unifi-network-mcp 0.5.1__tar.gz → 0.5.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/PKG-INFO +5 -2
  2. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/README.md +4 -1
  3. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/_version.py +2 -2
  4. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/runtime.py +14 -2
  5. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/.gitignore +0 -0
  6. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/.well-known/mcp-server.json +0 -0
  7. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/LICENSE +0 -0
  8. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/pyproject.toml +0 -0
  9. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/bootstrap.py +0 -0
  10. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/config/config.yaml +0 -0
  11. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/jobs.py +0 -0
  12. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/main.py +0 -0
  13. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/client_manager.py +0 -0
  14. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/connection_manager.py +0 -0
  15. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/device_manager.py +0 -0
  16. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/event_manager.py +0 -0
  17. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/firewall_manager.py +0 -0
  18. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/hotspot_manager.py +0 -0
  19. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/network_manager.py +0 -0
  20. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/qos_manager.py +0 -0
  21. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/routing_manager.py +0 -0
  22. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/stats_manager.py +0 -0
  23. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/system_manager.py +0 -0
  24. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/traffic_route_manager.py +0 -0
  25. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/usergroup_manager.py +0 -0
  26. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/managers/vpn_manager.py +0 -0
  27. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/schemas.py +0 -0
  28. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tool_index.py +0 -0
  29. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/clients.py +0 -0
  30. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/config.py +0 -0
  31. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/devices.py +0 -0
  32. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/events.py +0 -0
  33. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/firewall.py +0 -0
  34. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/hotspot.py +0 -0
  35. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/network.py +0 -0
  36. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/port_forwards.py +0 -0
  37. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/qos.py +0 -0
  38. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/routing.py +0 -0
  39. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/stats.py +0 -0
  40. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/system.py +0 -0
  41. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/traffic_routes.py +0 -0
  42. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/usergroups.py +0 -0
  43. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools/vpn.py +0 -0
  44. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/tools_manifest.json +0 -0
  45. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/config_helpers.py +0 -0
  46. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/confirmation.py +0 -0
  47. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/diagnostics.py +0 -0
  48. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/lazy_tool_loader.py +0 -0
  49. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/meta_tools.py +0 -0
  50. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/permissions.py +0 -0
  51. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/utils/tool_loader.py +0 -0
  52. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/validator_registry.py +0 -0
  53. {unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/validators.py +0 -0
{unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: unifi-network-mcp
3
- Version: 0.5.1
3
+ Version: 0.5.2
4
4
  Summary: Unifi Network MCP Server
5
5
  License-File: LICENSE
6
6
  Requires-Python: >=3.13
@@ -541,6 +541,7 @@ The server merges settings from **environment variables**, an optional `.env` fi
541
541
  | `UNIFI_ENABLED_CATEGORIES` | Comma-separated list of tool categories to load (eager mode). See table below |
542
542
  | `UNIFI_ENABLED_TOOLS` | Comma-separated list of specific tool names to register (eager mode) |
543
543
  | `UNIFI_MCP_ALLOWED_HOSTS` | Comma-separated list of allowed hostnames for reverse proxy support. Required when running behind Nginx/Cloudflare/etc. Default `localhost,127.0.0.1` |
544
+ | `UNIFI_MCP_ENABLE_DNS_REBINDING_PROTECTION` | Enable/disable DNS rebinding protection. Set to `false` for Kubernetes/proxy deployments where `UNIFI_MCP_ALLOWED_HOSTS` is insufficient. Default `true` |
544
545
 
545
546
  ### Tool Categories (for UNIFI_ENABLED_CATEGORIES)
546
547
 
@@ -812,7 +813,9 @@ See [docs/permissions.md](docs/permissions.md) for complete documentation includ
812
813
  * **Review permissions carefully** before enabling high-risk operations. Use environment variables for runtime control.
813
814
  * Create, update, and delete tools should be used with caution and only enabled when necessary.
814
815
  * Do not host outside of your network unless using a secure reverse proxy like Cloudflare Tunnel or Ngrok. Even then, an additional layer of authentication is recommended.
815
- * **Reverse Proxy Configuration:** When running behind a reverse proxy, set `UNIFI_MCP_ALLOWED_HOSTS` to include your external domain (e.g., `localhost,127.0.0.1,unifi-mcp.example.com`) to bypass FastMCP's DNS rebinding protection.
816
+ * **Reverse Proxy Configuration:** When running behind a reverse proxy (Kubernetes ingress, Nginx, Cloudflare, etc.):
817
+ * First try: Set `UNIFI_MCP_ALLOWED_HOSTS` to include your external domain (e.g., `localhost,127.0.0.1,unifi-mcp.example.com`)
818
+ * If that's insufficient: Set `UNIFI_MCP_ENABLE_DNS_REBINDING_PROTECTION=false` to disable host validation entirely. Only use this in trusted network environments.
816
819
 
