Attempting to fix the network permissions issue.

homewayio · Nov 11, 2024 · 5d27e59 · 5d27e59
1 parent 26d1589
commit 5d27e59
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 20 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -42,5 +42,6 @@ RUN ${VENV_DIR}/bin/pip3 install --require-virtualenv --no-cache-dir -q "zstanda
 
 # For docker, we use our homeway_standalone_docker host to handle the runtime setup and launch of the serivce.
 WORKDIR ${REPO_DIR}
+
 # Use the full path to the venv, we msut use this [] notation for our ctlc handler to work in the contianer
 ENTRYPOINT ["/root/homeway-env/bin/python", "-m", "homeway_standalone_docker"]
diff --git a/homeway/CHANGELOG.md b/homeway/CHANGELOG.md
@@ -1,6 +1,10 @@
 <!-- https://developers.home-assistant.io/docs/add-ons/presentation#keeping-a-changelog -->
 <!-- This is used in the homeway UI to show updates, so keep it up to date. -->
 
+## 1.5.3
+
+- 🪲 Attempting to fix a network permissions error.
+
 ## 1.5.2
 
 - 🪲 Adding debug logging to help hunt a bug with the connection stability.

diff --git a/homeway/Dockerfile b/homeway/Dockerfile
@@ -14,8 +14,9 @@ COPY requirements.txt /
 RUN pip install --no-cache-dir --disable-pip-version-check -r requirements.txt
 
 # Install the optional pacakges for zstandard compression. The extra packages are required for the zstandard python pip install to build.
+# Note we don't isntall PY 3 so it doesn't exit and we don't accitentally use it instaed of the base image python.
 # hadolint ignore=DL3018,DL3019,DL3059
-RUN apk add zstd python3 python3-dev gcc zlib-dev musl-dev libffi-dev
+RUN apk add zstd python3-dev gcc zlib-dev musl-dev libffi-dev
 # THIS VERSION STRING MUST STAY IN SYNC with Compression.ZStandardPipPackageString
 RUN pip install --no-cache-dir -q "zstandard>=0.21.0,<0.23.0"
 
@@ -27,12 +28,19 @@ COPY . ./
 
 # Helpful for debugging.
 RUN ls
+RUN whoami
 
-# Set the run script exectuable.
-RUN chmod a+x /app/run.sh
-
-# Create a command to launch the run script.
-CMD [ "/app/run.sh" ]
+#
+# Since we are running in a docker container, there's no need for dynamic configs.
+# The repo root is /app, as we define in our Dockerfile
+# The storage root it the Home Assistant docker mapped dir, /data/
+#   Note that all of the data is stored in this flat dir, the config, storage data, and logs.
+#
+# This is the json config, that's base64 encoded and sent as an argument.
+# { "VersionFileDir":"/app", "AddonDataRootDir":"/data", "StorageDir":"/data", "LogsDir":"/data", "IsRunningInHaAddonEnv":true }
+#
+# Note if we every move past "python3", we need to update apparmor.
+CMD [ "python3", "-m", "homeway_linuxhost", "eyAiVmVyc2lvbkZpbGVEaXIiOiIvYXBwIiwgIkFkZG9uRGF0YVJvb3REaXIiOiIvZGF0YSIsICJTdG9yYWdlRGlyIjoiL2RhdGEiLCAiTG9nc0RpciI6Ii9kYXRhIiwgIklzUnVubmluZ0luSGFBZGRvbkVudiI6dHJ1ZSB9" ]
 
 # Build arguments
 ARG BUILD_ARCH

diff --git a/homeway/apparmor.txt b/homeway/apparmor.txt
@@ -1,12 +1,19 @@
+# This file has been taken from the Home Assistant addon dev package
+# https://developers.home-assistant.io/docs/add-ons/presentation#apparmor
+# From the default template config, ADDON_SLUG needs to be replaced with "homeway"
+
 #include <tunables/global>
 
-profile ADDON_SLUG flags=(attach_disconnected,mediate_deleted) {
+profile homeway flags=(attach_disconnected,mediate_deleted) {
   #include <abstractions/base>
 
   # Capabilities
   file,
   signal (send) set=(kill,term,int,hup,cont),
 
+  # Allow all network traffic
+  network,
+
   # S6-Overlay
   /init ix,
   /bin/** ix,
@@ -19,6 +26,7 @@ profile ADDON_SLUG flags=(attach_disconnected,mediate_deleted) {
   /etc/cont-finish.d/** rwix,
   /run/{,**} rwk,
   /dev/tty rw,
+  /app/** rw,
 
   # Bashio
   /usr/lib/bashio/** ix,
@@ -34,7 +42,10 @@ profile ADDON_SLUG flags=(attach_disconnected,mediate_deleted) {
     #include <abstractions/base>
 
     # Receive signals from S6-Overlay
-    signal (receive) peer=*_ADDON_SLUG,
+    signal (receive) peer=*_homeway,
+
+    # Allow all network traffic
+    network,
 
     # Access to options.json and other files within your addon
     /data/** rw,

diff --git a/homeway/config.yaml b/homeway/config.yaml
@@ -38,4 +38,4 @@ image: ghcr.io/homewayio/homeway/{arch}
 # Note when this version number changes, we must make a release to start a docker container build immediately, since HA will start looking for the new version.
 # Basically: Make the final commit -> test and check lint actions (if a docker change, push to docker-test to ensure it builds) -> bump the version number -> create GitHub release.
 # UPDATE THE CHANGE LOG!
-version: 1.5.2
+version: 1.5.3
diff --git a/homeway/run.sh b/homeway/run.sh