fix gvm

fix(gvm)

LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright {yyyy} {name of copyright owner}
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

MinIO/Dockerfile

@@ -1,6 +0,0 @@
-FROM minio/minio:latest
-
-COPY run.sh /usr/local/bin/run.sh
-RUN chmod +x /usr/local/bin/run.sh
-
-CMD ["/usr/local/bin/run.sh"]

MinIO/README.md

@@ -1,70 +0,0 @@
-# MinIO Add-on per Home Assistant
-
-Questo add-on fornisce un server **S3 compatibile** basato su MinIO, perfetto per:
-
-- Backup di **Longhorn**
-- Archiviazione file/media
-- Logging o integrazioni custom
-
-È stato progettato per essere **production-ready**, sicuro, leggero e accessibile direttamente via pannello laterale di Home Assistant.
-
-## ⚙️ Configurazione
-
-```yaml
-access_key: admin
-secret_key: CHANGEME-strong-password
-region: us-east-1
-bucket: longhorn-backup
-```
-
-## 🌐 Accesso
-
-Una volta installato, accedi a MinIO tramite il pannello laterale o all'indirizzo:
-
-`http://<ip_hass>:9000` (se Ingress non è disponibile)
-
-## 🚀 Installazione
-
-1. Vai su Home Assistant → **Supervisor → Add-on Store**
-2. Aggiungi la tua repo Git custom (Settings → Repositories → `https://github.com/<tuo-utente>/minio-addon`)
-3. Installa l’add-on, avvia e accedi a MinIO via Ingress
-
-## 🧾 Requisiti
-
-- Home Assistant OS o Supervised
-- Architettura supportata: `amd64`, `aarch64`
-- Accesso a una cartella persistente per `/data`
-
-## 📂 Struttura del repository
-
-```bash
-minio-addon/
-├── config.json         # Definizione dell’add-on
-├── Dockerfile          # Contenitore MinIO
-├── run.sh              # Entrypoint con supporto TLS e bucket auto-creation
-├── README.md
-└── ...
-```
-
-## 🧠 Note
-Il bucket specificato in bucket: viene creato automaticamente se non esiste
-
-Se usi Longhorn, puoi puntare i backup a:
-
-```bash
-http://<IP_HASS>:9000/longhorn-backup
-```
-Le credenziali vengono passate come variabili d'ambiente in fase di bootstrap
-
-## 🛡 Sicurezza
-> ⚠️ Usa sempre password forti.
-
-Considera l’attivazione del TLS automatico posizionando i certificati in `/ssl/`.
-
-## ✅ TODO futuri
-- Supporto per versioning bucket
-- Healthcheck e metriche Prometheus
-- Interfaccia per gestione utenti/bucket via opzioni
-
----
-Realizzato con ❤️ per l’automazione e la resilienza.

MinIO/config.json

@@ -1,34 +0,0 @@
-{
-  "name": "MinIO S3 Server",
-  "version": "1.0.0",
-  "slug": "minio",
-  "description": "Production-ready S3-compatible object storage server for HA and Longhorn",
-  "arch": ["amd64", "aarch64"],
-  "startup": "services",
-  "boot": "auto",
-  "hassio_api": false,
-  "host_network": false,
-  "panel_icon": "mdi:database",
-  "panel_title": "MinIO",
-  "ingress": true,
-  "ingress_port": 9001,
-  "ingress_stream": false,
-  "ports": {
-    "9000/tcp": 9000,
-    "9001/tcp": 9001
-  },
-  "map": ["config:rw", "ssl:rw"],
-  "options": {
-    "access_key": "admin",
-    "secret_key": "CHANGEME-strong-password",
-    "region": "us-east-1",
-    "bucket": "longhorn-backup"
-  },
-  "schema": {
-    "access_key": "str",
-    "secret_key": "str",
-    "region": "str",
-    "bucket": "str"
-  },
-  "image": "docker.io/minio/minio:latest"
-}