817
820
  ---
818
821
 
{unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/README.md RENAMED
@@ -525,6 +525,7 @@ The server merges settings from **environment variables**, an optional `.env` fi
525
525
  | `UNIFI_ENABLED_CATEGORIES` | Comma-separated list of tool categories to load (eager mode). See table below |
526
526
  | `UNIFI_ENABLED_TOOLS` | Comma-separated list of specific tool names to register (eager mode) |
527
527
  | `UNIFI_MCP_ALLOWED_HOSTS` | Comma-separated list of allowed hostnames for reverse proxy support. Required when running behind Nginx/Cloudflare/etc. Default `localhost,127.0.0.1` |
528
+ | `UNIFI_MCP_ENABLE_DNS_REBINDING_PROTECTION` | Enable/disable DNS rebinding protection. Set to `false` for Kubernetes/proxy deployments where `UNIFI_MCP_ALLOWED_HOSTS` is insufficient. Default `true` |
528
529
 
529
530
  ### Tool Categories (for UNIFI_ENABLED_CATEGORIES)
530
531
 
@@ -796,7 +797,9 @@ See [docs/permissions.md](docs/permissions.md) for complete documentation includ
796
797
  * **Review permissions carefully** before enabling high-risk operations. Use environment variables for runtime control.
797
798
  * Create, update, and delete tools should be used with caution and only enabled when necessary.
798
799
  * Do not host outside of your network unless using a secure reverse proxy like Cloudflare Tunnel or Ngrok. Even then, an additional layer of authentication is recommended.
799
- * **Reverse Proxy Configuration:** When running behind a reverse proxy, set `UNIFI_MCP_ALLOWED_HOSTS` to include your external domain (e.g., `localhost,127.0.0.1,unifi-mcp.example.com`) to bypass FastMCP's DNS rebinding protection.
800
+ * **Reverse Proxy Configuration:** When running behind a reverse proxy (Kubernetes ingress, Nginx, Cloudflare, etc.):
801
+ * First try: Set `UNIFI_MCP_ALLOWED_HOSTS` to include your external domain (e.g., `localhost,127.0.0.1,unifi-mcp.example.com`)
802
+ * If that's insufficient: Set `UNIFI_MCP_ENABLE_DNS_REBINDING_PROTECTION=false` to disable host validation entirely. Only use this in trusted network environments.
800
803
 
801
804
  ---
802
805
 
{unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/_version.py RENAMED
@@ -28,7 +28,7 @@ version_tuple: VERSION_TUPLE
28
28
  commit_id: COMMIT_ID
29
29
  __commit_id__: COMMIT_ID
30
30
 
31
- __version__ = version = '0.5.1'
32
- __version_tuple__ = version_tuple = (0, 5, 1)
31
+ __version__ = version = '0.5.2'
32
+ __version_tuple__ = version_tuple = (0, 5, 2)
33
33
 
34
34
  __commit_id__ = commit_id = None
{unifi_network_mcp-0.5.1 → unifi_network_mcp-0.5.2}/src/runtime.py RENAMED
@@ -80,10 +80,22 @@ def get_server() -> FastMCP:
80
80
  allowed_hosts_str = os.getenv("UNIFI_MCP_ALLOWED_HOSTS", "localhost,127.0.0.1")
81
81
  allowed_hosts = [h.strip() for h in allowed_hosts_str.split(",") if h.strip()]
82
82
 
83
+ # Allow disabling DNS rebinding protection entirely (default: enabled)
84
+ # Set to "false" for Kubernetes/proxy deployments where allowed_hosts is insufficient
85
+ enable_dns_rebinding = (
86
+ os.getenv("UNIFI_MCP_ENABLE_DNS_REBINDING_PROTECTION", "true").lower() == "true"
87
+ )
88
+
83
89
  # Configure transport security settings
84
- transport_security = TransportSecuritySettings(allowed_hosts=allowed_hosts)
90
+ transport_security = TransportSecuritySettings(
91
+ allowed_hosts=allowed_hosts,
92
+ enable_dns_rebinding_protection=enable_dns_rebinding,
93
+ )
85
94
 
86
- logger.debug(f"Configuring FastMCP with allowed_hosts: {allowed_hosts}")
95
+ logger.debug(
96
+ f"Configuring FastMCP with allowed_hosts: {allowed_hosts}, "
97
+ f"dns_rebinding_protection: {enable_dns_rebinding}"
98
+ )
87
99
 
88
100
  server = FastMCP(
89
101
  name="unifi-network-mcp",