Configurator migration to new ingress (#560)

* Migrate to new ingress

* Update chmod

* Fix path

* Update handling

* Fix http lua

* Add auth flag

* Use hyprid

* Add webui

* Fix hass.io version

* cleanup

configurator/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 3.0
+- Update Python to version 3.7
+- Update Configurator to version 0.3.5
+- Migrate Add-on to new Ingress
+
 ## 2.1
 - Update python version
 
@@ -7,40 +12,16 @@
 - Add access to folder: `/share`, `/backup`
 
 ## 1.2
-
-### Configurator 0.3.2
-- Fixed numeric password regression
-- Fixed list-options (ALLOWED_NETWORKS, BANNED_IPS, IGNORE_PATTERN)
-- Improved handling of UTF-8 encoded files
+- Update Configurator to version 0.3.2
 
 ## 1.1
 - Fixed ssl certificate path bug
 
 ## 1.0
-
-### Configurator 0.3.1
-- Added basic git stash functionality
-- Added NOTIFY_SERVICE option
-- Notifying if used passwords are insecure and when SESAME has been used
-- PASSWORD can optionally be provided as SHA256 hash
-- Added SESAME_TOTP_SECRET for TOTP based IP whitelisting
-- Added git diff functionality
-- Red colored menu button as indicator for outdated version
-- Removed right dragging area for editor settings
-- Added IGNORE_SSL option to disable SSL verification when connecting to HASS API
-- Allow customizing loglevel
-- Show client IP address in network status modal
+- Update Configurator to version 0.3.1
 
 ## 0.4
 - Update Configurator to version 0.2.9
-- Material Icons and HASS-help now open in new tab instead of modal
-- Open file by URL
-- Added ENFORCE_BASEPATH option
-- Cosmetic fix for scaled viewports
-- Added search-function for entities
-- Updated Ace Editor to 1.3.3
-- Updated jQuery to 3.3.1
-- Updated js-yaml to 3.12.0
 
 ## 0.3
 - Update Configurator to version 0.2.8

configurator/Dockerfile

@@ -3,13 +3,17 @@ FROM $BUILD_FROM
 
 # Setup base
 ARG CONFIGURATOR_VERSION
-RUN apk add --no-cache git curl openssh \
-  && pip3 install --no-cache-dir GitPython pyotp \
-  && curl -s -o /configurator.py https://raw.githubusercontent.com/danielperna84/hass-configurator/$CONFIGURATOR_VERSION/configurator.py \
-  && apk del curl
+ARG HASSIO_AUTH_VERSION
+RUN apk add --no-cache \
+    git nginx nginx-mod-http-lua lua-resty-http \
+  && git clone --depth 1 -b ${HASSIO_AUTH_VERSION} https://github.com/home-assistant/hassio-auth \
+  && cp -f hassio-auth/nginx-frontend/ha-auth.lua /etc/nginx/ \
+  && cp -f hassio-auth/nginx-frontend/example/nginx-ingress.conf /etc/nginx/ \
+  && rm -fr /usr/src/hassio-auth \
+  && pip install hass-configurator==${CONFIGURATOR_VERSION}
 
 # Copy data
+COPY configurator.conf /etc/
 COPY run.sh /
-RUN chmod a+x /run.sh
 
 CMD ["/run.sh"]

configurator/build.json

@@ -1,12 +1,13 @@
 {
   "build_from": {
-    "amd64": "homeassistant/amd64-base-python:3.6",
-    "i386": "homeassistant/i386-base-python:3.6",
-    "armhf": "homeassistant/armhf-base-python:3.6",
-    "armv7": "homeassistant/armv7-base-python:3.6",
-    "aarch64": "homeassistant/aarch64-base-python:3.6"
+    "amd64": "homeassistant/amd64-base-python:3.7",
+    "i386": "homeassistant/i386-base-python:3.7",
+    "armhf": "homeassistant/armhf-base-python:3.7",
+    "armv7": "homeassistant/armv7-base-python:3.7",
+    "aarch64": "homeassistant/aarch64-base-python:3.7"
   },
   "args": {
-    "CONFIGURATOR_VERSION": "0.3.2"
+    "CONFIGURATOR_VERSION": "0.3.5",
+    "HASSIO_AUTH_VERSION": "4.0"
   }
 }

configurator/config.json

@@ -1,54 +1,27 @@
 {
   "name": "Configurator",
-  "version": "2.1",
+  "version": "3.0",
   "slug": "configurator",
   "description": "Browser-based configuration file editor for Home Assistant.",
   "url": "https://home-assistant.io/addons/configurator",
   "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"],
+  "homeassistant": "0.91.1",
   "startup": "application",
-  "webui": "[PROTO:ssl]://[HOST]:[PORT:3218]",
+  "webui": "http://[HOST]:[PORT:8080]",
+  "ingress": true,
+  "auth_api": true,
   "homeassistant_api": true,
   "boot": "auto",
-  "ports": {
-    "3218/tcp": 3218
-  },
   "map": [
     "backup:rw",
     "config:rw",
     "share:rw",
     "ssl:rw"
   ],
-  "options": {
-    "username": "admin",
-    "password": null,
-    "ssl": false,
-    "certfile": "fullchain.pem",
-    "keyfile": "privkey.pem",
-    "allowed_networks": ["192.168.0.0/16", "172.30.0.0/16"],
-    "banned_ips": ["8.8.8.8"],
-    "banlimit": 0,
-    "ignore_pattern": ["__pycache__"],
-    "dirsfirst": false,
-    "enforce_basepath": false,
-    "notify_service": "persistent_notification.create"
-  },
-  "schema": {
-    "username": "str",
-    "password": "match(.+)",
-    "ssl": "bool",
-    "certfile": "str",
-    "keyfile": "str",
-    "allowed_networks": ["str"],
-    "banned_ips": ["str"],
-    "banlimit": "int",
-    "ignore_pattern": ["str"],
-    "dirsfirst": "bool",
-    "enforce_basepath": "bool",
-    "notify_service": "str",
-    "sesame": "str?",
-    "sesame_totp_secret": "str?",
-    "loglevel": "str?",
-    "verify_hostname": "str?"
+  "ports": {
+    "8080/tcp": null
   },
+  "options": {},
+  "schema": {},
   "image": "homeassistant/{arch}-addon-configurator"
 }

