Hass and IDS alarm integration

grump_grouch

Well-Known Member
Joined
Jun 6, 2011
Messages
374
Can't say I'm crazy about this, the entities/zones just show "clear" I would prefer to have then read open/close and also have a on/off switch where I can bypass/clear_bypass
would be great if I can have a different icon to the left of the zone/entity to show if in alarm or not.

Anyone been able to do something like this ?
You can probably accomplish this by creating custom cards for HA/Lovelace.
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
... ye... thats where my skill is lacking a bit. wonder if anyone has... that can point me to use this and this together like this. there are so many options... and ways, it gets confusing.
G
 

grump_grouch

Well-Known Member
Joined
Jun 6, 2011
Messages
374
Can't say I'm crazy about this, the entities/zones just show "clear" I would prefer to have then read open/close and also have a on/off switch where I can bypass/clear_bypass
The on/off (bypass) you can accomplish by adding the below to your configuration.yaml

Code:
switch:
  - platform: mqtt
    name: "<zone>> Bypass"
    command_topic: "paradox/control/zones/<zone_name>>"
    state_topic: "paradox/states/zones/<zone_name>/bypassed"
    qos: 0
    optimistic: true
    state_on: "True"
    state_off: "False"   
    payload_on: "bypass"
    payload_off: "clear_bypass"
    payload_available: "Online"
    payload_not_available: "Offline"
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
thanks, will have a look at those...

busy pulling my hair out (nope I don't have much left) trying to get duckdns=>HA via aport forward working...

G
 

grump_grouch

Well-Known Member
Joined
Jun 6, 2011
Messages
374
Get your DuckDNS token for your domain.
Add the DuckDNS add-on
Configure DuckDNS add-on:

Code:
lets_encrypt:
  accept_terms: true
  certfile: fullchain.pem
  keyfile: privkey.pem
token: <your-token>
domains:
  - <your-domain-name>.duckdns.org
aliases: []
seconds: 300

It will automatically get a Lets Encrypt certificate

Change configuration.yaml:
Code:
http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

Port forward port 8123 on your router/firewall

Restart HA - you will now only be able to access your HA via https://<your-domain>.duckdns.org:8123/
 
Last edited:

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
well... that made a difference... my system is now internally available via https:// but not outside yet, and http:// is not working outside anymore...

G
 

MidnightZA

Expert Member
Joined
Mar 9, 2013
Messages
1,144
well... that made a difference... my system is now internally available via https:// but not outside yet, and http:// is not working outside anymore...

G

I'm having a similar issue. Are you using LTE by any chance?

I'm waiting for the past week or two for MTN to activate the unrestricted apn on my modem sim before I can do anything else
 

Steamy Tom

Executive Member
Joined
Jan 23, 2019
Messages
7,026
so remove the ssl stuff there in the configuration.yaml, then add the nginx add-on. then you want to port forward port 443 on the outside to port 443 on the inside on your router
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
I'm having a similar issue. Are you using LTE by any chance?

I'm waiting for the past week or two for MTN to activate the unrestricted apn on my modem sim before I can do anything else

Nope. ADSL via Telkom via Axxess.

G
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
weird... is how i will label this... so last night still sat with only https on the internal network, which i actually don't want, want http: and then https outside, was able to access internal via https from computer, but not the phones, as they complain about certificate error on the phone.
outside was no go.
this morning, the internal https cert error is still there... but the outside is now working, via a web browser on phone and via the app on the phone on https:// so at least its working...
now to get it working internally on http without breaking the external access.
G
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
The on/off (bypass) you can accomplish by adding the below to your configuration.yaml

Code:
switch:
  - platform: mqtt
    name: "<zone>> Bypass"
    command_topic: "paradox/control/zones/<zone_name>>"
    state_topic: "paradox/states/zones/<zone_name>/bypassed"
    qos: 0
    optimistic: true
    state_on: "True"
    state_off: "False" 
    payload_on: "bypass"
    payload_off: "clear_bypass"
    payload_available: "Online"
    payload_not_available: "Offline"
curious.

you have reverent to
payload_available: "Online"
payload_not_available: "Offline"
but there is no availability topic...
please educate me, whats the optimistic value for.
interesting you us cos:0 I've made it 1 so that i know its send delivered and checked.

