HASS Configurator

You can use this add-on to add a browser-based file editor to your Hass.io installation. By default it will listen on port 3218 of the host Hass.io is running on.

More information and a standalone version for regular Home Assistant installations can be found in the GitHub repository.

Screenshot of the HASS Configurator.

Feature list

  • Web-based editor to modify your files with syntax highlighting and YAML linting.
  • Upload and download files.
  • Stage, stash and commit changes in Git repositories, create and switch between branches, push to remotes, view diffs.
  • Lists with available entities, triggers, events, conditions and services.
  • Restart Home Assistant directly with the click of a button. Reloading groups, automations, etc. can be done as well. An API password is required.
  • SSL/TLS support.
  • Optional authentication and IP filtering for added security.
  • Direct links to Home Assistant documentation and icons.
  • Execute shell commands within the add-on container.
  • Editor settings are saved in your browser.
  • And much more…

Add-on Configuration

  "username": "admin",
  "password": "secret",
  "ssl": false,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "verify_hostname": false,
  "allowed_networks": [
  "banned_ips": [
  "banlimit": 0,
  "ignore_pattern": [
  "dirsfirst": false,
  "enforce_basepath": false,
  "notify_service": "persistent_notification.create"

Configuration Variables


(string)(Required)Set a username so that access your configuration is protected.


(string)(Required)Set a password for access.


(boolean)(Required)Enable or Disable SSL/TLS for the editor.

Default value: false


(string)(Required)Set the path the your SSL certificate if the ssl-option is set to true.


(string)(Required)Set the path the your SSL private key if the ssl-option is set to true.


(string)(Required)Limit access to the configurator by adding allowed IP addresses/networks to the list.


(string)(Required)List of statically banned IP addresses.


(integer)(Required)Ban access from IPs after banlimit failed login attempts, setting the value to 0 disables this feature. Restart the add-on to clear the list of banned IP addresses.

Default value: 0


(string)(Required)Regex of files and folders to ignore in the UI.


(boolean)(Required)List directories before files in the file browser.

Default value: false


(boolean)(Required)If set to true, access is limited to files within the /config directory.

Default value: false


(string)(Required)Specify a custom notify-service to be used to push notifications.


(string)(Optional)The log level the configurator should run with. Valid values are debug, info, warning, error, critical.

Default value: info


(string)(Optional)Secret token to dynamically allow access from the IP the request originates from. Open your bookmark https://hassio.yourdomain.com:3218/somesecretnobodycanguess while allowed_networks is set to [] and your IP will get whitelisted. You can use the Network status menu to revoke IP addresses for which access has been granted. Regular authentication is still required.


(string)(Optional)Like the sesame option, but instead as Base32 encoded secret string must be provided. This string then can be added to a TOTP App like Google Authenticator. This way you get a 6-digit sesame that changes every 30 seconds.

Be careful when setting up port forwarding to the configurator while embedding into Home Assistant. If you don’t restrict access by requiring authentication and/or blocking based on client IP addresses, your configuration will be exposed to the internet!

Embedding into Home Assistant

Using the Home Assistant component panel_iframe it is possible to embed the configurator directly into Home Assistant, allowing you to modify your configuration from within the Home Assistant frontend.

An example configuration would look like this:

    title: Configurator
    icon: mdi:wrench
    url: http://hassio.local:3218