From c853fcef653a36224e5752cad98058628b9a47d6 Mon Sep 17 00:00:00 2001 From: Pascal Vizeli Date: Sun, 1 Mar 2020 13:08:12 +0100 Subject: [PATCH] Add support for new audo layer (#1153) * Add support for new audo layer * Add layer * restucture * better struct * Improve devcontainer * Fix container * Fix LN * disable lint * ignore --- .devcontainer/Dockerfile | 31 +++-- .devcontainer/devcontainer.json | 6 +- .shellcheckrc | 1 + .vscode/tasks.json | 6 +- ada/CHANGELOG.md | 26 ++-- ada/Dockerfile | 5 +- ada/config.json | 5 +- ada/data/run.sh | 6 - ada/rootfs/etc/services.d/ada/finish | 8 ++ ada/rootfs/etc/services.d/ada/run | 8 ++ azure-pipelines.yml | 3 +- ssh/CHANGELOG.md | 61 +++++----- ssh/Dockerfile | 11 +- ssh/config.json | 4 +- ssh/data/run.sh | 114 ------------------ ssh/rootfs/etc/cont-init.d/keygen.sh | 16 +++ ssh/rootfs/etc/cont-init.d/profile.sh | 40 ++++++ ssh/rootfs/etc/cont-init.d/ssh.sh | 31 +++++ ssh/rootfs/etc/fix-attrs.d/cli | 2 + ssh/rootfs/etc/fix-attrs.d/profile | 2 + ssh/rootfs/etc/fix-attrs.d/ssh | 3 + ssh/{data => rootfs/etc}/motd | 0 .../etc/profile.d}/homeassistant.sh | 0 ssh/rootfs/etc/services.d/sshd/finish | 8 ++ ssh/rootfs/etc/services.d/sshd/run | 12 ++ ssh/rootfs/etc/services.d/ttyd/finish | 8 ++ ssh/rootfs/etc/services.d/ttyd/run | 8 ++ ssh/{data => rootfs/etc/ssh}/sshd_config | 0 ssh/{data => rootfs/root}/.tmux.conf | 0 ssh/{data => rootfs/usr/bin}/hassio | 0 30 files changed, 238 insertions(+), 187 deletions(-) create mode 100644 .shellcheckrc delete mode 100755 ada/data/run.sh create mode 100644 ada/rootfs/etc/services.d/ada/finish create mode 100644 ada/rootfs/etc/services.d/ada/run delete mode 100755 ssh/data/run.sh create mode 100644 ssh/rootfs/etc/cont-init.d/keygen.sh create mode 100644 ssh/rootfs/etc/cont-init.d/profile.sh create mode 100644 ssh/rootfs/etc/cont-init.d/ssh.sh create mode 100644 ssh/rootfs/etc/fix-attrs.d/cli create mode 100644 ssh/rootfs/etc/fix-attrs.d/profile create mode 100644 ssh/rootfs/etc/fix-attrs.d/ssh rename ssh/{data => rootfs/etc}/motd (100%) rename ssh/{data => rootfs/etc/profile.d}/homeassistant.sh (100%) create mode 100644 ssh/rootfs/etc/services.d/sshd/finish create mode 100644 ssh/rootfs/etc/services.d/sshd/run create mode 100644 ssh/rootfs/etc/services.d/ttyd/finish create mode 100644 ssh/rootfs/etc/services.d/ttyd/run rename ssh/{data => rootfs/etc/ssh}/sshd_config (100%) rename ssh/{data => rootfs/root}/.tmux.conf (100%) rename ssh/{data => rootfs/usr/bin}/hassio (100%) mode change 100755 => 100644 diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 76fab8b..ce5810b 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM debian WORKDIR /workspaces @@ -15,19 +15,30 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ apt-transport-https \ ca-certificates \ curl \ - dbus \ software-properties-common \ - gpg-agent \ - git \ - jq \ - sudo \ - && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - \ - && add-apt-repository "deb https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \ + gnupg \ + && curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add - \ + && add-apt-repository "deb https://download.docker.com/linux/debian $(lsb_release -cs) stable" \ && apt-get update && apt-get install -y --no-install-recommends \ docker-ce \ docker-ce-cli \ - containerd.io -# This is a development container. Don't bother to clean up apt cache, this way we have it handy later + containerd.io \ + && rm -rf /var/lib/apt/lists/* + +# Install tools +ARG SHELLCHECK_VERSION=0.7.0 +RUN apt-get update && apt-get install -y --no-install-recommends \ + jq \ + dbus \ + network-manager \ + libpulse0 \ + git \ + tar \ + && rm -rf /var/lib/apt/lists/* \ + \ + && curl -SL "https://storage.googleapis.com/shellcheck/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" | tar xzf - \ + && cp "shellcheck-v${SHELLCHECK_VERSION}/shellcheck" /usr/bin/ \ + && rm -rf shellcheck-v${SHELLCHECK_VERSION} # Generate a machine-id for this container RUN rm /etc/machine-id && dbus-uuidgen --ensure=/etc/machine-id diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 11bac89..698c351 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,6 +1,6 @@ // Based on https://github.com/issacg/hassio-addon-devcontainer { - "name": "Hass.io Community Add-Ons", + "name": "Home Assistant Add-Ons", "context": "..", "dockerFile": "Dockerfile", "appPort": "7123:8123", @@ -9,6 +9,10 @@ "GIT_EDITOR=code --wait", "--privileged" ], + "extensions": [ + "timonwong.shellcheck", + "esbenp.prettier-vscode" + ], "settings": { "terminal.integrated.shell.linux": "/bin/bash" }, diff --git a/.shellcheckrc b/.shellcheckrc new file mode 100644 index 0000000..eb84868 --- /dev/null +++ b/.shellcheckrc @@ -0,0 +1 @@ +disable=SC1008 \ No newline at end of file diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 9a2b2b2..ef9c70b 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -4,7 +4,7 @@ "version": "2.0.0", "tasks": [ { - "label": "Start Hass.io", + "label": "Start Home Assistant", "type": "shell", "command": "/workspaces/test_hassio/addons/local/.devcontainer/start_hassio.sh", "group": { @@ -17,7 +17,7 @@ }, "problemMatcher": [] },{ - "label": "Cleanup stale Hass.io environment", + "label": "Cleanup stale Home Assistant environment", "type": "shell", "command": "/workspaces/test_hassio/addons/local/.devcontainer/start_hassio.sh --cleanup", "group": "test", @@ -27,7 +27,7 @@ }, "problemMatcher": [] },{ - "label": "Run Hass.io CLI", + "label": "Run Home Assistant CLI", "type": "shell", "command": "docker run --rm -ti -v /etc/machine-id:/etc/machine-id --network=hassio --add-host hassio:172.30.32.2 homeassistant/amd64-hassio-cli:dev", "group": "test", diff --git a/ada/CHANGELOG.md b/ada/CHANGELOG.md index b970a70..bb4c2d8 100644 --- a/ada/CHANGELOG.md +++ b/ada/CHANGELOG.md @@ -1,45 +1,51 @@ # Changelog -## 1.0 +## 1.1.0 + +- Renaming Home Assistant +- Convert to s6-overlay +- Support new audio backend + +## 1.0.0 - Support aarch64 in armv7 combat mode -## 0.9 +## 0.9.0 - Corrected link to documentation inside the add-on - Adjust source links in Dockerfile - Update add-on documentation to match current state -## 0.8 +## 0.8.0 - Fix API url for access to Home Assistant -## 0.7 +## 0.7.0 - Add missing options -## 0.6 +## 0.6.0 - Update Ada to 0.7 - Add options to change TTS / STT Home Assistant provider -## 0.5 +## 0.5.0 - Update Ada to 0.6 -## 0.4 +## 0.4.0 - Update Ada to 0.5 -## 0.3 +## 0.3.0 - Update Ada to 0.4 -## 0.2 +## 0.2.0 - Update Ada to 0.3 - Add armhf support -## 0.1 +## 0.1.0 - Initial support diff --git a/ada/Dockerfile b/ada/Dockerfile index 12d9d4f..3ba5af0 100644 --- a/ada/Dockerfile +++ b/ada/Dockerfile @@ -8,6 +8,7 @@ ARG ADA_VERSION RUN apt-get update \ && apt-get install -y --no-install-recommends \ portaudio19-dev \ + libasound2-plugins \ libsndfile1 \ mplayer \ libffi-dev \ @@ -32,6 +33,4 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* WORKDIR / -COPY