No thats there, both in the web address and in base url in config.yami
Iâm assuming that I wouldnât be able to get to the password page if the port forwarding was an issue?
Found the issue, it was my port forwarding, my Pi had changed ip address somehow? Thanks for your help.
{
"username": "XXXXX",
"password": "XXXXX",
"ssl": true,
"certfile": "/ssl/fullchain.pem",
"keyfile": "/ssl/privkey.pem",
"allowed_networks": [
"192.168.0.0/16",
"172.30.0.0/16"
],
"banned_ips": [
"8.8.8.8"
],
"banlimit": 0,
"ignore_pattern": [
"__pycache__"
],
"dirsfirst": false,
"enforce_basepath": false,
"notify_service": "persistent_notification.create"
}
Mine doesnt work either?
did you update home assistant to 0.75.1
Having a similar issue with Hass.io 0.75.1 and Configurator 1.0. Also tried reverting back to 74.0 using snapshot restore, same error.
Traceback (most recent call last):
File "/configurator.py", line 4841, in <module>
main(sys.argv[1:])
File "/configurator.py", line 4776, in main
load_settings(None)
File "/configurator.py", line 3510, in load_settings
if PASSWORD and PASSWORD.startswith("{sha256}"):
AttributeError: 'int' object has no attribute 'startswith'I added the SSL path, the app starts up but the page is blank
Message from Chrome:
This page isnât working
192.168.0.X didnât send any data.
ERR_EMPTY_RESPONSE
LOGS
INFO:2018-08-05 19:36:04,399:main:Starting server
INFO:2018-08-05 19:36:04,403:main:Listening on: https://0.0.0.0:3218
Could it be, that your password is entirely made up of numeric characters? The new way the options are parsed tries some conversions, and in case of a value that is made of numbers it converts it to an integer. And integers donât have the startswith method that regular strings (what passwords usually are) have. If I am correct, you probably have a warning in the configurators log about an insecure password. And you should also have a persistent notification in the Home Assistant UI notifying you about the insecure password. Even though users might not like it, the configurator nor proactively tries to increase security for users by performing basic checks with the passwords that are provided in plaintext. I chose to do so because all of the I have been hacked threads that recently showed up here in the forum.
How does it not work? How does the output of the configurators log look like?
@Prathik_Gopal
Are you using something like a reverse proxy in front of the configurator? The empty-response error usually is a result of using http:// where https:// should be used. But I assume you have already verified that this is not the problem.
I have the same issue @Prathik_Gopal has, I have SSL set as false and the addon is not behind any proxy that I in my limited knowledge know about. I get ERR_EMPTY_RESPONSE after login to http://myhaxio.duckdns.org:3218 or http://192.168.x.x:3218
Wow, good catch! Thanks! This is really odd as I restored from prior nightâs snapshot and the issue remained. I changed the password to an alpha/numeric one and it worked!
1 Like
Could you please click the button to refresh the logs of the configurator once you have tried to access it? The incoming request should be logged there. Maybe it gives us a hint what the problem is.
After fiddling around with allowed_networks format I finally got it working by allowing connections only from my PCâs and routerâs LAN IPs
INFO:2018-08-05 17:34:05,126:main:Starting server
Traceback (most recent call last):
File â/configurator.pyâ, line 4841, in
main(sys.argv[1:])
File â/configurator.pyâ, line 4831, in main
server_side=True)
File â/usr/local/lib/python3.6/ssl.pyâ, line 1149, in wrap_socket
ciphers=ciphers)
File â/usr/local/lib/python3.6/ssl.pyâ, line 747, in init
self._context.load_cert_chain(certfile, keyfile)
FileNotFoundError: [Errno 2] No such file or directory
here is my log, also changed to Alpha numeric. Nothing seems to work. Sugggestions?
well Iâm no expert @Chris8837 but thats the same error somone had before you and @danielperna84 suggested adding /ssl/ to the cert and key files params like this
"certfile": "/ssl/fullchain.pem",
"keyfile": "/ssl/privkey.pem",
but maybe you already tried that.
Yeah ive tried both and no go. Really weird. I tried different combos of passwords and one combination made an error on the home screen saying my password was unsafe so now im really confused?
I just wanted to add that I upgraded Hass.io and also Configurator, received an error, changed the path as directed above, restarted rebooted the system, and it works fine for me.
Thanks for the tips!
I had the same problem when I updated to Configurator 1.0. Everything worked fine before the upgrade, then kaboom.
Adding the âssl/â to my certfile and keyfile seemed to fix one problem and expose the next: Now Iâm getting an error: âException while creating notification: HTTP Error 502: Bad Gatewayâ
Hereâs the full logâŠthereâs not much thereâŠany ideas?