MinIO/run.sh

@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-# Config via HA options
-export MINIO_ROOT_USER="${ACCESS_KEY}"
-export MINIO_ROOT_PASSWORD="${SECRET_KEY}"
-export MINIO_REGION="${REGION:-us-east-1}"
-
-# TLS support (optional, autodetect)
-CERT_PATH="/ssl/cert.pem"
-KEY_PATH="/ssl/key.pem"
-
-# Data path
-DATA_DIR="/data"
-
-# First-run: make sure bucket exists (done via client)
-BUCKET="${BUCKET}"
-mkdir -p "$DATA_DIR/$BUCKET"
-
-echo "[INFO] Starting MinIO with access: $ACCESS_KEY, region: $MINIO_REGION"
-if [[ -f "$CERT_PATH" && -f "$KEY_PATH" ]]; then
-  echo "[INFO] TLS cert found, starting in HTTPS mode"
-  exec minio server $DATA_DIR --address ":9000" --console-address ":9001" --certs-dir /ssl
-else
-  echo "[INFO] Starting in HTTP mode"
-  exec minio server $DATA_DIR --address ":9000" --console-address ":9001"
-fi

README.md

@@ -0,0 +1,48 @@
+# Martin's Home Assistant Add-ons Repository
+
+## Installation
+
+[![Add repository on my Home Assistant][repository-badge]][repository-url]
+
+If you want to do add the repository manually, please follow the procedure highlighted in the [Home Assistant website](https://home-assistant.io/hassio/installing_third_party_addons). Use the following URL to add this repository: https://github.com/martemme/HomeAssistantAddons
+
+## Add-ons provided by this repository
+
+### [MinIO](./minio)
+
+![Supports amd64 Architecture][amd64-shield]
+![Supports aarch64 Architecture][aarch64-shield]
+
+_MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. It is API compatible with Amazon S3 cloud storage service._
+
+[Official Repo](https://github.com/minio/minio)
+
+### [SonarQube](./sonarqube)
+
+![Supports amd64 Architecture][amd64-shield]
+![Supports aarch64 Architecture][aarch64-shield]
+
+_SonarQube Server helps you comply with common code security standards, such as the NIST SSDF, OWASP, CWE, STIG, and CASA._
+
+[Official Repo](https://github.com/SonarSource/sonarqube)
+
+### [GVM](./gvm)
+
+![Supports amd64 Architecture][amd64-shield]
+![Supports aarch64 Architecture][aarch64-shield]
+
+_OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test._
+
+[Official Repo](https://github.com/greenbone/openvas-scanner)
+
+## Sponsoring ❤️
+If you like this add-on and would like to support my work and future projects, you can buy me a coffee. ☕
+
+Sponsoring available on Paypal (https://paypal.me/martemme).
+
+[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
+[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
+[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
+[i386-shield]: https://img.shields.io/badge/i386-yes-green.svg
+[repository-badge]: https://img.shields.io/badge/Add%20repository%20to%20my-Home%20Assistant-41BDF5?logo=home-assistant&style=for-the-badge
+[repository-url]: https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fmincka%2Fha-addons

gvm/CHANGELOG.md

@@ -0,0 +1,2 @@
+## 0.0.x-beta
+- Initial release

gvm/Dockerfile

@@ -0,0 +1,28 @@
+# Use official GVM image
+FROM netizensoc/gvm-scanner:latest
+
+LABEL io.hass.name="GVM Scanner"
+LABEL io.hass.description="un a GVM (OpenVAS) scanner as a Home Assistant add-on."
+LABEL io.hass.arch="amd64|aarch64"
+LABEL io.hass.type="addon"
+LABEL io.hass.version="0.0.4-beta"
+
+# Set timezone
+ENV TZ=Europe/Rome
+
+# Install jq for config parsing
+RUN apt-get update && apt-get install -y jq \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Copy the entrypoint script
+COPY run.sh /run.sh
+RUN chmod +x /run.sh
+
+# Expose GVM Web UI port
+EXPOSE 9392
+
+# Mountable volume
+VOLUME [ "/data" ]
+
+# Entrypoint
+CMD [ "/run.sh" ]

