🔨 Rewrite to use bashio

mqtt/rootfs/etc/cont-init.d/10-requirements.sh

@@ -1,43 +1,115 @@
-#!/usr/bin/with-contenv bash
+#!/usr/bin/with-contenv bashio
 # ==============================================================================
 # Community Hass.io Add-ons: MQTT Server & Web client
 # This files check if all user configuration requirements are met
 # ==============================================================================
-# shellcheck disable=SC1091
-source /usr/lib/hassio-addons/base.sh
-
-# Checks for broker
-if hass.config.true 'broker.enabled' \
-    && hass.config.false 'broker.allow_anonymous' \
-    && ! ( \
-        hass.config.exists 'leave_front_door_open' \
-        && hass.config.true 'leave_front_door_open' \
-    ); then
-    if ! hass.config.has_value 'mqttusers[0].username'; then
-        hass.die 'Missing username for MQTT User'
-    fi
-    if ! hass.config.has_value 'mqttusers[0].password'; then
-        hass.die 'Missing password for MQTT User'
-    fi
+
+# Ensure not both web & mqtt are disabled
+if  bashio::config.false 'web.enable' && bashio::config.false 'broker.enable'; then
+    bashio::exit.nok 'Both Web & MQTT are disabled. Aborting.'
 fi
 
-# Check SSL requirements, if enabled
-if hass.config.true 'broker.enable_ws_ssl' \
-    || hass.config.true 'broker.enable_mqtt_ssl' \
-    || (hass.config.true 'web.enabled' && hass.config.true 'web.ssl'); then
-    if ! hass.config.has_value 'certfile'; then
-        hass.die 'SSL is enabled, but no certfile was specified'
+# Notify user if web is disabled
+if bashio::config.false 'web.enable'; then
+    bashio::log.notice 'The Web client has been disabled!'
+fi
+
+# Notify user if mqtt is disabled
+if bashio::config.false 'broker.enable'; then
+    bashio::log.notice 'The MQTT Broker has been disabled!'
+fi
+
+# Checks for the web client
+if bashio::config.true 'web.enable'; then
+
+    if ! bashio::config.true 'leave_front_door_open'; then
+        bashio::config.require.username 'web.username';
+        bashio::config.require.password 'web.password';
     fi
 
-    if ! hass.config.has_value 'keyfile'; then
-        hass.die 'SSL is enabled, but no keyfile was specified'
+    # We need a username to go with the password
+    if bashio::config.is_empty 'web.username' \
+        && bashio::config.has_value 'web.password';
+    then
+        bashio::log.fatal
+        bashio::log.fatal 'You have set a Web client password using the'
+        bashio::log.fatal '"web.password" option, but the "web.username" option'
+        bashio::log.fatal 'is left empty. Login without a username but with a'
+        bashio::log.fatal 'password is not possible.'
+        bashio::log.fatal
+        bashio::log.fatal 'Please set a username in the "web.username" option.'
+        bashio::log.fatal
+        bashio::exit.nok
     fi
 
-    if ! hass.file_exists "/ssl/$(hass.config.get 'certfile')"; then
-        hass.die 'The configured certfile is not found'
+    # We need a password to go with the username
+    if bashio::config.has_value 'web.username' \
+        && bashio::config.is_empty 'web.password';
+    then
+        bashio::log.fatal
+        bashio::log.fatal 'You have set a Web client username using the'
+        bashio::log.fatal '"web.username" option, but the "web.password" option'
+        bashio::log.fatal 'is left empty. Login without a password but with a'
+        bashio::log.fatal 'username is not possible.'
+        bashio::log.fatal
+        bashio::log.fatal 'Please set a password in the "web.password" option.'
+        bashio::log.fatal
+        bashio::exit.nok
     fi
 
