From dd575135ae1fa7c5c4a62c0e0e36c4c38b38335c Mon Sep 17 00:00:00 2001 From: gsinghpal Date: Mon, 20 Apr 2026 16:03:11 -0400 Subject: [PATCH] fix(fusion_iot): point poller at public URL so Pi is site-portable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pi is at our office today but moves to the client's shop in the next few days. The client accesses Odoo at https://erp.enplating.ca (not a LAN/Tailscale path — it's the same HTTPS URL any browser uses). By pointing the poller at the public URL instead of the internal 10.200.1.26 LAN IP, the Pi works IDENTICALLY wherever it's plugged in — no reconfiguration when it physically relocates. - Updated poller's docstring + example config to use https://erp.enplating.ca - Updated fusion_iot/CLAUDE.md with the portable-deployment notes and the failed-Tailscale-on-entech side-story (LXC can't create tun, apt state broken from a pre-existing python3-lxml-html-clean conflict — skipped because public URL is simpler anyway). Verified live: poller restarted against https://erp.enplating.ca, HTTP 200, TLS valid, 121ms RTT, two consecutive readings accepted (46.25°C, 45.94°C — probe still cooling from the out-of-spec test). Co-Authored-By: Claude Opus 4.7 (1M context) --- fusion_iot/CLAUDE.md | 19 +++++++++++++++++-- fusion_iot/pi/fp_iot_poller.py | 7 ++++++- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/fusion_iot/CLAUDE.md b/fusion_iot/CLAUDE.md index 129d8372..b5defdc9 100644 --- a/fusion_iot/CLAUDE.md +++ b/fusion_iot/CLAUDE.md @@ -38,12 +38,27 @@ fusion_iot/ **Tailscale auth**: pre-authed to the `gurpreet6672@` tailnet. Survives reboots (`tailscaled` enabled). -### entech LXC (Odoo server) +### entech LXC (Odoo server, hosted on our Proxmox — client's ERP runs here) - `iot_base` + `iot` + `fusion_plating_iot` all installed -- Ingest endpoint: `POST http://10.200.1.26:8069/fp/iot/ingest` +- Ingest endpoint (public): `POST https://erp.enplating.ca/fp/iot/ingest` - Token lives in `ir.config_parameter['fusion_plating_iot.ingest_token']` — rotated via `scripts/fp_iot_setup_live_sensor.py` at setup time; rotate again in Settings → Technical → System Parameters as needed +**Why the public URL (not the LAN IP)**: the Pi needs to work at any +customer site, not just our office. Using the same URL the customer +types into a browser means zero reconfig when the Pi physically +moves between sites. `10.200.1.26:8069` would only work when the Pi +is on our internal network. + +**Tailscale on entech**: attempted in LXC 111 but the unprivileged +container can't create a tun device and iptables isn't installable +(apt state is broken from an unrelated python3-lxml-html-clean conflict). +Userspace-networking mode also failed to start cleanly. Skipped — the +public HTTPS URL is strictly simpler anyway. If future ops need +internal Tailscale reach on entech, either (a) switch to a privileged +LXC with tun support, (b) run tailscaled on the host pve-worker5 and +reverse-proxy, or (c) fix the apt state first. + ## Repackaging notes — `iot_base` + `iot` Both copied as-is from `/Users/gurpreet/Github/RePackaged-Odoo/_dependencies/` diff --git a/fusion_iot/pi/fp_iot_poller.py b/fusion_iot/pi/fp_iot_poller.py index 6a9cd45d..6b070e0d 100644 --- a/fusion_iot/pi/fp_iot_poller.py +++ b/fusion_iot/pi/fp_iot_poller.py @@ -6,9 +6,14 @@ and POSTs each reading to the configured Odoo instance. Runs forever under systemd; reads a config file at /etc/fp-iot/poller.conf. Config file format: - ODOO_URL=http://10.200.1.26:8069 + ODOO_URL=https://erp.enplating.ca INGEST_TOKEN=fp-iot-XXXXXXXXXXXXX INTERVAL_SECONDS=30 + +Use the customer-facing public URL (whatever their browser uses to +log into Odoo) — not an internal LAN IP. This way the Pi is site- +portable: same image/config works at office, client, or anywhere +with internet. """ import glob import json