diff --git a/README.md b/README.md index be0ceb9..d56b9dc 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,10 @@ _Everything here is ment to be **experimental**. Happy to see feedback!_ ## Home Assistant Addon repository containing +### Angry IP Scanner + +Wraps the well known [Angry IP Scanner](https://angryip.org/) to make it usable as Add-on. + ### ADB-S Multi Portal Feeder Observe flight traffic using some cheap ADB-S USB-Stick and feed towards FlightRadar24 and FlightAware. diff --git a/angry-ip-scanner/CHANGELOG.md b/angry-ip-scanner/CHANGELOG.md new file mode 100644 index 0000000..3742d31 --- /dev/null +++ b/angry-ip-scanner/CHANGELOG.md @@ -0,0 +1,5 @@ +# Changelog + +## 0.1.0 + +- Initial release diff --git a/angry-ip-scanner/Dockerfile b/angry-ip-scanner/Dockerfile new file mode 100644 index 0000000..5943cba --- /dev/null +++ b/angry-ip-scanner/Dockerfile @@ -0,0 +1,29 @@ +ARG BUILD_FROM=ghcr.io/home-assistant/amd64-base-debian:buster +FROM $BUILD_FROM + +# Set shell +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install Angry IP Scanner dependencies +RUN \ + set -x \ + && apt-get update \ + && apt-get install -y --no-install-recommends \ + iproute2 \ + iputils-ping \ + nginx \ + novnc \ + sqlite3 \ + tigervnc-common \ + tigervnc-standalone-server \ + wget \ + wmii \ + xfonts-base \ + xfonts-scalable \ + openjdk-11-jre libswt-cairo-gtk-4-jni libswt-gtk-4-java\ + && rm -rf /var/lib/apt/lists/* + +RUN wget https://github.com/angryip/ipscan/releases/download/3.8.2/ipscan_3.8.2_all.deb && \ + dpkg -i ipscan_3.8.2_all.deb + +COPY rootfs / diff --git a/angry-ip-scanner/README.md b/angry-ip-scanner/README.md new file mode 100644 index 0000000..8d65717 --- /dev/null +++ b/angry-ip-scanner/README.md @@ -0,0 +1,9 @@ +# Home Assistant Add-on: Angry IP Scanner + +Buy Me a Coffee at ko-fi.com + +Wraps the well known [Angry IP Scanner](https://angryip.org/) to make it usable as Add-on. + +![screenshot](https://raw.githubusercontent.com/MaxWinterstein/homeassistant-addons/main/angryipscanner/screenshot.png) + +Most of this add-on code is shamelessly stolen from https://github.com/home-assistant/addons/tree/master/deconz. Thanks ✌️ diff --git a/angry-ip-scanner/build.yaml b/angry-ip-scanner/build.yaml new file mode 100644 index 0000000..93150b0 --- /dev/null +++ b/angry-ip-scanner/build.yaml @@ -0,0 +1,4 @@ +build_from: + aarch64: ghcr.io/home-assistant/aarch64-base-debian:buster + amd64: ghcr.io/home-assistant/amd64-base-debian:buster + armhf: ghcr.io/home-assistant/armhf-base-raspbian:buster diff --git a/angry-ip-scanner/config.yaml b/angry-ip-scanner/config.yaml new file mode 100644 index 0000000..a04d0a1 --- /dev/null +++ b/angry-ip-scanner/config.yaml @@ -0,0 +1,20 @@ +version: 0.1.0 +slug: angryipscanner +name: Angry IP Scanner +description: Fast and friendly network scanner +url: https://github.com/MaxWinterstein/homeassistant-addons/ +arch: + - amd64 + - armhf + - aarch64 +ingress: true +ingress_entry: novnc/vnc_lite.html?scale=yes +init: false +host_network: true +panel_icon: mdi:ip +ports: + 5900/tcp: null +ports_description: + 5900/tcp: Angry IP Scanner via VNC (Not required for Ingress. Not secure!) +map: + - share:rw diff --git a/angry-ip-scanner/icon.png b/angry-ip-scanner/icon.png new file mode 100644 index 0000000..ec9059f Binary files /dev/null and b/angry-ip-scanner/icon.png differ diff --git a/angry-ip-scanner/logo.png b/angry-ip-scanner/logo.png new file mode 100644 index 0000000..ec9059f Binary files /dev/null and b/angry-ip-scanner/logo.png differ diff --git a/angry-ip-scanner/rootfs/etc/cont-init.d/nginx.sh b/angry-ip-scanner/rootfs/etc/cont-init.d/nginx.sh new file mode 100644 index 0000000..05738ed --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/cont-init.d/nginx.sh @@ -0,0 +1,6 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Configure NGINX for use with Angry IP Scanner +# ============================================================================== +ingress_entry=$(bashio::addon.ingress_entry) +sed -i "s#%%ingress_entry%%#${ingress_entry}#g" /etc/nginx/nginx.conf diff --git a/angry-ip-scanner/rootfs/etc/cont-init.d/novnc.sh b/angry-ip-scanner/rootfs/etc/cont-init.d/novnc.sh new file mode 100644 index 0000000..c133526 --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/cont-init.d/novnc.sh @@ -0,0 +1,7 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Setup noVNC +# ============================================================================== +declare ingress_entry +ingress_entry=$(bashio::addon.ingress_entry) +sed -i "s#websockify#${ingress_entry#?}/novnc/websockify#g" /usr/share/novnc/vnc_lite.html diff --git a/angry-ip-scanner/rootfs/etc/nginx/nginx.conf b/angry-ip-scanner/rootfs/etc/nginx/nginx.conf new file mode 100644 index 0000000..1748f7f --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/nginx/nginx.conf @@ -0,0 +1,96 @@ +worker_processes 1; +pid /var/run/nginx.pid; +error_log /dev/stdout info; +daemon off; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; + proxy_read_timeout 1200; + gzip on; + gzip_disable "msie6"; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Ingress + server { + listen 8099 default_server; + + allow 172.30.32.2; + deny all; + + server_name _; + access_log /dev/stdout combined; + + client_max_body_size 4G; + keepalive_timeout 5; + + root /dev/null; + + location /websocket { + proxy_pass http://127.0.0.1:8081; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + location /novnc { + proxy_pass http://127.0.0.1:5901/; + proxy_redirect default; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + # location / { + # proxy_pass http://127.0.0.1:40850; + # proxy_redirect default; + + # proxy_http_version 1.1; + # proxy_set_header Upgrade $http_upgrade; + # proxy_set_header Connection $connection_upgrade; + + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header Host $http_host; + # proxy_set_header X-NginX-Proxy true; + + # sub_filter_once off; + # sub_filter_types *; + + # # Disable Discovery from Dresden + # sub_filter 'phoscon.de/discover' 'phoscon.de/discover_disable'; + # sub_filter 'dresden-light.appspot.com/discover' 'dresden-light.appspot.com/discover_disable'; + # sub_filter 'queryDresdenDiscovery(url){' 'queryDresdenDiscovery(url){ return Promise.resolve([]);'; + + # # Do not probe our subnets from Ingress + # sub_filter 'probeSubnet(ip) {' 'probeSubnet(ip) { throw new Error(\'avail\');'; + + # # Prevent unauthenticated requests to go to Home Assistant, triggering IP bans + # sub_filter '/api/config?_=\' + Date.now()' '%%ingress_entry%%/api/config?_=\' + Date.now()'; + + # # Stop guessing URL's + # sub_filter 'if (err === \'avail\')' 'if (err === \'avail\' && false)'; + + # # Correctly handle redirect to login + # sub_filter 'window.location.href = \'/pwa/login.html\';' 'window.location.href = \'%%ingress_entry%%/pwa/login.html\';'; + + # # Patch Websocket support + # sub_filter 'WebSocket(prot+host+":"+port)' 'WebSocket(prot+window.location.host+\'%%ingress_entry%%/websocket\')'; + + # # The Manifest is useless and causes unneeded failing requests @ the Home Assistant server + # sub_filter '' ''; + # } + } +} \ No newline at end of file diff --git a/angry-ip-scanner/rootfs/etc/services.d/angryipscanner/finish b/angry-ip-scanner/rootfs/etc/services.d/angryipscanner/finish new file mode 100644 index 0000000..a29ced9 --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/services.d/angryipscanner/finish @@ -0,0 +1,8 @@ +#!