Hass.io provides a very nice feature called Hass.io Ingress, hass_ingress
extracts this feature into a standalone integration, it allows you to add additional ingress panels to your Home Assistant frontend. The panels are listed in the sidebar and can contain external resources like the web frontend of your router, your monitoring system, or your media server. Home Assistant will take care of the authentication and the secure connection, so users can access the external resources without extra login.
work_mode: ingress
)work_mode: iframe
)work_mode: auth
)work_mode: hassio
url: addonSlug
)ui_mode: replace
)ui_mode: normal
)ui_mode: toolbar
)parent: parent_panel
)authorization
and host
, so that we can access the external resources without extra login. (option: work_mode: ingress
header: {map}
)/api/ingress/{name}/
)/{panel}?index={overwrite_index}
)You can install this custom component by adding this repository (https://github.com/lovelylain/hass_ingress) to HACS in the settings menu of HACS first. You will find the custom component in the integration menu afterwards, look for Ingress
. Alternatively, you can install it manually by copying the custom_component folder to your Home Assistant configuration folder.
To enable Ingress panels in your installation, add the following to your configuration.yaml
file, then restart HA:
ingress:
link_automation:
work_mode: iframe
ui_mode: replace
title: Automation
icon: mdi:link
url: /config/automation/dashboard
frigate:
ui_mode: toolbar
title: Frigate
icon: mdi:cctv
url: http://172.30.32.2:5000
nodered:
require_admin: true
title: Node-RED
icon: mdi:sitemap
url: http://127.0.0.1:45180
headers:
authorization: !secret nodered_auth
nodered_ui:
parent: nodered
title: Node-RED Dashboard
icon: mdi:monitor-dashboard
url: http://127.0.0.1:45180
index: /ui/
headers:
authorization: !secret nodered_auth
After you modify the Ingress configuration, you can go to developer-tools
page and click Reload Ingress
to reload without restarting HA.
ingress
iframe
auth
hassio
, default: ingress)
auth_request api: /api/ingress/_/auth
request header: X-Ingress-Name(ingress_name), X-Original-URL($scheme://$http_host$request_uri), X-Hass-Origin(hass_url)
response header: Set-Cookie(ingress_token) if succ, Location(login_url_path) if 401.
url: a0d7b954_grafana
. This mode does not enable add-ons that do not support ingress to support ingress, it only provides some personalized functions for the ingress sidebar, such as customizing the sidebar title and hiding the header.replace
normal
toolbar
, default: normal)
iframe
and auth
mode, you can enable the extended configuration for the url
option:
url:
match: JS regular expression to match scheme://host[:port].
replace: JS regular replacement to build real url.
default: Default url when regular expression does not match.
For example, you use http://hass.web.local to access HA from the internal network, and https://hass.example.com from the external, you want to use http://openwrt.web.local to access auth mode openwrt from the internal, and https://openwrt.example.com from the external. You can set match: (\w+://)hass(\..+)
, replace: $1openwrt$2
, default: https://openwrt.example.com
to achieve your goal.
url
is http://127.0.0.1:45180/ui/, all access must be under the /ui/ path; if the url
is http://127.0.0.1:45180 and the index
is /ui/, all paths of http://127.0.0.1:45180 can be accessed./{parent panel_name}/{child panel_name}
link. For example, the parent panel nodered
, the sub-panel ui
or nodered_ui
, you can access the sub-panel through /nodered/ui
.authorization
for basic auth
.Notice: Not all backend services can be proxied by ingress, it must use relative paths or use X-Ingress-Path
http header to generate correct absolute paths. For unsupported backend services, you can try work_mode: auth
to work with another domain reverse proxied by nginx, or use nginx's sub_filter to fix the absolute paths in the response.