Home Assistant has the functionality to be able to store passwords in a central location as well as variables which can be reused in other configurations throughout Home Assistant using a SECRETS.YAML file. This makes sharing your own configuration with others safer by not having the passwords stored in plain text in your configuration.yaml file.
Creating a Secrets.yaml file in Home Assistant
First off we need to create the file.
- Navigate to CONFIGURATOR
- Click on the FOLDER in the top left hand corner
- You should see that you are in the CONFIG/ folder, if not browse to it
- Click on NEW FILE
- Name your file
- Click on OK
Now that we have our secrets.yaml file setup, we can start populating it with variables and passwords to use in our configuration.yaml file.
In this example we will store a username and password in our secrets.yaml file to use with the Tuya Home Assistant Component.
- Open up SECRETS.YAML
- Setup your variable and its value
tuya_username: "[email protected]" tuya_password: "Password12345"
Using secrets in your configuration.yaml file
Now that you have setup your secrets.yaml file, you can now use the values throughout Home Asssitant. I’ll take you through the process of using them in your CONFIGRATION.YAML file.
Let’s configure the Tuya Home Assistant component using the data stored in our SECRETS.YAML file
- Open CONFIGURATOR
- Open your CONFIGRATION.YAML file
- Add the following code:
tuya: username: !secret tuya_username password: !secret tuya_password
!secretto reference our secrets.yaml file and then the name of the variable that you have configured.
What the above code actually reads is:
tuya: tuya_username: "[email protected]" tuya_password: "Password12345"
If we were to share our configuration with others or open the file while creating a YouTube video, you will only see the configration and not the actually plain text passwords or variables. Exactly as you saw in Step 3 above.
How to create a secrets.yaml file for ESPhome
ESPhome also has the functionality to store secrets. The steps are exactly the same however the location is slightly different. I use this to store my wifi username and password as well as my mqtt broker’s IP address, username and password. This is handy when configuring multiple ESPHome devices where I can use a template that I’ve created that uses the stored variables to configure the devices.
Create your secrets.yaml file in:
For more information on SECRETS.YAML see the STORING SECRETS DOCUMENTATION.