Skip to content

Commit

Permalink
Merge pull request #901 from KayJay7/feature/freebox
Browse files Browse the repository at this point in the history 
Added FREEBOX plugin by @KayJay7 and @Lucide 🙏
  • Loading branch information
@jokob-sk
jokob-sk authored Dec 2, 2024
2 parents 826bd8f + ea16302 commit 4a75f92
Show file tree
Hide file tree
Showing 5 changed files with 757 additions and 18 deletions.
23 changes: 19 additions & 4 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,21 +5,36 @@ ARG INSTALL_DIR=/app
ENV PYTHONUNBUFFERED=1

# Install build dependencies
RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev openssl-dev \
RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev openssl-dev git\
&& python -m venv /opt/venv


# Enable venv
ENV PATH="/opt/venv/bin:$PATH"

COPY . ${INSTALL_DIR}/


RUN pip install graphene flask netifaces tplink-omada-client pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros \
RUN pip install graphene flask netifaces tplink-omada-client pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros git+https://github.com/foreign-sub/aiofreepybox.git \
&& bash -c "find ${INSTALL_DIR} -type d -exec chmod 750 {} \;" \
&& bash -c "find ${INSTALL_DIR} -type f -exec chmod 640 {} \;" \
&& bash -c "find ${INSTALL_DIR} -type f \( -name '*.sh' -o -name '*.py' -o -name 'speedtest-cli' \) -exec chmod 750 {} \;"

# Append Iliadbox certificate to aiofreepybox
RUN printf "\n-----BEGIN CERTIFICATE-----\n\
MIICOjCCAcCgAwIBAgIUI0Tu7zsrBJACQIZgLMJobtbdNn4wCgYIKoZIzj0EAwIw\n\
TDELMAkGA1UEBhMCSVQxDjAMBgNVBAgMBUl0YWx5MQ4wDAYDVQQKDAVJbGlhZDEd\n\
MBsGA1UEAwwUSWxpYWRib3ggRUNDIFJvb3QgQ0EwHhcNMjAxMTI3MDkzODEzWhcN\n\
NDAxMTIyMDkzODEzWjBMMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDjAM\n\
BgNVBAoMBUlsaWFkMR0wGwYDVQQDDBRJbGlhZGJveCBFQ0MgUm9vdCBDQTB2MBAG\n\
ByqGSM49AgEGBSuBBAAiA2IABMryJyb2loHNAioY8IztN5MI3UgbVHVP/vZwcnre\n\
ZvJOyDvE4HJgIti5qmfswlnMzpNbwf/MkT+7HAU8jJoTorRm1wtAnQ9cWD3Ebv79\n\
RPwtjjy3Bza3SgdVxmd6fWPUKaNjMGEwHQYDVR0OBBYEFDUij/4lpoJ+kOXRyrcM\n\
jf2RPzOqMB8GA1UdIwQYMBaAFDUij/4lpoJ+kOXRyrcMjf2RPzOqMA8GA1UdEwEB\n\
/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQC6eUV1\n\
pFh4UpJOTc1JToztN4ttnQR6rIzxMZ6mNCe+nhjkohWp24pr7BpUYSbEizYCMAQ6\n\
LCiBKV2j7QQGy7N1aBmdur17ZepYzR1YV0eI+Kd978aZggsmhjXENQYVTmm/XA==\n\
-----END CERTIFICATE-----\n" >> /opt/venv/lib/python3.12/site-packages/aiofreepybox/freebox_certificates.pem

# second stage
FROM alpine:3.20 AS runner

Expand Down Expand Up @@ -57,6 +72,6 @@ COPY install/crontab /etc/crontabs/root
RUN ${INSTALL_DIR}/dockerfiles/pre-setup.sh

HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=2 \
CMD curl -sf -o /dev/null ${LISTEN_ADDR}:${PORT}/api/app_state.json
CMD curl -sf -o /dev/null ${LISTEN_ADDR}:${PORT}/api/app_state.json