data/run.sh / - -CMD ["/run.sh"] +COPY rootfs / diff --git a/ada/config.json b/ada/config.json index f729684..6fe1b4d 100644 --- a/ada/config.json +++ b/ada/config.json @@ -1,14 +1,15 @@ { "name": "Hey Ada!", - "version": "1.0", + "version": "1.1.0", "slug": "ada", "description": "Voice assistant powered by Home Assistant", "url": "https://github.com/home-assistant/hassio-addons/blob/master/ada", "arch": ["armhf", "armv7", "amd64"], + "init": false, "startup": "application", "boot": "auto", "audio": true, - "homeassistant": "0.102.0.dev", + "homeassistant": "0.102.0", "homeassistant_api": true, "options": { "stt": "cloud", diff --git a/ada/data/run.sh b/ada/data/run.sh deleted file mode 100755 index 707c137..0000000 --- a/ada/data/run.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bashio - -STT=$(bashio::config 'stt') -TTS=$(bashio::config 'tts') - -exec python3 -m ada --url "http://hassio/homeassistant/api" --key "$HASSIO_TOKEN" --stt "$STT" --tts "$TTS" diff --git a/ada/rootfs/etc/services.d/ada/finish b/ada/rootfs/etc/services.d/ada/finish new file mode 100644 index 0000000..48df08c --- /dev/null +++ b/ada/rootfs/etc/services.d/ada/finish @@ -0,0 +1,8 @@ +#!/usr/bin/execlineb -S0 +# ============================================================================== +# Take down the S6 supervision tree when Ada fails +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services \ No newline at end of file diff --git a/ada/rootfs/etc/services.d/ada/run b/ada/rootfs/etc/services.d/ada/run new file mode 100644 index 0000000..9e5bf83 --- /dev/null +++ b/ada/rootfs/etc/services.d/ada/run @@ -0,0 +1,8 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Start Ada service +# ============================================================================== +STT=$(bashio::config 'stt') +TTS=$(bashio::config 'tts') + +exec python3 -m ada --url "http://supervisor/core/api" --key "$SUPERVISOR_TOKEN" --stt "$STT" --tts "$TTS" \ No newline at end of file diff --git a/azure-pipelines.yml b/azure-pipelines.yml index f6bd366..74b52b6 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -39,7 +39,8 @@ jobs: - script: | shopt -s globstar sudo docker run --rm -i \ - -v $(pwd):/mnt:ro koalaman/shellcheck:$(versionShellCheck) **/*.sh + -v $(pwd):/mnt:ro -e SHELLCHECK_OPTS="-e SC1008" \ + koalaman/shellcheck:$(versionShellCheck) **/*.sh displayName: "Run ShellCheck" - job: "JQ" diff --git a/ssh/CHANGELOG.md b/ssh/CHANGELOG.md index e292dbf..bcd4e91 100644 --- a/ssh/CHANGELOG.md +++ b/ssh/CHANGELOG.md @@ -1,31 +1,36 @@ # Changelog -## 8.4 +## 8.5.0 + +- Add support for PulseAudio with new Audio backend +- Migrate to s6-overlay + +## 8.4.0 - Support to use only web terminal without SSH server **ATTENTION:** If you want access with SSH, you need maybe add the Port setting option back. -## 8.3 +## 8.3.0 - Update Home Assistant CLI to 4.0.1 - Add backward compatibility with the hassio command - Update Web terminal to ttyd 1.6.0 with Libwebsockets 3.2.2 - Rename HASSIO_TOKEN to SUPERVISOR_TOKEN in shell profile -## 8.2 +## 8.2.0 - Fix creation of new tmux terminal windows - Add add-on icon - Update welcome logo - Fix SSH folder issue with authorized keys -## 8.1 +## 8.1.0 - Fix for non existing .bash_profile startup error - Add current, short, path to command line prompt -## 8.0 +## 8.0.0 - Add support for a web-based terminal via Ingress - Upgrade Alpine Linux to 3.11 @@ -33,100 +38,100 @@ - Persist .ssh folder across