Skip to content

Service Architecture

coldfire84 edited this page Dec 2, 2018 · 11 revisions

Service Architecture

The service has two external endpoints:

  • A WebApp running on TCP 443/ HTTPS: nr-alexav3.cb-net.co.uk
  • An MQTT server running on TCP 8883: mq-alexav3.cb-net.co.uk

All WebApp traffic passes via Cloud Flare.

(Internal) communication between the WebApp and MQTT server is via TCP 1883. All external communication is encrypted.

Layer Product Description
Database Mongodb users db contains all application data
Database Mongodb sessions db contains all webapp session data
Application Mosquitto MQTT With mosquitto-auth-plug
Application Passport Authentication Providing OAuth w/ Amazon for account linking
Application AWS Lambda Function Skill Endpoint
Web NodeJS App Provides web front end/ API endpoints for Lambda Function
Web Node-Red Add-on For acknowledgement of Alexa Commands/ integration into flows
Web NGINX Reverse Proxy for NodeJS Application

Collections under Mongodb users database:

Collection Purpose
accesstokens
accounts Contains all user account information*
applications Contains OAuth Service definitions
counters
devices Contains all user devices
grantcodes
lostpasswords
refreshtokens
topics Contains user MQTT topics used with mosquitto-auth-plug

* Username/ email address and salted/ hashed password.

A NodeRed flow MUST be configured in order for Alexa commands to receive acknowledgement, i.e. you will get "Sorry, is not responding."

Docker Containers

MongoDB and Mosquitto container names are critical for deployment to be successful. Containers reside on a user defined docker network which provides DNS resolution via container name.

Container Name Service Ports
mongodb MongoDB Server TCP 27017
mosquitto Mopsquitto Server TCP 1883:1883*, 8338:8338
nr-alexav3-web Node.JS App TCP 3000:3000
nginx NGINX Proxy TCP 443:443, 80:80

* *Note that 1883 is only available within hosting environment, 8338 is only available via Internet-based devices.

Service Accounts

Three MongoDB accounts are required for this service - these are all created using the scripts/ documentation below, do not create these accounts manually.

WebApp users database account (to create/ read user objects):

  • user home database: users
  • role: readWrite on users db

WebApp sessions database account (to create/ manage web sessions):

  • user home database: sessions
  • role: dbOwner on sessions db

MQTT database account (used with mosquitto-auth-plug for mosquitto/ MQTT access):

  • user home database: admin
  • role: read on users db

Data Flow

  • Discovery: Alexa Skill --> Lambda --> Web App --> Lambda --> Alexa Skill
  • Command: Alexa Skill --> Lambda --> Web App (Command API) --> MQTT (Command) --> Node-RED Add-In --> MQTT (Ack) --> Web App (Command API) --> Lambda --> Alexa Skill
  • Set State: Node-RED --> MQTT (State) --> Web App (Set State) --> MongoDB
  • Get State: Alexa Skill --> Lambda --> Web App (State API) --> Lambda
Clone this wiki locally