jeena/home-assistant.github.io
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions
home-assistant.github.io/topics/secrets/index.html
Travis CI b8845607d4 Site updated at 2016-07-30 21:23:25 UTC
2016-07-30 21:23:25 +00:00

225 lines
No EOL
9.9 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!--> <html> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Storing secrets - Home Assistant</title>
<meta name="author" content="Home Assistant">
<meta name="description" content="Storing secrets outside of your configuration.yaml.">
<meta name="viewport" content="width=device-width">
<link rel="canonical" href="https://home-assistant.io/topics/secrets/">
<meta property="fb:app_id" content="338291289691179">
<meta property="og:title" content="Storing secrets">
<meta property="og:site_name" content="Home Assistant">
<meta property="og:url" content="https://home-assistant.io/topics/secrets/">
<meta property="og:type" content="article">
<meta property="og:description" content="Storing secrets outside of your configuration.yaml.">
<meta property="og:image" content="https://home-assistant.io/images/default-social.png">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@home_assistant">
<meta name="twitter:title" content="Storing secrets">
<meta name="twitter:description" content="Storing secrets outside of your configuration.yaml.">
<meta name="twitter:image" content="https://home-assistant.io/images/default-social.png">
<link href="/stylesheets/screen.css" media="screen, projection" rel="stylesheet">
<link href="/atom.xml" rel="alternate" title="Home Assistant" type="application/atom+xml">
<link rel='shortcut icon' href='/images/favicon.ico' />
<link rel='icon' type='image/png' href='/images/favicon-192x192.png' sizes='192x192' />
</head>
<body >
<header>
<div class="grid-wrapper">
<div class="grid">
<div class="grid__item three-tenths lap-two-sixths palm-one-whole ha-title">
<a href="/" class="site-title">
<img width='40' src='/demo/favicon-192x192.png'>
<span>Home Assistant</span>
</a>
</div>
<div class="grid__item seven-tenths lap-four-sixths palm-one-whole">
<nav>
<input type="checkbox" id="toggle">
<label for="toggle" class="toggle" data-open="Main Menu" data-close="Close Menu"></label>
<ul class="menu pull-right">
<li><a href='/getting-started/'>Getting started</a></li>
<li><a href='/components/'>Components</a></li>
<li><a href='/cookbook/'>Examples</a></li>
<li><a href="/developers/">Developers</a></li>
<li><a href="/blog/">Blog</a></li>
<li><a href="/help/">Need help?</a></li>
</ul>
</nav>
</div>
</div>
</div>
</header>
<div class="grid-wrapper">
<div class="grid grid-center">
<div class="grid__item two-thirds lap-one-whole palm-one-whole">
<article class="page">
<div class='edit-github'><a href='https://github.com/home-assistant/home-assistant.io/tree/master/source/_topics/secrets.markdown'>Edit this page on GitHub</a></div>
<header>
<h1 class="title indent">
Storing Secrets
</h1>
</header>
<hr class="divider">
<p>The <code>configuration.yaml</code> file a plain-text file thus it is readable for everyone who has access to the file. The file contains passwords and API tokens which need to be redacted if you want to share your configuration. This separation can also help you to keep easier track of your passwords and API keys (as they are all stored at one place and no longer spread across the <code>configuration.yaml</code> file) if you dont want to <a href="/topics/splitting_configuration/">split up your configuration</a>.</p>
<h3><a class="title-link" name="using-secretsyaml" href="#using-secretsyaml"></a> Using secrets.yaml</h3>
<p>The workflow for the outsourcing in the <code>secrets.yaml</code> are very similar to the <a href="/topics/splitting_configuration/">splitting of the configuration</a>. Create a <code>secrets.yaml</code> file in your Home assistant configuration directory (The location of the folder differs between operating systems: on OS X and Linux its <code>~/.homeassistant</code> and on Windows its <code>%APPDATA%/.homeassistant</code>).</p>
<p>The entries for password and API keys in the <code>configuration.yaml</code> file usally looks like the example below.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre><span class="key">http</span>:
<span class="key">api_password</span>: <span class="string"><span class="content">YOUR_PASSWORD</span></span>
</pre></div>
</div>
</div>
<p>Those entries need to be replaced with <code>!secret</code> and a identifier.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre><span class="key">http</span>:
<span class="key">api_password</span>: <span class="type">!secret</span> <span class="string"><span class="content">http_password</span></span>
</pre></div>
</div>
</div>