restarts - Add helper symlink folders to user home folder -## 7.1 +## 7.1.0 - Update Hass.io CLI to 3.1.1 -## 7.0 +## 7.0.0 - Added bash_profile as a persistent file -## 6.4 +## 6.4.0 - Changed logging from DEBUG -> INFO -## 6.3 +## 6.3.0 - Update Hass.io CLI to 3.1.0 -## 6.2 +## 6.2.0 - Update Hass.io CLI to 3.0.0 -## 6.1 +## 6.1.0 - Update Hass.io CLI to 2.3.0 -## 6.0 +## 6.0.0 - Update and pin base image to Alpine 3.10 -## 5.6 +## 5.6.0 - Fixes crash when using authorized keys -## 5.5 +## 5.5.0 - Rewrite add-on onto Bashio - Added documentation to add-on repository - Code styling improvements -## 5.4 +## 5.4.0 - Update Hass.io CLI to 2.2.0 -## 5.3 +## 5.3.0 - Fix: User root not allowed because account is locked -## 5.2 +## 5.2.0 - Update Hass.io CLI to 2.1.0 -## 5.1 +## 5.1.0 - Map all serial devices into container for manual adjustments -## 5.0 +## 5.0.0 - Update Hass.io CLI to 2.0.1, include bash completion -## 4.0 +## 4.0.0 - Update Hass.io CLI to 1.4.0 - Add new API role profile - Update OpenSSH to 7.7 -## 3.7 +## 3.7.0 - Add YAML highlighting for nano -## 3.6 +## 3.6.0 - Update Hass.io CLI to 1.3.1 -## 3.5 +## 3.5.0 - Update Hass.io CLI to 1.3.0 -## 3.4 +## 3.4.0 - Update Hass.io CLI to 1.2.1 -## 3.3 +## 3.3.0 - Update Hass.io CLI to 1.1.2 -## 3.2 +## 3.2.0 - Downgrade Hass.io CLI to 1.0.1 -## 3.1 +## 3.1.0 - Update Hass.io CLI to 1.1.1 - Change internal token handling for Hass.io API -## 3.0 +## 3.0.0 - Use new base images - Add hassio-cli version 1.0 diff --git a/ssh/Dockerfile b/ssh/Dockerfile index 85ce623..03c91f4 100644 --- a/ssh/Dockerfile +++ b/ssh/Dockerfile @@ -16,6 +16,8 @@ RUN \ \ && apk add --no-cache \ bash-completion \ + pulseaudio-utils \ + alsa-plugins-pulse \ git \ libuv \ mosquitto-clients \ @@ -77,11 +79,4 @@ RUN curl -Lso /usr/bin/ha \ && /usr/bin/ha completion > /usr/share/bash-completion/completions/ha # Copy data -COPY data/.tmux.conf /root/ -COPY data/hassio /usr/bin/ -COPY data/homeassistant.sh /etc/profile.d/ -COPY data/motd /etc/ -COPY data/run.sh / -COPY data/sshd_config /etc/ssh/ - -CMD [ "/run.sh" ] +COPY rootfs / diff --git a/ssh/config.json b/ssh/config.json index 59245fb..0d6ec38 100644 --- a/ssh/config.json +++ b/ssh/config.json @@ -1,10 +1,11 @@ { "name": "Terminal & SSH", - "version": "8.4", + "version": "8.5.0", "slug": "ssh", "description": "Allow logging in remotely to Home Assistant using SSH", "url": "https://github.com/home-assistant/hassio-addons/tree/master/ssh", "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"], + "init": false, "advanced": true, "startup": "services", "ingress": true, @@ -13,6 +14,7 @@ "boot": "auto", "hassio_api": true, "hassio_role": "manager", + "audio": true, "auto_uart": true, "ports": { "22/tcp": null diff --git a/ssh/data/run.sh b/ssh/data/run.sh deleted file mode 100755 index fb53d48..0000000 --- a/ssh/data/run.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/usr/bin/env bashio -set -e - -KEYS_PATH=/data/host_keys - -WAIT_PIDS=() - -bashio::log.info "Initializing add-on for use..." -USE_SSHD=true -if bashio::config.has_value 'authorized_keys'; then - bashio::log.info "Setup authorized_keys" - - mkdir -p /data/.ssh - chmod 700 /data/.ssh - rm -f /data/.ssh/authorized_keys - while read -r line; do - echo "$line" >> /data/.ssh/authorized_keys - done <<< "$(bashio::config 'authorized_keys')" - - chmod 600 /data/.ssh/authorized_keys - sed -i s/#PasswordAuthentication.