These are chat archives for nightscout/intend-to-bolus

13th
Feb 2016
Ben West
@bewest
Feb 13 2016 01:25
towards gui...
blob
dougtakeuti
@dougtakeuti
Feb 13 2016 02:05
What app do you guys use for alarms? I used to use nightwatch but that crashed once I deployed dev to my NS site .
LadyViktoria
@LadyViktoria
Feb 13 2016 02:13
use xdrip. at the moment no one works on nightwatch :/
Jason Calabrese
@jasoncalabrese
Feb 13 2016 03:29
wow, ssl cert for my prod site expired, had been putting off getting a new one
got a cert from letsencrypt was done in 15m
Scott Leibrand
@scottleibrand
Feb 13 2016 03:48
:-)
Eric
@ecc1
Feb 13 2016 05:20
@jasoncalabrese Can you point me to a quick howto? I need to do that for my NS site on Google Cloud.
Eric
@ecc1
Feb 13 2016 05:39
Thanks, I'll try that tomorrow. Anything special needed to make NS use SSL?
Jason Calabrese
@jasoncalabrese
Feb 13 2016 15:16
I have it running behind nginx, there is some sort for NS doing ssl directly, but I never tried it
KJSATSTORR
@KJSATSTORR
Feb 13 2016 15:37
Any preference with Intel Edison or raspberry guys?
Dana Lewis
@danamlewis
Feb 13 2016 15:43
Not a guy ;) but depends on whether you want a) a setup that's well documented (raspberry) or b) small size (Edison, but not as well documented yet)
If you don't care about docs and are asking usability wise, I'm very happy with my Edison setups
Oskar Pearson
@oskarpearson
Feb 13 2016 16:02
+1 for letsencrypt. Just remember to create a cron job that'll renew the certificates, as they only issue 90 day certs
Jason Calabrese
@jasoncalabrese
Feb 13 2016 16:04
Yeah, that's the part I still need to do, but looks easy
Milos Kozak
@MilosKozak
Feb 13 2016 16:14
startssl.com offers trusted 1 year certs
for free
Jason Calabrese
@jasoncalabrese
Feb 13 2016 16:15
I used that last year, was a pain, letsencrypt with the cron seem much better
Milos Kozak
@MilosKozak
Feb 13 2016 16:16
i'm using them elsewhere without any issues
Scott Leibrand
@scottleibrand
Feb 13 2016 16:24
For work I found sslmate.com easier to automate than LetsEncrypt, and it supports wildcard certs. Not free though.
Still need to move my personal stuff off my self signed cert though.
Jason Calabrese
@jasoncalabrese
Feb 13 2016 16:27
I had everything stop when the old cert expired, that's what I get for ignoring email
Matthias
@ceben80
Feb 13 2016 16:41
My first approach. Now I will gain experience in different situations, crontab jobs still need to be created, but actually I am quite satisfied now.
a.JPG
Dana Lewis
@danamlewis
Feb 13 2016 16:42
:)
Matthias
@ceben80
Feb 13 2016 17:14
@all A question regarding the monitoring. Is it possible to monitor the APS values on a SmartWatch or does this only work with a Pebble?
Jason Calabrese
@jasoncalabrese
Feb 13 2016 17:19
Looks like your pump battery might be low, is it a lithium or normal AAA
Matthias
@ceben80
Feb 13 2016 17:21
indeed, a normal AAA - will replace it :+1:
Jason Calabrese
@jasoncalabrese
Feb 13 2016 17:21
There isn't a good way to monitor it all on a watch yet, need to expose all the plugin data still
The default battery settings are for lithium batteries since they drop off really fast at the end, but last much longer
With alkaline that voltage might be fine
The alkaline batteries don't last long when looping
Eric
@ecc1
Feb 13 2016 17:23
I'm still a SSL newb; anyone doing it directly with nodejs (i.e. Nightscout) rather than behind something else?
There seem to be a bunch of howto's for doing it with Express, but they seem to require a small amount of additional code not currently in app.js ...
Matthias
@ceben80
Feb 13 2016 17:29
Unfortunately, I have no lithium at the moment, but will purchase them.....
After replacment with a new one...
a.JPG
How long will a AAA lithium battery last?
Jason Calabrese
@jasoncalabrese
Feb 13 2016 17:34
There are some ssl env vars in the readme, but I've always had nginx in front of NS
I think the normal batteries last about 3 days, lithium more than a week
Oskar Pearson
@oskarpearson
Feb 13 2016 17:35
@ecc1 If you can get nodejs to serve the contents of a directory ('http://yoursite/.well-known/acme-challenge/*') then you can use the 'webroot' version of letsencrypt
Alternatively, you could put nginx in front of nodejs and have it proxy everything other than acme-challenge to the nodejs app
Jason Calabrese
@jasoncalabrese
Feb 13 2016 17:38
That's what I plan to do, but first need to take the holiday lights down since the HOA sent me a warning. Don't they know I'm busy with more important things.. They've only been up a couple months too long
Oskar Pearson
@oskarpearson
Feb 13 2016 17:38
@ecc1 - nginx config would look something like this:
server {
  listen 80 default;
  server_name SOMETHING;

