hasscc
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 39 additions & 0 deletions b/‎.github/workflows/build.yml‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 15 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/post-init.d/10-docker‎
Lines changed: 15 additions & 0 deletions b/‎build/opt/init-wrapper/post-init.d/10-docker‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/post-init.d/11-os-agent‎
Lines changed: 9 additions & 0 deletions b/‎build/opt/init-wrapper/post-init.d/11-os-agent‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/post-init.d/12-hassio‎
Lines changed: 30 additions & 0 deletions b/‎build/opt/init-wrapper/post-init.d/12-hassio‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz‎
Lines changed: 19 additions & 0 deletions b/‎build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys‎
Lines changed: 12 additions & 0 deletions b/‎build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/pre-init.d/03-adduser‎
Lines changed: 36 additions & 0 deletions b/‎build/opt/init-wrapper/pre-init.d/03-adduser‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/pre-init.d/04-chpass-and-sshkey‎
Lines changed: 69 additions & 0 deletions b/‎build/opt/init-wrapper/pre-init.d/04-chpass-and-sshkey‎
Lines changed: 69 additions & 0 deletions
diff --git a/‎build/opt/init-wrapper/pre-init.d/05-apt‎
Lines changed: 96 additions & 0 deletions b/‎build/opt/init-wrapper/pre-init.d/05-apt‎
Lines changed: 96 additions & 0 deletions
@@ -0,0 +1,39 @@
+name: Build Docker Image
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: Version
+        required: true
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/hass-super:latest
+            ghcr.io/${{ github.repository_owner }}/hass-super:${{ github.event.inputs.version }}
@@ -0,0 +1,15 @@
+FROM debian:bookworm
+
+ENV container=docker \
+    DOCKER_STORAGE_DRIVER=vfs \
+    DEBIAN_FRONTEND=noninteractive
+
+COPY build /tmp/build
+RUN run-parts --report --exit-on-error /tmp/build/scripts && rm -rfv /tmp/build
+
+EXPOSE 22
+VOLUME ["/usr/share/hassio", "/var/lib/docker"]
+WORKDIR /root
+
+ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
+CMD ["/sbin/init"]
@@ -0,0 +1,15 @@
+#! /bin/sh
+
+set -ex
+
+if [ -f /usr/bin/dockerd ]; then
+  exit 0
+fi
+
+if [ $(cat /etc/timezone) = "Asia/Shanghai" ]; then
+  sed -i 's@download.docker.com@mirrors.ustc.edu.cn/docker-ce@g' /etc/apt/sources.list.d/docker.list
+  apt-get update
+fi
+
+apt-get install --no-install-recommends -y docker-ce
+docker version
@@ -0,0 +1,9 @@
+#! /bin/sh
+
+set -ex
+
+if [ -f /usr/bin/os-agent ]; then
+  exit 0
+fi
+
+dpkg -i /opt/os-agent.deb
@@ -0,0 +1,30 @@
+#! /bin/sh
+
+set -ex
+
+ARCH=$(uname -m)
+case ${ARCH} in
+    "arm" | "armv6l" | "armv7l")
+        export MACHINE=${MACHINE:=qemuarm}
+    ;;
+    "aarch64")
+        export MACHINE=${MACHINE:=qemuarm-64}
+    ;;
+esac
+
+xargs -0 -n1 < /proc/1/environ | sed "s/=\(.*\)/='\1'/" | while read line; do
+    export "$line"
+done
+env >> /tmp/hassio.log
+
+mount --make-shared "${DATA_SHARE:=/usr/share/hassio}"
+
+if [ -f /usr/sbin/hassio-supervisor ]; then
+    exit 0
+fi
+
+deb="/opt/hassio.deb"
+if [ $(cat /etc/timezone) = "Asia/Shanghai" ]; then
+    deb="/opt/hasscn.deb"
+fi
+dpkg --force-confdef --force-confold -i $deb
@@ -0,0 +1,19 @@
+#! /bin/sh
+
+set -e
+
+## environment variables
+##
+## - DEFAULT_LANG
+## - DEFAULT_TZ
+
+if [ -n "${DEFAULT_LANG}" ]; then
+  sed -i -e "s/LANG=C/LANG=${DEFAULT_LANG}/" /etc/default/locale
+fi
+
+if [ -n "${DEFAULT_TZ}" ]; then
+  echo "${DEFAULT_TZ}" > /etc/timezone
+  # workaround: see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813226
+  [ -L /etc/localtime ] && rm /etc/localtime
+  dpkg-reconfigure -f noninteractive tzdata 1>/dev/null 2>/dev/null
+fi
@@ -0,0 +1,12 @@
+#! /bin/sh
+