*/PasswordAuthentication\ no/ /etc/ssh/sshd_config - - # Unlock account - PASSWORD="$(pwgen -s 64 1)" - echo "root:${PASSWORD}" | chpasswd 2&> /dev/null -elif bashio::config.has_value 'password'; then - bashio::log.info "Setup password login" - - PASSWORD=$(bashio::config 'password') - echo "root:${PASSWORD}" | chpasswd 2&> /dev/null - - sed -i s/#PasswordAuthentication.*/PasswordAuthentication\ yes/ /etc/ssh/sshd_config - sed -i s/#PermitEmptyPasswords.*/PermitEmptyPasswords\ no/ /etc/ssh/sshd_config -elif bashio::var.has_value "$(bashio::addon.port 22)"; then - bashio::exit.nok "You need to setup a login!" -else - USE_SSHD=false - bashio::log.info "Disable SSH remote access because of missing login credential!" -fi - -# Generate host keys -if ! bashio::fs.directory_exists "${KEYS_PATH}"; then - bashio::log.info "Generating host keys..." - - mkdir -p "${KEYS_PATH}" - ssh-keygen -A || bashio::exit.nok "Failed to create host keys!" - cp -fp /etc/ssh/ssh_host* "${KEYS_PATH}/" -else - bashio::log.info "Restoring host keys..." - cp -fp "${KEYS_PATH}"/* /etc/ssh/ -fi - -# Persist shell history by redirecting .bash_history to /data -touch /data/.bash_history -chmod 600 /data/.bash_history -ln -s -f /data/.bash_history /root/.bash_history - -# Make Home Assistant TOKEN available on the CLI -echo "export SUPERVISOR_TOKEN=${SUPERVISOR_TOKEN}" >> /etc/profile.d/homeassistant.sh - -# Remove old HASSIO_TOKEN from bash profile (if exists) -if bashio::fs.file_exists /data/.bash_profile; then - sed -i "/export HASSIO_TOKEN=.*/d" /data/.bash_profile -fi - -# Persist .bash_profile by redirecting .bash_profile to /data -touch /data/.bash_profile -chmod 600 /data/.bash_profile -ln -s -f /data/.bash_profile /root/.bash_profile - -# Links some common directories to the user's home folder for convenience -DIRECTORIES=(addons backup config share ssl) -for dir in "${DIRECTORIES[@]}"; do - ln -s "/${dir}" "${HOME}/${dir}" \ - || bashio::log.warning "Failed linking common directory: ${dir}" -done - -# Sets up the users .ssh folder to be persistent -if ! bashio::fs.directory_exists /data/.ssh; then - mkdir -p /data/.ssh \ - || bashio::exit.nok 'Failed to create a persistent .ssh folder' - - chmod 700 /data/.ssh \ - || bashio::exit.nok \ - 'Failed setting permissions on persistent .ssh folder' -fi -ln -s /data/.ssh /root/.ssh - -# Register stop -function stop_addon() { - bashio::log.debug "Kill Processes..." - kill -15 "${WAIT_PIDS[@]}" - - wait "${WAIT_PIDS[@]}" - bashio::log.debug "Done." -} -trap "stop_addon" SIGTERM SIGHUP - -# Start SSH server -if bashio::var.true "${USE_SSHD}"; then - bashio::log.info "Starting SSH daemon..." - /usr/sbin/sshd -D -e < /dev/null & - WAIT_PIDS+=($!) -fi - -# Start ttyd server -bashio::log.info "Starting Web Terminal..." -cd /root -ttyd -p 8099 tmux -u new -A -s homeassistant bash -l & -WAIT_PIDS+=($!) - -# Wait until all is done -bashio::log.info "SSH add-on is set up and running!" -wait "${WAIT_PIDS[@]}" diff --git a/ssh/rootfs/etc/cont-init.d/keygen.sh b/ssh/rootfs/etc/cont-init.d/keygen.sh new file mode 100644 index 0000000..b747f7f --- /dev/null +++ b/ssh/rootfs/etc/cont-init.d/keygen.sh @@ -0,0 +1,16 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# SSH Host keys +# ============================================================================== +KEYS_PATH=/data/host_keys + +if ! bashio::fs.directory_exists "${KEYS_PATH}"; then + bashio::log.info "Generating host keys..." + + mkdir -p "${KEYS_PATH}" + ssh-keygen -A || bashio::exit.nok "Failed to create host keys!" + cp -fp /etc/ssh/ssh_host* "${KEYS_PATH}/" +else + bashio::log.info "Restoring host keys..." + cp -fp "${KEYS_PATH}"/* /etc/ssh/ +fi diff --git a/ssh/rootfs/etc/cont-init.d/profile.sh b/ssh/rootfs/etc/cont-init.d/profile.sh new file mode 100644 index 0000000..be3b892 --- /dev/null +++ b/ssh/rootfs/etc/cont-init.d/profile.sh @@ -0,0 +1,40 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Setup persistent user settings +# ============================================================================== +DIRECTORIES=(addons backup config share ssl) + +# Persist shell history by redirecting .bash_history to /data +touch /data/.bash_history +chmod 600 /data/.bash_history +ln -s -f /data/.bash_history /root/.bash_history + +# Make Home Assistant TOKEN available on the CLI +echo "export SUPERVISOR_TOKEN=${SUPERVISOR_TOKEN}" >> /etc/profile.d/homeassistant.sh + +# Remove old HASSIO_TOKEN from bash profile (if exists) +if bashio::fs.file_exists /data/.bash_profile; then + sed -i "/export HASSIO_TOKEN=.*/d" /data/.bash_profile +fi + +# Persist .bash_profile by redirecting .bash_profile to /data +touch /data/.bash_profile +chmod 600 /data/.bash_profile +ln -s -f /data/.bash_profile /root/.bash_profile + +# Links some common directories to the user's home folder for convenience +for dir in "${DIRECTORIES[@]}"; do + ln -s "/${dir}" "${HOME}/${dir}" \ + || bashio::log.warning "Failed linking common directory: ${dir}" +done + +# Sets up the users .ssh folder to be persistent +if ! bashio::fs.directory_exists /data/.ssh; then + mkdir -p /data/.ssh \ + || bashio::exit.nok 'Failed to create a persistent .ssh folder' + + chmod 700 /data/.ssh \ + || bashio::exit.nok \ + 'Failed setting permissions on persistent .ssh folder' +fi +ln -s /data/.ssh /root/.ssh diff --git a/ssh/rootfs/etc/cont-init.d/ssh.sh b/ssh/rootfs/etc/cont-init.d/ssh.sh new file mode 100644 index 0000000..d90439c --- /dev/null +++ b/ssh/rootfs/etc/cont-init.d/ssh.sh @@ -0,0 +1,31 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# SSH setup & user +# ============================================================================== +if bashio::config.has_value 'authorized_keys'; then + bashio::log.info "Setup authorized_keys" + + mkdir -p /data/.ssh + chmod 700 /data/.ssh + rm -f /data/.ssh/authorized_keys + while read -r line; do + echo "$line" >> /data/.ssh/authorized_keys + done <<< "$(bashio::config 'authorized_keys')" + + chmod 600 /data/.ssh/authorized_keys + sed -i s/#PasswordAuthentication.*/PasswordAuthentication\ no/ /etc/ssh/sshd_config + + # Unlock account + PASSWORD="$(pwgen -s 64 1)" + echo "root:${PASSWORD}" | chpasswd 2&> /dev/null +elif bashio::config.has_value 'password'; then + bashio::log.info "Setup password login" + + PASSWORD=$(bashio::config 'password') + echo "root:${PASSWORD}" | chpasswd 2&> /dev/null + + sed -i s/#PasswordAuthentication.*/PasswordAuthentication\ yes/ /etc/ssh/sshd_config + sed -i s/#PermitEmptyPasswords.