-    if ! hass.file_exists "/ssl/$(hass.config.get 'keyfile')"; then
-        hass.die 'The configured keyfile is not found'
+    # Require a secure password
+    if bashio::config.has_value 'web.password' \
+        && ! bashio::config.true 'i_like_to_be_pwned'; then
+        bashio::config.require.safe_password 'web.password'
     fi
+
+    bashio::config.require.ssl 'web.ssl' 'certfile' 'keyfile'
 fi
+
+# Checks for the mqtt broker
+if bashio::config.true 'broker.enable'; then
+
+    if ! bashio::config.true 'leave_front_door_open'; then
+        bashio::config.require.username 'broker.username';
+        bashio::config.require.password 'broker.password';
+    fi
+
+    # We need a username to go with the password
+    if bashio::config.is_empty 'mqttusers[0].username' \
+        && bashio::config.has_value 'broker.password';
+    then
+        bashio::log.fatal
+        bashio::log.fatal 'You have set a password using the'
+        bashio::log.fatal '"mqttusers" option, but the username for it'
+        bashio::log.fatal 'is left empty. Login without a username but with a'
+        bashio::log.fatal 'password is not possible.'
+        bashio::log.fatal
+        bashio::log.fatal 'Please set a username in the "mqttusers" option.'
+        bashio::log.fatal
+        bashio::exit.nok
+    fi
+
+    # We need a password to go with the username
+    if bashio::config.has_value 'broker.username' \
+        && bashio::config.is_empty 'broker.password';
+    then
+        bashio::log.fatal
+        bashio::log.fatal 'You have set a password using the'
+        bashio::log.fatal '"mqttusers" option, but the password for it'
+        bashio::log.fatal 'is left empty. Login without a password but with a'
+        bashio::log.fatal 'username is not possible.'
+        bashio::log.fatal
+        bashio::log.fatal 'Please set a password in the "mqttusers" option.'
+        bashio::log.fatal
+        bashio::exit.nok
+    fi
+
+    # Require a secure password
+    if bashio::config.has_value 'mqttusers[0].password' \
+        && ! bashio::config.true 'i_like_to_be_pwned'; then
+        bashio::config.require.safe_password 'mqttusers[0].password'
+    fi
+
+    bashio::config.require.ssl 'broker.enable_ws_ssl' 'certfile' 'keyfile'
+    bashio::config.require.ssl 'broker.enable_ssl' 'certfile' 'keyfile'
+fi

mqtt/rootfs/etc/cont-init.d/20-mqtt_broker.sh

@@ -1,13 +1,11 @@
-#!/usr/bin/with-contenv bash
+#!/usr/bin/with-contenv bashio
 # ==============================================================================
 # Community Hass.io Add-ons: MQTT Server & Web client
 # Configures Hivemq for use with MQTT Server & Web client
 # ==============================================================================
-# shellcheck disable=SC1091
-source /usr/lib/hassio-addons/base.sh
 
 # Only run this if the broker part of the add-on are enabled.
-if hass.config.true 'broker.enabled'; then
+if bashio::config.true 'broker.enabled'; then
 
   # Set config file
   readonly CONFIG='/opt/mosquitto.conf'
@@ -16,60 +14,64 @@ if hass.config.true 'broker.enabled'; then
   readonly ACL_FILE='/opt/acl'
   readonly PERSISTENCE_LOCATION='/data/mosquitto/'
 
-  if ! hass.directory_exists "$PERSISTENCE_LOCATION"; then
+  if ! bashio::fs.directory_exists "$PERSISTENCE_LOCATION"; then
     mkdir -p "$PERSISTENCE_LOCATION"    
   fi
   chown mosquitto:mosquitto -R "$PERSISTENCE_LOCATION" 
 
   # Remove config file if it exist
-  if hass.file_exists "$CONFIG"; then
+  if bashio::fs.file_exists "$CONFIG"; then
       rm "$CONFIG"    
   fi
 
-  if hass.config.true 'broker.enabled'; then
-    hass.log.info 'Adding configuration for MQTT Server...'
+  if bashio::config.true 'broker.enabled'; then
+    bashio::log.info 'Adding configuration for MQTT Server...'
     # Create config file
     touch "$CONFIG"
 
     # Set default config
     { echo "log_dest stdout"; \
+      echo "log_type websockets"; \
+      echo "websockets_log_level 255"; \
       echo "persistence true"; \
       echo "persistence_location $PERSISTENCE_LOCATION"; } >> "$CONFIG"
 
     # Set websocket configurtation
-    if hass.config.true 'broker.enable_ws'; then
-      hass.log.info 'Setting configuration for websockets...'
+    if bashio::config.true 'broker.enable_ws'; then
+      bashio::log.info 'Setting configuration for websockets...'
       echo "listener 1884" >> "$CONFIG"
       echo "protocol websockets" >> "$CONFIG"
+      echo "socket_domain ipv4" >> "$CONFIG"
     fi
 
