90f121e14c
SHT30 온습도 모니터링 시스템 전체 소스(서버 PHP, STM32 펌웨어, SQL, 테스트). 전체 코드리뷰에서 도출된 보안 하드닝 10건 반영: - 요청 서명 HMAC-SHA256 전환(펌웨어 sig.c/서버 config.php/호스트 패리티 동시) - 재전송 방어 + 기본 API_KEY fail-closed + 디바이스 문자열 정제(api/sensor_data.php) - 오프라인 SMS 중복 발송 경합 제거(cron_heartbeat.php, 원자적 선점) - CSV 수식 주입 방지(monthly_report.php), 감사로그 회전 락(retention_cleanup.php) - 브루트포스 카운터 원자화(login.php), 예시 TOTP 비밀키 무효화, 마이그레이션 멱등화 _backup/(하드코딩 실 비밀값 포함)·config.local.php·런타임 상태는 .gitignore 제외.
3.2 KiB
| title | date | category | module | problem_type | component | severity | applies_when | tags | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Sensor telemetry extensions should keep status and measurements separate | 2026-05-21 | docs/solutions/best-practices | raspberry_pi/php sensor telemetry | best_practice | database | medium |
|
|
Sensor telemetry extensions should keep status and measurements separate
참고: 이 문서는 누수감지 시절의 기록(레거시)이며, 현재 시스템은 SHT30 온습도 전용으로 전환되었습니다.
Context
The second Raspberry Pi uses an SHT30 temperature/humidity sensor instead of a leak contact sensor. The existing API and dashboard already track sensor_status and heartbeat, but the original schema had no place to persist temperature/humidity readings.
Guidance
Keep the device online/offline state in sensor_status, and store changing environmental readings in a separate metric table such as sensor_metric.
For SHT30 sensor2, the Pi should continue sending the existing required fields:
{
"device_id": "rpi-sht30-01",
"sensor_id": 2,
"event_type": "periodic",
"is_leak": 0,
"timestamp": 1779290000
}
Add telemetry fields before generating the API signature:
{
"metric_type": "sht30",
"temperature_c": 24.35,
"humidity_percent": 48.1,
"metric_status": "normal"
}
The API should update sensor_status on every accepted report and insert measurement rows into sensor_metric when the table exists. This lets heartbeat/offline monitoring keep working even if metric storage has not yet been migrated.
Why This Matters
Mixing environmental readings into sensor_log would make normal reports noisy and would not model temperature/humidity as time-series data. A separate metric table keeps device status and environmental telemetry clear enough for dashboard display, monthly reports, and threshold alerts (이번 전환에서 서버측 온습도 임계 SMS로 구현됨).
The Raspberry Pi source should also support both smbus2 and Raspberry Pi OS python3-smbus. smbus2 can be used as a context manager, but legacy smbus may require explicit close() handling.
When to Apply
- Add sensor2 or later environmental sensors.
- Add readings that are not leak events but need history.
- Add Pi hardware that should participate in the existing offline heartbeat.
- Add I2C hardware where distro packages and pip packages may expose different Python APIs.
Examples
For SHT30:
SHT30 VCC -> Raspberry Pi 3.3V
SHT30 GND -> Raspberry Pi GND
SHT30 SDA -> GPIO2 / SDA1 / pin 3
SHT30 SCL -> GPIO3 / SCL1 / pin 5
For deployment:
1. Apply sql/migration_sensor_metric.sql.
2. Configure /etc/sht30-sensor.env with SHT30_SENSOR_ID=2.
3. Run python3 sht30_monitor.py --read-once.
4. Run python3 sht30_monitor.py --once.
5. Confirm sensor_id=2 appears on dashboard.php with latest temperature/humidity.
Related
docs/SHT30_SENSOR2_SETUP.mdraspberry_pi/sht30_monitor.pysql/migration_sensor_metric.sqlphp/api/sensor_data.php