Skip to content

iandday/haConfig

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.storage
.storage
 
 
apps
apps
 
 
custom_components
custom_components
 
 
.august.conf.vault
.august.conf.vault
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
.ios.conf.vault
.ios.conf.vault
 
 
README.md
README.md
 
 
appdaemon.yaml
appdaemon.yaml
 
 
automations.yaml
automations.yaml
 
 
binary_sensor.yaml
binary_sensor.yaml
 
 
configuration.yaml
configuration.yaml
 
 
customize.yaml
customize.yaml
 
 
ecobee.conf.vault
ecobee.conf.vault
 
 
emulated_hue_ids.json
emulated_hue_ids.json
 
 
groups.yaml
groups.yaml
 
 
input_boolean.yaml
input_boolean.yaml
 
 
input_select.yaml
input_select.yaml
 
 
lutron_caseta_pro_10.168.1.26.json
lutron_caseta_pro_10.168.1.26.json
 
 
media.yaml
media.yaml
 
 
phue.conf.vault
phue.conf.vault
 
 
pre-commit.sh
pre-commit.sh
 
 
scripts.yaml
scripts.yaml
 
 
secrets.yaml.vault
secrets.yaml.vault
 
 
sensors.yaml
sensors.yaml
 
 
switches.yaml
switches.yaml
 
 
themes.yaml
themes.yaml
 
 
timer.yaml
timer.yaml
 
 
zwcfg_0xefcf5b2b.xml
zwcfg_0xefcf5b2b.xml
 
 
zwscene.xml
zwscene.xml
 
 

Repository files navigation

Home Assistant Configuration

Home Assistant configuration files

Secure Credential Storage

Files containing credentials used in Home Assistant can be securely versioned in GitHub alongside the rest of your configuration files through the use of a pre-commit hook script. The script utilizes Ansible-Vault to add a current encrypted version of sensitive files to every commit to ensure all configuration files are versioned. Ansible must be installed on the system running Home Assistant and is available via PIP.

The script will add encrypted versions of the following sensitive files to each commit you make. Instructions are in the script's header to add additional files.

  • secrets.yaml
  • phue.conf
  • known_devices.yaml
  • options.xml
  • ecobee.conf
  • .vaultCredential
  • .august.conf
  • .ios.conf
  • .storage/onboarding
  • .storage/core.entity_registry
  • .storage/core.device_registry
  • .storage/core.config_entries
  • .storage/auth_provider.homeassistant
  • .storage/auth

Once Ansible is installed perform the following steps to safely store credentials alongside the rest of your configuration files.

  1. Add the following entries to your .gitignore file

    • secrets.yaml
    • phue.conf
    • known_devices.yaml
    • options.xml
    • ecobee.conf
    • .vaultCredential
    • .august.conf
    • .ios.conf
    • .storage/onboarding
    • .storage/core.entity_registry
    • .storage/core.device_registry
    • .storage/core.config_entries
    • .storage/auth_provider.homeassistant
    • .storage/auth

  2. Copy the file pre-commit.sh to the root directory of your configuration repository and set it as executable.

  3. Create the file .vaultCredential in the root directory of your configuration repository. There should only be one line in the file containing the password used to encrypt your sensitive files. Make sure to apply appropriate permissions to this file (0600) or stricter.

  4. Enable the pre-commit git hook with the following command from the root of your configuration directory:

    • ln -s ../../pre-commit.sh .git/hooks/pre-commit

Customizations

About

Configuration files for Home Assistant

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages