diff --git a/portainer/.README.j2 b/portainer/.README.j2 new file mode 100644 index 000000000..30617f201 --- /dev/null +++ b/portainer/.README.j2 @@ -0,0 +1,82 @@ +# Home Assistant Community Add-on: Portainer + +[![Release][release-shield]][release] ![Project Stage][project-stage-shield] ![Project Maintenance][maintenance-shield] + +[![Discord][discord-shield]][discord] [![Community Forum][forum-shield]][forum] + +[![Sponsor Frenck via GitHub Sponsors][github-sponsors-shield]][github-sponsors] + +[![Support Frenck on Patreon][patreon-shield]][patreon] + +Manage your Docker environment with ease. + +## About + +Portainer is an open-source lightweight management UI which allows you to +easily manage your a Docker host(s) or Docker swarm clusters. + +It has never been so easy to manage Docker. Portainer provides a detailed +overview of Docker and allows you to manage containers, images, networks and +volumes. + +## WARNING + +The Portainer add-on is really powerful and gives you virtually access to +your whole system. While this add-on is created and maintained with care and +with security in mind, in the wrong or inexperienced hands, +it could damage your system. + +![Portainer screenshot][screenshot] + +{% if channel == "edge" %} +## WARNING! THIS IS AN EDGE VERSION! + +This Home Assistant Add-ons repository contains edge builds of add-ons. +Edge builds add-ons are based upon the latest development version. + +- They may not work at all. +- They might stop working at any time. +- They could have a negative impact on your system. + +This repository was created for: + +- Anybody willing to test. +- Anybody interested in trying out upcoming add-ons or add-on features. +- Developers. + +If you are more interested in stable releases of our add-ons: + + + +{% endif %} +{% if channel == "beta" %} +## WARNING! THIS IS A BETA VERSION! + +This Home Assistant Add-ons repository contains beta releases of add-ons. + +- They might stop working at any time. +- They could have a negative impact on your system. + +This repository was created for: + +- Anybody willing to test. +- Anybody interested in trying out upcoming add-ons or add-on features. + +If you are more interested in stable releases of our add-ons: + + + +{% endif %} +[discord-shield]: https://img.shields.io/discord/478094546522079232.svg +[discord]: https://discord.me/hassioaddons +[forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg +[forum]: https://community.home-assistant.io/t/home-assistant-community-add-on-portainer/68836?u=frenck +[github-sponsors-shield]: https://frenck.dev/wp-content/uploads/2019/12/github_sponsor.png +[github-sponsors]: https://github.com/sponsors/frenck +[maintenance-shield]: https://img.shields.io/maintenance/yes/2021.svg +[patreon-shield]: https://frenck.dev/wp-content/uploads/2019/12/patreon.png +[patreon]: https://www.patreon.com/frenck +[project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg +[release-shield]: https://img.shields.io/badge/version-{{ version }}-blue.svg +[release]: {{ repo }}/tree/{{ version }} +[screenshot]: https://github.com/hassio-addons/addon-portainer/raw/main/images/screenshot.png diff --git a/portainer/DOCS.md b/portainer/DOCS.md new file mode 100644 index 000000000..1c97e2ab0 --- /dev/null +++ b/portainer/DOCS.md @@ -0,0 +1,145 @@ +# Home Assistant Community Add-on: Portainer + +Portainer is an open-source lightweight management UI which allows you to +easily manage a Docker host(s) or Docker swarm clusters. + +It has never been so easy to manage Docker. Portainer provides a detailed +overview of Docker and allows you to manage containers, images, networks and +volumes. + +## WARNING + +The Portainer add-on is really powerful and gives you access to virtually +your whole system. While this add-on is created and maintained with care and +with security in mind, in the wrong or inexperienced hands, +it could damage your system. + +## Installation + +To install this add-on, you'll first need to go to your profile and turn on +"Advanced Mode", once that is done go back to Home Assistant add-ons and search +for "Portainer" and install it as you would any other add-on. + +To be able to use this add-on, you'll need to disable protection mode on this +add-on. Without it, the add-on is unable to access Docker. + +1. Search for the "Portainer" add-on in the Supervisor add-on store and + install it. +1. Set the "Protection mode" switch to off. +1. Start the "Portainer" add-on. +1. Check the logs of the "Portainer" add-on to see if everything went well. + +## Configuration + +**Note**: _Remember to restart the add-on when the configuration is changed._ + +Example add-on configuration: + +```yaml +log_level: info +agent_secret: password +``` + +**Note**: _This is just an example, don't copy and paste it! Create your own!