Hass.io Ingress (#519)

* Hass.io ingress

* Update

* Remove global vars

* Fix

* Fixes

* Fixes

* Upgrade base image to 1.5.1

* Lint

esphome/components/ledc/ledc_output.h

@@ -13,9 +13,7 @@ extern uint8_t next_ledc_channel;
 
 class LEDCOutput : public output::FloatOutput, public Component {
  public:
-  explicit LEDCOutput(GPIOPin *pin) : pin_(pin) {
-    this->channel_ = next_ledc_channel++;
-  }
+  explicit LEDCOutput(GPIOPin *pin) : pin_(pin) { this->channel_ = next_ledc_channel++; }
 
   void set_channel(uint8_t channel) { this->channel_ = channel; }
   void set_bit_depth(uint8_t bit_depth) { this->bit_depth_ = bit_depth; }

esphome/dashboard/dashboard.py

@@ -3,6 +3,7 @@ from __future__ import print_function
 
 import codecs
 import collections
+import functools
 import hashlib
 import hmac
 import json
@@ -39,15 +40,73 @@ from typing import Optional  # noqa
 from esphome.zeroconf import DashboardStatus, Zeroconf
 
 _LOGGER = logging.getLogger(__name__)
-CONFIG_DIR = ''
-PASSWORD_DIGEST = ''
-COOKIE_SECRET = None
-USING_PASSWORD = False
-ON_HASSIO = False
-USING_HASSIO_AUTH = True
-HASSIO_MQTT_CONFIG = None
-RELATIVE_URL = os.getenv('ESPHOME_DASHBOARD_RELATIVE_URL', '/')
-STATUS_USE_PING = get_bool_env('ESPHOME_DASHBOARD_USE_PING')
+
+
+class DashboardSettings(object):
+    def __init__(self):
+        self.config_dir = ''
+        self.password_digest = ''
+        self.using_password = False
+        self.on_hassio = False
+        self.cookie_secret = None
+
+    def parse_args(self, args):
+        self.on_hassio = args.hassio
+        if not self.on_hassio:
+            self.using_password = bool(args.password)
+        if self.using_password:
+            if IS_PY2:
+                self.password_digest = hmac.new(args.password).digest()
+            else:
+                self.password_digest = hmac.new(args.password.encode()).digest()
+        self.config_dir = args.configuration
+
+    @property
+    def relative_url(self):
+        return os.getenv('ESPHOME_DASHBOARD_RELATIVE_URL', '/')
+
+    @property
+    def status_use_ping(self):
+        return get_bool_env('ESPHOME_DASHBOARD_USE_PING')
+
+    @property
+    def using_hassio_auth(self):
+        if not self.on_hassio:
+            return False
+        return not get_bool_env('DISABLE_HA_AUTHENTICATION')
+
+    @property
+    def using_auth(self):
+        return self.using_password or self.using_hassio_auth
+
+    def check_password(self, password):
+        if not self.using_auth:
+            return True
+
+        if IS_PY2:
+            password = hmac.new(password).digest()
+        else:
+            password = hmac.new(password.encode()).digest()
+        return hmac.compare_digest(self.password_digest, password)
+
+    def rel_path(self, *args):
+        return os.path.join(self.config_dir, *args)
+
+    def list_yaml_files(self):
+        files = []
+        for file in os.listdir(self.config_dir):
+            if not file.endswith('.yaml'):
+                continue
+            if file.startswith('.'):
+                continue
+            if file == 'secrets.yaml':
+                continue
+            files.append(file)
+        files.sort()
+        return files
+
+
+settings = DashboardSettings()
 
 if IS_PY2:
     cookie_authenticated_yes = 'yes'
@@ -61,22 +120,29 @@ def template_args():
         'version': version,
         'docs_link': 'https://beta.esphome.io/' if 'b' in version else 'https://esphome.io/',
         'get_static_file_url': get_static_file_url,
-        'relative_url': RELATIVE_URL,
+        'relative_url': settings.relative_url,
         'streamer_mode': get_bool_env('ESPHOME_STREAMER_MODE'),
     }
 
 
 def authenticated(func):
+    @functools.wraps(func)
     def decorator(self, *args, **kwargs):
         if not is_authenticated(self):
-            self.redirect(RELATIVE_URL + 'login')
+            self.redirect('./login')
             return None
         return func(self, *args, **kwargs)
     return decorator
 
