I am running homeassistant in a docker container on a RPi 4 with Raspbian. I am using tributs scripts to elevate the need of running the docker image as root. This all works dandy. But now I am trying to add the dsmr integration but I am not succeeding. The integration requires to connect to the "Slimme meter" via USB. However, I get a permission error. my knowledge of both docker and linux privelages is too limited to know where to start debugging this. Does anyone have some pointers for me?
This is the error message homeassistant is throwing at me:
Logger: homeassistant.components.dsmr
Source: components/dsmr/config_flow.py:93
Integration: dsmr (documentation, issues)
First occurred: 21:18:17 (1 occurrences)
Last logged: 21:18:17
Error connecting to DSMR
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/serial/serialposix.py", line 322, in open
self.fd = os.open(self.portstr, os.O_RDWR | os.O_NOCTTY | os.O_NONBLOCK)
PermissionError: [Errno 13] Permission denied: '/dev/ttyUSB0'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/components/dsmr/config_flow.py", line 93, in validate_connect
transport, protocol = await asyncio.create_task(reader_factory())
File "/usr/local/lib/python3.9/site-packages/serial_asyncio/__init__.py", line 445, in create_serial_connection
serial_instance = serial.serial_for_url(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/serial/__init__.py", line 90, in serial_for_url
instance.open()
File "/usr/local/lib/python3.9/site-packages/serial/serialposix.py", line 325, in open
raise SerialException(msg.errno, "could not open port {}: {}".format(self._port, msg))
serial.serialutil.SerialException: [Errno 13] could not open port /dev/ttyUSB0: [Errno 13] Permission denied: '/dev/ttyUSB0'
After some researching I figured that I needed to add the user to an extra group named dialout because only members of that group are allowed to access the USB ports (as well as other devices).
First I figured out the group id of the dialout group in the host machine (the machine running the docker container) by running
cat /etc/group | grep dialout
it returned 20 in my case. Luckily, the script of tributs has the possibility to add the user to an extra group via the environment variable EXTRA_GID. So all the relevant lines in the docker-compose file for accessing USB are (when using the script of tribut) are:
devices:
- /dev/ttyUSB0:/dev/ttyUSB0
environment:
- PUID=1000
- PGID=1000
- EXTRA_GID=20 # this is the ID of the group 'dialout'