Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for making connections over unix domain sockets #1620

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add support for making connections over unix domain sockets #1620

wants to merge 1 commit into from

Conversation

steffen-kiess
Copy link

Description

Add support for making connections over unix domain sockets.

The protocol used for the unix domain sockets is the same as the TCP protocol. The primary advantage of using unix domain sockets is that permissions can be applied if the server is running on the same host as the xknx application. This can be used to run knxd (e. g. to connect to a USB interface) and expose the socket only for certain users/groups. knxd supports TCP and unix domain sockets starting with version 0.14.68 (or PR knxd/knxd#573).

This also adds support for connecting to arbitrary streams, which can be used to connect to a knxd on another host using ssh, see examples/example_telegram_monitor_unix.py for an example.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Code quality improvements to existing code or addition of tests

Checklist

  • The documentation has been adjusted accordingly
  • Tests have been added that prove the fix is effective or that the feature works
  • The changes are documented in the changelog (docs/changelog.md)

@farmio
Copy link
Member

farmio commented Dec 13, 2024

Hi 👋!
Thanks for your contribution efforts!

I'd have a couple of questions regarding this.

  • Why do you use the tcp tunnelling protocol and not routing protocol?

  • Are there any other apps / devices, apart from knxd, that support Knx IP over Unix domain sockets?

  • What are the real world use cases for that?

  • I don't understand this part:

    support for connecting to arbitrary streams, which can be used to connect to a knxd on another host using ssh

    Wouldn't providing the sockets be responsibility of the app using xknx, instead of xknx itself? Why do we need a connect_cb?

@steffen-kiess
Copy link
Author

Hi 👋! Thanks for your contribution efforts!

I'd have a couple of questions regarding this.

* Why do you use the tcp tunnelling protocol and not routing protocol?

The routing protocol does not hand out individual addresses, and also I'm not sure how to transport that over a unix domain socket.

* Are there any other apps / devices, apart from knxd, that support Knx IP over Unix domain sockets?

No, not that I'm aware of.

* What are the real world use cases for that?

In my case I want to use knxd to connect to a KNX USB interface. Connecting from xknx to knxd over TCP or UDP is possible, but means that everyone on the current host can access the KNX bus, which I'd like to avoid. With unix domain sockets, I can ask systemd to set the permissions in a way that only certain users can access the /run/knxnet socket.

* I don't understand this part:
  > support for connecting to arbitrary streams, which can be used to connect to a knxd on another host using ssh
  
  
  Wouldn't providing the sockets be responsibility of the app using xknx, instead of xknx itself? Why do we need a `connect_cb`?

Providing a socket e.g. in the ConnectionConfig class would break reconnecting, because a new socket has to be used for the second connection attempt. That's why I decided to use a callback here.

@codecov Codecov
Copy link

codecov bot commented Dec 14, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 67.64706% with 11 lines in your changes missing coverage. Please review.

Project coverage is 96.83%. Comparing base (c9625a1) to head (a5fed95).
Report is 4 commits behind head on main.

Files with missing lines Patch % Lines
xknx/io/tunnel.py 68.42% 6 Missing ⚠️
xknx/io/transport/tcp_transport.py 40.00% 3 Missing ⚠️
xknx/io/knxip_interface.py 66.66% 2 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1620      +/-   ##
==========================================
- Coverage   96.92%   96.83%   -0.09%     
==========================================
  Files         160      160              
  Lines       10688    10717      +29     
==========================================
+ Hits        10359    10378      +19     
- Misses        329      339      +10
Files with missing lines Coverage Δ
xknx/io/connection.py 100.00% <100.00%> (ø)
xknx/io/knxip_interface.py 87.86% <66.66%> (-0.60%) ⬇️
xknx/io/transport/tcp_transport.py 43.07% <40.00%> (-0.48%) ⬇️
xknx/io/tunnel.py 84.50% <68.42%> (-1.33%) ⬇️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@steffen-kiess @farmio