From 3fabc95038aec9ba40d6da8adb90fef7d2eb4bf7 Mon Sep 17 00:00:00 2001 From: IceEyz Date: Sun, 24 May 2020 21:31:53 +0200 Subject: [PATCH] Minimze addon to Ingress only --- .github/CODEOWNERS | 4 +- .github/FUNDING.yml | 4 - .github/settings.yml | 150 -------------- .github/support.yml | 4 +- .gitlab-ci.yml | 13 -- CONTRIBUTING.md | 4 +- LICENSE.md | 1 + README.md | 185 +++--------------- {node-red => node-red-minimal}/.snyk | 0 node-red-minimal/Dockerfile | 59 ++++++ {node-red => node-red-minimal}/build.json | 0 node-red-minimal/config.json | 31 +++ {node-red => node-red-minimal}/icon.png | Bin {node-red => node-red-minimal}/logo.png | Bin node-red-minimal/package.json | 24 +++ .../rootfs/etc/cont-init.d/node-red.sh | 53 +---- .../rootfs/etc/cont-init.d/user.sh | 2 +- .../rootfs/etc/node-red/config.js | 23 +-- .../rootfs/etc/node-red/flows.json | 0 .../rootfs/etc/node-red/settings.js | 5 - .../rootfs/etc/services.d/nodered/finish | 2 +- .../rootfs/etc/services.d/nodered/run | 2 +- node-red/.README.j2 | 78 -------- node-red/Dockerfile | 86 -------- node-red/config.json | 74 ------- node-red/package.json | 58 ------ node-red/requirements.txt | 1 - node-red/rootfs/etc/cont-init.d/nginx.sh | 38 ---- node-red/rootfs/etc/nginx/includes/mime.types | 96 --------- .../etc/nginx/includes/proxy_params.conf | 15 -- .../rootfs/etc/nginx/includes/resolver.conf | 1 - .../etc/nginx/includes/server_params.conf | 10 - .../rootfs/etc/nginx/includes/ssl_params.conf | 9 - .../rootfs/etc/nginx/includes/upstream.conf | 3 - node-red/rootfs/etc/nginx/lua/ha-auth.lua | 83 -------- .../rootfs/etc/nginx/modules/ndk_http.conf | 1 - .../etc/nginx/modules/ngx_http_lua.conf | 1 - node-red/rootfs/etc/nginx/nginx.conf | 59 ------ .../etc/nginx/servers/direct-ssl.disabled | 19 -- .../rootfs/etc/nginx/servers/direct.disabled | 15 -- .../rootfs/etc/nginx/servers/ingress.conf | 13 -- .../node-red-dashboard-show-dashboard.patch | 32 --- node-red/rootfs/etc/services.d/nginx/finish | 9 - node-red/rootfs/etc/services.d/nginx/run | 17 -- renovate.json | 11 -- repository.json | 5 + 46 files changed, 166 insertions(+), 1134 deletions(-) delete mode 100644 .github/FUNDING.yml delete mode 100644 .github/settings.yml delete mode 100644 .gitlab-ci.yml rename {node-red => node-red-minimal}/.snyk (100%) create mode 100644 node-red-minimal/Dockerfile rename {node-red => node-red-minimal}/build.json (100%) create mode 100644 node-red-minimal/config.json rename {node-red => node-red-minimal}/icon.png (100%) rename {node-red => node-red-minimal}/logo.png (100%) create mode 100644 node-red-minimal/package.json rename {node-red => node-red-minimal}/rootfs/etc/cont-init.d/node-red.sh (52%) rename {node-red => node-red-minimal}/rootfs/etc/cont-init.d/user.sh (96%) rename {node-red => node-red-minimal}/rootfs/etc/node-red/config.js (65%) rename {node-red => node-red-minimal}/rootfs/etc/node-red/flows.json (100%) rename {node-red => node-red-minimal}/rootfs/etc/node-red/settings.js (96%) rename {node-red => node-red-minimal}/rootfs/etc/services.d/nodered/finish (86%) rename {node-red => node-red-minimal}/rootfs/etc/services.d/nodered/run (90%) delete mode 100644 node-red/.README.j2 delete mode 100644 node-red/Dockerfile delete mode 100644 node-red/config.json delete mode 100644 node-red/package.json delete mode 100644 node-red/requirements.txt delete mode 100644 node-red/rootfs/etc/cont-init.d/nginx.sh delete mode 100644 node-red/rootfs/etc/nginx/includes/mime.types delete mode 100644 node-red/rootfs/etc/nginx/includes/proxy_params.conf delete mode 100644 node-red/rootfs/etc/nginx/includes/resolver.conf delete mode 100644 node-red/rootfs/etc/nginx/includes/server_params.conf delete mode 100644 node-red/rootfs/etc/nginx/includes/ssl_params.conf delete mode 100644 node-red/rootfs/etc/nginx/includes/upstream.conf delete mode 100644 node-red/rootfs/etc/nginx/lua/ha-auth.lua delete mode 100644 node-red/rootfs/etc/nginx/modules/ndk_http.conf delete mode 100644 node-red/rootfs/etc/nginx/modules/ngx_http_lua.conf delete mode 100644 node-red/rootfs/etc/nginx/nginx.conf delete mode 100644 node-red/rootfs/etc/nginx/servers/direct-ssl.disabled delete mode 100644 node-red/rootfs/etc/nginx/servers/direct.disabled delete mode 100644 node-red/rootfs/etc/nginx/servers/ingress.conf delete mode 100644 node-red/rootfs/etc/node-red/patches/node-red-dashboard-show-dashboard.patch delete mode 100644 node-red/rootfs/etc/services.d/nginx/finish delete mode 100644 node-red/rootfs/etc/services.d/nginx/run delete mode 100644 renovate.json create mode 100644 repository.json diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 3fbad4945..c7b0ba80f 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,4 +1,4 @@ # Require maintainer's :+1: for changes to the .github/ repo-config files # mainly due to https://github.com/probot/settings privilege escalation -.github/* @frenck -.gitlab-ci.yml @frenck +.github/* @IceEyz +.gitlab-ci.yml @IceEyz diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index 7f95bd456..000000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -github: frenck -patreon: frenck -custom: https://frenck.dev/donate/ diff --git a/.github/settings.yml b/.github/settings.yml deleted file mode 100644 index 5d0e90a38..000000000 --- a/.github/settings.yml +++ /dev/null @@ -1,150 +0,0 @@ ---- -repository: - description: "Node-RED - Home Assistant Community Add-ons" - homepage: https://addons.community - topics: node-red, addon, addons, home-assistant, homeassistant - private: false - has_issues: true - has_projects: false - has_wiki: false - has_downloads: false - default_branch: master - allow_squash_merge: true - allow_merge_commit: false - allow_rebase_merge: true -labels: - # Priority labels - - name: "Priority: Critical" - color: ee0701 - description: "This should be dealt with ASAP. Not fixing this issue would be a serious error." - - name: "Priority: High" - color: b60205 - description: "After critical issues are fixed, these should be dealt with before any further issues." - - name: "Priority: Medium" - color: 0e8a16 - description: "This issue may be useful, and needs some attention." - - name: "Priority: Low" - color: e4ea8a - description: "Nice addition, maybe... someday..." - - # Type labels - - name: "Type: Bug" - color: ee0701 - description: "Inconsistencies or issues which will cause a problem for users or implementors." - - name: "Type: Documentation" - color: 0052cc - description: "Solely about the documentation of the project." - - name: "Type: Enhancement" - color: 1d76db - description: "Enhancement of the code, not introducing new features." - - name: "Type: Feature" - color: 0e8a16 - description: "New features or options." - - name: "Type: Support" - color: 5319e7 - description: "Marks an issue as a support ticket." - - name: "Type: Discussion" - color: d4c5f9 - description: "Marks an issue as a generic discussion ticket." - - name: "Type: Maintenance" - color: 2af79e - description: "Generic maintenance tasks, e.g., package updates." - - # Additional markers - - name: "Security" - color: ee0701 - description: "Marks a security issue that needs to be resolved asap." - - name: "Idea" - color: fef2c0 - description: "Marks an idea, which might be excepted and implemented." - - name: "Incomplete" - color: fef2c0 - description: "Marks a PR or issue that is missing information." - - name: "Pull request" - color: fbca04 - description: "There is an PR opened for this issue." - - name: "Accepted" - color: c2e0c6 - description: "This issue or PR has been accepted." - - name: "Declined" - color: f9d0c4 - description: "This issue or PR has been declined." - - name: "Potential duplicate" - color: e6e6e6 - description: "This issue has been automatically marked as a potential duplicate." - - # Ongoing Status