Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a new PlatformIO service to the docker file as well as the necessary steps The actual PlatformIO image will be in a separate repository. Eventually, I'd like to move all of the images to their own repo so that docker hub can automatically create and deploy new images. Docker swarm does not yet support device mounting. To work around this, I had the PlatformIO service actually be a docker container that creates a standalone container (not on swarm) that has /dev/ttyUSB0 mounted as a device. It's pretty hacky and absolutely a security risk... But it works... Mostly. The container won't actually start unless an ESP8266 is plugged in. The swarmkit issue includes a discussion on how to implement device mounting: moby/swarmkit#1244 This also contains a few modifications needed to make standalone containers attachable to swarm networks. The PlatformIO container will accept MQTT messages on platformio/build/[BOARD=nodemcuv2] that contains the JSON config for the ESP8266. The config will replace $mqtt_username and $mqtt_password with RabbitMQ creds generated in Vault. BOARD will be passed in the PlatformIO --environment flag to target a specific environment in the PlatformIO build file. Currently, only nodemcuv2 is supported. * #2 Secure Node-RED MQTT communications. * #2 Secure MQTT communication with Home Assistant. * Add vault config to git repo. * Began transition to username/password MQTT authentication. * Begin refactoring the installer. * Refactor install.sh to be more clear and maintainable. * Add persistance to Rabbit MQ. * Add extract_from_json function. * Refactor MQTT install and add additional steps as necessary. * Refactor vault install and add additional steps/params as necessary. * Add persistance and MQTT auth to Home Assistant install steps. * Set vault CMD to server (The actual command) rather than vault. * Restore NR to info log level and remove .backup files. * Restore NR to info log level and remove .backup files. * Added notes and updated node red. * Enable Node-RED to use files as credentials. * Additional Node-RED settings. * Add Platform IO container and some installer refactoring. * #2 Secure Node-RED MQTT communications. * #2 Secure MQTT communication with Home Assistant. * Begin refactoring the installer. * Refactor install.sh to be more clear and maintainable. * Add persistance to Rabbit MQ. * Refactor vault install and add additional steps/params as necessary. * Add persistance and MQTT auth to Home Assistant install steps. * Restore NR to info log level and remove .backup files. * Add Platform IO container and some installer refactoring.
- Loading branch information
1 parent
9fce579
commit 9a665d2
Showing
12 changed files
with
104 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,3 @@ | ||
FROM vault | ||
COPY docker-entrypoint.sh usr/local/bin/docker-entrypoint.sh | ||
CMD ["server"] | ||
CMD ["server"] |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"/": { | ||
"configure": ".*", | ||
"write": ".*", | ||
"read": ".*" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
path "*" { | ||
capabilities = ["create", "read", "update", "delete", "list", "sudo"] | ||
} | ||
|
||
path "rabbitmq/creds/platformio" { | ||
capabilities = ["read"] | ||
} | ||
|
||
path "sys/policy/*" { | ||
capabilities = ["create", "read", "update", "delete", "list", "sudo"] | ||
} |