Skip to end of metadata
Go to start of metadata

LoxBerry 2.0.2 Stability Release

Konkrete Version: Noch kein Pre-/Release

Für Benutzer | For users

Unterstützung für Miniserver Gen2 HTTPS | Support for Miniserver Gen2 HTTPS

Ab LoxBerry V2.0.2 wird die HTTPS-Verbindung vom LoxBerry zum Miniserver Gen2 unterstützt. Unterstützt wird HTTPS zu lokalen und Remote-Miniservern sowie auch via CloudDNS.

Die Einrichtung erfolgt im Miniserver Widget:

  • Dafür die Schaltfläche "HTTPS bevorzugen" auswählen, und darunter den lokalen SSL-Port 443 eintragen. Bei Remote-Verbindungen kann ein anderer SSL-Port angegeben werden.
  • Für Loxone CloudDNS kann ebenfalls "HTTPS bevorzugen" ausgewählt werden. Den korrekten HTTPS-Port bezieht LoxBerry dann direkt vom Loxone CloudDNS-Server.

Bei der Authentifizierungsprüfung (siehe oranges Feld im Bild) werden oben nun beide Protokolle, HTTP und HTTPS, in rot oder grün angezeigt. Ist "HTTPS bevorzugen" nicht aktiv, wird dort nur HTTP angezeigt.

Wir haben bei CloudDNS außerdem noch die Infos vom CloudDNS-Server hinzugefügt, damit kannst du die bei Loxone gerade hinterlegten Verbindungsdaten überprüfen. 

Folgendes gilt es zu beachten!

  • Der Miniserver Gen1 und der Miniserver Go unterstützen kein HTTPS. 
  • Plugins müssen HTTPS explizit unterstützen. Alle Plugins, die die Funktionen von LoxBerry's eigenen IO-Komponenten verwenden, unterstützen automatisch HTTPS. Wir werden die Plugin-Entwickler bitten, die Unterstützung von HTTPS in die Plugin-Beschreibung aufzunehmen.
  • Plugins, die nicht für HTTPS umgebaut wurden, werden weiterhin HTTP verwenden. Deswegen solltest du dennoch den HTTP-Port am Miniserver aktiviert lassen (aber nicht ins Internet durchschalten).
  • Wenn "HTTPS bevorzugen" aktiviert und von LoxBerry bzw. dem Plugin berücksichtigt wird, und die HTTPS-Verbindung nicht funktioniert, gibt es keinen Fallback auf HTTP. 
  • Die LoxBerry-eigenen Funktionen haben die Prüfung des Stammzertifikats sowie des Hostnamens deaktiviert. Wir möchten keinen Support leisten, wenn ein LoxBerry-Benutzer Probleme bei der Einrichtung von CAs und DNS hat.
  • Andere Übertragungsmethoden (TCP, UDP) sind generell nicht verschlüsselt. HTTP von Miniserver zu LoxBerry bleibt ebenso unverschlüsselt.

From LoxBerry V2.0.2 https is supported from LoxBerry to Miniserver Gen2. Local Miniservers, remote Miniservers  and CloudDNS Miniservers.

Configure HTTPS in the Miniserver widget:

  • Enable the checkbox "Prefer HTTPS", and enter the https/ssl port 443 (for local Miniservers), or the remote https port for remote Miniservers routed through a port-forwarding.
  • For Loxone CloudDNS simply enable "Prefer HTTPS". LoxBerry automatically aquires the correct port from the Loxone CloudDNS-Server.

The authentication check (see orange mark on the picture) now responds with both HTTP and HTTPS, if "Prefer HTTPS" is enabled. Without, only HTTP is displayed.

We also have added some information from the Loxone CloudDNS server if CloudDNS is used. So you can double-check what connection information Loxone currently knows about your Miniserver.

Please keep attention on this!

  • Miniserver Gen1 and Miniserver Go do not support HTTPS.
  • Plugins need to explicitely support HTTPS. All plugins using LoxBerry-own io libraries automatically support HTTPS. We invite our plugin developers to do a clear statement in their plugin description if https is supported.
  • Plugins that aren't changed to support HTTPS will further use HTTP. Therefore, you should keep HTTP enabled on your Miniserver (but not routed to the Internet!).
  • When "Prefer HTTPS" is enabled and used by LoxBerry or a plugin, and your HTTPS connection fails, there is no fallback to HTTP.
  • LoxBerry's own functions and libraries (Perl, PHP) have disabled the CA and hostname checks. We don't like to do certificate and dns support.
  • All other transports (TCP, UDP), and Miniserver to LoxBerry, stay unencrypted.

