Todays hack: Integrating a proprietary alarm and lock system into home assistant

Last week, we got our alarm system from alarm.com (yup. I dare say which vendor. Security by obscurity is no such thing) set up. We’ve had a code lock from ID Lock for a while, but until we got the alarm system, it was totally standalone. Now, there exists ways to have it communicate over Z-wave or zigbee, but since that depends on a single slot towards a single vendor, and we were going to get it integrated into alarm.com as part of the common deal the place I live, I managed to not mess with it in the meantime.

Yes, it was hard for a nerd – having something you could play with and then *not* do it. I am actually pretty proud of my self control.

But anyhow, when we finally got it set up, I of course promptly started researching how to play with integrating to the alarm service. And eureka – I found a custom home assistant component, alarmdotcom, that did exactly that.

Now, to get it to work, I needed to give home assistant some credentials to alarm.com. Luckily, alarm.com supports having multiple users, and you can have quite fine-grained control over what rights every user should have. If you only want to let home assistant pull information from alarm.com, you can make sure the user in alarm.com does not have access to do anything else.

But for the sake of being a nerd, I of course had to play with a more full integration, letting home assistant arm/disarm the alarm and lock/unlock the door.

alarmdotcom gives you an alarm control panel interface, which means it pretty quickly get alarm states, and even arm/disarm the alarm. None of this was any hard to do, it’s mostly a matter of installing the component, and add these lines to configuration.yaml

alarm_control_panel:
        - platform: alarmdotcom
          name: "Husalarmen"
          username: <username>
          password: <password>
          code: <a new code>

For the secrets, you should consider using the secrets mechanism, at least if you share access to the machine and/or ever want others see your configuration. But end of the day, you always have to hardcode secrets somewhere.

With this setup, I got an alarm sensor that tells me the state of the alarm, some possibilities to change the state of the alarm from homeassistant – protected by a code – and the possibility to use an alarm card to make it more user friendly in a panel.

Having gotten this to work, I discovered that something was missing: I could neither see the state of nor control my lock! It turns out that alarmdotcom doesn’t actually support locks. But that was only a challenge. alarmdotcom uses the accompagnying python library pyalarmdotcomajax, made by the same user, and obviously made specifically for alarmdotcom custom component. So I decided to try to have it also behave as a lock. I initially got the state of the lock as a sensor that the alarmdotcom component reported on, but that of course didn’t give me the option to control it. Nevertheless, having that functionality in will make it possible for people to use alarmdotcom as an alarm, and give it the ability of changing the state of the alarm without giving home assistant the possibility to unlock your house.

It took me some research, but I finally found out that adding a lock.py to alarmdotcom which implemented a lock interface was the way to go. For the sake of documentation, I think I’ll just link to the pull request I submitted – which at the time of writing isn’t approved or merged (it’s december and holiday times, and not everyone have time for nerding these days….). And who knows, it may never be merged. But that’s the beauty of open source, I can roll my own version and just run that one instead.

Now, of course the python module, pyalarmdotcomajax, needed to be modified – and I again link to the pull request. I decided to make a new version of async_update, the method that give me the state of the alarm, which I called async_update_lock. This has the responsibility to set the state of the lock in home assistant. Now, of course there’s bits and pieces with variable declarations and interpretations of states in the interface etc, but that was the basis of getting an entity that represents a lock in Home Assistant. To be able to lock and unlock it, I also needed I also needed an async_lock and async_unlock method, which in turn needed a slight modification to the internal _send method that is responsible for sending commands to alarm.com (I basically needed to have a parameter to tell it which subsystem to send the command to).

And these were the basic changes needed to implement lock functionality to the alarm component. Integrating it into Home Assistant, I needed to configure a second entry in configuration.yaml to define a lock:

lock:
        - platform: alarmdotcom
          name: "Ytterdørlåsen"
          username: <username>
          password: <password>
          code: <code>.

The secret information here should be treated similarly as in the previous alarm definition, and it can either be the same credentials or a completely different set of alarm.com credentials.

Setting up all of this, I am now able, from Home Assistant interface, to lock and unlock the door entering the code specified in configuration.yaml.

Now, for the sake of security, I have decided to disable the possibility to unlock my door from Home Assistant – I have done that by limiting the rights of the alarm.com credentials. I don’t necessarily believe it’s that dangerous, I simply haven’t found a good use case for that functionality yet, and it’s good to limit a systems possibility to do just what it needs to do. Leaving it in would make my Home Assistant instance a target for malicious hacking, i.e. for people wanting to rob my home.

My hacking didn’t end there, though. I have got some other sensors in my house – an extra motion sensor and some extra door/window sensors on windows that was hardly accessible for entry anyhow. But for the sake of the experiment, I decided to see whether I can do something with those. And it turns out I can.

There is another custom component, alarmo, that makes it pretty easy to roll your own alarm based on Home Assistant Sensor. I set up an alarmo instance, that gives me a virtual alarm interface much like alarmdotcom, but based on my own sensors. Since it exists within Home Assistant, I don’t need those credentials either, but you can specify/create codes for several users.

Now, having set up this, my thought is: Can I have Alarmo armed whenever I arm the alarm.com alarm? Yes, of course I can! I just need a couple of automations that listent to alarmdotcom state changes, and have it arm or disarm the Alarmo alarm accordingly. Now, for this to work, I needed to hardcode an Alarmo code into the automation setup, but it was a pretty straightforward setup.

I then decided to see if I can have an Alarmo alarm trigger the alarm.com alarm system. It turns out that for this to work, I would again have to implement support for it in alarmdotcom and pyalarmdotcomajax – but my guess is that the changes would be fairly trivial. Not being sure at all whether I want Home Assistant to trigger real alarms, I decided to pass on that one, and instead opt for a simple push notificiation when the alarm fires – it’s probably better for our poor dog that we avoid creating false alarms 🙂

And with that, I managed to conclude my blog writeup of my alarm experimentation with a coding challenge to any reader who has alarm.com, Home Assistant and a willingness to hack 🙂

Happy hacking!

Legg igjen en kommentar

Din e-postadresse vil ikke bli publisert.

Dette nettstedet bruker Akismet for å redusere spam. Lær om hvordan dine kommentar-data prosesseres.