diff --git a/.env b/.env index 9a04bae..fd717e5 100644 --- a/.env +++ b/.env @@ -1,4 +1,4 @@ -VERSION=1.5.0.2 +VERSION=1.6.0.1 NON_INTERACTIVE=false BUILDX=true BUILDX_PURGE=false diff --git a/Dockerfile b/Dockerfile index 53ce3ab..d68cb00 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,11 +2,18 @@ FROM python:3.11-slim SHELL ["/bin/bash", "-ec"] -RUN apt update && apt install --no-install-recommends -y bluez build-essential +RUN apt update && apt install --no-install-recommends -y \ + bluez \ + build-essential \ + libssl-dev \ + libffi-dev \ + python3-dev \ + cmake + RUN python3 -m venv /opt/venv && \ - source /opt/venv/bin/activate && \ - pip install --upgrade pip setuptools==70.0.0 && \ - pip install --upgrade --extra-index-url=https://www.piwheels.org/simple pip TheengsGateway==1.5.0 + source /opt/venv/bin/activate && \ + pip install --upgrade pip setuptools==70.0.0 && \ + pip install --prefer-binary --extra-index-url=https://www.piwheels.org/simple TheengsGateway==1.6.0 COPY chroot / CMD source /opt/venv/bin/activate && exec /opt/venv/start.sh diff --git a/README.md b/README.md index 766c3d7..08b09b5 100644 --- a/README.md +++ b/README.md @@ -61,9 +61,12 @@ services: IDENTITIES: "[]" WHITELIST: "[11:22:33:44:55:66,AA:BB:CC:DD:EE:FF]" BLACKLIST: "[11:22:33:44:55:66,AA:BB:CC:DD:EE:FF]" + IGNORE_WBLIST: false + CA_FILE: /etc/ssl/certs/ca.crt volumes: - /var/run/dbus:/var/run/dbus + - ./certs/ca.crt:/etc/ssl/certs/ca.crt:ro ``` *MQTT_HOST* is mandatory field, ofcourse. @@ -119,7 +122,7 @@ docker run --rm \ -e DISCOVERY_TOPIC=homeassistant \ -e DISCOVERY_DEVICE_NAME=TheengsGateway \ -e DISCOVERY_FILTER="[IBEACON]" \ - -e SCANNING_MODE=active + -e SCANNING_MODE=active \ -e ADAPTER=hci0 \ -e TIME_SYNC="[]" \ -e TIME_FORMAT=0 \ @@ -128,7 +131,10 @@ docker run --rm \ -e BINDKEYS="{\"00:11:22:33:44:55:66\":\"0dc540f3025b474b9ef1085e051b1add\",\"AA:BB:CC:DD:EE:FF\":\"6385424e1b0341109942ad2a6bb42e58\"}" \ -e WHITELIST='"[11:22:33:44:55:66,AA:BB:CC:DD:EE:FF]"' \ -e BLACKLIST='"[11:22:33:44:55:66,AA:BB:CC:DD:EE:FF]"' \ + -e IGNORE_WBLIST=false \ + -e CA_FILE="/etc/ssl/certs/ca.crt" \ -v /var/run/dbus:/var/run/dbus \ + -v ./certs/ca.crt:/etc/ssl/certs/ca.crt:ro \ --name theengsgateway \ theengs/gateway-ARCH:latest ``` diff --git a/chroot/opt/venv/start.sh b/chroot/opt/venv/start.sh index bd69d2d..31e36b8 100755 --- a/chroot/opt/venv/start.sh +++ b/chroot/opt/venv/start.sh @@ -104,6 +104,20 @@ if hasvalue $LOG_LEVEL; then fi fi +if hasvalue $IGNORE_WBLIST; then + if ! [[ $IGNORE_WBLIST =~ (true|false) ]]; then + echo "WARNING : Wrong value for IGNORE_WBLIST environment variable, will use default - false" + IGNORE_WBLIST=false + fi +fi + +if hasvalue $CA_FILE; then + if ! [ -f "$CA_FILE" ]; then + echo "WARNING : CA_FILE path '$CA_FILE' does not exist. TLS validation may fail." + fi +fi + + if hasvalue $DISCOVERY; then if ! [[ $DISCOVERY =~ (true|false) ]]; then echo "WARNING : Wrong value for DISCOVERY environment variable, will use default - true" @@ -202,7 +216,9 @@ echo "Creating config at $CONFIG ..." "time_format": "${TIME_FORMAT:-0}", "ble": ${BLE:-true}, "enable_tls": ${ENABLE_TLS:-false}, - "enable_websocket": ${ENABLE_WEBSOCKET:-false} + "enable_websocket": ${ENABLE_WEBSOCKET:-false}, + "ignore_wblist": ${IGNORE_WBLIST:-false}, + "ca_file": "${CA_FILE:-}" EOF # Conditionally include IDENTITIES if not empty if [ -n "$IDENTITIES" ]; then diff --git a/examples/docker-compose.yml b/examples/docker-compose.yml index be02ef1..e5dbe3c 100644 --- a/examples/docker-compose.yml +++ b/examples/docker-compose.yml @@ -33,6 +33,8 @@ services: IDENTITIES: "{}" WHITELIST: "[]" BLACKLIST: "[]" - + IGNORE_WBLIST: false + CA_FILE: "/etc/ssl/certs/ca.crt" volumes: - /var/run/dbus:/var/run/dbus + - ./certs/ca.crt:/etc/ssl/certs/ca.crt:ro \ No newline at end of file