diff --git a/README.md b/README.md index 410959d..b552783 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,9 @@ # hassio-addons Docker addons for HassIO -[HassIO](https://github.com/pvizeli/hassio) -[HassIO-Build](https://github.com/pvizeli/hassio-build) +All PRs need to be `build` branch! + +[HassIO](https://github.com/pvizeli/hassio) | [HassIO-Build](https://github.com/pvizeli/hassio-build) ## Addon folder @@ -55,4 +56,4 @@ If you want to set a value to requered and need to be set from user before it st Default you can use `fullchain.pem` and `privkey.pem` from `/ssl` for you stuff. Your SSL addon should also create default this files. ## Addon need to known -`/data` is a volume with a persistant store. `/data/options.json` have the user config inside. You can use `jq` inside shell script to parse this data. A other nice tool for write plugin is [Supervisor](http://supervisord.org/). +`/data` is a volume with a persistant store. `/data/options.json` have the user config inside. You can use `jq` inside shell script to parse this data. diff --git a/mosquitto/README.md b/mosquitto/README.md index 410c0b5..da40de2 100644 --- a/mosquitto/README.md +++ b/mosquitto/README.md @@ -3,10 +3,7 @@ MQTT broker for HomeAssistant and HassIO addons. ## Options -- `plain`: -- `ssl`: -- `ssl`: -- `anonymous`: -- `logins`: -- `certfile`: -- `keyfile`: +- `plain`: For connection with 1883 (without SSL/TLS) +- `ssl`: For connection with 8883 (with SSL/TLS) +- `anonymous`: For anonymous authentication +- `logins`: A list of login data `{"username": "", "password": ""}` diff --git a/ssh/Dockerfile b/ssh/Dockerfile new file mode 100644 index 0000000..19b46c9 --- /dev/null +++ b/ssh/Dockerfile @@ -0,0 +1,15 @@ +FROM %%BASE_IMAGE%% + +# Add version +ENV VERSION %%VERSION%% +ENV LANG C.UTF-8 + +# Setup base +RUN apk add --no-cache jq openssh vim + +# Copy data +COPY run.sh / + +RUN chmod a+x /run.sh + +CMD [ "/run.sh" ] diff --git a/ssh/README.md b/ssh/README.md new file mode 100644 index 0000000..ecf7fba --- /dev/null +++ b/ssh/README.md @@ -0,0 +1,9 @@ +# SSH server +Provide a openssh server. You can access to: +- /config: HomeAssistant config +- /addons: Custom addon folder +- /ssl: Store ssh key files for HassIO + +## Options + +- `authorized_keys`: A array that ever element is a authorized key diff --git a/ssh/config.json b/ssh/config.json new file mode 100644 index 0000000..083d755 --- /dev/null +++ b/ssh/config.json @@ -0,0 +1,18 @@ +{ + "name": "SSH server", + "version": "0.1", + "slug": "ssh", + "description": "OpenSSH is the premier connectivity tool for remote login with the SSH protocol.", + "startup": "before", + "boot": "auto", + "ports": { + "22/tcp": 22 + }, + "map": ["config", "ssl", "addons"], + "options": { + "authorized_keys": [null] + }, + "schema": { + "authorized_keys": ["str"] + } +} diff --git a/ssh/run.sh b/ssh/run.sh new file mode 100644 index 0000000..80ae62b --- /dev/null +++ b/ssh/run.sh @@ -0,0 +1,29 @@ +#!/bin/bash +set -e + +CONFIG_PATH=/data/options.json +KEYS_PATH=/data/host_keys + +AUTHORIZED_KEYS=$(jq --raw-output ".authorized_keys[]" $CONFIG_PATH) + +# Init defaults config +sed -i s/#PermitRootLogin.*/PermitRootLogin\ yes/ /etc/ssh/sshd_config + +# Generate authorized_keys file +mkdir -p ~/.ssh +for line in $AUTHORIZED_KEYS; do + echo "$line" >> ~/.ssh/authorized_keys +done +chmod 600 ~/.ssh/authorized_keys + +# Generate host keys +if [ ! -d "$KEYS_PATH" ]; then + mkdir -p "$KEYS_PATH" + ssh-keygen -A + cp -fp /etc/ssh/ssh_host* "$KEYS_PATH/" +else + cp -fp "$KEYS_PATH/*" /etc/ssh/ +fi + +# start server +exec sshd -D -f /etc/sshd_config < /dev/null