remote node , exclude domains and entities

[Antoled]

I am in a situation where the remote node should not expose some sensors or switches to the remote master;

The remote master must not have the ability on those entities;

This would complete this integration perfectly.

Thank you

[rubinho76]

Hello

It would be even better if the main node establishes the connection to the remote node and you only specify at the main node which entities are transmitted to the remote node.

I have just set up a front HA in a DMZ that is accessible for Google Assistant and Alexa Voice from the Internet.
I don't want to store any credentials or anything else from the main HA in the front HA, also no network connection should be possible from the front HA (remote-node) towards the main HA.

That would be perfect :)

[rubinho76]

Hello,

@jaym25

has the filtering function on the remote site now been implemented, or why has the request been closed?

If the function now exists, how is it implemented?

[jaym25]

@rubinho76
With the Config Flow UI feature populating the selection of entities, I'm not sure this change will not cause other issues, especially when setting it up.
There are also conflicts with version 4.1. If you can update this pull request and have these changes working with version 4.1 and are not experiencing any problems. I will be happy to test it on my setup and, if it works, possibly merge it. I have reopened it and await your reply.

[rubinho76]

@jaym25

I can't say whether it has to be exactly this pull request. I'm not that familiar with the Git-Hub system, sorry.
I was just looking for a way to restrict the endities on the remote side and found this post.

In my case, the remote system is my real main system which is in a DMZ. And I have an HA instance connected to the internet for voice control via port forwarding. (As I originally wrote)

I do not want the main system to have unrestricted access to my entities on the remote site, as this represents an increased security risk.

[jaym25]

@rubinho76 @Antoled

I understand your concern and think this would be a great addition if it will play nicely with the component as it is... If someone would like to update this pull request and get the conflicts removed and check to make sure it doesn't cause issues, it could be great improvement for security and speed purposes.

In the meantime, as long as you exclude the entities and scripts you don't want from the main instance, they will not appear there. You can also use a secure connection between the two instances which should help.
I do understand that the data is being transmitted, but excluded entities and scripts are not being displayed on the main instance in the current release.
As far as the reverse connection, I am using this component bidirectionally over the internet to connect 2 houses and monitor status on both ends, so I would still want to allow the reverse connection in my use case.