diff --git a/README.md b/README.md
index f8524f5..b34f655 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ Feel free to join us on Discord: https://discord.gg/9nPq85bP4p
## Supported devices
Supported ESP32 devices:
-- Nuki Hub is compiled against all ESP32 models with Wi-Fi and Bluetooh Low Energy (BLE) which are supported by ESP-IDF 5.3.2 and Arduino Core 3.1.1.
+- Nuki Hub is compiled against all ESP32 models with Wi-Fi and Bluetooh Low Energy (BLE) which are supported by ESP-IDF 5.3.2 and Arduino Core 3.1.3.
- Tested stable builds are provided for the ESP32, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2.
- Untested builds are provided for the ESP32-Solo1 (as the developers don't own one).
@@ -46,7 +46,7 @@ As an alternative to Wi-Fi (which is available on any supported ESP32), the foll
- [LilyGO-T-ETH-Lite](https://github.com/Xinyuan-LilyGO/LilyGO-T-ETH-Series)
- [LilyGO-T-ETH-Lite-ESP32S3](https://github.com/Xinyuan-LilyGO/LilyGO-T-ETH-Series)
- [LilyGO-T-ETH ELite](https://github.com/Xinyuan-LilyGO/LilyGO-T-ETH-Series)
-- [GL-S10 (Revisions 2.1, 2.3 / 1.0 is not supported)](https://www.gl-inet.com/products/gl-s10/)
+- [GL-S10 (Revisions 2.1, 2.3 / 1.0 might not be supported)](https://www.gl-inet.com/products/gl-s10/)
In principle all ESP32 (and variants) devices with built-in ethernet port are supported, but might require additional setup using the "Custom LAN setup" option.
See the "[Connecting via Ethernet](#connecting-via-ethernet-optional)" section for more information.
@@ -211,6 +211,8 @@ Webflash will automatically flash the no/Quad SPI PSRAM build when an ESP32-S3 i
If your ESP32-S3 device has PSRAM but it is not detected please switch to the other S3 binary.
You can do this by flashing the correct binaries manually or by selecting the option to switch S3 binary build from the Firmware Update page of the Web Configurator.
+Note that there are also is a separate build of Nuki Hub available for the GL-S10 ESP32 which is needed to enable PSRAM on this device (BETA).
+
## Configuration
In a browser navigate to the IP address assigned to the ESP32.
@@ -225,8 +227,9 @@ In a browser navigate to the IP address assigned to the ESP32.
- RSSI Publish interval: Set to a positive integer to set the amount of seconds between updates to the maintenance/wifiRssi MQTT topic with the current Wi-Fi RSSI, set to -1 to disable, default 60.
- Restart on disconnect: Enable to restart the Nuki Hub when disconnected from the network.
- Check for Firmware Updates every 24h: Enable to allow the Nuki Hub to check the latest release of the Nuki Hub firmware on boot and every 24 hours. Requires the Nuki Hub to be able to connect to github.com. The latest version will be published to MQTT and will be visible on the main page of the Web Configurator.
-- HTTP SSL Certificate (PSRAM enabled devices only): Optionally set to the SSL certificate of the HTTPS server, see the "[HTTPS Server](#https-server-optional-psram-enabled-devices-only)" section of this README.
-- HTTP SSL Key (PSRAM enabled devices only): Optionally set to the SSL key of the HTTPS server, see the "[HTTPS Server](#https-server-optional-psram-enabled-devices-only)" section of this README.
+- Set HTTP SSL Certificate (PSRAM enabled devices only): Optionally set to the SSL certificate of the HTTPS server, see the "[HTTPS Server](#https-server-optional-psram-enabled-devices-only)" section of this README.
+- Set HTTP SSL Key (PSRAM enabled devices only): Optionally set to the SSL key of the HTTPS server, see the "[HTTPS Server](#https-server-optional-psram-enabled-devices-only)" section of this README.
+- Generate self-signed HTTP SSL Certificate and key: Optionally generate a self-signed SSL certificate and key for the HTTPS server, see the "[HTTPS Server](#https-server-optional-psram-enabled-devices-only)" section of this README.
- Nuki Hub FQDN for HTTP redirect (PSRAM enabled devices only): FQDN hostname of the Nuki Hub device used for redirecting from HTTP to HTTPS.
#### IP Address assignment
@@ -730,7 +733,9 @@ openssl req -new -key server.key -out server.csr -subj "/C=US/ST=YourState/L=You
## HTTPS Server (optional, PSRAM enabled devices only)
The Webconfigurator can use/force HTTPS on PSRAM enabled devices.
-To enable SSL encryption, supply the certificate and key in the Network configuration page and reboot Nuki Hub.
+To enable SSL encryption, supply the certificate and key in the Network configuration page.
+You can also let Nuki Hub generate a self-signed certificate by clicking "Generate" on the Network configuration page.
