Merge branch 'current' into next

This commit is contained in:
Fabian Affolter 2018-09-02 09:54:47 +02:00
commit f654d79bc6
No known key found for this signature in database
GPG Key ID: E23CD2DD36A4397F
31 changed files with 337 additions and 133 deletions

View File

@ -142,13 +142,13 @@ social:
# Home Assistant release details
current_major_version: 0
current_minor_version: 77
current_patch_version: 0
date_released: 2018-08-29
current_patch_version: 2
date_released: 2018-08-31
# Either # or the anchor link to latest release notes in the blog post.
# Must be prefixed with a # and have double quotes around it.
# Major release:
patch_version_notes: "#"
patch_version_notes: "#release-0772---august-31"
# Minor release (Example #release-0431---april-25):
# Date we moved to Discourse for comments

View File

@ -18,7 +18,7 @@ The `random` binary sensor platform is creating random states (`True`, 1, `on` o
## {% linkable_title Configuration %}
To enable the random binary sensor, add the following lines to your `configuration.yaml`:
To enable the random binary sensor, add the following lines to your `configuration.yaml` file:
```yaml
# Example configuration.yaml entry

View File

@ -31,7 +31,7 @@ Home Assistant will automatically discover deCONZ presence on your network, if `
If you don't have the API key, you can generate an API key for deCONZ by using the one-click functionality similar to Philips Hue. Go to **Menu** -> **Settings** -> **Unlock Gateway** in deCONZ and then use the deCONZ configurator in Home Assistant frontend to create an API key. When you're done setting up deCONZ it will be stored as a config entry.
You can add the following to your configuration.yaml file if you are not using the `discovery:` component:
You can add the following to your `configuration.yaml` file if you are not using the `discovery:` component:
```yaml
# Example configuration.yaml entry
@ -118,9 +118,9 @@ For the IKEA Tradfri remote, 1 is the middle button, 2 is up, 3 is down, 4 is le
## {% linkable_title Examples %}
### {% linkable_title Step up and step down input number with wireless dimmer %}
### {% linkable_title YAML %}
#### YAML
#### {% linkable_title Step up and step down input number with wireless dimmer %}
{% raw %}
```yaml
@ -171,15 +171,17 @@ automation:
```
{% endraw %}
#### Appdaemon
### {% linkable_title Appdaemon %}
#### {% linkable_title Appdaemon remote template %}
{% raw %}
```yaml
remote_control_living_room:
remote_control:
module: remote_control
class: RemoteControl
event: deconz_event
id: dimmer_switch_3
id: dimmer_switch_1
```
```python
@ -204,3 +206,53 @@ class RemoteControl(hass.Hass):
self.log('Button off')
```
{% endraw %}
#### {% linkable_title Appdaemon remote template %}
Community app from [Teachingbirds](https://community.home-assistant.io/u/teachingbirds/summary). This app uses an Ikea Tradfri remote to control Sonos speakers with play/pause, volume up and down, next and previous track.
{% raw %}
```yaml
sonos_remote_control:
module: sonos_remote
class: SonosRemote
event: deconz_event
id: sonos_remote
sonos: media_player.sonos
```
{% endraw %}
{% raw %}
```python
import appdaemon.plugins.hass.hassapi as hass
class SonosRemote(hass.Hass):
def initialize(self):
self.sonos = self.args['sonos']
if 'event' in self.args:
self.listen_event(self.handle_event, self.args['event'])
def handle_event(self, event_name, data, kwargs):
if data['id'] == self.args['id']:
if data['event'] == 1002:
self.log('Button toggle')
self.call_service("media_player/media_play_pause", entity_id = self.sonos)
elif data['event'] == 2002:
self.log('Button volume up')
self.call_service("media_player/volume_up", entity_id = self.sonos)
elif data['event'] == 3002:
self.log('Button volume down')
self.call_service("media_player/volume_down", entity_id = self.sonos)
elif data['event'] == 4002:
self.log('Button previous')
self.call_service("media_player/media_previous_track", entity_id = self.sonos)
elif data['event'] == 5002:
self.log('Button next')
self.call_service("media_player/media_next_track", entity_id = self.sonos)
```
{% endraw %}

View File

@ -112,10 +112,10 @@ automation:
### {% linkable_title Manual Theme Selection %}
When themes are enabled in the `configuration.yaml` file, a new option will show up in the Configuration panel under **General** called "Set a theme." You can then choose any installed theme from the dropdown list and it will be applied immediately.
When themes are enabled in the `configuration.yaml` file, a new option will show up in the user profile menu (before 0.77 it was in the Configuration panel under **General** called "Set a theme"). You can then choose any installed theme from the dropdown list and it will be applied immediately.
<p class='img'>
<img src='/images/frontend/choose-theme.png' />
<img src='/images/frontend/user-theme.png' />
Set a theme
</p>
@ -137,9 +137,9 @@ Those will be loaded via `<link rel='import' href='{{ extra_url }}' async>` on a
### {% linkable_title Manual Language Selection %}
The browser language is automatically detected. To use a different language, go to **General** in the Configuration panel and select one from "Choose a Language". It will be applied immediately.
The browser language is automatically detected. To use a different language, go to the user profile menu (before 0.77 it was found in **General** in the Configuration panel) and select one. It will be applied immediately.
<p class='img'>
<img src='/images/frontend/choose-language.png' />
<img src='/images/frontend/user-language.png' />
Choose a Language
</p>