Unterstützung von Miniserver Gen2 IPv6 | Support for Miniserver Gen2 IPv6

LoxBerry und alle LoxBerry SDK Bibliotheken unterstützen nun vollständig die Verbindung zu einem Miniserver mit IPv6. Dies gilt für lokale Miniserver als auch über Loxone CloudDNS.

Bei lokalen Miniservern kann die IPv6-Adresse einfach ins IP-Adresse-Feld im Miniserver-Widget eingetragen werden. Für CloudDNS ist gar keine Konfiguration notwendig.

Wichtig!

Plugins unterstützen IPv6 möglicherweise noch nicht. Wenn keine Notwendigkeit besteht, den Miniserver ausschließlich auf IPv6 einzurichten, sollte weiterhin eine IPv4-Verbindung genutzt werden.


LoxBerry and all LoxBerry libraries now also fully support Miniservers configured with IPv6. This is valid for local installations and for Miniservers connected via Loxone CloudDNS.

For local Miniservers, simply set the IPv6 address to the IP address field in the Miniserver widget. For Miniservers via CloudDNS, no setting at all is required.

Attention!

Plugins may not be compatible with IPv6. If there is no requirement for an IPv6 connection, you may still want to use IPv4.

Log Manager: PHP Log 

Das PHP-Log ist jetzt direkt in der Navigationsleiste des Log Managers erreichbar.


The PHP logfile now is accessible directly from the Log Manager navigation bar.

Systemzeit → LoxBerry Dienste | Timeserver → LoxBerry Services

Wir haben das Systemzeit-Widget ins LoxBerry Dienste Widget verschoben. 


We've moved the Timeserver widget into the LoxBerry Services widget.

Further fixes and improvements

  • LoxBerry Usage Statistics (https://stats.loxberry.de): Implemented a serverside logic to blacklist statistic data from LoxBerry's that use duplicate LoxBerry id's (e.g. a VM is used with the same loxberry id on many clients). New clientside implementation to automatically generate a new loxberry id if the current id is blacklisted. This should make usage counter more accurate in case that vm creators do not consider LoxBerry's image creation documentation.

For developers

Plugin support matrix HTTPS and IPv6

First of all: All interfaces and config files stay fully compatible to earlier LoxBerry versions. Therefore: Your plugin users using IPv4, and/or http to connect to their Miniserver, will have no difficulties to further use your plugin.

This tables show interfaces/libs and if they will work with HTTPS and IPv6 WITHOUT CHANGES of your Plugin.



Normal:
HTTP
IPv4
Prefer HTTPSIPv6 addressPrefer HTTPS
IPv6 address
CloudDNS
Prefer HTTPS
CloudDNS
IPv6 address
CloudDNS
Prefer HTTPS
IPv6 address
Using MQTT Gateway interfaces

YES

YES

YES

YES

YES

YES

YES

Using LoxBerry::IO (Perl)

YES

YES

YES

YES

YES

YES

YES

Using loxberry_io.php (PHP)

YES

YES

YES

YES

YES

YES

YES

Using get_miniservers (Perl / PHP)

YES

FALLBACK

DEPENDS

NO

FALLBACK

DEPENDS

NO

Reading general.cfg file

YES

FALLBACK

DEPENDS

NO

FALLBACK

DEPENDS

NO









What the labels mean

YES Your plugin requires no change and is compatible with https and ipv6.

FALLBACK The Miniserver widget asks for both http and https ports if "Prefer https" is enabled. CloudDNS aquires both http and https ports. If your plugin reads the "Port" setting from get_miniservers or general.cfg, it will still connect with http. In the CloudDNS case, the user must have the http port open on the router/firewall.

DEPENDS The Miniserver widget stores the IPv6 address from the user, or a hostname, that may be resolved to an IPv6 address by the DNS. It depends on the library you use to connect to the Miniserver, if IPv6 is supported in general, and the library can handle the address format 

NO Without changes, the connection will fail. We introduced new fields in get_miniservers with LB2.0.2 to support you using https and ipv6. Your plugin requires adaptions for that.

