Add support for new audo layer (#1153)

* Add support for new audo layer

* Add layer

* restucture

* better struct

* Improve devcontainer

* Fix container

* Fix LN

* disable lint

* ignore

ssh/rootfs/etc/cont-init.d/keygen.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# SSH Host keys
+# ==============================================================================
+KEYS_PATH=/data/host_keys
+
+if ! bashio::fs.directory_exists "${KEYS_PATH}"; then
+    bashio::log.info "Generating host keys..."
+
+    mkdir -p "${KEYS_PATH}"
+    ssh-keygen -A || bashio::exit.nok "Failed to create host keys!"
+    cp -fp /etc/ssh/ssh_host* "${KEYS_PATH}/"
+else
+    bashio::log.info "Restoring host keys..."
+    cp -fp "${KEYS_PATH}"/* /etc/ssh/
+fi

ssh/rootfs/etc/cont-init.d/profile.sh

@@ -0,0 +1,40 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Setup persistent user settings
+# ==============================================================================
+DIRECTORIES=(addons backup config share ssl)
+
+# Persist shell history by redirecting .bash_history to /data
+touch /data/.bash_history
+chmod 600 /data/.bash_history
+ln -s -f /data/.bash_history /root/.bash_history
+
+# Make Home Assistant TOKEN available on the CLI
+echo "export SUPERVISOR_TOKEN=${SUPERVISOR_TOKEN}" >> /etc/profile.d/homeassistant.sh
+
+# Remove old HASSIO_TOKEN from bash profile (if exists)
+if bashio::fs.file_exists /data/.bash_profile; then
+  sed -i "/export HASSIO_TOKEN=.*/d" /data/.bash_profile
+fi
+
+# Persist .bash_profile by redirecting .bash_profile to /data
+touch /data/.bash_profile
+chmod 600 /data/.bash_profile
+ln -s -f /data/.bash_profile /root/.bash_profile
+
+# Links some common directories to the user's home folder for convenience
+for dir in "${DIRECTORIES[@]}"; do
+    ln -s "/${dir}" "${HOME}/${dir}" \
+        || bashio::log.warning "Failed linking common directory: ${dir}"
+done
+
+# Sets up the users .ssh folder to be persistent
+if ! bashio::fs.directory_exists /data/.ssh; then
+    mkdir -p /data/.ssh \
+        || bashio::exit.nok 'Failed to create a persistent .ssh folder'
+
+    chmod 700 /data/.ssh \
+        || bashio::exit.nok \
+            'Failed setting permissions on persistent .ssh folder'
+fi
+ln -s /data/.ssh /root/.ssh

ssh/rootfs/etc/cont-init.d/ssh.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# SSH setup & user
+# ==============================================================================
+if bashio::config.has_value 'authorized_keys'; then
+    bashio::log.info "Setup authorized_keys"
+
+    mkdir -p /data/.ssh
+    chmod 700 /data/.ssh
+    rm -f /data/.ssh/authorized_keys
+    while read -r line; do
+        echo "$line" >> /data/.ssh/authorized_keys
+    done <<< "$(bashio::config 'authorized_keys')"
+
+    chmod 600 /data/.ssh/authorized_keys
+    sed -i s/#PasswordAuthentication.*/PasswordAuthentication\ no/ /etc/ssh/sshd_config
+
+    # Unlock account
+    PASSWORD="$(pwgen -s 64 1)"
+    echo "root:${PASSWORD}" | chpasswd 2&> /dev/null
+elif bashio::config.has_value 'password'; then
+    bashio::log.info "Setup password login"
+
+    PASSWORD=$(bashio::config 'password')
+    echo "root:${PASSWORD}" | chpasswd 2&> /dev/null
+
+    sed -i s/#PasswordAuthentication.*/PasswordAuthentication\ yes/ /etc/ssh/sshd_config
+    sed -i s/#PermitEmptyPasswords.*/PermitEmptyPasswords\ no/ /etc/ssh/sshd_config
+elif bashio::var.has_value "$(bashio::addon.port 22)"; then
+    bashio::exit.nok "You need to setup a login!"
+fi

ssh/rootfs/etc/fix-attrs.d/cli

@@ -0,0 +1,2 @@
+/usr/bin/hassio false root 0755 0755
+/usr/bin/ha false root 0755 0755

ssh/rootfs/etc/fix-attrs.d/profile

@@ -0,0 +1,2 @@
+/data/.bash_history false root 0600 0755
+/data/.bash_profile false root 0600 0755

