diff --git a/ente/CHANGELOG.md b/ente/CHANGELOG.md new file mode 100644 index 000000000..8b1378917 --- /dev/null +++ b/ente/CHANGELOG.md @@ -0,0 +1 @@ + diff --git a/ente/Dockerfile b/ente/Dockerfile new file mode 100644 index 000000000..0c4d9a56c --- /dev/null +++ b/ente/Dockerfile @@ -0,0 +1,108 @@ +#============================# +# ALEXBELGIUM'S DOCKERFILE # +#============================# +# _.------. +# _.-` ('>.-`"""-. +# '.--'` _'` _ .--.) +# -' '-.-';` ` +# ' - _.' ``'--. +# d '---` .-'""` +# /` +#=== Home Assistant Add‑on – ENTE ===# + +################# +# 1 Build Image # +################# + +ARG BUILD_VERSION +FROM ghcr.io/ente-io/server:latest + +################## +# 2 Modify Image # +################## + +# S6 settings +ENV S6_CMD_WAIT_FOR_SERVICES=1 \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ + S6_SERVICES_GRACETIME=0 + +USER root + +# LSIO helpers (same repo you already use) +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_lsio.sh" "/ha_lsio.sh" +ARG CONFIGLOCATION="/config" +RUN chmod 744 /ha_lsio.sh && \ + if grep -qr "lsio" /etc; then /ha_lsio.sh "$CONFIGLOCATION"; fi && \ + rm /ha_lsio.sh + +# ---------- MinIO & tools (needed by Ente) ---------- +# – server binary + client (`mc`) +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends curl ca-certificates wget jq tini postgresql-client-15; \ + curl -fsSL https://dl.min.io/server/minio/release/linux-amd64/minio -o /usr/local/bin/minio; \ + curl -fsSL https://dl.min.io/client/mc/release/linux-amd64/mc -o /usr/local/bin/mc; \ + chmod +x /usr/local/bin/minio /usr/local/bin/mc; \ + apt-get clean; rm -rf /var/lib/apt/lists/* + +################## +# 3 Install apps # +################## + +COPY rootfs/ / + +# bind‑compat for some addons +RUN ln -sf /usr/bin/bash /bin/bash || true && \ + ln -sf /usr/bin/sh /bin/sh || true + +# Optional modules (same pattern as ente) +ARG MODULES="00-banner.sh 01-custom_script.sh 00-global_var.sh 00-local_mounts.sh 00-smb_mounts.sh" +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_automodules.sh" "/ha_automodules.sh" +RUN chmod 744 /ha_automodules.sh && /ha_automodules.sh "$MODULES" && rm /ha_automodules.sh + +# Optional extra packages +ENV PACKAGES="sudo jq yamllint" +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_autoapps.sh" "/ha_autoapps.sh" +RUN chmod 744 /ha_autoapps.sh && /ha_autoapps.sh "$PACKAGES" && rm /ha_autoapps.sh + +################ +# 4 Entrypoint # +################ + +ENV S6_STAGE2_HOOK=/ha_entrypoint.sh +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_entrypoint.sh" "/ha_entrypoint.sh" +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_entrypoint_modif.sh" "/ha_entrypoint_modif.sh" +RUN chmod 777 /ha_entrypoint.sh /ha_entrypoint_modif.sh && \ + /ha_entrypoint_modif.sh && rm /ha_entrypoint_modif.sh + +# ---------- Healthcheck ---------- +ENV HEALTH_PORT="8080" \ + HEALTH_URL="/ping" +HEALTHCHECK --interval=10s --retries=5 --timeout=20s CMD \ + curl -A "HealthCheck: Docker/1.0" -fs "http://127.0.0.1:${HEALTH_PORT}${HEALTH_URL}" || exit 1 + +############ +# 5 Labels # +############ +ARG BUILD_ARCH BUILD_DATE BUILD_NAME BUILD_DESCRIPTION