No, ALLOWED_NETWORKS means the IP addresses that are allowed to connect, or whole ranges of IPs.
In your case I assume 192.168.178.1 is your router. In that case I would put 192.168.178.0/24 in there. The /24 is a shorthand that means everything from 192.168.178.1 to 192.168.178.255. So everybody that is in that network would be allowd to access the configurator. If you want to whitelist only specific addresses, you instead would have to add 192.168.178.123 and 192.168.178.234 (these are just random IPs, replace with yours) etc. to the list.
You should set back the HASS_API parameter to the default value of http://172.17.0.1:8123/api/. There have been some network-changes in hassio, but I don’t think this detail has changed. Using the default would not force the configurator to first go outside to the internet and back in to get the internal data.
The final point is the connection issue itself, which could have different reasons. The most important thing to check is if the port which the configurator exposes (usually 3218) is also forwarded by your router. The configurator is a whole webserver on its own and works regardless of HASS. So by directly accessing your URL with the correct port you should be able to see the UI of the configurator.
That depends on your configuration. If you leave the default of the configurator (3218), then that’s the port you have to forward to. And on which port you expose the configurator to the outside is up to you.
Sorry, but I don’t know which port I have to use.
I have a port forwarding on my router from 443 to 8123 because of the SSL.
Have I to change this forwarding?
Can you give me an example?
No, you have to keep the 443 -> 8123 forwarding so you can still access HASS. You have to add an additional forwarding for the configurator. So head over to your modem where you have set up 443 -> 8123 and add 3218 -> 3218.
To help you understand what is happening: When your modem is connected to the internet, it receives a single IP address from your provider. Behind your modem you have your private network with multiple devices, having multiple IP addresses. If you want to contact one of those internal devices (like your hass.io machine), you initially are not able to connect to that machine. That’s because your modem doesn’t know which of all those machines you want to reach. Hence it blocks the requests.
However, modems usually allow you to manually specify a port which will be redirected to an internal device of your choice. This is done by using these so called ports. They operate in a range from 1 to 65535, with a lot of those below 1024 being typically used for certain services - like 443 for https traffic.
So what you are doing currently is telling your modem to forward traffic to your modems IP (the internet-side) using the port 443 to your hass.io machine (with HASS running on port 8123). Now the configurator uses a separate port on the same machine. So your goal is to punch another hole into your modem, telling it to forward traffic from port 3218 to port 3218 on your hass.io machine. You can change the ports to whatever you like. The one you expose at the modem can be anything in the range mentioned above, the one you forward the traffic to has to match the port the configurator is configured to use (which is 3218 by default, but can be changed). In terms of simplicity its best though to stick to the default values, since these don’t collide with other services / functionality your modem might provide.
I hope this explanation made it a little bit clearer what is happening on the network level. Knowing this can be valuable when setting up other services, so try to memorize it. You’ll encounter this topic again sooner or later.
I am new to Hassio en home assistant, so forgive me if I ask a stupid question. I have installed you configuration addon, but I am not able to access the webui. It gives the following message: Policy not fullfilled
What am I doing wrong? I am using the default settings and don’t see anything strange in the logs
It is a fresh install and I haven’t changed anything yet, except installation of some addons (Bluetooth, Check Home Configuration, AppDeamon, Samba share)
Policy not fulfilled is the error you get when you:
a) Provide invalid login credentials
b) Are prohibited from accessing the configurator because your IP is not in the ALLOWED_NETWORKS list.
b usually will be the case when you whitelist your private network but want to access it from the outside. The wildcard to allow any IP would be to either leave the setting empty or set it to 0.0.0.0/0. For security reasons I really recommend NOT to do that! If you do, set the CREDENTIALS setting so something that is really hard to guess, because allowing access from everywhere, together with port forwarding from the outside, allows the whole world to access that machine!
Yes, thank you! The problem was b, I have added the IP from my laptop to the list and that did the trick. Thanks for the quick response! Back to trying to learn Home Assistant!
Hi,
thx for the hard work. The HASS configurator is fantastic!!
But have two problems with the configurator.
I have access to all files an can change and save everything. But the List wist the Entitie IDs is empty and greyed out. Same with Events and Services. What can cause this problem?
I want to add the HASS configurator into HASS. I added the configuration.ymal and I see the Configurator Butten in the UI. But clicking on this do nothing. I tried with this url: http://hassio.local:3218 and the Local IP Adress.
Open up in a separat Tab without HASS UI works fine.
This is the result of the configurator not being able to get the required data from HASS. I haven’t used hass.io in a while, so I am not sure if the default address is still correct. So I would experiment with the HASS_API setting and probably tweak HASS_API_PASSWORD as well if that doesn’t match your setup.
If your HASS is set to use SSL, then the configurator needs to use SSL as well. HASS can’t display non-SSL content when it’s run with SSL. If that’s not the problem, then I’m not sure what it could be. The panel_iframe just displays some arbitrary site. So if the URL you have configured also works in your browser directly, then I don’t see a reason why it should not work.
Thanks, its working now. I added the SSL settings and now its working
Another small problem has appeared.
If I start the HASS Configurator with the “OPEN WEB UI” Button in the ADDON Manager, its not working because the link show to http instead of https. But thats not a big deal, because the button in the HASS UI is working now
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 422, in start
resp = yield from self._request_handler(request)
File "/usr/lib/python3.6/site-packages/aiohttp/web.py", line 306, in _handle
resp = yield from handler(request)
File "/usr/lib/python3.6/site-packages/hassio/api/util.py", line 31, in wrap_api
answer = await method(api, *args, **kwargs)
File "/usr/lib/python3.6/site-packages/hassio/api/addons.py", line 169, in install
addon.install(version=version), loop=self.loop)
File "/usr/lib/python3.6/site-packages/hassio/addons/addon.py", line 437, in install
if not await self.docker.install(version):
File "/usr/lib/python3.6/site-packages/hassio/dock/util.py", line 18, in wrap_api
return await method(api, *args, **kwargs)
File "/usr/lib/python3.6/concurrent/futures/thread.py", line 55, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/lib/python3.6/site-packages/hassio/dock/addon.py", line 184, in _install
return self._build(tag)
File "/usr/lib/python3.6/site-packages/hassio/dock/addon.py", line 197, in _build
image = self.docker.images.build(**build_env.get_docker_args(tag))
File "/usr/lib/python3.6/site-packages/docker/models/images.py", line 175, in build
raise BuildError(chunk['error'])
docker.errors.BuildError: invalid reference format: repository name must be lowercase
What could be causing this? I added the repository using the following URL:
This error means, that you are not authenticated. Usually you should be prompted for username and password. I don’t know why that is not happening in your case.
