Significantly speed up creating backups with isal via zlib-fast

isal is a drop in replacement for zlib with the cavet that the compression level mappings are different. zlib-fast is a tiny piece of middleware to convert the standard zlib compression levels to isal compression levels to allow for drop-in replacement https://github.com/bdraco/zlib-fast/releases/tag/v0.1.0 https://github.com/pycompression/python-isal Compression for backups is ~5x faster than the baseline https://github.com/powturbo/TurboBench/issues/43
Fix dirhash failing to import pkg_resources
2025-08-13 19:19:21 +00:00 · 2024-01-27 13:06:41 -10:00 · 2024-01-14 00:02:12 -10:00 · 2024-01-13 19:19:01 +01:00 · 2024-01-13 16:35:07 +01:00 · 2024-01-12 09:52:44 +01:00
1977 changed files with 540798 additions and 24974 deletions
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,37 +1,38 @@
 {
  "name": "Supervisor dev",
  "image": "ghcr.io/home-assistant/devcontainer:supervisor",
+  "containerEnv": {
+    "WORKSPACE_DIRECTORY": "${containerWorkspaceFolder}"
+  },
  "appPort": ["9123:8123", "7357:4357"],
  "postCreateCommand": "bash devcontainer_bootstrap",
  "runArgs": ["-e", "GIT_EDITOR=code --wait", "--privileged"],
-  "extensions": [
-    "ms-python.python",
-    "ms-python.vscode-pylance",
-    "visualstudioexptteam.vscodeintellicode",
-    "esbenp.prettier-vscode"
-  ],
-  "mounts": [ "type=volume,target=/var/lib/docker" ],
-  "settings": {
-    "terminal.integrated.profiles.linux": {
-      "zsh": {
-        "path": "/usr/bin/zsh"
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "ms-python.python",
+        "ms-python.pylint",
+        "ms-python.vscode-pylance",
+        "visualstudioexptteam.vscodeintellicode",
+        "esbenp.prettier-vscode"
+      ],
+      "settings": {
+        "terminal.integrated.profiles.linux": {
+          "zsh": {
+            "path": "/usr/bin/zsh"
+          }
+        },
+        "terminal.integrated.defaultProfile.linux": "zsh",
+        "editor.formatOnPaste": false,
+        "editor.formatOnSave": true,
+        "editor.formatOnType": true,
+        "files.trimTrailingWhitespace": true,
+        "python.pythonPath": "/usr/local/bin/python3",
+        "python.formatting.provider": "black",
+        "python.formatting.blackArgs": ["--target-version", "py312"],
+        "python.formatting.blackPath": "/usr/local/bin/black"
      }
-    },
-    "terminal.integrated.defaultProfile.linux": "zsh",
-    "editor.formatOnPaste": false,
-    "editor.formatOnSave": true,
-    "editor.formatOnType": true,
-    "files.trimTrailingWhitespace": true,
-    "python.pythonPath": "/usr/local/bin/python3",
-    "python.linting.pylintEnabled": true,
-    "python.linting.enabled": true,
-    "python.formatting.provider": "black",
-    "python.formatting.blackArgs": ["--target-version", "py39"],
-    "python.formatting.blackPath": "/usr/local/bin/black",
-    "python.linting.banditPath": "/usr/local/bin/bandit",
-    "python.linting.flake8Path": "/usr/local/bin/flake8",
-    "python.linting.mypyPath": "/usr/local/bin/mypy",
-    "python.linting.pylintPath": "/usr/local/bin/pylint",
-    "python.linting.pydocstylePath": "/usr/local/bin/pydocstyle"
-  }
+    }
+  },
+  "mounts": ["type=volume,target=/var/lib/docker"]
 }
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -20,22 +20,14 @@ body:
    attributes:
      value: |
        ## Environment
-  - type: input
-    validations:
-      required: true
-    attributes:
-      label: What is the used version of the Supervisor?
-      placeholder: supervisor-
-      description: >
-        Can be found in the Supervisor panel -> System tab. Starts with
-        `supervisor-....`.
  - type: dropdown
    validations:
      required: true
    attributes:
      label: What type of installation are you running?
      description: >
-        If you don't know, you can find it in: Configuration panel -> Info.
+        If you don't know, can be found in [Settings -> System -> Repairs -> System Information](https://my.home-assistant.io/redirect/system_health/).
+        It is listed as the `Installation Type` value.
      options:
        - Home Assistant OS
        - Home Assistant Supervised
@@ -48,22 +40,6 @@ body:
        - Home Assistant Operating System
        - Debian
        - Other (e.g., Raspbian/Raspberry Pi OS/Fedora)
-  - type: input
-    validations:
-      required: true
-    attributes:
-      label: What is the version of your installed operating system?
-      placeholder: "5.11"
-      description: Can be found in the Supervisor panel -> System tab.
-  - type: input
-    validations:
-      required: true
-    attributes:
-      label: What version of Home Assistant Core is installed?
-      placeholder: core-
-      description: >
-        Can be found in the Supervisor panel -> System tab. Starts with
-        `core-....`.
  - type: markdown
    attributes:
      value: |
@@ -87,8 +63,30 @@ body:
    attributes:
      label: Anything in the Supervisor logs that might be useful for us?
      description: >
-        The Supervisor logs can be found in the Supervisor panel -> System tab.
+        Supervisor Logs can be found in [Settings -> System -> Logs](https://my.home-assistant.io/redirect/logs/)
+        then choose `Supervisor` in the top right.
+
+        [![Open your Home Assistant instance and show your Supervisor system logs.](https://my.home-assistant.io/badges/supervisor_logs.svg)](https://my.home-assistant.io/redirect/supervisor_logs/)
      render: txt
+  - type: textarea
+    validations:
+      required: true
+    attributes:
+      label: System Health information
+      description: >
+        System Health information can be found in the top right menu in [Settings -> System -> Repairs](https://my.home-assistant.io/redirect/repairs/).
+        Click the copy button at the bottom of the pop-up and paste it here.
+        
+        [![Open your Home Assistant instance and show health information about your system.](https://my.home-assistant.io/badges/system_health.svg)](https://my.home-assistant.io/redirect/system_health/)
+  - type: textarea
+    attributes:
+      label: Supervisor diagnostics
+      placeholder: "drag-and-drop the diagnostics data file here (do not copy-and-paste the content)"
+      description: >-
+        Supervisor diagnostics can be found in [Settings -> Integrations](https://my.home-assistant.io/redirect/integrations/).
+        Find the card that says `Home Assistant Supervisor`, open its menu and select 'Download diagnostics'.
+        
+        **Please drag-and-drop the downloaded file into the textbox below. Do not copy and paste its contents.**
  - type: textarea
    attributes:
      label: Additional information
--- a/.github/workflows/builder.yml
+++ b/.github/workflows/builder.yml
@@ -33,10 +33,13 @@ on:
      - setup.py

 env:
-  DEFAULT_PYTHON: 3.9
+  DEFAULT_PYTHON: "3.12"
  BUILD_NAME: supervisor
  BUILD_TYPE: supervisor
-  WHEELS_TAG: 3.9-alpine3.14
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true

 jobs:
  init:
@@ -50,7 +53,7 @@ jobs:
      requirements: ${{ steps.requirements.outputs.changed }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1
        with:
          fetch-depth: 0

@@ -67,39 +70,51 @@ jobs:
      - name: Get changed files
        id: changed_files
        if: steps.version.outputs.publish == 'false'
-        uses: jitterbit/get-changed-files@v1
+        uses: masesgroup/retrieve-changed-files@v3.0.0

      - name: Check if requirements files changed
        id: requirements
        run: |
-          if [[ "${{ steps.changed_files.outputs.all }}" =~ (requirements.txt|build.json) ]]; then
-            echo "::set-output name=changed::true"
+          if [[ "${{ steps.changed_files.outputs.all }}" =~ (requirements.txt|build.yaml) ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
          fi

  build:
    name: Build ${{ matrix.arch }} supervisor
    needs: init
    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
    strategy:
      matrix:
        arch: ${{ fromJson(needs.init.outputs.architectures) }}
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1
        with:
          fetch-depth: 0

+      - name: Write env-file
+        if: needs.init.outputs.requirements == 'true'
+        run: |
+          (
+            # Fix out of memory issues with rust
+            echo "CARGO_NET_GIT_FETCH_WITH_CLI=true"
+          ) > .env_file
+
      - name: Build wheels
        if: needs.init.outputs.requirements == 'true'
-        uses: home-assistant/wheels@2022.01.2
+        uses: home-assistant/wheels@2024.01.0
        with:
-          tag: ${{ env.WHEELS_TAG }}
+          abi: cp312
+          tag: musllinux_1_2
          arch: ${{ matrix.arch }}
-          wheels-host: wheels.hass.io
          wheels-key: ${{ secrets.WHEELS_KEY }}
-          wheels-user: wheels
-          apk: "build-base;libffi-dev;openssl-dev;cargo"
+          apk: "libffi-dev;openssl-dev;yaml-dev"
          skip-binary: aiohttp
+          env-file: true
          requirements: "requirements.txt"

      - name: Set version
@@ -108,16 +123,33 @@ jobs:
        with:
          type: ${{ env.BUILD_TYPE }}

-      - name: Login to DockerHub
+      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
        if: needs.init.outputs.publish == 'true'
-        uses: docker/login-action@v2.0.0
+        uses: actions/setup-python@v5.0.0
        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          python-version: ${{ env.DEFAULT_PYTHON }}
+
+      - name: Install Cosign
+        if: needs.init.outputs.publish == 'true'
+        uses: sigstore/cosign-installer@v3.3.0
+        with:
+          cosign-release: "v2.0.2"
+
+      - name: Install dirhash and calc hash
+        if: needs.init.outputs.publish == 'true'
+        run: |
+          pip3 install setuptools dirhash
+          dir_hash="$(dirhash "${{ github.workspace }}/supervisor" -a sha256 --match "*.py")"
+          echo "${dir_hash}" > rootfs/supervisor.sha256
+
+      - name: Sign supervisor SHA256
+        if: needs.init.outputs.publish == 'true'
+        run: |
+          cosign sign-blob --yes rootfs/supervisor.sha256 --bundle rootfs/supervisor.sha256.sig

      - name: Login to GitHub Container Registry
        if: needs.init.outputs.publish == 'true'
-        uses: docker/login-action@v2.0.0
+        uses: docker/login-action@v3.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -128,55 +160,17 @@ jobs:
        run: echo "BUILD_ARGS=--test" >> $GITHUB_ENV

      - name: Build supervisor
-        uses: home-assistant/builder@2022.06.2
+        uses: home-assistant/builder@2024.01.0
        with:
          args: |
            $BUILD_ARGS \
            --${{ matrix.arch }} \
            --target /data \
+            --cosign \
            --generic ${{ needs.init.outputs.version }}
        env:
          CAS_API_KEY: ${{ secrets.CAS_TOKEN }}

-  codenotary:
-    name: CAS signature
-    needs: init
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the repository
-        if: needs.init.outputs.publish == 'true'
-        uses: actions/checkout@v3.0.2
-        with:
-          fetch-depth: 0
-
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        if: needs.init.outputs.publish == 'true'
-        uses: actions/setup-python@v4.0.0
-        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
-
-      - name: Set version
-        if: needs.init.outputs.publish == 'true'
-        uses: home-assistant/actions/helpers/version@master
-        with:
-          type: ${{ env.BUILD_TYPE }}
-
-      - name: Install dirhash and calc hash
-        if: needs.init.outputs.publish == 'true'
-        id: dirhash
-        run: |
-          pip3 install dirhash
-          dir_hash="$(dirhash "${{ github.workspace }}/supervisor" -a sha256 --match "*.py")"
-          echo "::set-output name=dirhash::${dir_hash}"
-
-      - name: Signing Source
-        if: needs.init.outputs.publish == 'true'
-        uses: home-assistant/actions/helpers/codenotary@master
-        with:
-          source: hash://${{ steps.dirhash.outputs.dirhash }}
-          asset: supervisor-${{ needs.init.outputs.version }}
-          token: ${{ secrets.CAS_TOKEN }}
-
  version:
    name: Update version
    needs: ["init", "run_supervisor"]
@@ -184,7 +178,7 @@ jobs:
    steps:
      - name: Checkout the repository
        if: needs.init.outputs.publish == 'true'
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1

      - name: Initialize git
        if: needs.init.outputs.publish == 'true'
@@ -205,15 +199,15 @@ jobs:
  run_supervisor:
    runs-on: ubuntu-latest
    name: Run the Supervisor
-    needs: ["build", "codenotary", "init"]
+    needs: ["build", "init"]
    timeout-minutes: 60
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1

      - name: Build the Supervisor
        if: needs.init.outputs.publish != 'true'
-        uses: home-assistant/builder@2022.06.2
+        uses: home-assistant/builder@2024.01.0
        with:
          args: |
            --test \
@@ -225,7 +219,7 @@ jobs:
        if: needs.init.outputs.publish == 'true'
        run: |
          docker pull ghcr.io/home-assistant/amd64-hassio-supervisor:${{ needs.init.outputs.version }}
-          docker tag ghcr.io/home-assistant/amd64-hassio-supervisor:${{ needs.init.outputs.version }} homeassistant/amd64-hassio-supervisor:runner
+          docker tag ghcr.io/home-assistant/amd64-hassio-supervisor:${{ needs.init.outputs.version }} ghcr.io/home-assistant/amd64-hassio-supervisor:runner

      - name: Create the Supervisor
        run: |
@@ -242,7 +236,7 @@ jobs:
            -e SUPERVISOR_NAME=hassio_supervisor \
            -e SUPERVISOR_DEV=1 \
            -e SUPERVISOR_MACHINE="qemux86-64" \
-          homeassistant/amd64-hassio-supervisor:runner
+          ghcr.io/home-assistant/amd64-hassio-supervisor:runner

      - name: Start the Supervisor
        run: docker start hassio_supervisor
@@ -290,6 +284,12 @@ jobs:
            exit 1
          fi

+          # Make sure its state is started
+          test="$(docker exec hassio_cli ha addons info core_ssh --no-progress --raw-json | jq -r '.data.state')"
+          if [ "$test" != "started" ]; then
+            exit 1
+          fi
+
      - name: Check the Supervisor code sign
        if: needs.init.outputs.publish == 'true'
        run: |
@@ -324,7 +324,7 @@ jobs:
          if [ "$(echo $test | jq -r '.result')" != "ok" ]; then
            exit 1
          fi
-          echo "::set-output name=slug::$(echo $test | jq -r '.data.slug')"
+          echo "slug=$(echo $test | jq -r '.data.slug')" >> "$GITHUB_OUTPUT"

      - name: Uninstall SSH add-on
        run: |
@@ -362,6 +362,12 @@ jobs:
            exit 1
          fi

+          # Make sure its state is started
+          test="$(docker exec hassio_cli ha addons info core_ssh --no-progress --raw-json | jq -r '.data.state')"
+          if [ "$test" != "started" ]; then
+            exit 1
+          fi
+
      - name: Restore SSL directory from backup
        run: |
          test=$(docker exec hassio_cli ha backups restore ${{ steps.backup.outputs.slug }} --folders ssl --no-progress --raw-json | jq -r '.result')
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -8,30 +8,32 @@ on:
  pull_request: ~

 env:
-  DEFAULT_PYTHON: 3.9
-  PRE_COMMIT_HOME: ~/.cache/pre-commit
-  DEFAULT_CAS: v1.0.2
+  DEFAULT_PYTHON: "3.12"
+  PRE_COMMIT_CACHE: ~/.cache/pre-commit
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true

 jobs:
  # Separate job to pre-populate the base dependency cache
  # This prevent upcoming jobs to do the same individually
  prepare:
    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        python-version: [3.9]
-    name: Prepare Python ${{ matrix.python-version }} dependencies
+    outputs:
+      python-version: ${{ steps.python.outputs.python-version }}
+    name: Prepare Python dependencies
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python
        id: python
-        uses: actions/setup-python@v4.0.0
+        uses: actions/setup-python@v5.0.0
        with:
-          python-version: ${{ matrix.python-version }}
+          python-version: ${{ env.DEFAULT_PYTHON }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
@@ -45,9 +47,10 @@ jobs:
          pip install -r requirements.txt -r requirements_tests.txt
      - name: Restore pre-commit environment from cache
        id: cache-precommit
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
-          path: ${{ env.PRE_COMMIT_HOME }}
+          path: ${{ env.PRE_COMMIT_CACHE }}
+          lookup-only: true
          key: |
            ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
          restore-keys: |
@@ -64,19 +67,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -85,7 +88,7 @@ jobs:
      - name: Run black
        run: |
          . venv/bin/activate
-          black --target-version py38 --check supervisor tests setup.py
+          black --target-version py312 --check supervisor tests setup.py

  lint-dockerfile:
    name: Check Dockerfile
@@ -93,7 +96,7 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1
      - name: Register hadolint problem matcher
        run: |
          echo "::add-matcher::.github/workflows/matchers/hadolint.json"
@@ -108,19 +111,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -128,9 +131,9 @@ jobs:
          exit 1
      - name: Restore pre-commit environment from cache
        id: cache-precommit
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
-          path: ${{ env.PRE_COMMIT_HOME }}
+          path: ${{ env.PRE_COMMIT_CACHE }}
          key: |
            ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
      - name: Fail job if cache restore failed
@@ -152,19 +155,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -184,19 +187,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -204,9 +207,9 @@ jobs:
          exit 1
      - name: Restore pre-commit environment from cache
        id: cache-precommit
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
-          path: ${{ env.PRE_COMMIT_HOME }}
+          path: ${{ env.PRE_COMMIT_CACHE }}
          key: |
            ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
      - name: Fail job if cache restore failed
@@ -225,19 +228,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -245,9 +248,9 @@ jobs:
          exit 1
      - name: Restore pre-commit environment from cache
        id: cache-precommit
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
-          path: ${{ env.PRE_COMMIT_HOME }}
+          path: ${{ env.PRE_COMMIT_CACHE }}
          key: |
            ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
      - name: Fail job if cache restore failed
@@ -269,19 +272,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -301,19 +304,19 @@ jobs:
    needs: prepare
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -321,9 +324,9 @@ jobs:
          exit 1
      - name: Restore pre-commit environment from cache
        id: cache-precommit
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
-          path: ${{ env.PRE_COMMIT_HOME }}
+          path: ${{ env.PRE_COMMIT_CACHE }}
          key: |
            ${{ runner.os }}-pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
      - name: Fail job if cache restore failed
@@ -339,29 +342,26 @@ jobs:
  pytest:
    runs-on: ubuntu-latest
    needs: prepare
-    strategy:
-      matrix:
-        python-version: [3.9]
-    name: Run tests Python ${{ matrix.python-version }}
+    name: Run tests Python ${{ needs.prepare.outputs.python-version }}
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ matrix.python-version }}
-      - name: Install CAS tools
-        uses: home-assistant/actions/helpers/cas@master
+          python-version: ${{ needs.prepare.outputs.python-version }}
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@v3.3.0
        with:
-          version: ${{ env.DEFAULT_CAS }}
+          cosign-release: "v2.0.2"
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
@@ -370,7 +370,7 @@ jobs:
      - name: Install additional system dependencies
        run: |
          sudo apt-get update
-          sudo apt-get install -y --no-install-recommends libpulse0 libudev1
+          sudo apt-get install -y --no-install-recommends libpulse0 libudev1 dbus dbus-x11
      - name: Register Python problem matcher
        run: |
          echo "::add-matcher::.github/workflows/matchers/python.json"
@@ -392,7 +392,7 @@ jobs:
            -o console_output_style=count \
            tests
      - name: Upload coverage artifact
-        uses: actions/upload-artifact@v3.1.0
+        uses: actions/upload-artifact@v4.0.0
        with:
          name: coverage-${{ matrix.python-version }}
          path: .coverage
@@ -400,29 +400,29 @@ jobs:
  coverage:
    name: Process test coverage
    runs-on: ubuntu-latest
-    needs: pytest
+    needs: ["pytest", "prepare"]
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
-      - name: Set up Python ${{ env.DEFAULT_PYTHON }}
-        uses: actions/setup-python@v4.0.0
+        uses: actions/checkout@v4.1.1
+      - name: Set up Python ${{ needs.prepare.outputs.python-version }}
+        uses: actions/setup-python@v5.0.0
        id: python
        with:
-          python-version: ${{ env.DEFAULT_PYTHON }}
+          python-version: ${{ needs.prepare.outputs.python-version }}
      - name: Restore Python virtual environment
        id: cache-venv
-        uses: actions/cache@v3.0.4
+        uses: actions/cache@v3.3.3
        with:
          path: venv
          key: |
-            ${{ runner.os }}-venv-${{ steps.python.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
+            ${{ runner.os }}-venv-${{ needs.prepare.outputs.python-version }}-${{ hashFiles('requirements.txt') }}-${{ hashFiles('requirements_tests.txt') }}
      - name: Fail job if Python cache restore failed
        if: steps.cache-venv.outputs.cache-hit != 'true'
        run: |
          echo "Failed to restore Python virtual environment from cache"
          exit 1
      - name: Download all coverage artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4.1.1
      - name: Combine coverage results
        run: |
          . venv/bin/activate
@@ -430,4 +430,4 @@ jobs:
          coverage report
          coverage xml
      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v3.1.0
+        uses: codecov/codecov-action@v3.1.4
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@@ -9,7 +9,7 @@ jobs:
  lock:
    runs-on: ubuntu-latest
    steps:
-      - uses: dessant/lock-threads@v3.0.0
+      - uses: dessant/lock-threads@v5.0.1
        with:
          github-token: ${{ github.token }}
          issue-inactive-days: "30"
--- a/.github/workflows/release-drafter.yml
+++ b/.github/workflows/release-drafter.yml
@@ -11,7 +11,7 @@ jobs:
    name: Release Drafter
    steps:
      - name: Checkout the repository
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1
        with:
          fetch-depth: 0

@@ -33,10 +33,10 @@ jobs:

          echo Current version:    $latest
          echo New target version: $datepre.$newpost
-          echo "::set-output name=version::$datepre.$newpost"
+          echo "version=$datepre.$newpost" >> "$GITHUB_OUTPUT"

      - name: Run Release Drafter
-        uses: release-drafter/release-drafter@v5.20.0
+        uses: release-drafter/release-drafter@v5.25.0
        with:
          tag: ${{ steps.version.outputs.version }}
          name: ${{ steps.version.outputs.version }}
--- a/.github/workflows/sentry.yaml
+++ b/.github/workflows/sentry.yaml
@@ -10,9 +10,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out code from GitHub
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v4.1.1
      - name: Sentry Release
-        uses: getsentry/action-release@v1.1.6
+        uses: getsentry/action-release@v1.6.0
        env:
          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -9,10 +9,10 @@ jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@v5.0.0
+      - uses: actions/stale@v9.0.0
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          days-before-stale: 60
+          days-before-stale: 30
          days-before-close: 7
          stale-issue-label: "stale"
          exempt-issue-labels: "no-stale,Help%20wanted,help-wanted,pinned,rfc,security"
--- a/.hadolint.yaml
+++ b/.hadolint.yaml
@@ -3,4 +3,5 @@ ignored:
  - DL3006
  - DL3013
  - DL3018
+  - DL3042
  - SC2155
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,34 +1,34 @@
 repos:
  - repo: https://github.com/psf/black
-    rev: 22.6.0
+    rev: 23.12.1
    hooks:
      - id: black
        args:
          - --safe
          - --quiet
          - --target-version
-          - py39
+          - py312
        files: ^((supervisor|tests)/.+)?[^/]+\.py$
-  - repo: https://gitlab.com/pycqa/flake8
-    rev: 3.8.3
+  - repo: https://github.com/PyCQA/flake8
+    rev: 7.0.0
    hooks:
      - id: flake8
        additional_dependencies:
-          - flake8-docstrings==1.5.0
-          - pydocstyle==5.0.2
+          - flake8-docstrings==1.7.0
+          - pydocstyle==6.3.0
        files: ^(supervisor|script|tests)/.+\.py$
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v3.1.0
+    rev: v4.5.0
    hooks:
      - id: check-executables-have-shebangs
        stages: [manual]
      - id: check-json
  - repo: https://github.com/PyCQA/isort
-    rev: 5.9.3
+    rev: 5.13.2
    hooks:
      - id: isort
  - repo: https://github.com/asottile/pyupgrade
-    rev: v2.32.1
+    rev: v3.15.0
    hooks:
      - id: pyupgrade
-        args: [--py39-plus]
+        args: [--py312-plus]
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -13,6 +13,13 @@
          "remoteRoot": "/usr/src/supervisor"
        }
      ]
+    },
+    {
+      "name": "Debug Tests",
+      "type": "python",
+      "request": "test",
+      "console": "internalConsole",
+      "justMyCode": false
    }
  ]
 }
--- a/28
+++ b/28
@@ -3,17 +3,19 @@ FROM ${BUILD_FROM}

 ENV \
    S6_SERVICES_GRACETIME=10000 \
-    SUPERVISOR_API=http://localhost
+    SUPERVISOR_API=http://localhost \
+    CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1

 ARG \
-    BUILD_ARCH \
-    CAS_VERSION
+    COSIGN_VERSION \
+    BUILD_ARCH

 # Install base
 WORKDIR /usr/src
 RUN \
    set -x \
    && apk add --no-cache \
+        findutils \
        eudev \
        eudev-libs \
        git \
@@ -21,33 +23,23 @@ RUN \
        libpulse \
        musl \
        openssl \
-    && apk add --no-cache --virtual .build-dependencies \
-        build-base \
-        go \
+        yaml \
    \
-    && git clone -b "v${CAS_VERSION}" --depth 1 \
-        https://github.com/codenotary/cas \
-    && cd cas \
-    && make cas \
-    && mv cas /usr/bin/cas \
-    \
-    && apk del .build-dependencies \
-    && rm -rf /root/go /root/.cache \
-    && rm -rf /usr/src/cas
+    && curl -Lso /usr/bin/cosign "https://github.com/home-assistant/cosign/releases/download/${COSIGN_VERSION}/cosign_${BUILD_ARCH}" \
+    && chmod a+x /usr/bin/cosign

 # Install requirements
 COPY requirements.txt .
 RUN \
    export MAKEFLAGS="-j$(nproc)" \
-    && pip3 install --no-cache-dir --no-index --only-binary=:all: --find-links \
-        "https://wheels.home-assistant.io/alpine-$(cut -d '.' -f 1-2 < /etc/alpine-release)/${BUILD_ARCH}/" \
+    && pip3 install --only-binary=:all: \
        -r ./requirements.txt \
    && rm -f requirements.txt

 # Install Home Assistant Supervisor
 COPY . supervisor
 RUN \
-    pip3 install --no-cache-dir -e ./supervisor \
+    pip3 install -e ./supervisor \
    && python3 -m compileall ./supervisor/supervisor


