diff --git a/bundles/homeassistant/files/check_homeassistant_update b/bundles/homeassistant/files/check_homeassistant_update new file mode 100644 index 0000000..d01d830 --- /dev/null +++ b/bundles/homeassistant/files/check_homeassistant_update @@ -0,0 +1,49 @@ +#!/usr/bin/env python3 + +from sys import exit + +import requests +from packaging import version + +bearer = "${bearer}" +domain = "${domain}" +OK = 0 +WARN = 1 +CRITICAL = 2 +UNKNOWN = 3 + +status = 3 +message = "Unknown Update Status" + + +domain = "hass.home.kunbox.net" + +s = requests.Session() +s.headers.update({"Content-Type": "application/json"}) + +try: + stable_version = version.parse( + s.get("https://version.home-assistant.io/stable.json").json()["homeassistant"][ + "generic-x86-64" + ] + ) + s.headers.update( + {"Authorization": f"Bearer {bearer}", "Content-Type": "application/json"} + ) + running_version = version.parse( + s.get(f"https://{domain}/api/config").json()["version"] + ) + if running_version == stable_version: + status = 0 + message = f"OK - running version {running_version} equals stable version {stable_version}" + elif running_version > stable_version: + status = 1 + message = f"WARNING - stable version {stable_version} is lower than running version {running_version}, check if downgrade is necessary." + else: + status = 2 + message = f"CRITICAL - update necessary, running verison {running_version} is lower than stable version {stable_version}" +except Exception as e: + message = f"{message}: {repr(e)}" + +print(message) +exit(status) diff --git a/bundles/homeassistant/items.py b/bundles/homeassistant/items.py index f5f7a08..6ceeec4 100644 --- a/bundles/homeassistant/items.py +++ b/bundles/homeassistant/items.py @@ -20,6 +20,14 @@ files = { 'svc_systemd:homeassistant:restart', }, }, + '/usr/local/share/icinga/plugins/check_homeassistant_update': { + 'content_type': 'mako', + 'context': { + 'bearer': repo.vault.decrypt(node.metadata.get('homeassistant/api_secret')), + 'domain': node.metadata.get('homeassistant/domain'), + }, + 'mode': '0755', + }, } actions = { diff --git a/bundles/homeassistant/metadata.py b/bundles/homeassistant/metadata.py index e000af9..87855f8 100644 --- a/bundles/homeassistant/metadata.py +++ b/bundles/homeassistant/metadata.py @@ -3,17 +3,18 @@ from bundlewrap.metadata import atomic defaults = { 'apt': { 'packages': { - 'bluez': {}, - 'libffi-dev': {}, - 'libssl-dev': {}, - 'libjpeg-dev': {}, - 'zlib1g-dev': {}, 'autoconf': {}, + 'bluez': {}, 'build-essential': {}, + 'libffi-dev': {}, + 'libjpeg-dev': {}, 'libopenjp2-7': {}, + 'libssl-dev': {}, 'libtiff5': {}, 'libturbojpeg0-dev': {}, + 'python3-packaging': {}, 'tzdata': {}, + 'zlib1g-dev': {}, }, }, 'backups': { @@ -32,7 +33,7 @@ def icinga_check_for_new_release(metadata): 'homeassistant': { 'services': { 'HOMEASSISTANT UPDATE': { - 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release homeassistant/core {}'.format(metadata.get('homeassistant/version')), + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_homeassistant_update', 'vars.notification.mail': True, 'check_interval': '60m', }, @@ -65,15 +66,3 @@ def nginx(metadata): }, }, } - -@metadata_reactor.provides( - 'firewall/port_rules/8123', -) -def firewall(metadata): - return { - 'firewall': { - 'port_rules': { - '8123': atomic(metadata.get('nginx/restrict-to', {'*'})), - }, - }, - }