  # Allow connections from the LetsEncrypt system go directly to the filesystem,
  # not via the proxy, but redirect everything else straight to SSL
  location /.well-known/ {
    root /usr/share/nginx/html/;
  }
  location / {
    return 301 https://SOMETHING$request_uri;
  }
}

server {
  listen 443 default ssl;
  server_name SOMETHING;

  ssl_certificate /etc/letsencrypt/live/SOMETHING/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/SOMETHING/privkey.pem;
  ssl_session_cache shared:SSL:10m;
  ssl_session_timeout 10m;
  ssl_prefer_server_ciphers on;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4;
  ssl_ecdh_curve secp384r1;


  # Allow connections from the LetsEncrypt system go directly to the filesystem,
  # but send everything else to the dest
# Not 100% sure this is necessary..
  location /.well-known/ {
    root /usr/share/nginx/html/;
  }

  # Proxy everything else to the nodejs port
  location / {
    proxy_pass http://127.0.0.1:SOMETHING;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Scheme $scheme;
    proxy_connect_timeout 1;
    proxy_send_timeout 30;
    proxy_read_timeout 30;
  }

  access_log /var/log/nginx/SOMETHING-access.log;
  error_log /var/log/nginx/SOMETHING-error.log;

}
Alternatively https://github.com/Daplie/node-letsencrypt looks relevant
Eric
@ecc1
Feb 13 2016 17:49
@jasoncalabrese I'm sure you could get your holiday lights to blink current glucose in Morse, so you could get a medical exemption and leave them up :-)
Jason Calabrese
@jasoncalabrese
Feb 13 2016 18:15
if I could only turn them into a giant antenna to control the pump
but they're back in the garage, going to get the cron setup now
Jason Calabrese
@jasoncalabrese
Feb 13 2016 18:38
all set and got certs on my dev sites too
KJSATSTORR
@KJSATSTORR
Feb 13 2016 21:00
Which is better Intel Edison or raspberry pi ?
LadyViktoria
@LadyViktoria
Feb 13 2016 21:32
to start with the project and if you have did not have any experinces in linux i would recommend the rpi. if you want to minimize your system then the edison is better, but its more difficult and more things to learn
Dana Lewis
@danamlewis
Feb 13 2016 22:09
@KJSATSTORR Scroll up a bit, I answered that q as well this am
@ceben80 Lithium lasts 7-8 days for me. (Compared to normal batteries were 2-3 days)
Re: watch queetu
Matthias
@ceben80
Feb 13 2016 22:11
Then I'm gonna buy at least 100 batteries :smile:
Dana Lewis
@danamlewis
Feb 13 2016 22:11
Re: watch question, you could probably make it work on just about anything, but you'd have to build an app or find an app like Pebble Cards where it's easy to pull a json file in and just display data
@ceben80 Yep. Buy away :)
This is really awesome: web display of what the loop is doing, where phone is offline but hotspotted in to Edison/RileyLink loop :) https://twitter.com/danamlewis/status/698626536807731200 cc @scottleibrand for working some network magic.
^that is from on the plane, which means it'll work for cruise and all other offline situations we find ourselves in :)
Matthias
@ceben80
Feb 13 2016 22:14
@danamlewis One has to be careful with the battery cover due to often battery removal
Scott Leibrand
@scottleibrand
Feb 13 2016 22:16
Yeah, don't over-tighten. Thumbnail-tight only.
Matthias
@ceben80
Feb 13 2016 22:16
jupp