 
 def is_authenticated(request_handler):
-    if USING_HASSIO_AUTH or USING_PASSWORD:
+    if settings.on_hassio:
+        # Handle ingress - disable auth on ingress port
+        # X-Hassio-Ingress is automatically stripped on the non-ingress server in nginx
+        header = request_handler.request.headers.get('X-Hassio-Ingress', 'NO')
+        if str(header) == 'YES':
+            return True
+    if settings.using_auth:
         return request_handler.get_secure_cookie('authenticated') == cookie_authenticated_yes
     return True
 
@@ -126,10 +192,8 @@ class EsphomeCommandWebSocket(tornado.websocket.WebSocketHandler):
         self._proc = None
         self._is_closed = False
 
+    @authenticated
     def on_message(self, message):
-        if USING_HASSIO_AUTH or USING_PASSWORD:
-            if self.get_secure_cookie('authenticated') != cookie_authenticated_yes:
-                return
         # Messages are always JSON, 500 when not
         json_message = json.loads(message)
         type_ = json_message['type']
@@ -188,7 +252,7 @@ class EsphomeCommandWebSocket(tornado.websocket.WebSocketHandler):
     def _proc_on_exit(self, returncode):
         if not self._is_closed:
             # Check if the proc was not forcibly closed
-            _LOGGER.debug("Process exited with return code %s", returncode)
+            _LOGGER.info("Process exited with return code %s", returncode)
             self.write_message({'event': 'exit', 'code': returncode})
 
     def on_close(self):
@@ -205,39 +269,39 @@ class EsphomeCommandWebSocket(tornado.websocket.WebSocketHandler):
 
 class EsphomeLogsHandler(EsphomeCommandWebSocket):
     def build_command(self, json_message):
-        config_file = os.path.join(CONFIG_DIR, json_message['configuration'])
+        config_file = settings.rel_path(json_message['configuration'])
         return ["esphome", "--dashboard", config_file, "logs", '--serial-port',
                 json_message["port"]]
 
 
 class EsphomeUploadHandler(EsphomeCommandWebSocket):
     def build_command(self, json_message):
-        config_file = os.path.join(CONFIG_DIR, json_message['configuration'])
+        config_file = settings.rel_path(json_message['configuration'])
         return ["esphome", "--dashboard", config_file, "run", '--upload-port',
                 json_message["port"]]
 
 
 class EsphomeCompileHandler(EsphomeCommandWebSocket):
     def build_command(self, json_message):
-        config_file = os.path.join(CONFIG_DIR, json_message['configuration'])
+        config_file = settings.rel_path(json_message['configuration'])
         return ["esphome", "--dashboard", config_file, "compile"]
 
 
 class EsphomeValidateHandler(EsphomeCommandWebSocket):
     def build_command(self, json_message):
-        config_file = os.path.join(CONFIG_DIR, json_message['configuration'])
+        config_file = settings.rel_path(json_message['configuration'])
         return ["esphome", "--dashboard", config_file, "config"]
 
 
 class EsphomeCleanMqttHandler(EsphomeCommandWebSocket):
     def build_command(self, json_message):
-        config_file = os.path.join(CONFIG_DIR, json_message['configuration'])
+        config_file = settings.rel_path(json_message['configuration'])
         return ["esphome", "--dashboard", config_file, "clean-mqtt"]
 
 
 class EsphomeCleanHandler(EsphomeCommandWebSocket):
     def build_command(self, json_message):
-        config_file = os.path.join(CONFIG_DIR, json_message['configuration'])
+        config_file = settings.rel_path(json_message['configuration'])
         return ["esphome", "--dashboard", config_file, "clean"]
 