<p>The <code>secrets.yaml</code> files stored the corresponding password assigned to the identifier.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre><span class="key">logger</span>: <span class="string"><span class="content">debug</span></span>
<span class="key">http_password</span>: <span class="string"><span class="content">YOUR_PASSWORD</span></span>
</pre></div>
</div>
</div>
<h3><a class="title-link" name="python-keyring" href="#python-keyring"></a> Python Keyring</h3>
<p>Using <a href="http://pythonhosted.org/keyring/">Keyring</a> is an alternative way to <code>secrets.yaml</code> but requires that <code>keyring</code> is installed (incl. its command-line tools). This can be done with:</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre>$ pip3 install keyring
</pre></div>
</div>
</div>
<p>Replaced your password or API key with <code>!secret</code> and an identifier in <code>configuration.yaml</code> file.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre><span class="key">http</span>:
<span class="key">api_password</span>: <span class="type">!secret</span> <span class="string"><span class="content">http_password</span></span>
</pre></div>
</div>
</div>
<p>Create an entry in your keyring. The service (SERVICE) is <code>homeassistant</code> and the identifier is the USERNAME in the keyring context.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre>$ keyring set homeassistant http_password
Password for 'http_password' in 'homeassistant':
Please set a password for your new keyring:
Please confirm the password:
</pre></div>
</div>
</div>
<p>If the command-line tool <code>keyring</code> is not available, launch <code>python3</code> and do the process manually.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre>&gt;&gt;&gt; <span class="keyword">import</span> <span class="include">keyring</span>
&gt;&gt;&gt; keyring.set_password(<span class="string"><span class="delimiter">&quot;</span><span class="content">homeassistant</span><span class="delimiter">&quot;</span></span>, <span class="string"><span class="delimiter">&quot;</span><span class="content">http_password</span><span class="delimiter">&quot;</span></span>, <span class="string"><span class="delimiter">&quot;</span><span class="content">12345</span><span class="delimiter">&quot;</span></span>)
Please <span class="predefined">set</span> a password <span class="keyword">for</span> your new keyring:
Please confirm the password:
&gt;&gt;&gt; keyring.get_password(<span class="string"><span class="delimiter">&quot;</span><span class="content">homeassistant</span><span class="delimiter">&quot;</span></span>, <span class="string"><span class="delimiter">&quot;</span><span class="content">http_password</span><span class="delimiter">&quot;</span></span>)
<span class="string"><span class="delimiter">'</span><span class="content">12345</span><span class="delimiter">'</span></span>
&gt;&gt;&gt; keyring.get_keyring()
&lt;EncryptedKeyring at /home/your_user/.local/share/python_keyring/crypted_pass.cfg&gt;
</pre></div>
</div>
</div>
<p>If you launch home Assistant now, you will be prompted for the keyring password to unlock your keyring.</p>
<div class="highlighter-coderay"><div class="CodeRay">
<div class="code"><pre>$ hass
Config directory: /home/fab/.homeassistant
Please enter password for encrypted keyring:
</pre></div>
</div>
</div>
<p class="note warning">
If your are using the Python Keyring, <a href="/getting-started/autostart/">autostarting</a> of Home Assistant will no longer work.
</p>
</article>
</div>
</div>
</div>
<footer>
<div class="grid-wrapper">
<div class="grid">
<div class="grid__item">
<div class="copyright">
<a rel="me" href='https://twitter.com/home_assistant'><i class="icon-twitter"></i></a>
<a rel="me" href='https://facebook.com/homeassistantio'><i class="icon-facebook"></i></a>
<a rel="me" href='https://plus.google.com/110560654828510104551'><i class="icon-google-plus"></i></a>
<a rel="me" href='https://github.com/home-assistant/home-assistant'><i class="icon-github"></i></a>
<div class="credit">
Contact us at <a href='mailto:hello@home-assistant.io'>hello@home-assistant.io</a>.<br>
Website powered by <a href='http://jekyllrb.com/'>Jekyll</a> and the <a href='https://github.com/coogie/oscailte'>Oscalite theme</a>.<br />
Hosted by <a href='https://pages.github.com/'>GitHub</a> and served by <a href='https://cloudflare.com'>CloudFlare</a>.
</div>
</div>
</div>
</div>
</div>
</footer>
<script>
var _gaq=[['_setAccount','UA-57927901-1'],['_trackPageview']];
(function(d,t){var g=d.createElement(t),s=d.getElementsByTagName(t)[0];
g.src=('https:'==location.protocol?'//ssl':'//www')+'.google-analytics.com/ga.js';
s.parentNode.insertBefore(g,s)}(document,'script'));
</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink