mirror of
https://github.com/home-assistant/home-assistant.io.git
synced 2025-07-21 16:27:19 +00:00
Update secrets.markdown
This commit is contained in:
parent
2ab03078d0
commit
425ed38599
@ -9,11 +9,11 @@ sharing: true
|
||||
footer: true
|
||||
---
|
||||
|
||||
The `configuration.yaml` file a plain-text file thus it is readable for everyone who has access to the file. The file contains passwords and API tokens which need to be redacted if you want to share your configuration. This separation can also help you to keep easier track of your passwords and API keys (as they are all stored at one place and no longer spread across the `configuration.yaml` file) if you don't want to [split up your configuration](/topics/splitting_configuration/).
|
||||
The `configuration.yaml` file is a plain-text file, thus it is readable by anyone who has access to the file. The file contains passwords and API tokens which need to be redacted if you want to share your configuration. By using `!secrets` you can remove any private information from you configuration files. This separation can also help you to keep easier track of your passwords and API keys. As they are all stored at one place and no longer spread across the `configuration.yaml` file or even multiple yaml files if you [split up your configuration](/topics/splitting_configuration/).
|
||||
|
||||
### {% linkable_title Using secrets.yaml %}
|
||||
|
||||
The workflow for the outsourcing in the `secrets.yaml` is very similar to the [splitting of the configuration](/topics/splitting_configuration/). Create a `secrets.yaml` file in your Home assistant configuration directory (The location of the folder differs between operating systems: on OS X and Linux it's `~/.homeassistant` and on Windows it's `%APPDATA%/.homeassistant`).
|
||||
The workflow for moving private information to `secrets.yaml` is very similar to the [splitting of the configuration](/topics/splitting_configuration/). Create a `secrets.yaml` file in your Home assistant configuration directory (The location of the folder differs between operating systems: on OS X and Linux it's `~/.homeassistant` and on Windows it's `%APPDATA%/.homeassistant`).
|
||||
|
||||
The entries for password and API keys in the `configuration.yaml` file usually looks like the example below.
|
||||
|
||||
@ -32,10 +32,30 @@ http:
|
||||
The `secrets.yaml` file contains the corresponding password assigned to the identifier.
|
||||
|
||||
```yaml
|
||||
logger: debug
|
||||
http_password: YOUR_PASSWORD
|
||||
```
|
||||
|
||||
### {% linkable_title Debugging secrets %}
|
||||
|
||||
When you start splitting your configuration into multiple files, you might end up with configuration in sub folders. Secrets will be resolved in this order:
|
||||
- A `secrets.yaml` located in the same folder as the yaml file referencing the secret,
|
||||
- next, parent folders will be searched for a `secrets.yaml` file with the secret, stopping at the folder with the main `configuration.yaml`,
|
||||
- lastly, `keyring` will be queried for the secret (more info below)
|
||||
|
||||
To see where secrets are being loaded from you can either add an option to your `secrets.yaml` file or use the `check_config` script.
|
||||
|
||||
*Option 1*: Print where secrets are retrieved from to the Home Assistant log by adding the following to `secrets.yaml`:
|
||||
```yaml
|
||||
logger: debug
|
||||
```
|
||||
This will not print the actual secret's value to the log.
|
||||
|
||||
*Option 2*: View where secrets are retrieved from and the contents of all `secrets.yaml` files used, you can use the `check_config` script from the command line:
|
||||
```bash
|
||||
hass --script check_config --secrets
|
||||
```
|
||||
This will print all your secrets
|
||||
|
||||
### {% linkable_title Storing passwords in a keyring managed by your OS %}
|
||||
|
||||
Using [Keyring](http://pythonhosted.org/keyring/) is an alternative way to `secrets.yaml`. They can be managed from the command line via the keyring script.
|
||||
@ -57,7 +77,7 @@ Create an entry in your keyring.
|
||||
$ hass --script keyring set http_password
|
||||
```
|
||||
|
||||
If you launch home Assistant now, you will be prompted for the keyring password to unlock your keyring.
|
||||
If you launch Home Assistant now, you will be prompted for the keyring password to unlock your keyring.
|
||||
|
||||
```bash
|
||||
$ hass
|
||||
|
Loading…
x
Reference in New Issue
Block a user