*/PermitEmptyPasswords\ no/ /etc/ssh/sshd_config +elif bashio::var.has_value "$(bashio::addon.port 22)"; then + bashio::exit.nok "You need to setup a login!" +fi diff --git a/ssh/rootfs/etc/fix-attrs.d/cli b/ssh/rootfs/etc/fix-attrs.d/cli new file mode 100644 index 0000000..d6ec390 --- /dev/null +++ b/ssh/rootfs/etc/fix-attrs.d/cli @@ -0,0 +1,2 @@ +/usr/bin/hassio false root 0755 0755 +/usr/bin/ha false root 0755 0755 \ No newline at end of file diff --git a/ssh/rootfs/etc/fix-attrs.d/profile b/ssh/rootfs/etc/fix-attrs.d/profile new file mode 100644 index 0000000..de3e5cd --- /dev/null +++ b/ssh/rootfs/etc/fix-attrs.d/profile @@ -0,0 +1,2 @@ +/data/.bash_history false root 0600 0755 +/data/.bash_profile false root 0600 0755 \ No newline at end of file diff --git a/ssh/rootfs/etc/fix-attrs.d/ssh b/ssh/rootfs/etc/fix-attrs.d/ssh new file mode 100644 index 0000000..a88f7bd --- /dev/null +++ b/ssh/rootfs/etc/fix-attrs.d/ssh @@ -0,0 +1,3 @@ +/data/.ssh false root 0644 0700 +/data/.ssh/authorized_keys false root 0600 0755 +/etc/ssh false root 0644 0755 \ No newline at end of file diff --git a/ssh/data/motd b/ssh/rootfs/etc/motd similarity index 100% rename from ssh/data/motd rename to ssh/rootfs/etc/motd diff --git a/ssh/data/homeassistant.sh b/ssh/rootfs/etc/profile.d/homeassistant.sh similarity index 100% rename from ssh/data/homeassistant.sh rename to ssh/rootfs/etc/profile.d/homeassistant.sh diff --git a/ssh/rootfs/etc/services.d/sshd/finish b/ssh/rootfs/etc/services.d/sshd/finish new file mode 100644 index 0000000..faf6b31 --- /dev/null +++ b/ssh/rootfs/etc/services.d/sshd/finish @@ -0,0 +1,8 @@ +#!/usr/bin/execlineb -S0 +# ============================================================================== +# Take down the S6 supervision tree when sshd fails +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services \ No newline at end of file diff --git a/ssh/rootfs/etc/services.d/sshd/run b/ssh/rootfs/etc/services.d/sshd/run new file mode 100644 index 0000000..7a25830 --- /dev/null +++ b/ssh/rootfs/etc/services.d/sshd/run @@ -0,0 +1,12 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Start sshd service if enabled +# ============================================================================== + +# If SSH is disabled, use a fake sleep process +if ! bashio::var.has_value "$(bashio::addon.port 22)"; then + exec sleep 864000 +fi + +bashio::log.info "Starting the SSH daemon..." +exec /usr/sbin/sshd -D -e \ No newline at end of file diff --git a/ssh/rootfs/etc/services.d/ttyd/finish b/ssh/rootfs/etc/services.d/ttyd/finish new file mode 100644 index 0000000..aad97ff --- /dev/null +++ b/ssh/rootfs/etc/services.d/ttyd/finish @@ -0,0 +1,8 @@ +#!/usr/bin/execlineb -S0 +# ============================================================================== +# Take down the S6 supervision tree when ttyd fails +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services \ No newline at end of file diff --git a/ssh/rootfs/etc/services.d/ttyd/run b/ssh/rootfs/etc/services.d/ttyd/run new file mode 100644 index 0000000..24c4483 --- /dev/null +++ b/ssh/rootfs/etc/services.d/ttyd/run @@ -0,0 +1,8 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Start ttyd service for ingress +# ============================================================================== +bashio::log.info "Starting Web Terminal..." +cd /root + +exec ttyd -p 8099 tmux -u new -A -s homeassistant bash -l \ No newline at end of file diff --git a/ssh/data/sshd_config b/ssh/rootfs/etc/ssh/sshd_config similarity index 100% rename from ssh/data/sshd_config rename to ssh/rootfs/etc/ssh/sshd_config diff --git a/ssh/data/.tmux.conf b/ssh/rootfs/root/.tmux.conf similarity index 100% rename from ssh/data/.tmux.conf rename to ssh/rootfs/root/.tmux.conf diff --git a/ssh/data/hassio b/ssh/rootfs/usr/bin/hassio old mode 100755 new mode 100644 similarity index 100% rename from ssh/data/hassio rename to ssh/rootfs/usr/bin/hassio