Merge branch 'main' of https://github.com/s-allius/tsun-gen3-proxy into ssl-connection

add experimental SSL support
dd asyncio logging
2024-07-02 00:41:14 +02:00 · 2024-06-29 17:28:34 +02:00 · 2024-06-29 17:27:55 +02:00 · 2024-06-29 17:25:46 +02:00 · 2024-06-27 21:01:32 +02:00 · 2024-06-27 21:00:50 +02:00
2 changed files with 47 additions and 7 deletions
--- a/app/Dockerfile
+++ b/app/Dockerfile
@@ -45,7 +45,7 @@ ENV HOME=/home/$SERVICE_NAME
 # set the working directory in the container
 WORKDIR /home/$SERVICE_NAME

-VOLUME ["/home/$SERVICE_NAME/log", "/home/$SERVICE_NAME/config"]
+VOLUME ["/home/$SERVICE_NAME/log", "/home/$SERVICE_NAME/config", "/home/$SERVICE_NAME/cert"]

 # install the requirements from the wheels packages from the builder stage 
 # and unistall python packages and alpine package manger to reduce attack surface
@@ -64,7 +64,7 @@ COPY --chmod=0700 entrypoint.sh /root/entrypoint.sh
 COPY config .
 COPY src .
 RUN date > /build-date.txt
-EXPOSE 5005 8127 10000
+EXPOSE 5005 8127 10000 10443

 # command to run on container start
 ENTRYPOINT ["/root/entrypoint.sh"]
--- a/app/src/server.py
+++ b/app/src/server.py
@@ -1,5 +1,6 @@
 import logging
 import asyncio
+import ssl
 import signal
 import os
 from asyncio import StreamReader, StreamWriter
@@ -83,12 +84,17 @@ async def handle_client_v2(reader: StreamReader, writer: StreamWriter):
    await InverterG3P(reader, writer, addr).server_loop(addr)


-async def handle_shutdown(web_task):
+async def handle_client_v3(reader: StreamReader, writer: StreamWriter):
+    '''Handles a new incoming connection and starts an async loop'''
+    logging.info('Accept on port 10443')
+    addr = writer.get_extra_info('peername')
+    await InverterG3P(reader, writer, addr).server_loop(addr)
+
+
+async def handle_shutdown(loop, runner):
    '''Close all TCP connections and stop the event loop'''

    logging.info('Shutdown due to SIGTERM')
-    global proxy_is_up
-    proxy_is_up = False

    #
    # first, disc all open TCP connections gracefully
@@ -116,7 +122,7 @@ async def handle_shutdown(web_task):
    await web_task

    #
-    # at last, start a coro for stopping the loop
+    # at last, we stop the loop
    #
    logging.debug("Stop event loop")
    loop.stop()
@@ -172,6 +178,40 @@ if __name__ == "__main__":
    #
    loop.create_task(asyncio.start_server(handle_client, '0.0.0.0', 5005))
    loop.create_task(asyncio.start_server(handle_client_v2, '0.0.0.0', 10000))
+
+    # https://crypto.stackexchange.com/questions/26591/tls-encryption-with-a-self-signed-pki-and-python-s-asyncio-module
+    '''
+    openssl genrsa -out -des3 ca.key.pem 2048
+    openssl genrsa -out server.key.pem 2048
+    openssl genrsa -out client.key.pem 2048
+
+    openssl req -x509 -new -nodes -key ca.key.pem -sha256 -days 365
+      -out ca.cert.pem -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=FoobarCA
+
+    openssl req -new -sha256 -key server.key.pem
+     -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=Foobar -out server.csr
+    openssl x509 -req -in server.csr -CA ca.cert.pem -CAkey ca.key.pem
+      -CAcreateserial -out server.cert.pem -days 365 -sha256
+
+    openssl req -new -sha256 -key client.key.pem
+      -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=Foobar -out client.csr
+    openssl x509 -req -in client.csr -CA ca.cert.pem -CAkey ca.key.pem
+      -CAcreateserial -out client.cert.pem -days 365 -sha256
+    '''
+
+    server_ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+    server_ctx.minimum_version = ssl.TLSVersion.TLSv1_2
+    server_ctx.maximum_version = ssl.TLSVersion.TLSv1_3
+    server_ctx.verify_mode = ssl.CERT_REQUIRED
+    server_ctx.options |= ssl.OP_SINGLE_ECDH_USE
+    server_ctx.options |= ssl.OP_NO_COMPRESSION
+    server_ctx.load_cert_chain(certfile='cert/server.pem',
+                               keyfile='cert/server.key')
+    server_ctx.load_verify_locations(cafile='cert/ca.pem')
+    server_ctx.set_ciphers('ECDH+AESGCM')
+
+    loop.create_task(asyncio.start_server(handle_client_v3, '0.0.0.0', 10443,
+                                          ssl=server_ctx))
    web_task = loop.create_task(webserver('0.0.0.0', 8127))