DEBUG:2018-08-05 20:46:25,910:main:Settings after looking at environment:
DEBUG:2018-08-05 20:46:25,911:main:{âVERIFY_HOSTNAMEâ: ââ, âSSL_CERTIFICATEâ: âssl/fullchain.pemâ, âHASS_API_PASSWORDâ: âredactedâ, âDIRSFIRSTâ: True, âIGNORE_PATTERNâ: [âpycacheâ], âENFORCE_BASEPATHâ: False, âHASS_APIâ: âhttp://hassio/homeassistant/api/â, âNOTIFY_SERVICEâ: âpersistent_notification.createâ, âSSL_KEYâ: âssl/privkey.pemâ, âPASSWORDâ: âalso-redactedâ, âUSERNAMEâ: âredact-o-ramaâ, âGITâ: True, âBANNED_IPSâ: [â8.8.8.8â], âIGNORE_SSLâ: False, âBASEPATHâ: â/configâ, âSESAMEâ: âredact-a-liciousâ, âBANLIMITâ: 5, âALLOWED_NETWORKSâ: [ââ], âLOGLEVELâ: âdebugâ}
INFO:2018-08-05 20:46:27,387:main:Starting server
INFO:2018-08-05 20:46:27,395:main:Listening on: https://0.0.0.0:3218
INFO:2018-08-05 20:46:45,277:main:192.168.50.1 - âGET /redact-a-licious HTTP/1.1â 302 -
INFO:2018-08-05 20:46:45,303:main:{âtitleâ: âHASS Configurator - SESAME accessâ, âmessageâ: âYour SESAME token has been used to whitelist the IP address 192.168.50.1.â}
WARNING:2018-08-05 20:46:45,399:main:Exception while creating notification: HTTP Error 502: Bad Gateway
OK, I seem to have got it working again.
In the old Configurator version, it was acceptable to leave allowed_networks empty [] and instead set and pass a value for sesame. That doesnât seem to work with version 1.0. I found that I have to add my network to allowed_networks in order to get Configurator working again. My current (working) config is as follows:
{
"username": "username",
"password": "password",
"ssl": true,
"certfile": "ssl/fullchain.pem",
"keyfile": "ssl/privkey.pem",
"allowed_networks": [
"192.198.50.0/24"
],
"banned_ips": [
"8.8.8.8"
],
"banlimit": 5,
"ignore_pattern": [
"__pycache__"
],
"dirsfirst": true,
"enforce_basepath": false,
"notify_service": "persistent_notification.create",
"sesame": "opensaysme",
"loglevel": "debug"
}
1 Like
Has anyone ever seen a log like this
INFO:2018-08-06 09:50:22,279:__main__:194.170.29.230 - code 400, message Bad
request version ('\x9a\x9aĂ+Ă/Ă,Ă0Ă©ĂšĂ\x13Ă\x14\x00\x9c\x00\x9d\x00/\x005\x00')
INFO:2018-08-06 09:50:22,281:__main__:194.170.29.230 -
"ëçÂÂčÂLĂĂh4>o:»ÂÂUÂWžÂȘeĂ(ĂÂÂdÂŒ]ĂČZ ÂątĂÂG=DĂÂ$Ăłtv"ĂșĂ RXrĂĂi9§ÔKÂłÂÂĂ+Ă/
Ă,Ă0Ă©ĂšĂĂÂÂ/5" 400 -
INFO:2018-08-06 09:50:22,676:__main__:176.204.19.104 - code 400, message Bad
request version ('\x98;\x99\x9a\x8eGĂU\x00\x00.Ă,Ă+Ă$Ă#Ă')
INFO:2018-08-06 09:50:22,678:__main__:176.204.19.104 - "öĂČÂĂ
`s7ÂvÂĂŸÂżÂż\ĂdÂŻĂ
Ă
<NÂŁÂ;ÂÂÂGĂU.Ă,Ă+Ă$Ă#Ă" 400 -
INFO:2018-08-06 09:50:23,081:__main__:176.204.19.104 - code 400, message Bad
request version ('8\x00\x00.Ă,Ă+Ă$Ă#Ă')
INFO:2018-08-06 09:50:23,082:__main__:176.204.19.104 - "öĂČ:
[cŠĂ”F'ž3ĂŠ'Â@ĂœĂŹĂĂȘ Ă°Â+Ă8.Ă,Ă+Ă$Ă#Ă" 400 -
it was generated in the configurator log. i still have an issue where i get a blank screen when i access from outside my network.