malobeo/infrastructure
2
1
Fork 1
Code Issues 40 Pull Requests 3 Actions Projects 3 Releases Wiki Activity

Door security #124

New Issue
Open
opened 2026-02-18 14:07:00 +01:00 by ahtlon · 13 comments
ahtlon commented 2026-02-18 14:07:00 +01:00
Owner
Copy Link

Es gehen sehr viele Schlüssel für das malobeo rum ohne irgendeine Art von monitoring. Es wäre nützlich irgendeine Art von Zugriffskontrolle zu haben.

Das hole of fame nutzt diese nachrüstbaren schusssysteme: https://nuki.io/de-de/produkte/produktubersicht
Preis zwischen 150€ und 350€
Verbindung über wlan/matter
Cloud optional

Es gehen sehr viele Schlüssel für das malobeo rum ohne irgendeine Art von monitoring. Es wäre nützlich irgendeine Art von Zugriffskontrolle zu haben. Das hole of fame nutzt diese nachrüstbaren schusssysteme: https://nuki.io/de-de/produkte/produktubersicht Preis zwischen 150€ und 350€ Verbindung über wlan/matter Cloud optional
ahtlon added the Security label 2026-02-25 04:48:53 +01:00
ahtlon added this to the Security project 2026-02-25 04:48:57 +01:00
ahtlon changed title from Tür system v2 to Door security 2026-02-25 04:52:00 +01:00
ahtlon commented 2026-02-25 04:52:52 +01:00
Author
Owner
Copy Link

Ich hab das mal zu nen security issue gemacht

Ich hab das mal zu nen security issue gemacht
ahtlon moved this to Medium Severity in Security on 2026-02-25 04:53:18 +01:00
ahtlon commented 2026-03-25 08:41:04 +01:00
Author
Owner
Copy Link

Nuki smart lock ultra (349€)
+ Matter integration
+ Wird mit zylinder geliefert (müssen nicht erst die schlüssel zurückrufen)
- teuer
- zylinder muss getauscht werden
- Braucht app

Nuki Smart Lock Go (149€)
+ Matter integration
+ Preiswert
- Braucht app
- Wlan einbindung kostet 50€ extra

Nuki smart lock ultra (349€) \+ Matter integration \+ Wird mit zylinder geliefert (müssen nicht erst die schlüssel zurückrufen) \- teuer \- zylinder muss getauscht werden \- Braucht app Nuki Smart Lock Go (149€) \+ Matter integration \+ Preiswert \- Braucht app \- Wlan einbindung kostet 50€ extra
kalipso commented 2026-03-25 12:59:03 +01:00
Owner
Copy Link

Hacked Keymatic (~80€)

Pro:
  • cheap (dont get produced anymore, but many available on ebay)
  • reliable - runs at c3d2 for nearly 10years
  • no app, no proprietary stuff, 100% control over the software
Contra:
  • requires soldering to make the lock controllable through rasperry pi
  • requries inhouse software solution for locking/unlocking and access controll
  • most time consuming setup

https://wiki.c3d2.de/wiki/HQ/Schalter#Keymatic
I built this in the past already and know how its done

ebay: https://www.ebay.de/sch/i.html?_nkw=keymatic&_sacat=0&_from=R40&_trksid=p4624852.m570.l1313

## Hacked Keymatic (~80€) ##### Pro: + cheap (dont get produced anymore, but many available on ebay) + reliable - runs at c3d2 for nearly 10years + no app, no proprietary stuff, 100% control over the software ##### Contra: - requires soldering to make the lock controllable through rasperry pi - requries inhouse software solution for locking/unlocking and access controll - most time consuming setup https://wiki.c3d2.de/wiki/HQ/Schalter#Keymatic I built this in the past already and know how its done ebay: https://www.ebay.de/sch/i.html?_nkw=keymatic&_sacat=0&_from=R40&_trksid=p4624852.m570.l1313
ahtlon commented 2026-03-25 13:24:08 +01:00
Author
Owner
Copy Link

(Aus irgendeinem grund werden listen mit - und + als punkte angezeigt. Kannst du verhindern durch \+)

(Aus irgendeinem grund werden listen mit - und + als punkte angezeigt. Kannst du verhindern durch `\+`)
❤️ 1
ahtlon commented 2026-03-26 11:39:36 +01:00
Author
Owner
Copy Link

Hmm im really starting to like the Keymatic idea. That would give us the most freedom software wise.
But 1. How do we handle the permanent cabling to the door? (Also what voltage does the lock use?)
2 Is there already software or should I write another python webserver for this?
3 Is it actually compatible with our door (Knauf) or do we still need a new cylinder?