ENTRYPOINT ["/init"]
30 changes: 16 additions & 14 deletions front/plugins/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,11 @@ Device-detecting plugins insert values into the `CurrentScan` database table. T
| `DDNS` || DDNS update | | | Script | [ddns_update](/front/plugins/ddns_update/) |
| `DHCPLSS` | 🔍/📥 | Import devices from DHCP leases | | | Script | [dhcp_leases](/front/plugins/dhcp_leases/) |
| `DHCPSRVS` || DHCP servers | | | Script | [dhcp_servers](/front/plugins/dhcp_servers/) |
| `FREEBOX` | 🔍/♻ | Pull data and names from Freebox/Iliadbox | | | Script | [freebox](/front/plugins/freebox/) |
| `ICMP` | 🔍 | ICMP (ping) status checker | | | Script | [icmp_scan](/front/plugins/icmp_scan/) |
| `INTRNT` | 🔍 | Internet IP scanner | | | Script | [internet_ip](/front/plugins/internet_ip/) |
| `INTRSPD` || Internet speed test | | | Script | [internet_speedtest](/front/plugins/internet_speedtest/) |
| `IPNEIGH` | 🔍 | Scan ARP (IPv4) and NDP (IPv6) tables | | | Script | [ipneigh](/front/plugins/ipneigh/) |
| `MAINT` || Maintenance of logs, etc. | | | Script | [maintenance](/front/plugins/maintenance/) |
| `MQTT` | ▶️ | MQTT for synching to Home Assistant | | | Script | [_publisher_mqtt](/front/plugins/_publisher_mqtt/) |
| `NBTSCAN` || Nbtscan (NetBIOS-based) name resolution | | | Script | [nbtscan_scan](/front/plugins/nbtscan_scan/) |
Expand All @@ -52,14 +55,13 @@ Device-detecting plugins insert values into the `CurrentScan` database table. T
| `SMTP` | ▶️ | Email notifications | | | Script | [_publisher_email](/front/plugins/_publisher_email/) |
| `SNMPDSC` | 🔍/📥 | SNMP device import & sync | | | Script | [snmp_discovery](/front/plugins/snmp_discovery/) |
| `SYNC` | 🔍/⚙/📥| Sync & import from NetAlertX instances | 🖧 🔄 | | Script | [sync](/front/plugins/sync/) |
| `TELEGRAM` | ▶️ | Telegram notifications | | | Script | [_publisher_telegram](/front/plugins/_publisher_telegram/) |
| `TELEGRAM` | ▶️ | Telegram notifications | | | Script | [_publisher_telegram](/front/plugins/_publisher_telegram/) |
| `UNDIS` | 🔍/📥 | Create dummy devices | | | Script | [undiscoverables](/front/plugins/undiscoverables/) |
| `UNFIMP` | 🔍/📥 | UniFi device import & sync | 🖧 | | Script | [unifi_import](/front/plugins/unifi_import/) |
| `VNDRPDT` || Vendor database update | | | Script | [vendor_update](/front/plugins/vendor_update/) |
| `WEBHOOK` | ▶️ | Webhook notifications | | | Script | [_publisher_webhook](/front/plugins/_publisher_webhook/) |
| `WEBMON` || Website down monitoring | | | Script | [website_monitor](/front/plugins/website_monitor/) |
| `IPNEIGH` | 🔍 | Scan ARP (IPv4) and NDP (IPv6) tables | | | Script | [ipneigh](/front/plugins/ipneigh/) |



> \* The database cleanup plugin (`DBCLNP`) is not _required_ but the app will become unusable after a while if not executed.
>
Expand All @@ -70,20 +72,20 @@ Device-detecting plugins insert values into the `CurrentScan` database table. T
## Plugin types


