2021-04-26 02:17:48 +02:00
|
|
|
import ./make-test-python.nix ({ pkgs, lib, ... }:
|
2018-01-26 01:41:36 +01:00
|
|
|
|
|
|
|
let
|
|
|
|
configDir = "/var/lib/foobar";
|
2020-07-01 19:17:01 +02:00
|
|
|
mqttUsername = "homeassistant";
|
2020-06-20 12:05:30 +02:00
|
|
|
mqttPassword = "secret";
|
2018-01-26 01:41:36 +01:00
|
|
|
in {
|
|
|
|
name = "home-assistant";
|
2021-04-26 02:17:48 +02:00
|
|
|
meta.maintainers = lib.teams.home-assistant.members;
|
2018-01-26 01:41:36 +01:00
|
|
|
|
2020-06-20 12:05:30 +02:00
|
|
|
nodes.hass = { pkgs, ... }: {
|
|
|
|
environment.systemPackages = with pkgs; [ mosquitto ];
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-07-01 19:17:01 +02:00
|
|
|
services.mosquitto = {
|
|
|
|
enable = true;
|
2021-05-21 19:23:01 +02:00
|
|
|
listeners = [ {
|
|
|
|
users = {
|
|
|
|
"${mqttUsername}" = {
|
|
|
|
acl = [ "readwrite #" ];
|
|
|
|
password = mqttPassword;
|
|
|
|
};
|
2020-07-01 19:17:01 +02:00
|
|
|
};
|
2021-05-21 19:23:01 +02:00
|
|
|
} ];
|
2020-07-01 19:17:01 +02:00
|
|
|
};
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-06-20 12:05:30 +02:00
|
|
|
services.home-assistant = {
|
|
|
|
enable = true;
|
2022-01-30 02:29:45 +01:00
|
|
|
inherit configDir;
|
|
|
|
|
|
|
|
# tests loading components by overriding the package
|
2021-12-01 01:19:01 +01:00
|
|
|
package = (pkgs.home-assistant.override {
|
|
|
|
extraComponents = [ "zha" ];
|
|
|
|
}).overrideAttrs (oldAttrs: {
|
|
|
|
doInstallCheck = false;
|
|
|
|
});
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2022-01-30 02:30:51 +01:00
|
|
|
# tests loading components from the module
|
|
|
|
extraComponents = [
|
|
|
|
"wake_on_lan"
|
|
|
|
];
|
|
|
|
|
2020-06-20 12:05:30 +02:00
|
|
|
config = {
|
|
|
|
homeassistant = {
|
|
|
|
name = "Home";
|
|
|
|
time_zone = "UTC";
|
|
|
|
latitude = "0.0";
|
|
|
|
longitude = "0.0";
|
|
|
|
elevation = 0;
|
2018-01-26 01:41:36 +01:00
|
|
|
};
|
2022-01-30 02:29:45 +01:00
|
|
|
|
|
|
|
# we can't load default_config, because the updater requires
|
|
|
|
# network access and would cause an error, so load frontend
|
|
|
|
# here explicitly.
|
|
|
|
# https://www.home-assistant.io/integrations/frontend/
|
2020-06-20 12:05:30 +02:00
|
|
|
frontend = {};
|
2022-01-30 02:29:45 +01:00
|
|
|
|
|
|
|
# configure an mqtt broker connection
|
|
|
|
# https://www.home-assistant.io/integrations/mqtt
|
2020-07-01 19:17:01 +02:00
|
|
|
mqtt = {
|
|
|
|
broker = "127.0.0.1";
|
|
|
|
username = mqttUsername;
|
|
|
|
password = mqttPassword;
|
|
|
|
};
|
2022-01-30 02:29:45 +01:00
|
|
|
|
|
|
|
# create a mqtt sensor that syncs state with its mqtt topic
|
|
|
|
# https://www.home-assistant.io/integrations/sensor.mqtt/
|
|
|
|
binary_sensor = [ {
|
2020-06-20 12:05:30 +02:00
|
|
|
platform = "mqtt";
|
|
|
|
state_topic = "home-assistant/test";
|
|
|
|
payload_on = "let_there_be_light";
|
|
|
|
payload_off = "off";
|
2022-01-30 02:29:45 +01:00
|
|
|
} ];
|
|
|
|
|
|
|
|
# set up a wake-on-lan switch to test capset capability required
|
|
|
|
# for the ping suid wrapper
|
|
|
|
# https://www.home-assistant.io/integrations/wake_on_lan/
|
|
|
|
switch = [ {
|
2022-01-25 18:30:43 +01:00
|
|
|
platform = "wake_on_lan";
|
|
|
|
mac = "00:11:22:33:44:55";
|
|
|
|
host = "127.0.0.1";
|
2022-01-30 02:29:45 +01:00
|
|
|
} ];
|
|
|
|
|
|
|
|
# test component-based capability assignment (CAP_NET_BIND_SERVICE)
|
|
|
|
# https://www.home-assistant.io/integrations/emulated_hue/
|
2021-04-25 14:44:51 +02:00
|
|
|
emulated_hue = {
|
|
|
|
host_ip = "127.0.0.1";
|
|
|
|
listen_port = 80;
|
|
|
|
};
|
2022-01-30 02:29:45 +01:00
|
|
|
|
|
|
|
# show mqtt interaction in the log
|
|
|
|
# https://www.home-assistant.io/integrations/logger/
|
2020-06-20 12:05:30 +02:00
|
|
|
logger = {
|
|
|
|
default = "info";
|
|
