danielperna84 / hass-configurator Goto Github PK

Somehow present the user some way of executing custom (commandline) commands.

Hello,

would it be possible to prevent the save-dialog by an option in the config file, because it can be a bit annoying if you work a lot with the configurator :)

Regards, Thomas

getting this when running configurator. Any idea?

pi@raspberrypi:/home/homeassistant/.homeassistant $ sudo ./configurator.py
./configurator.py: 1: ./configurator.py: import: not found
./configurator.py: 2: ./configurator.py: import: not found
./configurator.py: 3: ./configurator.py: import: not found
./configurator.py: 4: ./configurator.py: import: not found
./configurator.py: 5: ./configurator.py: import: not found
./configurator.py: 6: ./configurator.py: import: not found
./configurator.py: 7: ./configurator.py: import: not found
./configurator.py: 8: ./configurator.py: import: not found
./configurator.py: 9: ./configurator.py: import: not found
./configurator.py: 10: ./configurator.py: import: not found
./configurator.py: 11: ./configurator.py: import: not found
./configurator.py: 12: ./configurator.py: import: not found
from: can't read /var/mail/string
from: can't read /var/mail/http.server
./configurator.py: 15: ./configurator.py: import: not found
from: can't read /var/mail/urllib.parse
./configurator.py: 19: ./configurator.py: LISTENIP: not found
./configurator.py: 20: ./configurator.py: LISTENPORT: not found
./configurator.py: 22: ./configurator.py: BASEPATH: not found
./configurator.py: 24: ./configurator.py: SSL_CERTIFICATE: not found
./configurator.py: 25: ./configurator.py: SSL_KEY: not found
./configurator.py: 27: ./configurator.py: HASS_API: not found
./configurator.py: 29: ./configurator.py: HASS_API_PASSWORD: not found
./configurator.py: 31: ./configurator.py: CREDENTIALS: not found
./configurator.py: 34: ./configurator.py: ALLOWED_NETWORKS: not found
./configurator.py: 36: ./configurator.py: BANNED_IPS: not found
./configurator.py: 38: ./configurator.py: BANLIMIT: not found
./configurator.py: 40: ./configurator.py: GIT: not found
./configurator.py: 43: ./configurator.py: LOGLEVEL: not found
./configurator.py: 44: ./configurator.py: Syntax error: "(" unexpected

git dropdown only pops up in mobile view in 0.1.3.

Would it be useful to implement a method to lock the user into the basepath? This would be a plus for security, and probably not all that hard to implement.

Implementation wise it would be as simple as checking the user-requested dir for attack vectors (like ..) and prepending the basepath to it in the backend at all times. Most other web based file managers use this approach.

Though the attack surface through the home-assistant configuration files remains huge, this would make hass-configurator useful as a general purpose configuration manager.

The searchbox is rather ugly in its current state. We can modify it's look by messing with the following CSS classes:

• ace_search
• ace_search_form
• ace_search_field
• ace_replace_form
• ace_search_options
• ace_searchbtn_close
• ace_searchbtn
• prev
• next
• ace_replacebtn
• ace_button

Overflowing long filenames in file browser. How should we handle that? Ellipsis at the and possible hides fileextension, which is valuable information.

I ran configurator manually and it had .homeassistant/ as the root dir. but when I added the systemd script and started it the root dir is / . How can I get the default root back to .homeassistant?

When typing something into the Delay value box when trying to create an automation and removing everything from the value box the whole action turns into this error:

Unsupported action:
{}

After this I'm forced to remove the Action and recreate a new one.

This is really a problem coming from the ace editor. The dots used to fill the spaces makes it difficult to see the all-important - in the yaml config files. The lines that start with a " - " can easily be missed that they have or are missing it.
For now I just disabled "show invisibles".

Would be nice to be able to edit multiple files. Tabs could be used for that.

As long as we don't have support for multiple tabs it would make sense to display the current file in the title bar of the browser. That way we can use the browser tabs as a workaround for diretly implemented tabs.
While we're at it, opening files in new browser-tabs directly may be useful too.

hi,

when a try to open my configuration file i get this error:

'ascii' codec can't decode byte 0xc2 in position 2231: ordinal not in range(128)

thanks

I would like to use the Configurator to push changes to my GitHub repo. However, I am not sure how to set the public key in it. Are there directions on how to set this up somewhere.

I've setup the HASS Configurator and have it working on my LAN with it's IP. But I add the panel_iframe for it using the LAN IP, I can't access it if I'm accessing HA via the WAN domain.