gvm/README.md

@@ -0,0 +1,63 @@
+# Home Assistant Add-on: GVM (OpenVAS) 
+
+![Supports amd64 Architecture](https://img.shields.io/badge/amd64-yes-green.svg)
+![Supports aarch64 Architecture](https://img.shields.io/badge/aarch64-yes-green.svg)
+
+This Home Assistant add-on deploys the GVM (OpenVAS) vulnerability scanner inside a Docker container.
+
+## 🚀 Features
+
+- Full GVM Scanner in a managed container
+- Web UI available on port `9392`
+- Username and password configurable from UI
+
+## ⚙️ Configuration
+
+Example `options` in `config.json`:
+
+```json
+{
+    "username": "admin",
+    "password": "changeme",
+    "ui_port": 9392,
+    "TZ": "Europe/Rome",
+    "HTTPS": "false",
+    "SSHD": "true",
+    "DB_PASSWORD": "changeme"
+}
+```
+
+## 🌐 Access
+
+Once installed, access the GVM web interface at:
+
+`http://<your-home-assistant-ip>:9392`
+
+## 📂 Repository Structure
+
+```bash
+gvm/
+├── CHANGELOG.md       # Changelog for the add-on
+├── config.json        # Add-on configuration definition
+├── Dockerfile         # Dockerfile for the GVM container
+├── icon.png           # Icon for the add-on
+├── logo.png           # Logo for the add-on
+├── README.md          # This file
+└── run.sh             # Startup script for GVM
+```
+
+## 🛡 Security
+
+> ⚠️ Always use strong passwords and ensure secure network settings.
+
+---
+
+Made with ❤️ for automation and resilience.
+
+[semver]: http://semver.org/spec/v2.0.0.html
+[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
+[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
+[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
+[i386-shield]: https://img.shields.io/badge/i386-yes-green.svg
+[repository-badge]: https://img.shields.io/badge/Add%20repository%20to%20my-Home%20Assistant-41BDF5?logo=home-assistant&style=for-the-badge
+[repository-url]: https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fmartemme%2FHomeAssistantAddons

gvm/config.json

@@ -0,0 +1,43 @@
+{
+    "name": "GVM Scanner",
+    "version": "0.0.4-beta",
+    "slug": "gvm",
+    "description": "Run a GVM (OpenVAS) scanner as a Home Assistant add-on.",
+    "startup": "services",
+    "boot": "auto",
+    "init": false,
+    "arch": ["amd64", "aarch64"],
+    "map": ["config:rw"],
+    "options": {
+        "username": "admin",
+        "password": "changeme",
+        "ui_port": 9392,
+        "TZ": "Europe/Rome",
+        "HTTPS": "false",
+        "SSHD": "true",
+        "DB_PASSWORD": "changeme"
+    },
+    "schema": {
+        "username": "str",
+        "password": "str",
+        "ui_port": "int",
+        "TZ": "str",
+        "HTTPS": "bool",
+        "SSHD": "bool",
+        "DB_PASSWORD": "str"
+    },
+    "ports": {
+        "9392/tcp": 9392
+    },
+    "ports_description": {
+        "9392/tcp": "Web Interface"
+    },
+    "webui": "http://[HOST]:[PORT:9392]",
+    "environment": {
+        "TZ": "Europe/Rome",
+        "HTTPS": "false",
+        "SSHD": "true",
+        "DB_PASSWORD": "changeme"
+    }
+  }
+  

gvm/run.sh

@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+
+set -e
+set -o pipefail
+
+log() {
+    echo "[GVM ADD-ON] $(date +"%Y-%m-%d %H:%M:%S") - $*"
+}
+
+CONFIG_PATH="/data/options.json"
+
+if [ ! -f "$CONFIG_PATH" ]; then
+    log "ERROR: Config file not found at $CONFIG_PATH"
+    exit 1
+fi
+
+USERNAME=$(jq -r '.username' "$CONFIG_PATH")
+PASSWORD=$(jq -r '.password' "$CONFIG_PATH")
+TZ=$(jq -r '.TZ // empty' "$CONFIG_PATH")
+DB_PASSWORD=$(jq -r '.DB_PASSWORD // empty' "$CONFIG_PATH")
+HTTPS=$(jq -r '.HTTPS // "false"' "$CONFIG_PATH")
+SSHD=$(jq -r '.SSHD // "true"' "$CONFIG_PATH")
+
+if [ -z "$USERNAME" ] || [ -z "$PASSWORD" ]; then
+    log "ERROR: username and/or password not set in options.json"
+    exit 1
+fi
+
+export USERNAME
+export PASSWORD
+export DB_PASSWORD
+export TZ
+export HTTPS
+export SSHD
+
+log "INFO: Starting GVM (OpenVAS) add-on as user '$USERNAME'"
+log "INFO: Setting timezone to $TZ"
+
+if [ -n "$TZ" ]; then
+    ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime
+    echo "$TZ" > /etc/timezone
+fi
+
+DATA_DIR="/data"
+if [ ! -d "$DATA_DIR" ]; then
+    log "INFO: Creating data directory at $DATA_DIR"
+    mkdir -p "$DATA_DIR"
+fi
+
+log "INFO: Handing over control to /start.sh (default GVM init script)"
+exec /start.sh

