Getting Started with OwnTracks | Nathaniel Read
Nathaniel Read
software engineer
network

Getting Started with OwnTracks

This is a guide of home to get started with OwnTracks in Docker on Ubuntu 14.04

When I started with OwnTracks I had some trouble with the booklet as I found parts of it a tad disjointed and was a bit mixed up as there were some missing steps to get going. So here’s a quick guide to get OwnTracks installed and get going with it.

I’d advise you use Docker for it as it’s simpler to get started with and can easily be updated (also it contains a MQTT broker so it’s a bit less hassle).

  • Install Docker if you haven’t already
  • Get the Docker repo docker pull owntracks/recorderd
  • By default OwnTracks will make itself some self-signed SSL certs, if you have your own Certificate Authority just sign yourself one for the domain your using, if not you can quickly create one using XCA here (using this guide) or use the default provided ones if you’re so inclined.
  • Start the docker container using the command below, but changing the following; replace /var/owntracks and /var/owntracks/log with the data directory you want (create it first using mkdir) but for this walkthrough I’ll assume you use /var/owntracks. Replace mydomain.uk with your own domain, change 192.168.1.11 to your server’s network IP
docker run \
-v /var/owntracks:/owntracks \ 
-v /var/owntracks/log:/tmp 
-p 1883:1883 -p 8883:8883 -p 8083:8083 \
-e MQTTHOSTNAME="mydomain.uk" 
-e IPLIST="192.168.1.11" 
-e HOSTLIST="mydomain.uk" \
owntracks/recorderd

  • When the container starts your data directory should populate, now kill the container using CTRL + C on the keyboard

  • Create yourself some users by editing the /var/owntracks/mosquitto/mosquitto.acl file like this:

  # This affects all clients.
  attern write $SYS/broker/connection/%c/state
  pattern owntracks/%u/#
      	
  user recorder
  topic read owntracks/#
  #the above line says that owntracks is allowed to view all locations to save them
      	
  user nathaniel
  topic owntracks/nathaniel/+ 
  # the line above say that Nathaniel can only edit own locations
  topic read owntracks/+/+
  # the line above say that Nathaniel can view everyone's locations
      	
  user phil
  topic owntracks/phil/+
  # the line above says that Phil can only post and view his own locations
  # he can't see anyone elses locations
  • Next edit mosquitto.conf
  
# add the password file and access control list (acl) links like this
password_file /owntracks/mosquitto/mosquitto.passwd
acl_file /owntracks/mosquitto/mosquitto.acl
    		
listener 1883
listener 8883
    		
# add your CA cert, web cert and private key here 
cafile /owntracks/cert3/ca.crt
certfile /owntracks/cert3/mosquitto.crt
keyfile /owntracks/cert3/mosquitto.key
    		
require_certificate false

  • Next you need to get your users some passwords so they can actually post their location and so owntracks recorder can actually save the location so spin up the container again using the line from before then in another terminal window SSH’d in, run docker ps and copy the container ID

  • Now run sudo docker exec -t -i container-ID-here bash

  • You’re inside the docker container, run mosquitto_passwd /owntracks/mosquitto/mosquitto.passwd nathaniel (replace nathaniel with your user’s name) and enter your new password twice, now do this for all the users you want don’t forget creating a password for ‘recorder’, then exit by typing exit and hitting enter.

  • Now you should be ready to go, run sudo nano /owntracks/mosquitto/mosquitto.passwd and check your password hashes are there

  • You’re now ready to roll, so run the command below but this time you’re adding the user ‘recorder’ and the password you created for it so owntracks can record now,
docker run \
-v /var/owntracks:/owntracks \ 
-v /var/owntracks/log:/tmp 
-p 1883:1883 -p 8883:8883 -p 8083:8083 \
-e MQTTHOSTNAME="mydomain.uk" 
-e IPLIST="192.168.1.11" 
-e HOSTLIST="mydomain.uk" \
-e OTR_USER='recorder' -e OTR_PASS='password' \
owntracks/recorderd

  • Navigate to http://yourIP:8083 and you should see the OwnTracks interface

  • Install the OwnTracks root CA cert you created on your phone and fill out all the fields in the app like the screenshot and your phone should connect and your phone will populate the location (and it will appear in the web version).

OwnTracks iOS app

  • Forward port 8883 through your router, if you have Dynamic DNS you can just use yourdomain:8883 to continue posting even when you’re out and about.

  • If everything is working well, kill the container and set it to always restart (as shown below) so it will restart after reboots and the docker process being restarted.

docker run \
-v /var/owntracks:/owntracks \ 
-v /var/owntracks/log:/tmp 
-p 1883:1883 -p 8883:8883 -p 8083:8083 \
-e MQTTHOSTNAME="mydomain.uk" 
-e IPLIST="192.168.1.11" 
-e HOSTLIST="mydomain.uk" \
-e OTR_USER='recorder' -e OTR_PASS='password' \
--restart='always' owntracks/recorderd
  • Make yourself a brew