diff --git a/configurator/CHANGELOG.md b/configurator/CHANGELOG.md index a05370b..d840585 100644 --- a/configurator/CHANGELOG.md +++ b/configurator/CHANGELOG.md @@ -1,5 +1,10 @@ # Changelog +## 3.0 +- Update Python to version 3.7 +- Update Configurator to version 0.3.5 +- Migrate Add-on to new Ingress + ## 2.1 - Update python version @@ -7,40 +12,16 @@ - Add access to folder: `/share`, `/backup` ## 1.2 - -### Configurator 0.3.2 -- Fixed numeric password regression -- Fixed list-options (ALLOWED_NETWORKS, BANNED_IPS, IGNORE_PATTERN) -- Improved handling of UTF-8 encoded files +- Update Configurator to version 0.3.2 ## 1.1 - Fixed ssl certificate path bug ## 1.0 - -### Configurator 0.3.1 -- Added basic git stash functionality -- Added NOTIFY_SERVICE option -- Notifying if used passwords are insecure and when SESAME has been used -- PASSWORD can optionally be provided as SHA256 hash -- Added SESAME_TOTP_SECRET for TOTP based IP whitelisting -- Added git diff functionality -- Red colored menu button as indicator for outdated version -- Removed right dragging area for editor settings -- Added IGNORE_SSL option to disable SSL verification when connecting to HASS API -- Allow customizing loglevel -- Show client IP address in network status modal +- Update Configurator to version 0.3.1 ## 0.4 - Update Configurator to version 0.2.9 -- Material Icons and HASS-help now open in new tab instead of modal -- Open file by URL -- Added ENFORCE_BASEPATH option -- Cosmetic fix for scaled viewports -- Added search-function for entities -- Updated Ace Editor to 1.3.3 -- Updated jQuery to 3.3.1 -- Updated js-yaml to 3.12.0 ## 0.3 - Update Configurator to version 0.2.8 diff --git a/configurator/Dockerfile b/configurator/Dockerfile index fae7e9a..ac286bf 100644 --- a/configurator/Dockerfile +++ b/configurator/Dockerfile @@ -3,13 +3,17 @@ FROM $BUILD_FROM # Setup base ARG CONFIGURATOR_VERSION -RUN apk add --no-cache git curl openssh \ - && pip3 install --no-cache-dir GitPython pyotp \ - && curl -s -o /configurator.py https://raw.githubusercontent.com/danielperna84/hass-configurator/$CONFIGURATOR_VERSION/configurator.py \ - && apk del curl +ARG HASSIO_AUTH_VERSION +RUN apk add --no-cache \ + git nginx nginx-mod-http-lua lua-resty-http \ + && git clone --depth 1 -b ${HASSIO_AUTH_VERSION} https://github.com/home-assistant/hassio-auth \ + && cp -f hassio-auth/nginx-frontend/ha-auth.lua /etc/nginx/ \ + && cp -f hassio-auth/nginx-frontend/example/nginx-ingress.conf /etc/nginx/ \ + && rm -fr /usr/src/hassio-auth \ + && pip install hass-configurator==${CONFIGURATOR_VERSION} # Copy data +COPY configurator.conf /etc/ COPY run.sh / -RUN chmod a+x /run.sh CMD ["/run.sh"] diff --git a/configurator/build.json b/configurator/build.json index 1a4c574..73327db 100644 --- a/configurator/build.json +++ b/configurator/build.json @@ -1,12 +1,13 @@ { "build_from": { - "amd64": "homeassistant/amd64-base-python:3.6", - "i386": "homeassistant/i386-base-python:3.6", - "armhf": "homeassistant/armhf-base-python:3.6", - "armv7": "homeassistant/armv7-base-python:3.6", - "aarch64": "homeassistant/aarch64-base-python:3.6" + "amd64": "homeassistant/amd64-base-python:3.7", + "i386": "homeassistant/i386-base-python:3.7", + "armhf": "homeassistant/armhf-base-python:3.7", + "armv7": "homeassistant/armv7-base-python:3.7", + "aarch64": "homeassistant/aarch64-base-python:3.7" }, "args": { - "CONFIGURATOR_VERSION": "0.3.2" + "CONFIGURATOR_VERSION": "0.3.5", + "HASSIO_AUTH_VERSION": "4.0" } } diff --git a/configurator/config.json b/configurator/config.json index ff6008c..e48e8c9 100644 --- a/configurator/config.json +++ b/configurator/config.json @@ -1,54 +1,27 @@ { "name": "Configurator", - "version": "2.1", + "version": "3.0", "slug": "configurator", "description": "Browser-based configuration file editor for Home Assistant.", "url": "https://home-assistant.io/addons/configurator", "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"], + "homeassistant": "0.91.1", "startup": "application", - "webui": "[PROTO:ssl]://[HOST]:[PORT:3218]", + "webui": "http://[HOST]:[PORT:8080]", + "ingress": true, + "auth_api": true, "homeassistant_api": true, "boot": "auto", - "ports": { - "3218/tcp": 3218 - }, "map": [ "backup:rw", "config:rw", "share:rw", "ssl:rw" ], - "options": { - "username": "admin", - "password": null, - "ssl": false, - "certfile": "fullchain.pem", - "keyfile": "privkey.pem", - "allowed_networks": ["192.168.0.0/16", "172.30.0.0/16"], - "banned_ips": ["8.8.8.8"], - "banlimit": 0, - "ignore_pattern": ["__pycache__"], - "dirsfirst": false, - "enforce_basepath": false, - "notify_service": "persistent_notification.create" - }, - "schema": { - "username": "str", - "password": "match(.