minio/CHANGELOG.md

@@ -0,0 +1,5 @@
+## 1.1.0
+- First stable release
+
+## 1.0.0
+- Initial release

minio/Dockerfile

@@ -0,0 +1,24 @@
+FROM alpine:3.18
+
+LABEL io.hass.name="MinIO"
+LABEL io.hass.description="MinIO is a High Performance Object Storage, API compatible with Amazon S3 cloud storage service."
+LABEL io.hass.arch="amd64|aarch64"
+LABEL io.hass.type="addon"
+LABEL io.hass.version="1.1.1"
+
+# Install curl, jq and ca-certificates
+RUN apk add --no-cache bash curl jq ca-certificates
+
+# Install the latest version of MinIO
+# https://min.io/download#/linux
+# https://docs.min.io/docs/minio-server-quickstart-guide.html
+RUN curl -fsSL https://dl.min.io/server/minio/release/linux-amd64/minio \
+    -o /usr/local/bin/minio && \
+    chmod +x /usr/local/bin/minio
+
+# Copy the script into the container
+# make it executable and run it
+COPY run.sh /run.sh
+RUN chmod +x /run.sh
+
+ENTRYPOINT [ "/run.sh" ]

minio/README.md

@@ -0,0 +1,86 @@
+# Home Assistant Add-on: MinIO
+
+![Supports amd64 Architecture][amd64-shield]
+![Supports aarch64 Architecture][aarch64-shield]
+
+This add-on provides an **S3-compatible** server based on MinIO, perfect for:
+
+- File/media storage
+- Logging or custom integrations
+
+It is designed to be **production-ready**, secure, lightweight, and accessible directly via the Home Assistant sidebar.
+
+## ⚙️ Configuration
+
+```yaml
+access_key: admin
+secret_key: CHANGEME-strong-password
+drive: storage
+```
+
+### Parameters
+
+| Variable        | Default     | Description                                           |
+|-----------------|-------------|-------------------------------------------------------|
+| `access_key`    | `admin`     | MinIO user credential                                 |
+| `secret_key`    | `admin`     | MinIO password credential                             |
+| `drive`         | `storage`   | Folder where MinIO data will be saved inside `/data`  |
+
+## 🚀 Installation
+
+1. Go to Home Assistant → **Supervisor → Add-on Store**
+2. Add this repository (Settings → Repositories → `https://github.com/martemme/HomeAssistantAddons`)
+3. Install the add-on, configure the credentials and start it
+
+## 🌐 Access
+
+Once installed, access MinIO via the sidebar or at:
+
+`http://<ip_hass>:9001` (if Ingress is not available)
+
+## 🧾 Requirements
+
+- Home Assistant OS or Supervised
+- Supported architecture: `amd64`, `aarch64`
+- Access to a persistent folder for `/data`
+
+## 📂 Repository Structure
+
+```bash
+minio/
+├── config.json         # Add-on definition
+├── Dockerfile          # MinIO container
+├── run.sh              # Startup script
+├── README.md
+└── ...
+```
+
+## 🧠 Notes
+The credentials are passed as environment variables during bootstrap.
+The container is based on `alpine:3.18` image
+
+## 🛡 Security
+> ⚠️ Always use strong passwords.
+
+Consider enabling automatic TLS by placing certificates in `/ssl/`.
+
+## Changelog & Releases
+
+Releases are based on [Semantic Versioning][semver], and use the format
+of `MAJOR.MINOR.PATCH`. In a nutshell, the version will be incremented
+based on the following:
+
+- `MAJOR`: Incompatible or major changes.
+- `MINOR`: Backwards-compatible new features and enhancements.
+- `PATCH`: Backwards-compatible bugfixes and package updates.
+
+---
+Made with ❤️ for automation and resilience.
+
+[semver]: http://semver.org/spec/v2.0.0.html
+[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
+[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
+[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
+[i386-shield]: https://img.shields.io/badge/i386-yes-green.svg
+[repository-badge]: https://img.shields.io/badge/Add%20repository%20to%20my-Home%20Assistant-41BDF5?logo=home-assistant&style=for-the-badge
+[repository-url]: https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fmartemme%2FHomeAssistantAddons

