Upcoming moOde 8.3.8 release (Q1 2024)

[Tim Curtis]

Here are the WIP release notes for upcoming moOde 8.3.8 Bullseye release (Q1 2024).

Still in testing but planned for the release are :
- The fantastic CamillaDSP 2.0 (integration compliments of @bitlab) 
- A bump to MPD 0.23.15

Code:

################################################################################
#
# 2024-MM-DD moOde 8.3.8 (Bullseye)
#
################################################################################

Security

- NEW: Option for secure HTTPS mode (Experimental)

Updates

- UPD: Add HTTP proxy option to MPD Config
- UPD: Add disc and track to logic for showing now-playing icon in track list
- UPD: Add SBC quality mode option to Bluetooth Control
- UPD: Improve help text System Config, Preferences and Quick help

Bug fixes

- FIX: getEncodedAt() bits assignment for lossy
- FIX: Incorrect index used when switching to Radio view via station click
- FIX: Move Queue item range to end of Queue not working
- FIX: CoverView Automatic display not activating
- FIX: Popup on-screen keyboard not activating
- FIX: Audioinfo not showing correct info for multiroom receiver
- FIX: Browser title not being updated when importing host name

[Tim Curtis]

Here are the latest draft release notes.

Summary:

- CamillaDSP 2.0.1 integrated
- CamillaDSP Config option to update to version 2 sample configurations
- Bump to Squeezelite 1.9.9
- Squeezelite support for CamillaDSP by default (no need to set -o _audioout)
- Multiroom sender supports Bluetooth inbound
- Bluetooth option to set SBC quality mode
- Fine grained support for Album/Date sort in Library Tag and Album view
- New REST API (documented in Setup Guide)
- Important bug fixes

There is also an experimental HTTPS option that enables the WebUI to communicate securely with NGINX web server on the Raspberry Pi. It does this by configuring NGINX with a self-signed security certificate. A manual process is then performed to install the self-signed cert into the client desktop (Win/Mac/Linux) OS certificate store. Note that processes for installing the cert into mobile (IOS/Android) cert stores have not been developed yet.

-Tim

Code:

################################################################################
#
# 2024-MM-DD moOde 8.3.8 (Bullseye)
#
################################################################################

Security

- NEW: Option for secure HTTPS mode (Experimental)

Updates

- UPD: Bump to CamillaDSP 2.0.1
- UPD: Bump to mpd2cdspvolsync 1.0.0
- UPD: Bump to squeezelite_1.9.9-1449+git20230814.8581aba-1
- UPD: Add HTTP proxy option to MPD Config
- UPD: Add disc and track to logic for showing now-playing icon in track list
- UPD: Add SBC quality mode option to Bluetooth Control
- UPD: Add mixer name 'A.Mstr Vol' for MERUS(tm) Amp piHAT ZW
- UPD: Update Bluetooth to support Multiroom audio
- UPD: Update Squeezelite to use ALSA _audioout device (support CamillaDSP)
- UPD: Update CDSP Config with new option to Update to latest sample configs
- UPD: Improve help text on the Configs, Preferences and Quick help
- UPD: Improve Audioinfo line height so a bit more info shows on screen
- UPD: Allow for month (YYYYMM) in Date tag to improve Album/Year sort
- UPD: Allow for "AlbumDate: YYYYMM" in Comment tag to improve Album/Year sort
- UPD: Allow @ (at sign) in manually entered SSID in Network Config
- UPD: Display actual station format instead of VBR (Variable Bit Rate)
- UPD: Display month name in Audio info if Date tag contains YYYYMM
- UPD: Trim leading zero from track number in Tag/Album views (for CUE)
- UPD: Refactor REST API commands (refer to Setup Guide for info)

Bug fixes

- FIX: getEncodedAt() bits assignment for lossy
- FIX: Incorrect index used when switching to Radio view via station click
- FIX: Move Queue item range to end of Queue not working
- FIX: CoverView Automatic display not activating
- FIX: Popup on-screen keyboard not activating
- FIX: Audioinfo not showing correct info for Multiroom receiver
- FIX: Audioinfo not showing correct Audio chain for Squeezelite renderer
- FIX: Browser title not being updated when importing host name
- FIX: Volume not restored correctly when Spotify Connect and CamillaDSP volume
- FIX: Import WiFi country code from Pi Imager not working
- FIX: Chromium fails to start after host name change

[romain]

There is also an experimental HTTPS option that enables the WebUI to communicate securely with NGINX web server on the Raspberry Pi. It does this by configuring NGINX with a self-signed security certificate. A manual process is then performed to install the self-signed cert into the client desktop (Win/Mac/Linux) OS certificate store. Note that processes for installing the cert into mobile (IOS/Android) cert stores have not been developed yet.

Is it necessary to add HTTPS (and IPv6) to moOde ? I don't get the point of introducing such layers of complexity for an application whose usage is local only.

[the_bertrum]

There is also an experimental HTTPS option that enables the WebUI to communicate securely with NGINX web server on the Raspberry Pi. It does this by configuring NGINX with a self-signed security certificate. A manual process is then performed to install the self-signed cert into the client desktop (Win/Mac/Linux) OS certificate store. Note that processes for installing the cert into mobile (IOS/Android) cert stores have not been developed yet.

Is it necessary to add HTTPS (and IPv6) to moOde ? I don't get the point of introducing such layers of complexity for an application whose usage is local only.

There are a number of users who have their moOde players out-and-about in cars and such and browsers are increasingly offering https only modes and dire warnings to users about "insecure" connections.  For these reasons alone it's probably a good thing to offer.

Also, the default position for security in networks these days is to secure both the perimeter and all the internal communications so that if someone breaches your perimeter, they are still slowed by the internal security (at least that's how we roll where I work).

[Tim Curtis]

There is also an experimental HTTPS option that enables the WebUI to communicate securely with NGINX web server on the Raspberry Pi. It does this by configuring NGINX with a self-signed security certificate. A manual process is then performed to install the self-signed cert into the client desktop (Win/Mac/Linux) OS certificate store. Note that processes for installing the cert into mobile (IOS/Android) cert stores have not been developed yet.

Is it necessary to add HTTPS (and IPv6) to moOde ? I don't get the point of introducing such layers of complexity for an application whose usage is local only.

Yes it is necessary because it should be expected that at some point Browsers will only accept HTTPS. The reason it's not this way already is because easy certificate trust for Local network hosts has not been solved as it has for Internet hosts.

Also, as @the_bertrum mentioned there are important usage scenarios where moOde is used outside of a residential local network.

Getting HTTPS support started in moOde is a big benefit and as it gets tested and improved we will eventually end up with a more secure player.