BUILD_REF BUILD_REPOSITORY +LABEL \ + io.hass.name="${BUILD_NAME}" \ + io.hass.description="${BUILD_DESCRIPTION}" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version=${BUILD_VERSION} \ + maintainer="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.title="${BUILD_NAME}" \ + org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ + org.opencontainers.image.url="https://github.com/alexbelgium" \ + org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ + org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ + org.opencontainers.image.created=${BUILD_DATE} \ + org.opencontainers.image.revision=${BUILD_REF} \ + org.opencontainers.image.version=${BUILD_VERSION} + +################# +# 6 Finish line # +################# +# S6 will pick up run scripts from /etc/services.d supplied in rootfs +# and launch: › minio › museum API › (optional) web‑UI diff --git a/ente/README.md b/ente/README.md new file mode 100644 index 000000000..a69364c97 --- /dev/null +++ b/ente/README.md @@ -0,0 +1 @@ +Draft diff --git a/ente/apparmor.txt b/ente/apparmor.txt new file mode 100644 index 000000000..98e97c11d --- /dev/null +++ b/ente/apparmor.txt @@ -0,0 +1,66 @@ +#include + +profile db21ed7f_qbittorrent flags=(attach_disconnected,mediate_deleted) { + #include + + capability, + file, + signal, + mount, + umount, + remount, + network udp, + network tcp, + network dgram, + network stream, + network inet, + network inet6, + network netlink raw, + network unix dgram, + + capability setgid, + capability setuid, + capability sys_admin, + capability dac_read_search, + # capability dac_override, + # capability sys_rawio, + +# S6-Overlay + /init ix, + /run/{s6,s6-rc*,service}/** ix, + /package/** ix, + /command/** ix, + /run/{,**} rwk, + /dev/tty rw, + /bin/** ix, + /usr/bin/** ix, + /usr/lib/bashio/** ix, + /etc/s6/** rix, + /run/s6/** rix, + /etc/services.d/** rwix, + /etc/cont-init.d/** rwix, + /etc/cont-finish.d/** rwix, + /init rix, + /var/run/** mrwkl, + /var/run/ mrwkl, + /dev/i2c-1 mrwkl, + # Files required + /dev/fuse mrwkl, + /dev/sda1 mrwkl, + /dev/sdb1 mrwkl, + /dev/nvme0 mrwkl, + /dev/nvme1 mrwkl, + /dev/mmcblk0p1 mrwkl, + /dev/* mrwkl, + /tmp/** mrkwl, + + # Data access + /data/** rw, + + # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container + ptrace (trace,read) peer=docker-default, + + # docker daemon confinement requires explict allow rule for signal + signal (receive) set=(kill,term) peer=/usr/bin/docker, + +} diff --git a/ente/build.json b/ente/build.json new file mode 100644 index 000000000..3618edb54 --- /dev/null +++ b/ente/build.json @@ -0,0 +1,9 @@ +{ + "build_from": { + "aarch64": "ghcr.io/imagegenius/ente:server-latest", + "amd64": "ghcr.io/imagegenius/ente:server-latest" + }, + "codenotary": { + "signer": "alexandrep.github@gmail.com" + } +} diff --git a/ente/config.json b/ente/config.json new file mode 100644 index 000000000..909730899 --- /dev/null +++ b/ente/config.json @@ -0,0 +1,76 @@ +{ + "name": "Ente", + "slug": "ente", + "version": "1.0.0", + "description": "Self‑hosted, end‑to‑end‑encrypted photo & video storage (Ente server + MinIO).", + "url": "https://github.com/alexbelgium/hassio-addons", + "arch": ["aarch64", "amd64"], + "image": "ghcr.io/alexbelgium/ente-{arch}", + "init": false, + "startup": "services", + "ports": { + "8080/tcp": 8280, + "3000/tcp": 8300, + "3200/tcp": 8320 + }, + "ports_description": { + "8080/tcp": "Ente API (museum)", + "3000/tcp": "Ente web UI", + "3200/tcp": "MinIO S3 endpoint" + }, + "map": [ + "addon_config:rw", + "media:rw", + "share:rw", + "ssl:rw" + ], + "devices": [ + "/dev/dri", "/dev/dri/renderD128", + "/dev/vchiq", "/dev/video10", "/dev/video11", "/dev/video12" + ], + "environment": { + "PGID": "0", + "PUID": "0", + "DB_HOSTNAME": "homeassistant.local", + "DB_PORT": "5432", + "DB_USERNAME": "pguser", + "DB_PASSWORD": "ente", + "DB_DATABASE_NAME": "ente_db", + "MINIO_ROOT_USER": "minioadmin", + "MINIO_ROOT_PASSWORD": "minioadmin", + "S3_ENDPOINT": "http://localhost:3200", + "S3_BUCKET": "ente-media", + "ENTE_API_ORIGIN": "http://[HOST]:[PORT:8080]", + "TZ": "Europe/Paris" + }, + "options": { + "DB_DATABASE_NAME": "ente_db", + "DB_HOSTNAME": "homeassistant.local", + "DB_PASSWORD": "ente", + "DB_PORT": 5432, + "DB_USERNAME": "pguser", + "MINIO_ROOT_USER": "minioadmin", + "MINIO_ROOT_PASSWORD": "minioadmin", + "S3_BUCKET": "ente-media", + "TZ": "Europe/Paris", + "DISABLE_WEB_UI": false + }, + "schema": { + "DB_DATABASE_NAME": "str", + "DB_HOSTNAME": "str", + "DB_PASSWORD": "str", + "DB_PORT": "int", + "DB_USERNAME": "str", + "MINIO_ROOT_USER": "str", + "MINIO_ROOT_PASSWORD": "str", + "S3_BUCKET": "str", + "TZ": "str?", + "DISABLE_WEB_UI": "bool?" + }, + "privileged": ["SYS_ADMIN", "DAC_READ_SEARCH"], + "hassio_api": true, + "udev": true, + "video": true, + "panel_icon": "mdi:image-multiple", + "webui": "http://[HOST]:[PORT:3000]" +} diff --git a/ente/icon.png b/ente/icon.png new file mode 100644 index 000000000..1e4d13669 Binary files /dev/null and b/ente/icon.png differ diff --git a/ente/logo.png b/ente/logo.png new file mode 100644 index 000000000..94508d658 Binary files /dev/null and b/ente/logo.png differ diff --git a/ente/rootfs/etc/cont-init.d/99-run.sh b/ente/rootfs/etc/cont-init.d/99-run.sh new file mode 100644 index 000000000..9b524ad5c --- /dev/null +++ b/ente/rootfs/etc/cont-init.d/99-run.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bashio +# shellcheck shell=bash +# shellcheck disable=SC2155,SC2016 +set -e + +bashio::log.info "Starting ente..." +exec /usr/bin/museum & + +bashio::log.info "Starting minio..." +exec /usr/local/bin/minio server /data --address ":3200" & + +bashio::log.info "Starting ente-web..." +[ -n "$DISABLE_WEB_UI" ] || exec /usr/bin/ente-web \ No newline at end of file diff --git a/ente/stats.png b/ente/stats.png new file mode 100644 index 000000000..03eb3d788 Binary files /dev/null and b/ente/stats.png differ diff --git a/ente/updater.json b/ente/updater.json new file mode 100644 index 000000000..4a01fe3cf --- /dev/null +++ b/ente/updater.json @@ -0,0 +1,9 @@ +{ + "github_beta": "false", + "last_update": "21-06-2025", + "repository": "alexbelgium/hassio-addons", + "slug": "ente", + "source": "github", + "upstream_repo": "ente-io/ente", + "upstream_version": "1.1.57" +}