+Reboot Nuki Hub afterwards to enable to HTTPS server (and disable HTTP).
Example self-signed certificate creation for your HTTPS server:
```console
diff --git a/sdkconfig.defaults b/sdkconfig.defaults
index 6e3503f..752e1e1 100644
--- a/sdkconfig.defaults
+++ b/sdkconfig.defaults
@@ -4,6 +4,7 @@ CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y
CONFIG_ESPTOOLPY_HEADER_FLASHSIZE_UPDATE=y
CONFIG_SPIFFS_GC_MAX_RUNS=512
+CONFIG_FREERTOS_IDLE_TASK_STACKSIZE=3072
# ARDUINO
CONFIG_AUTOSTART_ARDUINO=y
@@ -33,6 +34,7 @@ CONFIG_LOG_COLORS=n
CONFIG_LOG_MAXIMUM_EQUALS_DEFAULT=n
CONFIG_LOG_MAXIMUM_LEVEL=4
CONFIG_ESP_COREDUMP_ENABLE_TO_FLASH=y
+CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK=y
# MBEDTLS
CONFIG_MBEDTLS_PSK_MODES=y
diff --git a/src/Config.h b/src/Config.h
index edbc838..3317061 100644
--- a/src/Config.h
+++ b/src/Config.h
@@ -5,7 +5,7 @@
#define NUKI_HUB_VERSION "9.09"
#define NUKI_HUB_VERSION_INT (uint32_t)909
#define NUKI_HUB_BUILD "unknownbuildnr"
-#define NUKI_HUB_DATE "2025-02-18"
+#define NUKI_HUB_DATE "2025-02-20"
#define GITHUB_LATEST_RELEASE_URL (char*)"https://github.com/technyon/nuki_hub/releases/latest"
#define GITHUB_OTA_MANIFEST_URL (char*)"https://raw.githubusercontent.com/technyon/nuki_hub/binary/ota/manifest.json"
diff --git a/src/WebCfgServer.cpp b/src/WebCfgServer.cpp
index ac05eb0..b4a0a45 100644
--- a/src/WebCfgServer.cpp
+++ b/src/WebCfgServer.cpp
@@ -133,7 +133,7 @@ bool WebCfgServer::isAuthenticated(PsychicRequest *request, int type)
esp_err_t WebCfgServer::logoutSession(PsychicRequest *request, PsychicResponse* resp)
{
- Log->print("Logging out");
+ Log->println("Logging out");
if (!_isSSL)
{
@@ -152,7 +152,7 @@ esp_err_t WebCfgServer::logoutSession(PsychicRequest *request, PsychicResponse*
}
else
{
- Log->print("No session cookie found");
+ Log->println("No session cookie found");
}
if (_duoEnabled)
@@ -173,7 +173,7 @@ esp_err_t WebCfgServer::logoutSession(PsychicRequest *request, PsychicResponse*
}
else
{
- Log->print("No duo session cookie found");
+ Log->println("No duo session cookie found");
}
}
@@ -195,7 +195,7 @@ esp_err_t WebCfgServer::logoutSession(PsychicRequest *request, PsychicResponse*
}
else
{
- Log->print("No totp session cookie found");
+ Log->println("No totp session cookie found");
}
}
@@ -360,7 +360,7 @@ int WebCfgServer::doAuthentication(PsychicRequest *request)
{
if (digitalRead(BOOT_BUTTON_GPIO) == LOW)
{
- Log->print("Duo bypassed because boot button pressed");
+ Log->println("Duo bypassed because boot button pressed");
return 4;
}
}
@@ -368,7 +368,7 @@ int WebCfgServer::doAuthentication(PsychicRequest *request)
{
if (digitalRead(_bypassGPIOHigh) == HIGH)
{
- Log->print("Duo bypassed because bypass GPIO pin pulled high");
+ Log->println("Duo bypassed because bypass GPIO pin pulled high");
return 4;
}
}
@@ -376,7 +376,7 @@ int WebCfgServer::doAuthentication(PsychicRequest *request)
{
if (digitalRead(_bypassGPIOLow) == LOW)
{
- Log->print("Duo bypassed because bypass GPIO pin pulled low");
+ Log->println("Duo bypassed because bypass GPIO pin pulled low");
return 4;
}
}
@@ -949,7 +949,7 @@ void WebCfgServer::initialize()
break;
}
- if(_preferences->getBool(preference_cred_duo_approval, false) && (_importExport->getTOTPEnabled() && _duoEnabled))
+ if(_preferences->getBool(preference_cred_duo_approval, false) && (_importExport->getTOTPEnabled() || _duoEnabled))
{
if(!_importExport->_sessionsOpts[request->client()->localIP().toString() + "approve"])
{
@@ -2213,7 +2213,7 @@ esp_err_t WebCfgServer::buildDuoHtml(PsychicRequest *request, PsychicResponse* r
response.beginSend();
response.print("");
response.print("");
- response.print((String)"