/usr/bin/execlineb -S1 +# ============================================================================== +# Take down the S6 supervision tree based on service exit code +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services diff --git a/angry-ip-scanner/rootfs/etc/services.d/angryipscanner/run b/angry-ip-scanner/rootfs/etc/services.d/angryipscanner/run new file mode 100644 index 0000000..83922f4 --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/services.d/angryipscanner/run @@ -0,0 +1,51 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Start angryipscanner service +# ============================================================================== +TMP_FOLDER=$(mktemp -d) + +# VNC is not enabled as a separate service, as it cannot handle multiple +# session when running in the foreground. +VNC_PORT="$(bashio::addon.port 5900)" +ARCH="$(bashio::info.arch)" + +# Fix tigervnc for 32 bits ARM +if [[ "armhf armv7" = *"${ARCH}"* ]]; then + export LD_PRELOAD=/lib/arm-linux-gnueabihf/libgcc_s.so.1 +fi + +# Fix tigervnc for 64 bits ARM +if [[ "aarch64" = "${ARCH}" ]]; then + export LD_PRELOAD=/lib/aarch64-linux-gnu/libgcc_s.so.1 +fi + +# Run it only on localhost if not expose +if bashio::var.has_value "${VNC_PORT}"; then + bashio::log.warning "Your direct VNC access is not protected!" + LOCAL_ONLY=no +else + LOCAL_ONLY=yes +fi + +export XDG_RUNTIME_DIR="${TMP_FOLDER}" +export DISPLAY=":0" + +bashio::log.info "Starting VNC server (local/${LOCAL_ONLY})..." +tigervncserver \ + -name "Home Assistant - Angry IP Scanner" \ + -geometry 1920x1080 \ + -depth 16 \ + -localhost ${LOCAL_ONLY} \ + -SecurityTypes None \ + --I-KNOW-THIS-IS-INSECURE \ + "${DISPLAY}" \ + &> /dev/null + +# Wait for VNC server to start before continuing +bashio::log.info "Angry IP Scanner waiting for VNC to start" +bashio::net.wait_for 5900 + + +# Start Angry IP Scanner +bashio::log.info "Starting the Angry IP Scanner gateway..." +exec ipscan \ No newline at end of file diff --git a/angry-ip-scanner/rootfs/etc/services.d/nginx/finish b/angry-ip-scanner/rootfs/etc/services.d/nginx/finish new file mode 100644 index 0000000..5bb07a6 --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/services.d/nginx/finish @@ -0,0 +1,8 @@ +#!/usr/bin/execlineb -S1 +# ============================================================================== +# Take down the S6 supervision tree based on service exit code +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services diff --git a/angry-ip-scanner/rootfs/etc/services.d/nginx/run b/angry-ip-scanner/rootfs/etc/services.d/nginx/run new file mode 100644 index 0000000..690c3dd --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/services.d/nginx/run @@ -0,0 +1,7 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Start NGINX service +# ============================================================================== + +bashio::log.info "Starting Nginx..." +exec nginx diff --git a/angry-ip-scanner/rootfs/etc/services.d/websockify/run b/angry-ip-scanner/rootfs/etc/services.d/websockify/run new file mode 100644 index 0000000..6215b9d --- /dev/null +++ b/angry-ip-scanner/rootfs/etc/services.d/websockify/run @@ -0,0 +1,11 @@ +#!/usr/bin/with-contenv bashio +# ============================================================================== +# Start Websockify +# ============================================================================== + +# Wait until vnc is up and running +bashio::log.info "Websockify waiting for VNC to start" +bashio::net.wait_for 5900 + +bashio::log.info "Starting websockify..." +exec websockify -v --web /usr/share/novnc/ 127.0.0.1:5901 127.0.0.1:5900 diff --git a/angry-ip-scanner/screenshot.png b/angry-ip-scanner/screenshot.png new file mode 100644 index 0000000..a2ada79 Binary files /dev/null and b/angry-ip-scanner/screenshot.png differ