Google Assistant Local SDK - Local Fulfillment

Sdri · February 16, 2022, 1:00pm

Hi everyone, I’m also struggling with this.
Debugging the app.js device i noticed that the devices in the device list have the customData property empty.
So i checked the homeassistant source code and found this.

I guess that means the local fulfillment feature is not available if you are using https?
I tried changing the source code, commenting these lines, in order to force the enable of the local sdk, and after that the customData property was filled with the right values (but i have other issues now: “Did not receive HTTP response” debugging the app.js)

Did you manage to make it works with https? or only with http?

pergola.fabio · February 16, 2022, 1:04pm

It’s strange, as soon I restart my HA, i immediately have an unregistered websocket coming in, and it doesn’t try to reconnect anymore

pergola.fabio · February 16, 2022, 1:05pm

No, only works if your local instance runs with http

calisro · February 16, 2022, 2:16pm

It comes down to certificates. https requires the googles talk to HA with a certificate using the UID.local domain. That will never work under the current architecture. The only way to really do that, would be to have a seperate http server running for mDNS entries and for HA serving a mdns broadcast with a public domain name which can have a valid cert.

Sdri · February 16, 2022, 4:35pm

Thanks for the clarifications.
I made it works keeping the ssl enabled, in a very ugly way.

if you are interested (it’s a bit hackish):

set up apache as a http-to-https proxy
set the internal URL in homeassistant to point to the proxy
edited the app.js and the components/google_assistant/helpers.py to ignore the SSL and use the proxy http://proxy_host:port

It seems to work fine, let’s see if it lasts

calisro · February 16, 2022, 4:39pm

That’s not really ssl enabled though? You’re using a http port for the google hooks. I’m not sue how that is different than just setting non-ssl for the internal port.

Sdri · February 16, 2022, 4:44pm

Well, that’s because I didn’t know homeassistant can manage 2 different port for internal and external, one with https and one http how can i do that?

calisro · February 16, 2022, 5:16pm

The external url would be https on some port. The internal would be http on some port. I don’t really use my internal url for anything and instead use NATLOOPBACK and use the external URL for 99% of the use cases. The one that can’t is this local fullfillment.

I use a nginx proxy (nginx proxy manager) for the https portion and leave the internal/http one as is. You don’t want to set the ssl within the HA config.

Sdri · February 16, 2022, 5:21pm

Ok but I don’t think you can set homeassistant to work with 2 ports, right?

I have homeassistant directly exposed on the internet right now, so it is with SSL enabled and apache provide for the internal http.

I’ll try to espose apache with SSL on the internet as proxy for homeassistant and disable SSL on homeassistant. I guess is that what you mean?

calisro · February 16, 2022, 5:31pm

That’s exactly right. The ‘nginx proxy manager’ by Frenk is incredibly easy to do just that. Just create a letsencrypt cert and a proxy host and done. All within the tool itself. It integrates will with the supervisor.

Sdri · February 16, 2022, 6:02pm

I installed the homeassistant core, so no supervisor. My raspberry also run other stuff, anyway I’ll switch to the no SSL homeassistant with apache as proxy

pergola.fabio · February 20, 2022, 1:09pm

i can use ‘via local’ just fine… Untill i reboot HA , then the local stuff doesnt work anymore
i always get unverified webhooks in logbook, with device verification failed…
To resolve, i always need to “sync my devices” command, then restart HA again, and then its working again… untill the next HA restart

any idea?

sgobat · February 25, 2022, 8:27pm

You can use the Assistant Relay addon to send commands to your Google Home devices and could therefore have it run ‘sync my devices’ whenever it boots? Not ideal but it might work!

pergola.fabio · February 25, 2022, 8:38pm

Seems there is also a service, I use that now in an automation

Michal_Ciemiega · March 15, 2022, 2:20pm

Is it possible to skip mdns, and provide ip for HA instance ? I’ve got HA on different subnetwork and inside vlan, and mdns doesnt work, without some bridge / relay solution afaik.

Nardol · March 15, 2022, 3:14pm

I read there were another solution within using UDP for local actions.
But it would imply rewrite the local action support and I don’t know if it could make it less strange.

pergola.fabio · March 15, 2022, 6:26pm

Where do you see that info?

Nardol · March 15, 2022, 6:47pm

In the Google developers doc about local fulfillment.
There are three possible implementations:

MDNS, the one which is implemented in Home Assistant
UPNP
UDP

But I don’t know if it could change anything.

pergola.fabio · March 15, 2022, 7:10pm

my local stuff breaks, when i dont do a sync 4 times a day, created an automation for it

in this google_assistant file, in the .storage folder, i need there the agent id
if its not there, local fails
when i do a sync, it fills up with an agent id, if i the reboot the devices, it works again, and dont have verification failed issues

not using nabucasa here:

{
    "version": 1,
    "minor_version": 1,
    "key": "google_assistant",
    "data": {
        "agent_user_ids": {
            "xxxx": {
                "local_webhook_id": "xxxxxx"
            }
        }
    }
}

avd706 · March 19, 2022, 10:19pm

I don’t think UDP goes across vlans by default. UPNP goes across networks, but not sure if it does across vlans.