Our door management system adoorabell was meant to be a Python/Flask application at first, so people would be able, if they’re inside our home network, to open our front door via their web browser by opening a specific URL. This approach worked fine at first, but due to some technical changes in our network and since we live on the third floor some devices had a hard time connecting to our local WiFi while standing in front of our door. That left us with the following options:

  • setting up a VPN so we’re able to open the door from anywhere in the world.
  • rewriting our door management system so it’s able to function without being in the local network.

And while the first option is some kind of a all or nothing solution, since we have to grant access to the entire local network to people who should be able to open the door, and running the bot in a guest network isn’t convenient for us since we don’t have the guest network configuired on our own devices, we needed some kind of access control while the bot should become available more easily and to more people.

The Way to Go

After having worked with a Golang-Backend at my former Job, I decided to give Golang a shot in my private projects as well, since I felt like it is an amazingly good language for all things backend and server-sided plus it’s not Python. Instead of writing a web application I aimed for writing a Telegram bot, since most of the people visiting us are using Telegram, its bot API is not good but okayish and enough for such a project and there’s a Golang implementation of the Telegram Bot API available at GitHub.

A Few Remarks on Security

If you plan to make such a door management system for your flat door instead of the apartment buildings front door: please don’t. Telegrams transport layer encryption & the user management via telegram user IDs is sufficient enough for a buildings front door, since, well, it’s kind of easy getting inside the building without having a key anyways, e.g. you could just ring at one of the flats hoping that somebody will open. Whatsoever, you want to have a stronger security than the one adoorabell provides for the door between the common floor and your personal belongings & you don’t want to rely on third party servers for that.

How the Rewrite is Structured

More Flags Than the 20th Congress Of the CPSU.

I decided to do most of the configuration via flags, so instead of having a .toml or .yaml somewhere, you’re able to pass most of the important configuration values via flags:

  • -flatname (Flatname)
  • -gpio (GPIO pin being used by the relay, int)
  • -time (door opening time)
  • -token (Telegram bot token)
  • -debug (true/false, verbose logging)

I did this, because I wanted the binary to run anywhere without needing to store local files.

Splitting Packages

I split the program up in two packages, a main package which handles the telegram bot daemon, and a doorbouncer package which contains the functions to open the doors and a checking function to figure out if a certain account is allowed to open the door.

What I Learned During the Rewrite

I have spend less than two hours writing and testing the functionalities of the software, so I have to reevaluate if Python is still my go to programming language when it comes to fast server applications. Golang feels more convenient since I am able to build/cross-compile a binary which will just run, instead of having to mess around with setting-up a Python environment.

What to Do Next?

I plan to implement some sort of a API to fetch interesting data like the last opening time and a list of authorized users and to implement a better user management. I would love to see flags defining the administrative users -admin1, -admin2, -adminN (counting up) and a in-bot command for administrative users to give temporary access to non-administrative users via /grantaccess $USERID $TIME.

I thought about writing a react frontend for the user management as well containing some interesting stats about the door use in general. But then again, this misses the scope of the adoorabell application since I would have to implement some sort of a persistent database, which means that I have to store other local files than the binary. I do not want to do that.

In the near future I would love to see adoorabell running on a read-only filesystem since it would increase the lifespan of the microSD cards the Raspberry Pi is using.

The code of the adoorabell-go rewrite is available at github.com/wieueberall/adoorabell-go.