From 8870027d75770ae76bfe744b377200eb0b7731bf Mon Sep 17 00:00:00 2001 From: No-Signal Date: Sun, 8 Dec 2024 11:30:10 +0000 Subject: [PATCH 1/3] Moving secrets from USER_SETTINGS to USER_SECRETS.h --- .gitignore | 3 +++ README.md | 3 ++- Software/USER_SECRETS.TEMPLATE.h | 8 ++++++++ Software/USER_SETTINGS.cpp | 21 +++++++++++---------- Software/USER_SETTINGS.h | 1 - Software/src/devboard/mqtt/mqtt.cpp | 1 + 6 files changed, 25 insertions(+), 12 deletions(-) create mode 100644 Software/USER_SECRETS.TEMPLATE.h diff --git a/.gitignore b/.gitignore index f4dd4582..f0e530d2 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,6 @@ compile.bat # Ignore binary files *.bin + +# Ignore secret file +USER_SECRETS.h \ No newline at end of file diff --git a/README.md b/README.md index c2d9630c..d3acd4be 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,8 @@ For more examples showing wiring, see each battery types own Wiki page. For inst 5. The Arduino board should be set to `ESP32 Dev Module` (under `Tools` -> `Board` -> `ESP32 Arduino`) with the following settings: ![alt text](https://github.com/Xinyuan-LilyGO/T-CAN485/blob/main/img/arduino_setting.png) 6. Select which battery type you will use, along with other optional settings. This is done in the `USER_SETTINGS.h` file. -7. Press `Verify` and `Upload` to send the sketch to the board. +7. Copy the `USER_SECRETS.TEMPLATE.h` file to `USER_SECRETS.h` and update relevant secrets. +8. Press `Verify` and `Upload` to send the sketch to the board. NOTE: In some cases, the LilyGo must be powered through the main power connector instead of USB-C when performing the initial firmware upload. NOTE: On Mac, the following USB driver may need to be installed: https://github.com/WCHSoftGroup/ch34xser_macos diff --git a/Software/USER_SECRETS.TEMPLATE.h b/Software/USER_SECRETS.TEMPLATE.h new file mode 100644 index 00000000..eaf5ced1 --- /dev/null +++ b/Software/USER_SECRETS.TEMPLATE.h @@ -0,0 +1,8 @@ +#define WIFI_SSID "REPLACE_WITH_YOUR_SSID" // Maximum of 63 characters +#define WIFI_PASSWORD "REPLACE_WITH_YOUR_PASSWORD" // Minimum of 8 characters +#define AP_PASSWORD "123456789" // Minimum of 8 characters; set to blank if you want the access point to be open +#define HTTP_USERNAME "admin" // username to webserver authentication; +#define HTTP_PASSWORD "admin" // password to webserver authentication; +#define MQTT_SERVER "192.168.xxx.yyy" // mqtt server address +#define MQTT_USER NULL // mqtt username, leave blank for no authentication +#define MQTT_PASSWORD NULL // mqtt password, leave blank for no authentication diff --git a/Software/USER_SETTINGS.cpp b/Software/USER_SETTINGS.cpp index 7c2309b4..7c406893 100644 --- a/Software/USER_SETTINGS.cpp +++ b/Software/USER_SETTINGS.cpp @@ -1,5 +1,6 @@ #include "USER_SETTINGS.h" #include +#include "USER_SECRETS.h" #include "src/devboard/hal/hal.h" /* This file contains all the battery settings and limits */ @@ -21,12 +22,12 @@ volatile CAN_Configuration can_config = { #ifdef WIFI -volatile uint8_t AccessPointEnabled = true; //Set to either true/false to enable direct wifi access point -std::string ssid = "REPLACE_WITH_YOUR_SSID"; // Maximum of 63 characters -std::string password = "REPLACE_WITH_YOUR_PASSWORD"; // Minimum of 8 characters -const char* ssidAP = "Battery Emulator"; // Maximum of 63 characters, also used for device name on web interface -const char* passwordAP = "123456789"; // Minimum of 8 characters; set to NULL if you want the access point to be open -const uint8_t wifi_channel = 0; // Set to 0 for automatic channel selection +volatile uint8_t AccessPointEnabled = true; //Set to either true/false to enable direct wifi access point +std::string ssid = WIFI_SSID; // Set in USER_SECRETS.h +std::string password = WIFI_PASSWORD; // Set in USER_SECRETS.h +const char* ssidAP = "Battery Emulator"; // Maximum of 63 characters, also used for device name on web interface +const char* passwordAP = AP_PASSWORD; // Set in USER_SECRETS.h +const uint8_t wifi_channel = 0; // Set to 0 for automatic channel selection #ifdef WIFICONFIG // Set your Static IP address @@ -37,14 +38,14 @@ IPAddress gateway(192, 168, 10, 1); IPAddress subnet(255, 255, 255, 0); #endif #ifdef WEBSERVER -const char* http_username = "admin"; // username to webserver