ssh/rootfs/etc/fix-attrs.d/ssh

@@ -0,0 +1,3 @@
+/data/.ssh false root 0644 0700
+/data/.ssh/authorized_keys false root 0600 0755
+/etc/ssh false root 0644 0755

ssh/rootfs/etc/motd

@@ -0,0 +1,11 @@
+ _    _                                         _     _              _   
+| |  | |                          /\           (_)   | |            | |  
+| |__| | ___  _ __ ___   ___     /  \   ___ ___ _ ___| |_ __ _ _ __ | |_ 
+|  __  |/ _ \| '_ ` _ \ / _ \   / /\ \ / __/ __| / __| __/ _` | '_ \| __|
+| |  | | (_) | | | | | |  __/  / ____ \\__ \__ \ \__ \ || (_| | | | | |_ 
+|_|  |_|\___/|_| |_| |_|\___| /_/    \_\___/___/_|___/\__\__,_|_| |_|\__|
+                                                                         
+
+Our command line:
+$ ha help
+

ssh/rootfs/etc/profile.d/homeassistant.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+export PS1="\W \$ "
+cat /etc/motd

ssh/rootfs/etc/services.d/sshd/finish

@@ -0,0 +1,8 @@
+#!/usr/bin/execlineb -S0
+# ==============================================================================
+# Take down the S6 supervision tree when sshd fails
+# ==============================================================================
+if { s6-test ${1} -ne 0 }
+if { s6-test ${1} -ne 256 }
+
+s6-svscanctl -t /var/run/s6/services

ssh/rootfs/etc/services.d/sshd/run

@@ -0,0 +1,12 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Start sshd service if enabled
+# ==============================================================================
+
+# If SSH is disabled, use a fake sleep process
+if ! bashio::var.has_value "$(bashio::addon.port 22)"; then
+    exec sleep 864000
+fi
+
+bashio::log.info "Starting the SSH daemon..."
+exec /usr/sbin/sshd -D -e

ssh/rootfs/etc/services.d/ttyd/finish

@@ -0,0 +1,8 @@
+#!/usr/bin/execlineb -S0
+# ==============================================================================
+# Take down the S6 supervision tree when ttyd fails
+# ==============================================================================
+if { s6-test ${1} -ne 0 }
+if { s6-test ${1} -ne 256 }
+
+s6-svscanctl -t /var/run/s6/services

ssh/rootfs/etc/services.d/ttyd/run

@@ -0,0 +1,8 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Start ttyd service for ingress
+# ==============================================================================
+bashio::log.info "Starting Web Terminal..."
+cd /root
+
+exec ttyd -p 8099 tmux -u new -A -s homeassistant bash -l

ssh/rootfs/etc/ssh/sshd_config

@@ -0,0 +1,23 @@
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# Logging
+LogLevel INFO
+
+# Default
+AllowTcpForwarding no
+GatewayPorts no
+X11Forwarding no
+
+Subsystem       sftp    /usr/lib/ssh/sftp-server
+
+# Authentication:
+PermitRootLogin yes
+
+Banner none
+PrintMotd no
+
+#PasswordAuthentication no
+#PermitEmptyPasswords no
+
+

ssh/rootfs/root/.tmux.conf

@@ -0,0 +1,25 @@
+set-option -g default-terminal $TERM
+set-option -g base-index 1
+setw -g pane-base-index 1
+setw -g window-status-format "#[fg=white]#[bg=blue] #I #[bg=blue]#[fg=white] #W "
+setw -g window-status-current-format "#[bg=brightmagenta]#[fg=white] *#I #[fg=white,bold]#[bg=cyan] [#W] "
+set -g status-fg white
+set -g status-bg blue
+set -g status-left ''
+set -g status-right '%a %m-%d %H:%M'
+set -g mouse on
+unbind C-b
+set-option -g prefix C-a
+bind-key C-a send-prefix
+bind | split-window -h
+bind \\ split-window -h
+bind - split-window -v
+unbind '"'
+unbind %
+bind -n M-Left select-pane -L
+bind -n M-Right select-pane -R
+bind -n M-Up select-pane -U
+bind -n M-Down select-pane -D
+set -s escape-time 0
+bind-key -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -selection clipboard -i"
+bind-key -T copy-mode MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -selection clipboard -i"

ssh/rootfs/usr/bin/hassio

@@ -0,0 +1,3 @@
+#!/usr/bin/env bashio
+bashio::log.yellow "The 'hassio' command is deprecated, please use 'ha' instead!"
+ha "$@"