jeena/home-assistant.github.io
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions

Move all scripts to one location as one page per script (#4554)

Browse source
This commit is contained in:
Fabian Affolter 2018-01-31 09:43:05 +01:00 committed by GitHub
parent 556a0b08b4
commit 5b6c51c154
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 282 additions and 209 deletions
Download patch file Download diff file Expand all files Collapse all files

58
source/_docs/configuration/secrets.markdown
View file

@ -53,65 +53,15 @@ logger: debug
```
This will not print the actual secret's value to the log.
*Option 2*: View where secrets are retrieved from and the contents of all `secrets.yaml` files used, you can use the `check_config` script from the command line:
*Option 2*: View where secrets are retrieved from and the contents of all `secrets.yaml` files used, you can use the [`check_config` script](/docs/tools/check_config/) from the command line:
```bash
$ hass --script check_config --secrets
```
This will print all your secrets.
### {% linkable_title Storing passwords in a keyring managed by your OS %}
## {% linkable_title Alternatives to `secrets.yaml` %}
Using [Keyring](https://github.com/jaraco/keyring) is an alternative way to `secrets.yaml`. They can be managed from the command line via the `keyring` script.
- [Using a keyring that is managed by your OS to store secrets](/docs/tools/keyring/)
- [Storing passwords securely in AWS](/docs/tools/credstash/)
```bash
$ hass --script keyring --help
```
To store a password in keyring, replace your password or API key with `!secret` and an identifier in `configuration.yaml` file.
```yaml
http:
api_password: !secret http_password
```
Create an entry in your keyring.
```bash
$ hass --script keyring set http_password
```
If you launch Home Assistant now, you will be prompted for the keyring password to unlock your keyring.
```bash
$ hass
Config directory: /home/homeassistant/.homeassistant
Please enter password for encrypted keyring:
```
<p class='note warning'>
If you are using the Python Keyring, [autostarting](/getting-started/autostart/) of Home Assistant will no longer work.
</p>
### {% linkable_title Storing passwords securely in AWS %}
Using [Credstash](https://github.com/fugue/credstash) is an alternative way to `secrets.yaml`. They can be managed from the command line via the credstash script.
Before using credstash, you need to set up AWS credentials either via the `aws` command line tool or using environment variables as explained in the [AWS CLI docs](http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html) as well as creating a KMS key named `credstash` as explained in the [credstash Readme](https://github.com/fugue/credstash#setting-up-kms). After that is complete, you can use the provided script to add secrets to your Home Assistant secret store in credstash.
```bash
$ hass --script credstash --help
```
To store a password in credstash, replace your password or API key with `!secret` and an identifier in `configuration.yaml` file.
```yaml
http:
api_password: !secret http_password
```
Create an entry in your credstash store.
```bash
$ hass --script credstash set http_password
```