Add initial version of Angry IP Scanner (#71)

README.md

@@ -6,6 +6,10 @@ _Everything here is ment to be **experimental**. Happy to see feedback!_
 
 ## Home Assistant Addon repository containing
 
+### <img src="angry-ip-scanner/icon.png" width="40px"> Angry IP Scanner
+
+Wraps the well known [Angry IP Scanner](https://angryip.org/) to make it usable as Add-on.
+
 ### <img src="adsb-multi-portal-feeder/icon.png" width="40px"> ADB-S Multi Portal Feeder
 
 Observe flight traffic using some cheap ADB-S USB-Stick and feed towards FlightRadar24 and FlightAware.

angry-ip-scanner/CHANGELOG.md

@@ -0,0 +1,5 @@
+# Changelog
+
+## 0.1.0
+
+- Initial release

angry-ip-scanner/Dockerfile

@@ -0,0 +1,29 @@
+ARG BUILD_FROM=ghcr.io/home-assistant/amd64-base-debian:buster
+FROM $BUILD_FROM
+
+# Set shell
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+# Install Angry IP Scanner dependencies
+RUN \
+    set -x \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends \
+        iproute2 \
+        iputils-ping \
+        nginx \
+        novnc \
+        sqlite3 \
+        tigervnc-common \
+        tigervnc-standalone-server \
+        wget \
+        wmii \
+        xfonts-base \
+        xfonts-scalable \
+        openjdk-11-jre libswt-cairo-gtk-4-jni libswt-gtk-4-java\
+    && rm -rf /var/lib/apt/lists/*
+
+RUN wget https://github.com/angryip/ipscan/releases/download/3.8.2/ipscan_3.8.2_all.deb && \
+        dpkg -i ipscan_3.8.2_all.deb
+
+COPY rootfs /

angry-ip-scanner/README.md

@@ -0,0 +1,9 @@
+# Home Assistant Add-on: Angry IP Scanner
+
+<a href='https://ko-fi.com/supportkofi' target='_blank'><img height='35' style='border:0px;height:46px;' src='https://az743702.vo.msecnd.net/cdn/kofi3.png?v=0' border='0' alt='Buy Me a Coffee at ko-fi.com'></a>
+
+Wraps the well known [Angry IP Scanner](https://angryip.org/) to make it usable as Add-on.
+
+![screenshot](https://raw.githubusercontent.com/MaxWinterstein/homeassistant-addons/main/angryipscanner/screenshot.png)
+
+Most of this add-on code is shamelessly stolen from https://github.com/home-assistant/addons/tree/master/deconz. Thanks ✌️

angry-ip-scanner/build.yaml

@@ -0,0 +1,4 @@
+build_from:
+  aarch64: ghcr.io/home-assistant/aarch64-base-debian:buster
+  amd64: ghcr.io/home-assistant/amd64-base-debian:buster
+  armhf: ghcr.io/home-assistant/armhf-base-raspbian:buster

angry-ip-scanner/config.yaml

@@ -0,0 +1,20 @@
+version: 0.1.0
+slug: angryipscanner
+name: Angry IP Scanner
+description: Fast and friendly network scanner
+url: https://github.com/MaxWinterstein/homeassistant-addons/
+arch:
+  - amd64
+  - armhf
+  - aarch64
+ingress: true
+ingress_entry: novnc/vnc_lite.html?scale=yes
+init: false
+host_network: true
+panel_icon: mdi:ip
+ports:
+  5900/tcp: null
+ports_description:
+  5900/tcp: Angry IP Scanner via VNC (Not required for Ingress. Not secure!)
+map:
+  - share:rw

angry-ip-scanner/rootfs/etc/cont-init.d/nginx.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Configure NGINX for use with Angry IP Scanner
+# ==============================================================================
+ingress_entry=$(bashio::addon.ingress_entry)
+sed -i "s#%%ingress_entry%%#${ingress_entry}#g" /etc/nginx/nginx.conf

angry-ip-scanner/rootfs/etc/cont-init.d/novnc.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Setup noVNC
+# ==============================================================================
+declare ingress_entry
+ingress_entry=$(bashio::addon.ingress_entry)
+sed -i "s#websockify#${ingress_entry#?}/novnc/websockify#g" /usr/share/novnc/vnc_lite.html