--- a/build.yaml
+++ b/build.yaml
@@ -1,16 +1,18 @@
-image: homeassistant/{arch}-hassio-supervisor
-shadow_repository: ghcr.io/home-assistant
+image: ghcr.io/home-assistant/{arch}-hassio-supervisor
 build_from:
-  aarch64: ghcr.io/home-assistant/aarch64-base-python:3.9-alpine3.14
-  armhf: ghcr.io/home-assistant/armhf-base-python:3.9-alpine3.14
-  armv7: ghcr.io/home-assistant/armv7-base-python:3.9-alpine3.14
-  amd64: ghcr.io/home-assistant/amd64-base-python:3.9-alpine3.14
-  i386: ghcr.io/home-assistant/i386-base-python:3.9-alpine3.14
+  aarch64: ghcr.io/home-assistant/aarch64-base-python:3.12-alpine3.18
+  armhf: ghcr.io/home-assistant/armhf-base-python:3.12-alpine3.18
+  armv7: ghcr.io/home-assistant/armv7-base-python:3.12-alpine3.18
+  amd64: ghcr.io/home-assistant/amd64-base-python:3.12-alpine3.18
+  i386: ghcr.io/home-assistant/i386-base-python:3.12-alpine3.18
 codenotary:
  signer: notary@home-assistant.io
  base_image: notary@home-assistant.io
+cosign:
+  base_identity: https://github.com/home-assistant/docker-base/.*
+  identity: https://github.com/home-assistant/supervisor/.*
 args:
-  CAS_VERSION: 1.0.2
+  COSIGN_VERSION: 2.0.2
 labels:
  io.hass.type: supervisor
  org.opencontainers.image.title: Home Assistant Supervisor
--- a/2
+++ b/2
--- a/45
+++ b/45
@@ -1,45 +0,0 @@
-[MASTER]
-reports=no
-jobs=2
-
-good-names=id,i,j,k,ex,Run,_,fp,T,os
-
-extension-pkg-whitelist=
-  ciso8601
-
-# Reasons disabled:
-# format - handled by black
-# locally-disabled - it spams too much
-# duplicate-code - unavoidable
-# cyclic-import - doesn't test if both import on load
-# abstract-class-not-used - is flaky, should not show up but does
-# unused-argument - generic callbacks and setup methods create a lot of warnings
-# too-many-* - are not enforced for the sake of readability
-# too-few-* - same as too-many-*
-# abstract-method - with intro of async there are always methods missing
-disable=
-  format,
-  abstract-method,
-  cyclic-import,
-  duplicate-code,
-  locally-disabled,
-  no-else-return,
-  not-context-manager,
-  too-few-public-methods,
-  too-many-arguments,
-  too-many-branches,
-  too-many-instance-attributes,
-  too-many-lines,
-  too-many-locals,
-  too-many-public-methods,
-  too-many-return-statements,
-  too-many-statements,
-  unused-argument,
-  consider-using-with
-
-[EXCEPTIONS]
-overgeneral-exceptions=Exception
-
-
-[TYPECHECK]
-ignored-modules = distutils
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -0,0 +1,112 @@
+[build-system]
+requires = ["setuptools~=68.0.0", "wheel~=0.40.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "Supervisor"
+dynamic = ["version", "dependencies"]
+license = { text = "Apache-2.0" }
+description = "Open-source private cloud os for Home-Assistant based on HassOS"
+readme = "README.md"
+authors = [
+    { name = "The Home Assistant Authors", email = "hello@home-assistant.io" },
+]
+keywords = ["docker", "home-assistant", "api"]
+requires-python = ">=3.12.0"
+
+[project.urls]
+"Homepage" = "https://www.home-assistant.io/"
+"Source Code" = "https://github.com/home-assistant/supervisor"
+"Bug Reports" = "https://github.com/home-assistant/supervisor/issues"
+"Docs: Dev" = "https://developers.home-assistant.io/"
+"Discord" = "https://www.home-assistant.io/join-chat/"
+"Forum" = "https://community.home-assistant.io/"
+
+[tool.setuptools]
+platforms = ["any"]
+zip-safe = false
+include-package-data = true
+
+[tool.setuptools.packages.find]
+include = ["supervisor*"]
+
+[tool.pylint.MAIN]
+py-version = "3.11"
+# Use a conservative default here; 2 should speed up most setups and not hurt
+# any too bad. Override on command line as appropriate.
+jobs = 2
+persistent = false
+extension-pkg-allow-list = ["ciso8601"]
+
+[tool.pylint.BASIC]
+class-const-naming-style = "any"
+good-names = ["id", "i", "j", "k", "ex", "Run", "_", "fp", "T", "os"]
+
+[tool.pylint."MESSAGES CONTROL"]
+# Reasons disabled:
+# format - handled by black
+# abstract-method - with intro of async there are always methods missing
+# cyclic-import - doesn't test if both import on load
+# duplicate-code - unavoidable
+# locally-disabled - it spams too much
+# too-many-* - are not enforced for the sake of readability
+# too-few-* - same as too-many-*
+# unused-argument - generic callbacks and setup methods create a lot of warnings
+disable = [
+    "format",
+    "abstract-method",
+    "cyclic-import",
+    "duplicate-code",
+    "locally-disabled",
+    "no-else-return",
+    "not-context-manager",
+    "too-few-public-methods",
+    "too-many-arguments",
+    "too-many-branches",
+    "too-many-instance-attributes",
+    "too-many-lines",
+    "too-many-locals",
+    "too-many-public-methods",
+    "too-many-return-statements",
+    "too-many-statements",
+    "unused-argument",
+    "consider-using-with",
+]
+
+[tool.pylint.REPORTS]
+score = false
+
+[tool.pylint.TYPECHECK]
+ignored-modules = ["distutils"]
+
+[tool.pylint.FORMAT]
+expected-line-ending-format = "LF"
+
+[tool.pylint.EXCEPTIONS]
+overgeneral-exceptions = ["builtins.BaseException", "builtins.Exception"]
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+norecursedirs = [".git"]
+log_format = "%(asctime)s.%(msecs)03d %(levelname)-8s %(threadName)s %(name)s:%(filename)s:%(lineno)s %(message)s"
+log_date_format = "%Y-%m-%d %H:%M:%S"
+asyncio_mode = "auto"
+filterwarnings = [
+    "error",
+    "ignore:pkg_resources is deprecated as an API:DeprecationWarning:dirhash",
+    "ignore::pytest.PytestUnraisableExceptionWarning",
+]
+
+[tool.isort]
+multi_line_output = 3
+include_trailing_comma = true
+force_grid_wrap = 0
+line_length = 88
+indent = "    "
+force_sort_within_sections = true
+sections = ["FUTURE", "STDLIB", "THIRDPARTY", "FIRSTPARTY", "LOCALFOLDER"]
+default_section = "THIRDPARTY"
+forced_separate = "tests"
+combine_as_imports = true
+use_parentheses = true
+known_first_party = ["supervisor", "tests"]
--- a/pytest.ini
+++ b/pytest.ini
@@ -1,2 +0,0 @@
-[pytest]
-asyncio_mode = auto
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,25 +1,30 @@
-aiodns==3.0.0
-aiohttp==3.8.1
-async_timeout==4.0.2
-atomicwrites==1.4.0
-attrs==21.4.0
-awesomeversion==22.6.0
-brotli==1.0.9
-cchardet==2.1.7
-ciso8601==2.2.0
-colorlog==6.6.0
+aiodns==3.1.1
+aiohttp==3.9.1
+aiohttp-fast-url-dispatcher==0.3.0
+async_timeout==4.0.3
+atomicwrites-homeassistant==1.4.1
+attrs==23.2.0
+awesomeversion==23.11.0
+brotli==1.1.0
+ciso8601==2.3.1
+colorlog==6.8.0
 cpe==1.2.1
-cryptography==37.0.4
-debugpy==1.6.0
-deepmerge==1.0.1
+cryptography==41.0.7
+debugpy==1.8.0
+deepmerge==1.1.1
 dirhash==0.2.1
-docker==5.0.3
-gitpython==3.1.27
-jinja2==3.1.2
-pulsectl==22.3.2
-pyudev==0.23.2
-ruamel.yaml==0.17.17
-securetar==2022.2.0
-sentry-sdk==1.6.0
-voluptuous==0.13.1
-dbus-next==0.2.3
+docker==7.0.0
+faust-cchardet==2.1.19
+gitpython==3.1.41
+jinja2==3.1.3
+orjson==3.9.10
+pulsectl==23.5.2
+pyudev==0.24.1
+PyYAML==6.0.1
+securetar==2023.12.0
+sentry-sdk==1.39.2
+setuptools==69.0.3
+voluptuous==0.14.1
+dbus-fast==2.21.0
+typing_extensions==4.9.0
+zlib-fast==0.1.0
--- a/requirements_tests.txt
+++ b/requirements_tests.txt
@@ -1,15 +1,16 @@
-black==22.6.0
-codecov==2.1.12
-coverage==6.4.1
-flake8-docstrings==1.6.0
-flake8==4.0.1
-pre-commit==2.19.0
-pydocstyle==6.1.1
-pylint==2.14.4
-pytest-aiohttp==1.0.4
-pytest-asyncio==0.18.3
-pytest-cov==3.0.0
-pytest-timeout==2.1.0
-pytest==7.1.2
-pyupgrade==2.34.0
-time-machine==2.7.1
+black==23.12.1
+coverage==7.4.0
+flake8-docstrings==1.7.0
+flake8==7.0.0
+pre-commit==3.6.0
+pydocstyle==6.3.0
+pylint==3.0.3
+pytest-aiohttp==1.0.5
+pytest-asyncio==0.23.3
+pytest-cov==4.1.0
+pytest-timeout==2.2.0
+pytest==7.4.4
+pyupgrade==3.15.0
+time-machine==2.13.0
+typing_extensions==4.9.0
+urllib3==2.1.0
--- a/rootfs/etc/services.d/watchdog/run
+++ b/rootfs/etc/services.d/watchdog/run
@@ -15,7 +15,7 @@ do
    if [[ "${supervisor_state}" = "running"  ]]; then

        # Check API
-        if bashio::supervisor.ping; then
+        if bashio::supervisor.ping > /dev/null; then
            failed_count=0
        else
            bashio::log.warning "Maybe found an issue on API healthy"
--- a/rootfs/root/.cas-trusted-signing-pub-key
+++ b/rootfs/root/.cas-trusted-signing-pub-key
@@ -1,4 +0,0 @@
-----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE03LvYuz79GTJx4uKp3w6NrSe5JZI
-iBtgzzYi0YQYtZO/r+xFpgDJEa0gLHkXtl94fpqrFiN89In83lzaszbZtA==
-----END PUBLIC KEY-----
--- a/rootfs/root/.cas/config.json
+++ b/rootfs/root/.cas/config.json
@@ -1,8 +0,0 @@
-{
-  "currentcontext": {
-    "LcHost": "cas.codenotary.com",
-    "LcPort": "443"
-  },
-  "schemaversion": 3,
-  "users": null
-}
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,17 +1,3 @@
-[isort]
-multi_line_output = 3
-include_trailing_comma=True
-force_grid_wrap=0
-line_length=88
-indent = "    "
-force_sort_within_sections = true
-sections = FUTURE,STDLIB,THIRDPARTY,FIRSTPARTY,LOCALFOLDER
-default_section = THIRDPARTY
-forced_separate = tests
-combine_as_imports = true
-use_parentheses = true
-known_first_party = supervisor,tests
-
 [flake8]
 exclude = .venv,.git,.tox,docs,venv,bin,lib,deps,build
 doctests = True
@@ -27,3 +13,5 @@ ignore =
    E203,
    D202,
    W504
+per-file-ignores =
+    tests/dbus_service_mocks/*.py: F821,F722
--- a/setup.py
+++ b/setup.py
@@ -1,60 +1,27 @@
 """Home Assistant Supervisor setup."""
+from pathlib import Path
+import re
+
 from setuptools import setup

-from supervisor.const import SUPERVISOR_VERSION
+RE_SUPERVISOR_VERSION = re.compile(r"^SUPERVISOR_VERSION =\s*(.+)$")
+
+SUPERVISOR_DIR = Path(__file__).parent
+REQUIREMENTS_FILE = SUPERVISOR_DIR / "requirements.txt"
+CONST_FILE = SUPERVISOR_DIR / "supervisor/const.py"
+
+REQUIREMENTS = REQUIREMENTS_FILE.read_text(encoding="utf-8")
+CONSTANTS = CONST_FILE.read_text(encoding="utf-8")
+
+
+def _get_supervisor_version():
+    for line in CONSTANTS.split("/n"):
+        if match := RE_SUPERVISOR_VERSION.match(line):
+            return match.group(1)
+    return "99.9.9dev"
+

 setup(
-    name="Supervisor",
-    version=SUPERVISOR_VERSION,
-    license="BSD License",
-    author="The Home Assistant Authors",
-    author_email="hello@home-assistant.io",
-    url="https://home-assistant.io/",
-    description=("Open-source private cloud os for Home-Assistant" " based on HassOS"),
-    long_description=(
-        "A maintainless private cloud operator system that"
-        "setup a Home-Assistant instance. Based on HassOS"
-    ),
-    classifiers=[
-        "Intended Audience :: End Users/Desktop",
-        "Intended Audience :: Developers",
-        "License :: OSI Approved :: Apache Software License",
-        "Operating System :: OS Independent",
-        "Topic :: Home Automation",
-        "Topic :: Software Development :: Libraries :: Python Modules",
-        "Topic :: Scientific/Engineering :: Atmospheric Science",
-        "Development Status :: 5 - Production/Stable",
-        "Intended Audience :: Developers",
-        "Programming Language :: Python :: 3.8",
-    ],
-    keywords=["docker", "home-assistant", "api"],
-    zip_safe=False,
-    platforms="any",
-    packages=[
-        "supervisor.addons",
-        "supervisor.api",
-        "supervisor.backups",
-        "supervisor.dbus.network",
-        "supervisor.dbus.network.setting",
-        "supervisor.dbus",
-        "supervisor.discovery.services",
-        "supervisor.discovery",
-        "supervisor.docker",
-        "supervisor.homeassistant",
-        "supervisor.host",
-        "supervisor.jobs",
-        "supervisor.misc",
-        "supervisor.plugins",
-        "supervisor.resolution.checks",
-        "supervisor.resolution.evaluations",
-        "supervisor.resolution.fixups",
-        "supervisor.resolution",
-        "supervisor.security",
-        "supervisor.services.modules",
-        "supervisor.services",
-        "supervisor.store",
-        "supervisor.utils",
-        "supervisor",
-    ],
-    include_package_data=True,
+    version=_get_supervisor_version(),
+    dependencies=REQUIREMENTS.split("/n"),
 )
--- a/supervisor/main.py
+++ b/supervisor/main.py
@@ -5,7 +5,13 @@ import logging
 from pathlib import Path
 import sys

-from supervisor import bootstrap
+import zlib_fast
+
+# Enable fast zlib before importing supervisor
+zlib_fast.enable()
+
+from supervisor import bootstrap  # noqa: E402
+from supervisor.utils.logging import activate_log_queue_handler  # noqa: E402

 _LOGGER: logging.Logger = logging.getLogger(__name__)

@@ -28,7 +34,8 @@ if __name__ == "__main__":
    bootstrap.initialize_logging()

    # Init async event loop
-    loop = asyncio.get_event_loop()
+    loop = asyncio.new_event_loop()
+    asyncio.set_event_loop(loop)

    # Check if all information are available to setup Supervisor
    bootstrap.check_environment()
@@ -37,6 +44,8 @@ if __name__ == "__main__":
    executor = ThreadPoolExecutor(thread_name_prefix="SyncWorker")
    loop.set_default_executor(executor)

+    activate_log_queue_handler()
+
    _LOGGER.info("Initializing Supervisor setup")
    coresys = loop.run_until_complete(bootstrap.initialize_coresys())
    loop.set_debug(coresys.config.debug)
--- a/supervisor/addons/init.py
+++ b/supervisor/addons/init.py
@@ -1,438 +1 @@
 """Init file for Supervisor add-ons."""
-import asyncio
-from contextlib import suppress
-import logging
-import tarfile
-from typing import Optional, Union
-
-from ..const import AddonBoot, AddonStartup, AddonState
-from ..coresys import CoreSys, CoreSysAttributes
-from ..exceptions import (
-    AddonConfigurationError,
-    AddonsError,
-    AddonsJobError,
-    AddonsNotSupportedError,
-    CoreDNSError,
-    DockerAPIError,
-    DockerError,
-    DockerNotFound,
-    HomeAssistantAPIError,
-    HostAppArmorError,
-)
-from ..jobs.decorator import Job, JobCondition
-from ..resolution.const import ContextType, IssueType, SuggestionType
-from ..store.addon import AddonStore
-from ..utils import check_exception_chain
-from .addon import Addon
-from .data import AddonsData
-
-_LOGGER: logging.Logger = logging.getLogger(__name__)
-
-AnyAddon = Union[Addon, AddonStore]
-
-
-class AddonManager(CoreSysAttributes):
-    """Manage add-ons inside Supervisor."""
-
-    def __init__(self, coresys: CoreSys):
-        """Initialize Docker base wrapper."""
-        self.coresys: CoreSys = coresys
-        self.data: AddonsData = AddonsData(coresys)
-        self.local: dict[str, Addon] = {}
-        self.store: dict[str, AddonStore] = {}
-
-    @property
-    def all(self) -> list[AnyAddon]:
-        """Return a list of all add-ons."""
-        addons: dict[str, AnyAddon] = {**self.store, **self.local}
-        return list(addons.values())
-
-    @property
-    def installed(self) -> list[Addon]:
-        """Return a list of all installed add-ons."""
-        return list(self.local.values())
-
-    def get(self, addon_slug: str, local_only: bool = False) -> Optional[AnyAddon]:
-        """Return an add-on from slug.
-
-        Prio:
-          1 - Local
-          2 - Store
-        """
-        if addon_slug in self.local:
-            return self.local[addon_slug]
-        if not local_only:
-            return self.store.get(addon_slug)
-        return None
-
-    def from_token(self, token: str) -> Optional[Addon]:
-        """Return an add-on from Supervisor token."""
-        for addon in self.installed:
-            if token == addon.supervisor_token:
-                return addon
-        return None
-
-    async def load(self) -> None:
-        """Start up add-on management."""
-        tasks = []
-        for slug in self.data.system:
-            addon = self.local[slug] = Addon(self.coresys, slug)
-            tasks.append(addon.load())
-
-        # Run initial tasks
-        _LOGGER.info("Found %d installed add-ons", len(tasks))
-        if tasks:
-            await asyncio.wait(tasks)
-
-        # Sync DNS
-        await self.sync_dns()
-
-    async def boot(self, stage: AddonStartup) -> None:
-        """Boot add-ons with mode auto."""
-        tasks: list[Addon] = []
-        for addon in self.installed:
-            if addon.boot != AddonBoot.AUTO or addon.startup != stage:
-                continue
-            tasks.append(addon)
-
-        # Evaluate add-ons which need to be started
-        _LOGGER.info("Phase '%s' starting %d add-ons", stage, len(tasks))
-        if not tasks:
-            return
-
-        # Start Add-ons sequential
-        # avoid issue on slow IO
-        for addon in tasks:
-            try:
-                await addon.start()
-            except AddonsError as err:
-                # Check if there is an system/user issue
-                if check_exception_chain(
-                    err, (DockerAPIError, DockerNotFound, AddonConfigurationError)
-                ):
-                    addon.boot = AddonBoot.MANUAL
-                    addon.save_persist()
-            except Exception as err:  # pylint: disable=broad-except
-                self.sys_capture_exception(err)
-            else:
-                continue
-
-            _LOGGER.warning("Can't start Add-on %s", addon.slug)
-
-        await asyncio.sleep(self.sys_config.wait_boot)
-
-    async def shutdown(self, stage: AddonStartup) -> None:
-        """Shutdown addons."""
-        tasks: list[Addon] = []
-        for addon in self.installed:
-            if addon.state != AddonState.STARTED or addon.startup != stage:
-                continue
-            tasks.append(addon)
-
-        # Evaluate add-ons which need to be stopped
-        _LOGGER.info("Phase '%s' stopping %d add-ons", stage, len(tasks))
-        if not tasks:
-            return
-
-        # Stop Add-ons sequential
-        # avoid issue on slow IO
-        for addon in tasks:
-            try:
-                await addon.stop()
-            except Exception as err:  # pylint: disable=broad-except
-                _LOGGER.warning("Can't stop Add-on %s: %s", addon.slug, err)
-                self.sys_capture_exception(err)
-
-    @Job(
-        conditions=[
-            JobCondition.FREE_SPACE,
-            JobCondition.INTERNET_HOST,
-            JobCondition.HEALTHY,
-        ],
-        on_condition=AddonsJobError,
-    )
-    async def install(self, slug: str) -> None:
-        """Install an add-on."""
-        if slug in self.local:
-            raise AddonsError(f"Add-on {slug} is already installed", _LOGGER.warning)
-        store = self.store.get(slug)
-
-        if not store:
-            raise AddonsError(f"Add-on {slug} does not exist", _LOGGER.error)
-
-        if not store.available:
-            raise AddonsNotSupportedError(
-                f"Add-on {slug} not supported on this platform", _LOGGER.error
-            )
-
-        self.data.install(store)
-        addon = Addon(self.coresys, slug)
-
-        if not addon.path_data.is_dir():
-            _LOGGER.info(
-                "Creating Home Assistant add-on data folder %s", addon.path_data
-            )
-            addon.path_data.mkdir()
-
-        # Setup/Fix AppArmor profile
-        await addon.install_apparmor()
-
-        try:
-            await addon.instance.install(store.version, store.image, arch=addon.arch)
-        except DockerError as err:
-            self.data.uninstall(addon)
-            raise AddonsError() from err
-        else:
-            self.local[slug] = addon
-
-        # Reload ingress tokens
-        if addon.with_ingress:
-            await self.sys_ingress.reload()
-
-        _LOGGER.info("Add-on '%s' successfully installed", slug)
-
-    async def uninstall(self, slug: str) -> None:
-        """Remove an add-on."""
-        if slug not in self.local:
-            _LOGGER.warning("Add-on %s is not installed", slug)
-            return
-        addon = self.local[slug]
-
-        try:
-            await addon.instance.remove()
-        except DockerError as err:
-            raise AddonsError() from err
-        else:
-            addon.state = AddonState.UNKNOWN
-
-        await addon.remove_data()
-
-        # Cleanup audio settings
-        if addon.path_pulse.exists():
-            with suppress(OSError):
-                addon.path_pulse.unlink()
-
-        # Cleanup AppArmor profile
-        with suppress(HostAppArmorError):
-            await addon.uninstall_apparmor()
-
-        # Cleanup Ingress panel from sidebar
-        if addon.ingress_panel:
-            addon.ingress_panel = False
-            with suppress(HomeAssistantAPIError):
-                await self.sys_ingress.update_hass_panel(addon)
-
-        # Cleanup Ingress dynamic port assignment
-        if addon.with_ingress:
-            self.sys_create_task(self.sys_ingress.reload())
-            self.sys_ingress.del_dynamic_port(slug)
-
-        # Cleanup discovery data
-        for message in self.sys_discovery.list_messages:
-            if message.addon != addon.slug:
-                continue
-            self.sys_discovery.remove(message)
-
-        # Cleanup services data
-        for service in self.sys_services.list_services:
-            if addon.slug not in service.active:
-                continue
-            service.del_service_data(addon)
-
-        self.data.uninstall(addon)
-        self.local.pop(slug)
-
-        _LOGGER.info("Add-on '%s' successfully removed", slug)
-
-    @Job(
-        conditions=[
-            JobCondition.FREE_SPACE,
-            JobCondition.INTERNET_HOST,
-            JobCondition.HEALTHY,
-        ],
-        on_condition=AddonsJobError,
-    )
-    async def update(self, slug: str, backup: Optional[bool] = False) -> None:
-        """Update add-on."""
-        if slug not in self.local:
-            raise AddonsError(f"Add-on {slug} is not installed", _LOGGER.error)
-        addon = self.local[slug]
-
-        if addon.is_detached:
-            raise AddonsError(
-                f"Add-on {slug} is not available inside store", _LOGGER.error
-            )
-        store = self.store[slug]
-
-        if addon.version == store.version:
-            raise AddonsError(f"No update available for add-on {slug}", _LOGGER.warning)
-
-        # Check if available, Maybe something have changed
-        if not store.available:
-            raise AddonsNotSupportedError(
-                f"Add-on {slug} not supported on that platform", _LOGGER.error
-            )
-
-        if backup:
-            await self.sys_backups.do_backup_partial(
-                name=f"addon_{addon.slug}_{addon.version}",
-                homeassistant=False,
-                addons=[addon.slug],
-            )
-
-        # Update instance
-        last_state: AddonState = addon.state
-        old_image = addon.image
-        try:
-            await addon.instance.update(store.version, store.image)
-        except DockerError as err:
-            raise AddonsError() from err
-
-        _LOGGER.info("Add-on '%s' successfully updated", slug)
-        self.data.update(store)
-
-        # Cleanup
-        with suppress(DockerError):
-            await addon.instance.cleanup(old_image=old_image)
-
-        # Setup/Fix AppArmor profile
-        await addon.install_apparmor()
-
-        # restore state
-        if last_state == AddonState.STARTED:
-            await addon.start()
-
-    @Job(
-        conditions=[
-            JobCondition.FREE_SPACE,
-            JobCondition.INTERNET_HOST,
-            JobCondition.HEALTHY,
-        ],
-        on_condition=AddonsJobError,
-    )
-    async def rebuild(self, slug: str) -> None:
-        """Perform a rebuild of local build add-on."""
-        if slug not in self.local:
-            raise AddonsError(f"Add-on {slug} is not installed", _LOGGER.error)
-        addon = self.local[slug]
-
-        if addon.is_detached:
-            raise AddonsError(
-                f"Add-on {slug} is not available inside store", _LOGGER.error
-            )
-        store = self.store[slug]
-
-        # Check if a rebuild is possible now
-        if addon.version != store.version:
-            raise AddonsError(
-                "Version changed, use Update instead Rebuild", _LOGGER.error
-            )
-        if not addon.need_build:
-            raise AddonsNotSupportedError(
-                "Can't rebuild a image based add-on", _LOGGER.error
-            )
-
-        # remove docker container but not addon config
-        last_state: AddonState = addon.state
-        try:
-            await addon.instance.remove()
-            await addon.instance.install(addon.version)
-        except DockerError as err:
-            raise AddonsError() from err
-        else:
-            self.data.update(store)
-            _LOGGER.info("Add-on '%s' successfully rebuilt", slug)
-
-        # restore state
-        if last_state == AddonState.STARTED:
-            await addon.start()
-
-    @Job(
-        conditions=[
-            JobCondition.FREE_SPACE,
-            JobCondition.INTERNET_HOST,
-            JobCondition.HEALTHY,
-        ],
-        on_condition=AddonsJobError,
-    )
-    async def restore(self, slug: str, tar_file: tarfile.TarFile) -> None:
-        """Restore state of an add-on."""
-        if slug not in self.local:
-            _LOGGER.debug("Add-on %s is not local available for restore", slug)
-            addon = Addon(self.coresys, slug)
-        else:
-            _LOGGER.debug("Add-on %s is local available for restore", slug)
-            addon = self.local[slug]
-
-        await addon.restore(tar_file)
-
-        # Check if new
-        if slug not in self.local:
-            _LOGGER.info("Detect new Add-on after restore %s", slug)
-            self.local[slug] = addon
-
-        # Update ingress
-        if addon.with_ingress:
-            await self.sys_ingress.reload()
-            with suppress(HomeAssistantAPIError):
-                await self.sys_ingress.update_hass_panel(addon)
-
-    @Job(conditions=[JobCondition.FREE_SPACE, JobCondition.INTERNET_HOST])
-    async def repair(self) -> None:
-        """Repair local add-ons."""
-        needs_repair: list[Addon] = []
-
-        # Evaluate Add-ons to repair
-        for addon in self.installed:
-            if await addon.instance.exists():
-                continue
-            needs_repair.append(addon)
-
-        _LOGGER.info("Found %d add-ons to repair", len(needs_repair))
-        if not needs_repair:
-            return
-
-        for addon in needs_repair:
-            _LOGGER.info("Repairing for add-on: %s", addon.slug)
-            with suppress(DockerError, KeyError):
-                # Need pull a image again
-                if not addon.need_build:
-                    await addon.instance.install(addon.version, addon.image)
-                    continue
-
-                # Need local lookup
-                if addon.need_build and not addon.is_detached:
-                    store = self.store[addon.slug]
-                    # If this add-on is available for rebuild
-                    if addon.version == store.version:
-                        await addon.instance.install(addon.version, addon.image)
-                        continue
-
-            _LOGGER.error("Can't repair %s", addon.slug)
-            with suppress(AddonsError):
-                await self.uninstall(addon.slug)
-
-    async def sync_dns(self) -> None:
-        """Sync add-ons DNS names."""
-        # Update hosts
-        for addon in self.installed:
-            try:
-                if not await addon.instance.is_running():
-                    continue
-            except DockerError as err:
-                _LOGGER.warning("Add-on %s is corrupt: %s", addon.slug, err)
-                self.sys_resolution.create_issue(
-                    IssueType.CORRUPT_DOCKER,
-                    ContextType.ADDON,
-                    reference=addon.slug,
-                    suggestions=[SuggestionType.EXECUTE_REPAIR],
-                )
-                self.sys_capture_exception(err)
-            else:
-                self.sys_plugins.dns.add_host(
-                    ipv4=addon.ip_address, names=[addon.hostname], write=False
-                )
-
-        # Write hosts files
-        with suppress(CoreDNSError):
-            self.sys_plugins.dns.write_hosts()
--- a/supervisor/addons/addon.py
+++ b/supervisor/addons/addon.py
--- a/supervisor/addons/build.py
+++ b/supervisor/addons/build.py
@@ -1,6 +1,7 @@
 """Supervisor add-on build environment."""
 from __future__ import annotations

