ioBroker.admin
ioBroker.admin copied to clipboard
user interface for configuration and administration
ioBroker.admin
User interface for configuration and administration of ioBroker.
This adapter uses Sentry libraries to automatically report exceptions and code errors to the developers. For more details and for information how to disable the error reporting see Sentry-Plugin Documentation! Sentry reporting is used starting with js-controller 3.0.
Using common.localLink
-
%ip%
- ioBroker ip address (address of the admin) -
%secure%
or%protocol%
- read fromnative.secure
the value and use http or https -
%web_protocol%
- looking for the first instance of web (e.g. web.0) and getnative.secure
fromsystem.adapter.web.0
-
%instance%
- instance of the adapter -
%someField%
- get someField fromnative
of this adapter instance -
%web.0_bind%
- get native.bind fromsystem.adapter.web.0
-
%native_someField%
- get someField fromnative
of this adapter instance
Scheduled restart
Some adapters are not stable or connection disappear after one or two days. To fix this there is a scheduled restart setting. To activate scheduled restart just define CRON condition when to restart adapter.
It is suggested to restart in the night, when no one use the adapter, e.g. 0 3 * * *
- at 3:00 every day.
Let's Encrypt Certificates
Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
You can read about Let’s Encrypt here.
Some installations use Dynamic DNS and Co to get the domain name and to reach under this domain name own websites. ioBroker supports automatic request and renew of certificates from Let’s Encrypt Organisation.
There is an option to activate free certificates from Let’s Encrypt almost in every adapter, that can start some web server and supports HTTPS.
If you just enable the using of certificates and will not activate an automatic update the instance will try to use stored certificates.
If the automatic update is activated the instance will try to request certificates from Let’s Encrypt and will automatically update it.
The certificates will be first requested when the given domain address will be accessed. E.g. you have "sub.domain.com" as address, when you try to access https://sub.domain.com the certificates will be first requested, and it can last a little before first answer will come.
The issuing of certificates is rather complex procedure, but if you will follow the explanation you will easily get free certificates.
Description:
- The new account will be created with given email address (you must set it up in system settings)
- Some random key will be created as password for the account.
- After the account is created the system starts on port 80 the small website to confirm the domain.
- Let's encrypt use always port 80 to check the domain.
- If port 80 is occupied by other service see point 4.
- After the small web server is up the request to get certificates for given domains (system settings) will be sent to the Let's encrypt server.
- Let's encrypt server sends back some challenge phrase as answer on the request and after a while tries to read this challenge phrase on "http://yourdomain:80/.well-known/acme-challenge/<CHALLENGE>"
- If challenge phrase from our side comes back the Let's encrypt server send us the certificates. They will be stored in the given directory (system settings).
Sounds complex, but everything what you must do is to activate checkboxes and specify your email and domain in system settings.
The received certificates are valid ca. 90 days. After the certificates are received the special task will be started to automatically renew the certificates.
The topic is rather complex and 1000 things can go wrong. If you cannot get certificates please use cloud service to reach your installation from internet.
Let's encrypt works only from node.js version>=4.5
Simple instance's settings page
The user has the possibility to limit the access to the instance configuration dialog. For that the option "Allow access only to specific instances" must be activated. It could be found on the "Access to the instances" tab. Additionally, the allowed instances should be selected in the appeared configuration table.
If this option is disabled, the simple configuration page could be accessed under http://IP:8081/configs.html
Reverse proxy
Please be sure that you forward not only the http/https requests, but the web-socket traffic too. It is essential for communication.
From version 6.1.0 you have the possibility to tune intro page for usage with reverse proxy.
Example
Your ioBroker.admin
runs on port 8081 behind reverse proxy with domain iobroker.mydomain.com
under path /ioBrokerAdmin/
.
And you set up e.g. nginx to forward the requests to the http://local-iobroker.IP:8081
.
Same is with your web instance: https://iobroker.mydomain.com/ioBrokerWeb/ => http://local-iobroker.IP:8082
.
And with rest-api instance: https://iobroker.mydomain.com/ioBrokerAPI/ => http://local-iobroker.IP:8093
.
You can add following lines into Reverse Proxy tab to let Intro tab run behind reverse proxy properly:
Global path | Instance | Instance path behind proxy |
---|---|---|
/ioBrokerAdmin/ |
web.0 |
/ioBrokerWeb/ |
rest-api.0 |
/ioBrokerAPI/ |
|
admin.0 |
/ioBrokerAdmin/ |
|
eventlist.0 |
/ioBrokerWeb/eventlist/ |
So all links of instances that use web server, like eventlist
, vis
, material
and so on will use https://iobroker.mydomain.com/ioBrokerWeb/
path
OAuth2.0 Authentication flow
There is a possibility to use OAuth2.0 authentication for other services. Admin has an endpoint oauth2_callbacks
.
The calls like http(s)://ip:port/oauth2_callbacks/adapterName.X/?state=ABC&code=123¶m=true¶m2
will be processed and the special message oauth2Callback
will be sent to adapterName.X
instance with query parameters {"state": "ABC", "code": 123, "param": true, "param2": true}
.
As mandatory response the admin expects the object like: {"result": "Show this text to user by success", "error": "ERROR: Result will be ignored"}
. The result or error will be shown to the user. Please send already translated messages.
Used icons
This project uses icons from Flaticon.
ioBroker GmbH has a valid license for all used icons. The icons may not be reused in other projects without the proper flaticon license or flaticon subscription.
Changelog
6.2.18 (2022-08-24)
- (bluefox) Corrected GUI bugs on custom settings
6.2.17 (2022-08-19)
- (bluefox) Corrected GUI bug on intro tab
6.2.16 (2022-08-18)
- (bluefox) Corrected many GUI issues
- (bluefox) Added
stable
flag for repositories - (bluefox) Added reset button for repositories
- (bluefox) Improved
writeFile
function for socket communication
6.2.14 (2022-08-06)
- (Apollon77) Fix for OAuth2 authentication response success page
6.2.13 (2022-08-01)
- (bluefox) Corrected JSON config
License
The MIT License (MIT)
Copyright (c) 2014-2022 bluefox [email protected]