Last Updated or created 2023-04-02

UPDATE: 20230214 / 20230224

Install Bullseye on a SDCard

Enable wifi country code using raspi-conf
(While you at it, enable I2C for the display)

Install and configure an Access Point

# As root
apt update
apt upgrade
apt install hostapd
apt install dnsmasq
systemctl stop hostapd
systemctl stop dnsmasq

cat <<EOF > /etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
ssid=escape
hw_mode=g
channel=6
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=mysecretpass
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
EOF

cat <<EOF >> /etc/dnsmasq.conf
interface=wlan0
bind-dynamic
domain-needed
bogus-priv
dhcp-range=192.168.50.150,192.168.50.200,255.255.255.0,12h
EOF

cat <<EOF >> /etc/dhcpcd.conf
interface wlan0
nohook wpa_supplicant
static ip_address=192.168.50.10/24
static routers=192.168.50.1
static domain_name_servers=8.8.8.8
EOF

sed -i s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g /etc/sysctl.conf


mkdir /etc/nftables
cat <<EOF > /etc/nftables/nft-stat-ap.nft
flush ruleset

table inet ap {
        chain routethrough {
                type nat hook postrouting priority filter; policy accept;
                oifname "eth0" masquerade
        }

        chain fward {
                type filter hook forward priority filter; policy accept;
                iifname "eth0" oifname "wlan0" ct state established,related accept
                iifname "wlan0" oifname "eth0" accept
        }
}
EOF

chmod +x /etc/nftables/nft-stat-ap.nft
cat /etc/nftables.conf | grep nft-stat-ap.nft || echo 'include "/etc/nftables/nft-stat-ap.nft"' >> /etc/nftables.conf

systemctl unmask hostapd
systemctl enable hostapd
systemctl enable nftables

reboot

UPDATE: 20230214

Now in its case, added two buttons and one led.

UPDATE : 20230224 mqtt config

apt-get install mosquitto mosquitto-clients

vi /etc/mosquitto/conf.d/remotemqtt.conf
per_listener_settings true
# internal mqtt
listener 1883
allow_anonymous true
# connection over the internet
connection bridge-01
address remoteserver:8883
bridge_cafile /etc/mosquitto/certs/ca.crt
bridge_keyfile /etc/mosquitto/certs/remoteaccesspoint.key
bridge_certfile /etc/mosquitto/certs/remoteaccesspoint.crt
topic escape/# both 0
remote_username remoteuser
remote_password remotepass

########## remote server config

cd /etc/mosquitto
mosquitto_passwd passwords remoteuser

cd /etc/mosquitto/certs
./generate-CA.sh client remoteaccesspoint

copy ca.crt remoteaccesspoint.key and remoteaccesspoint.crt to accesspoint

mosquitto.conf
pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
#per_listener_settings true
# Plain MQTT protocol
listener 1883
allow_anonymous true
# End of plain MQTT configuration
# MQTT over TLS/SSL
listener 8883
cafile /etc/mosquitto/certs/ca.crt
certfile /etc/mosquitto/certs/webserver.fash.lab.crt
keyfile /etc/mosquitto/certs/webserver.fash.lab.key
allow_anonymous false
password_file /etc/mosquitto/passwords
# End of MQTT over TLS/SLL configuration
listener 9001
protocol websockets
# End of plain Websockets configuration
# WebSockets over TLS/SSL
listener 9883
protocol websockets
cafile /etc/mosquitto/certs/ca.crt
certfile /etc/mosquitto/certs/webserver.fash.lab.crt
keyfile /etc/mosquitto/certs/webserver.fash.lab.key
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
connection bridge-01
address extramqttserver:1883
topic lscspm1/# both 0
topic owntracks/# both 0
topic escape/# both 0

log_type all

Controlling Display and MQTT messages examples

apt-get install python3-smbus

python3 printline.py -1 "line 1" -2 "line 2"

wget https://github.com/emcniece/rpi-lcd/blob/master/RPi_I2C_driver.py

cat printline.py
# requires RPi_I2C_driver.py
import RPi_I2C_driver
from time import *
import sys, getopt

#python3 fix
unichr = chr 

mylcd = RPi_I2C_driver.lcd()
# test 2                  1234567812345678


def main(argv):
   line1 = ''
   line2 = ''
   try:
      opts, args = getopt.getopt(argv,"h1:2:",["txt1=","txt2="])
   except getopt.GetoptError:
      print ('printline.py -1 <line1> -2 <line2>')
      sys.exit(2)
   for opt, arg in opts:
      if opt == '-h':
         print ('printline.py -1 <line1> -2 <line2>')
         sys.exit()
      elif opt in ("-1", "--txt1"):
         line1 = arg
      elif opt in ("-2", "--txt2"):
         line2 = arg

   mylcd.lcd_display_string(line1, 1)
   mylcd.lcd_display_string(line2, 2)
if __name__ == "__main__":
   main(sys.argv[1:])

Print internal and external ip

myip=$(/usr/sbin/ifconfig eth0 | grep "inet " | awk '{ print $2 }')
extip=$(curl -s http://whatismyip.akamai.com/)
python3 printline.py -1 "i $myip" -2 "e $extip"

mosquitto health tester

timeout 1 mosquitto_sub -t '$SYS/#' -C 1 | grep -v Error || exit 1

Button press shutdown

raspi-gpio get 27  | grep level=0 >/dev/null 
if [ $? == 0 ] ; then

python3 printline.py -1 "shutting" -2 "down"
/usr/sbin/halt -p
fi

Cleaned-up minimal mqtt poster

#include <WiFi.h>
#include <PubSubClient.h>

const char* ssid = "ssidname";
const char* password = "ssidpass";
const char* mqttServer = "192.168.50.10";

WiFiClient espClient;
PubSubClient client(espClient);


void initWiFi() {
  WiFi.mode(WIFI_STA);
  WiFi.begin(ssid, password);
  Serial.print("Connecting to WiFi ..");
  while (WiFi.status() != WL_CONNECTED) {
    Serial.print('.');
    delay(1000);
  }
  Serial.println(WiFi.localIP());
}


void setup() {
Serial.begin(115200);
initWiFi();
  Serial.print("RRSI: ");
  Serial.println(WiFi.RSSI());
    client.setClient(espClient);
    client.setServer(mqttServer,1883);
 if (client.connect("testmodule")) {

      Serial.println("connected");
 client.publish("escape/testclient", "connected");
    } else {
            Serial.println("Mqtt not connected");
    }

}

void loop() {
        }

}