+from functools import cached_property
 from pathlib import Path
 from typing import TYPE_CHECKING

@@ -15,7 +16,8 @@ from ..const import (
    META_ADDON,
 )
 from ..coresys import CoreSys, CoreSysAttributes
-from ..exceptions import ConfigurationFileError
+from ..docker.interface import MAP_ARCH
+from ..exceptions import ConfigurationFileError, HassioArchNotFound
 from ..utils.common import FileConfiguration, find_one_filetype
 from .validate import SCHEMA_BUILD_CONFIG

@@ -44,15 +46,33 @@ class AddonBuild(FileConfiguration, CoreSysAttributes):
        """Ignore save function."""
        raise RuntimeError()

+    @cached_property
+    def arch(self) -> str:
+        """Return arch of the add-on."""
+        return self.sys_arch.match(self.addon.arch)
+
    @property
    def base_image(self) -> str:
        """Return base image for this add-on."""
        if not self._data[ATTR_BUILD_FROM]:
            return f"ghcr.io/home-assistant/{self.sys_arch.default}-base:latest"

+        if isinstance(self._data[ATTR_BUILD_FROM], str):
+            return self._data[ATTR_BUILD_FROM]
+
        # Evaluate correct base image
-        arch = self.sys_arch.match(list(self._data[ATTR_BUILD_FROM].keys()))
-        return self._data[ATTR_BUILD_FROM][arch]
+        if self.arch not in self._data[ATTR_BUILD_FROM]:
+            raise HassioArchNotFound(
+                f"Add-on {self.addon.slug} is not supported on {self.arch}"
+            )
+        return self._data[ATTR_BUILD_FROM][self.arch]
+
+    @property
+    def dockerfile(self) -> Path:
+        """Return Dockerfile path."""
+        if self.addon.path_location.joinpath(f"Dockerfile.{self.arch}").exists():
+            return self.addon.path_location.joinpath(f"Dockerfile.{self.arch}")
+        return self.addon.path_location.joinpath("Dockerfile")

    @property
    def squash(self) -> bool:
@@ -72,24 +92,29 @@ class AddonBuild(FileConfiguration, CoreSysAttributes):
    @property
    def is_valid(self) -> bool:
        """Return true if the build env is valid."""
-        return all(
-            [
-                self.addon.path_location.is_dir(),
-                Path(self.addon.path_location, "Dockerfile").is_file(),
-            ]
-        )
+        try:
+            return all(
+                [
+                    self.addon.path_location.is_dir(),
+                    self.dockerfile.is_file(),
+                ]
+            )
+        except HassioArchNotFound:
+            return False

    def get_docker_args(self, version: AwesomeVersion):
        """Create a dict with Docker build arguments."""
        args = {
            "path": str(self.addon.path_location),
            "tag": f"{self.addon.image}:{version!s}",
+            "dockerfile": str(self.dockerfile),
            "pull": True,
            "forcerm": not self.sys_dev,
            "squash": self.squash,
+            "platform": MAP_ARCH[self.arch],
            "labels": {
                "io.hass.version": version,
-                "io.hass.arch": self.sys_arch.default,
+                "io.hass.arch": self.arch,
                "io.hass.type": META_ADDON,
                "io.hass.name": self._fix_label("name"),
                "io.hass.description": self._fix_label("description"),
--- a/supervisor/addons/configuration.py
+++ b/supervisor/addons/configuration.py
@@ -0,0 +1,11 @@
+"""Confgiuration Objects for Addon Config."""
+
+from dataclasses import dataclass
+
+
+@dataclass(slots=True)
+class FolderMapping:
+    """Represent folder mapping configuration."""
+
+    path: str | None
+    read_only: bool
--- a/supervisor/addons/const.py
+++ b/supervisor/addons/const.py
@@ -1,13 +1,47 @@
 """Add-on static data."""
-from enum import Enum
+from datetime import timedelta
+from enum import StrEnum
+
+from ..jobs.const import JobCondition


-class AddonBackupMode(str, Enum):
+class AddonBackupMode(StrEnum):
    """Backup mode of an Add-on."""

    HOT = "hot"
    COLD = "cold"


+class MappingType(StrEnum):
+    """Mapping type of an Add-on Folder."""
+
+    DATA = "data"
+    CONFIG = "config"
+    SSL = "ssl"
+    ADDONS = "addons"
+    BACKUP = "backup"
+    SHARE = "share"
+    MEDIA = "media"
+    HOMEASSISTANT_CONFIG = "homeassistant_config"
+    ALL_ADDON_CONFIGS = "all_addon_configs"
+    ADDON_CONFIG = "addon_config"
+
+
 ATTR_BACKUP = "backup"
 ATTR_CODENOTARY = "codenotary"
+ATTR_READ_ONLY = "read_only"
+ATTR_PATH = "path"
+WATCHDOG_RETRY_SECONDS = 10
+WATCHDOG_MAX_ATTEMPTS = 5
+WATCHDOG_THROTTLE_PERIOD = timedelta(minutes=30)
+WATCHDOG_THROTTLE_MAX_CALLS = 10
+
+ADDON_UPDATE_CONDITIONS = [
+    JobCondition.FREE_SPACE,
+    JobCondition.HEALTHY,
+    JobCondition.INTERNET_HOST,
+    JobCondition.PLUGINS_UPDATED,
+    JobCondition.SUPERVISOR_UPDATED,
+]
+
+RE_SLUG = r"[-_.A-Za-z0-9]+"
--- a/supervisor/addons/manager.py
+++ b/supervisor/addons/manager.py
@@ -0,0 +1,374 @@
+"""Supervisor add-on manager."""
+import asyncio
+from collections.abc import Awaitable
+from contextlib import suppress
+import logging
+import tarfile
+from typing import Union
+
+from ..const import AddonBoot, AddonStartup, AddonState
+from ..coresys import CoreSys, CoreSysAttributes
+from ..exceptions import (
+    AddonConfigurationError,
+    AddonsError,
+    AddonsJobError,
+    AddonsNotSupportedError,
+    CoreDNSError,
+    DockerAPIError,
+    DockerError,
+    DockerNotFound,
+    HassioError,
+    HomeAssistantAPIError,
+)
+from ..jobs.decorator import Job, JobCondition
+from ..resolution.const import ContextType, IssueType, SuggestionType
+from ..store.addon import AddonStore
+from ..utils import check_exception_chain
+from ..utils.sentry import capture_exception
+from .addon import Addon
+from .const import ADDON_UPDATE_CONDITIONS
+from .data import AddonsData
+
+_LOGGER: logging.Logger = logging.getLogger(__name__)
+
+AnyAddon = Union[Addon, AddonStore]
+
+
+class AddonManager(CoreSysAttributes):
+    """Manage add-ons inside Supervisor."""
+
+    def __init__(self, coresys: CoreSys):
+        """Initialize Docker base wrapper."""
+        self.coresys: CoreSys = coresys
+        self.data: AddonsData = AddonsData(coresys)
+        self.local: dict[str, Addon] = {}
+        self.store: dict[str, AddonStore] = {}
+
+    @property
+    def all(self) -> list[AnyAddon]:
+        """Return a list of all add-ons."""
+        addons: dict[str, AnyAddon] = {**self.store, **self.local}
+        return list(addons.values())
+
+    @property
+    def installed(self) -> list[Addon]:
+        """Return a list of all installed add-ons."""
+        return list(self.local.values())
+
+    def get(self, addon_slug: str, local_only: bool = False) -> AnyAddon | None:
+        """Return an add-on from slug.
+
+        Prio:
+          1 - Local
+          2 - Store
+        """
+        if addon_slug in self.local:
+            return self.local[addon_slug]
+        if not local_only:
+            return self.store.get(addon_slug)
+        return None
+
+    def from_token(self, token: str) -> Addon | None:
+        """Return an add-on from Supervisor token."""
+        for addon in self.installed:
+            if token == addon.supervisor_token:
+                return addon
+        return None
+
+    async def load(self) -> None:
+        """Start up add-on management."""
+        tasks = []
+        for slug in self.data.system:
+            addon = self.local[slug] = Addon(self.coresys, slug)
+            tasks.append(self.sys_create_task(addon.load()))
+
+        # Run initial tasks
+        _LOGGER.info("Found %d installed add-ons", len(tasks))
+        if tasks:
+            await asyncio.wait(tasks)
+
+        # Sync DNS
+        await self.sync_dns()
+
+    async def boot(self, stage: AddonStartup) -> None:
+        """Boot add-ons with mode auto."""
+        tasks: list[Addon] = []
+        for addon in self.installed:
+            if addon.boot != AddonBoot.AUTO or addon.startup != stage:
+                continue
+            tasks.append(addon)
+
+        # Evaluate add-ons which need to be started
+        _LOGGER.info("Phase '%s' starting %d add-ons", stage, len(tasks))
+        if not tasks:
+            return
+
+        # Start Add-ons sequential
+        # avoid issue on slow IO
+        # Config.wait_boot is deprecated. Until addons update with healthchecks,
+        # add a sleep task for it to keep the same minimum amount of wait time
+        wait_boot: list[Awaitable[None]] = [asyncio.sleep(self.sys_config.wait_boot)]
+        for addon in tasks:
+            try:
+                if start_task := await addon.start():
+                    wait_boot.append(start_task)
+            except AddonsError as err:
+                # Check if there is an system/user issue
+                if check_exception_chain(
+                    err, (DockerAPIError, DockerNotFound, AddonConfigurationError)
+                ):
+                    addon.boot = AddonBoot.MANUAL
+                    addon.save_persist()
+            except HassioError:
+                pass  # These are already handled
+            else:
+                continue
+
+            _LOGGER.warning("Can't start Add-on %s", addon.slug)
+
+        # Ignore exceptions from waiting for addon startup, addon errors handled elsewhere
+        await asyncio.gather(*wait_boot, return_exceptions=True)
+
+    async def shutdown(self, stage: AddonStartup) -> None:
+        """Shutdown addons."""
+        tasks: list[Addon] = []
+        for addon in self.installed:
+            if addon.state != AddonState.STARTED or addon.startup != stage:
+                continue
+            tasks.append(addon)
+
+        # Evaluate add-ons which need to be stopped
+        _LOGGER.info("Phase '%s' stopping %d add-ons", stage, len(tasks))
+        if not tasks:
+            return
+
+        # Stop Add-ons sequential
+        # avoid issue on slow IO
+        for addon in tasks:
+            try:
+                await addon.stop()
+            except Exception as err:  # pylint: disable=broad-except
+                _LOGGER.warning("Can't stop Add-on %s: %s", addon.slug, err)
+                capture_exception(err)
+
+    @Job(
+        name="addon_manager_install",
+        conditions=ADDON_UPDATE_CONDITIONS,
+        on_condition=AddonsJobError,
+    )
+    async def install(self, slug: str) -> None:
+        """Install an add-on."""
+        self.sys_jobs.current.reference = slug
+
+        if slug in self.local:
+            raise AddonsError(f"Add-on {slug} is already installed", _LOGGER.warning)
+        store = self.store.get(slug)
+
+        if not store:
+            raise AddonsError(f"Add-on {slug} does not exist", _LOGGER.error)
+
+        store.validate_availability()
+
+        await Addon(self.coresys, slug).install()
+
+        _LOGGER.info("Add-on '%s' successfully installed", slug)
+
+    async def uninstall(self, slug: str) -> None:
+        """Remove an add-on."""
+        if slug not in self.local:
+            _LOGGER.warning("Add-on %s is not installed", slug)
+            return
+
+        await self.local[slug].uninstall()
+
+        _LOGGER.info("Add-on '%s' successfully removed", slug)
+
+    @Job(
+        name="addon_manager_update",
+        conditions=ADDON_UPDATE_CONDITIONS,
+        on_condition=AddonsJobError,
+    )
+    async def update(
+        self, slug: str, backup: bool | None = False
+    ) -> asyncio.Task | None:
+        """Update add-on.
+
+        Returns a Task that completes when addon has state 'started' (see addon.start)
+        if addon is started after update. Else nothing is returned.
+        """
+        self.sys_jobs.current.reference = slug
+
+        if slug not in self.local:
+            raise AddonsError(f"Add-on {slug} is not installed", _LOGGER.error)
+        addon = self.local[slug]
+
+        if addon.is_detached:
+            raise AddonsError(
+                f"Add-on {slug} is not available inside store", _LOGGER.error
+            )
+        store = self.store[slug]
+
+        if addon.version == store.version:
+            raise AddonsError(f"No update available for add-on {slug}", _LOGGER.warning)
+
+        # Check if available, Maybe something have changed
+        store.validate_availability()
+
+        if backup:
+            await self.sys_backups.do_backup_partial(
+                name=f"addon_{addon.slug}_{addon.version}",
+                homeassistant=False,
+                addons=[addon.slug],
+            )
+
+        return await addon.update()
+
+    @Job(
+        name="addon_manager_rebuild",
+        conditions=[
+            JobCondition.FREE_SPACE,
+            JobCondition.INTERNET_HOST,
+            JobCondition.HEALTHY,
+        ],
+        on_condition=AddonsJobError,
+    )
+    async def rebuild(self, slug: str) -> asyncio.Task | None:
+        """Perform a rebuild of local build add-on.
+
+        Returns a Task that completes when addon has state 'started' (see addon.start)
+        if addon is started after rebuild. Else nothing is returned.
+        """
+        self.sys_jobs.current.reference = slug
+
+        if slug not in self.local:
+            raise AddonsError(f"Add-on {slug} is not installed", _LOGGER.error)
+        addon = self.local[slug]
+
+        if addon.is_detached:
+            raise AddonsError(
+                f"Add-on {slug} is not available inside store", _LOGGER.error
+            )
+        store = self.store[slug]
+
+        # Check if a rebuild is possible now
+        if addon.version != store.version:
+            raise AddonsError(
+                "Version changed, use Update instead Rebuild", _LOGGER.error
+            )
+        if not addon.need_build:
+            raise AddonsNotSupportedError(
+                "Can't rebuild a image based add-on", _LOGGER.error
+            )
+
+        return await addon.rebuild()
+
+    @Job(
+        name="addon_manager_restore",
+        conditions=[
+            JobCondition.FREE_SPACE,
+            JobCondition.INTERNET_HOST,
+            JobCondition.HEALTHY,
+        ],
+        on_condition=AddonsJobError,
+    )
+    async def restore(
+        self, slug: str, tar_file: tarfile.TarFile
+    ) -> asyncio.Task | None:
+        """Restore state of an add-on.
+
+        Returns a Task that completes when addon has state 'started' (see addon.start)
+        if addon is started after restore. Else nothing is returned.
+        """
+        self.sys_jobs.current.reference = slug
+
+        if slug not in self.local:
+            _LOGGER.debug("Add-on %s is not local available for restore", slug)
+            addon = Addon(self.coresys, slug)
+            had_ingress = False
+        else:
+            _LOGGER.debug("Add-on %s is local available for restore", slug)
+            addon = self.local[slug]
+            had_ingress = addon.ingress_panel
+
+        wait_for_start = await addon.restore(tar_file)
+
+        # Check if new
+        if slug not in self.local:
+            _LOGGER.info("Detect new Add-on after restore %s", slug)
+            self.local[slug] = addon
+
+        # Update ingress
+        if had_ingress != addon.ingress_panel:
+            await self.sys_ingress.reload()
+            with suppress(HomeAssistantAPIError):
+                await self.sys_ingress.update_hass_panel(addon)
+
+        return wait_for_start
+
+    @Job(
+        name="addon_manager_repair",
+        conditions=[JobCondition.FREE_SPACE, JobCondition.INTERNET_HOST],
+    )
+    async def repair(self) -> None:
+        """Repair local add-ons."""
+        needs_repair: list[Addon] = []
+
+        # Evaluate Add-ons to repair
+        for addon in self.installed:
+            if await addon.instance.exists():
+                continue
+            needs_repair.append(addon)
+
+        _LOGGER.info("Found %d add-ons to repair", len(needs_repair))
+        if not needs_repair:
+            return
+
+        for addon in needs_repair:
+            _LOGGER.info("Repairing for add-on: %s", addon.slug)
+            with suppress(DockerError, KeyError):
+                # Need pull a image again
+                if not addon.need_build:
+                    await addon.instance.install(addon.version, addon.image)
+                    continue
+
+                # Need local lookup
+                if addon.need_build and not addon.is_detached:
+                    store = self.store[addon.slug]
+                    # If this add-on is available for rebuild
+                    if addon.version == store.version:
+                        await addon.instance.install(addon.version, addon.image)
+                        continue
+
+            _LOGGER.error("Can't repair %s", addon.slug)
+            with suppress(AddonsError):
+                await self.uninstall(addon.slug)
+
+    async def sync_dns(self) -> None:
+        """Sync add-ons DNS names."""
+        # Update hosts
+        add_host_coros: list[Awaitable[None]] = []
+        for addon in self.installed:
+            try:
+                if not await addon.instance.is_running():
+                    continue
+            except DockerError as err:
+                _LOGGER.warning("Add-on %s is corrupt: %s", addon.slug, err)
+                self.sys_resolution.create_issue(
+                    IssueType.CORRUPT_DOCKER,
+                    ContextType.ADDON,
+                    reference=addon.slug,
+                    suggestions=[SuggestionType.EXECUTE_REPAIR],
+                )
+                capture_exception(err)
+            else:
+                add_host_coros.append(
+                    self.sys_plugins.dns.add_host(
+                        ipv4=addon.ip_address, names=[addon.hostname], write=False
+                    )
+                )
+
+        await asyncio.gather(*add_host_coros)
+
+        # Write hosts files
+        with suppress(CoreDNSError):
+            await self.sys_plugins.dns.write_hosts()
--- a/supervisor/addons/model.py
+++ b/supervisor/addons/model.py
@@ -1,12 +1,14 @@
 """Init file for Supervisor add-ons."""
 from abc import ABC, abstractmethod
+from collections import defaultdict
+from collections.abc import Callable
+from contextlib import suppress
+import logging
 from pathlib import Path
-from typing import Any, Awaitable, Optional
+from typing import Any

 from awesomeversion import AwesomeVersion, AwesomeVersionException

-from supervisor.addons.const import AddonBackupMode
-
 from ..const import (
    ATTR_ADVANCED,
    ATTR_APPARMOR,
@@ -33,6 +35,7 @@ from ..const import (
    ATTR_HOST_IPC,
    ATTR_HOST_NETWORK,
    ATTR_HOST_PID,
+    ATTR_HOST_UTS,
    ATTR_IMAGE,
    ATTR_INGRESS,
    ATTR_INGRESS_STREAM,
@@ -62,6 +65,7 @@ from ..const import (
    ATTR_TIMEOUT,
    ATTR_TMPFS,
    ATTR_TRANSLATIONS,
+    ATTR_TYPE,
    ATTR_UART,
    ATTR_UDEV,
    ATTR_URL,
@@ -77,21 +81,37 @@ from ..const import (
    AddonStage,
    AddonStartup,
 )
-from ..coresys import CoreSys, CoreSysAttributes
+from ..coresys import CoreSys
 from ..docker.const import Capabilities
-from .const import ATTR_BACKUP, ATTR_CODENOTARY
+from ..exceptions import AddonsNotSupportedError
+from ..jobs.const import JOB_GROUP_ADDON
+from ..jobs.job_group import JobGroup
+from ..utils import version_is_new_enough
+from .configuration import FolderMapping
+from .const import (
+    ATTR_BACKUP,
+    ATTR_CODENOTARY,
+    ATTR_PATH,
+    ATTR_READ_ONLY,
+    AddonBackupMode,
+    MappingType,
+)
 from .options import AddonOptions, UiOptions
-from .validate import RE_SERVICE, RE_VOLUME
+from .validate import RE_SERVICE
+
+_LOGGER: logging.Logger = logging.getLogger(__name__)

 Data = dict[str, Any]


-class AddonModel(CoreSysAttributes, ABC):
+class AddonModel(JobGroup, ABC):
    """Add-on Data layout."""

    def __init__(self, coresys: CoreSys, slug: str):
        """Initialize data holder."""
-        self.coresys: CoreSys = coresys
+        super().__init__(
+            coresys, JOB_GROUP_ADDON.format_map(defaultdict(str, slug=slug)), slug
+        )
        self.slug: str = slug

    @property
@@ -125,7 +145,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data[ATTR_BOOT]

    @property
-    def auto_update(self) -> Optional[bool]:
+    def auto_update(self) -> bool | None:
        """Return if auto update is enable."""
        return None

@@ -150,22 +170,22 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data[ATTR_TIMEOUT]

    @property
-    def uuid(self) -> Optional[str]:
+    def uuid(self) -> str | None:
        """Return an API token for this add-on."""
        return None

    @property
-    def supervisor_token(self) -> Optional[str]:
+    def supervisor_token(self) -> str | None:
        """Return access token for Supervisor API."""
        return None

    @property
-    def ingress_token(self) -> Optional[str]:
+    def ingress_token(self) -> str | None:
        """Return access token for Supervisor API."""
        return None

    @property
-    def ingress_entry(self) -> Optional[str]:
+    def ingress_entry(self) -> str | None:
        """Return ingress external URL."""
        return None

@@ -175,7 +195,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data[ATTR_DESCRIPTON]

    @property
-    def long_description(self) -> Optional[str]:
+    def long_description(self) -> str | None:
        """Return README.md as long_description."""
        readme = Path(self.path_location, "README.md")

@@ -245,32 +265,32 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data.get(ATTR_DISCOVERY, [])

    @property
-    def ports_description(self) -> Optional[dict[str, str]]:
+    def ports_description(self) -> dict[str, str] | None:
        """Return descriptions of ports."""
        return self.data.get(ATTR_PORTS_DESCRIPTION)

    @property
-    def ports(self) -> Optional[dict[str, Optional[int]]]:
+    def ports(self) -> dict[str, int | None] | None:
        """Return ports of add-on."""
        return self.data.get(ATTR_PORTS)

    @property
-    def ingress_url(self) -> Optional[str]:
+    def ingress_url(self) -> str | None:
        """Return URL to ingress url."""
        return None

    @property
-    def webui(self) -> Optional[str]:
+    def webui(self) -> str | None:
        """Return URL to webui or None."""
        return self.data.get(ATTR_WEBUI)

    @property
-    def watchdog(self) -> Optional[str]:
+    def watchdog(self) -> str | None:
        """Return URL to for watchdog or None."""
        return self.data.get(ATTR_WATCHDOG)

    @property
-    def ingress_port(self) -> Optional[int]:
+    def ingress_port(self) -> int | None:
        """Return Ingress port."""
        return None

@@ -304,6 +324,11 @@ class AddonModel(CoreSysAttributes, ABC):
        """Return True if add-on run on host IPC namespace."""
        return self.data[ATTR_HOST_IPC]

+    @property
+    def host_uts(self) -> bool:
+        """Return True if add-on run on host UTS namespace."""
+        return self.data[ATTR_HOST_UTS]
+
    @property
    def host_dbus(self) -> bool:
        """Return True if add-on run on host D-BUS."""
@@ -315,7 +340,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return [Path(node) for node in self.data.get(ATTR_DEVICES, [])]

    @property
-    def environment(self) -> Optional[dict[str, str]]:
+    def environment(self) -> dict[str, str] | None:
        """Return environment of add-on."""
        return self.data.get(ATTR_ENVIRONMENT)

@@ -364,12 +389,12 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data.get(ATTR_BACKUP_EXCLUDE, [])

    @property
-    def backup_pre(self) -> Optional[str]:
+    def backup_pre(self) -> str | None:
        """Return pre-backup command."""
        return self.data.get(ATTR_BACKUP_PRE)

    @property
-    def backup_post(self) -> Optional[str]:
+    def backup_post(self) -> str | None:
        """Return post-backup command."""
        return self.data.get(ATTR_BACKUP_POST)

@@ -394,7 +419,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data[ATTR_INGRESS]

    @property
-    def ingress_panel(self) -> Optional[bool]:
+    def ingress_panel(self) -> bool | None:
        """Return True if the add-on access support ingress."""
        return None

@@ -444,7 +469,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data[ATTR_DEVICETREE]

    @property
-    def with_tmpfs(self) -> Optional[str]:
+    def with_tmpfs(self) -> str | None:
        """Return if tmp is in memory of add-on."""
        return self.data[ATTR_TMPFS]

@@ -464,12 +489,12 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.data[ATTR_VIDEO]

    @property
-    def homeassistant_version(self) -> Optional[str]:
+    def homeassistant_version(self) -> str | None:
        """Return min Home Assistant version they needed by Add-on."""
        return self.data.get(ATTR_HOMEASSISTANT)

    @property
-    def url(self) -> Optional[str]:
+    def url(self) -> str | None:
        """Return URL of add-on."""
        return self.data.get(ATTR_URL)

@@ -512,7 +537,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return self.sys_arch.default

    @property
-    def image(self) -> Optional[str]:
+    def image(self) -> str | None:
        """Generate image name from data."""
        return self._image(self.data)

@@ -522,14 +547,13 @@ class AddonModel(CoreSysAttributes, ABC):
        return ATTR_IMAGE not in self.data

    @property
-    def map_volumes(self) -> dict[str, str]:
-        """Return a dict of {volume: policy} from add-on."""
+    def map_volumes(self) -> dict[MappingType, FolderMapping]:
+        """Return a dict of {MappingType: FolderMapping} from add-on."""
        volumes = {}
        for volume in self.data[ATTR_MAP]:
-            result = RE_VOLUME.match(volume)
-            if not result:
-                continue
-            volumes[result.group(1)] = result.group(2) or "ro"
+            volumes[MappingType(volume[ATTR_TYPE])] = FolderMapping(
+                volume.get(ATTR_PATH), volume[ATTR_READ_ONLY]
+            )

        return volumes

@@ -573,7 +597,7 @@ class AddonModel(CoreSysAttributes, ABC):
        return AddonOptions(self.coresys, raw_schema, self.name, self.slug)

    @property
-    def schema_ui(self) -> Optional[list[dict[any, any]]]:
+    def schema_ui(self) -> list[dict[any, any]] | None:
        """Create a UI schema for add-on options."""
        raw_schema = self.data[ATTR_SCHEMA]

@@ -592,35 +616,60 @@ class AddonModel(CoreSysAttributes, ABC):
        return ATTR_CODENOTARY in self.data

    @property
-    def codenotary(self) -> Optional[str]:
+    def codenotary(self) -> str | None:
        """Return Signer email address for CAS."""
        return self.data.get(ATTR_CODENOTARY)

+    def validate_availability(self) -> None:
+        """Validate if addon is available for current system."""
+        return self._validate_availability(self.data, logger=_LOGGER.error)
+
    def __eq__(self, other):
        """Compaired add-on objects."""
        if not isinstance(other, AddonModel):
            return False
        return self.slug == other.slug