View File

@ -12,21 +12,21 @@ ha_category: Hub
ha_release: 0.77
---
This component allows you to send messages to [Google Hangouts](http://hangouts.google.com) conversations, as well as to react to messages in conversations. Reacting to commands is accomplished by firing an event when one of the configured commands is triggered.
This component allows you to send messages to [Google Hangouts](https://hangouts.google.com) conversations, as well as to react to messages in conversations. Reacting to commands is accomplished by firing an event when one of the configured commands is triggered.
## {% linkable_title Setup the component via the frontend %}
Menu: *Configuration* -> *Integrations*
Fill the form:
* Your **Google Mail Address** and **Password**
* If needed, you will be asked for a 2-factor authorization token
Configure the integration:
* Enter your **Google Mail Address** and **Password**
* If you secured your account with 2-factor authentication you will be asked for a 2-factor authentication token.
**BEST PRACTICE:** You can't write messages to yourself or get notifications in a group, if "you" write the message. The best way is to create a own google account for your hangouts bot.
**BEST PRACTICE:** You can't write messages to yourself or get notifications in a group, if "you" write the message. The best way is to create a new Google Hangouts account for this integration.
**IMPORTANT:** If you secured your account with 2 factor authorization: Only verification by app or SMS are supported. There is no support for verification by prompt on your phone.
**IMPORTANT:** If you secured your account with 2-factor authentication: Only verification by app or SMS are supported. There is no support for verification by prompt on your phone.
**IMPORTANT 2:** If you are sure your email and password is correct, but the component says the login is invalid. Wait a few hours and try it again, it might be, that google asks for a captcha which we can't support. Google official don't support bots at hangouts, that's why we have to work around this.
**IMPORTANT 2:** If you are sure your email and password is correct, but the component says the login is invalid. Wait a few hours and try it again, it might be, that google asks for a captcha which we can't support. Google does not provide official support for using bots with Google Hangouts, that's why we have to work around this.
The authentication token will be generated and stored internally.

View File

@ -179,9 +179,8 @@ automation:
entity_id: input_number.target_temp
value: "{{ trigger.payload }}"
# This automation script runs when the target temperature slider is moved.
# This second automation script runs when the target temperature slider is moved.
# It publishes its value to the same MQTT topic it is also subscribed to.
automation:
- alias: Temp slider moved
trigger:
platform: state

View File

@ -105,7 +105,7 @@ KNX component is able to expose time or sensor values to KNX bus. The component
```yaml
# Example configuration.yaml entry
knx:
expose::
expose:
- type: 'temperature'
entity_id: 'sensor.owm_temperature'
address: '0/0/2'

View File

@ -12,7 +12,7 @@ ha_category: Notifications
ha_release: 0.38
---
The component supports push messages and generates events based on inbound data. To use, add a Route set to Store and Notify with a URL of the following form: `https://<home-assistant-domain>/api/mailgun?api_password=<password>`
The component supports push messages and generates events based on inbound data. To generate inbound events, add a Route set to Store and Notify with a URL of the following form: `https://<home-assistant-domain>/api/mailgun?api_password=<password>`
To send messages, use the [Mailgun notify platform][notify].
@ -24,11 +24,11 @@ To send messages, use the [Mailgun notify platform][notify].
# Example configuration.yaml entry
mailgun:
domain: mg.example.com
api_key: token-XXXXXXXXX
api_key: XXXXXXXXXXXXX
```
Configuration variables:
- **domain** (*Required*): This is the domain name to be used when sending out mail. Defaults to the first custom domain you have set up.
- **api_key** (*Required*): This is the API token that has been generated in your Mailgun account.
- **sandbox** (*Optional*): Whether to use the sandboxed domain for outgoing mail. The `domain` item takes precedence over this. Defaults to `False`.
- **sandbox** (*Deprecated*): Whether to use the sandboxed domain for outgoing mail. Since the `domain` item is required, it should be set to the sandbox domain name, so this isn't needed. Defaults to `False`.

View File

@ -72,7 +72,7 @@ The `html5` platform can only function if all of the following requirements are
Assuming you have already added the platform to your configuration:
1. Open Home Assistant in Chrome or Firefox.
2. Assuming you have met all the [requirements](#requirements) above, you should see a new slider for Push Notifications through the sidebar Configuration > General.
2. Assuming you have met all the [requirements](#requirements) above, you should see a new slider for Push Notifications through the profile page Profile > Push notifications.
3. Slide it to the on position.
4. Within a few seconds you should be prompted to allow notifications from Home Assistant.
5. Assuming you accept, that's all there is to it!