configurator/configurator.conf

@@ -0,0 +1,26 @@
+{
+    "LISTENIP": "127.0.0.1",
+    "PORT": 80,
+    "GIT": true,
+    "BASEPATH": "/config",
+    "ENFORCE_BASEPATH": false,
+    "SSL_CERTIFICATE": null,
+    "SSL_KEY": null,
+    "IGNORE_SSL": false,
+    "HASS_API": "http://hassio/homeassistant/api/",
+    "HASS_WS_API": null,
+    "HASS_API_PASSWORD": "%%TOKEN%%",
+    "USERNAME": null,
+    "PASSWORD": null,
+    "ALLOWED_NETWORKS": [],
+    "ALLOWED_DOMAINS": [],
+    "BANNED_IPS": [],
+    "BANLIMIT": 0,
+    "IGNORE_PATTERN": [],
+    "DIRSFIRST": false,
+    "SESAME": null,
+    "SESAME_TOTP_SECRET": null,
+    "VERIFY_HOSTNAME": null,
+    "ENV_PREFIX": "HC_",
+    "NOTIFY_SERVICE": "persistent_notification.create"
+}

configurator/run.sh

@@ -1,46 +1,27 @@
-#!/bin/bash
-# shellcheck disable=SC2155
+#!/usr/bin/env bashio
 
-CONFIG_PATH=/data/options.json
+WAIT_PIDS=()
 
-export HC_BASEPATH=/config
-export HC_HASS_API=http://hassio/homeassistant/api/
-export HC_HASS_API_PASSWORD=$HASSIO_TOKEN
-export HC_GIT=true
-export HC_VERIFY_HOSTNAME=false
-export HC_IGNORE_SSL=false
+# Setup and run Frontend
+sed -i "s/%%PORT%%/8080/g" /etc/nginx/nginx-ingress.conf
+sed -i "s/%%PORT_INGRESS%%/8099/g" /etc/nginx/nginx-ingress.conf
+nginx -c /etc/nginx/nginx-ingress.conf &
+WAIT_PIDS+=($!)
 
-export HC_ENFORCE_BASEPATH=$(jq --raw-output '.enforce_basepath' $CONFIG_PATH)
-export HC_USERNAME=$(jq --raw-output '.username' $CONFIG_PATH)
-export HC_PASSWORD=$(jq --raw-output '.password' $CONFIG_PATH)
-export HC_NOTIFY_SERVICE=$(jq --raw-output '.notify_service' $CONFIG_PATH)
-export HC_ALLOWED_NETWORKS=$(jq --raw-output '.allowed_networks | join(",")' $CONFIG_PATH)
-export HC_BANNED_IPS=$(jq --raw-output '.banned_ips | join(",")' $CONFIG_PATH)
-export HC_BANLIMIT=$(jq --raw-output '.banlimit' $CONFIG_PATH)
-export HC_IGNORE_PATTERN=$(jq --raw-output '.ignore_pattern | join(",")' $CONFIG_PATH)
-export HC_DIRSFIRST=$(jq --raw-output '.dirsfirst' $CONFIG_PATH)
-export HC_VERIFY_HOSTNAME=$(jq --raw-output '.verify_hostname // empty' $CONFIG_PATH)
+# Setup and run configurator
+sed -i "s/%%TOKEN%%/${HASSIO_TOKEN}/g" /etc/configurator.conf
+hass-configurator /etc/configurator.conf &
+WAIT_PIDS+=($!)
 
-SSL=$(jq --raw-output '.ssl // false' $CONFIG_PATH)
-if  [ "$SSL" == "true" ]; then
-    export HC_SSL_CERTIFICATE=ssl/$(jq --raw-output '.certfile' $CONFIG_PATH)
-    export HC_SSL_KEY=ssl/$(jq --raw-output '.keyfile' $CONFIG_PATH)
-fi
+# Register stop
+function stop_addon() {
+    bashio::log.debug "Kill Processes..."
+    kill -15 "${WAIT_PIDS[@]}"
+    wait "${WAIT_PIDS[@]}"
+    bashio::log.debug "Done."
+}
+trap "stop_addon" SIGTERM SIGHUP
 
-LOGLEVEL=$(jq --raw-output '.loglevel // empty' $CONFIG_PATH)
-if [ -n "$LOGLEVEL" ]; then
-    export HC_LOGLEVEL=$LOGLEVEL
-fi
-
-SESAME=$(jq --raw-output '.sesame // empty' $CONFIG_PATH)
-if [ -n "$SESAME" ]; then
-    export HC_SESAME=$SESAME
-fi
-
-SESAME_TOTP_SECRET=$(jq --raw-output '.sesame_totp_secret // empty' $CONFIG_PATH)
-if [ -n "$SESAME_TOTP_SECRET" ]; then
-    export HC_SESAME_TOTP_SECRET=$SESAME_TOTP_SECRET
-fi
-
-# Run configurator
-exec python3 /configurator.py
+# Wait until all is done
+bashio::log.info "Add-on running"
+wait "${WAIT_PIDS[@]}"