authentication; -const char* http_password = "admin"; // password to webserver authentication; +const char* http_username = HTTP_USERNAME; // Set in USER_SECRETS.h +const char* http_password = HTTP_PASSWORD; // Set in USER_SECRETS.h #endif // WEBSERVER // MQTT #ifdef MQTT -const char* mqtt_user = "REDACTED"; // Set NULL for no username -const char* mqtt_password = "REDACTED"; // Set NULL for no password +const char* mqtt_user = MQTT_USER; // Set in USER_SECRETS.h +const char* mqtt_password = MQTT_PASSWORD; // Set in USER_SECRETS.h #ifdef MQTT_MANUAL_TOPIC_OBJECT_NAME const char* mqtt_topic_name = "BE"; // Custom MQTT topic name. Previously, the name was automatically set to "battery-emulator_esp32-XXXXXX" diff --git a/Software/USER_SETTINGS.h b/Software/USER_SETTINGS.h index d31582dd..823d46a0 100644 --- a/Software/USER_SETTINGS.h +++ b/Software/USER_SETTINGS.h @@ -92,7 +92,6 @@ /* MQTT options */ // #define MQTT // Enable this line to enable MQTT -#define MQTT_SERVER "192.168.xxx.yyy" #define MQTT_PORT 1883 #define MQTT_MANUAL_TOPIC_OBJECT_NAME // Enable this to use custom MQTT topic, object ID prefix, and device name. \ // WARNING: If this is not defined, the previous default naming format \ diff --git a/Software/src/devboard/mqtt/mqtt.cpp b/Software/src/devboard/mqtt/mqtt.cpp index 95f5444a..0779711c 100644 --- a/Software/src/devboard/mqtt/mqtt.cpp +++ b/Software/src/devboard/mqtt/mqtt.cpp @@ -2,6 +2,7 @@ #include #include #include +#include "../../../USER_SECRETS.h" #include "../../../USER_SETTINGS.h" #include "../../battery/BATTERIES.h" #include "../../datalayer/datalayer.h" From 4f53a3b358990046e9232000017d02c9dcca672f Mon Sep 17 00:00:00 2001 From: No-Signal Date: Sat, 21 Dec 2024 10:48:39 +0000 Subject: [PATCH 2/3] Updating github workflows to copy template secrets file --- .github/workflows/compile-all-batteries.yml | 4 ++++ .../compile-all-combinations-part1-batteries-A-to-M.yml | 4 ++++ .../compile-all-combinations-part2-batteries-N-to-Z.yml | 4 ++++ .github/workflows/compile-all-inverters.yml | 4 ++++ 4 files changed, 16 insertions(+) diff --git a/.github/workflows/compile-all-batteries.yml b/.github/workflows/compile-all-batteries.yml index 3e04e5d4..80466e52 100644 --- a/.github/workflows/compile-all-batteries.yml +++ b/.github/workflows/compile-all-batteries.yml @@ -86,6 +86,10 @@ jobs: # First we clone the repo using the `checkout` action. - name: Checkout uses: actions/checkout@v4 + + # Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + - name: Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + run: cp ./Software/USER_SECRETS.TEMPLATE.h ./Software/USER_SECRETS.h # We use the `arduino/setup-arduino-cli` action to install and # configure the Arduino CLI on the system. diff --git a/.github/workflows/compile-all-combinations-part1-batteries-A-to-M.yml b/.github/workflows/compile-all-combinations-part1-batteries-A-to-M.yml index 3fc07734..f9eda5bf 100644 --- a/.github/workflows/compile-all-combinations-part1-batteries-A-to-M.yml +++ b/.github/workflows/compile-all-combinations-part1-batteries-A-to-M.yml @@ -92,6 +92,10 @@ jobs: # First we clone the repo using the `checkout` action. - name: Checkout uses: actions/checkout@v4 + + # Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + - name: Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + run: cp ./Software/USER_SECRETS.TEMPLATE.h ./Software/USER_SECRETS.h # We use the `arduino/setup-arduino-cli` action to install and # configure the Arduino CLI on the system. diff --git a/.github/workflows/compile-all-combinations-part2-batteries-N-to-Z.yml b/.github/workflows/compile-all-combinations-part2-batteries-N-to-Z.yml index 668f6db3..8c77e237 100644 --- a/.github/workflows/compile-all-combinations-part2-batteries-N-to-Z.yml +++ b/.github/workflows/compile-all-combinations-part2-batteries-N-to-Z.yml @@ -93,6 +93,10 @@ jobs: # First we clone the repo using the `checkout` action. - name: Checkout uses: actions/checkout@v4 + + # Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + - name: Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + run: cp ./Software/USER_SECRETS.TEMPLATE.h ./Software/USER_SECRETS.h # We use the `arduino/setup-arduino-cli` action to install and # configure the Arduino CLI on the system. diff --git