-    def _available(self, config) -> bool:
-        """Return True if this add-on is available on this platform."""
+    def _validate_availability(
+        self, config, *, logger: Callable[..., None] | None = None
+    ) -> None:
+        """Validate if addon is available for current system."""
        # Architecture
        if not self.sys_arch.is_supported(config[ATTR_ARCH]):
-            return False
+            raise AddonsNotSupportedError(
+                f"Add-on {self.slug} not supported on this platform, supported architectures: {', '.join(config[ATTR_ARCH])}",
+                logger,
+            )

        # Machine / Hardware
        machine = config.get(ATTR_MACHINE)
-        if machine and f"!{self.sys_machine}" in machine:
-            return False
-        elif machine and self.sys_machine not in machine:
-            return False
+        if machine and (
+            f"!{self.sys_machine}" in machine or self.sys_machine not in machine
+        ):
+            raise AddonsNotSupportedError(
+                f"Add-on {self.slug} not supported on this machine, supported machine types: {', '.join(machine)}",
+                logger,
+            )

        # Home Assistant
-        version: Optional[AwesomeVersion] = config.get(ATTR_HOMEASSISTANT)
+        version: AwesomeVersion | None = config.get(ATTR_HOMEASSISTANT)
+        with suppress(AwesomeVersionException, TypeError):
+            if version and not version_is_new_enough(
+                self.sys_homeassistant.version, version
+            ):
+                raise AddonsNotSupportedError(
+                    f"Add-on {self.slug} not supported on this system, requires Home Assistant version {version} or greater",
+                    logger,
+                )
+
+    def _available(self, config) -> bool:
+        """Return True if this add-on is available on this platform."""
        try:
-            return self.sys_homeassistant.version >= version
-        except (AwesomeVersionException, TypeError):
-            return True
+            self._validate_availability(config)
+        except AddonsNotSupportedError:
+            return False
+
+        return True

    def _image(self, config) -> str:
        """Generate image name from data."""
@@ -631,19 +680,3 @@ class AddonModel(CoreSysAttributes, ABC):

        # local build
        return f"{config[ATTR_REPOSITORY]}/{self.sys_arch.default}-addon-{config[ATTR_SLUG]}"
-
-    def install(self) -> Awaitable[None]:
-        """Install this add-on."""
-        return self.sys_addons.install(self.slug)
-
-    def uninstall(self) -> Awaitable[None]:
-        """Uninstall this add-on."""
-        return self.sys_addons.uninstall(self.slug)
-
-    def update(self, backup: Optional[bool] = False) -> Awaitable[None]:
-        """Update this add-on."""
-        return self.sys_addons.update(self.slug, backup=backup)
-
-    def rebuild(self) -> Awaitable[None]:
-        """Rebuild this add-on."""
-        return self.sys_addons.rebuild(self.slug)
--- a/supervisor/addons/options.py
+++ b/supervisor/addons/options.py
@@ -3,7 +3,7 @@ import hashlib
 import logging
 from pathlib import Path
 import re
-from typing import Any, Union
+from typing import Any

 import voluptuous as vol

@@ -293,7 +293,7 @@ class UiOptions(CoreSysAttributes):
        multiple: bool = False,
    ) -> None:
        """Validate a single element."""
-        ui_node: dict[str, Union[str, bool, float, list[str]]] = {"name": key}
+        ui_node: dict[str, str | bool | float | list[str]] = {"name": key}

        # If multiple
        if multiple:
--- a/supervisor/addons/utils.py
+++ b/supervisor/addons/utils.py
@@ -44,12 +44,15 @@ def rating_security(addon: AddonModel) -> int:
        any(
            privilege in addon.privileged
            for privilege in (
-                Capabilities.NET_ADMIN,
-                Capabilities.SYS_ADMIN,
-                Capabilities.SYS_RAWIO,
-                Capabilities.SYS_PTRACE,
-                Capabilities.SYS_MODULE,
+                Capabilities.BPF,
                Capabilities.DAC_READ_SEARCH,
+                Capabilities.NET_ADMIN,
+                Capabilities.NET_RAW,
+                Capabilities.PERFMON,
+                Capabilities.SYS_ADMIN,
+                Capabilities.SYS_MODULE,
+                Capabilities.SYS_PTRACE,
+                Capabilities.SYS_RAWIO,
            )
        )
        or addon.with_kernel_modules
@@ -70,6 +73,10 @@ def rating_security(addon: AddonModel) -> int:
    if addon.host_pid:
        rating += -2

+    # UTS host namespace allows to set hostname only with SYS_ADMIN
+    if addon.host_uts and Capabilities.SYS_ADMIN in addon.privileged:
+        rating += -1
+
    # Docker Access & full Access
    if addon.access_docker_api or addon.with_full_access:
        rating = 1
--- a/supervisor/addons/validate.py
+++ b/supervisor/addons/validate.py
@@ -7,8 +7,6 @@ import uuid

 import voluptuous as vol

-from supervisor.addons.const import AddonBackupMode
-
 from ..const import (
    ARCH_ALL,
    ATTR_ACCESS_TOKEN,
@@ -43,6 +41,7 @@ from ..const import (
    ATTR_HOST_IPC,
    ATTR_HOST_NETWORK,
    ATTR_HOST_PID,
+    ATTR_HOST_UTS,
    ATTR_IMAGE,
    ATTR_INGRESS,
    ATTR_INGRESS_ENTRY,
@@ -82,6 +81,7 @@ from ..const import (
    ATTR_TIMEOUT,
    ATTR_TMPFS,
    ATTR_TRANSLATIONS,
+    ATTR_TYPE,
    ATTR_UART,
    ATTR_UDEV,
    ATTR_URL,
@@ -110,12 +110,22 @@ from ..validate import (
    uuid_match,
    version_tag,
 )
-from .const import ATTR_BACKUP, ATTR_CODENOTARY
+from .const import (
+    ATTR_BACKUP,
+    ATTR_CODENOTARY,
+    ATTR_PATH,
+    ATTR_READ_ONLY,
+    RE_SLUG,
+    AddonBackupMode,
+    MappingType,
+)
 from .options import RE_SCHEMA_ELEMENT

 _LOGGER: logging.Logger = logging.getLogger(__name__)

-RE_VOLUME = re.compile(r"^(config|ssl|addons|backup|share|media)(?::(rw|ro))?$")
+RE_VOLUME = re.compile(
+    r"^(data|config|ssl|addons|backup|share|media|homeassistant_config|all_addon_configs|addon_config)(?::(rw|ro))?$"
+)
 RE_SERVICE = re.compile(r"^(?P<service>mqtt|mysql):(?P<rights>provide|want|need)$")


@@ -131,6 +141,7 @@ RE_MACHINE = re.compile(
    r"|generic-x86-64"
    r"|odroid-c2"
    r"|odroid-c4"
+    r"|odroid-m1"
    r"|odroid-n2"
    r"|odroid-xu"
    r"|qemuarm-64"
@@ -143,10 +154,15 @@ RE_MACHINE = re.compile(
    r"|raspberrypi3"
    r"|raspberrypi4-64"
    r"|raspberrypi4"
+    r"|raspberrypi5-64"
+    r"|yellow"
+    r"|green"
    r"|tinker"
    r")$"
 )

+RE_SLUG_FIELD = re.compile(r"^" + RE_SLUG + r"$")
+

 def _warn_addon_config(config: dict[str, Any]):
    """Warn about miss configs."""
@@ -173,6 +189,20 @@ def _warn_addon_config(config: dict[str, Any]):
            name,
        )

+    invalid_services: list[str] = []
+    for service in config.get(ATTR_DISCOVERY, []):
+        try:
+            valid_discovery_service(service)
+        except vol.Invalid:
+            invalid_services.append(service)
+
+    if invalid_services:
+        _LOGGER.warning(
+            "Add-on lists the following unknown services for discovery: %s. Please report this to the maintainer of %s",
+            ", ".join(invalid_services),
+            name,
+        )
+
    return config


@@ -194,9 +224,9 @@ def _migrate_addon_config(protocol=False):
                    name,
                )
            if value == "before":
-                config[ATTR_STARTUP] = AddonStartup.SERVICES.value
+                config[ATTR_STARTUP] = AddonStartup.SERVICES
            elif value == "after":
-                config[ATTR_STARTUP] = AddonStartup.APPLICATION.value
+                config[ATTR_STARTUP] = AddonStartup.APPLICATION

        # UART 2021-01-20
        if "auto_uart" in config:
@@ -242,6 +272,48 @@ def _migrate_addon_config(protocol=False):
                    name,
                )

+        # 2023-11 "map" entries can also be dict to allow path configuration
+        volumes = []
+        for entry in config.get(ATTR_MAP, []):
+            if isinstance(entry, dict):
+                volumes.append(entry)
+            if isinstance(entry, str):
+                result = RE_VOLUME.match(entry)
+                if not result:
+                    continue
+                volumes.append(
+                    {
+                        ATTR_TYPE: result.group(1),
+                        ATTR_READ_ONLY: result.group(2) != "rw",
+                    }
+                )
+
+        if volumes:
+            config[ATTR_MAP] = volumes
+
+        # 2023-10 "config" became "homeassistant" so /config can be used for addon's public config
+        if any(volume[ATTR_TYPE] == MappingType.CONFIG for volume in volumes):
+            if any(
+                volume
+                and volume[ATTR_TYPE]
+                in {MappingType.ADDON_CONFIG, MappingType.HOMEASSISTANT_CONFIG}
+                for volume in volumes
+            ):
+                _LOGGER.warning(
+                    "Add-on config using incompatible map options, '%s' and '%s' are ignored if '%s' is included. Please report this to the maintainer of %s",
+                    MappingType.ADDON_CONFIG,
+                    MappingType.HOMEASSISTANT_CONFIG,
+                    MappingType.CONFIG,
+                    name,
+                )
+            else:
+                _LOGGER.debug(
+                    "Add-on config using deprecated map option '%s' instead of '%s'. Please report this to the maintainer of %s",
+                    MappingType.CONFIG,
+                    MappingType.HOMEASSISTANT_CONFIG,
+                    name,
+                )
+
        return config

    return _migrate
@@ -252,7 +324,7 @@ _SCHEMA_ADDON_CONFIG = vol.Schema(
    {
        vol.Required(ATTR_NAME): str,
        vol.Required(ATTR_VERSION): version_tag,
-        vol.Required(ATTR_SLUG): str,
+        vol.Required(ATTR_SLUG): vol.Match(RE_SLUG_FIELD),
        vol.Required(ATTR_DESCRIPTON): str,
        vol.Required(ATTR_ARCH): [vol.In(ARCH_ALL)],
        vol.Optional(ATTR_MACHINE): vol.All([vol.Match(RE_MACHINE)], vol.Unique()),
@@ -285,11 +357,20 @@ _SCHEMA_ADDON_CONFIG = vol.Schema(
        vol.Optional(ATTR_HOST_NETWORK, default=False): vol.Boolean(),
        vol.Optional(ATTR_HOST_PID, default=False): vol.Boolean(),
        vol.Optional(ATTR_HOST_IPC, default=False): vol.Boolean(),
+        vol.Optional(ATTR_HOST_UTS, default=False): vol.Boolean(),
        vol.Optional(ATTR_HOST_DBUS, default=False): vol.Boolean(),
        vol.Optional(ATTR_DEVICES): [str],
        vol.Optional(ATTR_UDEV, default=False): vol.Boolean(),
        vol.Optional(ATTR_TMPFS, default=False): vol.Boolean(),
-        vol.Optional(ATTR_MAP, default=list): [vol.Match(RE_VOLUME)],
+        vol.Optional(ATTR_MAP, default=list): [
+            vol.Schema(
+                {
+                    vol.Required(ATTR_TYPE): vol.Coerce(MappingType),
+                    vol.Optional(ATTR_READ_ONLY, default=True): bool,
+                    vol.Optional(ATTR_PATH): str,
+                }
+            )
+        ],
        vol.Optional(ATTR_ENVIRONMENT): {vol.Match(r"\w*"): str},
        vol.Optional(ATTR_PRIVILEGED): [vol.Coerce(Capabilities)],
        vol.Optional(ATTR_APPARMOR, default=True): vol.Boolean(),
@@ -310,7 +391,7 @@ _SCHEMA_ADDON_CONFIG = vol.Schema(
        vol.Optional(ATTR_DOCKER_API, default=False): vol.Boolean(),
        vol.Optional(ATTR_AUTH_API, default=False): vol.Boolean(),
        vol.Optional(ATTR_SERVICES): [vol.Match(RE_SERVICE)],
-        vol.Optional(ATTR_DISCOVERY): [valid_discovery_service],
+        vol.Optional(ATTR_DISCOVERY): [str],
        vol.Optional(ATTR_BACKUP_EXCLUDE): [str],
        vol.Optional(ATTR_BACKUP_PRE): str,
        vol.Optional(ATTR_BACKUP_POST): str,
@@ -353,8 +434,9 @@ SCHEMA_ADDON_CONFIG = vol.All(
 # pylint: disable=no-value-for-parameter
 SCHEMA_BUILD_CONFIG = vol.Schema(
    {
-        vol.Optional(ATTR_BUILD_FROM, default=dict): vol.Schema(
-            {vol.In(ARCH_ALL): vol.Match(RE_DOCKER_IMAGE_BUILD)}
+        vol.Optional(ATTR_BUILD_FROM, default=dict): vol.Any(
+            vol.Match(RE_DOCKER_IMAGE_BUILD),
+            vol.Schema({vol.In(ARCH_ALL): vol.Match(RE_DOCKER_IMAGE_BUILD)}),
        ),
        vol.Optional(ATTR_SQUASH, default=False): vol.Boolean(),
        vol.Optional(ATTR_ARGS, default=dict): vol.Schema({str: str}),
--- a/supervisor/api/init.py
+++ b/supervisor/api/init.py
@@ -1,11 +1,15 @@
 """Init file for Supervisor RESTful API."""
+from functools import partial
 import logging
 from pathlib import Path
-from typing import Optional
+from typing import Any

 from aiohttp import web
+from aiohttp_fast_url_dispatcher import FastUrlDispatcher, attach_fast_url_dispatcher

+from ..const import AddonState
 from ..coresys import CoreSys, CoreSysAttributes
+from ..exceptions import APIAddonNotInstalled
 from .addons import APIAddons
 from .audio import APIAudio
 from .auth import APIAuth
@@ -20,6 +24,7 @@ from .host import APIHost
 from .ingress import APIIngress
 from .jobs import APIJobs
 from .middleware.security import SecurityMiddleware
+from .mounts import APIMounts
 from .multicast import APIMulticast
 from .network import APINetwork
 from .observer import APIObserver
@@ -31,11 +36,13 @@ from .security import APISecurity
 from .services import APIServices
 from .store import APIStore
 from .supervisor import APISupervisor
+from .utils import api_process

 _LOGGER: logging.Logger = logging.getLogger(__name__)


 MAX_CLIENT_SIZE: int = 1024**2 * 16
+MAX_LINE_SIZE: int = 24570


 class RestAPI(CoreSysAttributes):
@@ -48,14 +55,21 @@ class RestAPI(CoreSysAttributes):
        self.webapp: web.Application = web.Application(
            client_max_size=MAX_CLIENT_SIZE,
            middlewares=[
+                self.security.block_bad_requests,
                self.security.system_validation,
                self.security.token_validation,
+                self.security.core_proxy,
            ],
+            handler_args={
+                "max_line_size": MAX_LINE_SIZE,
+                "max_field_size": MAX_LINE_SIZE,
+            },
        )
+        attach_fast_url_dispatcher(self.webapp, FastUrlDispatcher())

        # service stuff
-        self._runner: web.AppRunner = web.AppRunner(self.webapp)
-        self._site: Optional[web.TCPSite] = None
+        self._runner: web.AppRunner = web.AppRunner(self.webapp, shutdown_timeout=5)
+        self._site: web.TCPSite | None = None

    async def load(self) -> None:
        """Register REST API Calls."""
@@ -70,20 +84,21 @@ class RestAPI(CoreSysAttributes):
        self._register_hardware()
        self._register_homeassistant()
        self._register_host()
-        self._register_root()
+        self._register_jobs()
        self._register_ingress()
+        self._register_mounts()
        self._register_multicast()
        self._register_network()
        self._register_observer()
        self._register_os()
-        self._register_jobs()
        self._register_panel()
        self._register_proxy()
        self._register_resolution()
-        self._register_services()
-        self._register_supervisor()
-        self._register_store()
+        self._register_root()
        self._register_security()
+        self._register_services()
+        self._register_store()
+        self._register_supervisor()

        await self.start()

@@ -95,16 +110,36 @@ class RestAPI(CoreSysAttributes):
        self.webapp.add_routes(
            [
                web.get("/host/info", api_host.info),
-                web.get("/host/logs", api_host.logs),
+                web.get("/host/logs", api_host.advanced_logs),
+                web.get(
+                    "/host/logs/follow",
+                    partial(api_host.advanced_logs, follow=True),
+                ),
+                web.get("/host/logs/identifiers", api_host.list_identifiers),
+                web.get("/host/logs/identifiers/{identifier}", api_host.advanced_logs),
+                web.get(
+                    "/host/logs/identifiers/{identifier}/follow",
+                    partial(api_host.advanced_logs, follow=True),
+                ),
+                web.get("/host/logs/boots", api_host.list_boots),
+                web.get("/host/logs/boots/{bootid}", api_host.advanced_logs),
+                web.get(
+                    "/host/logs/boots/{bootid}/follow",
+                    partial(api_host.advanced_logs, follow=True),
+                ),
+                web.get(
+                    "/host/logs/boots/{bootid}/identifiers/{identifier}",
+                    api_host.advanced_logs,
+                ),
+                web.get(
+                    "/host/logs/boots/{bootid}/identifiers/{identifier}/follow",
+                    partial(api_host.advanced_logs, follow=True),
+                ),
                web.post("/host/reboot", api_host.reboot),
                web.post("/host/shutdown", api_host.shutdown),
                web.post("/host/reload", api_host.reload),
                web.post("/host/options", api_host.options),
                web.get("/host/services", api_host.services),
-                web.post("/host/services/{service}/stop", api_host.service_stop),
-                web.post("/host/services/{service}/start", api_host.service_start),
-                web.post("/host/services/{service}/restart", api_host.service_restart),
-                web.post("/host/services/{service}/reload", api_host.service_reload),
            ]
        )

@@ -150,6 +185,17 @@ class RestAPI(CoreSysAttributes):
            ]
        )

+        # Boards endpoints
+        self.webapp.add_routes(
+            [
+                web.get("/os/boards/green", api_os.boards_green_info),
+                web.post("/os/boards/green", api_os.boards_green_options),
+                web.get("/os/boards/yellow", api_os.boards_yellow_info),
+                web.post("/os/boards/yellow", api_os.boards_yellow_options),
+                web.get("/os/boards/{board}", api_os.boards_other_info),
+            ]
+        )
+
    def _register_security(self) -> None:
        """Register Security functions."""
        api_security = APISecurity()
@@ -269,6 +315,10 @@ class RestAPI(CoreSysAttributes):
                    "/resolution/issue/{issue}",
                    api_resolution.dismiss_issue,
                ),
+                web.get(
+                    "/resolution/issue/{issue}/suggestions",
+                    api_resolution.suggestions_for_issue,
+                ),
                web.post("/resolution/healthcheck", api_resolution.healthcheck),
            ]
        )
@@ -378,7 +428,6 @@ class RestAPI(CoreSysAttributes):
        self.webapp.add_routes(
            [
                web.get("/addons", api_addons.list),
-                web.get("/addons/{addon}/info", api_addons.info),
                web.post("/addons/{addon}/uninstall", api_addons.uninstall),
                web.post("/addons/{addon}/start", api_addons.start),
                web.post("/addons/{addon}/stop", api_addons.stop),
@@ -396,6 +445,25 @@ class RestAPI(CoreSysAttributes):
            ]
        )

+        # Legacy routing to support requests for not installed addons
+        api_store = APIStore()
+        api_store.coresys = self.coresys
+
+        @api_process
+        async def addons_addon_info(request: web.Request) -> dict[str, Any]:
+            """Route to store if info requested for not installed addon."""
+            try:
+                return await api_addons.info(request)
+            except APIAddonNotInstalled:
+                # Route to store/{addon}/info but add missing fields
+                return dict(
+                    await api_store.addons_addon_info_wrapped(request),
+                    state=AddonState.UNKNOWN,
+                    options=self.sys_addons.store[request.match_info["addon"]].options,
+                )
+
+        self.webapp.add_routes([web.get("/addons/{addon}/info", addons_addon_info)])
+
    def _register_ingress(self) -> None:
        """Register Ingress functions."""
        api_ingress = APIIngress()
@@ -418,11 +486,15 @@ class RestAPI(CoreSysAttributes):
        self.webapp.add_routes(
            [
                web.get("/backups", api_backups.list),
+                web.get("/backups/info", api_backups.info),
+                web.post("/backups/options", api_backups.options),
                web.post("/backups/reload", api_backups.reload),
+                web.post("/backups/freeze", api_backups.freeze),
+                web.post("/backups/thaw", api_backups.thaw),
                web.post("/backups/new/full", api_backups.backup_full),
                web.post("/backups/new/partial", api_backups.backup_partial),
                web.post("/backups/new/upload", api_backups.upload),
-                web.get("/backups/{slug}/info", api_backups.info),
+                web.get("/backups/{slug}/info", api_backups.backup_info),
                web.delete("/backups/{slug}", api_backups.remove),
                web.post("/backups/{slug}/restore/full", api_backups.restore_full),
                web.post(
@@ -482,6 +554,8 @@ class RestAPI(CoreSysAttributes):
        """Register Audio functions."""
        api_audio = APIAudio()
        api_audio.coresys = self.coresys
+        api_host = APIHost()
+        api_host.coresys = self.coresys

        self.webapp.add_routes(
            [
@@ -500,6 +574,22 @@ class RestAPI(CoreSysAttributes):
            ]
        )

+    def _register_mounts(self) -> None:
+        """Register mounts endpoints."""
+        api_mounts = APIMounts()
+        api_mounts.coresys = self.coresys
+
+        self.webapp.add_routes(
+            [
+                web.get("/mounts", api_mounts.info),
+                web.post("/mounts/options", api_mounts.options),
+                web.post("/mounts", api_mounts.create_mount),
+                web.put("/mounts/{mount}", api_mounts.update_mount),
+                web.delete("/mounts/{mount}", api_mounts.delete_mount),
+                web.post("/mounts/{mount}/reload", api_mounts.reload_mount),
+            ]
+        )
+
    def _register_store(self) -> None:
        """Register store endpoints."""
        api_store = APIStore()
@@ -583,9 +673,7 @@ class RestAPI(CoreSysAttributes):
    async def start(self) -> None:
        """Run RESTful API webserver."""
        await self._runner.setup()
-        self._site = web.TCPSite(
-            self._runner, host="0.0.0.0", port=80, shutdown_timeout=5
-        )
+        self._site = web.TCPSite(self._runner, host="0.0.0.0", port=80)

        try:
            await self._site.start()
--- a/supervisor/api/addons.py
+++ b/supervisor/api/addons.py
@@ -1,14 +1,15 @@
 """Init file for Supervisor Home Assistant RESTful API."""
 import asyncio
+from collections.abc import Awaitable
 import logging
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
 import voluptuous as vol
 from voluptuous.humanize import humanize_error

-from ..addons import AnyAddon
 from ..addons.addon import Addon
+from ..addons.manager import AnyAddon
 from ..addons.utils import rating_security
 from ..const import (
    ATTR_ADDONS,
@@ -45,6 +46,7 @@ from ..const import (
    ATTR_HOST_IPC,
    ATTR_HOST_NETWORK,
    ATTR_HOST_PID,
+    ATTR_HOST_UTS,
    ATTR_HOSTNAME,
    ATTR_ICON,
    ATTR_INGRESS,
@@ -96,7 +98,13 @@ from ..const import (
 )
 from ..coresys import CoreSysAttributes
 from ..docker.stats import DockerStats
-from ..exceptions import APIError, APIForbidden, PwnedError, PwnedSecret
+from ..exceptions import (
+    APIAddonNotInstalled,
+    APIError,
+    APIForbidden,
+    PwnedError,
+    PwnedSecret,
+)
 from ..validate import docker_ports
 from .const import ATTR_SIGNED, CONTENT_TYPE_BINARY
 from .utils import api_process, api_process_raw, api_validate, json_loads
@@ -140,7 +148,7 @@ class APIAddons(CoreSysAttributes):
        if not addon:
            raise APIError(f"Addon {addon_slug} does not exist")
        if not isinstance(addon, Addon) or not addon.is_installed:
-            raise APIError("Addon is not installed")
+            raise APIAddonNotInstalled("Addon is not installed")

        return addon

@@ -177,7 +185,6 @@ class APIAddons(CoreSysAttributes):
        """Reload all add-on data from store."""
        await asyncio.shield(self.sys_store.reload())

-    @api_process
    async def info(self, request: web.Request) -> dict[str, Any]:
        """Return add-on information."""
        addon: AnyAddon = self._extract_addon(request)
@@ -210,6 +217,7 @@ class APIAddons(CoreSysAttributes):
            ATTR_HOST_NETWORK: addon.host_network,
            ATTR_HOST_PID: addon.host_pid,
            ATTR_HOST_IPC: addon.host_ipc,
+            ATTR_HOST_UTS: addon.host_uts,
            ATTR_HOST_DBUS: addon.host_dbus,
            ATTR_PRIVILEGED: addon.privileged,
            ATTR_FULL_ACCESS: addon.with_full_access,
@@ -380,13 +388,14 @@ class APIAddons(CoreSysAttributes):
    def uninstall(self, request: web.Request) -> Awaitable[None]:
        """Uninstall add-on."""
        addon = self._extract_addon(request)
-        return asyncio.shield(addon.uninstall())
+        return asyncio.shield(self.sys_addons.uninstall(addon.slug))

    @api_process
-    def start(self, request: web.Request) -> Awaitable[None]:
+    async def start(self, request: web.Request) -> None:
        """Start add-on."""
        addon = self._extract_addon(request)
-        return asyncio.shield(addon.start())
+        if start_task := await asyncio.shield(addon.start()):
+            await start_task

    @api_process
    def stop(self, request: web.Request) -> Awaitable[None]:
@@ -395,16 +404,18 @@ class APIAddons(CoreSysAttributes):
        return asyncio.shield(addon.stop())

    @api_process
-    def restart(self, request: web.Request) -> Awaitable[None]:
+    async def restart(self, request: web.Request) -> None:
        """Restart add-on."""
        addon: Addon = self._extract_addon(request)
-        return asyncio.shield(addon.restart())
+        if start_task := await asyncio.shield(addon.restart()):
+            await start_task

    @api_process
-    def rebuild(self, request: web.Request) -> Awaitable[None]:
+    async def rebuild(self, request: web.Request) -> None:
        """Rebuild local build add-on."""
        addon = self._extract_addon(request)
-        return asyncio.shield(addon.rebuild())
+        if start_task := await asyncio.shield(self.sys_addons.rebuild(addon.slug)):
+            await start_task

