GeniSys AI is an open source Artificial Intelligence Assistant Network using Computer Vision, Natural Linguistics and the Internet of Things. GeniSys uses a system based on TASS A.I for vision, an NLU engine for natural language understanding, in browser speech synthesis and speech recognition for speech and hearing, all homed on a dedicated Linux server in your home and managed via a secure UI.
GeniSys AI Server is a customisable management system for GeniSys AI networks. The GeniSys management system is built on top of Ubuntu 18.04.1 LTS (Bionic Beaver), but there should be no issues using other Linux operating systems. The server uses a secure PHP/MySql Nginx server, Let’s Encrypt for free SSL encryption, and free IoT connectivity via the iotJumpWay.
Although the completed GeniSys Server will be accessible via the outside world, this is only to help ensure encrypted traffic over your local network. The Nginx server will proxy traffic to your internal IPs for features such as the local NLU, the local TASS system is designed to access the local camera of the device the program is running on.
This tutorial will help you setup the server required for your GeniSys network, and also takes you through setting up iotJumpWay devices and applications. In detail this guide will cover the following:
- Installation: Ubuntu 18.04, Nginx, Let's Encrypt, PHP, MySql, phpMyAdmin, UFW, iotJumpWay
- Setup: Nginx, PHP, MySql, phpMyAdmin, IPTables, iotJumpWay, Domain name & DNS configuration, router port forwarding, UFW security, Device Proxies
The following guides will give you the basics of setting up a GeniSys Server.
For this project, the operating system of choice is Ubuntu 18.04.1 LTS (Bionic Beaver). To get your operating system installed you can follow the Create a bootable USB stick on Ubuntu tutorial.
Now is as good a time as any to sort out and configure a domain name. You need to have your domain already hosted on a hosting account, from there edit the DNS zone by adding an A record to your public IP, for this you need a static IP or IP software that will update the IP in the DNZ Zone each time it changes.
Once you have done this your domain name or subdomain will be pointing towards your public IP, if port 80 and 443 are not currently listening for traffic then visiting your domain name will result in a timeout for now.
Now it is time to install Nginx, follow the commands below to install the required software.
$ sudo apt-get install nginx
$ sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.backup
$ sudo systemctl status nginx.service
$ sudo nano /etc/nginx/sites-available/default
$ sudo nginx -t
$ sudo systemctl reload nginx
What the above commands do is:
- Installs Nginx
- Makes a copy of the default Nginx configuration named default.backup
- Checks the status of the service (server)
- Here you need to edit the default Nginx configuration replacing example.com in server_name (example.com www.example.com)
- Checks if the configuration is OK
- Reloads the Nginx service
You can check the Nginx logs by using the following command:
cat /var/log/nginx/error.log
Now you have your domain pointing to your public IP, it is time to add a port forward, traffic to your network will be coming from port 80 (insecure) and secure. Although Nginx will bounce the insecure traffic to port 443, we still need to add a port forward for port 80 as well as 443. How you will do this will vary, but you need to find the area of your router that allows you to add port forwards, and then add one port forward for incoming insecure traffic to port 80 of the server, and one for port 443. This will open the HTTP ports on your router and forward the traffic to the same ports on your server. In the case someone tries to access using insecure protocol (http - port 80) they will be automatically be sent to the secure port of the server (https - 443)
Security is everything, and it is even better when security is free ;) To encrypt our network we are going to use SSL provided by Let’s Encrypt. Follow the commands below to set up Let’s Encrypt.
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-nginx
$ sudo certbot --nginx
If you have followed above correctly you should now be able to access your website, but only using the secure protocol, 443, ie: https. If you visit your site you should now see the default Nginx page.
Now you will set up your firewall:
$ sudo ufw enable
$ sudo ufw disable
Now add the ports that we will require to be open: (In future updates these rules will be tightened)
$ sudo ufw allow 22
$ sudo ufw allow 80
$ sudo ufw allow 443
Finally start and check the status
$ sudo ufw enable
$ sudo ufw status
Now it is time to install MySql on your server. Follow the commands below and complete any required steps for the installation to accomplish this.
$ sudo apt-get install mysql-server
$ sudo mysql_secure_installation
Now create a user and password that we will use for phpMyAdmin, first login in with the root MySql username you created earlier and then enter the password when prompted, this will log you into MySql as that user.
mysql -u YourMySqlRootUser -p
Now we can create a user with the required permissions to manage phpMyAdmin, make sure you remember the credentials you create with the below command.
mysql> GRANT ALL ON *.* TO 'YourNewUsername'@'localhost' IDENTIFIED BY 'YourNewPassword';
Also create a user for your application database.
mysql> GRANT SELECT, INSERT, DELETE ON *.* TO 'YourNewUsername'@'localhost' IDENTIFIED BY 'YourNewPassword';
Finally, create the required database:
mysql> CREATE DATABASE YourDatabaseName
Now you will install PHP on your server. Follow the commands below and complete any required steps for the installation to accomplish this. You may need to swap 7.2 in the second command depending on what version of php-fpm is installed.
$ sudo apt-get install php-fpm php-mysql
$ sudo nano /etc/php/7.2/fpm/php.ini
You should now be in the nano editing window, find cgi.fix_pathinfo and change the value to 0
cgi.fix_pathinfo=0
Then restart PHP:
$ sudo systemctl restart php7.2-fpm
Now you need to open the default configuration:
$ sudo nano /etc/nginx/sites-available/default
and match the example default configuration, replacing YourSubdomain.YourDomain.TLD where relevant and updating the endpoint names. Once you have completed those steps, issue the following commands which will tell you if the configuration is ok and if so you can reload Nginx.