+)", - "ssl": "bool", - "certfile": "str", - "keyfile": "str", - "allowed_networks": ["str"], - "banned_ips": ["str"], - "banlimit": "int", - "ignore_pattern": ["str"], - "dirsfirst": "bool", - "enforce_basepath": "bool", - "notify_service": "str", - "sesame": "str?", - "sesame_totp_secret": "str?", - "loglevel": "str?", - "verify_hostname": "str?" + "ports": { + "8080/tcp": null }, + "options": {}, + "schema": {}, "image": "homeassistant/{arch}-addon-configurator" } diff --git a/configurator/configurator.conf b/configurator/configurator.conf new file mode 100644 index 0000000..d522ec2 --- /dev/null +++ b/configurator/configurator.conf @@ -0,0 +1,26 @@ +{ + "LISTENIP": "127.0.0.1", + "PORT": 80, + "GIT": true, + "BASEPATH": "/config", + "ENFORCE_BASEPATH": false, + "SSL_CERTIFICATE": null, + "SSL_KEY": null, + "IGNORE_SSL": false, + "HASS_API": "http://hassio/homeassistant/api/", + "HASS_WS_API": null, + "HASS_API_PASSWORD": "%%TOKEN%%", + "USERNAME": null, + "PASSWORD": null, + "ALLOWED_NETWORKS": [], + "ALLOWED_DOMAINS": [], + "BANNED_IPS": [], + "BANLIMIT": 0, + "IGNORE_PATTERN": [], + "DIRSFIRST": false, + "SESAME": null, + "SESAME_TOTP_SECRET": null, + "VERIFY_HOSTNAME": null, + "ENV_PREFIX": "HC_", + "NOTIFY_SERVICE": "persistent_notification.create" +} diff --git a/configurator/run.sh b/configurator/run.sh old mode 100644 new mode 100755 index 8b8de13..289b86d --- a/configurator/run.sh +++ b/configurator/run.sh @@ -1,46 +1,27 @@ -#!/bin/bash -# shellcheck disable=SC2155 +#!/usr/bin/env bashio -CONFIG_PATH=/data/options.json +WAIT_PIDS=() -export HC_BASEPATH=/config -export HC_HASS_API=http://hassio/homeassistant/api/ -export HC_HASS_API_PASSWORD=$HASSIO_TOKEN -export HC_GIT=true -export HC_VERIFY_HOSTNAME=false -export HC_IGNORE_SSL=false +# Setup and run Frontend +sed -i "s/%%PORT%%/8080/g" /etc/nginx/nginx-ingress.conf +sed -i "s/%%PORT_INGRESS%%/8099/g" /etc/nginx/nginx-ingress.conf +nginx -c /etc/nginx/nginx-ingress.conf & +WAIT_PIDS+=($!) -export HC_ENFORCE_BASEPATH=$(jq --raw-output '.enforce_basepath' $CONFIG_PATH) -export HC_USERNAME=$(jq --raw-output '.username' $CONFIG_PATH) -export HC_PASSWORD=$(jq --raw-output '.password' $CONFIG_PATH) -export HC_NOTIFY_SERVICE=$(jq --raw-output '.notify_service' $CONFIG_PATH) -export HC_ALLOWED_NETWORKS=$(jq --raw-output '.allowed_networks | join(",")' $CONFIG_PATH) -export HC_BANNED_IPS=$(jq --raw-output '.banned_ips | join(",")' $CONFIG_PATH) -export HC_BANLIMIT=$(jq --raw-output '.banlimit' $CONFIG_PATH) -export HC_IGNORE_PATTERN=$(jq --raw-output '.ignore_pattern | join(",")' $CONFIG_PATH) -export HC_DIRSFIRST=$(jq --raw-output '.dirsfirst' $CONFIG_PATH) -export HC_VERIFY_HOSTNAME=$(jq --raw-output '.verify_hostname // empty' $CONFIG_PATH) +# Setup and run configurator +sed -i "s/%%TOKEN%%/${HASSIO_TOKEN}/g" /etc/configurator.conf +hass-configurator /etc/configurator.conf & +WAIT_PIDS+=($!) -SSL=$(jq --raw-output '.ssl // false' $CONFIG_PATH) -if [ "$SSL" == "true" ]; then - export HC_SSL_CERTIFICATE=ssl/$(jq --raw-output '.certfile' $CONFIG_PATH) - export HC_SSL_KEY=ssl/$(jq --raw-output '.keyfile' $CONFIG_PATH) -fi +# Register stop +function stop_addon() { + bashio::log.debug "Kill Processes..." + kill -15 "${WAIT_PIDS[@]}" + wait "${WAIT_PIDS[@]}" + bashio::log.debug "Done." +} +trap "stop_addon" SIGTERM SIGHUP -LOGLEVEL=$(jq --raw-output '.loglevel // empty' $CONFIG_PATH) -if [ -n "$LOGLEVEL" ]; then - export HC_LOGLEVEL=$LOGLEVEL -fi - -SESAME=$(jq --raw-output '.sesame // empty' $CONFIG_PATH) -if [ -n "$SESAME" ]; then - export HC_SESAME=$SESAME -fi - -SESAME_TOTP_SECRET=$(jq --raw-output '.sesame_totp_secret // empty' $CONFIG_PATH) -if [ -n "$SESAME_TOTP_SECRET" ]; then - export HC_SESAME_TOTP_SECRET=$SESAME_TOTP_SECRET -fi - -# Run configurator -exec python3 /configurator.py +# Wait until all is done +bashio::log.info "Add-on running" +wait "${WAIT_PIDS[@]}"