "on",
          "power_switch2" : "on",
          "power_switch3" : "on",                    
          "rack_compartment0" : "open",
          "rack_compartment1" : "open"
        "reported" : {
          "rgb_led": "red", 
          "power_switch0" : "off",
          "power_switch1" : "off",
          "power_switch2" : "off",
          "power_switch3" : "off",   
          "power_switch4" : "off",   
          "power_switch5" : "off",   
          "power_switch6" : "off",                    
          "rack_compartment0" : "closed",
          "rack_compartment1" : "closed",
          "rack_compartment2" : "closed",
          "rack_compartment3" : "closed",
          "rack_compartment4" : "closed",
          "rack_compartment5" : "closed",
          "rack_compartment6" : "closed",
          "rack_compartment7" : "closed"

Sequence Diagrams

Title: Octanis Rack Activity Booking Flow participant Rack Raspberry Pi as R participant AWS IoT MQTT as M participant Browser App as B participant Pathfinder API as A Note left of R: START OF BOOKING Note over B: browser loads app B->A: get: activities for rackName Note over A: query LDAP A->B: response: activities B->A: get: activity slots Note over A: query Google Calendar A->B: response: all activity slots Note over B: activity slots updated Note over B: activity slots not selectable Note over R: present canelacard R->M: push: canelacard_id M->B: push: canelacard_id B->A: post: canelacard_id Note over A: query LDAP for canelacard_id Note over A: start Session for canelacard_id A->B: response: access document Note over B: parse access document Note over B: activity slots selectable Note over B: user selects activities Note over B: user commits booking B->A: post: book activity slots Note over A: update Google Calendar A->B: response: booking ok Note left of R: END OF BOOKING Note left of R: START OF ACTIVITY A-->A: cron \n or \n after canelacard auth Note over A: query Google Calendar \n for current activities Note over A: query Session existence \n for canelacard_id Note over A: if Session exists and activity ongoing:\n translate booked activities \n to desired compartments Note over A: prepare Shadow document A-->M: push: update Shadow document to desired state M-->R: push: desired state Note over R: open compartments R-->M: push: report state Note over B: user logout B-->A: post: logout Note over A: destroy Session A-->B: response: logged out A-->M: push: logout Note left of R: END OF ACTIVITY