_ + +### Option: `log_level` + +The `log_level` option controls the level of log output by the addon and can +be changed to be more or less verbose, which might be useful when you are +dealing with an unknown issue. Possible values are: + +- `trace`: Show every detail, like all called internal functions. +- `debug`: Shows detailed debug information. +- `info`: Normal (usually) interesting events. +- `warning`: Exceptional occurrences that are not errors. +- `error`: Runtime errors that do not require immediate action. +- `fatal`: Something went terribly wrong. Add-on becomes unusable. + +Please note that each level automatically includes log messages from a +more severe level, e.g., `debug` also shows `info` messages. By default, +the `log_level` is set to `info`, which is the recommended setting unless +you are troubleshooting. + +### Option: `agent_secret` + +An option to set a shared agent secret. Must also be set in the remote agent +as an Environment variable. + +## Known issues and limitations + +By default all Home Assistant managed containers are hidden from Portainer. +This is recommended since fooling around with Home Assistant managed containers +can easily lead to a broken system. + +Access to these containers can be gained by going into Portainer -> +Settings -> Hidden containers. Then delete the listed hidden labels +(io.hass.type labels). **Only do this if you know what you're doing!** + +## Changelog & Releases + +This repository keeps a change log using [GitHub's releases][releases] +functionality. + +Releases are based on [Semantic Versioning][semver], and use the format +of `MAJOR.MINOR.PATCH`. In a nutshell, the version will be incremented +based on the following: + +- `MAJOR`: Incompatible or major changes. +- `MINOR`: Backwards-compatible new features and enhancements. +- `PATCH`: Backwards-compatible bugfixes and package updates. + +## Support + +Got questions? + +You have several options to get them answered: + +- The [Home Assistant Community Add-ons Discord chat server][discord] for add-on + support and feature requests. +- The [Home Assistant Discord chat server][discord-ha] for general Home + Assistant discussions and questions. +- The Home Assistant [Community Forum][forum]. +- Join the [Reddit subreddit][reddit] in [/r/homeassistant][reddit] + +You could also [open an issue here][issue] GitHub. + +## Authors & contributors + +The original setup of this repository is by [Franck Nijhof][frenck]. + +For a full list of all authors and contributors, +check [the contributor's page][contributors]. + +## License + +MIT License + +Copyright (c) 2018-2021 Franck Nijhof + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +[contributors]: https://github.com/hassio-addons/addon-portainer/graphs/contributors +[discord-ha]: https://discord.gg/c5DvZ4e +[discord]: https://discord.me/hassioaddons +[forum]: https://community.home-assistant.io/t/home-assistant-community-add-on-portainer/68836?u=frenck +[frenck]: https://github.com/frenck +[issue]: https://github.com/hassio-addons/addon-portainer/issues +[reddit]: https://reddit.com/r/homeassistant +[releases]: https://github.com/hassio-addons/addon-portainer/releases +[semver]: http://semver.org/spec/v2.0.0.htm diff --git a/portainer/Dockerfile b/portainer/Dockerfile new file mode 100644 index 000000000..e7781bb8c --- /dev/null +++ b/portainer/Dockerfile @@ -0,0 +1,51 @@ +ARG BUILD_FROM=ghcr.io/hassio-addons/base/amd64:9.2.0 +# hadolint ignore=DL3006 +FROM ${BUILD_FROM} +ARG BUILD_UPSTREAM="2.1.1" + +# Set shell +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Setup base +ARG BUILD_ARCH=amd64 +RUN \ + if [ "${BUILD_ARCH}" = "aarch64" ]; then ARCH="arm64"; fi \ + && if [ "${BUILD_ARCH}" = "armhf" ]; then ARCH="arm"; fi \ + && if [ "${BUILD_ARCH}" = "armv7" ]; then ARCH="arm"; fi \ + && if [ "${BUILD_ARCH}" = "amd64" ]; then ARCH="amd64"; fi \ + \ + && curl -L -s \ + "https://github.com/portainer/portainer/releases/download/${BUILD_UPSTREAM}/portainer-${BUILD_UPSTREAM}-linux-${ARCH}.tar.gz" \ + | tar zxvf - -C /opt/ + +# Copy root filesystem +COPY rootfs / + +# Build arguments +ARG BUILD_ARCH +ARG BUILD_DATE +ARG BUILD_DESCRIPTION +ARG BUILD_NAME +ARG BUILD_REF +ARG BUILD_REPOSITORY +ARG BUILD_VERSION + +# Labels +LABEL \ + io.hass.name="${BUILD_NAME}" \ + io.hass.description="${BUILD_DESCRIPTION}" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version=${BUILD_VERSION} \ + maintainer="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.title="${BUILD_NAME}" \ + org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ + org.opencontainers.image.vendor="Home Assistant Add-ons" \ + org.opencontainers.image.authors="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.url="https://github.com/alexbelgium" \ + org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ + org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ + org.opencontainers.image.created=${BUILD_DATE} \ + org.opencontainers.image.revision=${BUILD_REF} \ + org.opencontainers.image.version=${BUILD_VERSION} \ No newline at end of file diff --git a/portainer/build.json b/portainer/build.json new file mode 100644 index 000000000..005fac65a --- /dev/null +++ b/portainer/build.json @@ -0,0 +1,8 @@ +{ + "build_from": { + "aarch64": "ghcr.io/hassio-addons/base/aarch64:9.2.0", + "amd64": "ghcr.io/hassio-addons/base/amd64:9.2.0", + "armhf": "ghcr.io/hassio-addons/base/armhf:9.2.0", + "armv7": "ghcr.io/hassio-addons/base/armv7:9.2.0" + } +} diff --git a/portainer/config.json b/portainer/config.json new file mode 100644 index 000000000..965d5a5ae --- /dev/null +++ b/portainer/config.json @@ -0,0 +1,39 @@ +{ + "name": "Portainer", + "version": "2.1.1", + "upstream": "2.1.1", + "slug": "portainer", + "description": "Manage your Docker environment with ease", + "url": "https://github.com/hassio-addons/addon-portainer", + "advanced": true, + "ingress": false, + "ingress_port": 1337, + "startup": "services", + "panel_icon": "mdi:docker", + "homeassistant": "0.92.0b2", + "arch": ["aarch64", "amd64", "armhf", "armv7"], + "init": false, + "map": ["ssl"], + "ports": { + "9000/tcp": 9000 + }, + "ports_description": { + "9000/tcp": "Web UI port", + "8000/tcp": "Edge Agent Api (Enable when managing remote edge agents)" + }, + "webui": "[PROTO:ssl]://[HOST]:[PORT:9000]", + "hassio_api": true, + "docker_api": true, + "options": { + "ssl": false, + "certfile": "fullchain.pem", + "keyfile": "privkey.pem", + "password": "default" + }, + "schema": { + "ssl": "bool", + "certfile": "str", + "keyfile": "str", + "password": "str" + } +} diff --git a/portainer/icon.png b/portainer/icon.png new file mode 100644 index 000000000..59c825257 Binary files /dev/null and b/portainer/icon.png differ diff --git a/portainer/logo.png b/portainer/logo.png new file mode 100644 index 000000000..59c825257 Binary files /dev/null and b/portainer/logo.png differ diff --git a/portainer/rootfs/etc/cont-init.d/90-configuration.sh b/portainer/rootfs/etc/cont-init.d/90-configuration.sh new file mode 100644 index 000000000..6cb70b78c --- /dev/null +++ b/portainer/rootfs/etc/cont-init.d/90-configuration.sh @@ -0,0 +1,64 @@ +#!/usr/bin/env bashio + +################## +# DEFINE OPTIONS # +################## +declare -a options +options+=(--data /data) +options+=(--bind 0.0.0.0:9000) +options+=(--templates /opt/portainer/templates.json) +options+=(--host unix:///var/run/docker.sock) + +bashio::log.info "Starting Portainer..." + +################ +# SET PASSWORD # +################ + +PASSWORD=$(bashio::config 'password') +echo -n $PASSWORD > /tmp/portainer_password +options+=(--admin-password-file /tmp/portainer_password) +bashio::log.info "... password set to $PASSWORD" + +############## +# SSL CONFIG # +############## + +bashio::config.require.ssl +if bashio::config.true 'ssl'; then + bashio::log.info "ssl enabled. If webui don't work, disable ssl or check your certificate paths" + #set variables + CERTFILE="/ssl/$(bashio::config 