View File

@ -14,12 +14,14 @@ ha_iot_class: "Local Push"
---
The `bme680` sensor platform allows you to read temperature, humidity, pressure and gas resistance values of a [Bosch BME680 Environmental sensor](https://cdn-shop.adafruit.com/product-files/3660/BME680.pdf) connected via an [I2C](https://en.wikipedia.org/wiki/I²C) bus (SDA, SCL pins). It allows you to use all the operation modes of the sensor described in its datasheet. In addition, it includes a basic air quality calculation that uses gas resistance and humidity measurements to calculate a percentage based air quality measurement.
The `bme680` sensor platform allows you to read temperature, humidity, pressure and gas resistance values of a [Bosch BME680 Environmental sensor](https://cdn-shop.adafruit.com/product-files/3660/BME680.pdf) connected via an [I2C](https://en.wikipedia.org/wiki/I²C) bus (SDA, SCL pins). It allows you to use all the operation modes of the sensor described in its datasheet. In addition, it includes a basic air quality calculation that uses gas resistance and humidity measurements to calculate a percentage based air quality measurement.
Tested devices:
- [Raspberry Pi](https://www.raspberrypi.org/)
## {% linkable_title Configuration %}
To use your BME680 sensor in your installation, add the following to your `configuration.yaml` file:
```yaml

View File

@ -14,7 +14,9 @@ ha_iot_class: "Local Polling"
---
The `dht` sensor platform allows you to get the current temperature and humidity from a DHT11, DHT22, or AM2302 device.
The `dht` sensor platform allows you to get the current temperature and humidity from a DHT11, DHT22 or AM2302 device.
## {% linkable_title Configuration %}
To use your DHTxx sensor in your installation, add the following to your `configuration.yaml` file:

View File

@ -84,7 +84,7 @@ automation:
entity_id: sensor.phone
action:
- service: notify.notify
data:
data_template:
title: "Phone"
message: >-
{% if is_state("sensor.phone", "idle") %}

View File

@ -13,11 +13,19 @@ ha_iot_class: "Cloud Polling"
ha_release: 0.19
---
Sensor to provide travel time from the [Google Distance Matrix API](https://developers.google.com/maps/documentation/distance-matrix/).
The `google_travel_time` sensor provides travel time from the [Google Distance Matrix API](https://developers.google.com/maps/documentation/distance-matrix/).
## {% linkable_title Setup %}
You need to register for an API key by following the instructions [here](https://github.com/googlemaps/google-maps-services-python#api-keys). You only need to turn on the Distance Matrix API.
A free API Key allows 2500 requests per day. The sensor will update the travel time every 5 minutes.
[Google now require billing](https://mapsplatform.googleblog.com/2018/05/introducing-google-maps-platform.html) to be enabled (and a valid credit card loaded) to access Google Maps APIs. The Distance Matrix API is billed at US$10 per 1000 requests, however a US$200 per month credit is applied (20,000 requests). By default, the sensor will update the travel time every 5 minutes, making approximately 288 calls per day. Note that at this rate, more than 2 sensors will likely exceed the free credit amount. If you need to run more than 2 sensors, consider changing the [scan interval](/docs/configuration/platform_options/#scan-interval) to something longer than 5 minutes to stay within the free credit limit.
A quota can be set against the API to avoid exceeding the free credit amount. Set the 'Elements per day' to a limit of 645 or less. Details on how to configure a quota can be found [here](https://developers.google.com/maps/documentation/distance-matrix/usage-and-billing#set-caps)
## {% linkable_title Configuration %}
To enable the sensor, add the following lines to your `configuration.yaml` file:
```yaml
# Example entry for configuration.yaml
@ -40,9 +48,9 @@ Configuration variables:
- **arrival_time** (*Optional*): See notes above for `departure_time`. `arrival_time` can not be `now`, only a Unix timestamp or time string. You can not provide both `departure_time` and `arrival_time`. If you do provide both, `arrival_time` will be removed from the request.
- **units** (*Optional*): Set the unit for the sensor in metric or imperial, otherwise the default unit the same as the unit set in `unit_system:`.
##### {% linkable_title Dynamic Configuration %}
## {% linkable_title Dynamic Configuration %}
Tracking can be setup to track entities of type device_tracker, zone, and sensor. If an entity is placed in the origin or destination then every 5 minutes when the component updates it will use the latest location of that entity.
Tracking can be setup to track entities of type `device_tracker`, `zone` and `sensor`. If an entity is placed in the origin or destination then every 5 minutes when the platform updates it will use the latest location of that entity.
```yaml
# Example entry for configuration.yaml
@ -67,10 +75,9 @@ sensor:
destination: zone.home
options:
units: imperial # 'metric' for Metric, 'imperial' for Imperial
```
#### {% linkable_title Entity Tracking %}
## {% linkable_title Entity Tracking %}
- **device_tracker**
- If state is a zone then the zone location will be used

