-
-
Notifications
You must be signed in to change notification settings - Fork 8
Service Architecture
The service has two external endpoints:
- A WebApp running on TCP 443/ HTTPS: red.cb-net.co.uk
- An MQTT server running on TCP 8883: mq-red.cb-net.co.uk
All WebApp traffic passes via Cloud Flare.
(Internal) communication between the WebApp and MQTT server is via TCP 1883. All external communication is encrypted.
| Layer | Product | Description |
|---|---|---|
| Database | Mongodb | users db contains all application data |
| Database | Mongodb | sessions db contains all webapp session data |
| Database | Redis | Used for rate limiter tracking |
| Application | Mosquitto MQTT | With mosquitto-auth-plug |
| Application | Passport Authentication | Providing OAuth w/ Amazon for account linking |
| Application | AWS Lambda Function | Skill Endpoint |
| Web | NodeJS App | Provides web front end/ API endpoints for Lambda Function |
| Web | Node-Red Add-on | For acknowledgement of Alexa Commands/ integration into flows |
| Web | Node-Red Add-on | For State Updates via Web API to MongoDB |
| Web | NGINX | Reverse Proxy for NodeJS Application |
Collections under Mongodb users database:
| Collection | Purpose |
|---|---|
| accesstokens | Contains short-lived (10 mins) OAuth2 access-tokens |
| accounts | Contains all user account information* |
| alexaauthgrantcodes | Grant codes for Alexa Authorization/ Async state updates |
| alexaauthrefreshtokens | Refresh Tokens for Alexa Authorization/ Async state updates |
| alexaauthaccesstokens | Access Tokens for Alexa Authorization/ Async state updates |
| applications | Contains OAuth Service definitions |
| counters | |
| devices | Contains all user devices |
| grantcodes | Contains service-generated OAuth2 grant codes |
| lostpasswords | Contains one-time link-codes for use password resets |
| refreshtokens | Contains service-generated OAuth2 refresh tokens |
| topics | Contains user MQTT topics used with mosquitto-auth-plug |
* Username/ email address and salted/ hashed password.
A NodeRed flow MUST be configured in order for Alexa commands to receive acknowledgement, i.e. you will get "Sorry, is not responding."
MongoDB and Mosquitto container names are critical for deployment to be successful. Containers reside on a user defined docker network which provides DNS resolution via container name.
| Container Name | Service | Ports |
|---|---|---|
| mongodb | MongoDB Server | TCP 27017 |
| mosquitto | Mopsquitto Server | TCP 1883:1883*, 8883:8883 |
| redis | Redis server | TCP 6379:6379 |
| nr-alexav3-web | Node.JS App | TCP 3000:3000 |
| nginx | NGINX Proxy | TCP 443:443, 80:80 |
* *Note that 1883 is only available within hosting environment, 8883 is only available via Internet-based devices.
Three MongoDB accounts are required for this service - these are all created using the scripts/ documentation below, do not create these accounts manually.
WebApp users database account (to create/ read user objects):
- user home database: users
- role: readWrite on users db
WebApp sessions database account (to create/ manage web sessions):
- user home database: sessions
- role: dbOwner on sessions db
MQTT database account (used with mosquitto-auth-plug for mosquitto/ MQTT access):
- user home database: admin
- role: read on users db
- Discovery: Alexa Skill --> Lambda --> Web App --> Lambda --> Alexa Skill
- Command: Alexa Skill --> Lambda --> Web App (Command API) --> MQTT (Command) --> Node-RED Add-In --> MQTT (Ack) --> Web App (Command API) --> Lambda --> Alexa Skill
- Set State: Node-RED --> MQTT (State) --> Web App (Set State) --> MongoDB
- Get State: Alexa Skill --> Lambda --> Web App (State API) --> Lambda
- SYNC: Google Home --> Web App --> MongoDB --> Google Home
- QUERY (get State equiv): Google Home --> Web App --> MongoDB --> Google Home
- EXEC: Google Home --> Web App --> MQTT (Command) --> Node-RED Add-In --> MQTT (Ack) --> Web App (Command API) --> Google Home
- Set State: Node-RED --> MQTT (State) --> Web App (Set State) --> MongoDB