 
@@ -270,9 +334,9 @@ class WizardRequestHandler(BaseHandler):
         from esphome import wizard
 
         kwargs = {k: u''.join(decode_text(x) for x in v) for k, v in self.request.arguments.items()}
-        destination = os.path.join(CONFIG_DIR, kwargs['name'] + u'.yaml')
+        destination = settings.rel_path(kwargs['name'] + u'.yaml')
         wizard.wizard_write(path=destination, **kwargs)
-        self.redirect('/?begin=True')
+        self.redirect('./?begin=True')
 
 
 class DownloadBinaryRequestHandler(BaseHandler):
@@ -280,7 +344,7 @@ class DownloadBinaryRequestHandler(BaseHandler):
     @bind_config
     def get(self, configuration=None):
         # pylint: disable=no-value-for-parameter
-        storage_path = ext_storage_path(CONFIG_DIR, configuration)
+        storage_path = ext_storage_path(settings.config_dir, configuration)
         storage_json = StorageJSON.load(storage_path)
         if storage_json is None:
             self.send_error()
@@ -299,22 +363,8 @@ class DownloadBinaryRequestHandler(BaseHandler):
         self.finish()
 
 
-def _list_yaml_files():
-    files = []
-    for file in os.listdir(CONFIG_DIR):
-        if not file.endswith('.yaml'):
-            continue
-        if file.startswith('.'):
-            continue
-        if file == 'secrets.yaml':
-            continue
-        files.append(file)
-    files.sort()
-    return files
-
-
 def _list_dashboard_entries():
-    files = _list_yaml_files()
+    files = settings.list_yaml_files()
     return [DashboardEntry(file) for file in files]
 
 
@@ -326,12 +376,12 @@ class DashboardEntry(object):
 
     @property
     def full_path(self):  # type: () -> str
-        return os.path.join(CONFIG_DIR, self.filename)
+        return os.path.join(settings.config_dir, self.filename)
 
     @property
     def storage(self):  # type: () -> Optional[StorageJSON]
         if not self._loaded_storage:
-            self._storage = StorageJSON.load(ext_storage_path(CONFIG_DIR, self.filename))
+            self._storage = StorageJSON.load(ext_storage_path(settings.config_dir, self.filename))
             self._loaded_storage = True
         return self._storage
 
@@ -474,7 +524,7 @@ class EditRequestHandler(BaseHandler):
     @bind_config
     def get(self, configuration=None):
         # pylint: disable=no-value-for-parameter
-        with open(os.path.join(CONFIG_DIR, configuration), 'r') as f:
+        with open(settings.rel_path(configuration), 'r') as f:
             content = f.read()
         self.write(content)
 
@@ -482,7 +532,7 @@ class EditRequestHandler(BaseHandler):
     @bind_config
     def post(self, configuration=None):
         # pylint: disable=no-value-for-parameter
-        with open(os.path.join(CONFIG_DIR, configuration), 'wb') as f:
+        with open(settings.rel_path(configuration), 'wb') as f:
             f.write(self.request.body)
         self.set_status(200)
 
@@ -491,20 +541,20 @@ class DeleteRequestHandler(BaseHandler):
     @authenticated
     @bind_config
     def post(self, configuration=None):
-        config_file = os.path.join(CONFIG_DIR, configuration)
-        storage_path = ext_storage_path(CONFIG_DIR, configuration)
+        config_file = settings.rel_path(configuration)
+        storage_path = ext_storage_path(settings.config_dir, configuration)
         storage_json = StorageJSON.load(storage_path)
         if storage_json is None:
             self.set_status(500)
             return
 
         name = storage_json.name
-        trash_path = trash_storage_path(CONFIG_DIR)
+        trash_path = trash_storage_path(settings.config_dir)
         mkdir_p(trash_path)
         shutil.move(config_file, os.path.join(trash_path, configuration))
 
         # Delete build folder (if exists)
-        build_folder = os.path.join(CONFIG_DIR, name)
+        build_folder = os.path.join(settings.config_dir, name)
         if build_folder is not None:
             shutil.rmtree(build_folder, os.path.join(trash_path, name))
 
@@ -513,8 +563,8 @@ class UndoDeleteRequestHandler(BaseHandler):
     @authenticated
     @bind_config
     def post(self, configuration=None):
-        config_file = os.path.join(CONFIG_DIR, configuration)
-        trash_path = trash_storage_path(CONFIG_DIR)
+        config_file = settings.rel_path(configuration)
+        trash_path = trash_storage_path(settings.config_dir)
         shutil.move(os.path.join(trash_path, configuration), config_file)
 