    @api_process_raw(CONTENT_TYPE_BINARY)
    def logs(self, request: web.Request) -> Awaitable[bytes]:
--- a/supervisor/api/audio.py
+++ b/supervisor/api/audio.py
@@ -1,10 +1,11 @@
 """Init file for Supervisor Audio RESTful API."""
 import asyncio
+from collections.abc import Awaitable
+from dataclasses import asdict
 import logging
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
-import attr
 import voluptuous as vol

 from ..const import (
@@ -75,15 +76,11 @@ class APIAudio(CoreSysAttributes):
            ATTR_UPDATE_AVAILABLE: self.sys_plugins.audio.need_update,
            ATTR_HOST: str(self.sys_docker.network.audio),
            ATTR_AUDIO: {
-                ATTR_CARD: [attr.asdict(card) for card in self.sys_host.sound.cards],
-                ATTR_INPUT: [
-                    attr.asdict(stream) for stream in self.sys_host.sound.inputs
-                ],
-                ATTR_OUTPUT: [
-                    attr.asdict(stream) for stream in self.sys_host.sound.outputs
-                ],
+                ATTR_CARD: [asdict(card) for card in self.sys_host.sound.cards],
+                ATTR_INPUT: [asdict(stream) for stream in self.sys_host.sound.inputs],
+                ATTR_OUTPUT: [asdict(stream) for stream in self.sys_host.sound.outputs],
                ATTR_APPLICATION: [
-                    attr.asdict(stream) for stream in self.sys_host.sound.applications
+                    asdict(stream) for stream in self.sys_host.sound.applications
                ],
            },
        }
--- a/supervisor/api/auth.py
+++ b/supervisor/api/auth.py
@@ -11,6 +11,7 @@ from ..addons.addon import Addon
 from ..const import ATTR_PASSWORD, ATTR_USERNAME, REQUEST_FROM
 from ..coresys import CoreSysAttributes
 from ..exceptions import APIForbidden
+from ..utils.json import json_loads
 from .const import CONTENT_TYPE_JSON, CONTENT_TYPE_URL
 from .utils import api_process, api_validate

@@ -67,7 +68,7 @@ class APIAuth(CoreSysAttributes):

        # Json
        if request.headers.get(CONTENT_TYPE) == CONTENT_TYPE_JSON:
-            data = await request.json()
+            data = await request.json(loads=json_loads)
            return await self._process_dict(request, addon, data)

        # URL encoded
--- a/supervisor/api/backups.py
+++ b/supervisor/api/backups.py
@@ -1,34 +1,43 @@
 """Backups RESTful API."""
 import asyncio
+import errno
 import logging
 from pathlib import Path
 import re
 from tempfile import TemporaryDirectory
+from typing import Any

 from aiohttp import web
 from aiohttp.hdrs import CONTENT_DISPOSITION
 import voluptuous as vol

-from ..backups.validate import ALL_FOLDERS, FOLDER_HOMEASSISTANT
+from ..backups.validate import ALL_FOLDERS, FOLDER_HOMEASSISTANT, days_until_stale
 from ..const import (
    ATTR_ADDONS,
    ATTR_BACKUPS,
    ATTR_COMPRESSED,
    ATTR_CONTENT,
    ATTR_DATE,
+    ATTR_DAYS_UNTIL_STALE,
    ATTR_FOLDERS,
    ATTR_HOMEASSISTANT,
+    ATTR_HOMEASSISTANT_EXCLUDE_DATABASE,
+    ATTR_LOCATON,
    ATTR_NAME,
    ATTR_PASSWORD,
    ATTR_PROTECTED,
    ATTR_REPOSITORIES,
    ATTR_SIZE,
    ATTR_SLUG,
+    ATTR_SUPERVISOR_VERSION,
+    ATTR_TIMEOUT,
    ATTR_TYPE,
    ATTR_VERSION,
 )
 from ..coresys import CoreSysAttributes
 from ..exceptions import APIError
+from ..mounts.const import MountUsage
+from ..resolution.const import UnhealthyReason
 from .const import CONTENT_TYPE_TAR
 from .utils import api_process, api_validate

@@ -57,6 +66,8 @@ SCHEMA_BACKUP_FULL = vol.Schema(
        vol.Optional(ATTR_NAME): str,
        vol.Optional(ATTR_PASSWORD): vol.Maybe(str),
        vol.Optional(ATTR_COMPRESSED): vol.Maybe(vol.Boolean()),
+        vol.Optional(ATTR_LOCATON): vol.Maybe(str),
+        vol.Optional(ATTR_HOMEASSISTANT_EXCLUDE_DATABASE): vol.Boolean(),
    }
 )

@@ -68,6 +79,18 @@ SCHEMA_BACKUP_PARTIAL = SCHEMA_BACKUP_FULL.extend(
    }
 )

+SCHEMA_OPTIONS = vol.Schema(
+    {
+        vol.Optional(ATTR_DAYS_UNTIL_STALE): days_until_stale,
+    }
+)
+
+SCHEMA_FREEZE = vol.Schema(
+    {
+        vol.Optional(ATTR_TIMEOUT): vol.All(int, vol.Range(min=1)),
+    }
+)
+

 class APIBackups(CoreSysAttributes):
    """Handle RESTful API for backups functions."""
@@ -79,27 +102,31 @@ class APIBackups(CoreSysAttributes):
            raise APIError("Backup does not exist")
        return backup

+    def _list_backups(self):
+        """Return list of backups."""
+        return [
+            {
+                ATTR_SLUG: backup.slug,
+                ATTR_NAME: backup.name,
+                ATTR_DATE: backup.date,
+                ATTR_TYPE: backup.sys_type,
+                ATTR_SIZE: backup.size,
+                ATTR_LOCATON: backup.location,
+                ATTR_PROTECTED: backup.protected,
+                ATTR_COMPRESSED: backup.compressed,
+                ATTR_CONTENT: {
+                    ATTR_HOMEASSISTANT: backup.homeassistant_version is not None,
+                    ATTR_ADDONS: backup.addon_list,
+                    ATTR_FOLDERS: backup.folders,
+                },
+            }
+            for backup in self.sys_backups.list_backups
+        ]
+
    @api_process
    async def list(self, request):
        """Return backup list."""
-        data_backups = []
-        for backup in self.sys_backups.list_backups:
-            data_backups.append(
-                {
-                    ATTR_SLUG: backup.slug,
-                    ATTR_NAME: backup.name,
-                    ATTR_DATE: backup.date,
-                    ATTR_TYPE: backup.sys_type,
-                    ATTR_SIZE: backup.size,
-                    ATTR_PROTECTED: backup.protected,
-                    ATTR_COMPRESSED: backup.compressed,
-                    ATTR_CONTENT: {
-                        ATTR_HOMEASSISTANT: backup.homeassistant_version is not None,
-                        ATTR_ADDONS: backup.addon_list,
-                        ATTR_FOLDERS: backup.folders,
-                    },
-                }
-            )
+        data_backups = self._list_backups()

        if request.path == "/snapshots":
            # Kept for backwards compability
@@ -108,13 +135,31 @@ class APIBackups(CoreSysAttributes):
        return {ATTR_BACKUPS: data_backups}

    @api_process
-    async def reload(self, request):
+    async def info(self, request):
+        """Return backup list and manager info."""
+        return {
+            ATTR_BACKUPS: self._list_backups(),
+            ATTR_DAYS_UNTIL_STALE: self.sys_backups.days_until_stale,
+        }
+
+    @api_process
+    async def options(self, request):
+        """Set backup manager options."""
+        body = await api_validate(SCHEMA_OPTIONS, request)
+
+        if ATTR_DAYS_UNTIL_STALE in body:
+            self.sys_backups.days_until_stale = body[ATTR_DAYS_UNTIL_STALE]
+
+        self.sys_backups.save_data()
+
+    @api_process
+    async def reload(self, _):
        """Reload backup list."""
        await asyncio.shield(self.sys_backups.reload())
        return True

    @api_process
-    async def info(self, request):
+    async def backup_info(self, request):
        """Return backup info."""
        backup = self._extract_slug(request)

@@ -137,17 +182,36 @@ class APIBackups(CoreSysAttributes):
            ATTR_SIZE: backup.size,
            ATTR_COMPRESSED: backup.compressed,
            ATTR_PROTECTED: backup.protected,
+            ATTR_SUPERVISOR_VERSION: backup.supervisor_version,
            ATTR_HOMEASSISTANT: backup.homeassistant_version,
+            ATTR_LOCATON: backup.location,
            ATTR_ADDONS: data_addons,
            ATTR_REPOSITORIES: backup.repositories,
            ATTR_FOLDERS: backup.folders,
+            ATTR_HOMEASSISTANT_EXCLUDE_DATABASE: backup.homeassistant_exclude_database,
        }

+    def _location_to_mount(self, body: dict[str, Any]) -> dict[str, Any]:
+        """Change location field to mount if necessary."""
+        if not body.get(ATTR_LOCATON):
+            return body
+
+        body[ATTR_LOCATON] = self.sys_mounts.get(body[ATTR_LOCATON])
+        if body[ATTR_LOCATON].usage != MountUsage.BACKUP:
+            raise APIError(
+                f"Mount {body[ATTR_LOCATON].name} is not used for backups, cannot backup to there"
+            )
+
+        return body
+
    @api_process
    async def backup_full(self, request):
        """Create full backup."""
        body = await api_validate(SCHEMA_BACKUP_FULL, request)
-        backup = await asyncio.shield(self.sys_backups.do_backup_full(**body))
+
+        backup = await asyncio.shield(
+            self.sys_backups.do_backup_full(**self._location_to_mount(body))
+        )

        if backup:
            return {ATTR_SLUG: backup.slug}
@@ -157,7 +221,9 @@ class APIBackups(CoreSysAttributes):
    async def backup_partial(self, request):
        """Create a partial backup."""
        body = await api_validate(SCHEMA_BACKUP_PARTIAL, request)
-        backup = await asyncio.shield(self.sys_backups.do_backup_partial(**body))
+        backup = await asyncio.shield(
+            self.sys_backups.do_backup_partial(**self._location_to_mount(body))
+        )

        if backup:
            return {ATTR_SLUG: backup.slug}
@@ -179,6 +245,17 @@ class APIBackups(CoreSysAttributes):

        return await asyncio.shield(self.sys_backups.do_restore_partial(backup, **body))

+    @api_process
+    async def freeze(self, request):
+        """Initiate manual freeze for external backup."""
+        body = await api_validate(SCHEMA_FREEZE, request)
+        await asyncio.shield(self.sys_backups.freeze_all(**body))
+
+    @api_process
+    async def thaw(self, request):
+        """Begin thaw after manual freeze."""
+        await self.sys_backups.thaw_all()
+
    @api_process
    async def remove(self, request):
        """Remove a backup."""
@@ -213,6 +290,8 @@ class APIBackups(CoreSysAttributes):
                        backup.write(chunk)

            except OSError as err:
+                if err.errno == errno.EBADMSG:
+                    self.sys_resolution.unhealthy = UnhealthyReason.OSERROR_BAD_MESSAGE
                _LOGGER.error("Can't write new backup file: %s", err)
                return False

--- a/supervisor/api/const.py
+++ b/supervisor/api/const.py
@@ -9,31 +9,46 @@ CONTENT_TYPE_URL = "application/x-www-form-urlencoded"

 COOKIE_INGRESS = "ingress_session"

-HEADER_TOKEN_OLD = "X-Hassio-Key"
-HEADER_TOKEN = "X-Supervisor-Token"
-
-ATTR_APPARMOR_VERSION = "apparmor_version"
 ATTR_AGENT_VERSION = "agent_version"
+ATTR_APPARMOR_VERSION = "apparmor_version"
+ATTR_ATTRIBUTES = "attributes"
 ATTR_AVAILABLE_UPDATES = "available_updates"
 ATTR_BOOT_TIMESTAMP = "boot_timestamp"
+ATTR_BOOTS = "boots"
 ATTR_BROADCAST_LLMNR = "broadcast_llmnr"
 ATTR_BROADCAST_MDNS = "broadcast_mdns"
+ATTR_BY_ID = "by_id"
+ATTR_CHILDREN = "children"
+ATTR_CONNECTION_BUS = "connection_bus"
 ATTR_DATA_DISK = "data_disk"
 ATTR_DEVICE = "device"
+ATTR_DEV_PATH = "dev_path"
+ATTR_DISKS = "disks"
+ATTR_DRIVES = "drives"
 ATTR_DT_SYNCHRONIZED = "dt_synchronized"
 ATTR_DT_UTC = "dt_utc"
+ATTR_EJECTABLE = "ejectable"
 ATTR_FALLBACK = "fallback"
+ATTR_FILESYSTEMS = "filesystems"
+ATTR_IDENTIFIERS = "identifiers"
+ATTR_JOBS = "jobs"
 ATTR_LLMNR = "llmnr"
 ATTR_LLMNR_HOSTNAME = "llmnr_hostname"
 ATTR_MDNS = "mdns"
+ATTR_MODEL = "model"
+ATTR_MOUNTS = "mounts"
+ATTR_MOUNT_POINTS = "mount_points"
 ATTR_PANEL_PATH = "panel_path"
+ATTR_REMOVABLE = "removable"
+ATTR_REVISION = "revision"
+ATTR_SEAT = "seat"
 ATTR_SIGNED = "signed"
 ATTR_STARTUP_TIME = "startup_time"
-ATTR_UPDATE_TYPE = "update_type"
-ATTR_USE_NTP = "use_ntp"
-ATTR_BY_ID = "by_id"
 ATTR_SUBSYSTEM = "subsystem"
 ATTR_SYSFS = "sysfs"
-ATTR_DEV_PATH = "dev_path"
-ATTR_ATTRIBUTES = "attributes"
-ATTR_CHILDREN = "children"
+ATTR_SYSTEM_HEALTH_LED = "system_health_led"
+ATTR_TIME_DETECTED = "time_detected"
+ATTR_UPDATE_TYPE = "update_type"
+ATTR_USE_NTP = "use_ntp"
+ATTR_USAGE = "usage"
+ATTR_VENDOR = "vendor"
--- a/supervisor/api/discovery.py
+++ b/supervisor/api/discovery.py
@@ -1,6 +1,9 @@
 """Init file for Supervisor network RESTful API."""
+import logging
+
 import voluptuous as vol

+from ..addons.addon import Addon
 from ..const import (
    ATTR_ADDON,
    ATTR_CONFIG,
@@ -9,15 +12,18 @@ from ..const import (
    ATTR_SERVICES,
    ATTR_UUID,
    REQUEST_FROM,
+    AddonState,
 )
 from ..coresys import CoreSysAttributes
 from ..discovery.validate import valid_discovery_service
 from ..exceptions import APIError, APIForbidden
 from .utils import api_process, api_validate, require_home_assistant

+_LOGGER: logging.Logger = logging.getLogger(__name__)
+
 SCHEMA_DISCOVERY = vol.Schema(
    {
-        vol.Required(ATTR_SERVICE): valid_discovery_service,
+        vol.Required(ATTR_SERVICE): str,
        vol.Optional(ATTR_CONFIG): vol.Maybe(dict),
    }
 )
@@ -36,19 +42,19 @@ class APIDiscovery(CoreSysAttributes):
    @api_process
    @require_home_assistant
    async def list(self, request):
-        """Show register services."""
-
+        """Show registered and available services."""
        # Get available discovery
-        discovery = []
-        for message in self.sys_discovery.list_messages:
-            discovery.append(
-                {
-                    ATTR_ADDON: message.addon,
-                    ATTR_SERVICE: message.service,
-                    ATTR_UUID: message.uuid,
-                    ATTR_CONFIG: message.config,
-                }
-            )
+        discovery = [
+            {
+                ATTR_ADDON: message.addon,
+                ATTR_SERVICE: message.service,
+                ATTR_UUID: message.uuid,
+                ATTR_CONFIG: message.config,
+            }
+            for message in self.sys_discovery.list_messages
+            if (addon := self.sys_addons.get(message.addon, local_only=True))
+            and addon.state == AddonState.STARTED
+        ]

        # Get available services/add-ons
        services = {}
@@ -62,11 +68,28 @@ class APIDiscovery(CoreSysAttributes):
    async def set_discovery(self, request):
        """Write data into a discovery pipeline."""
        body = await api_validate(SCHEMA_DISCOVERY, request)
-        addon = request[REQUEST_FROM]
+        addon: Addon = request[REQUEST_FROM]
+        service = body[ATTR_SERVICE]
+
+        try:
+            valid_discovery_service(service)
+        except vol.Invalid:
+            _LOGGER.warning(
+                "Received discovery message for unknown service %s from addon %s. Please report this to the maintainer of the add-on",
+                service,
+                addon.name,
+            )

        # Access?
        if body[ATTR_SERVICE] not in addon.discovery:
-            raise APIForbidden("Can't use discovery!")
+            _LOGGER.error(
+                "Add-on %s attempted to send discovery for service %s which is not listed in its config. Please report this to the maintainer of the add-on",
+                addon.name,
+                service,
+            )
+            raise APIForbidden(
+                "Add-ons must list services they provide via discovery in their config!"
+            )

        # Process discovery message
        message = self.sys_discovery.send(addon, **body)
--- a/supervisor/api/dns.py
+++ b/supervisor/api/dns.py
@@ -1,7 +1,8 @@
 """Init file for Supervisor DNS RESTful API."""
 import asyncio
+from collections.abc import Awaitable
 import logging
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
 import voluptuous as vol
--- a/supervisor/api/hardware.py
+++ b/supervisor/api/hardware.py
@@ -4,16 +4,41 @@ from typing import Any

 from aiohttp import web

-from ..const import ATTR_AUDIO, ATTR_DEVICES, ATTR_INPUT, ATTR_NAME, ATTR_OUTPUT
+from ..const import (
+    ATTR_AUDIO,
+    ATTR_DEVICES,
+    ATTR_ID,
+    ATTR_INPUT,
+    ATTR_NAME,
+    ATTR_OUTPUT,
+    ATTR_SERIAL,
+    ATTR_SIZE,
+    ATTR_SYSTEM,
+)
 from ..coresys import CoreSysAttributes
+from ..dbus.udisks2 import UDisks2
+from ..dbus.udisks2.block import UDisks2Block
+from ..dbus.udisks2.drive import UDisks2Drive
 from ..hardware.data import Device
 from .const import (
    ATTR_ATTRIBUTES,
    ATTR_BY_ID,
    ATTR_CHILDREN,
+    ATTR_CONNECTION_BUS,
    ATTR_DEV_PATH,
+    ATTR_DEVICE,
+    ATTR_DRIVES,
+    ATTR_EJECTABLE,
+    ATTR_FILESYSTEMS,
+    ATTR_MODEL,
+    ATTR_MOUNT_POINTS,
+    ATTR_REMOVABLE,
+    ATTR_REVISION,
+    ATTR_SEAT,
    ATTR_SUBSYSTEM,
    ATTR_SYSFS,
+    ATTR_TIME_DETECTED,
+    ATTR_VENDOR,
 )
 from .utils import api_process

@@ -21,7 +46,7 @@ _LOGGER: logging.Logger = logging.getLogger(__name__)


 def device_struct(device: Device) -> dict[str, Any]:
-    """Return a dict with information of a interface to be used in th API."""
+    """Return a dict with information of a interface to be used in the API."""
    return {
        ATTR_NAME: device.name,
        ATTR_SYSFS: device.sysfs,
@@ -33,6 +58,42 @@ def device_struct(device: Device) -> dict[str, Any]:
    }


+def filesystem_struct(fs_block: UDisks2Block) -> dict[str, Any]:
+    """Return a dict with information of a filesystem block device to be used in the API."""
+    return {
+        ATTR_DEVICE: str(fs_block.device),
+        ATTR_ID: fs_block.id,
+        ATTR_SIZE: fs_block.size,
+        ATTR_NAME: fs_block.id_label,
+        ATTR_SYSTEM: fs_block.hint_system,
+        ATTR_MOUNT_POINTS: [
+            str(mount_point) for mount_point in fs_block.filesystem.mount_points
+        ],
+    }
+
+
+def drive_struct(udisks2: UDisks2, drive: UDisks2Drive) -> dict[str, Any]:
+    """Return a dict with information of a disk to be used in the API."""
+    return {
+        ATTR_VENDOR: drive.vendor,
+        ATTR_MODEL: drive.model,
+        ATTR_REVISION: drive.revision,
+        ATTR_SERIAL: drive.serial,
+        ATTR_ID: drive.id,
+        ATTR_SIZE: drive.size,
+        ATTR_TIME_DETECTED: drive.time_detected.isoformat(),
+        ATTR_CONNECTION_BUS: drive.connection_bus,
+        ATTR_SEAT: drive.seat,
+        ATTR_REMOVABLE: drive.removable,
+        ATTR_EJECTABLE: drive.ejectable,
+        ATTR_FILESYSTEMS: [
+            filesystem_struct(block)
+            for block in udisks2.block_devices
+            if block.filesystem and block.drive == drive.object_path
+        ],
+    }
+
+
 class APIHardware(CoreSysAttributes):
    """Handle RESTful API for hardware functions."""

@@ -42,7 +103,11 @@ class APIHardware(CoreSysAttributes):
        return {
            ATTR_DEVICES: [
                device_struct(device) for device in self.sys_hardware.devices
-            ]
+            ],
+            ATTR_DRIVES: [
+                drive_struct(self.sys_dbus.udisks2, drive)
+                for drive in self.sys_dbus.udisks2.drives
+            ],
        }

    @api_process
--- a/supervisor/api/homeassistant.py
+++ b/supervisor/api/homeassistant.py
@@ -1,7 +1,8 @@
 """Init file for Supervisor Home Assistant RESTful API."""
 import asyncio
+from collections.abc import Awaitable
 import logging
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
 import voluptuous as vol
@@ -11,6 +12,7 @@ from ..const import (
    ATTR_AUDIO_INPUT,
    ATTR_AUDIO_OUTPUT,
    ATTR_BACKUP,
+    ATTR_BACKUPS_EXCLUDE_DATABASE,
    ATTR_BLK_READ,
    ATTR_BLK_WRITE,
    ATTR_BOOT,
@@ -50,6 +52,7 @@ SCHEMA_OPTIONS = vol.Schema(
        vol.Optional(ATTR_REFRESH_TOKEN): vol.Maybe(str),
        vol.Optional(ATTR_AUDIO_OUTPUT): vol.Maybe(str),
        vol.Optional(ATTR_AUDIO_INPUT): vol.Maybe(str),
+        vol.Optional(ATTR_BACKUPS_EXCLUDE_DATABASE): vol.Boolean(),
    }
 )

@@ -81,6 +84,7 @@ class APIHomeAssistant(CoreSysAttributes):
            ATTR_WATCHDOG: self.sys_homeassistant.watchdog,
            ATTR_AUDIO_INPUT: self.sys_homeassistant.audio_input,
            ATTR_AUDIO_OUTPUT: self.sys_homeassistant.audio_output,
+            ATTR_BACKUPS_EXCLUDE_DATABASE: self.sys_homeassistant.backups_exclude_database,
        }

    @api_process
@@ -112,6 +116,11 @@ class APIHomeAssistant(CoreSysAttributes):
        if ATTR_AUDIO_OUTPUT in body:
            self.sys_homeassistant.audio_output = body[ATTR_AUDIO_OUTPUT]

+        if ATTR_BACKUPS_EXCLUDE_DATABASE in body:
+            self.sys_homeassistant.backups_exclude_database = body[
+                ATTR_BACKUPS_EXCLUDE_DATABASE
+            ]
+
        self.sys_homeassistant.save_data()

    @api_process
--- a/supervisor/api/host.py
+++ b/supervisor/api/host.py
@@ -1,9 +1,12 @@
 """Init file for Supervisor host RESTful API."""
 import asyncio
-from typing import Awaitable
+from contextlib import suppress
+import logging

 from aiohttp import web
+from aiohttp.hdrs import ACCEPT, RANGE
 import voluptuous as vol
+from voluptuous.error import CoerceInvalid

 from ..const import (
    ATTR_CHASSIS,
@@ -24,22 +27,30 @@ from ..const import (
    ATTR_TIMEZONE,
 )
 from ..coresys import CoreSysAttributes
+from ..exceptions import APIError, HostLogError
+from ..host.const import PARAM_BOOT_ID, PARAM_FOLLOW, PARAM_SYSLOG_IDENTIFIER
 from .const import (
    ATTR_AGENT_VERSION,
    ATTR_APPARMOR_VERSION,
    ATTR_BOOT_TIMESTAMP,
+    ATTR_BOOTS,
    ATTR_BROADCAST_LLMNR,
    ATTR_BROADCAST_MDNS,
    ATTR_DT_SYNCHRONIZED,
    ATTR_DT_UTC,
+    ATTR_IDENTIFIERS,
    ATTR_LLMNR_HOSTNAME,
    ATTR_STARTUP_TIME,
    ATTR_USE_NTP,
-    CONTENT_TYPE_BINARY,
+    CONTENT_TYPE_TEXT,
 )
-from .utils import api_process, api_process_raw, api_validate
+from .utils import api_process, api_validate

-SERVICE = "service"
+_LOGGER: logging.Logger = logging.getLogger(__name__)
+
+IDENTIFIER = "identifier"
+BOOTID = "bootid"
+DEFAULT_RANGE = 100

 SCHEMA_OPTIONS = vol.Schema({vol.Optional(ATTR_HOSTNAME): str})

@@ -117,30 +128,75 @@ class APIHost(CoreSysAttributes):
        return {ATTR_SERVICES: services}

    @api_process
-    def service_start(self, request):
-        """Start a service."""
-        unit = request.match_info.get(SERVICE)
-        return asyncio.shield(self.sys_host.services.start(unit))
+    async def list_boots(self, _: web.Request):
+        """Return a list of boot IDs."""
+        boot_ids = await self.sys_host.logs.get_boot_ids()
+        return {
+            ATTR_BOOTS: {
+                str(1 + i - len(boot_ids)): boot_id
+                for i, boot_id in enumerate(boot_ids)
+            }
+        }

    @api_process
-    def service_stop(self, request):
-        """Stop a service."""
-        unit = request.match_info.get(SERVICE)
-        return asyncio.shield(self.sys_host.services.stop(unit))
+    async def list_identifiers(self, _: web.Request):
+        """Return a list of syslog identifiers."""
+        return {ATTR_IDENTIFIERS: await self.sys_host.logs.get_identifiers()}
+
+    async def _get_boot_id(self, possible_offset: str) -> str:
+        """Convert offset into boot ID if required."""
+        with suppress(CoerceInvalid):
+            offset = vol.Coerce(int)(possible_offset)
+            try:
+                return await self.sys_host.logs.get_boot_id(offset)
+            except (ValueError, HostLogError) as err:
+                raise APIError() from err
+        return possible_offset

    @api_process
-    def service_reload(self, request):
-        """Reload a service."""
-        unit = request.match_info.get(SERVICE)
-        return asyncio.shield(self.sys_host.services.reload(unit))
+    async def advanced_logs(
+        self, request: web.Request, identifier: str | None = None, follow: bool = False
+    ) -> web.StreamResponse:
+        """Return systemd-journald logs."""
+        params = {}
+        if identifier:
+            params[PARAM_SYSLOG_IDENTIFIER] = identifier
+        elif IDENTIFIER in request.match_info:
+            params[PARAM_SYSLOG_IDENTIFIER] = request.match_info.get(IDENTIFIER)
+        else:
+            params[PARAM_SYSLOG_IDENTIFIER] = self.sys_host.logs.default_identifiers

-    @api_process
-    def service_restart(self, request):
-        """Restart a service."""
-        unit = request.match_info.get(SERVICE)
-        return asyncio.shield(self.sys_host.services.restart(unit))
+        if BOOTID in request.match_info:
+            params[PARAM_BOOT_ID] = await self._get_boot_id(
+                request.match_info.get(BOOTID)
+            )
+        if follow:
+            params[PARAM_FOLLOW] = ""

-    @api_process_raw(CONTENT_TYPE_BINARY)
-    def logs(self, request: web.Request) -> Awaitable[bytes]:
-        """Return host kernel logs."""
-        return self.sys_host.info.get_dmesg()
+        if ACCEPT in request.headers and request.headers[ACCEPT] not in [
+            CONTENT_TYPE_TEXT,
+            "*/*",
+        ]:
+            raise APIError(
+                "Invalid content type requested. Only text/plain supported for now."
+            )
+
+        if RANGE in request.headers:
+            range_header = request.headers.get(RANGE)
+        else:
+            range_header = f"entries=:-{DEFAULT_RANGE}:"
+
+        async with self.sys_host.logs.journald_logs(
+            params=params, range_header=range_header
+        ) as resp:
+            try:
+                response = web.StreamResponse()
+                response.content_type = CONTENT_TYPE_TEXT
+                await response.prepare(request)
+                async for data in resp.content:
+                    await response.write(data)
+            except ConnectionResetError as ex:
+                raise APIError(
+                    "Connection reset when trying to fetch data from systemd-journald."
+                ) from ex
+            return response
--- a/supervisor/api/ingress.py
+++ b/supervisor/api/ingress.py
@@ -2,7 +2,7 @@
 import asyncio
 from ipaddress import ip_address
 import logging
-from typing import Any, Union
+from typing import Any

 import aiohttp
 from aiohttp import ClientTimeout, hdrs, web
@@ -21,20 +21,65 @@ from ..const import (
    ATTR_ICON,
    ATTR_PANELS,
    ATTR_SESSION,
+    ATTR_SESSION_DATA_USER_ID,
    ATTR_TITLE,
+    HEADER_REMOTE_USER_DISPLAY_NAME,
+    HEADER_REMOTE_USER_ID,
+    HEADER_REMOTE_USER_NAME,
+    HEADER_TOKEN,
+    HEADER_TOKEN_OLD,
+    IngressSessionData,
+    IngressSessionDataUser,
 )
 from ..coresys import CoreSysAttributes
-from .const import COOKIE_INGRESS, HEADER_TOKEN, HEADER_TOKEN_OLD
+from ..exceptions import HomeAssistantAPIError
+from .const import COOKIE_INGRESS
 from .utils import api_process, api_validate, require_home_assistant

 _LOGGER: logging.Logger = logging.getLogger(__name__)

 VALIDATE_SESSION_DATA = vol.Schema({ATTR_SESSION: str})

+"""Expected optional payload of create session request"""
+SCHEMA_INGRESS_CREATE_SESSION_DATA = vol.Schema(
+    {
+        vol.Optional(ATTR_SESSION_DATA_USER_ID): str,
+    }
+)
+
+
+# from https://github.com/aio-libs/aiohttp/blob/8ae650bee4add9f131d49b96a0a150311ea58cd1/aiohttp/helpers.py#L1059C1-L1079C1
+def must_be_empty_body(method: str, code: int) -> bool:
+    """Check if a request must return an empty body."""
+    return (
+        status_code_must_be_empty_body(code)
+        or method_must_be_empty_body(method)
+        or (200 <= code < 300 and method.upper() == hdrs.METH_CONNECT)
+    )
+
+
+def method_must_be_empty_body(method: str) -> bool:
+    """Check if a method must return an empty body."""
+    # https://datatracker.ietf.org/doc/html/rfc9112#section-6.3-2.1
+    # https://datatracker.ietf.org/doc/html/rfc9112#section-6.3-2.2
+    return method.upper() == hdrs.METH_HEAD
+
+
+def status_code_must_be_empty_body(code: int) -> bool:
+    """Check if a status code must return an empty body."""
+    # https://datatracker.ietf.org/doc/html/rfc9112#section-6.3-2.1
+    return code in {204, 304} or 100 <= code < 200
+

 class APIIngress(CoreSysAttributes):
    """Ingress view to handle add-on webui routing."""