minio/config.json

@@ -0,0 +1,47 @@
+{
+  "name": "MinIO",
+  "version": "1.1.1",
+  "slug": "minio",
+  "description": "MinIO Server S3-compatible object storage server",
+  "arch": [
+    "amd64",
+    "aarch64"
+  ],
+  "startup": "services",
+  "url": "https://github.com/martemme/HomeAssistantAddons/tree/main/minio",
+  "boot": "auto",
+  "hassio_api": false,
+  "init": false,
+  "host_network": true,
+  "panel_icon": "mdi:database",
+  "panel_title": "MinIO",
+  "ingress": false,
+  "ports": {
+    "9000/tcp": 9000,
+    "9001/tcp": 9001
+  },
+  "ports_description": {
+    "9001/tcp": "Web Interface",
+    "9000/tcp": "Web Console"
+  },
+  "webui": "[PROTO:ssl]://[HOST]:[PORT:9001]",
+  "map": {
+    "config": "rw",
+    "share": "rw",
+    "ssl": "rw"
+  },
+  "options": {
+    "access_key": "admin",
+    "secret_key": "CHANGEME-strong-password",
+    "drive": "storage"
+  },
+  "schema": {
+    "access_key": "str",
+    "secret_key": "str",
+    "drive": "str"
+  },
+  "build_from": {
+    "amd64": "alpine:3.18",
+    "aarch64": "alpine:3.18"
+  }
+}

minio/run.sh

@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+set -e
+echo "[DEBUG] Run script started"
+
+CONFIG="/data/options.json"
+
+# Extract config values from the JSON file
+# The file is created by the Home Assistant Add-on system
+# and contains the configuration options defined in the add-on config.json file
+# The jq command is used to parse the JSON file and extract the values
+# the drive variable is used to specify the location of the MinIO data directory inside /data
+ACCESS_KEY=$(jq -r .access_key  "$CONFIG")
+SECRET_KEY=$(jq -r .secret_key  "$CONFIG")
+DRIVE=$(jq -r .drive  "$CONFIG")
+
+# Configure MinIO environment variables
+# These variables are used to set up the MinIO server
+# The ACCESS_KEY and SECRET_KEY are used for authentication
+export MINIO_ROOT_USER="$ACCESS_KEY"
+export MINIO_ROOT_PASSWORD="$SECRET_KEY"
+
+# Check if the bucket exists, if not create it
+DATA_DIR="/data/$DRIVE"
+mkdir -p /data
+
+echo "[INFO] Starting MinIO (user: $MINIO_ROOT_USER)"
+
+# Autodetect if TLS certs are present
+# If they are, launch with HTTPS, otherwise use HTTP
+# This is a workaround for the fact that the minio server command does not have a --tls flag
+if [[ -f /ssl/cert.pem && -f /ssl/key.pem ]]; then
+  echo "[INFO] TLS cert found, launching HTTPS"
+  exec minio server "$DATA_DIR" \
+       --address ":9000" \
+       --console-address ":9001" \
+       --certs-dir /ssl
+else
+  echo "[INFO] Launching HTTP"
+  exec minio server "$DATA_DIR" \
+       --address ":9000" \
+       --console-address ":9001"
+fi

repository.json

@@ -1,6 +1,5 @@
 {
   "name": "HA Add-ons by martemme",
-    "url": "https://git.mt-home.uk/martin/HomeAssistantAddons",
+  "url": "https://github.com/martemme/HomeAssistantAddons",
   "maintainer": "martemme"
-  }
-  
+}

