Skip to content

Service Architecture

Langer75 edited this page Mar 16, 2019 · 11 revisions

The service has two external endpoints:

  • A WebApp running on TCP 443/ HTTPS: red.cb-net.co.uk
  • An MQTT server running on TCP 8883: mq-red.cb-net.co.uk

All WebApp traffic passes via Cloud Flare.

(Internal) communication between the WebApp and MQTT server is via TCP 1883. All external communication is encrypted.

Layer Product Description
Database Mongodb users db contains all application data
Database Mongodb sessions db contains all webapp session data
Database Redis Used for rate limiter tracking
Application Mosquitto MQTT With mosquitto-auth-plug
Application Passport Authentication Providing OAuth w/ Amazon for account linking
Application AWS Lambda Function Skill Endpoint
Web NodeJS App Provides web front end/ API endpoints for Lambda Function
Web Node-Red Add-on For acknowledgement of Alexa Commands/ integration into flows
Web Node-Red Add-on For State Updates via Web API to MongoDB
Web NGINX Reverse Proxy for NodeJS Application

Collections under Mongodb users database:

Collection Purpose
accesstokens Contains short-lived (10 mins) OAuth2 access-tokens
accounts Contains all user account information*
alexaauthgrantcodes Grant codes for Alexa Authorization/ Async state updates
alexaauthrefreshtokens Refresh Tokens for Alexa Authorization/ Async state updates
alexaauthaccesstokens Access Tokens for Alexa Authorization/ Async state updates
applications Contains OAuth Service definitions
counters
devices Contains all user devices
grantcodes Contains service-generated OAuth2 grant codes
lostpasswords Contains one-time link-codes for use password resets
refreshtokens Contains service-generated OAuth2 refresh tokens
topics Contains user MQTT topics used with mosquitto-auth-plug

* Username/ email address and salted/ hashed password.

A NodeRed flow MUST be configured in order for Alexa commands to receive acknowledgement, i.e. you will get "Sorry, is not responding."

Docker Containers

MongoDB and Mosquitto container names are critical for deployment to be successful. Containers reside on a user defined docker network which provides DNS resolution via container name.

Container Name Service Ports
mongodb MongoDB Server TCP 27017
mosquitto Mopsquitto Server TCP 1883:1883*, 8883:8883
redis Redis server TCP 6379:6379
nr-alexav3-web Node.JS App TCP 3000:3000
nginx NGINX Proxy TCP 443:443, 80:80

* *Note that 1883 is only available within hosting environment, 8338 is only available via Internet-based devices.

Service Accounts

Three MongoDB accounts are required for this service - these are all created using the scripts/ documentation below, do not create these accounts manually.

WebApp users database account (to create/ read user objects):

  • user home database: users
  • role: readWrite on users db

WebApp sessions database account (to create/ manage web sessions):

  • user home database: sessions
  • role: dbOwner on sessions db

MQTT database account (used with mosquitto-auth-plug for mosquitto/ MQTT access):

  • user home database: admin
  • role: read on users db

Data Flow

Alexa

  • Discovery: Alexa Skill --> Lambda --> Web App --> Lambda --> Alexa Skill
  • Command: Alexa Skill --> Lambda --> Web App (Command API) --> MQTT (Command) --> Node-RED Add-In --> MQTT (Ack) --> Web App (Command API) --> Lambda --> Alexa Skill
  • Set State: Node-RED --> MQTT (State) --> Web App (Set State) --> MongoDB
  • Get State: Alexa Skill --> Lambda --> Web App (State API) --> Lambda

Google Assistant

  • SYNC: Google Home --> Web App --> MongoDB --> Google Home
  • QUERY (get State equiv): Google Home --> Web App --> MongoDB --> Google Home
  • EXEC: Google Home --> Web App --> MQTT (Command) --> Node-RED Add-In --> MQTT (Ack) --> Web App (Command API) --> Google Home
  • Set State: Node-RED --> MQTT (State) --> Web App (Set State) --> MongoDB
Clone this wiki locally