labels - - name: "Status: Triage" - color: fbca04 - description: "This issue needs to be triaged." - - name: "Status: On hold" - color: cccccc - description: "Issue or PR that has been placed on hold for now." - - name: "Status: In progress" - color: fbca04 - description: "Issue is currently being resolved by a developer." - - name: "Status: Stale" - color: fef2c0 - description: "There has not been activity on this issue or PR for quite some time." - - name: "Status: Awaiting response" - color: fef2c0 - description: "Issue or PR awaits response from the creator." - - name: "Status: Blocked" - color: fef2c0 - description: "Progress on this issue is currently not possible." - - # Closing status labels - - name: "Closed: Known limitation" - color: e6e6e6 - description: "Issue is closed, it is a known limitation." - - name: "Closed: Expected behavior" - color: e6e6e6 - description: "Issues is closed, it is expected behavior." - - name: "Closed: Duplicate" - color: e6e6e6 - description: "Issue is closed, duplicate of an existing issue." - - name: "Closed: Invalid" - color: e6e6e6 - description: "Issue is closed, marked as not a valid issue (e.g., an user error)." - - name: "Closed: Wrong repository" - color: e6e6e6 - description: "Issue is closed, was created in the wrong repository." - - name: "Closed: Won't Fix" - color: e6e6e6 - description: "Issue is closed, it won't be fixed." - - name: "Closed: Done" - color: c2e0c6 - description: "Issue closed, work on this issue has been marked complete." - - # Others - - name: "Beginner Friendly" - color: 0e8a16 - description: "Good first issue for people wanting to contribute to the project." - - name: "Help wanted" - color: 0e8a16 - description: "We need some extra helping hands or expertise in order to resolve this." - - name: "Hacktoberfest" - description: "Issues/PRs are participating in the Hacktoberfest" - color: fbca04 - -branches: - - name: master - protection: - required_pull_request_reviews: - # required_approving_review_count: 1 - dismiss_stale_reviews: true - require_code_owner_reviews: true - dismissal_restrictions: - users: [] - teams: - - Admins - - Masters - required_status_checks: - strict: false - contexts: [] - enforce_admins: false - restrictions: - users: [] - teams: - - Admins - - Masters diff --git a/.github/support.yml b/.github/support.yml index 5dcf9ba09..d6c3a4fb0 100644 --- a/.github/support.yml +++ b/.github/support.yml @@ -11,9 +11,7 @@ supportComment: > However, this issue appears to be a support request. Please use our support channels to get help with the project. - Head over to the - [Home Assistant community forum](https://community.home-assistant.io/t/home-assistant-community-add-on-node-red/55023?u=frenck) - or join our [Discord](https://discord.me/hassioaddons) chat. + Head over to the [Home Assistant community forum](https://community.home-assistant.io/). # Close issues marked as support requests close: true diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 143da7fb3..000000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -include: https://raw.githubusercontent.com/hassio-addons/organization/master/gitlabci/addon.yml - -variables: - ADDON_GITHUB_REPO: "hassio-addons/addon-node-red" - ADDON_SLUG: "node-red" - ADDON_TARGET: "node-red" - - ADDON_AARCH64_BASE: "hassioaddons/base-aarch64:7.2.0" - ADDON_AMD64_BASE: "hassioaddons/base-amd64:7.2.0" - ADDON_ARMHF_BASE: "hassioaddons/base-armhf:7.2.0" - ADDON_ARMV7_BASE: "hassioaddons/base-armv7:7.2.0" - ADDON_I386_BASE: "hassioaddons/base-i386:7.2.0" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 89dd35271..a224b4300 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -25,5 +25,5 @@ Even better: You could submit a pull request with a fix / new feature! developers, or if you do not have permission to do that, you may request the second reviewer to merge it for you. -[github]: https://github.com/hassio-addons/addon-node-red/issues -[prs]: https://github.com/hassio-addons/addon-node-red/pulls +[github]: https://github.com/IceEyz/addon-node-red-minimal/issues +[prs]: https://github.com/IceEyz/addon-node-red-minimal/pulls diff --git a/LICENSE.md b/LICENSE.md index dbbfb12a4..07da1268d 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,7 @@ # MIT License Copyright (c) 2018-2020 Franck Nijhof +Copyright (c) 2020 IceEyz Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 3adfae93d..7063e45f8 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ -# Home Assistant Community Add-on: Node-RED +# Home Assistant Add-on: Node-RED-Minimal -[![GitHub Release][releases-shield]][releases] -![Project Stage][project-stage-shield] [![License][license-shield]](LICENSE.md) ![Supports aarch64 Architecture][aarch64-shield] @@ -10,17 +8,6 @@ ![Supports armv7 Architecture][armv7-shield] ![Supports i386 Architecture][i386-shield] -[![GitLab CI][gitlabci-shield]][gitlabci] -![Project Maintenance][maintenance-shield] -[![GitHub Activity][commits-shield]][commits] - -[![Discord][discord-shield]][discord] -[![Community Forum][forum-shield]][forum] - -[![Sponsor Frenck via GitHub Sponsors][github-sponsors-shield]][github-sponsors] - -[![Support Frenck on Patreon][patreon-shield]][patreon] - Flow-based programming for the Internet of Things. ![Node-RED in the Home Assistant Frontend](images/screenshot.png) @@ -34,17 +21,30 @@ It provides a browser-based editor that makes it easy to wire together flows using the wide range of nodes in the palette that can be deployed to its runtime in a single click. +## This is not the official community addon +This add-on is actually a **minimized version** of the [official community addon](https://addons.community/#node-red). +It can only be managed through ingress, does not support serial devices and +is unable to expose HTTP nodes on your network. + +If you require such functionality, please use the above mentioned official addon. + ## Installation The installation of this add-on is pretty straightforward and not different in comparison to installing any other Home Assistant add-on. -1. Search for the "Node-RED" add-on in the Home Assistant add-on store and +**Warning**: By default this addon uses the same configuration location as the +official community Node-Red addon. You can use this addon as a replacement, +but should not run both simultaneously without configuring separate configuration +paths. + +1. Add this repository to your Supervisor Add-On store. +1. Search for the "Node-RED-Minimal" add-on in the Home Assistant add-on store and install it. 1. Set a `credential_secret`, which is used to encrypt sensitive data. This is just a "password", which you should save in a secondary location. -1. Start the "Node-RED" add-on. -1. Check the logs of "Node-RED" to see if everything went well. +1. Start the "Node-RED-Minimal" add-on. +1. Check the logs of "Node-RED-Minimal" to see if everything went well. 1. Click on the "OPEN WEB UI" button to jump into Node-RED. 1. The add-on works straight out the box! No need to configure a server! @@ -62,16 +62,6 @@ Example add-on configuration: ```yaml log_level: info credential_secret: KJHhfdhiFRENCKfsdfdsDHFHDJS -http_node: - username: MarryPoppins - password: Supercalifragilisticexpialidocious -http_static: - username: MarryPoppins - password: Supercalifragilisticexpialidocious -ssl: true -certfile: fullchain.pem -keyfile: privkey.pem -require_ssl: true system_packages: - ffmpeg npm_packages: @@ -101,31 +91,6 @@ more severe level, e.g., `debug` also shows `info` messages. By default, the `log_level` is set to `info`, which is the recommended setting unless you are troubleshooting. -### Option: `ssl` - -Enables/Disables SSL (HTTPS) on the web interface. -Set it `true` to enable it, `false` otherwise. - -**Note**: _The SSL settings only apply to direct access