Attached is what the interface looks like atm, not pretty, but functional.
The 2 alarm arm/disarm's I've changed as below...

alarm_control_panel:
- platform: mqtt
name: "Alarm-Part1"
command_topic: "paradox/my/control/partitions/Area_1"
state_topic: "paradox/states/partitions/Area_1/current_state"
payload_arm_away: "arm"
payload_arm_home: "arm_stay"
payload_arm_night: "arm_sleep"
payload_disarm: "disarm"
code_arm_required: false


Note I'm pushing the command to a "my" topic, which I then read via node_red and based on that selected, I send bypass to the various zones, updating their state and then also send a "arm, arm_sleep, arm_away" to the panel on it's topic, so just a little stepping into the middle.
 

Attachments

  • Screen Shot 2020-12-24 at 06.50.00.png
    Screen Shot 2020-12-24 at 06.50.00.png
    268.9 KB · Views: 5

Steamy Tom

Executive Member
Joined
Jan 23, 2019
Messages
7,026
weird... is how i will label this... so last night still sat with only https on the internal network, which i actually don't want, want http: and then https outside, was able to access internal via https from computer, but not the phones, as they complain about certificate error on the phone.
outside was no go.
this morning, the internal https cert error is still there... but the outside is now working, via a web browser on phone and via the app on the phone on https:// so at least its working...
now to get it working internally on http without breaking the external access.
G

are you using the app? if so there is an option for local ip address if you give it your wifi ssid
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
are you using the app? if so there is an option for local ip address if you give it your wifi ssid
ye, its in the connection section, I'm specifying my local IP, but it seems system is locally only listening on the https port now, and that ssl cert is not associated with the ip, only with the duckdns name so the cert is failing.
i need to get the system to locally listen on http and externally on https.
know the configuration.yaml had a http section, but saw docs that says it's been depreciated, and request to have it removed.
 

Steamy Tom

Executive Member
Joined
Jan 23, 2019
Messages
7,026
ye, its in the connection section, I'm specifying my local IP, but it seems system is locally only listening on the https port now, and that ssl cert is not associated with the ip, only with the duckdns name so the cert is failing.
i need to get the system to locally listen on http and externally on https.
know the configuration.yaml had a http section, but saw docs that says it's been depreciated, and request to have it removed.

so in my http section i still have

http:
base_url: https://mynamehere.duckdns.org

but all the other stuff is removed.

then i have duckdns

lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: my token here
domains:
- mynamehere.duckdns.org
aliases: []
seconds: 300

and i have nginx

domain: mynamehere.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf

and i have 443/tcp set to 443 and 80/tcp disabled

then on my router i have outside 443 forwarded to internal ip of my HA port 443

i can access HA from the outside on the https://myname.duckdns.org and internally on the http://ipaddress:8123

i note you say you cant use 443, im just showing you for reference what worked for me
 
Last edited:

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
So going to respond in reverse, I can't use 443, it's already used/owned by my remote VPN stack, tried that a couple of times.

for my http stack I only list the ssl certificates.

got it working in the end by removing the nginx proxy.
wonder if i should try add the internal and external url to http: lets see, cross finger this does not break it.


so in my http section i still have

http:
base_url: https://mynamehere.duckdns.org

but all the other stuff is removed.

then i have duckdns

lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: my token here
domains:
- mynamehere.duckdns.org
aliases: []
seconds: 300

and i have nginx

domain: mynamehere.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf

and i have 443/tcp set to 443 and 80/tcp disabled

then on my router i have outside 443 forwarded to internal ip of my HA port 443

i can access HA from the outside on the https://myname.duckdns.org and internally on the http://ipaddress:8123
 

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
Anyone know if you can change the writing on the "Arm Away", "Arm Home" and "Arm Night" buttons?

G
 

Attachments

  • Screen Shot 2020-12-24 at 06.50.00.png
    Screen Shot 2020-12-24 at 06.50.00.png
    268.9 KB · Views: 6

georgelza

Senior Member
Joined
Sep 13, 2004
Messages
718
possible different solution,

can I add my local land ip to the certificate ?

G

so in my http section i still have

http:
base_url: https://mynamehere.duckdns.org

but all the other stuff is removed.

then i have duckdns

lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: my token here
domains:
- mynamehere.duckdns.org
aliases: []
seconds: 300

and i have nginx

domain: mynamehere.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf

and i have 443/tcp set to 443 and 80/tcp disabled

then on my router i have outside 443 forwarded to internal ip of my HA port 443

i can access HA from the outside on the https://myname.duckdns.org and internally on the http://ipaddress:8123

i note you say you cant use 443, im just showing you for reference what worked for me
 
Top