From f81e68af8106aac67c9c483219cc2290ed880e3b Mon Sep 17 00:00:00 2001 From: Benjamin Durham <33912370+Bencey@users.noreply.github.com> Date: Mon, 4 Jan 2021 16:45:09 +1300 Subject: [PATCH] Fixed broken Directory + Oauth (#125) --- manuscript/recipes/homeassistant.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/manuscript/recipes/homeassistant.md b/manuscript/recipes/homeassistant.md index aeff847..d52f4cc 100644 --- a/manuscript/recipes/homeassistant.md +++ b/manuscript/recipes/homeassistant.md @@ -36,6 +36,9 @@ mkdir /var/data/runtime/homeassistant/influxdb Create /var/data/config/homeassistant/grafana.env, and populate with the following - this is to enable grafana to work with oauth2_proxy without requiring an additional level of authentication: ``` GF_AUTH_BASIC_ENABLED=false +OAUTH2_PROXY_CLIENT_ID= +OAUTH2_PROXY_CLIENT_SECRET= +OAUTH2_PROXY_COOKIE_SECRET= ``` ### Setup Docker Swarm @@ -55,7 +58,7 @@ services: networks: - internal volumes: - - /var/data/homeassistant/influxdb:/var/lib/influxdb + - /var/data/runtime/homeassistant/influxdb:/var/lib/influxdb - /etc/localtime:/etc/localtime:ro homeassistant: @@ -130,4 +133,4 @@ Log into your new instance at https://**YOUR-FQDN**, the password you created in ## Chef's Notes 📓 -1. I **tried** to protect Home Assistant using [oauth2_proxy](/reference/oauth_proxy), but HA is incompatible with the websockets implementation used by Home Assistant. Until this can be fixed, I suggest that geeks set frontend: api_key to a long and complex string, and rely on this to prevent malevolent internet miscreants from turning their lights on at 2am! \ No newline at end of file +1. I **tried** to protect Home Assistant using [oauth2_proxy](/reference/oauth_proxy), but HA is incompatible with the websockets implementation used by Home Assistant. Until this can be fixed, I suggest that geeks set frontend: api_key to a long and complex string, and rely on this to prevent malevolent internet miscreants from turning their lights on at 2am!