feat: add Home Assistant MCP sidecar and fix K8s/Flux MCP deployment logic

Added features:
- Home Assistant MCP server as optional sidecar (mcpSidecars.homeassistant)
- Requires homeassistant-url and homeassistant-token secrets
- Runs on port 8087 using SSE transport mode
- Disabled by default due to credential requirements

Fixed deployment logic:
- Kubernetes and Flux MCP sidecars now only deploy when:
  1. They are enabled in values (mcpSidecars.<name>.enabled: true)
  2. AND clusterAccess is not "none" (they need RBAC to function)
- Prevents unnecessary container failures when no permissions exist

Documentation updates:
- Complete Helm values reference for all MCP sidecars
- Deployment examples and troubleshooting guides
- Updated memory notes with current architecture

Breaking change:
- K8s/Flux MCP sidecars won't deploy with clusterAccess=none
- This is intentional as they cannot function without RBAC

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

README.md

@@ -22,6 +22,8 @@ The secret is picked up automatically via `envFrom`. Keys recognised:
 | `VNC_PASSWORD` | Password for the VNC web UI |
 | `ANTHROPIC_API_KEY` | API key — alternative to browser-based Claude login |
 | `SSH_AUTHORIZED_KEYS` | Public key(s) for SSH access (required when `ssh: true`) |
+| `homeassistant-url` | Home Assistant URL (required when `mcpSidecars.homeassistant.enabled: true`) |
+| `homeassistant-token` | Home Assistant long-lived access token (required when `mcpSidecars.homeassistant.enabled: true`) |
 
 ```bash
 kubectl create secret generic devcontainer-mydev-secrets-env \
@@ -152,14 +154,18 @@ With any non-`none` value, a `ServiceAccount` named `devcontainer-{name}` is cre
 
 ### MCP Sidecars
 
-The devcontainer includes MCP (Model Context Protocol) servers as sidecar containers that enable AI assistants to interact with Kubernetes and Flux:
+The devcontainer includes MCP (Model Context Protocol) servers as sidecar containers that enable AI assistants to interact with various services:
 
 | Sidecar | Default | Purpose |
 |---------|---------|---------|
 | `mcpSidecars.kubernetes.enabled` | `true` | Kubernetes API access via MCP |
 | `mcpSidecars.flux.enabled` | `true` | Flux GitOps operations via MCP |
+| `mcpSidecars.homeassistant.enabled` | `false` | Home Assistant smart home control via MCP |
 
-These sidecars inherit the pod's ServiceAccount RBAC permissions (controlled by `clusterAccess`).
+**Notes:**
+- Kubernetes and Flux sidecars require `clusterAccess` != `none` to be deployed (automatically disabled when no cluster access)
+- Kubernetes and Flux sidecars inherit the pod's ServiceAccount RBAC permissions (controlled by `clusterAccess`)
+- Home Assistant sidecar requires additional configuration (see below)
 
 **Disable MCP sidecars:**
 ```bash
@@ -177,6 +183,21 @@ helm install mydev ./chart \
   --set mcpSidecars.flux.enabled=false  # Disable only Flux MCP
 ```
 
+**Enable Home Assistant MCP:**
+```bash
+# Create secret with Home Assistant credentials
+kubectl create secret generic devcontainer-mydev-secrets-env \
+  --from-literal=GITHUB_TOKEN='ghp_...' \
+  --from-literal=homeassistant-url='http://homeassistant.local:8123' \
+  --from-literal=homeassistant-token='your_long_lived_access_token'
+
+# Deploy with Home Assistant MCP enabled
+helm install mydev ./chart \
+  --set name=mydev \
+  --set githubRepo=https://github.com/youruser/yourrepo \
+  --set mcpSidecars.homeassistant.enabled=true
+```
+
 **Custom MCP configuration:**
 ```yaml
 # values.yaml override
@@ -196,6 +217,19 @@ mcpSidecars:
         cpu: "500m"
   flux:
     enabled: false  # Disabled in this example
+  homeassistant:
+    enabled: true
+    image:
+      repository: ghcr.io/homeassistant-ai/ha-mcp
+      tag: stable  # or 'latest' for dev builds
+    port: 8087
+    resources:
+      requests:
+        memory: "128Mi"
+        cpu: "100m"
+      limits:
+        memory: "512Mi"
+        cpu: "500m"
 ```
 
 ### Display and resources