sv/ha-addons
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add first costumer apparmor definition

Browse Source
This commit is contained in:
Stefan Allius
2025-03-16 13:39:43 +01:00
parent e8482d5dd8
commit 2ad6919644
3 changed files with 55 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ha_addon_dev/CHANGELOG.md
View File

@@ -8,10 +8,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [unreleased] ## [unreleased]
- add initial support for TSUN MS-3000 - add initial support for TSUN MS-3000
- add initial apparmor support [#293](https://github.com/s-allius/tsun-gen3-proxy/issues/293)
- add Modbus polling mode for DCU1000 [#292](https://github.com/s-allius/tsun-gen3-proxy/issues/292) - add Modbus polling mode for DCU1000 [#292](https://github.com/s-allius/tsun-gen3-proxy/issues/292)
- add Modbus scanning mode - add Modbus scanning mode
- allow `R47`serial numbers for GEN3 inverters - allow `R47`serial numbers for GEN3 inverters
- add watchdog for Add-ons - add watchdog for Add-ons
- add first costumer apparmor definition
- Respect logging.ini file, if LOG_ENV isn't set well [#288](https://github.com/s-allius/tsun-gen3-proxy/issues/288) - Respect logging.ini file, if LOG_ENV isn't set well [#288](https://github.com/s-allius/tsun-gen3-proxy/issues/288)
- Remove trailing apostrophe in the log output [#288](https://github.com/s-allius/tsun-gen3-proxy/issues/288) - Remove trailing apostrophe in the log output [#288](https://github.com/s-allius/tsun-gen3-proxy/issues/288)
- update AddOn base docker image to version 17.2.1 - update AddOn base docker image to version 17.2.1

52
ha_addon_dev/apparmor.txt Normal file
View File

@@ -0,0 +1,52 @@
#include <tunables/global>
profile tsun-proxy-dev flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
# Capabilities
file,
signal (send) set=(kill,term,int,hup,cont),
# S6-Overlay
/init ix,
/bin/** ix,
/usr/bin/** ix,
/run/{s6,s6-rc*,service}/** ix,
/package/** ix,
/command/** ix,
/etc/services.d/** rwix,
/etc/cont-init.d/** rwix,
/etc/cont-finish.d/** rwix,
/run/{,**} rwk,
/dev/tty rw,
# Bashio
/usr/lib/bashio/** ix,
/tmp/** rwk,
# Access to options.json and other files within your addon
/data/** rw,
# Start new profile for service
/usr/bin/myprogram cx -> myprogram,
profile myprogram flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
# Receive signals from S6-Overlay
signal (receive) peer=*_tsun-proxy-dev,
# Access to options.json and other files within your addon
/data/** rw,
# Access to mapped volumes specified in config.json
/share/** rw,
# Access required for service functionality
/usr/bin/myprogram r,
/bin/bash rix,
/bin/echo ix,
/etc/passwd r,
/dev/tty rw,
}
}

2
ha_addon_dev/config.yaml
View File

@@ -1,6 +1,6 @@
name: TSUN-Proxy (Dev) name: TSUN-Proxy (Dev)
description: MQTT Proxy for TSUN Photovoltaic Inverters description: MQTT Proxy for TSUN Photovoltaic Inverters
version: 0.13.0-dev-2503161200 version: 0.13.0-dev-2503161333
image: docker.io/sallius/tsun-gen3-addon image: docker.io/sallius/tsun-gen3-addon
url: https://github.com/s-allius/tsun-gen3-proxy url: https://github.com/s-allius/tsun-gen3-proxy
slug: tsun-proxy-dev slug: tsun-proxy-dev