Home Assistant is the household automation controller. It is one of the highest-risk services to change because it runs privileged and on host networking, and it integrates directly with LAN devices and local system services.
This page documents the homeassistant service. It does not replace per-integration notes or device-specific runbooks.
- Container:
homeassistant
- Image:
ghcr.io/home-assistant/home-assistant:stable
- Stack: House Stack
- Compose path:
/opt/stacks/house/compose.yaml
- Networking:
network_mode: host
- Privilege level:
privileged: true
- Restart policy:
unless-stopped
- Local UI listener verified on
:8123 on 2026-04-07
- Public hostname currently configured in NPM:
Ha.better-than.tv
¶ Config and Data Paths
- Main config root:
/srv/docker/homeassistant/config
- Main YAML config:
/srv/docker/homeassistant/config/configuration.yaml
- Secrets file:
/srv/docker/homeassistant/config/secrets.yaml
- Additional mounts:
/etc/localtime:/etc/localtime:ro, /run/dbus:/run/dbus:ro
- LAN URL:
http://192.168.0.113:8123
- Public URL:
https://Ha.better-than.tv
- Because the container uses host networking, ports are not declared in compose and must be validated live
¶ Authentication and Secret Locations
- Home Assistant accounts, auth providers, and tokens are application-managed under
/srv/docker/homeassistant/config
- Static secrets should live in
/srv/docker/homeassistant/config/secrets.yaml
- No compose-level auth or password env vars were verified on
2026-04-07
- Treat host networking and privileged mode as high-risk changes; small compose changes can have broad impact
- Validate the UI locally on
:8123 before debugging the NPM route
- Keep
/run/dbus available for integrations that depend on local bus access
- Update the wiki when integrations, auth flows, or externally exposed access paths change
¶ Monitoring and Logs
- Docker logging driver is
json-file
- No container healthcheck is configured as of
2026-04-07
- Recent logs contained unreachable-device and IPP timeout warnings, which is typical when LAN devices are offline or unstable
docker logs homeassistant is the first-line source for integration failures
¶ Backup and Restore
/srv/docker/homeassistant/config is within the documented Duplicati scope- Restore should preserve the full config directory, including
.storage and secrets.yaml
- After restore, validate the core UI and a representative set of critical integrations rather than assuming all devices recovered uniformly
¶ Failure Modes and Recovery
- YAML or config-store mistakes can block startup or break specific integrations
- Host networking removes Docker port isolation, so listener conflicts or host firewall changes can affect access immediately
- DBus-dependent integrations will degrade if
/run/dbus is unavailable or stale
- Many Home Assistant incidents are actually LAN device reachability problems, not container failures