+    _list_of_users: list[IngressSessionDataUser]
+
+    def __init__(self) -> None:
+        """Initialize APIIngress."""
+        self._list_of_users = []
+
    def _extract_addon(self, request: web.Request) -> Addon:
        """Return addon, throw an exception it it doesn't exist."""
        token = request.match_info.get("token")
@@ -69,7 +114,19 @@ class APIIngress(CoreSysAttributes):
    @require_home_assistant
    async def create_session(self, request: web.Request) -> dict[str, Any]:
        """Create a new session."""
-        session = self.sys_ingress.create_session()
+        schema_ingress_config_session_data = await api_validate(
+            SCHEMA_INGRESS_CREATE_SESSION_DATA, request
+        )
+        data: IngressSessionData | None = None
+
+        if ATTR_SESSION_DATA_USER_ID in schema_ingress_config_session_data:
+            user = await self._find_user_by_id(
+                schema_ingress_config_session_data[ATTR_SESSION_DATA_USER_ID]
+            )
+            if user:
+                data = IngressSessionData(user)
+
+        session = self.sys_ingress.create_session(data)
        return {ATTR_SESSION: session}

    @api_process
@@ -83,10 +140,9 @@ class APIIngress(CoreSysAttributes):
            _LOGGER.warning("No valid ingress session %s", data[ATTR_SESSION])
            raise HTTPUnauthorized()

-    @require_home_assistant
    async def handler(
        self, request: web.Request
-    ) -> Union[web.Response, web.StreamResponse, web.WebSocketResponse]:
+    ) -> web.Response | web.StreamResponse | web.WebSocketResponse:
        """Route data to Supervisor ingress service."""

        # Check Ingress Session
@@ -98,13 +154,14 @@ class APIIngress(CoreSysAttributes):
        # Process requests
        addon = self._extract_addon(request)
        path = request.match_info.get("path")
+        session_data = self.sys_ingress.get_session_data(session)
        try:
            # Websocket
            if _is_websocket(request):
-                return await self._handle_websocket(request, addon, path)
+                return await self._handle_websocket(request, addon, path, session_data)

            # Request
-            return await self._handle_request(request, addon, path)
+            return await self._handle_request(request, addon, path, session_data)

        except aiohttp.ClientError as err:
            _LOGGER.error("Ingress error: %s", err)
@@ -112,7 +169,11 @@ class APIIngress(CoreSysAttributes):
        raise HTTPBadGateway()

    async def _handle_websocket(
-        self, request: web.Request, addon: Addon, path: str
+        self,
+        request: web.Request,
+        addon: Addon,
+        path: str,
+        session_data: IngressSessionData | None,
    ) -> web.WebSocketResponse:
        """Ingress route for websocket."""
        if hdrs.SEC_WEBSOCKET_PROTOCOL in request.headers:
@@ -130,7 +191,7 @@ class APIIngress(CoreSysAttributes):

        # Preparing
        url = self._create_url(addon, path)
-        source_header = _init_header(request, addon)
+        source_header = _init_header(request, addon, session_data)

        # Support GET query
        if request.query_string:
@@ -147,8 +208,8 @@ class APIIngress(CoreSysAttributes):
            # Proxy requests
            await asyncio.wait(
                [
-                    _websocket_forward(ws_server, ws_client),
-                    _websocket_forward(ws_client, ws_server),
+                    self.sys_create_task(_websocket_forward(ws_server, ws_client)),
+                    self.sys_create_task(_websocket_forward(ws_client, ws_server)),
                ],
                return_when=asyncio.FIRST_COMPLETED,
            )
@@ -156,11 +217,15 @@ class APIIngress(CoreSysAttributes):
        return ws_server

    async def _handle_request(
-        self, request: web.Request, addon: Addon, path: str
-    ) -> Union[web.Response, web.StreamResponse]:
+        self,
+        request: web.Request,
+        addon: Addon,
+        path: str,
+        session_data: IngressSessionData | None,
+    ) -> web.Response | web.StreamResponse:
        """Ingress route for request."""
        url = self._create_url(addon, path)
-        source_header = _init_header(request, addon)
+        source_header = _init_header(request, addon, session_data)

        # Passing the raw stream breaks requests for some webservers
        # since we just need it for POST requests really, for all other methods
@@ -180,12 +245,21 @@ class APIIngress(CoreSysAttributes):
            allow_redirects=False,
            data=data,
            timeout=ClientTimeout(total=None),
+            skip_auto_headers={hdrs.CONTENT_TYPE},
        ) as result:
            headers = _response_header(result)
-
+            # Avoid parsing content_type in simple cases for better performance
+            if maybe_content_type := result.headers.get(hdrs.CONTENT_TYPE):
+                content_type = (maybe_content_type.partition(";"))[0].strip()
+            else:
+                content_type = result.content_type
            # Simple request
            if (
-                hdrs.CONTENT_LENGTH in result.headers
+                # empty body responses should not be streamed,
+                # otherwise aiohttp < 3.9.0 may generate
+                # an invalid "0\r\n\r\n" chunk instead of an empty response.
+                must_be_empty_body(request.method, result.status)
+                or hdrs.CONTENT_LENGTH in result.headers
                and int(result.headers.get(hdrs.CONTENT_LENGTH, 0)) < 4_194_000
            ):
                # Return Response
@@ -193,13 +267,13 @@ class APIIngress(CoreSysAttributes):
                return web.Response(
                    headers=headers,
                    status=result.status,
-                    content_type=result.content_type,
+                    content_type=content_type,
                    body=body,
                )

            # Stream response
            response = web.StreamResponse(status=result.status, headers=headers)
-            response.content_type = result.content_type
+            response.content_type = content_type

            try:
                await response.prepare(request)
@@ -215,13 +289,35 @@ class APIIngress(CoreSysAttributes):

            return response

+    async def _find_user_by_id(self, user_id: str) -> IngressSessionDataUser | None:
+        """Find user object by the user's ID."""
+        try:
+            list_of_users = await self.sys_homeassistant.get_users()
+        except (HomeAssistantAPIError, TypeError) as err:
+            _LOGGER.error(
+                "%s error occurred while requesting list of users: %s", type(err), err
+            )
+            return None
+
+        if list_of_users is not None:
+            self._list_of_users = list_of_users
+
+        return next((user for user in self._list_of_users if user.id == user_id), None)
+

 def _init_header(
-    request: web.Request, addon: str
-) -> Union[CIMultiDict, dict[str, str]]:
+    request: web.Request, addon: Addon, session_data: IngressSessionData | None
+) -> CIMultiDict | dict[str, str]:
    """Create initial header."""
    headers = {}

+    if session_data is not None:
+        headers[HEADER_REMOTE_USER_ID] = session_data.user.id
+        if session_data.user.username is not None:
+            headers[HEADER_REMOTE_USER_NAME] = session_data.user.username
+        if session_data.user.display_name is not None:
+            headers[HEADER_REMOTE_USER_DISPLAY_NAME] = session_data.user.display_name
+
    # filter flags
    for name, value in request.headers.items():
        if name in (
@@ -234,6 +330,9 @@ def _init_header(
            hdrs.SEC_WEBSOCKET_KEY,
            istr(HEADER_TOKEN),
            istr(HEADER_TOKEN_OLD),
+            istr(HEADER_REMOTE_USER_ID),
+            istr(HEADER_REMOTE_USER_NAME),
+            istr(HEADER_REMOTE_USER_DISPLAY_NAME),
        ):
            continue
        headers[name] = value
--- a/supervisor/api/jobs.py
+++ b/supervisor/api/jobs.py
@@ -6,7 +6,9 @@ from aiohttp import web
 import voluptuous as vol

 from ..coresys import CoreSysAttributes
+from ..jobs import SupervisorJob
 from ..jobs.const import ATTR_IGNORE_CONDITIONS, JobCondition
+from .const import ATTR_JOBS
 from .utils import api_process, api_validate

 _LOGGER: logging.Logger = logging.getLogger(__name__)
@@ -19,11 +21,45 @@ SCHEMA_OPTIONS = vol.Schema(
 class APIJobs(CoreSysAttributes):
    """Handle RESTful API for OS functions."""

+    def _list_jobs(self) -> list[dict[str, Any]]:
+        """Return current job tree."""
+        jobs_by_parent: dict[str | None, list[SupervisorJob]] = {}
+        for job in self.sys_jobs.jobs:
+            if job.internal:
+                continue
+
+            if job.parent_id not in jobs_by_parent:
+                jobs_by_parent[job.parent_id] = [job]
+            else:
+                jobs_by_parent[job.parent_id].append(job)
+
+        job_list: list[dict[str, Any]] = []
+        queue: list[tuple[list[dict[str, Any]], SupervisorJob]] = [
+            (job_list, job) for job in jobs_by_parent.get(None, [])
+        ]
+
+        while queue:
+            (current_list, current_job) = queue.pop(0)
+            child_jobs: list[dict[str, Any]] = []
+
+            # We remove parent_id and instead use that info to represent jobs as a tree
+            job_dict = current_job.as_dict() | {"child_jobs": child_jobs}
+            job_dict.pop("parent_id")
+            current_list.append(job_dict)
+
+            if current_job.uuid in jobs_by_parent:
+                queue.extend(
+                    [(child_jobs, job) for job in jobs_by_parent.get(current_job.uuid)]
+                )
+
+        return job_list
+
    @api_process
    async def info(self, request: web.Request) -> dict[str, Any]:
        """Return JobManager information."""
        return {
            ATTR_IGNORE_CONDITIONS: self.sys_jobs.ignore_conditions,
+            ATTR_JOBS: self._list_jobs(),
        }

    @api_process
--- a/supervisor/api/middleware/security.py
+++ b/supervisor/api/middleware/security.py
@@ -1,10 +1,14 @@
 """Handle security part of this API."""
 import logging
 import re
+from typing import Final
+from urllib.parse import unquote

 from aiohttp.web import Request, RequestHandler, Response, middleware
-from aiohttp.web_exceptions import HTTPForbidden, HTTPUnauthorized
+from aiohttp.web_exceptions import HTTPBadRequest, HTTPForbidden, HTTPUnauthorized
+from awesomeversion import AwesomeVersion

+from ...addons.const import RE_SLUG
 from ...const import (
    REQUEST_FROM,
    ROLE_ADMIN,
@@ -15,14 +19,26 @@ from ...const import (
    CoreState,
 )
 from ...coresys import CoreSys, CoreSysAttributes
+from ...utils import version_is_new_enough
 from ..utils import api_return_error, excract_supervisor_token

 _LOGGER: logging.Logger = logging.getLogger(__name__)
+_CORE_VERSION: Final = AwesomeVersion("2023.3.4")

 # fmt: off

+_CORE_FRONTEND_PATHS: Final = (
+    r"|/app/.*\.(?:js|gz|json|map|woff2)"
+    r"|/(store/)?addons/" + RE_SLUG + r"/(logo|icon)"
+)
+
+CORE_FRONTEND: Final = re.compile(
+    r"^(?:" + _CORE_FRONTEND_PATHS + r")$"
+)
+
+
 # Block Anytime
-BLACKLIST = re.compile(
+BLACKLIST: Final = re.compile(
    r"^(?:"
    r"|/homeassistant/api/hassio/.*"
    r"|/core/api/hassio/.*"
@@ -30,25 +46,27 @@ BLACKLIST = re.compile(
 )

 # Free to call or have own security concepts
-NO_SECURITY_CHECK = re.compile(
+NO_SECURITY_CHECK: Final = re.compile(
    r"^(?:"
    r"|/homeassistant/api/.*"
    r"|/homeassistant/websocket"
    r"|/core/api/.*"
    r"|/core/websocket"
    r"|/supervisor/ping"
-    r")$"
+    r"|/ingress/[-_A-Za-z0-9]+/.*"
+    + _CORE_FRONTEND_PATHS
+    + r")$"
 )

 # Observer allow API calls
-OBSERVER_CHECK = re.compile(
+OBSERVER_CHECK: Final = re.compile(
    r"^(?:"
    r"|/.+/info"
    r")$"
 )

 # Can called by every add-on
-ADDONS_API_BYPASS = re.compile(
+ADDONS_API_BYPASS: Final = re.compile(
    r"^(?:"
    r"|/addons/self/(?!security|update)[^/]+"
    r"|/addons/self/options/config"
@@ -60,7 +78,7 @@ ADDONS_API_BYPASS = re.compile(
 )

 # Policy role add-on API access
-ADDONS_ROLE_ACCESS = {
+ADDONS_ROLE_ACCESS: dict[str, re.Pattern] = {
    ROLE_DEFAULT: re.compile(
        r"^(?:"
        r"|/.+/info"
@@ -82,7 +100,7 @@ ADDONS_ROLE_ACCESS = {
    ROLE_MANAGER: re.compile(
        r"^(?:"
        r"|/.+/info"
-        r"|/addons(?:/[^/]+/(?!security).+|/reload)?"
+        r"|/addons(?:/" + RE_SLUG + r"/(?!security).+|/reload)?"
        r"|/audio/.+"
        r"|/auth/cache"
        r"|/cli/.+"
@@ -111,6 +129,26 @@ ADDONS_ROLE_ACCESS = {
    ),
 }

+FILTERS: Final = re.compile(
+    r"(?:"
+
+    # Common exploits
+    r"proc/self/environ"
+    r"|(<|%3C).*script.*(>|%3E)"
+
+    # File Injections
+    r"|(\.\.//?)+"  # ../../anywhere
+    r"|[a-zA-Z0-9_]=/([a-z0-9_.]//?)+"  # .html?v=/.//test
+
+    # SQL Injections
+    r"|union.*select.*\("
+    r"|union.*all.*select.*"
+    r"|concat.*\("
+
+    r")",
+    flags=re.IGNORECASE,
+)
+
 # fmt: on


@@ -121,6 +159,32 @@ class SecurityMiddleware(CoreSysAttributes):
        """Initialize security middleware."""
        self.coresys: CoreSys = coresys

+    def _recursive_unquote(self, value: str) -> str:
+        """Handle values that are encoded multiple times."""
+        if (unquoted := unquote(value)) != value:
+            unquoted = self._recursive_unquote(unquoted)
+        return unquoted
+
+    @middleware
+    async def block_bad_requests(
+        self, request: Request, handler: RequestHandler
+    ) -> Response:
+        """Process request and tblock commonly known exploit attempts."""
+        if FILTERS.search(self._recursive_unquote(request.path)):
+            _LOGGER.warning(
+                "Filtered a potential harmful request to: %s", request.raw_path
+            )
+            raise HTTPBadRequest
+
+        if FILTERS.search(self._recursive_unquote(request.query_string)):
+            _LOGGER.warning(
+                "Filtered a request with a potential harmful query string: %s",
+                request.raw_path,
+            )
+            raise HTTPBadRequest
+
+        return await handler(request)
+
    @middleware
    async def system_validation(
        self, request: Request, handler: RequestHandler
@@ -132,7 +196,7 @@ class SecurityMiddleware(CoreSysAttributes):
            CoreState.FREEZE,
        ):
            return api_return_error(
-                message=f"System is not ready with state: {self.sys_core.state.value}"
+                message=f"System is not ready with state: {self.sys_core.state}"
            )

        return await handler(request)
@@ -153,6 +217,7 @@ class SecurityMiddleware(CoreSysAttributes):
        # Ignore security check
        if NO_SECURITY_CHECK.match(request.path):
            _LOGGER.debug("Passthrough %s", request.path)
+            request[REQUEST_FROM] = None
            return await handler(request)

        # Not token
@@ -205,3 +270,44 @@ class SecurityMiddleware(CoreSysAttributes):

        _LOGGER.error("Invalid token for access %s", request.path)
        raise HTTPForbidden()
+
+    @middleware
+    async def core_proxy(self, request: Request, handler: RequestHandler) -> Response:
+        """Validate user from Core API proxy."""
+        if request[REQUEST_FROM] != self.sys_homeassistant or version_is_new_enough(
+            self.sys_homeassistant.version, _CORE_VERSION
+        ):
+            return await handler(request)
+
+        authorization_index: int | None = None
+        content_type_index: int | None = None
+        user_request: bool = False
+        admin_request: bool = False
+        ingress_request: bool = False
+
+        for idx, (key, value) in enumerate(request.raw_headers):
+            if key in (b"Authorization", b"X-Hassio-Key"):
+                authorization_index = idx
+            elif key == b"Content-Type":
+                content_type_index = idx
+            elif key == b"X-Hass-User-ID":
+                user_request = True
+            elif key == b"X-Hass-Is-Admin":
+                admin_request = value == b"1"
+            elif key == b"X-Ingress-Path":
+                ingress_request = True
+
+        if (user_request or admin_request) and not ingress_request:
+            return await handler(request)
+
+        is_proxy_request = (
+            authorization_index is not None
+            and content_type_index is not None
+            and content_type_index - authorization_index == 1
+        )
+
+        if (
+            not CORE_FRONTEND.match(request.path) and is_proxy_request
+        ) or ingress_request:
+            raise HTTPBadRequest()
+        return await handler(request)
--- a/supervisor/api/mounts.py
+++ b/supervisor/api/mounts.py
@@ -0,0 +1,124 @@
+"""Inits file for supervisor mounts REST API."""
+
+from typing import Any
+
+from aiohttp import web
+import voluptuous as vol
+
+from ..const import ATTR_NAME, ATTR_STATE
+from ..coresys import CoreSysAttributes
+from ..exceptions import APIError
+from ..mounts.const import ATTR_DEFAULT_BACKUP_MOUNT, MountUsage
+from ..mounts.mount import Mount
+from ..mounts.validate import SCHEMA_MOUNT_CONFIG
+from .const import ATTR_MOUNTS
+from .utils import api_process, api_validate
+
+SCHEMA_OPTIONS = vol.Schema(
+    {
+        vol.Optional(ATTR_DEFAULT_BACKUP_MOUNT): vol.Maybe(str),
+    }
+)
+
+
+class APIMounts(CoreSysAttributes):
+    """Handle REST API for mounting options."""
+
+    @api_process
+    async def info(self, request: web.Request) -> dict[str, Any]:
+        """Return MountManager info."""
+        return {
+            ATTR_DEFAULT_BACKUP_MOUNT: self.sys_mounts.default_backup_mount.name
+            if self.sys_mounts.default_backup_mount
+            else None,
+            ATTR_MOUNTS: [
+                mount.to_dict() | {ATTR_STATE: mount.state}
+                for mount in self.sys_mounts.mounts
+            ],
+        }
+
+    @api_process
+    async def options(self, request: web.Request) -> None:
+        """Set Mount Manager options."""
+        body = await api_validate(SCHEMA_OPTIONS, request)
+
+        if ATTR_DEFAULT_BACKUP_MOUNT in body:
+            name: str | None = body[ATTR_DEFAULT_BACKUP_MOUNT]
+            if name is None:
+                self.sys_mounts.default_backup_mount = None
+            elif (mount := self.sys_mounts.get(name)).usage != MountUsage.BACKUP:
+                raise APIError(
+                    f"Mount {name} is not used for backups, cannot use it as default backup mount"
+                )
+            else:
+                self.sys_mounts.default_backup_mount = mount
+
+        self.sys_mounts.save_data()
+
+    @api_process
+    async def create_mount(self, request: web.Request) -> None:
+        """Create a new mount in supervisor."""
+        body = await api_validate(SCHEMA_MOUNT_CONFIG, request)
+
+        if body[ATTR_NAME] in self.sys_mounts:
+            raise APIError(f"A mount already exists with name {body[ATTR_NAME]}")
+
+        mount = Mount.from_dict(self.coresys, body)
+        await self.sys_mounts.create_mount(mount)
+
+        # If it's a backup mount, reload backups
+        if mount.usage == MountUsage.BACKUP:
+            self.sys_create_task(self.sys_backups.reload())
+
+            # If there's no default backup mount, set it to the new mount
+            if not self.sys_mounts.default_backup_mount:
+                self.sys_mounts.default_backup_mount = mount
+
+        self.sys_mounts.save_data()
+
+    @api_process
+    async def update_mount(self, request: web.Request) -> None:
+        """Update an existing mount in supervisor."""
+        name = request.match_info.get("mount")
+        name_schema = vol.Schema(
+            {vol.Optional(ATTR_NAME, default=name): name}, extra=vol.ALLOW_EXTRA
+        )
+        body = await api_validate(vol.All(name_schema, SCHEMA_MOUNT_CONFIG), request)
+
+        if name not in self.sys_mounts:
+            raise APIError(f"No mount exists with name {name}")
+
+        mount = Mount.from_dict(self.coresys, body)
+        await self.sys_mounts.create_mount(mount)
+
+        # If it's a backup mount, reload backups
+        if mount.usage == MountUsage.BACKUP:
+            self.sys_create_task(self.sys_backups.reload())
+
+        # If this mount was the default backup mount and isn't for backups any more, remove it
+        elif self.sys_mounts.default_backup_mount == mount:
+            self.sys_mounts.default_backup_mount = None
+
+        self.sys_mounts.save_data()
+
+    @api_process
+    async def delete_mount(self, request: web.Request) -> None:
+        """Delete an existing mount in supervisor."""
+        name = request.match_info.get("mount")
+        mount = await self.sys_mounts.remove_mount(name)
+
+        # If it was a backup mount, reload backups
+        if mount.usage == MountUsage.BACKUP:
+            self.sys_create_task(self.sys_backups.reload())
+
+        self.sys_mounts.save_data()
+
+    @api_process
+    async def reload_mount(self, request: web.Request) -> None:
+        """Reload an existing mount in supervisor."""
+        name = request.match_info.get("mount")
+        await self.sys_mounts.reload_mount(name)
+
+        # If it's a backup mount, reload backups
+        if self.sys_mounts.get(name).usage == MountUsage.BACKUP:
+            self.sys_create_task(self.sys_backups.reload())
--- a/supervisor/api/multicast.py
+++ b/supervisor/api/multicast.py
@@ -1,7 +1,8 @@
 """Init file for Supervisor Multicast RESTful API."""
 import asyncio
+from collections.abc import Awaitable
 import logging
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
 import voluptuous as vol
--- a/supervisor/api/network.py
+++ b/supervisor/api/network.py
@@ -1,10 +1,11 @@
 """REST API for network."""
 import asyncio
+from collections.abc import Awaitable
+from dataclasses import replace
 from ipaddress import ip_address, ip_interface
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
-import attr
 import voluptuous as vol

 from ..const import (
@@ -30,6 +31,7 @@ from ..const import (
    ATTR_PARENT,
    ATTR_PRIMARY,
    ATTR_PSK,
+    ATTR_READY,
    ATTR_SIGNAL,
    ATTR_SSID,
    ATTR_SUPERVISOR_INTERNET,
@@ -41,8 +43,7 @@ from ..const import (
 )
 from ..coresys import CoreSysAttributes
 from ..exceptions import APIError, HostNetworkNotFound
-from ..host.const import AuthMethod, InterfaceType, WifiMode
-from ..host.network import (
+from ..host.configuration import (
    AccessPoint,
    Interface,
    InterfaceMethod,
@@ -50,6 +51,7 @@ from ..host.network import (
    VlanConfig,
    WifiConfig,
 )
+from ..host.const import AuthMethod, InterfaceType, WifiMode
 from .utils import api_process, api_validate

 _SCHEMA_IP_CONFIG = vol.Schema(
@@ -89,6 +91,7 @@ def ipconfig_struct(config: IpConfig) -> dict[str, Any]:
        ATTR_ADDRESS: [address.with_prefixlen for address in config.address],
        ATTR_NAMESERVERS: [str(address) for address in config.nameservers],
        ATTR_GATEWAY: str(config.gateway) if config.gateway else None,
+        ATTR_READY: config.ready,
    }


