Add service to dynamically reset an ip_ban without restarting Home Assistant

[shbatm]

Context

I still occasionally have an IP address for one of the devices I regularly use to access Home Assistant get banned by the IP filtering middleware. It's usually associated with some authentication hiccup on a mobile app, or a cache issue in a browser, but it results in one of my primary devices being unable to access Home Assistant until I switch interfaces or devices, login to delete the IP from ip_bans.yaml and restart Home Assistant.

Proposal

With the general move to more dynamic configuration reloading, I'm wondering if you would support a service (probably an Admin-only service) that accepts a single IP address to clear from the ban file and middleware, without requiring a full restart? And/or adding an action button to the persistent notification to release the ban for a given IP?

Not sure the feasibility for either yet, but wanted to ask the question here before looking too deep into it, because I know changes to any authentication / authorization schemes are tightly controlled.

Consequences

Largest consequence would be an unauthorized user being able to clear an IP that was banned for legitimate reasons, if they found access another way.

Suggested a single IP service data above as a way to prevent someone from inadvertently clearing the whole file, but an alternative middle-ground would be a service to reload the file. Someone would have to have permission on the device to edit the file--all this method would really save was the need to restart Home Assistant completely after editing.

[aLTeReGo-SWI]

Yes please

[peterolby]

Have the exact same issue and would love to this kind of functionality.

[dgomes]

Why don't you go ahead and create the PR ?

[frenck]

This architecture issue is old, stale, and possibly obsolete. Things changed a lot over the years. Additionally, we have been moving to discussions for these architectural discussions.

For that reason, I'm going to close this issue.

../Frenck