angry-ip-scanner/rootfs/etc/nginx/nginx.conf

@@ -0,0 +1,96 @@
+worker_processes  1;
+pid /var/run/nginx.pid;
+error_log /dev/stdout info;
+daemon off;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include             mime.types;
+    default_type        application/octet-stream;
+    sendfile            on;
+    keepalive_timeout   65;
+    proxy_read_timeout  1200;
+    gzip                on;
+    gzip_disable        "msie6";
+
+    map $http_upgrade $connection_upgrade {
+        default upgrade;
+        ''      close;
+    }
+
+    # Ingress
+    server {
+        listen 8099 default_server;
+
+        allow   172.30.32.2;
+        deny    all;
+
+        server_name _;
+        access_log /dev/stdout combined;
+
+        client_max_body_size 4G;
+        keepalive_timeout 5;
+
+        root /dev/null;
+
+        location /websocket {
+            proxy_pass http://127.0.0.1:8081;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection $connection_upgrade;
+        }
+
+        location /novnc {
+            proxy_pass http://127.0.0.1:5901/;
+            proxy_redirect default;
+
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection $connection_upgrade;
+        }
+
+        # location / {
+        #     proxy_pass http://127.0.0.1:40850;
+        #     proxy_redirect default;
+
+        #     proxy_http_version 1.1;
+        #     proxy_set_header Upgrade $http_upgrade;
+        #     proxy_set_header Connection $connection_upgrade;
+
+        #     proxy_set_header X-Real-IP $remote_addr;
+        #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        #     proxy_set_header X-Forwarded-Proto $scheme;
+        #     proxy_set_header Host $http_host;
+        #     proxy_set_header X-NginX-Proxy true;
+
+        #     sub_filter_once off;
+        #     sub_filter_types *;
+            
+        #     # Disable Discovery from Dresden
+        #     sub_filter 'phoscon.de/discover' 'phoscon.de/discover_disable';
+        #     sub_filter 'dresden-light.appspot.com/discover' 'dresden-light.appspot.com/discover_disable';
+        #     sub_filter 'queryDresdenDiscovery(url){' 'queryDresdenDiscovery(url){ return Promise.resolve([]);';
+
+        #     # Do not probe our subnets from Ingress
+        #     sub_filter 'probeSubnet(ip) {' 'probeSubnet(ip) { throw new Error(\'avail\');';
+
+        #     # Prevent unauthenticated requests to go to Home Assistant, triggering IP bans
+        #     sub_filter '/api/config?_=\' + Date.now()' '%%ingress_entry%%/api/config?_=\' + Date.now()';
+
+        #     # Stop guessing URL's
+        #     sub_filter 'if (err === \'avail\')' 'if (err === \'avail\' && false)';
+
+        #     # Correctly handle redirect to login
+        #     sub_filter 'window.location.href = \'/pwa/login.html\';' 'window.location.href = \'%%ingress_entry%%/pwa/login.html\';';
+
+        #     # Patch Websocket support
+        #     sub_filter 'WebSocket(prot+host+":"+port)' 'WebSocket(prot+window.location.host+\'%%ingress_entry%%/websocket\')';
+
+        #     # The Manifest is useless and causes unneeded failing requests @ the Home Assistant server
+        #     sub_filter '<link rel="manifest" href="/pwa/manifest.json">' '';
+        # }
+    }
+}

angry-ip-scanner/rootfs/etc/services.d/angryipscanner/finish

@@ -0,0 +1,8 @@
+#!/usr/bin/execlineb -S1
+# ==============================================================================
+# Take down the S6 supervision tree based on service exit code
+# ==============================================================================
+if { s6-test ${1} -ne 0 }
+if { s6-test ${1} -ne 256 }
+
+s6-svscanctl -t /var/run/s6/services

angry-ip-scanner/rootfs/etc/services.d/angryipscanner/run

@@ -0,0 +1,51 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Start angryipscanner service
+# ==============================================================================
+TMP_FOLDER=$(mktemp -d)
+
+# VNC is not enabled as a separate service, as it cannot handle multiple
+# session when running in the foreground.
+VNC_PORT="$(bashio::addon.port 5900)"
+ARCH="$(bashio::info.arch)"
+
+# Fix tigervnc for 32 bits ARM
+if [[ "armhf armv7" = *"${ARCH}"* ]]; then
+    export LD_PRELOAD=/lib/arm-linux-gnueabihf/libgcc_s.so.1
+fi
+
+# Fix tigervnc for 64 bits ARM
+if [[ "aarch64" = "${ARCH}" ]]; then
+    export LD_PRELOAD=/lib/aarch64-linux-gnu/libgcc_s.so.1
+fi
+
+# Run it only on localhost if not expose
+if bashio::var.has_value "${VNC_PORT}"; then
+    bashio::log.warning "Your direct VNC access is not protected!"
+    LOCAL_ONLY=no
+else
+    LOCAL_ONLY=yes
+fi
+
+export XDG_RUNTIME_DIR="${TMP_FOLDER}"
+export DISPLAY=":0"
+
+bashio::log.info "Starting VNC server (local/${LOCAL_ONLY})..."
+tigervncserver \
+    -name "Home Assistant - Angry IP Scanner" \
+    -geometry 1920x1080 \
+    -depth 16 \
+    -localhost ${LOCAL_ONLY} \
+    -SecurityTypes None \
+    --I-KNOW-THIS-IS-INSECURE \
+    "${DISPLAY}" \
+    &> /dev/null
+
+# Wait for VNC server to start before continuing
+bashio::log.info "Angry IP Scanner waiting for VNC to start"
+bashio::net.wait_for 5900
+
+
+# Start Angry IP Scanner
+bashio::log.info "Starting the Angry IP Scanner gateway..."
+exec ipscan

angry-ip-scanner/rootfs/etc/services.d/nginx/finish

@@ -0,0 +1,8 @@
+#!/usr/bin/execlineb -S1	
+# ==============================================================================	
+# Take down the S6 supervision tree based on service exit code	
+# ==============================================================================	
+if { s6-test ${1} -ne 0 }	
+if { s6-test ${1} -ne 256 }	
+
+s6-svscanctl -t /var/run/s6/services

angry-ip-scanner/rootfs/etc/services.d/nginx/run

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Start NGINX service
+# ==============================================================================
+
+bashio::log.info "Starting Nginx..."
+exec nginx

angry-ip-scanner/rootfs/etc/services.d/websockify/run

@@ -0,0 +1,11 @@
+#!/usr/bin/with-contenv bashio
+# ==============================================================================
+# Start Websockify
+# ==============================================================================
+
+# Wait until vnc is up and running
+bashio::log.info "Websockify waiting for VNC to start"
+bashio::net.wait_for 5900
+
+bashio::log.info "Starting websockify..."
+exec websockify -v --web /usr/share/novnc/ 127.0.0.1:5901 127.0.0.1:5900