alex/homeassistant-mcp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Update configuration documentation to use environment variables

Browse Source 
- Migrate from YAML configuration to environment-based configuration
- Add detailed explanations for new environment variable settings
- Include best practices for configuration management
- Enhance logging and security configuration documentation
- Add examples for log rotation and rate limiting
This commit is contained in:
jango-blockchained
2025-02-06 04:25:35 +01:00
parent 81d6dea7da
commit f0ff3d5e5a
1 changed files with 85 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
docs/configuration.md
View File

@@ -4,103 +4,126 @@ This document provides detailed information about configuring the Home Assistant
## Configuration File Structure ## Configuration File Structure
The MCP Server uses a hierarchical configuration structure: The MCP Server uses environment variables for configuration, with support for different environments (development, test, production):
```yaml ```bash
server: # .env, .env.development, or .env.test
host: 0.0.0.0 PORT=4000
port: 8123 NODE_ENV=development
log_level: INFO HASS_HOST=http://192.168.178.63:8123
HASS_TOKEN=your_token_here
security: JWT_SECRET=your_secret_key
jwt_secret: YOUR_SECRET_KEY
allowed_origins:
- http://localhost:3000
- https://your-domain.com
devices:
scan_interval: 30
default_timeout: 10
``` ```
## Server Settings ## Server Settings
### Basic Server Configuration ### Basic Server Configuration
- `host`: Server binding address (default: 0.0.0.0) - `PORT`: Server port number (default: 4000)
- `port`: Server port number (default: 8123) - `NODE_ENV`: Environment mode (development, production, test)
- `log_level`: Logging level (INFO, DEBUG, WARNING, ERROR) - `HASS_HOST`: Home Assistant instance URL
- `HASS_TOKEN`: Home Assistant long-lived access token
### Security Settings ### Security Settings
- `jwt_secret`: Secret key for JWT token generation - `JWT_SECRET`: Secret key for JWT token generation
- `allowed_origins`: CORS allowed origins list - `RATE_LIMIT`: Rate limiting configuration
- `ssl_cert`: Path to SSL certificate (optional) - `windowMs`: Time window in milliseconds (default: 15 minutes)
- `ssl_key`: Path to SSL private key (optional) - `max`: Maximum requests per window (default: 100)
### Device Management ### WebSocket Settings
- `scan_interval`: Device state scan interval in seconds - `SSE`: Server-Sent Events configuration
- `default_timeout`: Default device command timeout - `MAX_CLIENTS`: Maximum concurrent clients (default: 1000)
- `retry_attempts`: Number of retry attempts for failed commands - `PING_INTERVAL`: Keep-alive ping interval in ms (default: 30000)
## Environment Variables ## Environment Variables
Environment variables override configuration file settings: All configuration is managed through environment variables:
```bash ```bash
MCP_HOST=0.0.0.0 # Server
MCP_PORT=8123 PORT=4000
MCP_LOG_LEVEL=INFO NODE_ENV=development
MCP_JWT_SECRET=your-secret-key
# Home Assistant
HASS_HOST=http://your-hass-instance:8123
HASS_TOKEN=your_token_here
# Security
JWT_SECRET=your-secret-key
# Logging
LOG_LEVEL=info
LOG_DIR=logs
LOG_MAX_SIZE=20m
LOG_MAX_DAYS=14d
LOG_COMPRESS=true
LOG_REQUESTS=true
``` ```
## Advanced Configuration ## Advanced Configuration
### Rate Limiting ### Security Rate Limiting
```yaml Rate limiting is enabled by default to protect against brute force attacks:
rate_limit:
enabled: true
requests_per_minute: 100
burst: 20
```
### Caching ```typescript
```yaml RATE_LIMIT: {
cache: windowMs: 15 * 60 * 1000, // 15 minutes
enabled: true max: 100 // limit each IP to 100 requests per window
ttl: 300 # seconds }
max_size: 1000 # entries
``` ```
### Logging ### Logging
```yaml The server uses Bun's built-in logging capabilities with additional configuration:
logging:
file: /var/log/mcp-server.log ```typescript
max_size: 10MB LOGGING: {
backup_count: 5 LEVEL: "info", // debug, info, warn, error
format: "%(asctime)s - %(name)s - %(levelname)s - %(message)s" DIR: "logs",
MAX_SIZE: "20m",
MAX_DAYS: "14d",
COMPRESS: true,
TIMESTAMP_FORMAT: "YYYY-MM-DD HH:mm:ss:ms",
LOG_REQUESTS: true
}
```
For production deployments, we recommend using system tools like `logrotate` for log management.
Example logrotate configuration (`/etc/logrotate.d/mcp-server`):
```
/var/log/mcp-server.log {
daily
rotate 7
compress
delaycompress
missingok
notifempty
create 644 mcp mcp
}
``` ```
## Best Practices ## Best Practices
1. Always use environment variables for sensitive information 1. Always use environment variables for sensitive information
2. Keep configuration files in a secure location 2. Keep .env files secure and never commit them to version control
3. Regularly backup your configuration 3. Use different environment files for development, test, and production
4. Use SSL in production environments 4. Enable SSL/TLS in production (preferably via reverse proxy)
5. Monitor log files for issues 5. Monitor log files for issues
6. Regularly rotate logs in production
## Validation ## Validation
The server validates configuration on startup: The server validates configuration on startup using Zod schemas:
- Required fields are checked - Required fields are checked (e.g., HASS_TOKEN)
- Value types are verified - Value types are verified
- Ranges are validated - Enums are validated (e.g., LOG_LEVEL)
- Security settings are assessed - Default values are applied when not specified
## Troubleshooting ## Troubleshooting
Common configuration issues: Common configuration issues:
1. Permission denied accessing files 1. Missing required environment variables
2. Invalid YAML syntax 2. Invalid environment variable values
3. Missing required fields 3. Permission issues with log directories
4. Type mismatches in values 4. Rate limiting too restrictive
See the [Troubleshooting Guide](troubleshooting.md) for solutions. See the [Troubleshooting Guide](troubleshooting.md) for solutions.