Skip to content

adrighem/PyPluginStore

BranchesTags
 
 

Repository files navigation

PyPluginStore for Domoticz (PyPluginStore)

A robust and modern plugin manager for Domoticz that allows you to install and automatically update other Python plugins directly from GitHub.

Note: This plugin runs exclusively on Linux Systems (including Raspberry Pi).

Plugin Store

A Fork for the Future: This repository is a modernized fork of the original ycahome/pp-manager. It was created to clean up the codebase, ensure full compatibility with modern Python versions (including Python 3.13 and up), and introduce significantly advanced security and dependency management features.

🚀 Key Features

  • Custom Plugin Store UI: A clean, modern web interface accessible via the Domoticz Custom menu.
  • Search & Filter: Easily find plugins in the curated registry with type-ahead search and "Installed" toggles.
  • Install/Remove/Update: Manage your entire Python plugin ecosystem with a single click—no manual folder management required.
  • Auto Updates: Automatically checks and pulls updates for installed plugins.
  • Flexible Dependency Management: Supports automatic dependency installation using uv (recommended) or pip. Also allows for manual sysadmin-managed dependencies.
  • PEP 668 Compliant: When using uv or pip, dependencies are safely installed into a local .shared_deps isolated folder without requiring sudo or global pip access.
  • Update Notifications: Opt-in to receive email/system notifications when a plugin update is available.
  • Decoupled Registry: Uses registry.json dynamically fetched from GitHub, so you don't need to constantly update the manager just to see new plugins in your list.

🛡️ Advanced Security Scanning

This fork introduces a vastly improved Abstract Syntax Tree (AST) based security scanner to protect your Domoticz instance from malicious plugins:

  • Deep Execution Detection: Detects calls to dangerous functions like os.system, subprocess (specifically shell=True), eval, exec, and pickle.
  • Smart IP Filtering: Automatically ignores private, loopback, and broadcast IP addresses, as well as version numbers in User Agents, to reduce false positives.
  • Developer Overrides: Supports # security-ignore or # nosec comments to manually silence known-safe code findings.
  • Destructive Operation Blocking: Flags destructive file operations such as shutil.rmtree or os.remove.
  • AST Bomb & DoS Protection: Implements hard file size limits (5MB) and recursive parsing exception handling to prevent malicious files from crashing your plugin manager.

🛠 Prerequisites

  1. Git: Required to clone and update repositories. (sudo apt install git)
  2. uv (Recommended): For fast and safe Python dependency resolution. (curl -LsSf https://astral.sh/uv/install.sh | sh)
  3. pip/pip3 (Optional): Fallback if uv is not installed.

📥 Installation

Navigate to your Domoticz plugins folder and clone this repository as 00-PyPluginStore.

cd domoticz/plugins
git clone https://github.com/adrighem/PyPluginStore.git 00-PyPluginStore

Why 00-PyPluginStore?

Domoticz loads Python plugins alphabetically by folder name. Prefixing with 00- ensures that the manager loads first. This enables PyPluginStore to set up the shared dependency environment (.shared_deps) so other plugins can load their required libraries immediately on startup.

After cloning, restart your Domoticz service:

sudo systemctl restart domoticz.service

⚙️ Configuration & Usage

Once installed and Domoticz is restarted:

  1. Go to Setup -> Hardware and add the PyPluginStore hardware.
  2. Navigate to Custom -> Plugin Manager in the top menu to open the Plugin Store dashboard.

Settings (Hardware Page)

  • Auto Update:
    • All: Continuously updates all installed plugins.
    • All (NotifyOnly): Checks all plugins for updates and notifies you.
    • None: Disables auto-updating.
  • Debug: Set to True for detailed logging.

📦 Manual Dependency Management

If you prefer to manage dependencies manually or are on a system where automatic installation is restricted, you can install the required libraries for your plugins manually.

PyPluginStore looks for shared dependencies in its own .shared_deps directory and adds it to sys.path.

To install dependencies for a specific plugin manually:

  1. Check the requirements.txt file in the plugin's folder.
  2. Install them into the 00-PyPluginStore/.shared_deps folder: 
    pip install -r /path/to/plugin/requirements.txt --target /path/to/domoticz/plugins/00-PyPluginStore/.shared_deps

📚 For Plugin Developers (Adding to the Registry)

To add your plugin to the manager, simply submit a Pull Request to update registry.json in this repository.

When a Pull Request modifying registry.json is merged, a GitHub Action automatically updates the registry metadata including the latest repository push timestamps.

⚠️ Security Warning

Auto-updating plugins without manually reviewing the code changes exposes your system to whatever the developer pushes. By using auto-update, you trust the developers of your installed plugins.

💬 Discussion & Support

Join the conversation on the official Domoticz forums: https://forum.domoticz.com/viewtopic.php?t=22339

About

A robust and modern Python Plugin Store (Manager) for Domoticz.

Resources

Readme

License

GPL-3.0 license

Contributing

Contributing
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 6

v2.3.0 Latest
May 12, 2026
+ 5 releases

Packages

 
 
 

Contributors

Languages

  • Python 88.1%
  • HTML 11.9%