 
@@ -525,10 +575,10 @@ PING_REQUEST = threading.Event()
 
 class LoginHandler(BaseHandler):
     def get(self):
-        if USING_HASSIO_AUTH:
+        if settings.using_hassio_auth:
             self.render_hassio_login()
             return
-        self.write('<html><body><form action="' + RELATIVE_URL + 'login" method="post">'
+        self.write('<html><body><form action="./login" method="post">'
                    'Password: <input type="password" name="password">'
                    '<input type="submit" value="Sign in">'
                    '</form></body></html>')
@@ -561,16 +611,12 @@ class LoginHandler(BaseHandler):
         self.render_hassio_login(error="Invalid username or password")
 
     def post(self):
-        if USING_HASSIO_AUTH:
+        if settings.using_hassio_auth:
             self.post_hassio_login()
             return
 
         password = str(self.get_argument("password", ''))
-        if IS_PY2:
-            password = hmac.new(password).digest()
-        else:
-            password = hmac.new(password.encode()).digest()
-        if hmac.compare_digest(PASSWORD_DIGEST, password):
+        if settings.check_password(password):
             self.set_secure_cookie("authenticated", cookie_authenticated_yes)
         self.redirect("/")
 
@@ -587,7 +633,7 @@ def get_static_file_url(name):
         with open(path, 'rb') as f_handle:
             hash_ = hashlib.md5(f_handle.read()).hexdigest()[:8]
         _STATIC_FILE_HASHES[name] = hash_
-    return RELATIVE_URL + u'static/{}?hash={}'.format(name, hash_)
+    return u'./static/{}?hash={}'.format(name, hash_)
 
 
 def make_app(debug=False):
@@ -615,31 +661,32 @@ def make_app(debug=False):
                 self.set_header('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0')
 
     static_path = os.path.join(os.path.dirname(__file__), 'static')
-    settings = {
+    app_settings = {
         'debug': debug,
-        'cookie_secret': COOKIE_SECRET,
+        'cookie_secret': settings.cookie_secret,
         'log_function': log_function,
         'websocket_ping_interval': 30.0,
     }
+    rel = settings.relative_url
     app = tornado.web.Application([
-        (RELATIVE_URL + "", MainRequestHandler),
-        (RELATIVE_URL + "login", LoginHandler),
-        (RELATIVE_URL + "logs", EsphomeLogsHandler),
-        (RELATIVE_URL + "upload", EsphomeUploadHandler),
-        (RELATIVE_URL + "compile", EsphomeCompileHandler),
-        (RELATIVE_URL + "validate", EsphomeValidateHandler),
-        (RELATIVE_URL + "clean-mqtt", EsphomeCleanMqttHandler),
-        (RELATIVE_URL + "clean", EsphomeCleanHandler),
-        (RELATIVE_URL + "vscode", EsphomeVscodeHandler),
-        (RELATIVE_URL + "edit", EditRequestHandler),
-        (RELATIVE_URL + "download.bin", DownloadBinaryRequestHandler),
-        (RELATIVE_URL + "serial-ports", SerialPortRequestHandler),
-        (RELATIVE_URL + "ping", PingRequestHandler),
-        (RELATIVE_URL + "delete", DeleteRequestHandler),
-        (RELATIVE_URL + "undo-delete", UndoDeleteRequestHandler),
-        (RELATIVE_URL + "wizard.html", WizardRequestHandler),
-        (RELATIVE_URL + r"static/(.*)", StaticFileHandler, {'path': static_path}),
-    ], **settings)
+        (rel + "", MainRequestHandler),
+        (rel + "login", LoginHandler),
+        (rel + "logs", EsphomeLogsHandler),
+        (rel + "upload", EsphomeUploadHandler),
+        (rel + "compile", EsphomeCompileHandler),
+        (rel + "validate", EsphomeValidateHandler),
+        (rel + "clean-mqtt", EsphomeCleanMqttHandler),
+        (rel + "clean", EsphomeCleanHandler),
+        (rel + "vscode", EsphomeVscodeHandler),
+        (rel + "edit", EditRequestHandler),
+        (rel + "download.bin", DownloadBinaryRequestHandler),
+        (rel + "serial-ports", SerialPortRequestHandler),
+        (rel + "ping", PingRequestHandler),
+        (rel + "delete", DeleteRequestHandler),
+        (rel + "undo-delete", UndoDeleteRequestHandler),
+        (rel + "wizard.html", WizardRequestHandler),
+        (rel + r"static/(.*)", StaticFileHandler, {'path': static_path}),
+    ], **app_settings)
 
