Core: Discover/plex_mediaserver component creates spurious

Created on 15 Dec 2018  ·  5Comments  ·  Source: home-assistant/core

Home Assistant release with the issue:

0.84.2

Last working Home Assistant release (if known):
Unkown

Operating environment (Hass.io/Docker/Windows/etc.):

Docker environment, set up with:

  homeassistant:
    container_name: home-assistant
    image: homeassistant/home-assistant
    depends_on:
      - "influxdb"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /opt/appdata/homeassistant:/config
    environment:
      - PUID=${PUID}
      - PGID=${PGID}
    restart: 
      always
    network_mode: 
      host

  influxdb:
    container_name: influxdb
    image: influxdb
    volumes:
      - /opt/appdata/influxdb/influxdb.conf:/etc/influxdb/influxdb.conf
      - /opt/appdata/influxdb/db:/var/lib/influxdb
    environment:
      - INFLUX_GRAPHITE_ENABLED='true'
    ports:
      - "8087:8086"
    restart:
      always

Component/platform:
https://www.home-assistant.io/components/discovery/

Description of problem:
When the discovery component is enabled, it will generate spurious warnings in the log

home-assistant   | /usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

These usually come in sets of 3 of 4 warnings every 10-30 seconds.
I do have a Plex media server set up on the same machine as Home Assistant, in a separate docker container. It does allow for both HTTP and HTTPS access, but HTTPS will redirect to plex.tv for authentication first, before it redirects back to the instance. This is common, I believe, as I have not configured my Plex instance to behave this way.
Plex setup:

  plex:
    image: plexinc/pms-docker
    container_name: plex
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /opt/appdata/plex:/config
      - /mnt/storage:/data
#    ports:
#      - 32400:32400
    network_mode: host
    restart: always
    environment:
      - PLEX_CLAIM=${PLEX_CLAIM}
      - PUID=${PUID}
      - PGID=${PGID}

Problem-relevant configuration.yaml entries and (fill out even if it seems unimportant):
Fixed by adding the following to your configuration file

discovery:
  ignore:
    - plex_mediaserver

Traceback (if applicable):

Additional information:

plex stale
Source
picture mstormo

Most helpful comment

@robbiet480 I don't agree with closing the task. The behavior is still very much incorrect, with the default discovery service flooding the logs with warning messages. It's a clear indication that something is wrong and insecure.

Although disabling the discovery service, or parts of it, removes the symptom, the problem is not corrected by this fact, only mitigated.

picture mstormo on 25 Mar 2019
👍4

All 5 comments

Ah, thank you! I could not find what was causing this same thing for me. I have the same issue with nearly the same setup.

Currently on 0.86.3 with plex (using the presets in their snap package installation). When discovery is enabled, I get spammed with certificate verification warnings. Turning it off, silenced the warnings.

sam-wright picture sam-wright on 30 Jan 2019

@mstormo Did disabling discovery solve the log warnings?

If not you might want to consider running a reverse proxy in front of your web-facing services. Nginx is fairly easy to get going, and can handle all your HTTPS/TLS stuff and forward http connections to local services. It helps to centralise your certificate management too. I use the bringnow/docker-letsencrypt image and it Just Works, by and large.

tjhowse picture tjhowse on 22 Mar 2019

Yes, disabling it solved the problem for me.

--
.marius

On Thu, Mar 21, 2019, 20:25 tjhowse notifications@github.com wrote:

@mstormo https://github.com/mstormo Did disabling discovery solve the
log warnings?

If not you might want to consider running a reverse proxy in front of your
web-facing services. Nginx is fairly easy to get going, and can handle all
your HTTPS/TLS stuff and forward http connections to local services. It
helps to centralise your certificate management too. I use the
bringnow/docker-letsencrypt image and it Just Works, by and large.


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/home-assistant/home-assistant/issues/19340#issuecomment-475461592,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAAF3MZjWysOGaobu17WLs4JxE9Bgx0Hks5vZDD9gaJpZM4ZU66S
.

mstormo picture mstormo on 23 Mar 2019
👍1

@robbiet480 I don't agree with closing the task. The behavior is still very much incorrect, with the default discovery service flooding the logs with warning messages. It's a clear indication that something is wrong and insecure.

Although disabling the discovery service, or parts of it, removes the symptom, the problem is not corrected by this fact, only mitigated.

mstormo picture mstormo on 25 Mar 2019
👍4

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.
Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍
This issue now has been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] picture stale[bot] on 7 Jul 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

sogeniusio picture sogeniusio  ·  3Comments
YellowMonster76 picture YellowMonster76  ·  3Comments
bdraco picture bdraco  ·  3Comments
TheZoker picture TheZoker  ·  3Comments
arangates picture arangates  ·  3Comments