I was trying to think through the security settings and how it needs to be set up to be safe. Currently, I have a domain and run letsencrypt reverse proxy to provide SSL certs at home.domain.com. This means I don't have HA config setup with SSL certs as letsencrypt handles them.

Do I need to create another subdomain and target in letsencrypt pointing to the configurator port?

Using latest hassbian with configurator. Liking it.
Configurator loads automatically with systemd.

I defined the hass configuration folder in git manually. Using sudo git commands (as pi user has no write access there). All works if I add/commit/push from the command line. I do need to specify password for repository if I am pushing.
Now if I issue a "git commit" from the configurator interface then I get a permission error on COMMIT_EDITMSG.

[Errno 13] Permission denied: '/home/homeassistant/.homeassistant/.git/COMMIT_EDITMSG'
/home/homeassistant/.homeassistant

If I issue a "git add" on some file I will get a permission error on some other file.

Am I doing anything wrong? Is there a bug or a way to fix this?

As posted here: home-assistant/addons#351

INFO:2018-08-06 16:36:57,021:main:Starting server
Traceback (most recent call last):
File "/configurator.py", line 4841, in
main(sys.argv[1:])
File "/configurator.py", line 4831, in main
server_side=True)
File "/usr/local/lib/python3.6/ssl.py", line 1149, in wrap_socket
ciphers=ciphers)
File "/usr/local/lib/python3.6/ssl.py", line 747, in init
self._context.load_cert_chain(certfile, keyfile)
FileNotFoundError: [Errno 2] No such file or directory

hello I have this issue on Hass.io:
starting version 3.2.2
INFO:2017-07-29 16:13:06,003:main:Starting server
Traceback (most recent call last):
File "/configurator.py", line 3494, in
main(sys.argv[1:])
File "/configurator.py", line 3484, in main
server_side=True)
File "/usr/lib/python3.6/ssl.py", line 1142, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python3.6/ssl.py", line 741, in init
self._context.load_cert_chain(certfile, keyfile)
FileNotFoundError: [Errno 2] No such file or directory
pls help
[I found no other way to conntact you]

As in title, installed add on in Hassio and was working as intended. Next installed letsencrypt and can no longer access configurator via https. Tried uninstalling and reinstalling to no avail. Any help would be appreciated.

As reported here and also already noticed by myself and others, closing the filebrowser requires some clicking around until it finally reveals the editor. This is caused by the swiping function that's very useful for mobile devices. On desktops though this results in a huge area where clicking has no effect.

To visualize this you can open the JavaScript console and execute the command:

$('.drag-target').css("border-left", "1px solid #f00")

Only clicks to the left of that line hide the filebrowser because that swiping-div blocks the clicks.

I don't know how that should be fixed. If anybody knows what to do a PR to fix this issue would be very appreciated.

@jmart518 since you're our UI guy, could you have a look at it?

I made no changes to my hass.io install and everything was working perfectly. I came back one day to make some changes, but when I click the configurator option there are no yaml files listed anymore. Any ideas how to fix this?

I was just wondering why my uBlock Origin is blocking hundrets of requests on my local HASS instance, some of those requests targeting google analytics and carbonads.

Turns out the HASS configurator loads a bunch of iframes with content from the hass website and others, which are creating those requests when the configurator is loaded.

Those iframes should only be loaded when they are actually used, not unconditionally on page load.

I added "ñ" character in a group name, then I save the changes. The "ñ" looks fine in HASS but when I re-opened the file it shows this message:

'ascii' codec can't decode byte 0xc3 in position 282: ordinal not in range(128)

I'm using my HA via custom domain https://ha.domain.com with the LetsEncrypt addon installed.

Now I tried to include the configurator within my HA dashboard, I used the panel_iframe.
The issue now is, that because I connect via SSL and the configurator is loaded http, I get an error.

To fix this, I also created a port forwarding with 3218 to the configurator. But everytime I try to access the configurator via https://ha.domain.com:3218 I get an empty response.

1. How can I add my domain to the whitelist, since it's not a IP, but a domain?
2. How can I enable the ssl with LetsEncrypt addon?
   Like this?

  "certfile": "/ssl/fullchain.pem",
  "keyfile": "/ssl/privkey.pem",
  "ssl": true,

Thank you!

I have HASS installed in the docker container running on a Synology NAS. The container has python 3.6 and runs homeassistant fine, but I get errors when trying to run the configurator script:

After that, I looked up my python path and tried changing the script to match but that also didn't work.

Any help is appreciated.