+export DEBIAN_FRONTEND=noninteractive
+
+##
+## regenerate ssh host keys
+##
+if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
+  rm /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
+  dpkg-reconfigure openssh-server 1>/dev/null 2>/dev/null
+fi
+
@@ -0,0 +1,36 @@
+#! /bin/sh
+
+## environment variables
+##
+##   - CUSTOM_GROUP            :  group name
+##   - CUSTOM_GROUP_GID        :  group id
+##   - CUSTOM_USER             :  user name
+##   - CUSTOM_USER_UID         :  user id
+##   - CUSTOM_USER_GECOS       :  gecos field for user
+##   - CUSTOM_USER_SHELL       :  login shell for user
+##
+
+if [ -n "${CUSTOM_USER}" ]; then
+  ## create group
+  if [ -n "${CUSTOM_GROUP}" ]; then
+    group=${CUSTOM_GROUP}
+  else
+    group=${CUSTOM_USER}
+  fi
+  addgroup ${CUSTOM_GROUP_GID+--gid ${CUSTOM_GROUP_GID}} ${group} 1>/dev/null 2>/dev/null
+
+  ## create user (without password, without sudo priv)
+  adduser \
+    --disabled-password \
+    --quiet \
+    --gecos "${CUSTOM_USER_GECOS}" \
+    --shell ${CUSTOM_USER_SHELL-/bin/bash} \
+    ${CUSTOM_USER_UID+--uid ${CUSTOM_USER_UID}} \
+    --ingroup ${group} \
+    ${CUSTOM_USER} 1>/dev/null 2>/dev/null
+
+  ## add sudo priv
+  adduser ${CUSTOM_USER} sudo 1>/dev/null 2>/dev/null
+  adduser ${CUSTOM_USER} adm 1>/dev/null 2>/dev/null
+fi
+
@@ -0,0 +1,69 @@
+#! /bin/sh
+
+## environment variables
+##
+##  - USER_PASSWORD           : debian user password
+##  - USER_SSH_KEY_URI        : ssh public key uri (or github account) for debian user
+##  - ROOT_PASSWORD           : root password
+##  - ROOT_SSH_KEY_URI        : ssh public key uri (or github account) for root
+##  - CUSTOM_USER             : custom user account
+##  - CUSTOM_USER_PASSWORD    : password for custom user
+##  - CUSTOM_USER_SSH_KEY_URI : ssh public key uri (or github account) for custom user
+##
+
+change_password (){
+  user=$1
+  password=$2
+  if [ -n "${user}" -a -n "${password}" ]; then
+    echo "${user}:${password}" | chpasswd 1>/dev/null 2>/dev/null
+  fi
+  unset user password
+}
+
+add_ssh_key (){
+  user=$1
+  ssh_key_uri=$2
+  if [ "$user" = "root" ]; then
+    home=/root
+    sudo=
+  else
+    home=/home/$user
+    sudo="sudo -u $user"
+  fi
+  if [ -n "${ssh_key_uri}" ]; then
+    if [ ! -d $home/.ssh ]; then
+        $sudo mkdir -m 0700 $home/.ssh
+    fi
+    if [ ! -f $home/.ssh/authorized_keys ]; then
+      $sudo bash -c "umask 066 && touch $home/.ssh/authorized_keys"
+    fi
+
+    $sudo bash -c "echo '' >> $home/.ssh/authorized_keys"
+    $sudo bash -c "echo '## ${ssh_key_uri}' >> $home/.ssh/authorized_keys"
+    case "${ssh_key_uri}" in
+      https?://*)
+        curl -s -L -o - "${ssh_key_uri}" | $sudo bash -c "cat >> $home/.ssh/authorized_keys"
+        ;;
+      *)
+        if echo "${ssh_key_uri}" | grep -E '^[0-9a-zA-Z-]+$' 1>/dev/null 2>/dev/null; then
+          curl -s -L -o - "https://github.com/${ssh_key_uri}.keys" | $sudo bash -c "cat >> $home/.ssh/authorized_keys"
+        fi
+        ;;
+    esac
+    $sudo bash -c "echo '' >> $home/.ssh/authorized_keys"
+  fi
+  unset user ssh_key_uri home sudo
+}
+
+## debian user
+change_password    debian            "${USER_PASSWORD}"
+add_ssh_key        debian            "${USER_SSH_KEY_URI}"
+
+## root
+change_password    root              "${ROOT_PASSWORD}"
+add_ssh_key        root              "${ROOT_SSH_KEY_URI}"
+
+## custom user
+change_password    "${CUSTOM_USER}"  "${CUSTOM_USER_PASSWORD}"
+add_ssh_key        "${CUSTOM_USER}"  "${CUSTOM_USER_SSH_KEY_URI}"
+
@@ -0,0 +1,96 @@
+#! /bin/sh
+
+## environment variables
+##
+##   - APT_LINE                : "keep", "jp", "http://foobar.example.org/debian/"
+##   - APT_UPDATE              : "yes", "true", "on", 1 -> run apt-get update after init
+##   - APT_INSTALL_PACKAGES    : "pkg1 pkg2=1.2-3 pkg3- ..."
