From e3c66a550c249f4812417c999e221d73a0c14d2f Mon Sep 17 00:00:00 2001 From: Alexandre <44178713+alexbelgium@users.noreply.github.com> Date: Mon, 13 May 2024 13:04:07 +0200 Subject: [PATCH] Add ssl --- birdnet-pi/CHANGELOG.md | 2 ++ birdnet-pi/README.md | 7 +++++-- birdnet-pi/config.json | 15 +++++++++++---- birdnet-pi/rootfs/etc/cont-init.d/31-ssl.sh | 15 +++++++++++++++ 4 files changed, 33 insertions(+), 6 deletions(-) create mode 100644 birdnet-pi/rootfs/etc/cont-init.d/31-ssl.sh diff --git a/birdnet-pi/CHANGELOG.md b/birdnet-pi/CHANGELOG.md index 9da9d6098..805fcbe6d 100644 --- a/birdnet-pi/CHANGELOG.md +++ b/birdnet-pi/CHANGELOG.md @@ -1,3 +1,5 @@ +- Allow ssl using certificates generated by let's encrypt + ## 0.13-24 (12-05-2024) - Enable cron jobs diff --git a/birdnet-pi/README.md b/birdnet-pi/README.md index f4f9dbca7..7c731c889 100644 --- a/birdnet-pi/README.md +++ b/birdnet-pi/README.md @@ -48,10 +48,13 @@ Options can be configured through three ways : - Addon options ```yaml -TZ: Etc/UTC specify a timezone to use, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List BIRDSONGS_FOLDER: folder to store birdsongs file # It should be an ssd if you want to avoid clogging of analysis BIRDS_ONLINE_INFO: uses either allaboutbird (US birds in english) or ebird (universal and translated) to provide online information -pi_password: set the user password +TZ: Etc/UTC specify a timezone to use, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +ssl: true/false +certfile: fullchain.pem #ssl certificate, must be located in /ssl +keyfile: privkey.pem #sslkeyfile, must be located in /ssl +pi_password: set the user password to access the web terminal localdisks: sda1 #put the hardware name of your drive to mount separated by commas, or its label. ex. sda1, sdb1, MYNAS... networkdisks: "//SERVER/SHARE" # optional, list of smb servers to mount, separated by commas cifsusername: "username" # optional, smb username, same for all smb shares diff --git a/birdnet-pi/config.json b/birdnet-pi/config.json index 2fadd9ea2..7f16a4682 100644 --- a/birdnet-pi/config.json +++ b/birdnet-pi/config.json @@ -66,13 +66,17 @@ "map": [ "addon_config:rw", "media:rw", - "share:rw" + "share:rw", + "ssl:rw" ], "name": "BirdNET-pi", "options": { "BIRDSONGS_FOLDER": "/config/BirdSongs", "BIRDS_ONLINE_INFO": "ebird.org", - "TZ": "Europe/Paris" + "TZ": "Europe/Paris", + "certfile": "fullchain.pem", + "keyfile": "privkey.pem", + "ssl": false }, "panel_icon": "mdi:bird", "ports": { @@ -89,18 +93,21 @@ "BIRDSONGS_FOLDER": "str?", "BIRDS_ONLINE_INFO": "list(allaboutbirds.org|ebird.org)", "TZ": "str?", + "certfile": "str", "cifsdomain": "str?", "cifspassword": "str?", "cifsusername": "str?", + "keyfile": "str", "localdisks": "str?", "networkdisks": "str?", - "pi_password": "password" + "pi_password": "password", + "ssl": "bool" }, "slug": "birdnet-pi", "tmpfs": true, "udev": true, "url": "https://github.com/alexbelgium/hassio-addons/tree/master/birdnet-pi", "usb": true, - "version": "0.13-24", + "version": "0.13-25", "video": true } diff --git a/birdnet-pi/rootfs/etc/cont-init.d/31-ssl.sh b/birdnet-pi/rootfs/etc/cont-init.d/31-ssl.sh new file mode 100644 index 000000000..f2d5900e5 --- /dev/null +++ b/birdnet-pi/rootfs/etc/cont-init.d/31-ssl.sh @@ -0,0 +1,15 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +############### +# SSL SETTING # +############### + +if bashio::config.true 'ssl'; then + bashio::config.require.ssl + certfile=$(bashio::config 'certfile') + keyfile=$(bashio::config 'keyfile') + sed -i "/root/a tls /ssl/${certfile}/ssl/${keyfile}" /etc/caddy/Caddyfile + sed -i "s|http://|https://|g" /etc/caddy/Caddyfile +fi \ No newline at end of file