Home

TrickleStar [z-wave] Dashboard Widget Hacking

First things first, if you're curious exactly how or why I know this, well it's because I contacted TrickleStar and they sent me this pdf(A link to download is below as well) that explains how their dashboard widget works. Unfortunately after some trial and error it became abundantly clear that simply posting JSON data in the manner they discuss, and in the same manner the widget does (using ajax javascript posts) was not going to work. That is because the pyzwave app/server binds itself to the loopback (127.0.0.1/localhost), and does not respond to data posted by data loaded/posted from other sites. Which to be honest is more of a browser security issue, rather than an issue with the widget/app itself. So I can't really fault TrickleStar on that one. You may also be able to avoid modifying the widget/app if you use php and curl to post data, which I discuss on the web app writeup

Dashboard widgets, at least this one, are nothing more than websites in an app. It helps to understand that to explain how/why this works. TrickleStar made a python service that runs as a web server that listens for changes on the z-wave network as well as messages about sending messages to devices.

Side note: Since I didn't write the code for the dashboard widget, and I have no permission to redistribute the code in any manner, I am doing a "teach you how to fish" approach on this. I could easily just modify the TrickleStar widget and provide it as a download on my website, but that's too easy. This requires some work.

What you need:

  • TrickleStar USB Stick
  • A mac
  • A z-wave device, like a lamp module (I purchased this one, which is less than $20)
  • Install the driver for the USB Stick, and the dashboard widget, which can be downloaded from TrickleStar's website

What you need to do to "hack" the dashboard widget"

  1. Setup a 'z-wave server' with a reserved or static IP address in your DHCP server/router, doing this will allow you to bind the pyzwave server to the IP of your 'z-wave server'. By 'z-wave server' I just mean a computer(a mac) that is always on and will have the TrickleStar USB Stick connected to it 24/7, it will also be the server you connect to remotely to control your z-wave devices.
  2. Shutdown the pyzwave service by executing this command in terminal:

    launchctl unload ~/Library/LaunchAgents/com.tricklestar.pyzwave.plist
  3. Next modify the plist file you just unloaded (open this file with a text editor: ~/Library/LaunchAgents/com.tricklestar.pyzwave.plist) from launchd, by adding a line in-between the array keys, after this line:

    <string>-l</string>

    add this (replace the IP address with the IP of your 'z-wave server':

    <string>-b 192.168.1.xxx</string>

    This will basically include a flag when pyzwave starts to bind it to the IP address of your 'z-wave server'.
  4. If you press F12 to view the dashboard widget, you might notice even if you have your USB stick connected previously and working, it's no longer working, and that's because the widget is pointing to a service that is no longer available because it's binding to the IP and not the loopback (localhost/127.0.0.1). Well we don't want to disable the use of the widget, so we need to get that working again.
  5. In the file ~/Library/Widgets/TrickleStar.wdgt/zwserver.js you need to replace instances of 127.0.0.1 with the IP of your server. There should be 2 places in that file where you need to modify that.
  6. The widget may now work after you do a "sudo killall Dock" in terminal, but we still can't access it remotely since that would mean we'd have to host the HTML and javascript on the same server/port as the pyzwave service runs (which btw is port 4344). This means we need to modify the pyzwave python script so it allows external JSON posts to it.
  7. Open this file: ~/Library/Widgets/TrickleStar.wdgt/pyzwave/zwserver.py
  8. Above this line of code (it occurs twice and you need to add it to both):

    self.end_headers()

    Add this:

    self.send_header('Access-Control-Allow-Origin', '*')

    Doing this will allow any IP/server to POST data to the pyzwave service, including the dashboard widget frontend.
  9. Now we need to reload the plist file to start up the pyzwave service with it binded to your servers IP address, in terminal execute this command

    launchctl load ~/Library/LaunchAgents/com.tricklestar.pyzwave.plist
  10. Now we can copy the widget to another computer, and it will work as well, except you also need to copy the preferences file located here: ~/Library/Preferences/com.tricklestar.pyzwave.pref
    (I suggest adding all of the devices you want to, to the 'server' and then copying the preferences file over since it contains a preference for the name of the devices connected and what devices are already "paired", as far as I understand. If you plan on making changes often, you could write a cron job to download the plist file to your remotely connecting machine, but I didn't find this necessary)

Now what?

Well now you have a widget that can remotely be connected to via any modified TrickleStar dashboard widget, and also any web app running on any server. Next if you want to remotely control your devices using a web browser, like for instance on your iPhone, you'll have to build or implement a web app, which I will discuss here

AttachmentSize
TrickleStar Miniserver API Docs v250.pdf148.86 KB

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image. Ignore spaces and be careful about upper and lower case.