     # Set websocket SSL configurtation
-    if hass.config.true 'broker.enable_ws_ssl'; then
+    if bashio::config.true 'broker.enable_ws_ssl'; then
       { echo "listener 4884"; \
         echo "protocol websockets"; \
-        echo "cafile /ssl/$(hass.config.get 'certfile')"; \
-        echo "certfile /ssl/$(hass.config.get 'certfile')"; \
-        echo "keyfile /ssl/$(hass.config.get 'keyfile')"; } >> "$CONFIG"
+        echo "socket_domain ipv4"; \
+        echo "cafile /ssl/$(bashio::config 'certfile')"; \
+        echo "certfile /ssl/$(bashio::config 'certfile')"; \
+        echo "keyfile /ssl/$(bashio::config 'keyfile')"; } >> "$CONFIG"
     fi
 
     # Set MQTT configurtation
-    if hass.config.true 'broker.enable_mqtt'; then
-      hass.log.info 'Setting configuration for mqtt...'
+    if bashio::config.true 'broker.enable_mqtt'; then
+      bashio::log.info 'Setting configuration for mqtt...'
       echo "listener 1883" >> "$CONFIG"
       echo "protocol mqtt" >> "$CONFIG"
     fi
 
     # Set MQTT SSL configurtation
-    if hass.config.true 'broker.enable_mqtt_ssl'; then
+    if bashio::config.true 'broker.enable_mqtt_ssl'; then
       { echo "listener 4883"; \
         echo "protocol mqtt"; \
-        echo "cafile /ssl/$(hass.config.get 'certfile')"; \
-        echo "certfile /ssl/$(hass.config.get 'certfile')"; \
-        echo "keyfile /ssl/$(hass.config.get 'keyfile')"; } >> "$CONFIG"
+        echo "cafile /ssl/$(bashio::config 'certfile')"; \
+        echo "certfile /ssl/$(bashio::config 'certfile')"; \
+        echo "keyfile /ssl/$(bashio::config 'keyfile')"; } >> "$CONFIG"
     fi
 
     # Allow anonymous auth?
-    if hass.config.true 'broker.allow_anonymous'; then
+    if bashio::config.true 'broker.allow_anonymous'; then
       echo "allow_anonymous true" >> "$CONFIG"
     else
       echo "allow_anonymous false" >> "$CONFIG"
@@ -79,18 +81,18 @@ if hass.config.true 'broker.enabled'; then
     touch "$ACL_FILE"
 
     # Set username and password for the broker
-    if ! hass.config.true 'leave_front_door_open'; then
+    if ! bashio::config.true 'leave_front_door_open'; then
       touch "$PWFILE"
       echo "acl_file $ACL_FILE" >> "$CONFIG"
       echo "password_file $PWFILE" >> "$CONFIG"
-      for key in $(hass.config.get 'mqttusers | keys[]'); do
-        username=$(hass.config.get "mqttusers[${key}].username")
-        password=$(hass.config.get "mqttusers[${key}].password")
+      for key in $(bashio::config 'mqttusers | keys[]'); do
+        username=$(bashio::config "mqttusers[${key}].username")
+        password=$(bashio::config "mqttusers[${key}].password")
         mosquitto_passwd -b "$PWFILE" "$username" "$password"
         echo "user $username" >> "$ACL_FILE"
-        for entry in $(hass.config.get "mqttusers[${key}].topics"); do
+        for entry in $(bashio::config "mqttusers[${key}].topics"); do
           topic="$entry"
-          if hass.config.true "mqttusers[${key}].readonly"; then
+          if bashio::config.true "mqttusers[${key}].readonly"; then
             echo "topic read $topic" >> "$ACL_FILE"
           else
             echo "topic readwrite $topic" >> "$ACL_FILE"
@@ -99,14 +101,14 @@ if hass.config.true 'broker.enabled'; then
       done
     else
       # Remove pefile if it should not be used
-      if hass.file_exists "$PWFILE"; then
+      if bashio::fs.file_exists "$PWFILE"; then
           rm "$PWFILE"
       fi
     fi
   fi
   # Add custom mosquitto.config to config if one exist
-  if hass.file_exists "$CUSTOM_CONFIG"; then
-    hass.log.info "Adding custom entries to configuration."
+  if bashio::fs.file_exists "$CUSTOM_CONFIG"; then
+    bashio::log.info "Adding custom entries to configuration."
     # shellcheck disable=SC2002
     cat "$CUSTOM_CONFIG" | tee -a "$CONFIG" > /dev/null
   fi

mqtt/rootfs/etc/cont-init.d/21-mqtt_web.sh

@@ -1,18 +1,16 @@
-#!/usr/bin/with-contenv bash
+#!/usr/bin/with-contenv bashio
 # ==============================================================================
 # Community Hass.io Add-ons: MQTT Server & Web client
 # Configures Hivemq for use with MQTT Server & Web client
 # ==============================================================================
-# shellcheck disable=SC1091
-source /usr/lib/hassio-addons/base.sh
 