View File

@ -14,8 +14,12 @@ logo: noaa.png
The `noaa_tides` sensor platform uses details from [NOAA Tides and Currents](https://tidesandcurrents.noaa.gov/api/) to provide information about the prediction for the tides for any location in the United States.
## {% linkable_title Setup %}
This sensor requires the use of a NOAA station ID. Search [NOAA Tide Predictions](https://tidesandcurrents.noaa.gov/tide_predictions.html) to find a location. Use the ID from the search results in your configuration. Alternatively, you can determine a station ID from a URL. For example, `8721164` in the following URL: `https://tidesandcurrents.noaa.gov/noaatidepredictions.html?id=8721164`
## {% linkable_title Configuration %}
To use this sensor, add the following to your `configuration.yaml` file:
```yaml

View File

@ -80,7 +80,7 @@ sensor:
arg: 'Local Area Connection'
```
If you need to use some other interface, open a command line prompt and type `ipconfig` to list all interface names. For example a wireless connection output from `ifconfig` might look like:
If you need to use some other interface, open a command line prompt and type `ipconfig` to list all interface names. For example a wireless connection output from `ipconfig` might look like:
```bash
Wireless LAN adapter Wireless Network Connection:

View File

@ -8,7 +8,7 @@ comments: false
sharing: true
footer: true
logo: tibber.png
ha_category: Sensor
ha_category: Energy
ha_release: 0.55
ha_iot_class: "Cloud Polling"
---

View File

@ -46,7 +46,21 @@ Configuration variables:
- **origin** (*Required*): Specify the three character long origin station code.
- **destination** (*Required*): Specify the three character long destination station code.
A large amount of information about upcoming departures is available within the attributes of the sensor. The example above creates a sensor with ID `sensor.next_train_to_wat` with the attribute `next_trains` which is a list of the next 25 departing trains. The status of the next departing train is accessed using the [template sensor](/components/sensor.template/) below, as are the train origin, estimated and scheduled departure times, and the departure platform.
A large amount of information about upcoming departures is available within the attributes of the sensor. The example above creates a sensor with ID `sensor.next_train_to_wat` with the attribute `next_trains` which is a list of the next 25 departing trains.
These attributes are available for each departing train:
- `origin_name`
- `destination_name`
- `status`
- `scheduled`: (API attribute is `aimed_departure_time`)
- `estimated`: (API attribute is `expected_departure_time`)
- `platform`
- `operator_name`
Refer to the [API reference webpage](https://developer.transportapi.com/docs?raml=https://transportapi.com/v3/raml/transportapi.raml##request_uk_train_station_station_code_live_json) for definitions.
Attributes can be accessed using the [template sensor](/components/sensor.template/) as per this example:
```yaml
# Example configuration.yaml entry for a template sensor to access the attributes of the next departing train.

View File

@ -24,5 +24,5 @@ Currently supported features are:
- `start`
- `pause`
- `stop`
- `return_to_home`
- `return_to_base`
- `locate`

View File

@ -20,7 +20,7 @@ Currently supported features are:
- `start`
- `pause`
- `stop`
- `return_to_home`
- `return_to_base`
- `locate`
- `clean_spot`
- `set_fan_speed`

View File

@ -0,0 +1,12 @@
---
layout: page
title: "Configuration.yaml by mcaminiti"
description: ""
date: 2018-08-30 09:51 +0700
sidebar: true
comments: false
sharing: true
footer: true
ha_category: Example configuration.yaml
ha_external_link: https://github.com/mcaminiti/homeassistant
---