@@ -118,6 +121,7 @@ def interface_struct(interface: Interface) -> dict[str, Any]:
        ATTR_ENABLED: interface.enabled,
        ATTR_CONNECTED: interface.connected,
        ATTR_PRIMARY: interface.primary,
+        ATTR_MAC: interface.mac,
        ATTR_IPV4: ipconfig_struct(interface.ipv4) if interface.ipv4 else None,
        ATTR_IPV6: ipconfig_struct(interface.ipv6) if interface.ipv6 else None,
        ATTR_WIFI: wifi_struct(interface.wifi) if interface.wifi else None,
@@ -193,17 +197,19 @@ class APINetwork(CoreSysAttributes):
        # Apply config
        for key, config in body.items():
            if key == ATTR_IPV4:
-                interface.ipv4 = attr.evolve(
-                    interface.ipv4 or IpConfig(InterfaceMethod.STATIC, [], None, []),
+                interface.ipv4 = replace(
+                    interface.ipv4
+                    or IpConfig(InterfaceMethod.STATIC, [], None, [], None),
                    **config,
                )
            elif key == ATTR_IPV6:
-                interface.ipv6 = attr.evolve(
-                    interface.ipv6 or IpConfig(InterfaceMethod.STATIC, [], None, []),
+                interface.ipv6 = replace(
+                    interface.ipv6
+                    or IpConfig(InterfaceMethod.STATIC, [], None, [], None),
                    **config,
                )
            elif key == ATTR_WIFI:
-                interface.wifi = attr.evolve(
+                interface.wifi = replace(
                    interface.wifi
                    or WifiConfig(
                        WifiMode.INFRASTRUCTURE, "", AuthMethod.OPEN, None, None
@@ -218,7 +224,9 @@ class APINetwork(CoreSysAttributes):
    @api_process
    def reload(self, request: web.Request) -> Awaitable[None]:
        """Reload network data."""
-        return asyncio.shield(self.sys_host.network.update())
+        return asyncio.shield(
+            self.sys_host.network.update(force_connectivity_check=True)
+        )

    @api_process
    async def scan_accesspoints(self, request: web.Request) -> dict[str, Any]:
@@ -255,6 +263,7 @@ class APINetwork(CoreSysAttributes):
                body[ATTR_IPV4].get(ATTR_ADDRESS, []),
                body[ATTR_IPV4].get(ATTR_GATEWAY, None),
                body[ATTR_IPV4].get(ATTR_NAMESERVERS, []),
+                None,
            )

        ipv6_config = None
@@ -264,9 +273,12 @@ class APINetwork(CoreSysAttributes):
                body[ATTR_IPV6].get(ATTR_ADDRESS, []),
                body[ATTR_IPV6].get(ATTR_GATEWAY, None),
                body[ATTR_IPV6].get(ATTR_NAMESERVERS, []),
+                None,
            )

        vlan_interface = Interface(
+            "",
+            "",
            "",
            True,
            True,
--- a/supervisor/api/os.py
+++ b/supervisor/api/os.py
@@ -1,29 +1,64 @@
 """Init file for Supervisor HassOS RESTful API."""
 import asyncio
+from collections.abc import Awaitable
 import logging
-from pathlib import Path
-from typing import Any, Awaitable
+from typing import Any

 from aiohttp import web
 import voluptuous as vol

 from ..const import (
+    ATTR_ACTIVITY_LED,
    ATTR_BOARD,
    ATTR_BOOT,
    ATTR_DEVICES,
+    ATTR_DISK_LED,
+    ATTR_HEARTBEAT_LED,
+    ATTR_ID,
+    ATTR_NAME,
+    ATTR_POWER_LED,
+    ATTR_SERIAL,
+    ATTR_SIZE,
    ATTR_UPDATE_AVAILABLE,
    ATTR_VERSION,
    ATTR_VERSION_LATEST,
 )
 from ..coresys import CoreSysAttributes
+from ..exceptions import BoardInvalidError
+from ..resolution.const import ContextType, IssueType, SuggestionType
 from ..validate import version_tag
-from .const import ATTR_DATA_DISK, ATTR_DEVICE
+from .const import (
+    ATTR_DATA_DISK,
+    ATTR_DEV_PATH,
+    ATTR_DEVICE,
+    ATTR_DISKS,
+    ATTR_MODEL,
+    ATTR_SYSTEM_HEALTH_LED,
+    ATTR_VENDOR,
+)
 from .utils import api_process, api_validate

 _LOGGER: logging.Logger = logging.getLogger(__name__)

+# pylint: disable=no-value-for-parameter
 SCHEMA_VERSION = vol.Schema({vol.Optional(ATTR_VERSION): version_tag})
-SCHEMA_DISK = vol.Schema({vol.Required(ATTR_DEVICE): vol.All(str, vol.Coerce(Path))})
+SCHEMA_DISK = vol.Schema({vol.Required(ATTR_DEVICE): str})
+
+SCHEMA_YELLOW_OPTIONS = vol.Schema(
+    {
+        vol.Optional(ATTR_DISK_LED): vol.Boolean(),
+        vol.Optional(ATTR_HEARTBEAT_LED): vol.Boolean(),
+        vol.Optional(ATTR_POWER_LED): vol.Boolean(),
+    }
+)
+SCHEMA_GREEN_OPTIONS = vol.Schema(
+    {
+        vol.Optional(ATTR_ACTIVITY_LED): vol.Boolean(),
+        vol.Optional(ATTR_POWER_LED): vol.Boolean(),
+        vol.Optional(ATTR_SYSTEM_HEALTH_LED): vol.Boolean(),
+    }
+)
+# pylint: enable=no-value-for-parameter


 class APIOS(CoreSysAttributes):
@@ -38,7 +73,7 @@ class APIOS(CoreSysAttributes):
            ATTR_UPDATE_AVAILABLE: self.sys_os.need_update,
            ATTR_BOARD: self.sys_os.board,
            ATTR_BOOT: self.sys_dbus.rauc.boot_slot,
-            ATTR_DATA_DISK: self.sys_os.datadisk.disk_used,
+            ATTR_DATA_DISK: self.sys_os.datadisk.disk_used_id,
        }