Too often a small typo can cause a whole lot of grief, wouldn't a built-in YAML linter be a great addition to help especially newbies but also veterans with clumsy fingers?

Text and icons are all mint/green colored.

When specifying SESAME but not SESAME_TOTP_SECRET we get this error:

File "/configurator.py", line 3671, in do_GET
    if chunk == SESAME or TOTP.verify(chunk):
AttributeError: 'NoneType' object has no attribute 'verify'

The latest CDN version of jQuery version 2 is 2.2.4, while we are on 2.1.1. Do we want to switch to jQuery 3? Compatibility with materialize and the Ace Editor would need to be tested though.
The safe route would be to just update jQuery with:
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>

Regarding the Ace Editor we are on version 1.2.6, the latest CDN version is 1.2.8. This should be updated.

@jmart518 do you want to take care of this while you're at it? :)

I understand wanting to use a single file, it's a very easy way to spread it around. However the main file keeps growing larger, and is becoming cumbersome to edit. In the past I've used scripts that would stitch everything together for these types of one-file projects. So what do you think about splitting the configurator.py like a regular project and adding a compile script to be run during pre-commit, or at release time, that assembles configurator.py? This way dev.html would also be simpler to maintain.

I'm trying to use the GIT functionality in the configurator of Hass.io. But when I try to push my changes:

• Execute shell command
• git push -u origin master

It won't prompt for my github password and fails with the error:

fatal: could not read Password for 'https://[email protected]': No such device or address

In pylintrc there are a lot of tests which are disabled to, for now, get a passing build. Over time the code should be improved to not require this workaround.

keeps spewing this out

2017-10-31 12:34:08 ERROR (MainThread) [homeassistant.helpers.entity] Update for light.tiffany_table fails
Traceback (most recent call last):
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/helpers/entity.py", line 204, in async_update_ha_state
yield from self.async_device_update()
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/helpers/entity.py", line 309, in async_device_update
yield from self.hass.async_add_job(self.update)
File "/usr/lib/python3.4/asyncio/futures.py", line 388, in iter
yield self # This tells Task to wait for completion.
File "/usr/lib/python3.4/asyncio/tasks.py", line 286, in _wakeup
value = future.result()
File "/usr/lib/python3.4/asyncio/futures.py", line 277, in result
raise self._exception
File "/usr/lib/python3.4/concurrent/futures/thread.py", line 54, in run
result = self.fn(*self.args, **self.kwargs)
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/components/light/hue.py", line 467, in update
self.update_lights(no_throttle=True)
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/util/init.py", line 306, in wrapper
result = method(*args, **kwargs)
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/util/init.py", line 306, in wrapper
result = method(*args, **kwargs)
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/components/light/hue.py", line 239, in update_lights
lights[light_id].schedule_update_ha_state()
File "/srv/homeassistant/lib/python3.4/site-packages/homeassistant/helpers/entity.py", line 278, in schedule_update_ha_state
self.hass.add_job(self.async_update_ha_state(force_refresh))
AttributeError: 'NoneType' object has no attribute 'add_job'

I'm not that knowledgeable when it comes to HTML/JS, but as the subject says: Why depend on non-local resources? Wouldn't it be better to include these in the addon?

Sorry if this is a stupid question, but even https://home-assistant.io/hassio/ say "100% local home automation". I realize this is an addon though so that might not apply.

Regardless, thanks for a great addon.

Hi, first of all thanks for this absolutely awesome add-on!

I myself am developing another add-on for HassIO (an esphomeyaml HassIO add-on). The add-on will require users to edit YAML configuration files too, like with Home Assistant. These YAML configuration files (stored under /config/esphomeyaml/... and therefore already accessible by Hass Configurator) are compiled into binaries and uploaded to a device and it's all controlled from a simple web interface.

Because navigating to this path (for example /config/esphomeyaml/livingroom.yaml) is not a perfect UX, ideally I think it would be great if I could create a cross-link to Hass Configurator like http://hassio.local:3218/config/esphomeyaml/livingroom.yaml :)

Please excuse me if this already possible, I wasn't able to find such a feature using the limited search I just did of this repo.

Hello,

it is stuck with "loading..." on the left side - Any hints how I can get it working? Thanks, Thomas

On Android 7.7.1 Nexus 6P I'm unable to highlight/select specific text to copy, cut, or paste. When attempting to select text, it shows the two pull tabs that normally allow adjusting of the selected text. This doesn't work. When trying to adjust the selection, it will either select none or everything making it impossible to copy/cut text. Paste does work.