+##   - APT_INSTALL_RECOMMENDS  : "yes", "true", "on", 1
+##   - APT_INSTALL_SUGGESTS    : "yes", "true", "on", 1
+##   - APT_HTTP_PROXY          : "http://x.x.x.x:3142/"
+##
+
+set -e
+post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
+
+if [ -z "${APT_LINE}" ]; then
+  APT_LINE=keep
+  if [ "$DEFAULT_TZ" = "Asia/Shanghai" ]; then
+    APT_LINE=cn
+  fi
+fi
+
+change_apt_line (){
+  uri=$1
+  sed -i -e "s@http://deb\.debian\.org/debian@${uri}@" /etc/apt/sources.list.d/debian.sources
+}
+
+clear_post_init (){
+  if [ -f ${post_init_script} ]; then
+    : > ${post_init_script}
+  fi
+}
+
+write_post_init (){
+  echo "#! /bin/sh"     >  ${post_init_script}
+
+  case "${APT_UPDATE}" in
+    1|[tT][rR][uU][eE]|[yY][eE][sS]|[oO][nN])
+      echo "apt-get update";;
+    *)
+      echo "#apt-get update";;
+  esac \
+  >> ${post_init_script}
+
+  options=
+  case "${APT_INSTALL_RECOMMENDS}" in
+    1|[tT][rR][uU][eE]|[yY][eE][sS]|[oO][nN])
+      options="$options --install-recommends";;
+    *)
+      options="$options --no-install-recommends";;
+  esac
+  case "${APT_INSTALL_SUGGESTS}" in
+    1|[tT][rR][uU][eE]|[yY][eE][sS]|[oO][nN])
+      options="$options --install-suggests";;
+    *)
+      options="$options --no-install-suggests";;
+  esac
+  if [ -n "${APT_INSTALL_PACKAGES}" ]; then
+    echo "apt-get install -y ${options} ${APT_INSTALL_PACKAGES}"
+  else
+    echo "#apt-get install -y ${options} ${APT_INSTALL_PACKAGES}"
+  fi \
+  >> ${post_init_script}
+
+  echo "exit 0" \
+  >> ${post_init_script}
+
+  chmod +x ${post_init_script}
+}
+
+if [ -n "${APT_LINE}" ]; then
+  case "${APT_LINE}" in
+  keep)
+    # do nothing (use deb.debian.org)
+    :
+    ;;
+  cn)
+    change_apt_line http://mirrors.ustc.edu.cn/debian
+    ;;
+  jp)
+    change_apt_line http://ftp.jp.debian.org/debian
+    ;;
+  *)
+    change_apt_line "${APT_LINE}"
+    ;;
+  esac
+fi
+
+if [ -n "${APT_HTTP_PROXY}" ]; then
+  echo "Acquire::http::proxy \"${APT_HTTP_PROXY}\";" >  /etc/apt/apt.conf.d/proxy.conf
+  echo "Acquire::https::proxy \"DIRECT\";"           >> /etc/apt/apt.conf.d/proxy.conf
+fi
+
+clear_post_init
+write_post_init
+