    #
@@ -183,7 +223,7 @@ if __name__ == "__main__":
                                lambda loop=loop: asyncio.create_task(
                                    handle_shutdown(web_task)))

-    loop.set_debug(log_level == logging.DEBUG)
+    loop.set_debug(True)
    try:
        if ConfigErr is None:
            proxy_is_up = True
Author	SHA1	Message	Date
Stefan Allius	2632698008	Merge branch 'main' of https://github.com/s-allius/tsun-gen3-proxy into ssl-connection	2024-07-02 00:41:14 +02:00
Stefan Allius	210c02f0b9	add experimental SSL support	2024-06-29 17:28:34 +02:00
Stefan Allius	a51ac03021	dd asyncio logging	2024-06-29 17:27:55 +02:00
Stefan Allius	e6b726912a	add cert directory	2024-06-29 17:25:46 +02:00
Stefan Allius	7c48ee4065	rename python to debugpy	2024-06-27 21:01:32 +02:00
Stefan Allius	4e89abd2c9	fix timout calculation	2024-06-27 21:00:50 +02:00
Stefan Allius	f304aa009e	add quit flag to docker push	2024-06-27 21:00:17 +02:00
Stefan Allius	9e218fdf41	fix Config.class_init() - return error string or None - release Schema structure after building thr config	2024-06-25 23:28:34 +02:00
Stefan Allius	18f6332784	fix timer cleanup	2024-06-25 23:13:59 +02:00
Stefan Allius	26aebbcab8	fix buildx warnings	2024-06-23 23:56:37 +02:00
Stefan Allius	a9c7ea386e	S allius/issue111 (#112 ) Synchronize regular MODBUS commands with the status of the inverter to prevent the inverter from crashing due to unexpected packets. * inital checkin * remove crontab entry for regular MODBUS cmds * add timer for regular MODBUS polling * fix Stop method call for already stopped timer * optimize MB_START_TIMEOUT value * cleanup * update changelog	2024-06-23 22:23:48 +02:00
Stefan Allius	6332976c4a	S allius/issue102 (#110 ) * hotfix: don't send two MODBUS commands together * fix unit tests * remove read loop * optional sleep between msg read and sending rsp * wait after read 0.5s before sending a response * add pending state * fix state definitions * determine the connection timeout by the conn state * avoid sending MODBUS cmds in the inverter's reporting phase * update changelog	2024-06-23 15:06:43 +02:00
Stefan Allius	cc233dcb17	S allius/issue108 (#109 ) * add more data types * adapt unittests * improve test coverage * fix linter warning * update changelog	2024-06-23 00:52:42 +02:00
Stefan Allius	9a9cf79aac	fix unittests	2024-06-21 23:38:07 +02:00
Stefan Allius	3ce29d4a96	fix merge conflict	2024-06-21 19:26:27 +02:00
Stefan Allius	a09d489c94	Merge branch 'main' of https://github.com/s-allius/tsun-gen3-proxy into dev-0.9	2024-06-21 19:25:37 +02:00
Stefan Allius	2d4679a361	S allius/issue100 (#101 ) * detect dead connections - disconnect connection on Msg receive timeout - improve connection trace (add connection id) * update changelog	2024-06-17 23:10:54 +02:00