View File

@ -2,7 +2,7 @@
layout: page
title: "fail2ban"
description: "Setting up fail2ban to read Home Assistant's log files to improve security."
date: 2017-05-24 10:05
date: 2018-08-29 15:30 AEST
sidebar: true
comments: false
sharing: true
@ -10,11 +10,33 @@ footer: true
ha_category: Infrastructure
---
This is a quick guide on how to setup fail2ban for Home Assistant. This was originally in the [forum](https://community.home-assistant.io/t/is-there-a-log-file-for-invalid-logins-blocking-hackers/2892) but I created this here for people.
This is a quick guide on how to set up `fail2ban` for Home Assistant. Contains extracts from [Is there a log file for invalid logins? \(Blocking hackers\)](https://community.home-assistant.io/t/is-there-a-log-file-for-invalid-logins-blocking-hackers/2892).
First install `fail2ban`. On Debian/Ubuntu this would be `apt-get install fail2ban`. On other distros you can google it.
## {% linkable_title Installing fail2ban %}
Then make sure logging is enabled in your `configuration.yaml` file for your Home Assistant instance:
Debian/Ubuntu:
```bash
$ sudo apt-get install fail2ban
```
CentOS/RHEL:
```bash
$ sudo yum install epel-release
$ sudo yum install -y fail2ban
```
Fedora:
```bash
$ sudo dnf install -y fail2ban
```
For other package managers use the appropriate commands.
## {% linkable_title Enable Home Assistant Logging %}
First, enable `http.ban` logging in `configuration.yaml` file for your Home Assistant instance:
```yaml
logger:
@ -23,83 +45,127 @@ logger:
homeassistant.components.http.ban: warning
```
Next we will be creating these three files :
Restart Home Assistant to activate the changes:
- `/etc/fail2ban/fail2ban.local`
- `/etc/fail2ban/filter.d/hass.local`
- `/etc/fail2ban/jail.local`
Contents of `/etc/fail2ban/fail2ban.local`:
```text
[Definition]
logtarget = SYSLOG
```bash
$ sudo systemctl restart home-assistant
```
Contents of `/etc/fail2ban/filter.d/hass.local`:
Tail the Home Assistant log then log out of the Home Assistant web interface and attempt logging in with an incorrect password, look for a line like `Login attempt or request with invalid authentication from xxx.xxx.xxx.xxx`:
```text
```bash
$ tail -f /home/homeassistant/.homeassistant/home-assistant.log | grep WARNING
2018-08-29 14:28:15 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from xxx.xxx.xxx.xxx
```
## {% linkable_title Configure fail2ban %}
Next we will create a filter and jail file for `fail2ban`:
- `/etc/fail2ban/filter.d/ha.conf`
- `/etc/fail2ban/jail.d/ha.conf`
Contents of `/etc/fail2ban/filter.d/ha.conf`:
```ini
[INCLUDES]
before = common.conf
[Definition]
failregex = ^%(__prefix_line)s.*Login attempt or request with invalid authentication from <HOST>.*$
ignoreregex =
```
Contents of `/etc/fail2ban/jail.local` (Note that you'll need to change the `logpath` to match your logfile which will be different from the path listed.):
Contents of `/etc/fail2ban/jail.d/ha.conf`. Note that you'll need to change the `logpath` to match your logfile which will be different from the path listed.:
```text
[hass-iptables]
```ini
[DEFAULT]
# Email config
sender = email@address.com
destemail = email@address.com
# Action "%(action_mwl)s" will ban the IP and send an email notification including whois data and log entries.
action = %(action_mwl)s
[ha]
enabled = true
filter = hass
action = iptables-allports[name=HASS]
filter = ha
logpath = /home/homeassistant/.homeassistant/home-assistant.log
maxretry = 5
# 3600 seconds = 1 hour
bantime = 3600
bantime = 30 # during testing it is useful to have a short ban interval, comment out this line later
# Maximum amount of login attempts before IP is blocked
maxretry = 3
```
Finally restart fail2ban : `sudo systemctl restart fail2ban`
Check your log to make sure it read in your settings : `tail -100 /var/log/syslog|grep fail`
If all is well you should see this from your syslog:
Restart `fail2ban`:
```bash
May 24 20:58:01 homeauto fail2ban.server[14997]: INFO Stopping all jails
May 24 20:58:02 homeauto fail2ban.jail[14997]: INFO Jail 'sshd' stopped
May 24 20:58:02 homeauto fail2ban-client[15206]: Shutdown successful
May 24 20:58:02 homeauto fail2ban.server[14997]: INFO Exiting Fail2ban
May 24 20:58:02 homeauto fail2ban-client[15213]: 2017-05-24 20:58:02,342 fail2ban.server [15215]: INFO Starting Fail2ban v0.9.6
May 24 20:58:02 homeauto fail2ban-client[15213]: 2017-05-24 20:58:02,343 fail2ban.server [15215]: INFO Starting in daemon mode
May 24 20:58:02 homeauto fail2ban.server[15217]: INFO Changed logging target to SYSLOG (/dev/log) for Fail2ban v0.9.6
May 24 20:58:02 homeauto fail2ban.database[15217]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Creating new jail 'sshd'
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Jail 'sshd' uses pyinotify {}
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Initiated 'pyinotify' backend
May 24 20:58:02 homeauto fail2ban.actions[15217]: INFO Set banTime = 600
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set findtime = 600
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set maxRetry = 5
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Added logfile = /var/log/auth.log
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set jail log file encoding to UTF-8
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set maxlines = 10
May 24 20:58:02 homeauto fail2ban.server[15217]: INFO Jail sshd is not a JournalFilter instance
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Creating new jail 'hass-iptables'
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Jail 'hass-iptables' uses pyinotify {}
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Initiated 'pyinotify' backend
May 24 20:58:02 homeauto fail2ban.actions[15217]: INFO Set banTime = 600
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set findtime = 600
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set maxRetry = 5
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Added logfile = /opt/hass-prod-cfg/home-assistant.log
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Set jail log file encoding to UTF-8
May 24 20:58:02 homeauto fail2ban.filter[15217]: INFO Date pattern set to `'^%y-%m-%d %H:%M:%S'`: `^Year2-Month-Day 24hour:Minute:Second`
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Jail 'sshd' started
May 24 20:58:02 homeauto fail2ban.jail[15217]: INFO Jail 'hass-iptables' started
sudo systemctl restart fail2ban
```
That's it!
Confirm `fail2ban` is running:
```bash
sudo systemctl status fail2ban
```
Check that the ha jail is active:
```bash
sudo fail2ban-client status
Status
|- Number of jail: 1
`- Jail list: ha
```
## {% linkable_title Testing fail2ban %}
Tail the fail2ban log file then log out of the Home Assistant web interface and attempt to log in again with an incorrect password.
```bash
sudo tail -f -n 20 /var/log/fail2ban.log
2018-08-29 13:25:37,907 fail2ban.server [10208]: INFO Starting Fail2ban v0.10.3.fix1
2018-08-29 13:25:37,916 fail2ban.database [10208]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2018-08-29 13:25:37,918 fail2ban.jail [10208]: INFO Creating new jail 'ha'
2018-08-29 13:25:37,922 fail2ban.jail [10208]: INFO Jail 'ha' uses poller {}
2018-08-29 13:25:37,922 fail2ban.jail [10208]: INFO Initiated 'polling' backend
2018-08-29 13:25:37,932 fail2ban.filter [10208]: INFO Added logfile: '/home/homeassistant/.homeassistant/home-assistant.log' (pos = 5873, hash = 02ec3aefc005465a6cd8db91eff2d5e57c45757e)
2018-08-29 13:25:37,932 fail2ban.filter [10208]: INFO encoding: UTF-8
2018-08-29 13:25:37,933 fail2ban.filter [10208]: INFO maxRetry: 3
2018-08-29 13:25:37,934 fail2ban.filter [10208]: INFO findtime: 600
2018-08-29 13:25:37,934 fail2ban.actions [10208]: INFO banTime: 30
2018-08-29 13:25:37,938 fail2ban.jail [10208]: INFO Jail 'ha' started
2018-08-29 13:27:49,125 fail2ban.filter [10208]: INFO [ha] Found xxx.xxx.xxx.xxx - 2018-08-29 13:27:48
2018-08-29 13:27:51,330 fail2ban.filter [10208]: INFO [ha] Found xxx.xxx.xxx.xxx - 2018-08-29 13:27:51
2018-08-29 13:27:52,533 fail2ban.filter [10208]: INFO [ha] Found xxx.xxx.xxx.xxx - 2018-08-29 13:27:52
2018-08-29 13:27:52,678 fail2ban.actions [10208]: NOTICE [ha] Ban xxx.xxx.xxx.xxx
2018-08-29 13:28:23,941 fail2ban.actions [10208]: NOTICE [ha] Unban xxx.xxx.xxx.xxx
```
Now that fail2ban is working it can be enabled for startup at boot time, also raise the bantime from 30 seconds to what ever you would like. 8 hours is 28800 seconds.
```bash
$ sudo sed -i 's/bantime = 30/bantime = 28800/g' /etc/fail2ban/jail.d/ha.conf
$ sudo systemctl enable fail2ban
$ sudo systemctl restart fail2ban
```
A final note, if you need to unban an IP it can be done with `fail2ban-client`:
```bash
$ sudo fail2ban-client set JAILNAME unbanip IPADDRESS
```
eg:
```bash
$ sudo fail2ban-client set ha unbanip xxx.xxx.xxx.xxx
```
Fail2ban should now be configured and running, if an IP address is banned you will recieve an email with WHOIS details about the IP address that attempted to connect, if not you will need configure Postfix or another MTA (Mail Transport Agent).
If you want to read more about `fail2ban`, some links are below:
If you want to read more about fail2ban, some links are below:
- [fail2ban Split config](http://www.fail2ban.org/wiki/index.php/FEATURE_Split_config)
- [How To Protect SSH with Fail2Ban on Ubuntu 14.04](https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04)

View File

@ -12,7 +12,7 @@ ha_category: Automation Examples
### {% linkable_title iOS Devices %}
If you have a device running iOS (iPhone, iPad, etc), The [iCloud](/components/device_tracker.icloud/) is gathering various details about your device including the battery level. To display it in the Frontend use a [template sensor](/components/sensor.template/). You can also the `battery` [sensor device class](/components/sensor/#device-class) to dynamically change the icon with the battery level.
If you have a device running iOS (iPhone, iPad, etc), The [iCloud](/components/device_tracker.icloud/) component is gathering various details about your device including the battery level. To display it in the Frontend use a [template sensor](/components/sensor.template/). You can also use the `battery` [sensor device class](/components/sensor/#device-class) to dynamically change the icon with the battery level.
{% raw %}
```yaml