 # Only run this if the web part of the add-on are enabled.
-if hass.config.true 'web.enabled'; then
+if bashio::config.true 'web.enabled'; then
 
     readonly CONFIG='/app/config.js'
 
     # Remove config file if it exist
-    if hass.file_exists "$CONFIG"; then
+    if bashio::fs.file_exists "$CONFIG"; then
         rm "$CONFIG"    
     fi
 
@@ -21,7 +19,7 @@ if hass.config.true 'web.enabled'; then
     echo "websocketserver = '""';" >> "$CONFIG" 
 
     # Set default WS port and enable SSL for broker connection
-    if hass.config.true 'broker.enable_ws_ssl'; then
+    if bashio::config.true 'broker.enable_ws_ssl'; then
         sed -i 's/%%SSL_VALUE%%/checked="checked"/' /app/index.html
         echo 'websocketport = 4884;' >> "$CONFIG" 
     else

mqtt/rootfs/etc/cont-init.d/40-nginx.sh

@@ -1,18 +1,16 @@
-#!/usr/bin/with-contenv bash
+#!/usr/bin/with-contenv bashio
 # ==============================================================================
 # Community Hass.io Add-ons: MQTT Server & Web client
 # Configures NGINX for use with MQTT Server & Web client
 # ==============================================================================
-# shellcheck disable=SC1091
-source /usr/lib/hassio-addons/base.sh
 
 declare certfile
 declare keyfile
 
 # Only run this if the web part of the add-on are enabled.
-if hass.config.true 'web.enabled'; then
+if bashio::config.true 'web.enabled'; then
     # Remove LUA auth if leave_front_door_open == True
-    if hass.config.true 'leave_front_door_open'; then
+    if bashio::config.true 'leave_front_door_open'; then
         sed -i "/access_by_lua_file/d" /etc/nginx/nginx.conf
         sed -i "/access_by_lua_file/d" /etc/nginx/nginx-ssl.conf
         sed -i "/load_module/d" /etc/nginx/nginx.conf
@@ -21,9 +19,9 @@ if hass.config.true 'web.enabled'; then
         sed -i "/lua_shared_dict/d" /etc/nginx/nginx-ssl.conf
     fi
     # Enable SSL
-    if hass.config.true 'web.ssl'; then
-        certfile=$(hass.config.get 'certfile')
-        keyfile=$(hass.config.get 'keyfile')
+    if bashio::config.true 'web.ssl'; then
+        certfile=$(bashio::config 'certfile')
+        keyfile=$(bashio::config 'keyfile')
         sed -i "s/%%certfile%%/${certfile}/g" /etc/nginx/nginx-ssl.conf
         sed -i "s/%%keyfile%%/${keyfile}/g" /etc/nginx/nginx-ssl.conf
     fi

mqtt/rootfs/etc/services.d/mosquitto/run

@@ -1,25 +1,23 @@
-#!/usr/bin/with-contenv bash
+#!/usr/bin/with-contenv bashio
 # ==============================================================================
 # Community Hass.io Add-ons: MQTT Server & Web client
 # Runs the MQTT Server
 # ==============================================================================
-# shellcheck disable=SC1091
-source /usr/lib/hassio-addons/base.sh
 
 declare -a options
 
-if hass.config.false 'broker.enabled'; then
+if bashio::config.false 'broker.enabled'; then
     while true; do
-      hass.log.debug 'MQTT Server are not enabled...'
+      bashio::log.debug 'MQTT Server are not enabled...'
       exec sleep 86400
     done
 fi
 
 options+=(-c /opt/mosquitto.conf)
 
-if hass.debug; then
+if bashio::debug; then
   options+=(-v)
 fi
 
-hass.log.info "Starting mosquitto MQTT Server..."
+bashio::log.info "Starting mosquitto MQTT Server..."
 exec mosquitto "${options[@]}"