Stefan Allius	9ff1453922	Merge pull request #99 from s-allius/health_check Health check	2024-06-16 23:08:12 +02:00
Stefan Allius	5b36efc5e9	Merge branch 'dev-0.9.0' into health_check	2024-06-16 23:07:47 +02:00
Stefan Allius	c71994c839	update changelog	2024-06-16 22:58:04 +02:00
Stefan Allius	7d058e74fe	log healthcheck infos with DEBUG level	2024-06-16 22:54:56 +02:00
Stefan Allius	373916bead	add healthy method	2024-06-16 22:47:45 +02:00
Stefan Allius	f4b434cfef	set new state State.received	2024-06-16 22:45:13 +02:00
Stefan Allius	d14cbe87a2	add docstrings to state enum	2024-06-16 22:43:59 +02:00
Stefan Allius	8aa1ef59ce	updat changelog	2024-06-16 19:35:38 +02:00
Stefan Allius	3d55ac57a8	Update CHANGELOG.md	2024-06-16 19:17:11 +02:00
Stefan Allius	8088e6ab3c	cleanup	2024-06-16 18:13:07 +02:00
Stefan Allius	4372e49a1e	add HTTP server for healthcheck	2024-06-16 17:51:51 +02:00
Stefan Allius	da832232bb	calc processing time for healthcheck	2024-06-16 17:51:14 +02:00
Stefan Allius	e0568291f6	use Enum class for State	2024-06-16 17:50:09 +02:00
Stefan Allius	f5e7aa4292	add aiohttp	2024-06-16 17:48:17 +02:00
Stefan Allius	5e360e1139	add wget for healtcheck	2024-06-16 17:47:46 +02:00
Stefan Allius	94f7f5faa2	complete exposed port list	2024-06-16 17:47:13 +02:00
Stefan Allius	4600fc9577	add healtcheck	2024-06-16 17:46:51 +02:00
Stefan Allius	fa7bfe9e16	log unrelease references	2024-06-16 13:29:43 +02:00
Stefan Allius	3cebab40c8	add heaithy handler	2024-06-16 13:26:05 +02:00
Stefan Allius	4649beb075	Merge pull request #97 from s-allius/s-allius/issue93 S allius/issue93	2024-06-16 13:09:16 +02:00
Stefan Allius	9138affdb9	update changelog	2024-06-16 13:05:20 +02:00
Stefan Allius	80183598ca	cleanup	2024-06-16 13:03:33 +02:00
Stefan Allius	b688d04836	isolate Modbus fix	2024-06-16 13:00:02 +02:00
Stefan Allius	377c09bc66	Merge branch 'dev-0.9.0' of https://github.com/s-allius/tsun-gen3-proxy into s-allius/issue93	2024-06-16 12:39:56 +02:00
Stefan Allius	abb9e7c280	Merge pull request #96 from s-allius/s-allius/issue94 S allius/issue94	2024-06-16 12:35:12 +02:00
Stefan Allius	d78e32dd12	update changelog	2024-06-16 12:26:55 +02:00
Stefan Allius	30a6f75430	Merge branch 'dev-0.9.0' of https://github.com/s-allius/tsun-gen3-proxy into s-allius/issue94	2024-06-16 12:23:57 +02:00
Stefan Allius	e22ad78dcd	add exception handling for forward handler	2024-06-16 12:23:13 +02:00
Stefan Allius	453d8b2aa2	call modbus close hanlder on a close call	2024-06-16 11:57:51 +02:00
Stefan Allius	f9b02f3486	add a close handler to release internal resources	2024-06-16 11:56:03 +02:00
Stefan Allius	b053c7e576	Update async_stream.py - check if processing time is < 5 sec	2024-06-16 02:08:15 +02:00
Stefan Allius	10346e888f	log ConfigErr with DEBUG level	2024-06-16 01:52:34 +02:00
Stefan Allius	f629246dbd	fix typo	2024-06-16 01:18:06 +02:00
