Using CATT

I have a node-red automation to cast the display every 9:59 mintuten, because I thought that every 10 min the cast is ended. Is this still a issue?

yes, i’ve forwarded only the 443 port internally to hassio , then i’ve installed the addon: NGINX Home Assistant SSL proxy

1 Like

No worries, I’ll try break it down a bit more. Guess I should flag what I was looking to achieve:

  1. Get CATT working, obviously
  2. Have SSL enabled internally, just because…
  3. Ideally have a free certificate (LetsEncrypt or OpenSSL) without needing to make my system externally accessible to do this (didn’t want to open up port 80 or 443 to generate the lets encrypt certs)

With that in mind, I’ve done the following:

  1. Install the Let’s Encrypt addon in HASSIO.
  2. Registered a domain name. I’m using Google Domains but anything should do. You could probably simplify this process by reviewing the documentation for Lets Encrypt and picking a domain provider that’s included in the list of providers that support “DNS Challenge”. Google Domains isn’t one, but I have other domains with Google and want to keep them together (Note Google Domains is different from the “Google” option in the Lets Encrypt doco, which would require a paid subscription to use the APIs).
  3. Set up a free CloudFlare account if you haven’t already got one and then log in to
  4. From the home tab in CloudFlare, click ‘Add A Site’. Add the domain name from step 2. Choose the free plan. A scan will be done for DNS Settings. Once that’s complete follow the on screen instructions to update the DNS Name Server settings at the site where you purchased your domain name to the values that CloudFlare tells you to.
  5. Wait for confirmation that the CloudFlare DNS registration is complete. They say it may be a day but it took me closer to 10 minutes, it wasn’t very long.
  6. Return to the home page of your CloudFlare account and the site you added above will be there. Click it.
  7. On the page that loads, in the right hand pane there is a section with some API settings. Select ‘Get your API token’. Create a new API token with two Permissions of Zone-Zone-Read and Zone-DNS-Edit. The ‘Zone Resources’ should be ‘All Zones from an account’ with your account selected. I found these settings in the ‘Lets Encrypt’ Documentation that’s available in HASSIO following the install in step 1, so feel free to verify. Make sure you note your API token as I’m not sure you can retrieve it again, although you can generate a new token by repeating this.
  8. Still in Cloudflare return back to your Dashboard and again open your site. This time at the top go to the ‘DNS tab’. Click ‘Add Record’ of type ‘A’ and type in a subdomain name (“something” Only include the subdomain name, not the full URL. Set the IP address to your local networks IP for your HA instance. In my case that was Click the cloud icon near the submit button so the Proxy Status changes to DNS only and click save. Having done this, browsing to will now take you to your HA instance if you are on your personal network, as the sub domain will resolve to your internal IP. (I should add, HA should have a static IP on your network).
  1. Return to HASSIO and configure the Lets Encrypt Addon. You’ll need an email address, domains (subdomain you configured above, or if you want you can use a wildcard * and to set the challenge to “DNS”. Provider is “dns-cloudflare” and Cloudflare_api_token the value generated in step 8. Refer to the addons doco for formatting. Also make sure the certificate and private keys match those that Home Assistant are set to use.
  2. Save the LetsEncrypt config and start the addon (backup any existing SSL keys first but!). If all is good at this point it will generate you a new key pair that will be dropped on your HASSIO’s /ssl/ folder. This will be a key generated from an externally trusted source (Lets Encrypt) but the IP address that it resolves to will be one that’s on your own network.
  3. Make sure your HASSIO instance has the ‘internal url’ set to use https, and that your configuration.yaml file has the certs configured.
  4. In your configuration.yaml file configure ‘authproviders’, you’ll want to include the ‘homeassistant’ provider as well as the ‘trusted_networks’. If you don’t add ‘homeassistant’ then you lose your standard authentication. Under trusted networks include trusted_networks entry with the IP address of your Home Hub. I gave it a /32 address so the only device trusted was the specific address rather than a range. Set a trusted user, which I think is documented elsewhere here otherwise check the Home Assistant doco. Set Allow_Bypass_Login to true
  5. Restart Home Assistant, remembering to change to

By now you should have a trusted cert pointing to your home assistant instance for any devices that are on your local network. You also wouldn’t have had to touch your router to do port forwarding or anything. Start up CATT and try casting to your address, typing the full domain rather than the IP and including https://. With any luck it’ll work and from there you can play about with automations and the like.

A lot of the above may be fairly specific to me. You don’t have to pick CloudFlare to do your DNS for example. If you are happy to open up port 80 and 443 to generate the certs, you could skip half of the above and do that instead. You could use 'DNS Challenge" but use someone other than Cloudflare.If using Lets Encrypt then you’ll want to look at automating re-generation of licenses etc.

The caveat is I have seen this break the querying of calendar data stored in HASSIO from the Google Hub only (and this isn’t addon specific, but rather globally), and I’m not sure what else may or may not be broken. Everything else in my views currently functions however.