sonarqube/CHANGELOG.md

@@ -0,0 +1,2 @@
+## 0.0.x-beta
+- Initial release

sonarqube/Dockerfile

@@ -0,0 +1,43 @@
+# Use Alpine as the base image
+FROM alpine:3.18
+
+LABEL io.hass.name="SonarQube"
+LABEL io.hass.description="SonarQube Server helps you comply with common code security standards, such as the NIST SSDF, OWASP, CWE, STIG, and CASA."
+LABEL io.hass.arch="amd64|aarch64"
+LABEL io.hass.type="addon"
+LABEL io.hass.version="0.0.4-beta"
+
+# Build parameters
+ARG SONARQUBE_VERSION=9.9.6.92038
+ENV SONARQUBE_VERSION=${SONARQUBE_VERSION} \
+    SONARQUBE_HOME=/opt/sonarqube \
+    SONARQUBE_BIN=/opt/sonarqube/bin/linux-x86-64
+
+# Install runtime dependencies (Java 17)
+RUN apk add --no-cache \
+      openjdk17-jre \
+      curl \
+      unzip \
+      su-exec \
+      tzdata
+
+# Create a user with uid/gid 1000
+RUN addgroup -S sonarqube -g 1000 \
+ && adduser  -S sonarqube -u 1000 -G sonarqube
+
+# Download and extract SonarQube
+RUN curl -L "https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${SONARQUBE_VERSION}.zip" -o /tmp/sonarqube.zip \
+ && unzip /tmp/sonarqube.zip -d /opt \
+ && mv /opt/sonarqube-${SONARQUBE_VERSION} "${SONARQUBE_HOME}" \
+ && rm /tmp/sonarqube.zip \
+ && chown -R sonarqube:sonarqube "${SONARQUBE_HOME}"
+
+# Copy the startup script
+COPY run.sh /usr/local/bin/run.sh
+RUN chmod +x /usr/local/bin/run.sh
+
+# Expose the internal port
+EXPOSE 9000
+
+# All setup runs as root; run.sh poi farà su-exec a sonarqube
+ENTRYPOINT ["/usr/local/bin/run.sh"]

sonarqube/README.md

@@ -0,0 +1,87 @@
+# Home Assistant Add-on: SonarQube
+
+![Supports amd64 Architecture](https://img.shields.io/badge/amd64-yes-green.svg)
+![Supports aarch64 Architecture](https://img.shields.io/badge/aarch64-yes-green.svg)
+
+This add-on provides a **SonarQube** server that helps you comply with common code security standards such as the NIST SSDF, OWASP, CWE, STIG, and CASA. It is designed to be **production-ready**, secure, and lightweight, and integrates seamlessly with Home Assistant.
+
+## ⚙️ Configuration
+
+The add-on uses the following configuration which is defined in the `config.json` file:
+
+```yaml
+data_path: /share/sonarqube/data
+extensions_path: /share/sonarqube/extensions
+ui_port: 9000
+jdbc_url: "jdbc:postgresql://sonarqube_db:5432/sonar"
+jdbc_username: ""
+jdbc_password: ""
+TZ: "Europe/Rome"
+```
+
+### Parameters
+
+| Variable           | Default                       | Description                                                     |
+|--------------------|-------------------------------|-----------------------------------------------------------------|
+| `data_path`        | `/share/sonarqube/data`       | Directory where SonarQube data is stored                        |
+| `extensions_path`  | `/share/sonarqube/extensions` | Directory for SonarQube extensions                              |
+| `ui_port`          | `9000`                        | Port for the SonarQube web interface                            |
+| `jdbc_url`         | (Required)                    | JDBC URL for the database connection (e.g., PostgreSQL)         |
+| `jdbc_username`    | (Required)                    | Username for the JDBC database connection                       |
+| `jdbc_password`    | (Required)                    | Password for the JDBC database connection                       |
+| `TZ`               | `Europe/Rome`                 | Timezone setting for the add-on                                 |
+
+## 🚀 Installation
+
+1. Go to Home Assistant → **Supervisor → Add-on Store**
+2. Add the repository (Settings → Repositories → `https://github.com/martemme/HomeAssistantAddons`)
+3. Install the **SonarQube** add-on
+4. Configure the required options and start the add-on
+
+## 🌐 Access
+
+Once installed, access the SonarQube web interface at:
+
+`http://<your-home-assistant-ip>:9000`
+
+## 🧾 Requirements
+
+- Home Assistant OS or Supervised installation
+- Supported architectures: `amd64`, `aarch64`
+- Persistent storage for `/share/sonarqube/data` and `/share/sonarqube/extensions`
+- A running PostgreSQL database for SonarQube connectivity
+
+## 📂 Repository Structure
+
+```bash
+sonarqube/
+├── CHANGELOG.md       # Changelog for the add-on
+├── config.json        # Add-on configuration definition
+├── Dockerfile         # Dockerfile for the SonarQube container
+├── icon.png           # Icon for the add-on
+├── logo.png           # Logo for the add-on
+├── README.md          # This file
+└── run.sh             # Startup script for SonarQube
+```
+
+## 🧠 Notes
+
+- The add-on requires a PostgreSQL database. Ensure that `jdbc_url`, `jdbc_username`, and `jdbc_password` are correctly configured.
+- Timezone configuration can be customized via the `TZ` option.
+- The Home Assistant add-on system creates the options file (`/data/options.json`) automatically based on your configuration.
+
+## 🛡 Security
+
+> ⚠️ Always use strong passwords and ensure secure network settings, especially for database connections.
+
+---
+
+Made with ❤️ for automation and resilience.
+
+[semver]: http://semver.org/spec/v2.0.0.html
+[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
+[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
+[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
+[i386-shield]: https://img.shields.io/badge/i386-yes-green.svg
+[repository-badge]: https://img.shields.io/badge/Add%20repository%20to%20my-Home%20Assistant-41BDF5?logo=home-assistant&style=for-the-badge
+[repository-url]: https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fmartemme%2FHomeAssistantAddons

