[ale] Home Assistant / Docker / Network Security
Raj Wurttemberg
rajaw at c64.us
Tue Jul 24 13:38:54 EDT 2018
(From my notes...)
This is how I update my HA:
Upgrade:
sudo systemctl stop home-assistant at homeassistant.service
sudo su -s /bin/bash homeassistant
source /srv/homeassistant/bin/activate
pip3 install --upgrade homeassistant
exit
sudo systemctl start home-assistant at homeassistant.service
/Raj
-----Original Message-----
From: Ale <ale-bounces at ale.org> On Behalf Of Derek Atkins via Ale
Sent: Tuesday, July 24, 2018 1:23 PM
To: DJ-Pfulio <DJPfulio at jdpfu.com>; Atlanta Linux Enthusiasts <ale at ale.org>
Subject: Re: [ale] Home Assistant / Docker / Network Security
H,
On Tue, July 24, 2018 1:04 pm, DJ-Pfulio via Ale wrote:
> Wouldn't a VPN be more secure? I know nothing about HomeAssist protocols.
>
> I use VPN (openvpn AES256) or an ssh-SOCKS proxy to access a LAN-only
> Plex server.
Much harder to set up on my Android and iOS devices in order to monitor the
house when I'm out.
> Patching? Is that not done, like how Asterisk is generally deployed
> commercially?
Patching requires code updates that solve the problem... Which requires
developers who acknowledge there is a problem and then fix it.
Based on the (10-page) thread I read, there does seem to be a problem, but
it's unclear if it's based on SAMBA, a combination of proxy, trust, and
x-forward-for, or some other bug. There certainly isn't a "Best Practice"
that I can find.
I suspect securing the docker instance would be much harder than securing
a base OS running HA natively. On the other hand, upgrading the native
HA is probably harder as it's not as simple as clicking a button and loading
the new docker image. (I honestly have no clue how to update a
"pip-installed" thing).
-derek
More information about the Ale
mailing list