'certfile')" + KEYFILE="/ssl/$(bashio::config 'keyfile')" + options+=(--ssl true) + options+=(--sslcert /ssl/$CERTFILE) + options+=(--sslkey /ssl/$KEYFILE) + bashio::log.info "... ssl activated" +fi + +################### +# HIDE CONTAINERS # +################### + +# Hide Hassio containers by default, but only eforce on first run +if ! bashio::fs.file_exists "/data/hidden"; then + options+=(--hide-label io.hass.type=supervisor) + options+=(--hide-label io.hass.type=homeassistant) + options+=(--hide-label io.hass.type=base) + options+=(--hide-label io.hass.type=core) + # options+=(--hide-label io.hass.type=addon) + options+=(--hide-label io.hass.type=audio) + options+=(--hide-label io.hass.type=cli) + options+=(--hide-label io.hass.type=dns) + options+=(--hide-label io.hass.type=multicast) + options+=(--hide-label io.hass.type=observer) + bashio::log.info "... non-addon containers hidden" + touch /data/hidden +fi + +#################### +# LAUNCH PORTAINER # +#################### +bashio::log.info "... portainer launched" + +exec /opt/portainer/portainer "${options[@]}" diff --git a/portainer/rootfs/etc/cont-init.d/portainer.sh b/portainer/rootfs/etc/cont-init.d/portainer.sh new file mode 100644 index 000000000..02be57761 --- /dev/null +++ b/portainer/rootfs/etc/cont-init.d/portainer.sh @@ -0,0 +1,6 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Home Assistant Community Add-on: Portainer +# Runs some initializations for Portainer +# ============================================================================== +bashio::require.unprotected diff --git a/portainer/rootfs/etc/services.d/portainer/finish b/portainer/rootfs/etc/services.d/portainer/finish new file mode 100644 index 000000000..1d3dca7f6 --- /dev/null +++ b/portainer/rootfs/etc/services.d/portainer/finish @@ -0,0 +1,9 @@ +#!/usr/bin/execlineb -S0 +# ============================================================================== +# Home Assistant Community Add-on: Portainer +# Take down the S6 supervision tree when Portainer fails +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services diff --git a/portainer/rootfs/etc/services.d/portainer/run b/portainer/rootfs/etc/services.d/portainer/run new file mode 100644 index 000000000..19015b575 --- /dev/null +++ b/portainer/rootfs/etc/services.d/portainer/run @@ -0,0 +1,64 @@ +#!/usr/bin/env bashio + +################## +# DEFINE OPTIONS # +################## +declare -a options +options+=(--data /data) +options+=(--bind 0.0.0.0:9000) +options+=(--templates /opt/portainer/templates.json) +options+=(--host unix:///var/run/docker.sock) + +bashio::log.info "Starting Portainer..." + +################ +# SET PASSWORD # +################ + +PASSWORD=$(bashio::config 'password') +echo -n $PASSWORD > /tmp/portainer_password +options+=(--admin-password-file /tmp/portainer_password) +bashio::log.info "... password set to $PASSWORD" + +############## +# SSL CONFIG # +############## + +bashio::config.require.ssl +if bashio::config.true 'ssl'; then + bashio::log.info "ssl enabled. If webui don't work, disable ssl or check your certificate paths" + #set variables + CERTFILE="/ssl/$(bashio::config 'certfile')" + KEYFILE="/ssl/$(bashio::config 'keyfile')" + options+=(--ssl true) + options+=(--sslcert /ssl/$CERTFILE) + options+=(--sslkey /ssl/$KEYFILE) + bashio::log.info "... ssl activated" +fi + +################### +# HIDE CONTAINERS # +################### + +# Hide Hassio containers by default, but only eforce on first run +if ! bashio::fs.file_exists "/data/hidden"; then + options+=(--hide-label io.hass.type=supervisor) + options+=(--hide-label io.hass.type=homeassistant) + options+=(--hide-label io.hass.type=base) + options+=(--hide-label io.hass.type=core) + # options+=(--hide-label io.hass.type=addon) + options+=(--hide-label io.hass.type=audio) + options+=(--hide-label io.hass.type=cli) + options+=(--hide-label io.hass.type=dns) + options+=(--hide-label io.hass.type=multicast) + options+=(--hide-label io.hass.type=observer) + bashio::log.info "... non-addon containers hidden" + touch /data/hidden +fi + +#################### +# LAUNCH PORTAINER # +#################### +bashio::log.info "... portainer launched" + +exec /opt/portainer/portainer "${options[@]}" \ No newline at end of file