roles/homeassistant: Install in a virtualenv

Because the Home Assistant user's home directory is on `/var`, Python
packages installed in the "user site" do not get the correct SELinux
labels and thus run in the wrong domain.  This causes a lot of AVC
denials and other issues that prevent Home Assistant from working
correctly.

To resolve this issue, Home Assistant is now installed in a virtual
environment at `/usr/local/homeassistant`.  This directory is still
owned by the Home Assistant user, allowing Home Assistant to manage
packages installed there.  Since it is rooted under `/usr`, files are
labelled correctly and processes launched from executables there will
run in the correct domain.

roles/homeassistant/files/hass.sh

@@ -1,3 +1,3 @@
 #!/bin/sh
 
-exec /var/lib/homeassistant/.local/bin/hass
+exec /usr/local/homeassistant/bin/hass

roles/homeassistant/files/homeassistant.service

@@ -4,6 +4,7 @@ Description=Home Assistant
 
 [Service]
 Type=simple
+Environment=TMPDIR=/var/lib/homeassistant/tmp
 ExecStart=/usr/local/bin/hass
 User=homeassistant
 UMask=0077