View File

@ -12,7 +12,7 @@ footer: true
Access to Home Assistant is secured by our authentication system. Each member of your household will get their own user account to log in and access Home Assistant.
Home Assistant contains two different user types: the owner user account and normal users. The owner user account is created when you start Home Assitant for the first time. This account has some special privileges compared to the other users of the system:
Home Assistant contains two different user types: the owner user account and normal users. The owner user account is created when you start Home Assistant for the first time. This account has some special privileges compared to the other users of the system:
- Manage users
- Configure integrations and other settings (soon)
@ -37,3 +37,15 @@ Once you're logged in, you can access the profile page by clicking on the badge
As a user, you can setup multi-factor authentication with time-based one-time passwords. This is an extra challenge that you have to solve after you finish your login. You will be able to set up these challenges from the profile page once you're logged in.
<img src='/images/docs/authentication/mfa.png' alt='Screenshot of setting up multi-factor authentication' style='border: 0;box-shadow: none;'>
## {% linkable_title Troubleshooting %}
### {% linkable_title Lost owner password %}
While you should hopefully be storing your passwords in a password manager, if you lose the password associated with the owner account the only way to resolve this is to delete *all* the authentication data. You do this by shutting down Home Assistant and deleting the following files from the `.storage/` folder in your [configuration folder](https://www.home-assistant.io/docs/configuration/):
* `auth`
* `auth_provider.homeassistant`
* `onboarding`
When you start Home Assistant next you'll be required to set up authentication again.

