So first thing I learnt:
when logging in to p 22222, go with the following to have access to hass command:
login
docker exec -it $(docker ps -f name=homeassistant -q) bash
hass --script keyring --help
now… this works in the sense that it displays the help , and by using the “set”/“get” option
hass --script keyring set one_secret_idliketohide
hass --script keyring get one_secret_idliketohide
it does prompt with appropriate requests, and it shows that it’s memorizing the information, but I can’t get the Configuration validation to succeed now, unless I have ‘one_secret_idliketohide’ in clear text in secrets.yaml, which means it doesn’t look like the keyring is being used at all
one roadblock down, many to go!
next I found that:
docker ps
returns a list of docker containers, and in this case there are both homeassistant and hassio_supervisor , as well as many others.
it looks like
hass --script keyring --help
works only under the homeassistant container, not sure if this has anything to do with the problem I am experiencing, it seems strange as when I stop home assistant and the frontend goes down, this container is removed, so it is the container responsible for home assistant (as the name suggests).
also I discovered that the keyring that gets created, stores the encrypted information in:
~/.local/share/python_keyring/crypted_pass.cfg
however when I issue
hass --script check_config --secrets
it returns an empty list with no secrets, because it checks in the following directory instead:
/root/.homeassistant
next I found that using
hass --script check_config --secrets -c /config/
I can force it to use the directory I want, this in fact returns a list with what I have in my secrets.yaml.
apparently this has to do with checking the configuration of another user instead of the correct one
(ref: Check_config looks for configuration file in wrong place?)
unfortunately the next step that I thought was obvious at this point:
hass -c /config --script keyring set oneother_secret_idliketohide
doesn’t work either (it ignores the -c /config and stores oneother_secret_idliketohide in the usual file)…
one last piece of info for today…
editing the file
/root/.homeassistant/configuration.yaml
to add a reference to !secret one_secret_idliketohide
(that is not stored in secrets.yaml in that folder) causes the command
hass --script check_config --secrets
to find the secrets in the keyring.
so now I think it could be a matter of finding where the location of my file is referenced and why it works in /root/.homeassistant
but not in /config