remove possibility to allow external access for proxy addon because this

is not supported by ha-proxy.js.
jens-maus · Nov 15, 2024 · 3ad15ba · 3ad15ba
1 parent ecf3f76
commit 3ad15ba
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 16 deletions.
diff --git a/home-assistant-addon-proxy/CHANGELOG.md b/home-assistant-addon-proxy/CHANGELOG.md
@@ -0,0 +1,5 @@
+# ChangeLog
+
+For a recent ChangeLog please review the following information:
+
+- [RaspberryMatic Releases](https://github.com/jens-maus/RaspberryMatic/releases)
diff --git a/home-assistant-addon-proxy/README.md b/home-assistant-addon-proxy/README.md
@@ -1,12 +1,32 @@
 # Home Assistant Add-on: RaspberryMatic Proxy
 
-<img height="60px" src="release/logo.png" align="left">
+![Supports aarch64 Architecture][aarch64-shield] ![Supports amd64 Architecture][amd64-shield] ![Supports armhf Architecture][armhf-shield] ![Supports armv7 Architecture][armv7-shield] ![Supports i386 Architecture][i386-shield]
+[![License](https://img.shields.io/github/license/jens-maus/RaspberryMatic.svg)](https://github.com/jens-maus/RaspberryMatic/blob/master/LICENSE)
+[![Donate](https://img.shields.io/badge/donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=RAQSDY9YNZVCL)
+[![Twitter](https://img.shields.io/twitter/follow/RaspberryMatic.svg?style=social&label=Follow)](https://twitter.com/RaspberryMatic)
+[![GitHub stars](https://img.shields.io/github/stars/jens-maus/RaspberryMatic.svg?style=social&label=Star)](https://github.com/jens-maus/RaspberryMatic/stargazers/)
 
-⚠️ This addon does not contain RaspberryMatic ⚠️
+## About
 
-This addon acts as a web proxy to an external running RaspberryMatic instance. 
-The sole purpose of this addon is to add a RaspberryMatic icon to the sidebar of Home Assistant which will open the frontend of an external running RaspberryMatic instance.
+⚠️ This add-on does NOT provide a full RaspberryMatic system ⚠️
 
-## Options
+It acts as a web proxy to an external running [RaspberryMatic](raspberrymatic) CCU instance. Thus, the sole purpose of this add-on is to add a RaspberryMatic icon to the sidebar of Home Assistant which will open the frontend of an external running RaspberryMatic instance so that it can be accessed from within HA.
 
-- `server` (required): this should be the local URL on which the RaspberryMatic frontend is running, e.g. `http://192.168.2.43:80`. Make sure there is no trailing slash!
+## Documentation / Installation
+
+In addition to installing this HA add-on you will have to set some mandatory add-on options to link against an external RaspberryMatic CCU WebUI:
+
+- `webui-url` (required): the URL on which the external RaspberryMatic CCU WebUI is accessible, e.g. `http://192.168.2.43`.
+
+In addition, you have to make sure that your HA system is able to directly access the RaspberryMatic CCU WebUI. Thus, if you have the internal firewall system of your RaspberryMatic system enabled, make sure to add the ip adress of your HA system to these firewall settings.
+
+## License
+
+This Home Assistant add-on as well as RaspberryMatic is licensed under the Apache-2.0 open-source license.
+
+[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
+[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
+[armhf-shield]: https://img.shields.io/badge/armhf-yes-green.svg
+[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
+[i386-shield]: https://img.shields.io/badge/i386-yes-green.svg
+[raspberrymatic]: https://github.com/jens-maus/RaspberryMatic
diff --git a/home-assistant-addon-proxy/config.yaml b/home-assistant-addon-proxy/config.yaml
@@ -1,6 +1,6 @@
 ---
 name: RaspberryMatic CCU (Proxy)
-version: 0.2.11
+version: 0.2.12
 stage: experimental
 slug: raspberrymatic_proxy
 image: ghcr.io/jens-maus/raspberrymatic-proxy
@@ -19,16 +19,10 @@ panel_icon: mdi:router-wireless
 boot: auto
 init: true
 timeout: 30
-ports:
-  8099/tcp: null
-ports_description:
-  8099/tcp: External port to proxied WebUI
 options:
   webui-url: http://homematic-raspi
-  allowed-ips: null
 schema:
   webui-url: str?
-  allowed-ips: str?
 map:
   - config:ro
 environment:

diff --git a/home-assistant-addon-proxy/ha-proxy.js.gtpl b/home-assistant-addon-proxy/ha-proxy.js.gtpl
@@ -76,12 +76,11 @@ const apiProxy = createProxyMiddleware({
 const app = express();
 app.use((req, res, next) => {
   //Get whitelisted range
-  let whitelisted_range = ipaddr.parseCIDR('{{ index . "allowed-ips" }}');
-  let whitelisted_internal = ipaddr.parseCIDR(process.env.HM_HAPROXY_SRC);
+  let whitelisted_range = ipaddr.parseCIDR(process.env.HM_HAPROXY_SRC);
   //Get source IP
   let source_ip = ipaddr.parse(req.ip.split(':').pop());
   //Check if source IP in whitelisted range
-  if(source_ip.match(whitelisted_internal) || source_ip.match(whitelisted_range)) {
+  if(source_ip.match(whitelisted_range)) {
     // allowed, forward to next middleware (proxy)
     next();
   } else {