homassistant #56

Merged
kunsi merged 6 commits from homassistant into main 2022-12-24 17:32:39 +00:00
5 changed files with 219 additions and 1 deletions

View file

@ -0,0 +1,49 @@
#!/usr/bin/env python3
from sys import exit
import requests
from packaging import version
bearer = "${bearer}"
domain = "${domain}"
OK = 0
WARN = 1
CRITICAL = 2
UNKNOWN = 3
status = 3
message = "Unknown Update Status"
domain = "hass.home.kunbox.net"
s = requests.Session()
s.headers.update({"Content-Type": "application/json"})
try:
stable_version = version.parse(
s.get("https://version.home-assistant.io/stable.json").json()["homeassistant"][
"generic-x86-64"
]
)
s.headers.update(
{"Authorization": f"Bearer {bearer}", "Content-Type": "application/json"}
)
running_version = version.parse(
s.get(f"https://{domain}/api/config").json()["version"]
)
if running_version == stable_version:
status = 0
message = f"OK - running version {running_version} equals stable version {stable_version}"
elif running_version > stable_version:
status = 1
message = f"WARNING - stable version {stable_version} is lower than running version {running_version}, check if downgrade is necessary."
else:
status = 2
message = f"CRITICAL - update necessary, running verison {running_version} is lower than stable version {stable_version}"
except Exception as e:
message = f"{message}: {repr(e)}"
print(message)
exit(status)

View file

@ -0,0 +1,13 @@
[Unit]
Description=Home Assistant
After=network-online.target
[Service]
Type=simple
User=homeassistant
WorkingDirectory=/var/opt/homeassistant
ExecStart=/opt/homeassistant/venv/bin/hass -c "/var/opt/homeassistant"
RestartForceExitStatus=100
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,72 @@
users = {
'homeassistant': {
'home': '/var/opt/homeassistant',
},
}
directories = {
'/opt/homeassistant': {
'owner': 'homeassistant',
},
'/var/opt/homeassistant': {
'owner': 'homeassistant',
},
}
files = {
'/etc/systemd/system/homeassistant.service': {
'triggers': {
'action:systemd-reload',
'svc_systemd:homeassistant:restart',
},
},
'/usr/local/share/icinga/plugins/check_homeassistant_update': {
'content_type': 'mako',
'context': {
'bearer': repo.vault.decrypt(node.metadata.get('homeassistant/api_secret')),
'domain': node.metadata.get('homeassistant/domain'),
},
'mode': '0755',
},
}
actions = {
'homeassistant_create_virtualenv': {
'command': 'sudo -u homeassistant /usr/bin/python3 -m virtualenv -p python3 /opt/homeassistant/venv/',
'unless': 'test -d /opt/homeassistant/venv/',
'needs': {
'directory:/opt/homeassistant',
'user:homeassistant',
'pkg_apt:bluez',
'pkg_apt:libffi-dev',
'pkg_apt:libssl-dev',
'pkg_apt:libjpeg-dev',
'pkg_apt:zlib1g-dev',
'pkg_apt:autoconf',
'pkg_apt:build-essential',
'pkg_apt:libopenjp2-7',
'pkg_apt:libtiff5',
'pkg_apt:libturbojpeg0-dev',
'pkg_apt:tzdata',
},
},
'homeassistant_install': {
'command': 'sudo -u homeassistant /opt/homeassistant/venv/bin/pip install homeassistant',
'unless': 'test -f /opt/homeassistant/venv/bin/hass',
'needs': {
'action:homeassistant_create_virtualenv',
},
'triggers': {
'svc_systemd:homeassistant:restart',
},
},
}
svc_systemd = {
'homeassistant': {
'needs': {
'action:homeassistant_install',
'file:/etc/systemd/system/homeassistant.service',
},
},
}

View file

@ -0,0 +1,68 @@
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'autoconf': {},
'bluez': {},
'build-essential': {},
'libffi-dev': {},
'libjpeg-dev': {},
'libopenjp2-7': {},
'libssl-dev': {},
'libtiff5': {},
'libturbojpeg0-dev': {},
'python3-packaging': {},
'tzdata': {},
'zlib1g-dev': {},
},
},
'backups': {
'paths': {
'/opt/homeassistant',
'/var/opt/homeassistant',
},
},
}
@metadata_reactor.provides(
'icinga2_api/homeassistant/services/HOMESSISTANT UPDATE',
)
def icinga_check_for_new_release(metadata):
return {
'icinga2_api': {
'homeassistant': {
'services': {
'HOMEASSISTANT UPDATE': {
Review

The update check should probably check homeassistant itself if it knows about updates, instead of relying on a hardcoded metadatum.

The update check should probably check homeassistant itself if it knows about updates, instead of relying on a hardcoded metadatum.
Review

Update check has been rewritten.

Update check has been rewritten.
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_homeassistant_update',
'vars.notification.mail': True,
'check_interval': '60m',
},
},
},
},
}
@metadata_reactor.provides(
'nginx/vhosts/homeassistant',
)
def nginx(metadata):
if not node.has_bundle('nginx'):
raise DoNotRunAgain
return {
'nginx': {
'vhosts': {
'homeassistant': {
'domain': metadata.get('homeassistant/domain'),
'website_check_path': '/',
'website_check_string': 'Homeassistant',
'locations': {
'/': {
'target': 'http://127.0.0.1:8123',
'websockets': True,
},
},
},
},
},
}

View file

@ -1,5 +1,8 @@
hostname = "172.19.138.25" hostname = "172.19.138.25"
bundles = [] bundles = [
'homeassistant',
'nginx'
]
groups = ["debian-bullseye"] groups = ["debian-bullseye"]
[metadata.backups] [metadata.backups]
@ -13,3 +16,16 @@ ipv6_accept_ra = true
[metadata.vm] [metadata.vm]
cpu = 2 cpu = 2
ram = 2 ram = 2
[metadata.homeassistant]
domain = 'hass.home.kunbox.net'
api_secret = 'encrypt$gAAAAABjpyuqXLoilokQW5c0zV8shHcOzN1zkEbS-I6WAAX-xDO_OF33YbjbkpELU2HGBzqiWX40J0hsaEbYJOnCHFk8gJ-Xt0vdqqbQ5vca_TGPNQHZPAS4qZoPTcUhmX_I-0EdT6ukhxejXFYBiYRZikTLjH3lcNM5qnckCm-H9NbRdjLb9hbCDIjbEglHmBl_g08S1_ukvX3dDSCIHIxgXXGsdK_Go1KxPJd8G22FL_MMhCfsTW-6ioIqoHSeSA1NGk3MZHEIM2errckiopKBxoBaROsacO9Uqk1zrrgXOs2NsgiTRtrbV1TNlFVaIX9mZdsUnMGZ'
[metadata.nginx]
restrict-to = [
'172.19.136.0/25',
'172.19.138.0/24',
]
[metadata.nginx.vhosts.homeassistant]
ssl = '_.home.kunbox.net'