(Not solved, but answered) Hide username/password in automations

hebom · October 23, 2021, 6:26am

I’ve created a doorbell automation the sends a message to a Telegram account and have my Google Nest speaker inform us that there is someone at the door. The ha_uptime check is there because otherwise it’ll go off if my HA reboots. I’m going to implement a check so it’ll won’t use the speaker if nobody is home.

Most important question: Is there a way to use the username and password stored in secrets.yaml?
Also I would like to send an image at first and a small video second, how can I accomplish this?

alias: Notification - Doorbell
description: ''
trigger:
  - platform: device
    type: turned_on
    device_id: xxx
    entity_id: switch.doorbell
    domain: switch
condition:
  - condition: numeric_state
    entity_id: sensor.ha_uptime
    above: '0.5'
action:
  - service: notify.telegram
    data:
      message: Notification
      data:
        photo:
          - url: http://10.xxx.xxx.xxx/Streaming/channels/1/picture
            authentication: digest
            username: **username**
            password: **Password123!**
            caption: There is someone at the door (1/2)
  - service: tts.google_cloud_say
    data:
      entity_id: media_player.livingroom
      message: 'Notification. There is someone at the door!'
  - delay: '3'
  - service: notify.telegram
    data:
      message: Text
      data:
        photo:
          - url: http://10.xxx.xxx.xxx/Streaming/channels/1/picture
            authentication: digest
            username: **username**
            password: **Password123!**
            caption: There is someone at the door (2/2)
mode: single

poudenes · October 23, 2021, 6:59am

Create a secrets.yaml

Add in this file your usernames ans passwords:

username: my_username
password: my_password

In your normail yaml scripts you add this

username: !secret username
password: !secret password

Now your usernames and passwords are hidden

parautenbach · October 23, 2021, 7:36am

And you can hide the URL in the same way (in some cases one wants to).

hebom · October 23, 2021, 12:48pm

I’ve haven’t yet tried it because some posts indicated that this didn’t work.
Going to try it and let you know

hebom · October 23, 2021, 1:14pm

I added the URL (camera_url) to my secrets.yaml and replaced the url, username and password with the !secret arguments. Unfortunately it didn’t work.

service: notify.telegram
data:
  data:
    photo:
      - url: !secret camera_url
        authentication: digest
        username: !secret camera_username
        password: !secret camera_password
        caption: There is someone at the door (1/2)
  message: There is someone at the door (1/2)

poudenes · October 23, 2021, 2:28pm

did you create the secret.yaml file in the /config/ folder?

hebom · October 23, 2021, 9:57pm

Yes, I’m using it to store/access my Telegram apikey/chatid and other usernames/passwords.
I had to double check, but I also use it for my my HikVision camera. It’s feed is being shown on one of my overview-pages.

parautenbach · October 24, 2021, 2:42pm

Maybe you have characters in the YAML values that’s interpreted by the YAML parser, e.g. an & that’s an anchor. Try to place all the string values in quotes. I’m guessing here, since you can’t show the contents of your secrets.yaml.

Burningstone · October 24, 2021, 6:02pm

Did you restart Home Assistant after changing secrets.yaml?

hebom · October 25, 2021, 5:37pm

I’ve rebooted my Home Assistant.
My secrets.yaml has the following entry and it’s not much different in characters as my functioning Telegram settings:

camera_url: http://10.xxx.xxx.xxx/Streaming/channels/1/picture
camera_username: username
camera_password: PassWord99!

My automation has the following action:

service: notify.telegram
data:
  data:
    photo:
      - url: !secret camera_url
        authentication: digest
        username: !secret camera_username
        password: !secret camera_password
        caption: Er staat iemand aan de deur (3/2)
  message: Er staat iemand aan de deur (3/2)

If I save it “!secret camera_url” is being changed to “null”.

Dujith · October 25, 2021, 5:41pm

If you are using symbols you need to double quote the secret

hebom · October 25, 2021, 6:49pm

Done that, didn’t change the outcome.
Whenever I save the automation it’s being changed to:

service: notify.telegram
data:
  message: Er staat iemand aan de deur (3/2)

hebom · October 25, 2021, 7:02pm

How to use secrets in automations.yaml seem to address the same issue, but I might be wrong.

Burningstone · October 25, 2021, 7:49pm

Are you creating them from the UI? The UI doesn’t support secrets.yaml.