and has no effect -on the Ingress service._ - -### Option: `certfile` - -The certificate file to use for SSL. - -**Note**: _The file MUST be stored in `/ssl/`, which is the default_ - -### Option: `keyfile` - -The private key file to use for SSL. - -**Note**: _The file MUST be stored in `/ssl/`, which is the default_ - -### Option: `require_ssl` - -This option can be used to cause insecure HTTP connections to be redirected -to HTTPS. This is recommended when you have SSL enabled. - ### Option: `credential_secret` Credentials are encrypted by Node-RED in storage, using a secret key. @@ -147,31 +112,6 @@ see the GitHub repository of this theme: -### Option: `http_node` - -To password protect the node-defined HTTP endpoints (`httpNodeRoot`), -the following properties can be used: - -- `username` -- `password` - -**Note**: _These options support secrets, e.g., `!secret red_password`._ - -**Note**: _In order to use the `http_node` you will need to expose Node-RED using -a network port in addition to ingress. The HTTP nodes will also be presented -under `/endpoint/` as shown in the UI. If using the `node-red-dashboard` module -this will also be hosted under this path and will use any credentials set here._ - -### Option: `http_static` - -To password protect the static content (httpStatic), the following -properties can be used: - -- `username` -- `password` - -**Note**: _These options support secrets, e.g., `!secret red_password`._ - ### Option: `system_packages` Allows you to specify additional [Alpine packages][alpine-packages] to be @@ -195,23 +135,6 @@ Customize your Node-RED environment even more with the `init_commands` option. Add one or more shell commands to the list, and they will be executed every single time this add-on starts. -### Option: `i_like_to_be_pwned` - -Adding this option to the add-on configuration allows to you bypass the -HaveIBeenPwned password requirement by setting it to `true`. - -**Note**: _We STRONGLY suggest picking a stronger/safer password instead of -using this option! USE AT YOUR OWN RISK!_ - -### Option: `leave_front_door_open` - -Adding this option to the add-on configuration allows you to disable -authentication on the add-on by setting it to `true` and leaving the -username and password empty. - -**Note**: _We STRONGLY suggest, not to use this, even if this add-on is -only exposed to your internal network. USE AT YOUR OWN RISK!_ - ## Configuration folder The addon will store most of its configuration in the `config/node-red` folder, @@ -235,17 +158,12 @@ Save the file and restart the Node-RED add-on. ## Known issues and limitations -- While this add-on ships with Node-RED Dashboard, it currently does not - support accessing the dashboard via Ingress. This is a technical limitation - on the Node-RED Dashboard end. +- Since this minimzed add-on only supports ingress, and Node-Red Dashboard + currently does not support accessing the dashboard via Ingress, you cannot + install and use Node-RED Dashboard. -- If you cannot access HTTP nodes or Node-RED Dashboard, please check - if you have enabled direct access mode by setting a port number in - "Network" configuration section of the add-on. - -- If you cannot access HTTP nodes or Node-RED Dashboard, please check - if you URL starts with `/endpoint/`, or else Home Assistant authentication - will kick in. +- HTTP nodes and static HTTP content cannot be made available on your network. + Please use the official Node Red addon if you wish to do so. - If the following error is seen after an update `WARNING (MainThread) [hassio.api.proxy] Unauthorized WebSocket access!` please validate the @@ -254,28 +172,12 @@ Save the file and restart the Node-RED add-on. by the server name. The checkbox that states `I use the Home Assistant Add-On` should be checked. -## Changelog & Releases - -This repository keeps a change log using [GitHub's releases][releases] -functionality. The format of the log is based on -[Keep a Changelog][keepchangelog]. - -Releases are based on [Semantic Versioning][semver], and use the format -of ``MAJOR.MINOR.PATCH``. In a nutshell, the version will be incremented -based on the following: - -- ``MAJOR``: Incompatible or major changes. -- ``MINOR``: Backwards-compatible new features and enhancements. -- ``PATCH``: Backwards-compatible bugfixes and package updates. - ## Support Got questions? You have several options to get them answered: -- The [Home Assistant Community Add-ons Discord chat server][discord] for add-on - support and feature requests. - The [Home Assistant Discord chat server][discord-ha] for general Home Assistant discussions and questions. - The Home Assistant [Community Forum][forum]. @@ -285,34 +187,25 @@ You could also [open an issue here][issue] GitHub. ## Contributing -This is an active open-source project. We are always open to people who want to -use the code or contribute to it. +Feel free to suggest improvements or fork to your liking. -We have set up a separate document containing our -[contribution guidelines](CONTRIBUTING.md). - -Thank you for being involved! :heart_eyes: +I would also suggest you to read the official [contribution guidelines](CONTRIBUTING.md). ## Authors & contributors -The original setup of this repository is by [Franck Nijhof][frenck]. +The original work was done by [Franck Nijhof][frenck]. For a full list of all authors and contributors, check [the contributor's page][contributors]. -## We have got some Home Assistant add-ons for you - -Want some more functionality to your Home Assistant instance? - -We have created multiple add-ons for Home Assistant. For a full list, check out -our [GitHub Repository][repository]. - ## License MIT License Copyright (c) 2018-2020 Franck Nijhof +Copyright (c) 2020 IceEyz + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights @@ -337,32 +230,18 @@ SOFTWARE. [armhf-shield]: https://img.shields.io/badge/armhf-yes-green.svg [armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg [bonanitech]: https://github.com/bonanitech -[commits-shield]: https://img.shields.io/github/commit-activity/y/hassio-addons/addon-node-red.svg -[commits]: https://github.com/hassio-addons/addon-node-red/commits/master -[contributors]: https://github.com/hassio-addons/addon-node-red/graphs/contributors +[commits]: https://github.com/IceEyz/addon-node-red/commits/master +[contributors]: https://github.com/IceEyz/addon-node-red/graphs/contributors [discord-ha]: https://discord.gg/c5DvZ4e [discord-shield]: https://img.shields.io/discord/478094546522079232.svg [discord]: https://discord.me/hassioaddons [forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg -[forum]: https://community.home-assistant.io/t/home-assistant-community-add-on-node-red/55023?u=frenck +[forum]: https://community.home-assistant.io/ [frenck]: https://github.com/frenck -[github-sponsors-shield]: https://frenck.dev/wp-content/uploads/2019/12/github_sponsor.png -[github-sponsors]: https://github.com/sponsors/frenck -[gitlabci-shield]: https://gitlab.com/hassio-addons/addon-node-red/badges/master/pipeline.svg -[gitlabci]: https://gitlab.com/hassio-addons/addon-node-red/pipelines [home-assistant]: https://home-assistant.io [i386-shield]: https://img.shields.io/badge/i386-yes-green.svg -[issue]: https://github.com/hassio-addons/addon-node-red/issues -[keepchangelog]: http://keepachangelog.com/en/1.0.0/ +[issue]: https://github.com/IceEyz/addon-node-red-minimal/issues [license-shield]: https://img.shields.io/github/license/hassio-addons/addon-node-red.svg -[maintenance-shield]: https://img.shields.io/maintenance/yes/2020.svg [node-red-nodes]: https://flows.nodered.org/?type=node&num_pages=1 [npm-packages]: https://www.npmjs.com -[patreon-shield]: https://frenck.dev/wp-content/uploads/2019/12/patreon.png -[patreon]: https://www.patreon.com/frenck -[project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg -[reddit]: https://reddit.com/r/homeassistant -[releases-shield]: https://img.shields.io/github/release/hassio-addons/addon-node-red.svg -[releases]: https://github.com/hassio-addons/addon-node-red/releases -[repository]: https://github.com/hassio-addons/repository -[semver]: http://semver.org/spec/v2.0.0.htm +[reddit]: https://reddit.com/r/homeassistant \ No newline at end of file diff --git a/node-red/.snyk b/node-red-minimal/.snyk similarity index 100% rename from node-red/.snyk rename to node-red-minimal/.snyk diff --git a/node-red-minimal/Dockerfile b/node-red-minimal/Dockerfile new file mode 100644 index 000000000..cd367f923 --- /dev/null +++ b/node-red-minimal/Dockerfile @@ -0,0 +1,59 @@ +ARG BUILD_FROM=hassioaddons/base:7.2.0 +# hadolint ignore=DL3006 +FROM ${BUILD_FROM} + +# Copy Node-RED package.json +COPY package.json /opt/ + +# Set workdir +WORKDIR /opt + +# Set shell +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Setup base +RUN apk add --no-cache --virtual .build-dependencies \ + py2-pip \ + python2-dev \ + make \ + gcc \ + g++ \ + linux-headers \ + udev +RUN apk add --update --no-cache "nodejs<13" "npm<13" +RUN npm config set unsafe-perm true +RUN npm install \ + --no-audit \ + --no-optional \ + --no-update-notifier \ + --only=production \ + --unsafe-perm +RUN npm cache clear --force +RUN apk del --no-cache --purge .build-dependencies +RUN rm -fr /tmp/* + +# Copy root filesystem +COPY rootfs / + +# Build arguments +ARG BUILD_ARCH +ARG BUILD_DATE +ARG BUILD_REF +ARG BUILD_VERSION + +# Labels +LABEL \ + io.hass.name="Node-RED Minimal" \ + io.hass.description="Flow-based programming for the Internet of Things" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version=${BUILD_VERSION} \ + org.opencontainers.image.title="Node-RED Minimal" \ + org.opencontainers.image.description="Flow-based programming for the Internet of Things" \ + org.opencontainers.image.authors="Originally Franck Nijhof " \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.source="https://github.com/IceEyz/addon-node-red-minimal" \ + org.opencontainers.image.documentation="https://github.com/IceEyz/addon-node-red-minimal/blob/master/README.md" \ + org.opencontainers.image.created=${BUILD_DATE} \ + org.opencontainers.image.revision=${BUILD_REF} \ + org.opencontainers.image.version=${BUILD_VERSION} diff --git a/node-red/build.json b/node-red-minimal/build.json similarity index 100% rename from node-red/build.json rename to node-red-minimal/build.json diff --git a/node-red-minimal/config.json b/node-red-minimal/config.json new file mode 100644 index 000000000..98352f8b9 --- /dev/null +++ b/node-red-minimal/config.json @@ -0,0 +1,31 @@ +{ + "name": "Node-RED Minimal", + "version": "dev", + "slug": "noderedminimal", + "description": "Flow-based programming for the Internet of Things", + "url": "https://github.com/IceEyz/addon-node-red-minimal", + "ingress": true, + "panel_icon": "mdi:sitemap", + "startup": "application", + "init": false, + "homeassistant": "0.92.0b2", + "arch": ["aarch64", "amd64", "armhf", "armv7", "i386"], + "boot": "auto", + "homeassistant_api": true, + "map": ["config:rw", "share:rw"], + "options": { + "credential_secret": "", + "dark_mode": false, + "system_packages": [], + "npm_packages": [], + "init_commands": [] + }, + "schema": { + "log_level": "list(trace|debug|info|notice|warning|error|fatal)?", + "credential_secret": "password", + "dark_mode": "bool", + "system_packages": ["str"], + "npm_packages": ["str"], + "init_commands": ["str"] + } +} diff --git a/node-red/icon.png b/node-red-minimal/icon.png similarity index 100% rename from node-red/icon.png rename to node-red-minimal/icon.png diff --git a/node-red/logo.png b/node-red-minimal/logo.png similarity index 100% rename from node-red/logo.png rename to node-red-minimal/logo.png diff --git a/node-red-minimal/package.json b/node-red-minimal/package.json new file mode 100644 index 000000000..f4c4a10f7 --- /dev/null +++ b/node-red-minimal/package.json @@ -0,0 +1,24 @@ +{ + "private": true, + "name": "addon-node-red-minimal", + "description": "A visual tool for wiring the Internet of Things", + "homepage": "https://github.com/IceEyz/addon-node-red-minimal", + "repository": "https://github.com/IceEyz/addon-node-red-minimal", + "license": "MIT", + "main": "node_modules/node-red/red/red.js", + "scripts": { + "start": "node $NODE_OPTIONS node_modules/node-red/red.js", + "snyk-protect": "snyk protect", + "prepublish": "npm run snyk-protect" + }, + "dependencies": { + "node-red": "1.x", + "node-red-contrib-home-assistant-websocket": ">=0.22.3", + "snyk": "1.x", + "@node-red-contrib-themes/midnight-red": "1.x" + }, + "engines": { + "node": ">=10" + }, + "snyk": true +} diff --git a/node-red/rootfs/etc/cont-init.d/node-red.sh b/node-red-minimal/rootfs/etc/cont-init.d/node-red.sh similarity index 52% rename from node-red/rootfs/etc/cont-init.d/node-red.sh rename to node-red-minimal/rootfs/etc/cont-init.d/node-red.sh index 33685d63d..ed9159dde 100644 --- a/node-red/rootfs/etc/cont-init.d/node-red.sh +++ b/node-red-minimal/rootfs/etc/cont-init.d/node-red.sh @@ -1,9 +1,8 @@ #!/usr/bin/with-contenv bashio # ============================================================================== -# Home Assistant Community Add-on: Node-RED +# Home Assistant Community Add-on: Node-RED-Minimal # Configures Node-RED before running # ============================================================================== -declare port # Ensure the credential secret value is set if bashio::config.is_empty 'credential_secret'; then @@ -23,18 +22,6 @@ if bashio::config.is_empty 'credential_secret'; then bashio::exit.nok fi - # Require a secure http_node password -if bashio::config.has_value 'http_node.password' \ - && ! bashio::config.true 'i_like_to_be_pwned'; then - bashio::config.require.safe_password 'http_node.password' -fi - - # Require a secure http_static password -if bashio::config.has_value 'http_static.password' \ - && ! bashio::config.true 'i_like_to_be_pwned'; then - bashio::config.require.safe_password 'http_static.password' -fi - # Ensure configuration exists if ! bashio::fs.directory_exists '/config/node-red/'; then mkdir -p /config/node-red/nodes \ @@ -49,29 +36,6 @@ if ! bashio::fs.directory_exists '/config/node-red/'; then sed -i "s/%%ID%%/${id}/" "/config/node-red/flows.json" fi -# Patch Node-RED Dashboard -cd /opt/node_modules/node-red-dashboard || bashio.exit.nok 'Failed cd' -patch -p1 < /etc/node-red/patches/node-red-dashboard-show-dashboard.patch - -# Pass in port & SSL settings -port=$(bashio::addon.port 80) -sed -i "s/%%PORT%%/${port:-80}/" "/opt/node_modules/node-red-dashboard/nodes/ui_base.html" -if ! bashio::var.has_value "${port}"; then - bashio::log.warning - bashio::log.warning "Direct access mode is disabled, Node-RED Dashboard" - bashio::log.warning "will not work!" - bashio::log.warning - bashio::log.warning "Please assign a port in the Network section of this" - bashio::log.warning "add-on configuration." - bashio::log.warning -fi - -if bashio::config.true 'ssl'; then - sed -i "s/%%SSL%%/true/" "/opt/node_modules/node-red-dashboard/nodes/ui_base.html" -else - sed -i "s/%%SSL%%/false/" "/opt/node_modules/node-red-dashboard/nodes/ui_base.html" -fi - # Ensures conflicting Node-RED packages are absent cd /config/node-red || bashio::exit.nok "Could not change directory to Node-RED" if bashio::fs.file_exists "/config/node-red/package.json"; then @@ -79,18 +43,7 @@ if bashio::fs.file_exists "/config/node-red/package.json"; then node-red-contrib-home-assistant \ node-red-contrib-home-assistant-llat \ node-red-contrib-home-assistant-ws \ + node-red-dashboard \ + node-red-node-pi-gpio \ || bashio::exit.nok "Failed un-installing conflicting packages" fi - -# Migrate existing configuration to new format -# shellcheck disable=SC2094 -cat <<< "$( - jq -c '. |= map( - if (.type == "server" - and (.hassio == true or .url == "http://hassio/homeassistant") - ) then - del(.hassio) | del(.url) | del(.pass) | .addon = true - else - . - end - )' /config/node-red/flows.json)" > /config/node-red/flows.json diff --git a/node-red/rootfs/etc/cont-init.d/user.sh b/node-red-minimal/rootfs/etc/cont-init.d/user.sh similarity index 96% rename from node-red/rootfs/etc/cont-init.d/user.sh rename to node-red-minimal/rootfs/etc/cont-init.d/user.sh index f91e95cea..17fc7efaa 100644 --- a/node-red/rootfs/etc/cont-init.d/user.sh +++ b/node-red-minimal/rootfs/etc/cont-init.d/user.sh @@ -1,6 +1,6 @@ #!