Regarding step 8, that’s needed to resolve the hostname due to the Google Home Hub bypassing your routers DNS and going straight to Googles which has no concept of your internal address. You can skip step 8 and instead put in a firewall rule to block the Home Hub using Google DNS (addresses and which will cause it to fail back to your own networks DNS. May or may not need a rule at your local network to redirect the URL to your IP. I tested this approach briefly and it worked, but didn’t stick with it.

Lastly, I used a subdomain, but you don’t have to. The reason I did is I can use steps 8-10 to also generate certs for other devices on my network with each device having its own subdomain. If you have a single device you want to assign certs to, then that may not be worthwhile.

I hope I haven’t missed too much. Intentionally skimmed over the CATT bit as I think others have covered that. Happy to try answer any questions. I’m not overly proficient in these matters, above is me just joining dots and brute forcing my way at points. Apart from not having a calendar currently, I’m fairly happy with how its working.


Thanks for taking the time to explain this and write out the detail. It lead me to a solution for my setup with duckdns addon after a few hours of fiddling.

The main thing was to map a new domain to my local hassio ip (as I had most of the other steps already in place)

1 Like

Nice… Working! Was stuggling with getting my commands working, but this does the job!

1 Like

Catt seems to play well with the Browser_mod media player and the Google Assistant Webserver. For example, you can cast your lovelace frontend to your Google hub, then play a seperate audio with Browser mod. Then you can send audio notifications (broadcasts) to the hub and it won’t interupt the music playing. In fact you can set your hub to show the broadcast text on the screen.

Okay I have a problem, I installed Catt and after running the command I get an error:
Running HA on a pi.

Could some one told me what’s wrong?

Traceback (most recent call last):
  File "/usr/bin/catt", line 10, in <module>
  File "/usr/lib/python3.8/site-packages/catt/", line 570, in main
    return cli(obj={}, default_map=get_default_map())
  File "/usr/lib/python3.8/site-packages/click/", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/usr/lib/python3.8/site-packages/click/", line 782, in main
    rv = self.invoke(ctx)
  File "/usr/lib/python3.8/site-packages/click/", line 1259, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/lib/python3.8/site-packages/click/", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/lib/python3.8/site-packages/click/", line 610, in invoke
    return callback(*args, **kwargs)
  File "/usr/lib/python3.8/site-packages/click/", line 33, in new_func
    return f(get_current_context().obj, *args, **kwargs)
  File "/usr/lib/python3.8/site-packages/catt/", line 235, in cast_site
    cst = setup_cast(settings["device"], controller="dashcast", action="load_url", prep="app")
  File "/usr/lib/python3.8/site-packages/catt/", line 144, in setup_cast
    cast, cc_info = get_cast(device_name)
  File "/usr/lib/python3.8/site-packages/catt/", line 92, in get_cast
    cache = Cache()
  File "/usr/lib/python3.8/site-packages/catt/", line 222, in __init__
    devices = get_chromecasts()
  File "/usr/lib/python3.8/site-packages/catt/", line 45, in get_chromecasts
    devices.sort(key=lambda cc:
AttributeError: 'tuple' object has no attribute 'sort'

Sorry to reply on an old post but does your google home make the alert noise every 10 minutes or is there a way to disable as could see that getting a bit annoying?

(see this link for install instructions)

yes, i was also getting the beep every 10 minutes, to solve it, i created this in the file that I now use:

if ! catt -d "Living Room display" status | grep 'PLAYING'; then 
    catt -d "Living Room display" volume 0
    catt -d "Living Room display" cast_site

It checks if anything is playing, then it wont cast. If nothing is playing, it turns the volume off and casts the screen. I just leave the volume off. Whenever I say “ok google” the volume goes back on anyway. you could turn the volume back on after the cast, but that also makes a sound.

The automation I use to cast the file is:

- id: '1589529246400'
  alias: CastToHub
  description: ''
  - minutes: /10
    platform: time_pattern
  - after: '5:00'
    before: '23:30'
    condition: time
  - data:
      addon: a0d7b954_ssh
      input: bash /config/
    service: hassio.addon_stdin

Can you also give “the command” that you mention?

Yes sure. The command is:
catt -d “Google Cast” cast_site ‘

Tried alsof without the port number.

Perfect thanks so much!

I think you need to remove the single quotes around the the address.

Removed the single quotes but still not working. Had the same error.

then its probably best to create an issue on

I did see other people cast directly from their http address instead of external (https) in your case:

catt -d ‘Google Cast’ cast_site ‘http://ip:8123/lovelace-hub/begin-hub

also using only single or double quotes for the entire string

Thanks Juan, also tested with the local IP address, but stil no luck :S

But when I check the github, there is also an issue what’s looks like the same errors:

why are you using -d? That is used to set defaults.

For using the default device Google Cast (Nest device)

Well think I found the problem was related with the issue on github.
I did an upgrade from catt and now it will cast to my Nest hub.

So the command was just fine but he couldn’t found any cast devices. :ok_hand: