When we work with Home Assistant files, we tend to introduce private keys and data that in the wrong hands can become a very dangerous and serious problem.
Disponible en español aquí.
If you are also like me, that I have public all my configuration, or assiduously you send pieces to other people to help them or to show them part of that configuration, you will have seen yourself erasing your private information before all; with the worry of forgetting to erase some important data.
Home Assistant offers as a solution a special file called
secrets.yaml which is in the root of our configuration (in the same folder as
configuration.yaml). If it is not created, just create a new file with this name.
This file has a very simple structure. It’s a keys dictionary that will then be used in other configuration files. In this way, we will have all the keys organized and centralized in a single file.
In the other files it will be enough to use the variable just created by using
I’m going to give a simple but quite clear example using one of the configurations seen in a previous article.
configuration.yaml has the following code:
weather: - platform: openweathermap name: home api_key: 123456789
You can see that the
api_key node has a private key that no other person should see. Let’s hide it.
secrets.yaml file, we include the next node:
To use it, just change the
configuration.yaml node as follows:
weather: - platform: openweathermap name: home api_key: !secret weather_openweathermap_api_key
Something as simple and effective as this change can be applied to any key or data we want to protect.
With the use of
secrets.yaml we will no longer be afraid to share our configuration, and a previous revision will not be necessary, because all our keys and private data will be located in the
secrets.yaml file. File that I recommend not to share with any other person.
This and other articles complement the documentation of the GitHub repository where all the configuration of my house is available.