Changes in LoxBerry::IO (Perl), loxberry_io.php (PHP)

All functions for http and udp were updated to support https and ipv6. No changes are required in your plugin.

Changes in get_miniservers (Perl, PHP)

See LoxBerry::System::get_miniservers (Perl) or LBSystem::get_miniservers (PHP) for a full description of all properties.

  • IPAddress: The field now may contain: An IPv4 address (like before), an IPv6 address (new) or a hostname (like before) that may resolve to an IPv4 or IPv6 (new) address by DNS.
  • IPv6Format: The lib returns 1, if IPAddress is an IPv6 format. It does not check if a hostname will resolve to an IPv6 address! In some libraries that requires a host:port connection string, an IPv6 address must be escaped in [ square brackets ], e.g. "[ipv6]:port". Use the IPv6Format flag to easier identify if you require square brackets for the IPAddress.
  • FullURI and FullURI_RAW: This is the most exciting new implementation in LoxBerry 2.0.2: For http/https calls to the Miniserver, this property always returns the correct full URI to the Miniserver, including escaped (or RAW) credentials, with the correct transport (http or https), correct IPAddress format (IPv4 or IPv6), and resolving CloudDNS if used. 
  • PreferHttps: This flag is 1, if the user has set "Prefer HTTPS" in the Miniserver widget. For http connections, this flag indicates that your plugin should consider the PortHttps and Transport
  • PortHttps: This is the https port the user entered, or CloudDNS returned. If PreferHttps is 1, use this port instead of Port
  • Transport: This property returns "http" if "Prefer HTTPS" is disabled, and "https" if "Prefer HTTPS" is enabled. You directly can use the Transport property to build your URI.

If the user has Loxone CloudDNS set in the Miniserver widget, get_miniservers always resolves IPAddress, Port, PortHttps, and all other fields depending to them, so your plugin does not require to do own decisions "Is CloudDNS or not".   

Changes in general.cfg

  • IPADDRESS: The field now may contain: An IPv4 address (like before), an IPv6 address (new) or a hostname (like before) that may resolve to an IPv4 or IPv6 (new) address by DNS.

general.cfg → general.json migration

As the last of LoxBerry's main configuration files, the general.cfg is migrated to general.json in LoxBerry 2.0.2. All LoxBerry-Core widgets will use general.json as base configuration files from now.

The general.cfg will still be maintained automatically by LoxBerry for legacy. It is not intended to let general.cfg completely die, so your plugins stay running. But new features (like MSv2 https/ipv6) will not be maintained in the general.cfg anymore. To use new features of LoxBerry in your plugins, we recommend

  1. Perl: Switch to the LoxBerry libraries LoxBerry::System, LoxBerry::Web, LoxBerry::IO, for config files LoxBerry::JSON
  2. PHP: Switch to the LoxBerry libraries loxberry_system.php, loxberry_web.php, loxberry_io.php. Maintain config files in PHP's native json functions.
  3. Node.js, Python, Bash...: Use LoxBerry's environment variables, and our json configuration files: general.json, plugindatabase.json to get data from the user configuration.

Since LoxBerry 1.4, we have begun step-by-step to migrate LoxBerry's configuration files from the INI file format (most famous from MS-DOS and Windows) to JSON. Actually, JSON is not a config file format (as e.g. YAML or TOML is), but the format is a defined Internet (RFC8259) and worldwide (ISO/IEC21778) standard, and is defacto standard for data transfer between webservers and webbrowsers. That means, every computer in every county, with every language and programming language, will read JSON in the same way. In contrast, we already had massive problems with reading and writing the ini file format between Perl and PHP.

For your own plugins, especially if you use different coding languages for the program and the webif (e.g. Node.js script with LoxBerry PHP webif), we recommend to try json instead of an ini file.

Pre-Announcement for deprecation

In some of the next LoxBerry minor releases, the Perl LoxBerry::System library will not auto-use Config::Simple anymore. If you use Config::Simple in your Perl code, and it does not explicitly have a use Config::Simple; on the top, please add this line. (The Config::Simple library itself will stay on LoxBerry of course!)


Commit Log: https://github.com/mschlenstedt/Loxberry/compare/2.0.1.3...master

  • No labels