Dustin C. Hatch
288b050a33
Installing Home Assistant in a Python virtualenv is rather tedious, especially on non-x86 machines. The main issue is Python packages that include native extensions, as many of these do not have binary wheels available for aarch64, etc. on PyPI. Thus, to install these, they have to be built from source, which then requires the appropriate development packages to be installed. Additionally, compiling native code on a Raspberry Pi is excruciatingly slow. I have considered various ways of mitigating this, but all would require a substantial time investment, both up front and ongoing, making them rather pointless. Eventually, I settled on just deploying the official Home Assistant container image with Podman. Although Podman includes a tool for generating systemd service unit files for running containers, I ended up creating my own for several reasons. First and foremost, the generated unit files configure the containers to run as *root*, but I wanted to run Home Assistant as an unprivileged user. Unfortunately, I could not seem to get the container to work when dropping privileges using the `User` directive of the unit. Fortunately, `podman` has `--uidmap` and `--gidmap` arguments, which I was able to use to map UID/GID 0 in the container to the *homeassistant* user on the host. Another drawback of the generated unit files is that they specify a "forking" type service, which is not really necessary. Podman/conmon supports the systemd notify protocol, but the generator has not been updated to make use of that yet. Recent versions of Home Assistant are more strict with respect to how reverse proxies are handled. In order to use one, it must be explicitly listed in the configuration file. Therefore, the *homeassistant* Ansible role will now create a stub `configuration.yaml`, based on the one generated by Home Assistant itslf when it starts for the first time on a new machine, that includes the appropriate configuration for a reverse proxy running on the same machine. The stub configuration will not overwrite an existing configuration file, so it is only useful when deploying Home Assistant for the first time on a new machine. Overall, although I think a 300+ MB container image is ridiculous, deploying Home Assistant this way should make it a lot easier to manage, especially when updating.
106 lines
2.2 KiB
YAML
106 lines
2.2 KiB
YAML
- name: load architecture-specific values
|
|
include_vars: '{{ item }}'
|
|
with_first_found:
|
|
- '{{ ansible_architecture }}.yml'
|
|
- defaults.yml
|
|
tags:
|
|
- always
|
|
|
|
- name: ensure podman is installed
|
|
package:
|
|
name: '{{ homeassistant_podman_packages }}'
|
|
state: present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure homeassistant user exists
|
|
user:
|
|
name: homeassistant
|
|
system: true
|
|
home: /var/lib/homeassistant
|
|
createhome: false
|
|
register: homeassistant_user
|
|
tags:
|
|
- user
|
|
|
|
- name: ensure homeassistant home directory exists
|
|
file:
|
|
path: /var/lib/homeassistant
|
|
owner: homeassistant
|
|
group: homeassistant
|
|
mode: '0755'
|
|
state: directory
|
|
tags:
|
|
- datadir
|
|
|
|
- name: ensure stub home assistant configuration is set
|
|
copy:
|
|
src: '{{ item }}'
|
|
dest: /var/lib/homeassistant/{{ item|basename }}
|
|
owner: homeassistant
|
|
group: homeassistant
|
|
mode: '0644'
|
|
force: false
|
|
with_fileglob:
|
|
- 'stubs/*.yaml'
|
|
tags:
|
|
- config
|
|
- name: ensure home assistant proxy settings are configured
|
|
copy:
|
|
src: http.yaml
|
|
dest: /var/lib/homeassistant/http.yaml
|
|
owner: homeassistant
|
|
group: homeassistant
|
|
mode: '0644'
|
|
notify:
|
|
- restart homeassistant
|
|
tags:
|
|
- config
|
|
|
|
- name: ensure homeassistant container image is available
|
|
podman_image:
|
|
name: ghcr.io/home-assistant/{{ homeassistant_image_name }}
|
|
tag: stable
|
|
state: present
|
|
notify:
|
|
- restart homeassistant
|
|
tags:
|
|
- container-image
|
|
- container
|
|
|
|
- name: ensure homeassistant systemd unit is installed
|
|
template:
|
|
src: homeassistant.service.j2
|
|
dest: /etc/systemd/system/homeassistant.service
|
|
mode: '0644'
|
|
notify:
|
|
- reload systemd
|
|
- restart homeassistant
|
|
tags:
|
|
- service
|
|
- systemd
|
|
- name: ensure homeassistant starts at boot
|
|
service:
|
|
name: homeassistant
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
|
|
- name: ensure apache is configured to proxy for homeassistant
|
|
template:
|
|
src: homeassistant.httpd.conf.j2
|
|
dest: /etc/httpd/conf.d/homeassistant.conf
|
|
mode: '0644'
|
|
notify:
|
|
- restart httpd
|
|
tags:
|
|
- apache
|
|
- name: ensure selinux allows apache to proxy
|
|
seboolean:
|
|
name: httpd_can_network_connect
|
|
state: true
|
|
persistent: true
|
|
tags:
|
|
- selinux
|
|
- apache
|