Hmm im really starting to like the Keymatic idea. That would give us the most freedom software wise. But 1. How do we handle the permanent cabling to the door? (Also what voltage does the lock use?) 2 Is there already software or should I write another python webserver for this? 3 Is it actually compatible with our door (Knauf) or do we still need a new cylinder?
kalipso commented 2026-03-26 12:09:09 +01:00
Owner
Copy Link
  1. Power and Control pins could be routet through a lan cable, as seen in the schematic on the c3d2 wiki
  • this is then connected to a raspberry and a power source, the raspberry could reside somewhere in the corner where also the soundsystem is
  • the lancable could be routet through a small kabelkanal, thats the way it is done in c3d2 too
  • the lock is normaly driven by 2 AA batteries i think, depending if their paralel or in series we know the voltage
  1. The software still needs to be written, i also would like to write it and have some architecture in mind already (also we can do it together)
  • we should first need to discuss how the users would open the door, and how access is managed before we start implementing, this could be done during the security meetup with the others
  1. As far as i know keymatic expects a normal key, which means cylinder replacement might be necessary
1. Power and Control pins could be routet through a lan cable, as seen in the schematic on the c3d2 wiki - this is then connected to a raspberry and a power source, the raspberry could reside somewhere in the corner where also the soundsystem is - the lancable could be routet through a small `kabelkanal`, thats the way it is done in c3d2 too - the lock is normaly driven by 2 AA batteries i think, depending if their paralel or in series we know the voltage 2. The software still needs to be written, i also would like to write it and have some architecture in mind already (also we can do it together) - we should first need to discuss how the users would open the door, and how access is managed before we start implementing, this could be done during the security meetup with the others 3. As far as i know keymatic expects a normal key, which means cylinder replacement might be necessary
ahtlon commented 2026-03-27 13:27:31 +01:00
Author
Owner
Copy Link

Ok, should we then already look for a new cylinder or is that a seperate thing?

Ok, should we then already look for a new cylinder or is that a seperate thing?
kalipso commented 2026-03-28 15:35:10 +01:00
Owner
Copy Link

If we reach consensus on going with keymatic then sure why not. From my side iam fine with keymatic, as i understand you are also in favor of it? If so I would propose to have a short meeting the next days were we discuss next steps and possible implementation.

If we reach consensus on going with keymatic then sure why not. From my side iam fine with keymatic, as i understand you are also in favor of it? If so I would propose to have a short meeting the next days were we discuss next steps and possible implementation.
ahtlon commented 2026-03-31 20:00:58 +02:00
Author
Owner
Copy Link

I brought this up in plenary and the comments were (in no particular order)

  • There should be keys for malo members (Possible)
  • Wish for no user logging (Implementation specific)
  • What happens when someone pulls cables from router (they get tackled by IT AG)
  • Are nfc or rfid cards possible as access (needs hardware but should be possible)
I brought this up in plenary and the comments were (in no particular order) - There should be keys for malo members (Possible) - Wish for no user logging (Implementation specific) - What happens when someone pulls cables from router (they get tackled by IT AG) - Are nfc or rfid cards possible as access (needs hardware but should be possible)
ahtlon commented 2026-04-01 09:06:52 +02:00
Author
Owner
Copy Link

Hab hier mal nen plan für die software erstellt https://git.dynamicdiscord.de/malobeo/tuersoftware/src/branch/master/plan.txt

Hab hier mal nen plan für die software erstellt https://git.dynamicdiscord.de/malobeo/tuersoftware/src/branch/master/plan.txt
ahtlon commented 2026-04-01 09:09:34 +02:00
Author
Owner
Copy Link

Btw hab die Tür gemessen: Die tür ist 70mm breit und das schloss steht aussen 12mm und innen 9mm über. Hersteller ist BKS. Das schloss selbst ist Ø17x33
Wenn ich das system richtig verstanden habe brauchen wir also ein Profildoppelzylinder 45/50

Btw hab die Tür gemessen: Die tür ist 70mm breit und das schloss steht aussen 12mm und innen 9mm über. Hersteller ist BKS. Das schloss selbst ist Ø17x33 Wenn ich das system richtig verstanden habe brauchen wir also ein Profildoppelzylinder 45/50
kalipso commented 2026-04-02 00:39:45 +02:00
Owner
Copy Link

Nuki Smartlock controlled through own Software (~150€-300)

Pro:

  • looks clean, no soldering required
  • can be controlled through nuki_hub

Contra:

  • havent checked on drawbacks yet, dont know much about nuki
  • requires additional hadware: esp32 board
### Nuki Smartlock controlled through own Software (~150€-300) *Pro*: - looks clean, no soldering required - can be controlled through [nuki_hub](https://github.com/technyon/nuki_hub) *Contra*: - havent checked on drawbacks yet, dont know much about nuki - requires additional hadware: esp32 board
kalipso commented 2026-04-02 01:08:02 +02:00
Owner
Copy Link

Hab hier mal nen plan für die software erstellt https://git.dynamicdiscord.de/malobeo/tuersoftware/src/branch/master/plan.txt

Lets have a meeting on that.

> Hab hier mal nen plan für die software erstellt https://git.dynamicdiscord.de/malobeo/tuersoftware/src/branch/master/plan.txt Lets have a meeting on that.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Bug/Problem
Lokal
Migration
Module/Disks
Module/Initssh
Request
Security
Service
Updates
bump
nextcloud
No Label Security
Milestone
No items
No Milestone
Projects
Clear projects
No project Security
Assignees
Clear assignees
ahtlon kalipso quinn
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: malobeo/infrastructure#124
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?