$ sudo nginx -t
$ sudo systemctl reload nginx
Now create a file in the public html directory called info.php. The following command will open the new file for editing:
$ sudo nano /var/www/html/info.php
Then you need to add the following code:
<?php
phpinfo();
If you now visit the info page your website ie: https://www.YourDomain.com/info you should see the PHP configuration of your server.
Now you should install phpMyAdmin and upload the default MySql table configuration.
$ sudo apt-get install phpmyadmin
Press tab -> enter -> yes -> password, then create a link to phpMyAdmin, if you want to home this in a place other than phpmyadmin you can simply rename phpmyadmin in the command below.
$ sudo ln -s /usr/share/phpmyadmin /var/www/html
Now you should be able to visit phpMyAdmin by accessing the relevant directory on your website.
First you can download the basic database structure required for the GeniSys server, this structure will change frequently along with the rest of the project so you should keep an eye out for important changes.
Once you are logged in to phpMyAdmin, visit the import tab and import the sql file you just download and import it into the database you created earlier in the tutorial.
Now you need to install the iotJumpWay and setup some appications and devices. The following part of the tutorial will guide you through this.
- Find out about the iotJumpWay
- Find out about the iotJumpWay Dev Program
- Get started with the iotJumpWay Dev Program
First of all you should register your free iotJumpWay account, all services provided by the iotJumpWay are also entirely free within fair limits. Once you have registered you need to:
- Create your iotJumpWay location (Documentation)
- Create your iotJumpWay zones (Documentation)
- Create your iotJumpWay application (Documentation)
To install the iotJumpWay MQTT software issue the following command on your server:
$ sudo pip install JumpWayMQTT
Now you can add the repository code to your server, to do this follow the guide:
- Clone the repo to the desktop of your server, or your preferred location on your server. The repository files have the same paths they would have on your server.
- /etc/nginx/sites-available/default is an example of how your server NGINX configuration should look, located on your server in the same location as in the repo.
- You can copy the entire contents of the Server/Media/Images/var/www directory to the /var/www directory on your server.
Now it is time to update our server configuration. Open the /var/www/classes/AIcore/confs.json file on your server and add your database credentials and a secure 32bit key for your encryption, your iotJumpWay application credentials, iotJumpWay location ID and Application MQTT credentials. You will use your iotJumpWay application credentials to authenticate yourself onto the UI.
{
"dbname" : "",
"dbusername" : "",
"dbpassword" : "",
"key" : ""
}
Before you can use your server UI you need to add some comfiguration to the database. Navigate to your PhpMyAdmin and login as your root user. You should already have the example default configuration installed, if not you can do this now, then head to the a7fh46_settings table. You need to encrypt some values and enter them into the database manually before you will be able to access the UI. You will find the encryption function in var/www/classes/helpers.php:
public function decrypt($value)
{
list($iv, $value) = explode(
'@@',
base64_decode($value));
return mcrypt_decrypt(
MCRYPT_RIJNDAEL_256,
$this->_GeniSys->_key,
$value,
MCRYPT_MODE_CFB,
$iv);
}
The fields you need to encrypt and add to the database are as follows:
- domainString: The full URL for your domain, ie: https://www.google.com
- jumpwayAppID: Your IoT JumpWay App ID
- JumpWayAppPublic: Your iotJumpWay App Public Key
- JumpWayAppSecret: Your iotJumpWay App Secret Key
First we need to visit the the Server Settings page, from the UI menu you can click on Server. Here you need to add the Server Name which is your choice of name to identify your server in the system, this will also be used as the meta title for your UI pages, then you need to update your Server URL, which is your fully qualified domain name (FQDN), and then finally the name that you used whilst setting up NGINX and PHP MyAdmin, now hit submit, if you do not see an error message, all is well.
The GeniSys Server is only the hub of the GeniSys network. Through the UI you can manage various aspects of your AI network including the local NLU Engine and TASS system, as well as other AI / IoT smart home devices.
After following the GeniSys NLU Engine tutorial you will be able to manage,sss train and infer using the UI.
After following the GeniSys TASS Engine tutorial you will be able to manage, train and infer using the UI.
Further extensions are planned / under development including a management system for the IDC Classifier (Breast Cancer AI) & the AML Classifier (Peter Moss Acute Myeloid Leukemia Research Project).
It is now possible to interact with GeniSys using your voice. This feature is powered by an open source project annyang which is basically a wrapper for the voice recognition feature of the web speech API, according to caniuse support seems to be finally much wider including: Edge, Firefox, Chrome, Safari, ios Safari, Chrome for Android and Samsung Internet, but I have not tested anything other than Chrome. In Chrome for Android an alert noise is made every time the voice recognition restarts, this is unavoidable and there has been a long time developer request for Google to remove this feature but Google are adimant that it will remain.
If you have updated your server code and booted up the server you should get asked for permissions to use the microphone, once you accept you will be able to speak to your NLU providing the NLU is online.
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to me.
I use SemVer for versioning. For the versions available, see GeniSysAI/Server/releases.
This project is licensed under the MIT License - see the LICENSE file for details.
I use the repo issues to track bugs and general requests related to using this project.
Adam is a BigFinite IoT Network Engineer, part of the team that works on the core IoT software. In his spare time he is an Intel Software Innovator in the fields of Internet of Things, Artificial Intelligence and Virtual Reality.
