Home Assistant: Difference between revisions
imported>Mweinelt No edit summary |
imported>NewAM Added a snippet for using a private x509 certificate authority. |
||
| Line 365: | Line 365: | ||
services.home-assistant.config."scene manual" = [] | services.home-assistant.config."scene manual" = [] | ||
services.home-assistant.config."scene ui" = "!include scenes.yaml"; | services.home-assistant.config."scene ui" = "!include scenes.yaml"; | ||
</syntaxHighlight> | |||
== Trust a private certificate authority == | |||
Home Assistant does not natively support adding a private CA to the certificate store (see [https://community.home-assistant.io/t/add-private-cas-to-certificate-store/267452 this thread] for more details). | |||
Home Assistant trusts certificates provided by the certifi python package. Using an override you can append your root CA certificate to the certificates provided by certifi. | |||
<syntaxHighlight lang=nix> | |||
services.home-assistant.package = (pkgs.home-assistant.override { | |||
extraPackages = py: with py; [ ]; | |||
packageOverrides = final: prev: { | |||
certifi = prev.certifi.overrideAttrs (oldAttrs: { | |||
prePatch = | |||
(oldAttrs.prePatch or "") | |||
+ '' | |||
cat ${./my_private_root_ca.crt} >> certifi/cacert.pem | |||
''; | |||
}); | |||
}).overrideAttrs (oldAttrs: { | |||
doInstallCheck = false; | |||
}); | |||
</syntaxHighlight> | </syntaxHighlight> | ||