shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: zigbee usb disable

Browse Source
This commit is contained in:
auricom
2025-07-14 00:19:14 +02:00
parent 47548b8b37
commit acc0dfcf2f
5 changed files with 28 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
kubernetes/apps/default/zigbee2mqtt/app/externalsecret.yaml
View File

@@ -1,21 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1.json
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: zigbee2mqtt
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: zigbee2mqtt-secret
template:
engineVersion: v2
data:
ZIGBEE2MQTT_CONFIG_MQTT_USER: "{{ .EMQX_MQTT_USER }}"
ZIGBEE2MQTT_CONFIG_MQTT_PASSWORD: "{{ .EMQX_MQTT_PASSWORD }}"
dataFrom:
- extract:
key: emqx

50
kubernetes/apps/default/zigbee2mqtt/app/helmrelease.yaml
View File

@@ -18,13 +18,8 @@ spec:
strategy: rollback strategy: rollback
retries: 3 retries: 3
values: values:
defaultPodOptions:
nodeSelector:
zzh.feature.node.kubernetes.io/zigbee: "true"
controllers: controllers:
zigbee2mqtt: zigbee2mqtt:
annotations:
reloader.stakater.com/auto: "true"
containers: containers:
app: app:
image: image:
@@ -40,7 +35,6 @@ spec:
ZIGBEE2MQTT_CONFIG_ADVANCED_NETWORK_KEY: "[204, 61, 75, 23, 44, 230, 24, 203, 53, 5, 248, 32, 50, 84, 44, 159]" ZIGBEE2MQTT_CONFIG_ADVANCED_NETWORK_KEY: "[204, 61, 75, 23, 44, 230, 24, 203, 53, 5, 248, 32, 50, 84, 44, 159]"
ZIGBEE2MQTT_CONFIG_AVAILABILITY_ACTIVE_TIMEOUT: 60 ZIGBEE2MQTT_CONFIG_AVAILABILITY_ACTIVE_TIMEOUT: 60
ZIGBEE2MQTT_CONFIG_AVAILABILITY_PASSIVE_TIMEOUT: 2000 ZIGBEE2MQTT_CONFIG_AVAILABILITY_PASSIVE_TIMEOUT: 2000
ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_LEGACY: "false"
ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_RETAIN: "true" ZIGBEE2MQTT_CONFIG_DEVICE_OPTIONS_RETAIN: "true"
ZIGBEE2MQTT_CONFIG_EXPERIMENTAL_NEW_API: "true" ZIGBEE2MQTT_CONFIG_EXPERIMENTAL_NEW_API: "true"
ZIGBEE2MQTT_CONFIG_FRONTEND_PORT: &port 8080 ZIGBEE2MQTT_CONFIG_FRONTEND_PORT: &port 8080
@@ -53,21 +47,36 @@ spec:
ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtt://mosquitto.database.svc.cluster.local.:1883 ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtt://mosquitto.database.svc.cluster.local.:1883
ZIGBEE2MQTT_CONFIG_MQTT_VERSION: 5 ZIGBEE2MQTT_CONFIG_MQTT_VERSION: 5
ZIGBEE2MQTT_CONFIG_PERMIT_JOIN: "false" ZIGBEE2MQTT_CONFIG_PERMIT_JOIN: "false"
ZIGBEE2MQTT_CONFIG_SERIAL_ADAPTER: zstack ZIGBEE2MQTT_CONFIG_SERIAL_ADAPTER: ember
ZIGBEE2MQTT_CONFIG_SERIAL_PORT: /dev/serial/by-id/usb-1a86_USB_Serial-if00-port0 ZIGBEE2MQTT_CONFIG_SERIAL_PORT: tcp://192.168.9.91:6638
# ZIGBEE2MQTT_CONFIG_DEVICES: devices.yaml ZIGBEE2MQTT_CONFIG_SERIAL_BAUDRATE: 115200
# ZIGBEE2MQTT_CONFIG_GROUPS: groups.yaml ZIGBEE2MQTT_CONFIG_SERIAL_DISABLE_LED: "false"
envFrom: probes:
- secretRef: liveness:
name: zigbee2mqtt-secret enabled: true
readiness:
enabled: true
startup:
enabled: true
spec:
failureThreshold: 30
periodSeconds: 10
securityContext: securityContext:
privileged: true allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
memory: 128Mi
limits: limits:
memory: 512Mi memory: 384Mi
defaultPodOptions:
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
service: service:
app: app:
controller: *app controller: *app
@@ -109,10 +118,7 @@ spec:
existingClaim: *app existingClaim: *app
globalMounts: globalMounts:
- path: /config - path: /config
usb: logs:
enabled: true type: emptyDir
type: hostPath
hostPath: /dev/serial/by-id/usb-1a86_USB_Serial-if00-port0
hostPathType: CharDevice
globalMounts: globalMounts:
- path: /dev/serial/by-id/usb-1a86_USB_Serial-if00-port0 - path: /config/log

1
kubernetes/apps/default/zigbee2mqtt/app/kustomization.yaml
View File

@@ -2,5 +2,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ./externalsecret.yaml
- ./helmrelease.yaml - ./helmrelease.yaml

1
kubernetes/apps/kube-system/node-feature-discovery/rules/kustomization.yaml
View File

@@ -7,4 +7,3 @@ resources:
- ./aeotec-zwave-device.yaml - ./aeotec-zwave-device.yaml
- ./google-coral-device.yaml - ./google-coral-device.yaml
- ./nodo-rflink-device.yaml - ./nodo-rflink-device.yaml
- ./zzh-zigbee-device.yaml

18
kubernetes/apps/kube-system/node-feature-discovery/rules/zzh-zigbee-device.yaml
View File

@@ -1,18 +0,0 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json
apiVersion: nfd.k8s-sigs.io/v1alpha1
kind: NodeFeatureRule
metadata:
name: zzh-zigbee-device
spec:
rules:
- # zzh! CC2652R Multiprotocol RF Stick
name: zzh.zigbee
labels:
zzh.feature.node.kubernetes.io/zigbee: "true"
matchFeatures:
- feature: usb.device
matchExpressions:
class: { op: In, value: ["ff"] }
vendor: { op: In, value: ["1a86"] }
device: { op: In, value: ["7523"] }