a/.github/workflows/compile-all-inverters.yml b/.github/workflows/compile-all-inverters.yml index 6723c803..b1f2afa1 100644 --- a/.github/workflows/compile-all-inverters.yml +++ b/.github/workflows/compile-all-inverters.yml @@ -78,6 +78,10 @@ jobs: # First we clone the repo using the `checkout` action. - name: Checkout uses: actions/checkout@v4 + + # Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + - name: Copy USER_SECRETS.TEMPLATE.h to USER_SECRETS.h + run: cp ./Software/USER_SECRETS.TEMPLATE.h ./Software/USER_SECRETS.h # We use the `arduino/setup-arduino-cli` action to install and # configure the Arduino CLI on the system. From b4474e504d38d65f2fc01affcf8599b1cbab0799 Mon Sep 17 00:00:00 2001 From: No-Signal Date: Sun, 22 Dec 2024 10:46:54 +0000 Subject: [PATCH 3/3] Moving additional sensitive settings to USER_SECRETS.h --- Software/USER_SECRETS.TEMPLATE.h | 11 ++++++++--- Software/USER_SETTINGS.h | 3 --- Software/src/devboard/webserver/webserver.cpp | 1 + 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/Software/USER_SECRETS.TEMPLATE.h b/Software/USER_SECRETS.TEMPLATE.h index eaf5ced1..1d1b0569 100644 --- a/Software/USER_SECRETS.TEMPLATE.h +++ b/Software/USER_SECRETS.TEMPLATE.h @@ -1,8 +1,13 @@ #define WIFI_SSID "REPLACE_WITH_YOUR_SSID" // Maximum of 63 characters #define WIFI_PASSWORD "REPLACE_WITH_YOUR_PASSWORD" // Minimum of 8 characters -#define AP_PASSWORD "123456789" // Minimum of 8 characters; set to blank if you want the access point to be open -#define HTTP_USERNAME "admin" // username to webserver authentication; -#define HTTP_PASSWORD "admin" // password to webserver authentication; +#define AP_PASSWORD "123456789" // Minimum of 8 characters; set to blank if you want the access point to be open + +#define WEBSERVER_AUTH_REQUIRED \ + false //Set this line to true to activate webserver authentication (this line must not be commented). +#define HTTP_USERNAME "admin" // username to webserver authentication; +#define HTTP_PASSWORD "admin" // password to webserver authentication; + #define MQTT_SERVER "192.168.xxx.yyy" // mqtt server address +#define MQTT_PORT 1883 // mqtt server port #define MQTT_USER NULL // mqtt username, leave blank for no authentication #define MQTT_PASSWORD NULL // mqtt password, leave blank for no authentication diff --git a/Software/USER_SETTINGS.h b/Software/USER_SETTINGS.h index 823d46a0..73e475c9 100644 --- a/Software/USER_SETTINGS.h +++ b/Software/USER_SETTINGS.h @@ -82,8 +82,6 @@ #define WIFI //#define WIFICONFIG //Enable this line to set a static IP address / gateway /subnet mask for the device. see USER_SETTINGS.cpp for the settings #define WEBSERVER //Enable this line to enable WiFi, and to run the webserver. See USER_SETTINGS.cpp for the Wifi settings. -#define WEBSERVER_AUTH_REQUIRED \ - false //Set this line to true to activate webserver authentication (this line must not be commented). Refer to USER_SETTINGS.cpp for setting the credentials. #define WIFIAP //Disable this line to permanently disable WIFI AP mode (make sure to hardcode ssid and password of you home wifi network). When enabled WIFI AP can still be disabled by a setting in the future. #define MDNSRESPONDER //Enable this line to enable MDNS, allows battery monitor te be found by .local address. Requires WEBSERVER to be enabled. #define LOAD_SAVED_SETTINGS_ON_BOOT //Enable this line to read settings stored via the webserver on boot (overrides Wifi/battery settings set below) @@ -92,7 +90,6 @@ /* MQTT options */ // #define MQTT // Enable this line to enable MQTT -#define MQTT_PORT 1883 #define MQTT_MANUAL_TOPIC_OBJECT_NAME // Enable this to use custom MQTT topic, object ID prefix, and device name. \ // WARNING: If this is not defined, the previous default naming format \ // 'battery-emulator_esp32-XXXXXX' (based on hardware ID) will be used. \ diff --git a/Software/src/devboard/webserver/webserver.cpp b/Software/src/devboard/webserver/webserver.cpp index 5468c704..d5f3a3b2 100644 --- a/Software/src/devboard/webserver/webserver.cpp +++ b/Software/src/devboard/webserver/webserver.cpp @@ -1,6 +1,7 @@ #include "webserver.h" #include #include +#include "../../../USER_SECRETS.h" #include "../../datalayer/datalayer.h" #include "../../datalayer/datalayer_extended.h" #include "../../lib/bblanchon-ArduinoJson/ArduinoJson.h"