     if debug:
         _STATIC_FILE_HASHES.clear()
@@ -648,49 +695,27 @@ def make_app(debug=False):
 
 
 def start_web_server(args):
-    global CONFIG_DIR
-    global PASSWORD_DIGEST
-    global USING_PASSWORD
-    global ON_HASSIO
-    global USING_HASSIO_AUTH
-    global COOKIE_SECRET
+    settings.parse_args(args)
+    mkdir_p(settings.rel_path(".esphome"))
 
-    CONFIG_DIR = args.configuration
-    mkdir_p(CONFIG_DIR)
-    mkdir_p(os.path.join(CONFIG_DIR, ".esphome"))
-
-    ON_HASSIO = args.hassio
-    if ON_HASSIO:
-        USING_HASSIO_AUTH = not get_bool_env('DISABLE_HA_AUTHENTICATION')
-        USING_PASSWORD = False
-    else:
-        USING_HASSIO_AUTH = False
-        USING_PASSWORD = args.password
-
-    if USING_PASSWORD:
-        if IS_PY2:
-            PASSWORD_DIGEST = hmac.new(args.password).digest()
-        else:
-            PASSWORD_DIGEST = hmac.new(args.password.encode()).digest()
-
-    if USING_HASSIO_AUTH or USING_PASSWORD:
-        path = esphome_storage_path(CONFIG_DIR)
+    if settings.using_auth:
+        path = esphome_storage_path(settings.config_dir)
         storage = EsphomeStorageJSON.load(path)
         if storage is None:
             storage = EsphomeStorageJSON.get_default()
             storage.save(path)
-        COOKIE_SECRET = storage.cookie_secret
+        settings.cookie_secret = storage.cookie_secret
 
     app = make_app(args.verbose)
     if args.socket is not None:
         _LOGGER.info("Starting dashboard web server on unix socket %s and configuration dir %s...",
-                     args.socket, CONFIG_DIR)
+                     args.socket, settings.config_dir)
         server = tornado.httpserver.HTTPServer(app)
         socket = tornado.netutil.bind_unix_socket(args.socket, mode=0o666)
         server.add_socket(socket)
     else:
         _LOGGER.info("Starting dashboard web server on port %s and configuration dir %s...",
-                     args.port, CONFIG_DIR)
+                     args.port, settings.config_dir)
         app.listen(args.port)
 
         if args.open_ui:
@@ -698,7 +723,7 @@ def start_web_server(args):
 
             webbrowser.open('localhost:{}'.format(args.port))
 
-    if STATUS_USE_PING:
+    if settings.status_use_ping:
         status_thread = PingStatusThread()
     else:
         status_thread = MDNSStatusThread()

esphome/dashboard/static/esphome.js

@@ -9,7 +9,7 @@ let wsProtocol = "ws:";
 if (window.location.protocol === "https:") {
   wsProtocol = 'wss:';
 }
-const wsUrl = `${wsProtocol}//${window.location.hostname}:${window.location.port}${relative_url}`;
+const wsUrl = `${wsProtocol}//${window.location.host}${window.location.pathname}`;
 
 
 // ============================= Color Log Parsing =============================
@@ -192,7 +192,7 @@ const fetchPing = () => {
       return;
   isFetchingPing = true;
 
-  fetch(`${relative_url}ping`, {credentials: "same-origin"}).then(res => res.json())
+  fetch(`./ping`, {credentials: "same-origin"}).then(res => res.json())
     .then(response => {
       for (let filename in response) {
         let node = document.querySelector(`.status-indicator[data-node="${filename}"]`);
@@ -235,7 +235,7 @@ const portSelect = document.querySelector('.nav-wrapper select');
 let ports = [];
 
 const fetchSerialPorts = (begin=false) => {
-  fetch(`${relative_url}serial-ports`, {credentials: "same-origin"}).then(res => res.json())
+  fetch(`./serial-ports`, {credentials: "same-origin"}).then(res => res.json())
     .then(response => {
       if (ports.length === response.length) {
         let allEqual = true;
@@ -333,7 +333,6 @@ class LogModalElem {
   }
 