sonarqube/config.json

@@ -0,0 +1,45 @@
+{
+    "name": "SonarQube",
+    "version": "0.0.4-beta",
+    "slug": "sonarqube",
+    "description": "SonarQube Server helps you comply with common code security standards, such as the NIST SSDF, OWASP, CWE, STIG, and CASA.",
+    "arch": ["amd64", "armv7", "aarch64"],
+    "startup": "services",
+    "boot": "auto",
+    "host_network": false,
+    "full_access": true,
+    "options": {
+      "data_path": "/share/sonarqube/data",
+      "extensions_path": "/share/sonarqube/extensions",
+      "jdbc_url": "jdbc:postgresql://sonarqube_db:5432/sonar",
+      "jdbc_username": "",
+      "jdbc_password": "",
+      "TZ": "Europe/Rome"
+    },
+    "schema": {
+      "data_path": "str",
+      "extensions_path": "str",
+      "jdbc_url": "str",
+      "jdbc_username": "str",
+      "jdbc_password": "str",
+      "TZ": "str"
+    },
+    "ports": {
+        "9000/tcp": 9000
+    },
+    "ports_description": {
+        "9000/tcp": "Web Interface"
+    },
+    "map": ["config"],
+    "environment": {
+      "TZ": "TZ",
+      "SONAR_JDBC_URL": "jdbc_url",
+      "SONAR_JDBC_USERNAME": "jdbc_username",
+      "SONAR_JDBC_PASSWORD": "jdbc_password"
+    },
+    "webui": "http://[HOST]:[PORT:9000]",
+    "build_from": {
+        "amd64": "alpine:3.18",
+        "aarch64": "alpine:3.18"
+    }
+  }

sonarqube/run.sh

@@ -0,0 +1,36 @@
+#!/usr/bin/env sh
+set -e
+
+# --- Default paths se non passati via env ---
+: "${DATA_PATH:=/share/sonarqube/data}"
+: "${EXT_PATH:=/share/sonarqube/extensions}"
+: "${TZ:=Europe/Rome}"
+
+# --- Variabili JDBC (obbligatorie) ---
+: "${SONAR_JDBC_URL:?Serve SONAR_JDBC_URL, es. jdbc:postgresql://sonarqube_db:5432/sonar}"
+: "${SONAR_JDBC_USERNAME:?Serve SONAR_JDBC_USERNAME}"
+: "${SONAR_JDBC_PASSWORD:?Serve SONAR_JDBC_PASSWORD}"
+
+# --- Imposto timezone a container start ---
+ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime
+echo "${TZ}" > /etc/timezone
+
+# --- Creo e monto le cartelle host in container ---
+mkdir -p "${DATA_PATH}" "${EXT_PATH}"
+cd "${SONARQUBE_HOME}"
+
+# Sposto le cartelle interne originali (evt. backup)
+[ -d data ]       && mv data       data.orig || true
+[ -d extensions ] && mv extensions extensions.orig || true
+
+# Link simbolici verso le cartelle condivise
+ln -s "${DATA_PATH}"      data
+ln -s "${EXT_PATH}"       extensions
+
+# --- Esporto le variabili per SonarQube ---
+export SONAR_JDBC_URL
+export SONAR_JDBC_USERNAME
+export SONAR_JDBC_PASSWORD
+
+# --- Avvio SonarQube in foreground come utente non-root ---
+exec su-exec sonarqube "${SONARQUBE_BIN}/sonar.sh" console