/usr/bin/with-contenv bashio # ============================================================================== -# Home Assistant Community Add-on: Node-RED +# Home Assistant Community Add-on: Node-RED-Minimal # Executes user customizations on startup # ============================================================================== diff --git a/node-red/rootfs/etc/node-red/config.js b/node-red-minimal/rootfs/etc/node-red/config.js similarity index 65% rename from node-red/rootfs/etc/node-red/config.js rename to node-red-minimal/rootfs/etc/node-red/config.js index a2bec71ef..c15451198 100644 --- a/node-red/rootfs/etc/node-red/config.js +++ b/node-red-minimal/rootfs/etc/node-red/config.js @@ -14,12 +14,11 @@ if (options.dark_mode) { config.debugUseColors = false; config.flowFile = 'flows.json'; config.nodesDir = '/config/node-red/nodes'; -config.uiHost = '127.0.0.1'; -config.uiPort = 46836; +config.uiPort = 8099; config.userDir = '/config/node-red/'; -//Set path for HTTP_Nodes to be served from avoiding lua auth -config.httpNodeRoot = '/endpoint'; +//Disable httpNodeRoot, since we will not expose beyond the interne HASS network +config.httpNodeRoot = false; // Disable authentication, let HA handle that config.adminAuth = null; @@ -30,22 +29,6 @@ config.https = null; // Several settings config.credentialSecret = options.credential_secret; -// Secure HTTP node -if (options.http_node.username) { - config.httpNodeAuth = { - user: options.http_node.username, - pass: bcrypt.hashSync(options.http_node.password), - }; -} - -// Secure static HTTP -if (options.http_static.username) { - config.httpStaticAuth = { - user: options.http_static.username, - pass: bcrypt.hashSync(options.http_static.password), - } -} - // Set debug level if (options.log_level) { config.logging.console.level = options.log_level.toLowerCase(); diff --git a/node-red/rootfs/etc/node-red/flows.json b/node-red-minimal/rootfs/etc/node-red/flows.json similarity index 100% rename from node-red/rootfs/etc/node-red/flows.json rename to node-red-minimal/rootfs/etc/node-red/flows.json diff --git a/node-red/rootfs/etc/node-red/settings.js b/node-red-minimal/rootfs/etc/node-red/settings.js similarity index 96% rename from node-red/rootfs/etc/node-red/settings.js rename to node-red-minimal/rootfs/etc/node-red/settings.js index 64c4fc39d..55134f0e0 100644 --- a/node-red/rootfs/etc/node-red/settings.js +++ b/node-red-minimal/rootfs/etc/node-red/settings.js @@ -31,12 +31,7 @@ * - userDir (is set fixed to `/config/node-red`) * - nodesDir (is set fixed to `/config/node-red/nodes`) * - adminAuth (known as users in the add-on configuration) - * - https (ssl settings in the add-on configuration) * - logging.console.level (log_level in the add-on configuration) - * - httpNodeAuth (http_node settings in the add-on configuration) - * - httpStaticAuth (http_static settings in the add-on configuration) - * - requireHttps (require_ssl setting in the add-on configuration) - * - httpNodeRoot (set fixed to `/endpoint` ) * * If you like to change those settings, some are available via the add-on * settings/option in the Supervisor panel in Home Assistant. diff --git a/node-red/rootfs/etc/services.d/nodered/finish b/node-red-minimal/rootfs/etc/services.d/nodered/finish similarity index 86% rename from node-red/rootfs/etc/services.d/nodered/finish rename to node-red-minimal/rootfs/etc/services.d/nodered/finish index 8a69a9b7f..a10f376b6 100644 --- a/node-red/rootfs/etc/services.d/nodered/finish +++ b/node-red-minimal/rootfs/etc/services.d/nodered/finish @@ -1,6 +1,6 @@ #!/usr/bin/execlineb -S0 # ============================================================================== -# Home Assistant Community Add-on: Node-RED +# Home Assistant Community Add-on: Node-RED-Minimal # Take down the S6 supervision tree when Node-RED fails # ============================================================================== if -n { s6-test $# -ne 0 } diff --git a/node-red/rootfs/etc/services.d/nodered/run b/node-red-minimal/rootfs/etc/services.d/nodered/run similarity index 90% rename from node-red/rootfs/etc/services.d/nodered/run rename to node-red-minimal/rootfs/etc/services.d/nodered/run index 5291c2dc6..d697a9f8b 100644 --- a/node-red/rootfs/etc/services.d/nodered/run +++ b/node-red-minimal/rootfs/etc/services.d/nodered/run @@ -1,6 +1,6 @@ #!/usr/bin/with-contenv bashio # ============================================================================== -# Home Assistant Community Add-on: Node-RED +# Home Assistant Community Add-on: Node-RED-Minimal # Starts Node-RED # ============================================================================== export NODE_PATH=/opt/node_modules:/data/node_modules diff --git a/node-red/.README.j2 b/node-red/.README.j2 deleted file mode 100644 index cb13452d6..000000000 --- a/node-red/.README.j2 +++ /dev/null @@ -1,78 +0,0 @@ -# Home Assistant Community Add-on: Node-RED - -[![Release][release-shield]][release] ![Project Stage][project-stage-shield] ![Project Maintenance][maintenance-shield] - -[![Discord][discord-shield]][discord] [![Community Forum][forum-shield]][forum] - -[![Sponsor Frenck via GitHub Sponsors][github-sponsors-shield]][github-sponsors] - -[![Support Frenck on Patreon][patreon-shield]][patreon] - -Flow-based programming for the Internet of Things. - -## About - -Node-RED is a programming tool for wiring together hardware devices, -APIs and online services in new and interesting ways. - -It provides a browser-based editor that makes it easy to wire together flows -using the wide range of nodes in the palette that can be deployed to its -runtime in a single click. - -[Click here for the full documentation][docs] - -![Node-RED in the Home Assistant Frontend][screenshot] - -{% if channel == "edge" %} -## WARNING! THIS IS AN EDGE VERSION! - -This Home Assistant Add-ons repository contains edge builds of add-ons. -Edge builds add-ons are based upon the latest development version. - -- They may not work at all. -- They might stop working at any time. -- They could have a negative impact on your system. - -This repository was created for: - -- Anybody willing to test. -- Anybody interested in trying out upcoming add-ons or add-on features. -- Developers. - -If you are more interested in stable releases of our add-ons: - - - -{% endif %} -{% if channel == "beta" %} -## WARNING! THIS IS A BETA VERSION! - -This Home Assistant Add-ons repository contains beta releases of add-ons. - -- They might stop working at any time. -- They could have a negative impact on your system. - -This repository was created for: - -- Anybody willing to test. -- Anybody interested in trying out upcoming add-ons or add-on features. - -If you are more interested in stable releases of our add-ons: - - - -{% endif %} -[discord-shield]: https://img.shields.io/discord/478094546522079232.svg -[discord]: https://discord.me/hassioaddons -[docs]: {{ repo }}/blob/{{ version }}/README.md -[forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg -[forum]: https://community.home-assistant.io/t/home-assistant-community-add-on-node-red/55023?u=frenck -[github-sponsors-shield]: https://frenck.dev/wp-content/uploads/2019/12/github_sponsor.png -[github-sponsors]: https://github.com/sponsors/frenck -[maintenance-shield]: https://img.shields.io/maintenance/yes/2020.svg -[patreon-shield]: https://frenck.dev/wp-content/uploads/2019/12/patreon.png -[patreon]: https://www.patreon.com/frenck -[project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg -[release-shield]: https://img.shields.io/badge/version-{{ version }}-blue.svg -[release]: {{ repo }}/tree/{{ version }} -[screenshot]: https://github.com/hassio-addons/addon-node-red/raw/master/images/screenshot.png diff --git a/node-red/Dockerfile b/node-red/Dockerfile deleted file mode 100644 index 068881e68..000000000 --- a/node-red/Dockerfile +++ /dev/null @@ -1,86 +0,0 @@ -ARG BUILD_FROM=hassioaddons/base:7.2.0 -# hadolint ignore=DL3006 -FROM ${BUILD_FROM} - -# Copy Node-RED package.json -COPY package.json requirements.txt /opt/ - -# Set workdir -WORKDIR /opt - -# Set shell -SHELL ["/bin/bash", "-o", "pipefail", "-c"] - -# Setup base -RUN \ - apk add --no-cache --virtual .build-dependencies \ - g++=9.2.0-r4 \ - gcc=9.2.0-r4 \ - libc-dev=0.7.2-r0 \ - linux-headers=4.19.36-r0 \ - make=4.2.1-r2 \ - py2-pip=18.1-r0 \ - python2-dev=2.7.18-r0 \ - \ - && apk add --no-cache \ - git=2.24.3-r0 \ - lua-resty-http=0.15-r0 \ - nginx-mod-http-lua=1.16.1-r6 \ - nginx=1.16.1-r6 \ - nodejs=12.15.0-r1 \ - npm=12.15.0-r1 \ - openssh-client=8.1_p1-r0 \ - patch=2.7.6-r6 \ - paxctl=0.9-r0 \ - python2=2.7.18-r0 \ - \ - && paxctl -cm "$(command -v node)" \ - \ - && npm config set unsafe-perm true \ - \ - && pip install --no-cache-dir -r /opt/requirements.txt \ - \ - && npm install \ - --no-audit \ - --no-optional \ - --no-update-notifier \ - --only=production \ - --unsafe-perm \ - \ - && npm cache clear --force \ - \ - && echo -e "StrictHostKeyChecking no" >> /etc/ssh/ssh_config \ - \ - && apk del --no-cache --purge .build-dependencies \ - && rm -fr \ - /tmp/* \ - /etc/nginx - -# Copy root filesystem -COPY rootfs / - -# Build arguments -ARG BUILD_ARCH -ARG BUILD_DATE -ARG BUILD_REF -ARG BUILD_VERSION - -# Labels -LABEL \ - io.hass.name="Node-RED" \ - io.hass.description="Flow-based programming for the Internet of Things" \ - io.hass.arch="${BUILD_ARCH}" \ - io.hass.type="addon" \ - io.hass.version=${BUILD_VERSION} \ - maintainer="Franck Nijhof " \ - org.opencontainers.image.title="Node-RED" \ - org.opencontainers.image.description="Flow-based programming for the Internet of Things" \ - org.opencontainers.image.vendor="Home Assistant Community Add-ons" \ - org.opencontainers.image.authors="Franck Nijhof " \ - org.opencontainers.image.licenses="MIT" \ - org.opencontainers.image.url="https://addons.community" \ - org.opencontainers.image.source="https://github.com/hassio-addons/addon-node-red" \ - org.opencontainers.image.documentation="https://github.com/hassio-addons/addon-node-red/blob/master/README.md" \ - org.opencontainers.image.created=${BUILD_DATE} \ - org.opencontainers.image.revision=${BUILD_REF} \ - org.opencontainers.image.version=${BUILD_VERSION} diff --git a/node-red/config.json b/node-red/config.json deleted file mode 100644 index 3d587aed0..000000000 --- a/node-red/config.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "name": "Node-RED", - "version": "dev", - "slug": "nodered", - "description": "Flow-based programming for the Internet of Things", - "url": "https://github.com/hassio-addons/addon-node-red", - "webui": "[PROTO:ssl]://[HOST]:[PORT:80]", - "ingress": true, - "ingress_port": 0, - "panel_icon": "mdi:sitemap", - "startup": "application", - "init": false, - "homeassistant": "0.92.0b2", - "arch": ["aarch64", "amd64", "armhf", "armv7", "i386"], - "ports": { - "80/tcp": 1880 - }, - "ports_description": { - "80/tcp": "Web interface" - }, - "boot": "auto", - "hassio_api": true, - "hassio_role": "manager", - "homeassistant_api": true, - "host_network": true, - "auth_api": true, - "auto_uart": true, - "gpio": true, - "privileged": ["SYS_RAWIO"], - "devices": ["/dev/mem:/dev/mem:rwm"], - "apparmor": false, - "map": ["config:rw", "share:rw", "ssl"], - "options": { - "credential_secret": "", - "dark_mode": false, - "http_node": { - "username": "", - "password": "" - }, - "http_static": { - "username": "", - "password": "" - }, - "ssl": true, - "certfile": "fullchain.pem", - "keyfile": "privkey.pem", - "require_ssl": true, - "system_packages": [], - "npm_packages": [], - "init_commands": [] - }, - "schema": { - "log_level": "list(trace|debug|info|notice|warning|error|fatal)?", - "credential_secret": "password", - "dark_mode": "bool", - "http_node": { - "username": "str", - "password": "password" - }, - "http_static": { - "username": "str", - "password": "password" - }, - "ssl": "bool", - "certfile": "str", - "keyfile": "str", - "require_ssl": "bool", - "system_packages": ["str"], - "npm_packages": ["str"], - "init_commands": ["str"], - "i_like_to_be_pwned": "bool?", - "leave_front_door_open": "bool?" - } -} diff --git a/node-red/package.json b/node-red/package.json deleted file mode 100644 index ebc229577..000000000 --- a/node-red/package.json +++ /dev/null @@ -1,58 +0,0 @@ -{ - "private": true, - "name": "addon-node-red", - "description": "A visual tool for wiring the Internet of Things", - "homepage": "https://addons.community", - "repository": "https://github.com/hassio-addons/addon-node-red", - "license": "MIT", - "main": "node_modules/node-red/red/red.js", - "scripts": { - "start": "node $NODE_OPTIONS node_modules/node-red/red.js", - "snyk-protect": "snyk protect", - "prepublish": "npm run snyk-protect" - }, - "dependencies": { - "bcryptjs": "2.4.3", - "js-yaml": "3.13.1", - "node-red": "1.0.6", - "node-red-contrib-actionflows": "2.0.3", - "node-red-contrib-alexa-home-skill": "0.1.17", - "node-red-contrib-bigtimer": "2.3.1", - "node-red-contrib-cast": "0.2.15", - "node-red-contrib-counter": "0.1.5", - "node-red-contrib-home-assistant-websocket": "0.22.3", - "node-red-contrib-http-request": "0.1.14", - "node-red-contrib-influxdb": "0.4.0", - "node-red-contrib-interval-length": "0.0.4", - "node-red-contrib-looptimer": "0.0.8", - "node-red-contrib-modbus": "5.12.0", - "node-red-contrib-moment": "3.0.3", - "node-red-contrib-state-machine": "1.2.0", - "node-red-contrib-statistics": "2.2.2", - "node-red-contrib-stoptimer": "0.0.7", - "node-red-contrib-sunevents": "2.0.3", - "node-red-contrib-time-range-switch": "1.0.0", - "node-red-contrib-timecheck": "1.1.0", - "node-red-contrib-traffic": "0.2.1", - "node-red-dashboard": "2.22.1", - "node-red-node-base64": "0.2.1", - "node-red-node-email": "1.7.8", - "node-red-node-feedparser": "0.1.16", - "node-red-node-geofence": "0.1.2", - "node-red-node-msgpack": "1.2.1", - "node-red-node-pi-gpio": "1.1.1", - "node-red-node-ping": "0.2.0", - "node-red-node-random": "0.1.4", - "node-red-node-sentiment": "0.1.6", - "node-red-node-serialport": "0.10.2", - "node-red-node-smooth": "0.1.2", - "node-red-node-suncalc": "1.0.1", - "node-red-node-twitter": "1.1.6", - "snyk": "1.310.0", - "@node-red-contrib-themes/midnight-red": "1.3.1" - }, - "engines": { - "node": ">=10" - }, - "snyk": true -} diff --git a/node-red/requirements.txt b/node-red/requirements.txt deleted file mode 100644 index 533c7aed6..000000000 --- a/node-red/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -RPi.GPIO==0.7.0 diff --git a/node-red/rootfs/etc/cont-init.d/nginx.sh b/node-red/rootfs/etc/cont-init.d/nginx.sh deleted file mode 100644 index a9f53cbd2..000000000 --- a/node-red/rootfs/etc/cont-init.d/nginx.