   _onPress(event) {
-    console.log("_onPress");
     this.activeConfig = event.target.getAttribute('data-node');
     this._setupModalInstance();
     // clear log
@@ -435,12 +434,12 @@ const validateModal = new LogModalElem({
   onProcessExit: (modalElem, code) => {
     if (code === 0) {
       M.toast({
-        html: `<code class="inlinecode">${configuration}</code> is valid 👍`,
+        html: `<code class="inlinecode">${validateModal.activeConfig}</code> is valid 👍`,
         displayLength: 5000,
       });
     } else {
       M.toast({
-        html: `<code class="inlinecode">${configuration}</code> is invalid 😕`,
+        html: `<code class="inlinecode">${validateModal.activeConfig}</code> is invalid 😕`,
         displayLength: 5000,
       });
     }
@@ -477,7 +476,7 @@ compileModal.setup();
 downloadButton.addEventListener('click', () => {
   const link = document.createElement("a");
   link.download = name;
-  link.href = `${relative_url}download.bin?configuration=${encodeURIComponent(compileModal.activeConfig)}`;
+  link.href = `./download.bin?configuration=${encodeURIComponent(compileModal.activeConfig)}`;
   document.body.appendChild(link);
   link.click();
   link.remove();
@@ -520,7 +519,7 @@ document.querySelectorAll(".action-delete").forEach((btn) => {
   btn.addEventListener('click', (e) => {
     let configuration = e.target.getAttribute('data-node');
 
-    fetch(`${relative_url}delete?configuration=${configuration}`, {
+    fetch(`./delete?configuration=${configuration}`, {
       credentials: "same-origin",
       method: "POST",
     }).then(res => res.text()).then(() => {
@@ -532,7 +531,7 @@ document.querySelectorAll(".action-delete").forEach((btn) => {
         document.querySelector(`.entry-row[data-node="${configuration}"]`).remove();
 
         undoButton.addEventListener('click', () => {
-          fetch(`${relative_url}undo-delete?configuration=${configuration}`, {
+          fetch(`./undo-delete?configuration=${configuration}`, {
             credentials: "same-origin",
             method: "POST",
           }).then(res => res.text()).then(() => {
@@ -554,7 +553,7 @@ editor.session.setOption('tabSize', 2);
 
 const saveButton = editModalElem.querySelector(".save-button");
 const saveEditor = () => {
-  fetch(`${relative_url}edit?configuration=${activeEditorConfig}`, {
+  fetch(`./edit?configuration=${activeEditorConfig}`, {
       credentials: "same-origin",
       method: "POST",
       body: editor.getValue()
@@ -581,7 +580,7 @@ document.querySelectorAll(".action-edit").forEach((btn) => {
     const filenameField = editModalElem.querySelector('.filename');
     filenameField.innerHTML = activeEditorConfig;
 
-    fetch(`${relative_url}edit?configuration=${activeEditorConfig}`, {credentials: "same-origin"})
+    fetch(`./edit?configuration=${activeEditorConfig}`, {credentials: "same-origin"})
       .then(res => res.text()).then(response => {
         editor.setValue(response, -1);
     });

esphome/dashboard/templates/index.html

@@ -16,7 +16,6 @@
 
   <script src="{{ get_static_file_url('materialize-stepper.min.js') }}"></script>
   <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
-  <script>const relative_url = "{{ relative_url }}";</script>
 
   {% if streamer_mode %}
     <style>
@@ -154,7 +153,7 @@
 
 <div id="modal-wizard" class="modal">
   <div class="modal-content">
-    <form action="/wizard.html" method="POST">
+    <form action="./wizard.html" method="POST">
     <ul class="stepper linear">
       <li class="step active">
         <div class="step-title waves-effect">Introduction And Name</div>

esphome/dashboard/templates/login.html

@@ -28,7 +28,7 @@
 <div class="container">
   <div class="row">
     <div class="col card s10 offset-s1 m10 offset-m1 l8 offset-l2">
-      <form action="{{ relative_url }}login" method="post">
+      <form action="./login" method="post">
         <div class="card-content">
           <span class="card-title">Enter credentials</span>
           <p>