homassistant #56

Merged
kunsi merged 6 commits from homassistant into main 2022-12-24 17:32:39 +00:00
3 changed files with 28 additions and 16 deletions
Showing only changes of commit edeffee5c2 - Show all commits

View file

@ -6,7 +6,7 @@ After=network-online.target
Type=simple Type=simple
User=homeassistant User=homeassistant
WorkingDirectory=/var/opt/homeassistant WorkingDirectory=/var/opt/homeassistant
ExecStart=/opt/homeassistant/bin/hass -c "/var/opt/homeassistant" ExecStart=/opt/homeassistant/venv/bin/hass -c "/var/opt/homeassistant"
RestartForceExitStatus=100 RestartForceExitStatus=100
[Install] [Install]

View file

@ -5,7 +5,9 @@ users = {
} }
directories = { directories = {
'/opt/homeassistant': {}, '/opt/homeassistant': {
'owner': 'homeassistant',
},
'/var/opt/homeassistant': { '/var/opt/homeassistant': {
'owner': 'homeassistant', 'owner': 'homeassistant',
}, },
@ -22,19 +24,11 @@ files = {
actions = { actions = {
'homeassistant_create_virtualenv': { 'homeassistant_create_virtualenv': {
'command': '/usr/bin/python3 -m virtualenv -p python3 /opt/homeassistant/venv', 'command': 'sudo -u homeassistant /usr/bin/python3 -m virtualenv -p python3 /opt/homeassistant/venv/',
'unless': 'test -d /opt/homeassistant/venv/', 'unless': 'test -d /opt/homeassistant/venv/',
'needed_by': {
'action:homeassistant_install',
},
},
'homeassistant_install': {
'triggered': True,
'command': ' && '.join([
'cd /opt/homeassistant/src',
f"/opt/homeassistant/venv/bin/pip install --upgrade homeassistant=={node.metadata.get('homeassistant/version')}",
]) ,
'needs': { 'needs': {
'directory:/opt/homeassistant',
'user:homeassistant',
'pkg_apt:bluez', 'pkg_apt:bluez',
'pkg_apt:libffi-dev', 'pkg_apt:libffi-dev',
'pkg_apt:libssl-dev', 'pkg_apt:libssl-dev',
@ -47,12 +41,16 @@ actions = {
'pkg_apt:libturbojpeg0-dev', 'pkg_apt:libturbojpeg0-dev',
'pkg_apt:tzdata', 'pkg_apt:tzdata',
}, },
},
'homeassistant_install': {
'command': 'sudo -u homeassistant /opt/homeassistant/venv/bin/pip install homeassistant',
'unless': 'test -f /opt/homeassistant/venv/bin/hass',
'needs': {
'action:homeassistant_create_virtualenv',
},
'triggers': { 'triggers': {
'svc_systemd:homeassistant:restart', 'svc_systemd:homeassistant:restart',
}, },
'unless': {
"[[ $(/opt/homeassistant/venv/bin/pip freeze | grep homeassistant=={node.metadata.get('homeassistant/version')}) ]]",
},
}, },
} }

View file

@ -1,3 +1,5 @@
from bundlewrap.metadata import atomic
defaults = { defaults = {
'apt': { 'apt': {
'packages': { 'packages': {
@ -62,3 +64,15 @@ def nginx(metadata):
}, },
}, },
} }
@metadata_reactor.provides(
'firewall/port_rules/8123',
)
def firewall(metadata):
return {
'firewall': {
'port_rules': {
'8123': atomic(metadata.get('nginx/restrict-to', {'*'})),
},
Outdated
Review

nginx is wrong here. Probably we should get rid of that reactor altogether and just rely on nginx.

`nginx` is wrong here. Probably we should get rid of that reactor altogether and just rely on nginx.

This rule aws only needed during install and first start. We don'T ant to access unencrypted http via 8123 any more now.

This rule aws only needed during install and first start. We don'T ant to access unencrypted http via 8123 any more now.
},
}