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/with-contenv bashio -# ============================================================================== -# Home Assistant Community Add-on: Node-RED -# Configures NGINX for use with Node-RED -# ============================================================================== -declare admin_port -declare certfile -declare dns_host -declare ingress_interface -declare ingress_port -declare keyfile - -admin_port=$(bashio::addon.port 80) -if bashio::var.has_value "${admin_port}"; then - bashio::config.require.ssl - - if bashio::config.true 'ssl'; then - certfile=$(bashio::config 'certfile') - keyfile=$(bashio::config 'keyfile') - - mv /etc/nginx/servers/direct-ssl.disabled /etc/nginx/servers/direct.conf - sed -i "s#%%certfile%%#${certfile}#g" /etc/nginx/servers/direct.conf - sed -i "s#%%keyfile%%#${keyfile}#g" /etc/nginx/servers/direct.conf - - else - mv /etc/nginx/servers/direct.disabled /etc/nginx/servers/direct.conf - fi - - sed -i "s/%%port%%/${admin_port}/g" /etc/nginx/servers/direct.conf -fi - -ingress_port=$(bashio::addon.ingress_port) -ingress_interface=$(bashio::addon.ip_address) -sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf -sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf - -dns_host=$(bashio::dns.host) -sed -i "s/%%dns_host%%/${dns_host}/g" /etc/nginx/includes/resolver.conf diff --git a/node-red/rootfs/etc/nginx/includes/mime.types b/node-red/rootfs/etc/nginx/includes/mime.types deleted file mode 100644 index 7c7cdef2d..000000000 --- a/node-red/rootfs/etc/nginx/includes/mime.types +++ /dev/null @@ -1,96 +0,0 @@ -types { - text/html html htm shtml; - text/css css; - text/xml xml; - image/gif gif; - image/jpeg jpeg jpg; - application/javascript js; - application/atom+xml atom; - application/rss+xml rss; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/svg+xml svg svgz; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/webp webp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - - font/woff woff; - font/woff2 woff2; - - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.apple.mpegurl m3u8; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/vnd.ms-excel xls; - application/vnd.ms-fontobject eot; - application/vnd.ms-powerpoint ppt; - application/vnd.oasis.opendocument.graphics odg; - application/vnd.oasis.opendocument.presentation odp; - application/vnd.oasis.opendocument.spreadsheet ods; - application/vnd.oasis.opendocument.text odt; - application/vnd.openxmlformats-officedocument.presentationml.presentation - pptx; - application/vnd.openxmlformats-officedocument.spreadsheetml.sheet - xlsx; - application/vnd.openxmlformats-officedocument.wordprocessingml.document - docx; - application/vnd.wap.wmlc wmlc; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/xspf+xml xspf; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - - video/3gpp 3gpp 3gp; - video/mp2t ts; - video/mp4 mp4; - video/mpeg mpeg mpg; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-m4v m4v; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -} diff --git a/node-red/rootfs/etc/nginx/includes/proxy_params.conf b/node-red/rootfs/etc/nginx/includes/proxy_params.conf deleted file mode 100644 index 1990d4959..000000000 --- a/node-red/rootfs/etc/nginx/includes/proxy_params.conf +++ /dev/null @@ -1,15 +0,0 @@ -proxy_http_version 1.1; -proxy_ignore_client_abort off; -proxy_read_timeout 86400s; -proxy_redirect off; -proxy_send_timeout 86400s; -proxy_max_temp_file_size 0; - -proxy_set_header Accept-Encoding ""; -proxy_set_header Connection $connection_upgrade; -proxy_set_header Host $http_host; -proxy_set_header Upgrade $http_upgrade; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-NginX-Proxy true; -proxy_set_header X-Real-IP $remote_addr; diff --git a/node-red/rootfs/etc/nginx/includes/resolver.conf b/node-red/rootfs/etc/nginx/includes/resolver.conf deleted file mode 100644 index d86489993..000000000 --- a/node-red/rootfs/etc/nginx/includes/resolver.conf +++ /dev/null @@ -1 +0,0 @@ -resolver %%dns_host%%; diff --git a/node-red/rootfs/etc/nginx/includes/server_params.conf b/node-red/rootfs/etc/nginx/includes/server_params.conf deleted file mode 100644 index 55ed565c3..000000000 --- a/node-red/rootfs/etc/nginx/includes/server_params.conf +++ /dev/null @@ -1,10 +0,0 @@ -root /dev/null; -server_name $hostname; - -client_max_body_size 64m; - -add_header X-Content-Type-Options nosniff; -add_header X-XSS-Protection "1; mode=block"; -add_header X-Robots-Tag none; -add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; -expires off; diff --git a/node-red/rootfs/etc/nginx/includes/ssl_params.conf b/node-red/rootfs/etc/nginx/includes/ssl_params.conf deleted file mode 100644 index 6f1500599..000000000 --- a/node-red/rootfs/etc/nginx/includes/ssl_params.conf +++ /dev/null @@ -1,9 +0,0 @@ -ssl_protocols TLSv1.2; -ssl_prefer_server_ciphers on; -ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA; -ssl_ecdh_curve secp384r1; -ssl_session_timeout 10m; -ssl_session_cache shared:SSL:10m; -ssl_session_tickets off; -ssl_stapling on; -ssl_stapling_verify on; diff --git a/node-red/rootfs/etc/nginx/includes/upstream.conf b/node-red/rootfs/etc/nginx/includes/upstream.conf deleted file mode 100644 index cb5a429e7..000000000 --- a/node-red/rootfs/etc/nginx/includes/upstream.conf +++ /dev/null @@ -1,3 +0,0 @@ -upstream backend { - server 127.0.0.1:46836; -} diff --git a/node-red/rootfs/etc/nginx/lua/ha-auth.lua b/node-red/rootfs/etc/nginx/lua/ha-auth.lua deleted file mode 100644 index a2c633ce5..000000000 --- a/node-red/rootfs/etc/nginx/lua/ha-auth.lua +++ /dev/null @@ -1,83 +0,0 @@ -local http = require "resty.http" -local auths = ngx.shared.auths - -function authenticate() - - --- Test Authentication header is set and with a value - local header = ngx.req.get_headers()['Authorization'] - if header == nil or header:find(" ") == nil then - return false - end - - local divider = header:find(' ') - if header:sub(0, divider-1) ~= 'Basic' then - return false - end - - local auth = ngx.decode_base64(header:sub(divider+1)) - if auth == nil or auth:find(':') == nil then - return false - end - - divider = auth:find(':') - local username = auth:sub(0, divider-1) - local password = auth:sub(divider+1) - - --- Check if authentication is cached - if auths:get(username) == password then - ngx.log(ngx.DEBUG, "Authenticated user against Home Assistant (cache).") - return true - end - - --- HTTP request against the Supervisor API - local httpc = http.new() - local res, err = httpc:request_uri("http://supervisor.local.hass.io/auth", { - method = "POST", - body = ngx.encode_args({["username"]=username, ["password"]=password}), - headers = { - ["Content-Type"] = "application/x-www-form-urlencoded", - ["X-Supervisor-Token"] = os.getenv("SUPERVISOR_TOKEN"), - }, - keepalive_timeout = 60, - keepalive_pool = 10 - }) - - --- Error during API request - if err then - ngx.log(ngx.WARN, "Error during Home Assistant user authentication.", err) - return false - end - - --- No result? Something went wrong... - if not res then - ngx.log(ngx.WARN, "Error during Home Assistant user authentication.") - return false - end - - --- Valid response, the username/password is valid - if res.status == 200 then - ngx.log(ngx.INFO, "Authenticated user against Home Assistant.") - auths:set(username, password, 60) - return true - end - - --- Whatever the response is, it is invalid - ngx.log(ngx.WARN, "Authentication against Home Assistant failed!") - return false -end - --- Only authenticate if its not disabled -if not os.getenv('DISABLE_HA_AUTHENTICATION') then - - --- Try to authenticate against HA - local authenticated = authenticate() - - --- If authentication failed, throw a basic auth - if not authenticated then - ngx.header.content_type = 'text/plain' - ngx.header.www_authenticate = 'Basic realm="Home Assistant"' - ngx.status = ngx.HTTP_UNAUTHORIZED - ngx.say('401 Access