Automate first-time provisioning of Reolink cameras

[fe51]

Automate first-time provisioning of Reolink cameras

Objectif & context

Onboarding fresh Reolink cameras currently requires the Reolink mobile app to discover each camera, create the admin password, and enable HTTP/HTTPS, only then can setup_reolink_cameras.py configure them over HTTPS.

This PR removes that manual step so a batch of factory-fresh cameras can be provisioned headless, end to end, with a single command.

What it does

provision_reolink.py:

• Discovers Reolink cameras on the LAN via a Baichuan handshake (TCP 9000, pure-Python, no nmap, RPi-friendly).
• Detects factory-fresh vs already-initialized cameras.
• On fresh cameras, enables HTTP/HTTPS over the Baichuan protocol (reolink_aio) and sets the admin password via the CGI ModifyUser command.
• Verifies HTTPS, assigns each camera a distinct static IP from a configurable pool (provision_config.json), generates cameras_config.json, and runs the existing setup_reolink_cameras.py.
• Is idempotent: safe to re-run; initialized cameras are skipped and a camera already on a target IP keeps it.
  Run with:

uv run provision_reolink.py --run-setup
uv fetches dependencies into a throwaway env (PEP 723 inline metadata), so requirements.txt/.venv are untouched.

Notable detail

reolink_aio exposes no password-init API; the CGI ModifyUser command requires the newPassword/oldPassword fields — sending password returns code 0 but silently no-ops.

Validation

Tested against real RLC-823S2 hardware: cold fresh provisioning, idempotent re-runs, static-IP relocation, and graceful skip of an unreachable host.