Stefan Allius	dbff66affd	add healthy check methods	2024-06-15 23:36:59 +02:00
Stefan Allius	ac534c20ed	calculate msg prossesing time	2024-06-15 23:34:11 +02:00
Stefan Allius	ff3ed83b49	add http server for healthcheck	2024-06-15 23:29:27 +02:00
Stefan Allius	ae94cd62fc	use config validation for healthcheck	2024-06-15 23:23:57 +02:00
Stefan Allius	a16a19cc2c	add aiohttp	2024-06-15 23:21:15 +02:00
Stefan Allius	dd351176bd	add wget for healthcheck	2024-06-15 23:20:38 +02:00
Stefan Allius	cc8674d108	add exposed ports and healthcheck	2024-06-15 23:19:10 +02:00
Stefan Allius	d7767cb5ea	update changelog	2024-06-14 20:11:17 +02:00
Stefan Allius	1e3bb31ef8	Merge pull request #90 from s-allius/s-allius/issue56 S allius/issue56	2024-06-14 00:05:48 +02:00
Stefan Allius	d6a44d9173	update changelog	2024-06-13 23:52:13 +02:00
Stefan Allius	43a2ef5712	add systemtest with invalid start byte	2024-06-13 23:45:22 +02:00
Stefan Allius	3209ebabde	fix warnings	2024-06-13 23:44:57 +02:00
Stefan Allius	aac6cfd629	dump droped packages	2024-06-13 23:43:05 +02:00
Stefan Allius	e8d32b45a5	label debug images with debug	2024-06-13 23:41:30 +02:00
Stefan Allius	06b63f554d	addapt unit test	2024-06-09 11:41:29 +02:00
Stefan Allius	53f6a5447d	cleanup msg_get_time handler	2024-06-09 11:41:01 +02:00
Stefan Allius	d6093e6b11	fix pytest collect warning	2024-06-09 11:40:08 +02:00
Stefan Allius	c8113e2f60	update changelog	2024-06-09 11:29:43 +02:00
Stefan Allius	57d6785f15	print image build time during proxy start	2024-06-09 11:22:23 +02:00
Stefan Allius	ff8adb5632	fix solarman unit tests - fake Mqtt class	2024-06-09 11:02:43 +02:00
Stefan Allius	1deab4be6a	fix imports	2024-06-09 11:01:04 +02:00
Stefan Allius	730229cfb0	don't mark all test as async	2024-06-09 01:26:21 +02:00
Stefan Allius	7b9550773d	don't use depricated varn anymore	2024-06-09 01:25:06 +02:00
Stefan Allius	3bc2b262b5	add more type annotations	2024-06-08 23:59:13 +02:00
Stefan Allius	37c2246132	fix names of issue branches	2024-06-08 23:57:46 +02:00
Stefan Allius	d0bd599420	fix Generator annotation for ha_proxy_confs	2024-06-08 23:54:52 +02:00
Stefan Allius	661f699444	Merge branch 'main' of https://github.com/s-allius/tsun-gen3-proxy into s-allius/issue56	2024-06-08 23:35:18 +02:00
Stefan Allius	a499c5e6b0	add more type annotations	2024-06-08 23:33:25 +02:00
Stefan Allius	9985917ad2	add more type annotations	2024-06-08 23:15:38 +02:00
Stefan Allius	851bd54d8f	Merge branch 'dev-0.9.0' of https://github.com/s-allius/tsun-gen3-proxy into s-allius/issue56	2024-06-08 00:08:54 +02:00
Stefan Allius	81d551e47f	initial version	2024-04-30 11:49:59 +02:00
Stefan Allius	63547bb51f	adapt tests for stateless timestamp handling	2024-04-29 22:51:31 +02:00
Stefan Allius	6eebd0c852	make timestamp handling stateless	2024-04-29 22:48:41 +02:00