I've tried all sorts of this to get this to work behind nginx. Any hints at the correct proxy config? The UI comes up but there is not content on the WAN connection, however, accessing through the LAN IP presents a fully working configurator.

location / {
proxy_pass http://192.168.1.100:3218/;
proxy_set_header Host $host;

proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}

Currently changes are lost when switching files and not saving the changes.

Hi!

I am experiencing a strange problem when trying to access the server on my RPi3 when i am behind a proxy using self signed SSL.

Trying to access through Chrome does not work, since it times out after 30 seconds. On the other hand, if i try it in Internet Explorer, it loads for a really long time usually around 300 seconds and then i am prompted for the password.

The same applies when trying to switch the file to edit, here you can see an example from IEs developer tools under the Network Tab. First getting a file then saving it, both over 300 sec

So somehow it works, it just takes a really long time. If i disable SSL i am being prompted instantly for the username and password, but obviously its not a good idea to log in unencrypted.

Any idea what could be the cause of this?

Commands which would be nice to have in the toolbar:

• New file (backend modification needed) (covered)
• Close file (covered)
• Delete file (backend modification needed) (covered)
• editor.execCommand("find") (we'll just stick to replace)
• editor.execCommand("replace") (covered)
• editor.execCommand("undo") (covered)
• editor.execCommand("redo") (covered)
• editor.execCommand("indent") (covered)
• editor.execCommand("outdent") (covered)
• editor.getSession().foldAll() --> toggle_fold()
• editor.getSession().unfold() --> toggle_fold()

Some possible security improvements (I'll just write them down here so I don't forget about them):

• Allow using TOTP in credentials and sesame (using pyotp)
• Warn about or maybe even enforce secure credentials / sesame (minimum length, alphanumeric etc.)
• Also warn when HASS API password is insecure (we could use a persistent notification in HASS for that actually)
• Add some sort of permanent banning that even the sesame can't bypass
• Allow specifiying the credentials-password as a hash optionally with a prefix (like {MD5}abc123...)
• How about SSL client certificate authentication? (either standalone or additionally to the other stuff)
• Pass credentials / hass API password via environment variable, other settings as well maybe

This is a great tool, but lacks support for reverse proxies to serve it at an arbitrary url for remote access.

When clicking outside the old settings menu, the main content stays faded until another click is done.

What I am planning to include in the next version: switching the entity-dropdown to the Autocomplete form element materialize provides. When the list of entities gets to big probably no one scrolls through it. At least I don't. Having a live search, similar to the one in the dev-panel of HASS, would make this far more useful (if you know what you are looking for). Maybe though this should be additionally to the dropdown. I'll see how it looks and feels.

Hello,

if the solution is trying to get the bootstrap information I get:

192.168.178.102 - - [29/Jan/2017 22:04:36] "GET / HTTP/1.1" 200 -
HTTP Error 403: Forbidden
<urlopen error [Errno -2] Name or service not known>
192.168.178.102 - - [29/Jan/2017 22:04:36] "GET /api/files HTTP/1.1" 200 -
192.168.178.102 - - [29/Jan/2017 22:04:37] "GET /favicon.ico HTTP/1.1" 200 -
HTTP Error 403: Forbidden
<urlopen error [Errno -2] Name or service not known>
192.168.178.102 - - [29/Jan/2017 22:05:13] "GET / HTTP/1.1" 200 -
HTTP Error 403: Forbidden
<urlopen error [Errno -2] Name or service not known>
192.168.178.102 - - [29/Jan/2017 22:05:13] "GET /api/files HTTP/1.1" 200 -
192.168.178.102 - - [29/Jan/2017 22:05:13] "GET /favicon.ico HTTP/1.1" 200 -
HTTP Error 403: Forbidden
<urlopen error [Errno -2] Name or service not known>

But the API itself is working, because I can restart the HASS service i.e.

I also tried to harcode it here without any success:

        boot = "{}"
        try:
            response = urllib.request.urlopen("https://192.168.178.200:443/api/bootstrap")
            boot = response.read().decode('utf-8')
        except Exception as err:
            print(err)

Text of nodes in filebrowser is not vertically centered

I have noticed, that either materialize or the material design icons contact some ad-related stuff in the background, which doesn't work when a JavaScript blocker and / or Ghostery is active.

It might prove useful to integrate Git-functionality. Some random thoughts:

• git init in current folder
• Some sort of git add mechanism
• git commit
• git checkout [-b] "feature"
• List available branches
• git push
• git stash
• Show diffs