Denied') - ngx.exit(ngx.HTTP_UNAUTHORIZED) - end -end diff --git a/node-red/rootfs/etc/nginx/modules/ndk_http.conf b/node-red/rootfs/etc/nginx/modules/ndk_http.conf deleted file mode 100644 index 2663122c3..000000000 --- a/node-red/rootfs/etc/nginx/modules/ndk_http.conf +++ /dev/null @@ -1 +0,0 @@ -load_module "/usr/lib/nginx/modules/ndk_http_module.so"; diff --git a/node-red/rootfs/etc/nginx/modules/ngx_http_lua.conf b/node-red/rootfs/etc/nginx/modules/ngx_http_lua.conf deleted file mode 100644 index f885ed981..000000000 --- a/node-red/rootfs/etc/nginx/modules/ngx_http_lua.conf +++ /dev/null @@ -1 +0,0 @@ -load_module "/usr/lib/nginx/modules/ngx_http_lua_module.so"; diff --git a/node-red/rootfs/etc/nginx/nginx.conf b/node-red/rootfs/etc/nginx/nginx.conf deleted file mode 100644 index 0f7126560..000000000 --- a/node-red/rootfs/etc/nginx/nginx.conf +++ /dev/null @@ -1,59 +0,0 @@ -# Run nginx in foreground. -daemon off; - -# This is run inside Docker. -user root; - -# Pid storage location. -pid /var/run/nginx.pid; - -# Set number of worker processes. -worker_processes 1; - -# Enables the use of JIT for regular expressions to speed-up their processing. -pcre_jit on; - -# Write error log to the add-on log. -error_log /proc/1/fd/1 error; - -# Load allowed environment vars -env SUPERVISOR_TOKEN; -env DISABLE_HA_AUTHENTICATION; - -# Load dynamic modules. -include /etc/nginx/modules/*.conf; - -# Max num of simultaneous connections by a worker process. -events { - worker_connections 512; -} - -http { - include /etc/nginx/includes/mime.types; - - log_format homeassistant '[$time_local] $status ' - '$http_x_forwarded_for($remote_addr) ' - '$request ($http_user_agent)'; - - access_log /proc/1/fd/1 homeassistant; - client_max_body_size 4G; - default_type application/octet-stream; - gzip on; - keepalive_timeout 65; - lua_load_resty_core off; - lua_shared_dict auths 16k; - sendfile on; - server_tokens off; - tcp_nodelay on; - tcp_nopush on; - - map $http_upgrade $connection_upgrade { - default upgrade; - '' close; - } - - include /etc/nginx/includes/resolver.conf; - include /etc/nginx/includes/upstream.conf; - - include /etc/nginx/servers/*.conf; -} diff --git a/node-red/rootfs/etc/nginx/servers/direct-ssl.disabled b/node-red/rootfs/etc/nginx/servers/direct-ssl.disabled deleted file mode 100644 index a4a29a79e..000000000 --- a/node-red/rootfs/etc/nginx/servers/direct-ssl.disabled +++ /dev/null @@ -1,19 +0,0 @@ -server { - listen %%port%% default_server ssl http2; - - include /etc/nginx/includes/server_params.conf; - include /etc/nginx/includes/ssl_params.conf; - include /etc/nginx/includes/proxy_params.conf; - - ssl_certificate /ssl/%%certfile%%; - ssl_certificate_key /ssl/%%keyfile%%; - - location / { - access_by_lua_file /etc/nginx/lua/ha-auth.lua; - proxy_pass http://backend; - } - - location /endpoint/ { - proxy_pass http://backend; - } -} diff --git a/node-red/rootfs/etc/nginx/servers/direct.disabled b/node-red/rootfs/etc/nginx/servers/direct.disabled deleted file mode 100644 index 63e602fdd..000000000 --- a/node-red/rootfs/etc/nginx/servers/direct.disabled +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen %%port%% default_server; - - include /etc/nginx/includes/server_params.conf; - include /etc/nginx/includes/proxy_params.conf; - - location / { - access_by_lua_file /etc/nginx/lua/ha-auth.lua; - proxy_pass http://backend; - } - - location /endpoint/ { - proxy_pass http://backend; - } -} diff --git a/node-red/rootfs/etc/nginx/servers/ingress.conf b/node-red/rootfs/etc/nginx/servers/ingress.conf deleted file mode 100644 index d655706cd..000000000 --- a/node-red/rootfs/etc/nginx/servers/ingress.conf +++ /dev/null @@ -1,13 +0,0 @@ -server { - listen %%interface%%:%%port%% default_server; - - include /etc/nginx/includes/server_params.conf; - include /etc/nginx/includes/proxy_params.conf; - - location / { - allow 172.30.32.2; - deny all; - - proxy_pass http://backend; - } -} diff --git a/node-red/rootfs/etc/node-red/patches/node-red-dashboard-show-dashboard.patch b/node-red/rootfs/etc/node-red/patches/node-red-dashboard-show-dashboard.patch deleted file mode 100644 index 4698cfb05..000000000 --- a/node-red/rootfs/etc/node-red/patches/node-red-dashboard-show-dashboard.patch +++ /dev/null @@ -1,32 +0,0 @@ ---- a/nodes/ui_base.html -+++ b/nodes/ui_base.html -@@ -531,19 +531,25 @@ - // Link out to dashboard - $.getJSON('uisettings',function(data) { - if (data.hasOwnProperty("path")) { uip = data.path; } -- var lnk = document.location.host+RED.settings.httpNodeRoot+"/"+uip; -+ var lnk = document.location.host; -+ var protocol = document.location.protocol; -+ if (document.location.pathname.includes('api/hassio_ingress')) { -+ protocol = %%SSL%% ? 'https:' : 'http:'; -+ lnk = document.location.hostname+":"+%%PORT%%; -+ } -+ lnk+=RED.settings.httpNodeRoot+"/"+uip; - var re = new RegExp('\/{1,}','g'); - lnk = lnk.replace(re,'/'); - if (!RED.hasOwnProperty("actions")) { -- RED.keyboard.add("*",/* d */ 68,{ctrl:true, shift:true},function() { window.open(document.location.protocol+"//"+lnk, "nr-dashboard") }); -+ RED.keyboard.add("*",/* d */ 68,{ctrl:true, shift:true},function() { window.open(protocol+"//"+lnk, "nr-dashboard") }); - } - else { - RED.keyboard.add("*","ctrl-shift-d","dashboard:show-dashboard"); -- RED.actions.add("dashboard:show-dashboard",function() { window.open(document.location.protocol+"//"+lnk, "nr-dashboard") }); -+ RED.actions.add("dashboard:show-dashboard",function() { window.open(protocol+"//"+lnk, "nr-dashboard") }); - } - $('') - .click(function(evt) { -- window.open(document.location.protocol+"//"+lnk); -+ window.open(protocol+"//"+lnk); - evt.preventDefault(); - }) - .appendTo(ulDashboardTabs); diff --git a/node-red/rootfs/etc/services.d/nginx/finish b/node-red/rootfs/etc/services.d/nginx/finish deleted file mode 100644 index ed93d0206..000000000 --- a/node-red/rootfs/etc/services.d/nginx/finish +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/execlineb -S0 -# ============================================================================== -# Home Assistant Community Add-on: Node-RED -# Take down the S6 supervision tree when Nginx fails -# ============================================================================== -if { s6-test ${1} -ne 0 } -if { s6-test ${1} -ne 256 } - -s6-svscanctl -t /var/run/s6/services diff --git a/node-red/rootfs/etc/services.d/nginx/run b/node-red/rootfs/etc/services.d/nginx/run deleted file mode 100644 index 9d3abbc75..000000000 --- a/node-red/rootfs/etc/services.d/nginx/run +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/with-contenv bashio -# ============================================================================== -# Home Assistant Community Add-on: Node-RED -# Runs the Nginx daemon -# ============================================================================== - -# Wait for Node-RED to become available -bashio::net.wait_for 46836 localhost 300 - -bashio::log.info "Starting NGinx..." - -# Disable HA Authentication if front door is open -if bashio::config.true 'leave_front_door_open'; then - export DISABLE_HA_AUTHENTICATION=true -fi - -exec nginx diff --git a/renovate.json b/renovate.json deleted file mode 100644 index 58ca74e93..000000000 --- a/renovate.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "extends": [ - "config:base" - ], - "commitMessageAction": "Updates", - "commitMessageTopic": "{{depName}}", - "commitMessagePrefix": ":arrow_up:", - "labels": [ - "Type: Maintenance" - ] -} diff --git a/repository.json b/repository.json new file mode 100644 index 000000000..0163829c0 --- /dev/null +++ b/repository.json @@ -0,0 +1,5 @@ +{ + "name": "Node-RED Minimal Add-on", + "url": "https://github.com/IceEyz/addon-node-red-minimal", + "maintainer": "IceEyz" + } \ No newline at end of file