Yeah, but it puts all our data in the cloud; if I give you my URL (which I can’t, because of the rules on posting certain words) you could see what my BG was, although just for 15 minutes. I just verified this using a browser I hardly ever used on a separate machine; it’s all there, underwear swinging in the breeze.
At the same time the idiot NightScout still open on this machine started singing to me, ■■■■ knows why but it was (I had to turn off sound on that Brave tab.)
No, I hadn’t gone through the long list of extra steps, involving adding extra config variables (which, annoyingly, AndroidAPS also requires). For those who do chose to continue to use NightScout do this:
If you don’t everyone on the planet can see your underwear. The essence is to do this;
Log in to Heroku (or whatever container you use for your NightScout app).
Find the “Reveal Config Vars” setting if not immediately obvious.
Add: AUTH_DEFAULT_ROLES [=] denied
This will require any access to the site to have a password. If you have people who you only want to read the data you have more work to do; the access for someone who has the “API secret” is complete.
Simply setting the “config var” (as we call it) immediately stopped my second machine viewing my panties.
I just don’t care about this… neither does Liam. It’s anonymous data unless you know my URL which I need to give you. And if I give you my URL, I don’t care if you see the data. It’s just not that big a deal to me. No PII data being handed out.
Not completely - there is a work round (as I described, indeed as the AndroidAPS instructions suggest but don’t, unusually, require). Also NightScout isn’t required for AndroidAPS; the problem is that it is built in and many places check for nightscout as a required “objective” so, even though they don’t use it, you can’t access those functions without either it or hacking the code.
The show stopper seems to be that there is a built in multi-day pause on permitting closed loop, amounting to at least 28 days. Given that in that time it is beeping and farting interminably I think that will be a show stopper, but we shall see.
@jbowler I could be wrong, but my understanding of the LoopDocs (Step 11 Make plans for Loop Data - LoopDocs) is that neither Nightscout, MongoDB, or Heroku are “required”; rather, they provide a repository mechanism for reviewing data and allow two-factor authentication (admittedly not a default setting) that allows relatively easy review and adjustment of settings, as well as “follow” capability for others/caretakers/doctors. Nightscout further allows setting of roles to limit who can access what. However, you don’t have to trust a cloud service to maintain your privacy if you don’t want to. My apologies if I’m incorrect.
Indeed, and there are other ways of getting the data out. I ended up using Dexcom’s BYODA (Build-Your-Own-Dexcom-App) on the G6, it distributes the CGM readings to AndroidAPS and xDrip+ as well as putting them in the Dexcom cloud; so my docs can still get that data the “normal” way.
AndroidAPS controls the Dash; so far I’m very satisfied with that, once I worked out where the relevant buttons were. Unfortunately it doesn’t seem to support production of the log file that the Dash PDM produces and getting the PDM data out seems to end up requiring at least MongoDB (I can bypass NightScout by pushing the data directly to Mongo from xDrip+, I think.) The Dash data is in the spreadsheet-format ‘export’ file AndroidAPS produces, but the basal information seems to be missing.
I’ll probably end up using NightScout because it is supported. However I find it annoying that AndroidAPS requires NightScout to be set up before it will allow any form of closed loop (“Objective 1” explicitly checks for NightScout setup and pretty much everything is disabled until you have passed it.)
That’s a second annoyance, but with NightScout this time; it isn’t the default in NightScout. It’s really simple to use access tokens rather than API_SECRET and all they would have to do is change the default setup to turn off world-read and include a few user names (“admin”, “read”, “uploader” for devices like OpenAPS). I’ve done that, it works (though I haven’t got round to changing AndroidAPS to use a token yet; telling it API_SECRET effectively overrides the ?token).
You are correct; even if you use NightScout in a Heroku container it doesn’t actually have any data, it’s just a program running on some Amazon mega-server which has access to the data. The data is in Mongo and it is much, much, easier to set up a local MongoDB than to get NightScout running locally (I’ve done the first but hit a brick wall with the latter because at the time NS used an ancient version of Node.js).
Atlas actually seems to have a reasonable privacy policy and xDrip+ can download directly into Mongo. This avoids the password being stored in the Heroku app but then maybe Heroku have got their act together after the recent oops that cause them to demand everyone use 2FA.
All the same, it would be nice if the Dash systems (the “plugin”) had the ability to write the endo file; the one that everyone can see if you plug the Dash PDM into a USB port (the PDM looks like a read-only flash drive, with all your data completely visible; no protection.) The system would then work in a way that endos would probably be completely happy with; they might even be prepared to answer employer (aka patient) questions!
I’m completely, 100%, with you on your previous comment about the weird TLAs; “IC” is not the “insulin to carb” ratio or, indeed, the “insulin correction” factor; it is the “carb to insulin” ratio. Makes the questions in the exam really hard to answer “correctly”. The extensive use of TLAs in the OpenAPS and AdroidAPS documentation (I haven’t read Loop), along with the mysterious mix of acronyms and abbreviations:
DIA IC ISF BAS TARG
made the UI difficult to adapt to for me; I’m not an “intuitive user”. The above is a direct quote of the “profile” page; I haven’t turned on “short names” (or whatever it is called.) The UI is a total mess, fortunately humans are good at adapting to total mess, even me.
@MarkP That’s an interesting point. Insulet now had the Eros, Dash, and O5 available. I’m sure they’re making money off all of them, but will be interesting to see when they (like most other tech companies) cease sales of the (most likely) older version. There are many people (I have no numbers, just counting various posts) that still depend on Eros pods whether due to insurance, cost factors, etc. That creates a significant “forced” change when it comes…