| Plugin type | Icon | Description | When to run | Required | Data source [?](/docs/PLUGINS_DEV.md) |
|---------------|------|----------------------------------------------------------------|--------------------------|----|---------|
| publisher | ▶️ | Sending notifications to services. | `on_notification` || Script |
| dev scanner | 🔍 | Create devices in the app, manages online/offline device status. | `schedule` | | Script / SQLite DB |
| importer | 📥 | Importing devices from another service. | `schedule` | | Script / SQLite DB |
| system || Providing core system functionality. | `schedule` / always on | ✖/✔ | Script / Template |
| other || Other scanners, e.g. for name resolution | misc || Script / Template |
| Plugin type | Icon | Description | When to run | Required | Data source [?](/docs/PLUGINS_DEV.md) |
| ----------- | ---- | ---------------------------------------------------------------- | ---------------------- | -------- | ------------------------------------- |
| publisher | ▶️ | Sending notifications to services. | `on_notification` || Script |
| dev scanner | 🔍 | Create devices in the app, manages online/offline device status. | `schedule` | | Script / SQLite DB |
| importer | 📥 | Importing devices from another service. | `schedule` | | Script / SQLite DB |
| system | | Providing core system functionality. | `schedule` / always on | ✖/✔ | Script / Template |
| other | | Other scanners, e.g. for name resolution | misc || Script / Template |

## Features

| Icon | Description |
|------|---------------------------------------------------------------|
| 🖧 | Auto-imports the network topology diagram |
| 🔄 | Has the option to sync some data back into the plugin source |
| Icon | Description |
| ---- | ------------------------------------------------------------ |
| 🖧 | Auto-imports the network topology diagram |
| 🔄 | Has the option to sync some data back into the plugin source |


## ✅Enabling plugins
Expand Down
50 changes: 50 additions & 0 deletions front/plugins/freebox/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
## Overview

Plugin to pull devices, IPs, and their names from a Freebox or Iliadbox gateway.

### Pairing

Requirements:
- Physical access to the Freebox
- Network access to the same lan as the Freebox

Regardless of which setup you will choose, you will first need to pair NetAlertX to your Freebox. To pair, the device running NetAlertX *must* be connected on the same lan as the Freebox. After pairing, the device can access your Freebox even from the Internet (se [remote setup](#remote-setup)).

To pair, you can leave the settings to their default values (same as [quick setup](#quick-setup)), though other configurations will work as well if you can't use the default one.

When you run the plugin the first time, it will send a pairing request to the Freebox, if you look at the logs you will see a message saying to *"Continue the pairing on your Freebox"*. At this point, on the front panel of the Freebox you will see an authorization request, confirm it using the buttons on the front panel to complete the pairing.
If you don't see the message on the logs, something is preventing the plugin from running.

Note: You can screen and revoke any previous authorization (completed or attempted) from the web interface of your Freebox.

### Quick setup

Note: read [pairing](#pairing) first.

By default the plugin will connect to the address `mafreebox.freebox.fr` on the HTTPS port `443`, if you have an Iliadbox, replace the address with `myiliadbox.iliad.it`. This will work in most cases, but has some limitations.

Limitations:
- It requires internet access
- The Freebox must be your gateway
- The device must be in the same lan as the Freebox

### Offline setup (recommended)

Use this configuration if you wish to connect to your Freebox even when you are offline, or the Freebox is not your gateway.

Find the local IP address of your Freebox, if it is your gateway, you can find the address on your computer/smartphone network configuration (usually it's `192.168.1.1`). Go in the plugin settings and set the IP as address and `80` as the port (do *not* use `443` as the port). This configuration works regardless of your internet connection and poses little limitations.

Limitations:
- *If* there is no internet connection, the plugin will fallback to HTTP (not HTTPS)

For more detail: the plugin will connect to the specified address and port to fetch information about the Freebox, then it will either connect in HTTPS through the Freebox's unique domain name, or connect over HTTP if there is no internet connection. The freebox does offer an HTTPS port on the local network, but the certificate will be invalid for the local IP, and the connection will be aborted.

### Remote setup

Use this configuration if you wish to connect to your Freebox through the internet. You still need to pair from the local network.

If the Freebox is not your gateway, configure a NAT and follow the [offline setup](#offline-setup-recommended).

If the Freebox is your gateway you need to find its HTTPS (or HTTP if you prefer) public port. This can be found either in the Freeboxe's web interface and by navigating to `settings>access management`, or (just for the HTTPS port) by visiting http://mafreebox.freebox.fr:80/api_version from the local network (you can use the local ip as well). This is the port you need to access your Freebox through the internet

As address, you can either use the public IP of the Freebox, or the unique domain name you found on http://mafreebox.freebox.fr:80/api_version listed as `api_domain`.
Loading

0 comments on commit 4a75f92

Please sign in to comment.