    @api_process
@@ -65,5 +100,82 @@ class APIOS(CoreSysAttributes):
    async def list_data(self, request: web.Request) -> dict[str, Any]:
        """Return possible data targets."""
        return {
-            ATTR_DEVICES: self.sys_os.datadisk.available_disks,
+            ATTR_DEVICES: [disk.id for disk in self.sys_os.datadisk.available_disks],
+            ATTR_DISKS: [
+                {
+                    ATTR_NAME: disk.name,
+                    ATTR_VENDOR: disk.vendor,
+                    ATTR_MODEL: disk.model,
+                    ATTR_SERIAL: disk.serial,
+                    ATTR_SIZE: disk.size,
+                    ATTR_ID: disk.id,
+                    ATTR_DEV_PATH: disk.device_path.as_posix(),
+                }
+                for disk in self.sys_os.datadisk.available_disks
+            ],
        }
+
+    @api_process
+    async def boards_green_info(self, request: web.Request) -> dict[str, Any]:
+        """Get green board settings."""
+        return {
+            ATTR_ACTIVITY_LED: self.sys_dbus.agent.board.green.activity_led,
+            ATTR_POWER_LED: self.sys_dbus.agent.board.green.power_led,
+            ATTR_SYSTEM_HEALTH_LED: self.sys_dbus.agent.board.green.user_led,
+        }
+
+    @api_process
+    async def boards_green_options(self, request: web.Request) -> None:
+        """Update green board settings."""
+        body = await api_validate(SCHEMA_GREEN_OPTIONS, request)
+
+        if ATTR_ACTIVITY_LED in body:
+            self.sys_dbus.agent.board.green.activity_led = body[ATTR_ACTIVITY_LED]
+
+        if ATTR_POWER_LED in body:
+            self.sys_dbus.agent.board.green.power_led = body[ATTR_POWER_LED]
+
+        if ATTR_SYSTEM_HEALTH_LED in body:
+            self.sys_dbus.agent.board.green.user_led = body[ATTR_SYSTEM_HEALTH_LED]
+
+        self.sys_dbus.agent.board.green.save_data()
+
+    @api_process
+    async def boards_yellow_info(self, request: web.Request) -> dict[str, Any]:
+        """Get yellow board settings."""
+        return {
+            ATTR_DISK_LED: self.sys_dbus.agent.board.yellow.disk_led,
+            ATTR_HEARTBEAT_LED: self.sys_dbus.agent.board.yellow.heartbeat_led,
+            ATTR_POWER_LED: self.sys_dbus.agent.board.yellow.power_led,
+        }
+
+    @api_process
+    async def boards_yellow_options(self, request: web.Request) -> None:
+        """Update yellow board settings."""
+        body = await api_validate(SCHEMA_YELLOW_OPTIONS, request)
+
+        if ATTR_DISK_LED in body:
+            self.sys_dbus.agent.board.yellow.disk_led = body[ATTR_DISK_LED]
+
+        if ATTR_HEARTBEAT_LED in body:
+            self.sys_dbus.agent.board.yellow.heartbeat_led = body[ATTR_HEARTBEAT_LED]
+
+        if ATTR_POWER_LED in body:
+            self.sys_dbus.agent.board.yellow.power_led = body[ATTR_POWER_LED]
+
+        self.sys_dbus.agent.board.yellow.save_data()
+        self.sys_resolution.create_issue(
+            IssueType.REBOOT_REQUIRED,
+            ContextType.SYSTEM,
+            suggestions=[SuggestionType.EXECUTE_REBOOT],
+        )
+
+    @api_process
+    async def boards_other_info(self, request: web.Request) -> dict[str, Any]:
+        """Empty success return if board is in use, error otherwise."""
+        if request.match_info["board"] != self.sys_os.board:
+            raise BoardInvalidError(
+                f"{request.match_info['board']} board is not in use", _LOGGER.error
+            )
+
+        return {}
--- a/supervisor/api/panel/entrypoint.js
+++ b/supervisor/api/panel/entrypoint.js
@@ -1,16 +1 @@
-
-function loadES5() {
-  var el = document.createElement('script');
-  el.src = '/api/hassio/app/frontend_es5/entrypoint.f8f83860.js';
-  document.body.appendChild(el);
-}
-if (/.*Version\/(?:11|12)(?:\.\d+)*.*Safari\//.test(navigator.userAgent)) {
-    loadES5();
-} else {
-  try {
-    new Function("import('/api/hassio/app/frontend_latest/entrypoint.b6cf778b.js')")();
-  } catch (err) {
-    loadES5();
-  }
-}
-  
+!function(){function n(n){var t=document.createElement("script");t.src=n,document.body.appendChild(t)}if(/.*Version\/(?:11|12)(?:\.\d+)*.*Safari\//.test(navigator.userAgent))n("/api/hassio/app/frontend_es5/entrypoint-5yRSddAJzJ4.js");else try{new Function("import('/api/hassio/app/frontend_latest/entrypoint-qzB1D0O4L9U.js')")()}catch(t){n("/api/hassio/app/frontend_es5/entrypoint-5yRSddAJzJ4.js")}}()
--- a/supervisor/api/panel/entrypoint.js.gz
+++ b/supervisor/api/panel/entrypoint.js.gz
--- a/supervisor/api/panel/frontend_es5/0c8a1a3d.js
+++ b/supervisor/api/panel/frontend_es5/0c8a1a3d.js
--- a/supervisor/api/panel/frontend_es5/0c8a1a3d.js.gz
+++ b/supervisor/api/panel/frontend_es5/0c8a1a3d.js.gz
--- a/supervisor/api/panel/frontend_es5/0d47fc56.js
+++ b/supervisor/api/panel/frontend_es5/0d47fc56.js
@@ -1 +0,0 @@
-!function(){"use strict";var t,n,e={14971:function(t,n,e){var r,i,o=e(93217),u=e(69330),a=(e(58556),e(62173)),c=function(t,n,e){if("input"===t){if("type"===n&&"checkbox"===e||"checked"===n||"disabled"===n)return;return""}},f={renderMarkdown:function(t,n){var e,o=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return r||(r=Object.assign({},(0,a.getDefaultWhiteList)(),{input:["type","disabled","checked"],"ha-icon":["icon"],"ha-svg-icon":["path"],"ha-alert":["alert-type","title"]})),o.allowSvg?(i||(i=Object.assign({},r,{svg:["xmlns","height","width"],path:["transform","stroke","d"],img:["src"]})),e=i):e=r,(0,a.filterXSS)((0,u.TU)(t,n),{whiteList:e,onTagAttr:c})}};(0,o.Jj)(f)}},r={};function i(t){var n=r[t];if(void 0!==n)return n.exports;var o=r[t]={exports:{}};return e[t](o,o.exports,i),o.exports}i.m=e,i.x=function(){var t=i.O(void 0,[191,752],(function(){return i(14971)}));return t=i.O(t)},t=[],i.O=function(n,e,r,o){if(!e){var u=1/0;for(s=0;s<t.length;s++){e=t[s][0],r=t[s][1],o=t[s][2];for(var a=!0,c=0;c<e.length;c++)(!1&o||u>=o)&&Object.keys(i.O).every((function(t){return i.O[t](e[c])}))?e.splice(c--,1):(a=!1,o<u&&(u=o));if(a){t.splice(s--,1);var f=r();void 0!==f&&(n=f)}}return n}o=o||0;for(var s=t.length;s>0&&t[s-1][2]>o;s--)t[s]=t[s-1];t[s]=[e,r,o]},i.n=function(t){var n=t&&t.__esModule?function(){return t.default}:function(){return t};return i.d(n,{a:n}),n},i.d=function(t,n){for(var e in n)i.o(n,e)&&!i.o(t,e)&&Object.defineProperty(t,e,{enumerable:!0,get:n[e]})},i.f={},i.e=function(t){return Promise.all(Object.keys(i.f).reduce((function(n,e){return i.f[e](t,n),n}),[]))},i.u=function(t){return{191:"2dbdaab4",752:"829db8ac"}[t]+".js"},i.o=function(t,n){return Object.prototype.hasOwnProperty.call(t,n)},i.p="/api/hassio/app/frontend_es5/",function(){var t={971:1};i.f.i=function(n,e){t[n]||importScripts(i.p+i.u(n))};var n=self.webpackChunkhome_assistant_frontend=self.webpackChunkhome_assistant_frontend||[],e=n.push.bind(n);n.push=function(n){var r=n[0],o=n[1],u=n[2];for(var a in o)i.o(o,a)&&(i.m[a]=o[a]);for(u&&u(i);r.length;)t[r.pop()]=1;e(n)}}(),n=i.x,i.x=function(){return Promise.all([i.e(191),i.e(752)]).then(n)};i.x()}();
--- a/supervisor/api/panel/frontend_es5/0d47fc56.js.gz
+++ b/supervisor/api/panel/frontend_es5/0d47fc56.js.gz
--- a/supervisor/api/panel/frontend_es5/0eda85ff.js
+++ b/supervisor/api/panel/frontend_es5/0eda85ff.js
--- a/supervisor/api/panel/frontend_es5/0eda85ff.js.gz
+++ b/supervisor/api/panel/frontend_es5/0eda85ff.js.gz
--- a/supervisor/api/panel/frontend_es5/0ef95294.js
+++ b/supervisor/api/panel/frontend_es5/0ef95294.js
--- a/supervisor/api/panel/frontend_es5/0ef95294.js.LICENSE.txt
+++ b/supervisor/api/panel/frontend_es5/0ef95294.js.LICENSE.txt
@@ -1,14 +0,0 @@
-/*! *****************************************************************************
-Copyright (c) Microsoft Corporation. All rights reserved.
-Licensed under the Apache License, Version 2.0 (the "License"); you may not use
-this file except in compliance with the License. You may obtain a copy of the
-License at http://www.apache.org/licenses/LICENSE-2.0
-
-THIS CODE IS PROVIDED ON AN *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED
-WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE,
-MERCHANTABLITY OR NON-INFRINGEMENT.
-
-See the Apache Version 2.0 License for specific language governing permissions
-and limitations under the License.
-***************************************************************************** */
--- a/supervisor/api/panel/frontend_es5/0ef95294.js.gz
+++ b/supervisor/api/panel/frontend_es5/0ef95294.js.gz
--- a/supervisor/api/panel/frontend_es5/0f16c741.js
+++ b/supervisor/api/panel/frontend_es5/0f16c741.js
--- a/supervisor/api/panel/frontend_es5/0f16c741.js.gz
+++ b/supervisor/api/panel/frontend_es5/0f16c741.js.gz
--- a/supervisor/api/panel/frontend_es5/1036-G1AUvfK_ULU.js
+++ b/supervisor/api/panel/frontend_es5/1036-G1AUvfK_ULU.js
--- a/supervisor/api/panel/frontend_es5/1036-G1AUvfK_ULU.js.gz
+++ b/supervisor/api/panel/frontend_es5/1036-G1AUvfK_ULU.js.gz
--- a/supervisor/api/panel/frontend_es5/1036-G1AUvfK_ULU.js.map
+++ b/supervisor/api/panel/frontend_es5/1036-G1AUvfK_ULU.js.map
--- a/supervisor/api/panel/frontend_es5/1047-g7fFLS9eP4I.js
+++ b/supervisor/api/panel/frontend_es5/1047-g7fFLS9eP4I.js
@@ -0,0 +1,2 @@
+"use strict";(self.webpackChunkhome_assistant_frontend=self.webpackChunkhome_assistant_frontend||[]).push([[1047],{32594:function(e,t,r){r.d(t,{U:function(){return n}});var n=function(e){return e.stopPropagation()}},75054:function(e,t,r){r.r(t),r.d(t,{HaTimeDuration:function(){return f}});var n,a=r(88962),i=r(33368),o=r(71650),d=r(82390),u=r(69205),l=r(70906),s=r(91808),c=r(68144),v=r(79932),f=(r(47289),(0,s.Z)([(0,v.Mo)("ha-selector-duration")],(function(e,t){var r=function(t){(0,u.Z)(n,t);var r=(0,l.Z)(n);function n(){var t;(0,o.Z)(this,n);for(var a=arguments.length,i=new Array(a),u=0;u<a;u++)i[u]=arguments[u];return t=r.call.apply(r,[this].concat(i)),e((0,d.Z)(t)),t}return(0,i.Z)(n)}(t);return{F:r,d:[{kind:"field",decorators:[(0,v.Cb)({attribute:!1})],key:"hass",value:void 0},{kind:"field",decorators:[(0,v.Cb)({attribute:!1})],key:"selector",value:void 0},{kind:"field",decorators:[(0,v.Cb)({attribute:!1})],key:"value",value:void 0},{kind:"field",decorators:[(0,v.Cb)()],key:"label",value:void 0},{kind:"field",decorators:[(0,v.Cb)()],key:"helper",value:void 0},{kind:"field",decorators:[(0,v.Cb)({type:Boolean})],key:"disabled",value:function(){return!1}},{kind:"field",decorators:[(0,v.Cb)({type:Boolean})],key:"required",value:function(){return!0}},{kind:"method",key:"render",value:function(){var e;return(0,c.dy)(n||(n=(0,a.Z)([' <ha-duration-input .label="','" .helper="','" .data="','" .disabled="','" .required="','" ?enableDay="','"></ha-duration-input> '])),this.label,this.helper,this.value,this.disabled,this.required,null===(e=this.selector.duration)||void 0===e?void 0:e.enable_day)}}]}}),c.oi))}}]);
+//# sourceMappingURL=1047-g7fFLS9eP4I.js.map
--- a/supervisor/api/panel/frontend_es5/1047-g7fFLS9eP4I.js.gz
+++ b/supervisor/api/panel/frontend_es5/1047-g7fFLS9eP4I.js.gz
--- a/supervisor/api/panel/frontend_es5/1047-g7fFLS9eP4I.js.map
+++ b/supervisor/api/panel/frontend_es5/1047-g7fFLS9eP4I.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"1047-g7fFLS9eP4I.js","mappings":"yKAAO,IAAMA,EAAkB,SAACC,GAAE,OAAKA,EAAGD,iBAAiB,C,qLCQ9CE,G,UAAcC,EAAAA,EAAAA,GAAA,EAD1BC,EAAAA,EAAAA,IAAc,0BAAuB,SAAAC,EAAAC,GAAA,IACzBJ,EAAc,SAAAK,IAAAC,EAAAA,EAAAA,GAAAN,EAAAK,GAAA,IAAAE,GAAAC,EAAAA,EAAAA,GAAAR,GAAA,SAAAA,IAAA,IAAAS,GAAAC,EAAAA,EAAAA,GAAA,KAAAV,GAAA,QAAAW,EAAAC,UAAAC,OAAAC,EAAA,IAAAC,MAAAJ,GAAAK,EAAA,EAAAA,EAAAL,EAAAK,IAAAF,EAAAE,GAAAJ,UAAAI,GAAA,OAAAP,EAAAF,EAAAU,KAAAC,MAAAX,EAAA,OAAAY,OAAAL,IAAAX,GAAAiB,EAAAA,EAAAA,GAAAX,IAAAA,CAAA,QAAAY,EAAAA,EAAAA,GAAArB,EAAA,EAAAI,GAAA,OAAAkB,EAAdtB,EAAcuB,EAAA,EAAAC,KAAA,QAAAC,WAAA,EACxBC,EAAAA,EAAAA,IAAS,CAAEC,WAAW,KAAQC,IAAA,OAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAE9BC,EAAAA,EAAAA,IAAS,CAAEC,WAAW,KAAQC,IAAA,WAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAE9BC,EAAAA,EAAAA,IAAS,CAAEC,WAAW,KAAQC,IAAA,QAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAE9BC,EAAAA,EAAAA,OAAUE,IAAA,QAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAEVC,EAAAA,EAAAA,OAAUE,IAAA,SAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAEVC,EAAAA,EAAAA,IAAS,CAAEI,KAAMC,WAAUH,IAAA,WAAAC,MAAA,kBAAmB,CAAK,IAAAL,KAAA,QAAAC,WAAA,EAEnDC,EAAAA,EAAAA,IAAS,CAAEI,KAAMC,WAAUH,IAAA,WAAAC,MAAA,kBAAmB,CAAI,IAAAL,KAAA,SAAAI,IAAA,SAAAC,MAEnD,WAAmB,IAAAG,EACjB,OAAOC,EAAAA,EAAAA,IAAIC,IAAAA,GAAAC,EAAAA,EAAAA,GAAA,wIAEEC,KAAKC,MACJD,KAAKE,OACPF,KAAKP,MACDO,KAAKG,SACLH,KAAKI,SACkB,QADVR,EACZI,KAAKK,SAASC,gBAAQ,IAAAV,OAAA,EAAtBA,EAAwBW,WAG3C,IAAC,GA1BiCC,EAAAA,I","sources":["https://raw.githubusercontent.com/home-assistant/frontend/20230703.0/src/common/dom/stop_propagation.ts","https://raw.githubusercontent.com/home-assistant/frontend/20230703.0/src/components/ha-selector/ha-selector-duration.ts"],"names":["stopPropagation","ev","HaTimeDuration","_decorate","customElement","_initialize","_LitElement","_LitElement2","_inherits","_super","_createSuper","_this","_classCallCheck","_len","arguments","length","args","Array","_key","call","apply","concat","_assertThisInitialized","_createClass","F","d","kind","decorators","property","attribute","key","value","type","Boolean","_this$selector$durati","html","_templateObject","_taggedTemplateLiteral","this","label","helper","disabled","required","selector","duration","enable_day","LitElement"],"sourceRoot":""}
--- a/supervisor/api/panel/frontend_es5/1074-djfpWNdWsA8.js
+++ b/supervisor/api/panel/frontend_es5/1074-djfpWNdWsA8.js
--- a/supervisor/api/panel/frontend_es5/1074-djfpWNdWsA8.js.gz
+++ b/supervisor/api/panel/frontend_es5/1074-djfpWNdWsA8.js.gz
--- a/supervisor/api/panel/frontend_es5/1074-djfpWNdWsA8.js.map
+++ b/supervisor/api/panel/frontend_es5/1074-djfpWNdWsA8.js.map
--- a/supervisor/api/panel/frontend_es5/1116-xNyDWQHsExg.js
+++ b/supervisor/api/panel/frontend_es5/1116-xNyDWQHsExg.js
--- a/supervisor/api/panel/frontend_es5/1116-xNyDWQHsExg.js.gz
+++ b/supervisor/api/panel/frontend_es5/1116-xNyDWQHsExg.js.gz
--- a/supervisor/api/panel/frontend_es5/1116-xNyDWQHsExg.js.map
+++ b/supervisor/api/panel/frontend_es5/1116-xNyDWQHsExg.js.map
--- a/supervisor/api/panel/frontend_es5/11665104.js
+++ b/supervisor/api/panel/frontend_es5/11665104.js
--- a/supervisor/api/panel/frontend_es5/11665104.js.gz
+++ b/supervisor/api/panel/frontend_es5/11665104.js.gz
--- a/supervisor/api/panel/frontend_es5/1193--qnpEuA6qSY.js
+++ b/supervisor/api/panel/frontend_es5/1193--qnpEuA6qSY.js
--- a/supervisor/api/panel/frontend_es5/1193--qnpEuA6qSY.js.gz
+++ b/supervisor/api/panel/frontend_es5/1193--qnpEuA6qSY.js.gz
--- a/supervisor/api/panel/frontend_es5/1193--qnpEuA6qSY.js.map
+++ b/supervisor/api/panel/frontend_es5/1193--qnpEuA6qSY.js.map
--- a/supervisor/api/panel/frontend_es5/1265-yCkoy0FMl6o.js
+++ b/supervisor/api/panel/frontend_es5/1265-yCkoy0FMl6o.js
--- a/supervisor/api/panel/frontend_es5/1265-yCkoy0FMl6o.js.gz
+++ b/supervisor/api/panel/frontend_es5/1265-yCkoy0FMl6o.js.gz
--- a/supervisor/api/panel/frontend_es5/1265-yCkoy0FMl6o.js.map
+++ b/supervisor/api/panel/frontend_es5/1265-yCkoy0FMl6o.js.map
--- a/supervisor/api/panel/frontend_es5/1281-On4tZThCfZs.js
+++ b/supervisor/api/panel/frontend_es5/1281-On4tZThCfZs.js
--- a/supervisor/api/panel/frontend_es5/1281-On4tZThCfZs.js.gz
+++ b/supervisor/api/panel/frontend_es5/1281-On4tZThCfZs.js.gz
--- a/supervisor/api/panel/frontend_es5/1281-On4tZThCfZs.js.map
+++ b/supervisor/api/panel/frontend_es5/1281-On4tZThCfZs.js.map
--- a/supervisor/api/panel/frontend_es5/1402-6WKUruvoXtM.js
+++ b/supervisor/api/panel/frontend_es5/1402-6WKUruvoXtM.js
@@ -0,0 +1,2 @@
+!function(){"use strict";var n,t,e={14595:function(n,t,e){e(58556);var r,i,o=e(93217),u=e(422),a=e(62173),s=function(n,t,e){if("input"===n){if("type"===t&&"checkbox"===e||"checked"===t||"disabled"===t)return;return""}},c={renderMarkdown:function(n,t){var e,o=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return r||(r=Object.assign(Object.assign({},(0,a.getDefaultWhiteList)()),{},{input:["type","disabled","checked"],"ha-icon":["icon"],"ha-svg-icon":["path"],"ha-alert":["alert-type","title"]})),o.allowSvg?(i||(i=Object.assign(Object.assign({},r),{},{svg:["xmlns","height","width"],path:["transform","stroke","d"],img:["src"]})),e=i):e=r,(0,a.filterXSS)((0,u.TU)(n,t),{whiteList:e,onTagAttr:s})}};(0,o.Jj)(c)}},r={};function i(n){var t=r[n];if(void 0!==t)return t.exports;var o=r[n]={exports:{}};return e[n](o,o.exports,i),o.exports}i.m=e,i.x=function(){var n=i.O(void 0,[9191,215],(function(){return i(14595)}));return n=i.O(n)},n=[],i.O=function(t,e,r,o){if(!e){var u=1/0;for(f=0;f<n.length;f++){e=n[f][0],r=n[f][1],o=n[f][2];for(var a=!0,s=0;s<e.length;s++)(!1&o||u>=o)&&Object.keys(i.O).every((function(n){return i.O[n](e[s])}))?e.splice(s--,1):(a=!1,o<u&&(u=o));if(a){n.splice(f--,1);var c=r();void 0!==c&&(t=c)}}return t}o=o||0;for(var f=n.length;f>0&&n[f-1][2]>o;f--)n[f]=n[f-1];n[f]=[e,r,o]},i.n=function(n){var t=n&&n.__esModule?function(){return n.default}:function(){return n};return i.d(t,{a:t}),t},i.d=function(n,t){for(var e in t)i.o(t,e)&&!i.o(n,e)&&Object.defineProperty(n,e,{enumerable:!0,get:t[e]})},i.f={},i.e=function(n){return Promise.all(Object.keys(i.f).reduce((function(t,e){return i.f[e](n,t),t}),[]))},i.u=function(n){return n+"-"+{215:"FPZmDYZTPdk",9191:"37260H-osZ4"}[n]+".js"},i.o=function(n,t){return Object.prototype.hasOwnProperty.call(n,t)},i.p="/api/hassio/app/frontend_es5/",function(){var n={1402:1};i.f.i=function(t,e){n[t]||importScripts(i.p+i.u(t))};var t=self.webpackChunkhome_assistant_frontend=self.webpackChunkhome_assistant_frontend||[],e=t.push.bind(t);t.push=function(t){var r=t[0],o=t[1],u=t[2];for(var a in o)i.o(o,a)&&(i.m[a]=o[a]);for(u&&u(i);r.length;)n[r.pop()]=1;e(t)}}(),t=i.x,i.x=function(){return Promise.all([i.e(9191),i.e(215)]).then(t)};i.x()}();
+//# sourceMappingURL=1402-6WKUruvoXtM.js.map
--- a/supervisor/api/panel/frontend_es5/1402-6WKUruvoXtM.js.gz
+++ b/supervisor/api/panel/frontend_es5/1402-6WKUruvoXtM.js.gz
--- a/supervisor/api/panel/frontend_es5/1402-6WKUruvoXtM.js.map
+++ b/supervisor/api/panel/frontend_es5/1402-6WKUruvoXtM.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"1402-6WKUruvoXtM.js","mappings":"6BAAIA,ECAAC,E,sCCMAC,EACAC,E,+BAMEC,EAAY,SAChBC,EACAC,EACAC,GAEA,GAAY,UAARF,EAAiB,CACnB,GACY,SAATC,GAA6B,aAAVC,GACX,YAATD,GACS,aAATA,EAEA,OAEF,MAAO,EACT,CAEF,EA0CME,EAAM,CACVC,eAzCqB,SACrBC,EACAC,GAKW,IAWPC,EAfJC,EAGCC,UAAAC,OAAA,QAAAC,IAAAF,UAAA,GAAAA,UAAA,GAAG,CAAC,EA4BL,OA1BKZ,IACHA,EAAee,OAAAC,OAAAD,OAAAC,OAAA,IACVC,EAAAA,EAAAA,wBAAqB,IACxBC,MAAO,CAAC,OAAQ,WAAY,WAC5B,UAAW,CAAC,QACZ,cAAe,CAAC,QAChB,WAAY,CAAC,aAAc,YAM3BP,EAAYQ,UACTlB,IACHA,EAAYc,OAAAC,OAAAD,OAAAC,OAAA,GACPhB,GAAe,IAClBoB,IAAK,CAAC,QAAS,SAAU,SACzBC,KAAM,CAAC,YAAa,SAAU,KAC9BC,IAAK,CAAC,UAGVZ,EAAYT,GAEZS,EAAYV,GAGPuB,EAAAA,EAAAA,YAAUC,EAAAA,EAAAA,IAAOhB,EAASC,GAAgB,CAC/CC,UAAAA,EACAR,UAAAA,GAEJ,IAQAuB,EAAAA,EAAAA,IAAOnB,E,GC5EHoB,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBd,IAAjBe,EACH,OAAOA,EAAaC,QAGrB,IAAIC,EAASL,EAAyBE,GAAY,CAGjDE,QAAS,CAAC,GAOX,OAHAE,EAAoBJ,GAAUG,EAAQA,EAAOD,QAASH,GAG/CI,EAAOD,OACf,CAGAH,EAAoBM,EAAID,EAGxBL,EAAoBO,EAAI,WAGvB,IAAIC,EAAsBR,EAAoBS,OAAEtB,EAAW,CAAC,KAAK,MAAM,WAAa,OAAOa,EAAoB,MAAQ,IAEvH,OADAQ,EAAsBR,EAAoBS,EAAED,EAE7C,EHlCIrC,EAAW,GACf6B,EAAoBS,EAAI,SAASC,EAAQC,EAAUC,EAAIC,GACtD,IAAGF,EAAH,CAMA,IAAIG,EAAeC,IACnB,IAASC,EAAI,EAAGA,EAAI7C,EAASe,OAAQ8B,IAAK,CACrCL,EAAWxC,EAAS6C,GAAG,GACvBJ,EAAKzC,EAAS6C,GAAG,GACjBH,EAAW1C,EAAS6C,GAAG,GAE3B,IAJA,IAGIC,GAAY,EACPC,EAAI,EAAGA,EAAIP,EAASzB,OAAQgC,MACpB,EAAXL,GAAsBC,GAAgBD,IAAazB,OAAO+B,KAAKnB,EAAoBS,GAAGW,OAAM,SAASC,GAAO,OAAOrB,EAAoBS,EAAEY,GAAKV,EAASO,GAAK,IAChKP,EAASW,OAAOJ,IAAK,IAErBD,GAAY,EACTJ,EAAWC,IAAcA,EAAeD,IAG7C,GAAGI,EAAW,CACb9C,EAASmD,OAAON,IAAK,GACrB,IAAIO,EAAIX,SACEzB,IAANoC,IAAiBb,EAASa,EAC/B,CACD,CACA,OAAOb,CArBP,CAJCG,EAAWA,GAAY,EACvB,IAAI,IAAIG,EAAI7C,EAASe,OAAQ8B,EAAI,GAAK7C,EAAS6C,EAAI,GAAG,GAAKH,EAAUG,IAAK7C,EAAS6C,GAAK7C,EAAS6C,EAAI,GACrG7C,EAAS6C,GAAK,CAACL,EAAUC,EAAIC,EAwB/B,EI5BAb,EAAoBwB,EAAI,SAASpB,GAChC,IAAIqB,EAASrB,GAAUA,EAAOsB,WAC7B,WAAa,OAAOtB,EAAgB,OAAG,EACvC,WAAa,OAAOA,CAAQ,EAE7B,OADAJ,EAAoB2B,EAAEF,EAAQ,CAAEG,EAAGH,IAC5BA,CACR,ECNAzB,EAAoB2B,EAAI,SAASxB,EAAS0B,GACzC,IAAI,IAAIR,KAAOQ,EACX7B,EAAoB8B,EAAED,EAAYR,KAASrB,EAAoB8B,EAAE3B,EAASkB,IAC5EjC,OAAO2C,eAAe5B,EAASkB,EAAK,CAAEW,YAAY,EAAMC,IAAKJ,EAAWR,IAG3E,ECPArB,EAAoBkC,EAAI,CAAC,EAGzBlC,EAAoBmC,EAAI,SAASC,GAChC,OAAOC,QAAQC,IAAIlD,OAAO+B,KAAKnB,EAAoBkC,GAAGK,QAAO,SAASC,EAAUnB,GAE/E,OADArB,EAAoBkC,EAAEb,GAAKe,EAASI,GAC7BA,CACR,GAAG,IACJ,ECPAxC,EAAoByC,EAAI,SAASL,GAEhC,OAAYA,EAAU,IAAM,CAAC,IAAM,cAAc,KAAO,eAAeA,GAAW,KACnF,ECJApC,EAAoB8B,EAAI,SAASY,EAAKC,GAAQ,OAAOvD,OAAOwD,UAAUC,eAAeC,KAAKJ,EAAKC,EAAO,ECAtG3C,EAAoB+C,EAAI,gC,WCIxB,IAAIC,EAAkB,CACrB,KAAM,GAkBPhD,EAAoBkC,EAAElB,EAAI,SAASoB,EAASI,GAEvCQ,EAAgBZ,IAElBa,cAAcjD,EAAoB+C,EAAI/C,EAAoByC,EAAEL,GAG/D,EAEA,IAAIc,EAAqBC,KAA0C,oCAAIA,KAA0C,qCAAK,GAClHC,EAA6BF,EAAmBG,KAAKC,KAAKJ,GAC9DA,EAAmBG,KAzBA,SAASE,GAC3B,IAAI5C,EAAW4C,EAAK,GAChBC,EAAcD,EAAK,GACnBE,EAAUF,EAAK,GACnB,IAAI,IAAItD,KAAYuD,EAChBxD,EAAoB8B,EAAE0B,EAAavD,KACrCD,EAAoBM,EAAEL,GAAYuD,EAAYvD,IAIhD,IADGwD,GAASA,EAAQzD,GACdW,EAASzB,QACd8D,EAAgBrC,EAAS+C,OAAS,EACnCN,EAA2BG,EAC5B,C,ITtBInF,EAAO4B,EAAoBO,EAC/BP,EAAoBO,EAAI,WACvB,OAAO8B,QAAQC,IAAI,CAClBtC,EAAoBmC,EAAE,MACtBnC,EAAoBmC,EAAE,OACpBwB,KAAKvF,EACT,EUL0B4B,EAAoBO,G","sources":["no-source/webpack/runtime/chunk loaded","no-source/webpack/runtime/startup chunk dependencies","https://raw.githubusercontent.com/home-assistant/frontend/20230703.0/src/resources/markdown-worker.ts","no-source/webpack/bootstrap","no-source/webpack/runtime/compat get default export","no-source/webpack/runtime/define property getters","no-source/webpack/runtime/ensure chunk","no-source/webpack/runtime/get javascript chunk filename","no-source/webpack/runtime/hasOwnProperty shorthand","no-source/webpack/runtime/publicPath","no-source/webpack/runtime/importScripts chunk loading","no-source/webpack/startup"],"names":["deferred","next","whiteListNormal","whiteListSvg","onTagAttr","tag","name","value","api","renderMarkdown","content","markedOptions","whiteList","hassOptions","arguments","length","undefined","Object","assign","getDefaultWhiteList","input","allowSvg","svg","path","img","filterXSS","marked","expose","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","exports","module","__webpack_modules__","m","x","__webpack_exports__","O","result","chunkIds","fn","priority","notFulfilled","Infinity","i","fulfilled","j","keys","every","key","splice","r","n","getter","__esModule","d","a","definition","o","defineProperty","enumerable","get","f","e","chunkId","Promise","all","reduce","promises","u","obj","prop","prototype","hasOwnProperty","call","p","installedChunks","importScripts","chunkLoadingGlobal","self","parentChunkLoadingFunction","push","bind","data","moreModules","runtime","pop","then"],"sourceRoot":""}
--- a/supervisor/api/panel/frontend_es5/1601-w9Tpb2p6Eog.js
+++ b/supervisor/api/panel/frontend_es5/1601-w9Tpb2p6Eog.js
--- a/supervisor/api/panel/frontend_es5/1601-w9Tpb2p6Eog.js.gz
+++ b/supervisor/api/panel/frontend_es5/1601-w9Tpb2p6Eog.js.gz
--- a/supervisor/api/panel/frontend_es5/1601-w9Tpb2p6Eog.js.map
+++ b/supervisor/api/panel/frontend_es5/1601-w9Tpb2p6Eog.js.map
--- a/supervisor/api/panel/frontend_es5/1639-fgyA7IMZpwQ.js
+++ b/supervisor/api/panel/frontend_es5/1639-fgyA7IMZpwQ.js
@@ -0,0 +1 @@
+"use strict";(self.webpackChunkhome_assistant_frontend=self.webpackChunkhome_assistant_frontend||[]).push([[1639],{71639:function(s){s.exports=[]}}]);
--- a/supervisor/api/panel/frontend_es5/1639-fgyA7IMZpwQ.js.gz
+++ b/supervisor/api/panel/frontend_es5/1639-fgyA7IMZpwQ.js.gz
--- a/supervisor/api/panel/frontend_es5/166096ca.js
+++ b/supervisor/api/panel/frontend_es5/166096ca.js
--- a/supervisor/api/panel/frontend_es5/166096ca.js.gz
+++ b/supervisor/api/panel/frontend_es5/166096ca.js.gz
--- a/supervisor/api/panel/frontend_es5/1838-_4LQjq4VcpM.js
+++ b/supervisor/api/panel/frontend_es5/1838-_4LQjq4VcpM.js
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				!function(){"use strict";var t,n,e={14971:function(t,n,e){var r,i,o=e(93217),u=e(69330),a=(e(58556),e(62173)),c=function(t,n,e){if("input"===t){if("type"===n&&"checkbox"===e\|\|"checked"===n\|\|"disabled"===n)return;return""}},f={renderMarkdown:function(t,n){var e,o=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return r\|\|(r=Object.assign({},(0,a.getDefaultWhiteList)(),{input:["type","disabled","checked"],"ha-icon":["icon"],"ha-svg-icon":["path"],"ha-alert":["alert-type","title"]})),o.allowSvg?(i\|\|(i=Object.assign({},r,{svg:["xmlns","height","width"],path:["transform","stroke","d"],img:["src"]})),e=i):e=r,(0,a.filterXSS)((0,u.TU)(t,n),{whiteList:e,onTagAttr:c})}};(0,o.Jj)(f)}},r={};function i(t){var n=r[t];if(void 0!==n)return n.exports;var o=r[t]={exports:{}};return e[t](o,o.exports,i),o.exports}i.m=e,i.x=function(){var t=i.O(void 0,[191,752],(function(){return i(14971)}));return t=i.O(t)},t=[],i.O=function(n,e,r,o){if(!e){var u=1/0;for(s=0;s<t.length;s++){e=t[s][0],r=t[s][1],o=t[s][2];for(var a=!0,c=0;c<e.length;c++)(!1&o\|\|u>=o)&&Object.keys(i.O).every((function(t){return i.O[t](e[c])}))?e.splice(c--,1):(a=!1,o<u&&(u=o));if(a){t.splice(s--,1);var f=r();void 0!==f&&(n=f)}}return n}o=o\|\|0;for(var s=t.length;s>0&&t[s-1][2]>o;s--)t[s]=t[s-1];t[s]=[e,r,o]},i.n=function(t){var n=t&&t.__esModule?function(){return t.default}:function(){return t};return i.d(n,{a:n}),n},i.d=function(t,n){for(var e in n)i.o(n,e)&&!i.o(t,e)&&Object.defineProperty(t,e,{enumerable:!0,get:n[e]})},i.f={},i.e=function(t){return Promise.all(Object.keys(i.f).reduce((function(n,e){return i.f[e](t,n),n}),[]))},i.u=function(t){return{191:"2dbdaab4",752:"829db8ac"}[t]+".js"},i.o=function(t,n){return Object.prototype.hasOwnProperty.call(t,n)},i.p="/api/hassio/app/frontend_es5/",function(){var t={971:1};i.f.i=function(n,e){t[n]\|\|importScripts(i.p+i.u(n))};var n=self.webpackChunkhome_assistant_frontend=self.webpackChunkhome_assistant_frontend\|\|[],e=n.push.bind(n);n.push=function(n){var r=n[0],o=n[1],u=n[2];for(var a in o)i.o(o,a)&&(i.m[a]=o[a]);for(u&&u(i);r.length;)t[r.pop()]=1;e(n)}}(),n=i.x,i.x=function(){return Promise.all([i.e(191),i.e(752)]).then(n)};i.x()}();
				`@@ -0,0 +1 @@`
				{"version":3,"file":"1047-g7fFLS9eP4I.js","mappings":"yKAAO,IAAMA,EAAkB,SAACC,GAAE,OAAKA,EAAGD,iBAAiB,C,qLCQ9CE,G,UAAcC,EAAAA,EAAAA,GAAA,EAD1BC,EAAAA,EAAAA,IAAc,0BAAuB,SAAAC,EAAAC,GAAA,IACzBJ,EAAc,SAAAK,IAAAC,EAAAA,EAAAA,GAAAN,EAAAK,GAAA,IAAAE,GAAAC,EAAAA,EAAAA,GAAAR,GAAA,SAAAA,IAAA,IAAAS,GAAAC,EAAAA,EAAAA,GAAA,KAAAV,GAAA,QAAAW,EAAAC,UAAAC,OAAAC,EAAA,IAAAC,MAAAJ,GAAAK,EAAA,EAAAA,EAAAL,EAAAK,IAAAF,EAAAE,GAAAJ,UAAAI,GAAA,OAAAP,EAAAF,EAAAU,KAAAC,MAAAX,EAAA,OAAAY,OAAAL,IAAAX,GAAAiB,EAAAA,EAAAA,GAAAX,IAAAA,CAAA,QAAAY,EAAAA,EAAAA,GAAArB,EAAA,EAAAI,GAAA,OAAAkB,EAAdtB,EAAcuB,EAAA,EAAAC,KAAA,QAAAC,WAAA,EACxBC,EAAAA,EAAAA,IAAS,CAAEC,WAAW,KAAQC,IAAA,OAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAE9BC,EAAAA,EAAAA,IAAS,CAAEC,WAAW,KAAQC,IAAA,WAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAE9BC,EAAAA,EAAAA,IAAS,CAAEC,WAAW,KAAQC,IAAA,QAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAE9BC,EAAAA,EAAAA,OAAUE,IAAA,QAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAEVC,EAAAA,EAAAA,OAAUE,IAAA,SAAAC,WAAA,IAAAL,KAAA,QAAAC,WAAA,EAEVC,EAAAA,EAAAA,IAAS,CAAEI,KAAMC,WAAUH,IAAA,WAAAC,MAAA,kBAAmB,CAAK,IAAAL,KAAA,QAAAC,WAAA,EAEnDC,EAAAA,EAAAA,IAAS,CAAEI,KAAMC,WAAUH,IAAA,WAAAC,MAAA,kBAAmB,CAAI,IAAAL,KAAA,SAAAI,IAAA,SAAAC,MAEnD,WAAmB,IAAAG,EACjB,OAAOC,EAAAA,EAAAA,IAAIC,IAAAA,GAAAC,EAAAA,EAAAA,GAAA,wIAEEC,KAAKC,MACJD,KAAKE,OACPF,KAAKP,MACDO,KAAKG,SACLH,KAAKI,SACkB,QADVR,EACZI,KAAKK,SAASC,gBAAQ,IAAAV,OAAA,EAAtBA,EAAwBW,WAG3C,IAAC,GA1BiCC,EAAAA,I","sources":["https://raw.githubusercontent.com/home-assistant/frontend/20230703.0/src/common/dom/stop_propagation.ts","https://raw.githubusercontent.com/home-assistant/frontend/20230703.0/src/components/ha-selector/ha-selector-duration.ts"],"names":["stopPropagation","ev","HaTimeDuration","_decorate","customElement","_initialize","_LitElement","_LitElement2","_inherits","_super","_createSuper","_this","_classCallCheck","_len","arguments","length","args","Array","_key","call","apply","concat","_assertThisInitialized","_createClass","F","d","kind","decorators","property","attribute","key","value","type","Boolean","_this$selector$durati","html","_templateObject","_taggedTemplateLiteral","this","label","helper","disabled","required","selector","duration","enable_day","LitElement"],"sourceRoot":""}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"1402-6WKUruvoXtM.js","mappings":"6BAAIA,ECAAC,E,sCCMAC,EACAC,E,+BAMEC,EAAY,SAChBC,EACAC,EACAC,GAEA,GAAY,UAARF,EAAiB,CACnB,GACY,SAATC,GAA6B,aAAVC,GACX,YAATD,GACS,aAATA,EAEA,OAEF,MAAO,EACT,CAEF,EA0CME,EAAM,CACVC,eAzCqB,SACrBC,EACAC,GAKW,IAWPC,EAfJC,EAGCC,UAAAC,OAAA,QAAAC,IAAAF,UAAA,GAAAA,UAAA,GAAG,CAAC,EA4BL,OA1BKZ,IACHA,EAAee,OAAAC,OAAAD,OAAAC,OAAA,IACVC,EAAAA,EAAAA,wBAAqB,IACxBC,MAAO,CAAC,OAAQ,WAAY,WAC5B,UAAW,CAAC,QACZ,cAAe,CAAC,QAChB,WAAY,CAAC,aAAc,YAM3BP,EAAYQ,UACTlB,IACHA,EAAYc,OAAAC,OAAAD,OAAAC,OAAA,GACPhB,GAAe,IAClBoB,IAAK,CAAC,QAAS,SAAU,SACzBC,KAAM,CAAC,YAAa,SAAU,KAC9BC,IAAK,CAAC,UAGVZ,EAAYT,GAEZS,EAAYV,GAGPuB,EAAAA,EAAAA,YAAUC,EAAAA,EAAAA,IAAOhB,EAASC,GAAgB,CAC/CC,UAAAA,EACAR,UAAAA,GAEJ,IAQAuB,EAAAA,EAAAA,IAAOnB,E,GC5EHoB,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBd,IAAjBe,EACH,OAAOA,EAAaC,QAGrB,IAAIC,EAASL,EAAyBE,GAAY,CAGjDE,QAAS,CAAC,GAOX,OAHAE,EAAoBJ,GAAUG,EAAQA,EAAOD,QAASH,GAG/CI,EAAOD,OACf,CAGAH,EAAoBM,EAAID,EAGxBL,EAAoBO,EAAI,WAGvB,IAAIC,EAAsBR,EAAoBS,OAAEtB,EAAW,CAAC,KAAK,MAAM,WAAa,OAAOa,EAAoB,MAAQ,IAEvH,OADAQ,EAAsBR,EAAoBS,EAAED,EAE7C,EHlCIrC,EAAW,GACf6B,EAAoBS,EAAI,SAASC,EAAQC,EAAUC,EAAIC,GACtD,IAAGF,EAAH,CAMA,IAAIG,EAAeC,IACnB,IAASC,EAAI,EAAGA,EAAI7C,EAASe,OAAQ8B,IAAK,CACrCL,EAAWxC,EAAS6C,GAAG,GACvBJ,EAAKzC,EAAS6C,GAAG,GACjBH,EAAW1C,EAAS6C,GAAG,GAE3B,IAJA,IAGIC,GAAY,EACPC,EAAI,EAAGA,EAAIP,EAASzB,OAAQgC,MACpB,EAAXL,GAAsBC,GAAgBD,IAAazB,OAAO+B,KAAKnB,EAAoBS,GAAGW,OAAM,SAASC,GAAO,OAAOrB,EAAoBS,EAAEY,GAAKV,EAASO,GAAK,IAChKP,EAASW,OAAOJ,IAAK,IAErBD,GAAY,EACTJ,EAAWC,IAAcA,EAAeD,IAG7C,GAAGI,EAAW,CACb9C,EAASmD,OAAON,IAAK,GACrB,IAAIO,EAAIX,SACEzB,IAANoC,IAAiBb,EAASa,EAC/B,CACD,CACA,OAAOb,CArBP,CAJCG,EAAWA,GAAY,EACvB,IAAI,IAAIG,EAAI7C,EAASe,OAAQ8B,EAAI,GAAK7C,EAAS6C,EAAI,GAAG,GAAKH,EAAUG,IAAK7C,EAAS6C,GAAK7C,EAAS6C,EAAI,GACrG7C,EAAS6C,GAAK,CAACL,EAAUC,EAAIC,EAwB/B,EI5BAb,EAAoBwB,EAAI,SAASpB,GAChC,IAAIqB,EAASrB,GAAUA,EAAOsB,WAC7B,WAAa,OAAOtB,EAAgB,OAAG,EACvC,WAAa,OAAOA,CAAQ,EAE7B,OADAJ,EAAoB2B,EAAEF,EAAQ,CAAEG,EAAGH,IAC5BA,CACR,ECNAzB,EAAoB2B,EAAI,SAASxB,EAAS0B,GACzC,IAAI,IAAIR,KAAOQ,EACX7B,EAAoB8B,EAAED,EAAYR,KAASrB,EAAoB8B,EAAE3B,EAASkB,IAC5EjC,OAAO2C,eAAe5B,EAASkB,EAAK,CAAEW,YAAY,EAAMC,IAAKJ,EAAWR,IAG3E,ECPArB,EAAoBkC,EAAI,CAAC,EAGzBlC,EAAoBmC,EAAI,SAASC,GAChC,OAAOC,QAAQC,IAAIlD,OAAO+B,KAAKnB,EAAoBkC,GAAGK,QAAO,SAASC,EAAUnB,GAE/E,OADArB,EAAoBkC,EAAEb,GAAKe,EAASI,GAC7BA,CACR,GAAG,IACJ,ECPAxC,EAAoByC,EAAI,SAASL,GAEhC,OAAYA,EAAU,IAAM,CAAC,IAAM,cAAc,KAAO,eAAeA,GAAW,KACnF,ECJApC,EAAoB8B,EAAI,SAASY,EAAKC,GAAQ,OAAOvD,OAAOwD,UAAUC,eAAeC,KAAKJ,EAAKC,EAAO,ECAtG3C,EAAoB+C,EAAI,gC,WCIxB,IAAIC,EAAkB,CACrB,KAAM,GAkBPhD,EAAoBkC,EAAElB,EAAI,SAASoB,EAASI,GAEvCQ,EAAgBZ,IAElBa,cAAcjD,EAAoB+C,EAAI/C,EAAoByC,EAAEL,GAG/D,EAEA,IAAIc,EAAqBC,KAA0C,oCAAIA,KAA0C,qCAAK,GAClHC,EAA6BF,EAAmBG,KAAKC,KAAKJ,GAC9DA,EAAmBG,KAzBA,SAASE,GAC3B,IAAI5C,EAAW4C,EAAK,GAChBC,EAAcD,EAAK,GACnBE,EAAUF,EAAK,GACnB,IAAI,IAAItD,KAAYuD,EAChBxD,EAAoB8B,EAAE0B,EAAavD,KACrCD,EAAoBM,EAAEL,GAAYuD,EAAYvD,IAIhD,IADGwD,GAASA,EAAQzD,GACdW,EAASzB,QACd8D,EAAgBrC,EAAS+C,OAAS,EACnCN,EAA2BG,EAC5B,C,ITtBInF,EAAO4B,EAAoBO,EAC/BP,EAAoBO,EAAI,WACvB,OAAO8B,QAAQC,IAAI,CAClBtC,EAAoBmC,EAAE,MACtBnC,EAAoBmC,EAAE,OACpBwB,KAAKvF,EACT,EUL0B4B,EAAoBO,G","sources":["no-source/webpack/runtime/chunk loaded","no-source/webpack/runtime/startup chunk dependencies","https://raw.githubusercontent.com/home-assistant/frontend/20230703.0/src/resources/markdown-worker.ts","no-source/webpack/bootstrap","no-source/webpack/runtime/compat get default export","no-source/webpack/runtime/define property getters","no-source/webpack/runtime/ensure chunk","no-source/webpack/runtime/get javascript chunk filename","no-source/webpack/runtime/hasOwnProperty shorthand","no-source/webpack/runtime/publicPath","no-source/webpack/runtime/importScripts chunk loading","no-source/webpack/startup"],"names":["deferred","next","whiteListNormal","whiteListSvg","onTagAttr","tag","name","value","api","renderMarkdown","content","markedOptions","whiteList","hassOptions","arguments","length","undefined","Object","assign","getDefaultWhiteList","input","allowSvg","svg","path","img","filterXSS","marked","expose","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","exports","module","__webpack_modules__","m","x","__webpack_exports__","O","result","chunkIds","fn","priority","notFulfilled","Infinity","i","fulfilled","j","keys","every","key","splice","r","n","getter","__esModule","d","a","definition","o","defineProperty","enumerable","get","f","e","chunkId","Promise","all","reduce","promises","u","obj","prop","prototype","hasOwnProperty","call","p","installedChunks","importScripts","chunkLoadingGlobal","self","parentChunkLoadingFunction","push","bind","data","moreModules","runtime","pop","then"],"sourceRoot":""}
				`@@ -0,0 +1 @@`
				`"use strict";(self.webpackChunkhome_assistant_frontend=self.webpackChunkhome_assistant_frontend\|\|[]).push([[1639],{71639:function(s){s.exports=[]}}]);`