View File

@ -16,9 +16,9 @@ This is an advanced feature. If misconfigured, you will not be able to access Ho
Besides the authentication providers, it's also possible to configure multi-factor authentication modules. These authentication modules will require the user to solve a second challenge besides just logging in. The idea is that you ask the user for something they know, their username/password, and something they have, like a time-based authentication token from their phone.
Multi-factor authentication module can be used mixed-match with authentication providers. After normal authentication provider validation, the login flow will ask user for addional challenge if there are multi-factor authentication modules enabled for this user. If more than one mutli-factor authentication module enabled, user can select one of them during the login.
The multi-factor authentication module can be used mixed-matched with authentication providers. After the normal authentication provider validation, the login flow will ask the user for additional challenge(s) if there are multi-factor authentication modules enabled for this user. If more than one mutli-factor authentication module is enabled, the user can select one of them during the login.
Multi-factor authentication module has to be enabled for user before it can be used in the login process, user can go to profile page enable it by himself.
The multi-factor authentication module has to be enabled for the user before it can be used in the login process. The user can go to the profile page enable it by himself.
## {% linkable_title Configuring mutli-factor authentication modules %}
@ -26,7 +26,7 @@ Multi-factor authentication module has to be enabled for user before it can be u
By configuring your own instead of using the default configuration, you take full responsibility for the authentication of the system.
</p>
Multi-factor authentication modules are configured in your `configuration.yaml` under the `homeassistant:` block:
Multi-factor authentication modules are configured in your `configuration.yaml` file under the `homeassistant:` block:
```yaml
homeassistant:
@ -36,27 +36,26 @@ homeassistant:
## {% linkable_title Available mutli-factor authentication modules %}
Below is a list of currently available auth providers.
Below is a list of the currently available auth providers.
### {% linkable_title Time-based One-Time Password mutli-factor authentication module %}
[Time-based One-Time Password](https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm) is widely adopted in modern authencation system, it combines a secret key with the current timestamp using a cryptographic hash function to generate a one-time password. Whoever possessed the secret key will get same one-time password in certain time period. By verifying that password, Home Assistant knows the user have the right secrt key.
When try to set up TOTP module, a QR code will show up, user can scan it by an authenticator app, or set it up manauly using the code showed in UI. After setup, user need to input a six digit number generate in the autendicator app to verify the setup is good. If the verificaiton keep falling, you need to check whether the clock on Home Asistant is accurate.
When trying to set up TOTP module, a QR code will show up. The user can scan it by an authenticator app, or set it up manually using the code showed in the UI. After setup, the user needs to input a six digit number generated in the autendicator app to verify the setup is good. If the verification keeps failing, you need to check whether the clock on Home Assistant is accurate.
There are several authenctior apps on the market, we recommend either [Google Authenticator](https://support.google.com/accounts/answer/1066447) or [Authy](https://authy.com/)
There are several authenticator apps on the market, we recommend either [Google Authenticator](https://support.google.com/accounts/answer/1066447) or [Authy](https://authy.com/).
<p class='note warning'>
Please treat the secret key like a password, never exposure it to others.
Please treat the secret key like a password, never expose it to others.
</p>
By default, one TOTP multi-factor named "Authenticator app" will be auto loaded if no `auth_mfa_modules` configuration section defined in the `configuration.yaml` file.
By default one TOTP multi-factor named "Authenticator app" will be auto loaded if no `auth_mfa_modules` config section defined in `configuration.yaml`.
Example of configuration
Example of configuration:
```yaml
homeassistant:
auth_mfa_modules:
- type: totp
```
```

View File

@ -36,20 +36,4 @@ Configuration variables:
- **customize** (*Optional*): [Customize](/docs/configuration/customizing-devices/) entities.
- **customize_domain** (*Optional*): [Customize](/docs/configuration/customizing-devices/) all entities in a domain.
- **customize_glob** (*Optional*): [Customize](/docs/configuration/customizing-devices/) entities matching a pattern.
- **whitelist_external_dirs** (*Optional*): List of folders that can be used as sources for sending files.
### {% linkable_title Password protecting the web interface %}
First, you'll want to add a password for the Home Assistant web interface. Use your favorite text editor to open `configuration.yaml` and edit the `http` section:
```yaml
http:
api_password: YOUR_PASSWORD
```
<p class='note warning'>
If you decide to expose your Home Assistant instance to the internet and forget to set a password, your installation could be accessed by everybody.
</p>
See the [HTTP component documentation](/components/http/) for more options, such as the use of HTTPS encryption.
- **whitelist_external_dirs** (*Optional*): List of folders that can be used as sources for sending files.

