Skip to content

Instantly share code, notes, and snippets.

@NateMeyer

NateMeyer/atomic-pi-hass-setup.md

Created November 23, 2019 22:26
Show Gist options
  • Save NateMeyer/18d2c6e853b192cd434c2049150bedf7 to your computer and use it in GitHub Desktop.
Save NateMeyer/18d2c6e853b192cd434c2049150bedf7 to your computer and use it in GitHub Desktop.
Download ZIP
Install Clear Linux and Home Assistant on the Atomic Pi SBC
Raw
atomic-pi-hass-setup.md

Atomic Pi Home Assistant with Clear Linux

Install Clear Linux OS over iPXE

  1. Download Tiny PXE Server for Windows
  2. Check ProxyDHCP setting and verify the DHCP server is on the appropriate network interface (if you have multiple)
  3. Update the Boot File filename field to ipxe-x86_64.efi
  4. Download the latest Clear Linux PXE release and put it in the Tiny PXE Server files directory. I used the files/iso folder 
    $ cd pxeserv/files/iso
$ curl -o /tmp/clear-pxe.tar.xz \ https://download.clearlinux.org/current/clear-$(curl \ https://download.clearlinux.org/latest)-pxe.tar.xz 
$ tar -xJf /tmp/clear-pxe.tar.xz -C .
  5. Edit menu.ipxe to include the following menu option. You may need to update the kernel version number. Since I was running from Windows, creating a symlink was troublesome. Just pointing to the fresh kernel did the trick though. 
    item clos_netboot  Clear Linux OS (Netboot)


:clos_netboot
kernel ${boot-url}/iso/org.clearlinux.native.5.3.11-868 \
init=/usr/lib/systemd/systemd-bootchart initcall_debug tsc=reliable \
no_timer_check noreplace-smp root=mmcblk0 rw initrd=initrd
initrd ${boot-url}/iso/initrd
boot || goto failed
goto start
  6. Click the button to set the server Online in Tiny PXE
  7. Connect the Atomic Pi to an HDMI monitor (or TV), a keyboard, your LAN, and a suitable power supply.
  8. The Atomic Pi will boot into the iPXE menu, navigate and select your new Clear Linux OS (Netboot) menu option.
  9. When the installer comes up, select to install to mmcblk0, add an admin user account, and any other configuration you want.
  10. Let the installer run and reboot when complete
  11. On your PC you can now ssh into the Atomic Pi using the account you created in the installer.

Install Home Assistant on the Atomic Pi

  1. Install the Docker bundle sudo swupd bundle-add containers-base
  2. (Optional) Configure Docker to expose the management port
    1. Generate self-signed certs
    2. Copy the CA and server certificates to /etc/docker/certs
    3. Modify the dockerd systemd configuration
      1. Add this file /etc/systemd/system/docker.service.d/tls-exec.conf 
        [Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2376 --tlsverify --tlscacert=/etc/docker/certs/ca.pem --tlskey=/etc/docker/certs/server-key.pem --tlscert=/etc/docker/certs/server-cert.pem
      2. Reload the daemon sudo systemctl daemon-reload
  3. Start docker
    1. sudo systemctl enable docker.service
    2. sudo systemctl start docker.service
  4. Pull the Home Assistant docker image
    1. docker pull homeassistant/home-assistant:latest
  5. Create a folder on the host to store configuration data
    1. sudo mkdir -p /srv/hass/config
  6. Start Home Assistant in docker
    1. docker run --init -d --name="home-assistant" -v /srv/hass/config:/config -v /etc/localtime:/etc/localtime:ro -p 8123:8123/tcp
    2. If you have a hardware device (like a USB Z-Wave gateway) add --device=/dev/ttyACM0 to the docker run command above

Watchtower for Auto-Updates

  1. Automatically update the Home-Assistant docker image using Watchtower. Start the Watchtower instance using the command below
    1. docker run -d --name watchtower -v /var/run/docker.sock:/var/run/docker.sock v2tec/watchtower home-assistant

Setup HTTPS Access to Home Assistant

Because I am using NGINX as a reverse proxy managing exteral access, I only am using self-signed certs on my internal network. If you want to forward a port from your router to the Home Assistant server directly, follow the TLS/SSL via Let's Encrypt guide in the Home Assistant documentation.

  1. Use self-signed certs to secure the local connection to Home Assistant. Generate self-signed certs using the command below on the Atomic-Pi
    1. openssl req -sha256 -newkey rsa:4096 -nodes -keyout privkey.pem -x509 -days 730 -out fullchain.pem
  2. Copy the certificate and key to the Home Assistant config directory
    1. sudo mkdir -p /srv/hass/config/certs
    2. sudo cp privkey.pem /srv/hass/config/certs/
    3. sudo cp fullchain.pem /srv/hass/config/certs/
  3. Add the SSL certs to the Home Assistant configuration in /srv/hass/config/configuration.yaml. Note the paths in this file will be relative to the mapped volumes in the docker container (i.e. /config/ instead of the host's /srv/hass/config/) 
    http:
    ssl_certificate: /config/certs/fullchain.pem
    ssl_key: /config/certs/privkey.pem
  4. Restart Home Assistant

Home Assistant Configuraiton

You are now ready to setup the Home Assistant configuration as you like!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment