Cheap remote power control via SMS

Following on from the spasmodic power interruptions of this summer I've been investigating how to improve the survivability of my IT infrastructure. Now, in the event of any electrical trouble, my infrastructure powers itself off in an intelligent and orderly fashion, save for a minimal core of low-power equipment that tries to stay alive until the very, very last gasp of battery power. A couple of APC switched PDU devices allow me to control sixteen individual sockets remotely so even my most archaic machines can be effectively managed. Having already beefed up my lead/acid capacity and remote control capability I decided to look again at notification.

Whilst I have most things configured to cry for help via email, this relies on someone actually monitoring for such messages if any useful remedial action is going to be taken. I used to use a free email-to-SMS gateway but this type of service seems to have dried up, in the UK at least. It occurred to me that perhaps I could attach a pay-as-you-go GSM phone to my always-on Asterisk server and then send SMSes using shell scripts. A brief Google turned up the gnokii toolset.

I've got a number of old Nokia phones lying around, most with an accompanying data cable, but all of these require a separate charger. Ideally I wanted something that would get it's juice from USB power provided by the data cable itself. An old Samsung clamshell did just this and "gnokii --identify" configured for USB and the AT command set confirmed that the phone was recognised.

Sending SMSes proved to be very trivial indeed and I now have any critical power events from my UPSes forwarded on to my mobile. I've tagged the remaining PAYG balance onto the end of each message so I am reminded of when I need to (remotely) top-up.

Once this was up and working, it was obvious that I could parse messages coming in the other direction. Configuring gnokii's smsd and some more very easy scripting now allows me to control most of my infrastructure from my mobile. I've restricted access so that only a whitelist of CIDs are permitted to use the (of course unpublished) service and have made the command syntax pretty much unguessable with no feedback to failed commands. This leaves me vulnerable to the very few suitably skilled and authorised bods working for mobile phone companies who could eavesdrop and then spoof instructions, so I'll hook the scripts up to my two factor authentication box when I get the chance. Functionality wins over security once again. :-)