View File

@ -40,17 +40,29 @@ aspect_ratio:
description: "The map's height:width ratio."
type: string
default: "100%"
default_zoom:
required: false
description: The default zoom level of the map.
type: integer
default: 14 (or whatever zoom level is required to fit all visible markers)
{% endconfiguration %}
<p class='note'>
Only entities that have latitude and longitude attributes will be displayed on the map.
</p>
<p class="note">
The `default_zoom` value will be ignored if it is set higher than the current zoom level
after fitting all visible entity markers in the map window. In other words, this can only
be used to zoom the map _out_ by default.
</p>
## {% linkable_title Examples %}
```yaml
- type: map
aspect_ratio: 100%
default_zoom: 8
entities:
- device_tracker.demo_paulus
- zone.home

View File

@ -23,7 +23,7 @@ Once logged in, you will have access to the following new features:
- Configure multifactor authentication (TOTP)
- Manage other users (limited to account created during onboarding)
Although it's possible to configure authentication, we stronlgy recommend to stick with the default authentication configuration. If you had auth providers configured in a previous Home Assistant release, we recommend to remove the configuration and start using the default.
Although it's possible to configure authentication, we strongly recommend to stick with the default authentication configuration. If you had auth providers configured in a previous Home Assistant release, we recommend to remove the configuration and start using the default.
It will take some time before all of the Home Assistant ecosystem has been migrated over to the new auth system. Home Assistant will print a warning whenever an application connects to Home Assistant with the legacy authentication. This will help users notify the application developers to transition to use the new [OAuth2](https://developers.home-assistant.io/docs/en/auth_api.html) authentication. For non-interactive scripts or other applications that are unable to update, we are planning to introduce a migration path for components to adopt url specific auth tokens and also introduce long lived access tokens to replace API passwords. A list of impacted components can be found [here](https://github.com/home-assistant/home-assistant/issues/15376#issuecomment-415890552).
@ -48,6 +48,39 @@ You didn't think we would forget about Lovelace, did you? This release include a
- Add support for NOAA tide information (new PR) ([@jcconnell] - [#15947]) ([sensor.noaa_tides docs]) (new-platform)
- Hangouts ([@hobbypunk90] - [#16049]) ([hangouts docs]) ([notify docs]) (new-platform)
## {% linkable_title Release 0.77.1 - August 29 %}
- Fix trusted networks login error ([@awarecan])
- Fix data_key override by parent class ([@syssi] - [#16278]) ([binary_sensor.xiaomi_aqara docs])
- Fix error when vacuum is idling ([@cnrd] - [#16282]) ([vacuum.xiaomi_miio docs])
[#16278]: https://github.com/home-assistant/home-assistant/pull/16278
[#16282]: https://github.com/home-assistant/home-assistant/pull/16282
[@cnrd]: https://github.com/cnrd
[@syssi]: https://github.com/syssi
[binary_sensor.xiaomi_aqara docs]: /components/binary_sensor.xiaomi_aqara/
[vacuum.xiaomi_miio docs]: /components/vacuum.xiaomi_miio/
## {% linkable_title Release 0.77.2 - August 31 %}
- Correct wemo static device discovery issue. ([@lamiskin] - [#16292]) ([wemo docs])
- Fix LIFX effects ([@amelchio] - [#16309]) ([light.lifx docs])
- avoid error in debug log mode and rss entry without title ([@exxamalte] - [#16316]) ([feedreader docs])
- Fix charts for climate devices ([@jeradM])
- Fix header in Lovelace Glance cards ([@balloob])
- Fix Profile page on Safari ([@balloob])
- Fix redirect to login page on offline server ([@balloob])
[#16292]: https://github.com/home-assistant/home-assistant/pull/16292
[#16309]: https://github.com/home-assistant/home-assistant/pull/16309
[#16316]: https://github.com/home-assistant/home-assistant/pull/16316
[@amelchio]: https://github.com/amelchio
[@exxamalte]: https://github.com/exxamalte
[@lamiskin]: https://github.com/lamiskin
[feedreader docs]: /components/feedreader/
[light.lifx docs]: /components/light.lifx/
[wemo docs]: /components/wemo/
## {% linkable_title If you need help... %}
...don't hesitate to use our very active [forums](https://community.home-assistant.io/) or join us for a little [chat](https://discord.gg/c5DvZ4e). The release notes have comments enabled but it's preferred if you use the former communication channels. Thanks.

View File

@ -89,3 +89,7 @@ GLOBAL OPTIONS:
--help, -h show help
--version, -v print the version
```
## {% linkable_title Console access %}
You can also access HassOS via a directly connected keyboard and monitor, the console. To log in to the physical console the username is `root`, with no password.

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.5 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

View File

@ -2,12 +2,14 @@
layout: page
title: "Lovelace Changelog"
description: "Changelog of the Lovelace UI."
date: 2018-07-01 10:28 +00:00
date: 2018-08-31 13:06 +02:00
sidebar: true
comments: false
sharing: true
footer: true
---
## {% linkable_title Changes in 0.77.0 %}
- 📣 New notification drawer ❤️
## {% linkable_title Changes in 0.75.0 %}