What can we improve?

Documentation

(Edit)

WebServer

The WebServer module in IP-Symcon is used to make the WebFront available via another port. By default, the WebFront is available via port 3777. In particular, another WebServer is advantageous if SSL encryption is to be used.

Optionally, it is possible to enable basic authentication, which provides additional protection for the "user" folder.

Scripts executed by the WebServer include these system variables.

The JSON-RPC API (/api/) is available on any WebServer and is secured by remote access. Since IP-Symcon 4.0, the WebHooks (/hook/) are also available, each of which is secured by the authentication of the respective WebHook.

Since version 4.0, the WebServer is no longer added automatically. To be able to use it, it must be added via "Add object -> Add instance -> WebServer"

Basic authentication applies to the "user" folder only. The start page with the list of available configurators is always accessible without a password. If a WebFront password is to be assigned for each WebFront configurator, this can be set up in the configuration of the respective WebFront configurator

SSL Encryption

To use SSL, at least the certificate and the private key are required.

Option Description
Certificate Selection of the *.pem file containing the certificate
Private key Selection of the *.pem file containing the private key
Certification body
(optional)
Selection of the *.pem file which contains the certification authority for a trusted access
DH parameters
(optional)
Select the dhparam.pem file for the Diffie-Hellman parameter which prevents a logjam. This brings increased safety

configuration page

Create certificate

Using OpenSSL, certificates and private keys can be created.

// Generate a private key
openssl genrsa -out pk.pem 1024
 
// Create a certificate signing request
openssl req -new -key pk.pem -out req.csr
 
// Self-sign the csr
openssl x509 -req -days 3650 -in req.csr -signkey pk.pem -out cert.pem

For a Browser to accept a certificate, IP-Symcon must be accessible via a public domain and a certificate issued by a recognized certificate authority must be present.

"user" Folder

The "user" folder contains user-defined contents of IP-Symcon (e.g. additional display scripts).
The path to this folder depends on the operating system used.

  • SymBox: /var/lib/symcon/webfront/user/
  • Windows: C:\ProgramData\Symcon\webfront\user\
  • MacOS: /Library/Application Support/Symcon/webfront/user/
  • Linux: /var/lib/symcon/webfront/user/
  • Raspberry Pi: /var/lib/symcon/webfront/user/

If files are stored under another path, they will be deleted automatically during the next update of IP-Symcon. This is the only way to ensure that the installation of IP-Symcon always remains free of file version conflicts.

Log files

The option "Create log files" creates a file named access_12345.log in the "logs" directory of IP-Symcon for each WebServer, where the number 12345 stands for the InstanceID of the WebServer.
The created log files are Webalizer compatible and can thus be evaluated graphically.
The path to this folder depends on the operating system used.

  • SymBox: /var/log/symcon/
  • Windows: C:\ProgramData\Symcon\logs\
  • MacOS: /Library/Logs/Symcon/
  • Linux: /var/log/symcon/
  • Raspberry Pi: /var/log/symcon/

Tips and tricks

Forum: "Order SSL certificate and set it up in IP-Symcon"

Deutsche Webseite verfügbar
Go to cart
Any questions?