|
|
logs."homeassistant.components.mqtt" = "debug";
|
|
|
|
};
|
|
|
|
};
|
2022-01-30 02:29:45 +01:00
|
|
|
|
|
|
|
# configure the sample lovelace dashboard
|
2020-06-20 12:05:30 +02:00
|
|
|
lovelaceConfig = {
|
|
|
|
title = "My Awesome Home";
|
|
|
|
views = [{
|
|
|
|
title = "Example";
|
|
|
|
cards = [{
|
|
|
|
type = "markdown";
|
|
|
|
title = "Lovelace";
|
|
|
|
content = "Welcome to your **Lovelace UI**.";
|
|
|
|
}];
|
|
|
|
}];
|
2018-01-26 01:41:36 +01:00
|
|
|
};
|
2020-06-20 12:05:30 +02:00
|
|
|
lovelaceConfigWritable = true;
|
|
|
|
};
|
2018-02-01 13:42:07 +01:00
|
|
|
};
|
2018-01-26 01:41:36 +01:00
|
|
|
|
|
|
|
testScript = ''
|
2020-01-09 11:19:54 +01:00
|
|
|
start_all()
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-01-09 11:19:54 +01:00
|
|
|
hass.wait_for_unit("home-assistant.service")
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-01-09 11:19:54 +01:00
|
|
|
with subtest("Check that YAML configuration file is in place"):
|
|
|
|
hass.succeed("test -L ${configDir}/configuration.yaml")
|
2022-01-30 02:29:45 +01:00
|
|
|
|
|
|
|
with subtest("Check the lovelace config is copied because lovelaceConfigWritable = true"):
|
2020-01-09 11:19:54 +01:00
|
|
|
hass.succeed("test -f ${configDir}/ui-lovelace.yaml")
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-01-09 11:19:54 +01:00
|
|
|
with subtest("Check that Home Assistant's web interface and API can be reached"):
|
2022-01-30 02:29:45 +01:00
|
|
|
hass.wait_until_succeeds("journalctl -u home-assistant.service | grep -q 'Home Assistant initialized in'")
|
2020-01-09 11:19:54 +01:00
|
|
|
hass.wait_for_open_port(8123)
|
2020-05-20 23:41:42 +02:00
|
|
|
hass.succeed("curl --fail http://localhost:8123/lovelace")
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-01-09 11:19:54 +01:00
|
|
|
with subtest("Toggle a binary sensor using MQTT"):
|
2021-04-09 13:51:24 +02:00
|
|
|
hass.wait_for_open_port(1883)
|
2020-01-09 11:19:54 +01:00
|
|
|
hass.succeed(
|
2021-04-09 13:51:24 +02:00
|
|
|
"mosquitto_pub -V mqttv5 -t home-assistant/test -u ${mqttUsername} -P '${mqttPassword}' -m let_there_be_light"
|
2020-01-09 11:19:54 +01:00
|
|
|
)
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2021-04-25 14:44:51 +02:00
|
|
|
with subtest("Check that capabilities are passed for emulated_hue to bind to port 80"):
|
|
|
|
hass.wait_for_open_port(80)
|
|
|
|
hass.succeed("curl --fail http://localhost:80/description.xml")
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2021-12-01 01:19:01 +01:00
|
|
|
with subtest("Check extra components are considered in systemd unit hardening"):
|
|
|
|
hass.succeed("systemctl show -p DeviceAllow home-assistant.service | grep -q char-ttyUSB")
|
2022-01-30 02:29:45 +01:00
|
|
|
|
2020-01-09 11:19:54 +01:00
|
|
|
with subtest("Print log to ease debugging"):
|
|
|
|
output_log = hass.succeed("cat ${configDir}/home-assistant.log")
|
|
|
|
print("\n### home-assistant.log ###\n")
|
|
|
|
print(output_log + "\n")
|
2018-05-10 13:11:26 +02:00
|
|
|
|
2020-01-09 11:19:54 +01:00
|
|
|
with subtest("Check that no errors were logged"):
|
|
|
|
assert "ERROR" not in output_log
|
2020-06-20 12:05:30 +02:00
|
|
|
|
|
|
|
# example line: 2020-06-20 10:01:32 DEBUG (MainThread) [homeassistant.components.mqtt] Received message on home-assistant/test: b'let_there_be_light'
|
|
|
|
with subtest("Check we received the mosquitto message"):
|
|
|
|
assert "let_there_be_light" in output_log
|
2021-04-25 14:44:51 +02:00
|
|
|
|
|
|
|
with subtest("Check systemd unit hardening"):
|
2022-01-30 02:29:45 +01:00
|
|
|
hass.log(hass.succeed("systemctl cat home-assistant.service"))
|
2021-04-25 14:44:51 +02:00
|
|
|
hass.log(hass.succeed("systemd-analyze security home-assistant.service"))
|
2018-01-26 01:41:36 +01:00
|
|
|
'';
|
|
|
|
})
|