SPC Web Gateway in Docker

SPC Web Gateway support issues
Post Reply
gol
Webbplatsadministratör
Posts: 79
Joined: Sun 01 Jun 2014, 19:38

SPC Web Gateway in Docker

Post by gol » Tue 03 Jul 2018, 22:20

Here you can see how to embed SPC Web Gateway in Docker:

https://github.com/jschlyter/spc-web-gateway-docker

Many thanks to jschlyter

fergalom
Posts: 15
Joined: Fri 11 Sep 2015, 09:16

Re: SPC Web Gateway in Docker

Post by fergalom » Sat 06 Oct 2018, 22:58

Trying to get this working in Docker.
I can now access the Testpanel and communicate with SPC alarm etc.

Have NodeRED docker image also on same host and using a curl to test (worked previosuly on rpi):
Also cannot connect to websocket (again worked previosuly on rpi)

Code: Select all

Command failed: curl -X GET http://192.168.1.4:8088/spc/area -k --digest -v
* Hostname was NOT found in DNS cache
*   Trying 192.168.1.4...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to 192.168.1.4 (192.168.1.4) port 8088 (#0)
> GET /spc/area HTTP/1.1
> User-Agent: curl/7.38.0
> Host: 192.168.1.4:8088
> Accept: */*
> 
* Empty reply from server
* Connection #0 to host 192.168.1.4 left intact
curl: (52) Empty reply from server
But on another terminal on the lan, the curl command works!

Code: Select all

C:\Users\xyz>curl -X GET http://192.168.1.4:8088/spc/area -k --digest -v
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying 192.168.1.4...
* TCP_NODELAY set
* Connected to 192.168.1.4 (192.168.1.4) port 8088 (#0)
> GET /spc/area HTTP/1.1
> Host: 192.168.1.4:8088
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
* no chunk, no close, no size. Assume close to signal end
<
{"status":"success","data":{"area":[{"id":"1","name":"House","mode":"0"},{"id":"2","name":"Shed","mode":"3","last_set_time":"1538863812","last_set_user_id":"9998","last_set_user_name":"Remote Engineer","last_unset_time":"1538863808","last_unset_user_id":"9998","last_unset_user_name":"Remote Engineer"},{"id":"3","name":"Gate","mode":"3"},{"id":"4","name":"Hidden","mode":"0"}]}}* Closing connection 0
docker-compose.yaml (extract)

Code: Select all

    spc-web-gateway:
        container_name: spc-gateway
        image: spc-web-gateway
        tty: true
        ports:
          - 8088:8088
          - 16000:16000
        volumes:
          - /opt/spc-web-gateway/auth:/opt/spc-web-gateway/auth:z
          - /opt/spc-web-gateway/config.xml:/opt/spc-web-gateway/config.xml:ro
        restart: unless-stopped
        network_mode: host

    node-red:
        container_name: node-red
        image: nodered/node-red-docker:v8
        user: "1000:1000"
        ports:
          - 1880:1880
        volumes:
          - /opt/node-red:/data
          - /etc/localtime:/etc/localtime:ro
        restart: on-failure
        depends_on:
          - mosquitto
          - homeassistant
        healthcheck:
          test: ["CMD", "curl", "-f", "http://127.0.0.1:1880"]
          interval: 30s
          timeout: 10s
          retries: 5

Docker logs say:
No logs available

kenny
Posts: 1
Joined: Thu 03 Jan 2019, 13:56

Re: SPC Web Gateway in Docker

Post by kenny » Thu 03 Jan 2019, 16:26

Hi, where you able to get this working in a secure manner?
I have got it working but security could be improved.
If you could provide any more details , i would very much appreciate it

kind regards,

Kenny

fergalom
Posts: 15
Joined: Fri 11 Sep 2015, 09:16

Re: SPC Web Gateway in Docker

Post by fergalom » Thu 03 Jan 2019, 16:45

Hey Kenny, not sure what you mean by secure manner?
If using this with Nodered then yes, you can use the PUT/GET auth methods and secure websockets etc.
If using with Homeassistant then no, its a limitation of the SPC HA component rather than the SPC gateway or docker image afaik.

The access control list is the only option open to you and its pretty easy to lock it down along with not exposing your network to the internet etc.

Post Reply