Setting up your Home Assistant for Cloud Access
The goal of this is to setup Hass.io on a Raspberry Pi that allows external access to our home automation hub. This enables me to manage it away from my home and integrate with cloud services.
Components Involved
- Home Assistant (Home Automation Hub)
- Duck DNS account (a free DDNS service)
- NGiNX – (local SSL Proxy)
Duck DNS Steps
Since my internet connection is a through a dynamic external IP address managed by my service provider, it changes quite often (weekly and sometimes daily). It becomes difficult to connect to home services from an external computer once you leave your home’s WiFi.
To address this, Duck DNS is a DDNS (Dynamic DNS) service that provides a public DNS server so anyone can get a “subdomain” to use provided scripts for updating record(s) – instead of trying to remember an IP address, use a domain name that’s kept up-to-date simple and free.
Home Assistant Steps
My choice of open source home automation for local control and privacy.
Pre-Reqs:
- Firewall is allowed to pass thru port 443 and 1823 to Hassio local IP address
- Home Assistant already setup with base installation
- Make a backup – http://localhost:8123/hassio/snapshots
Hassio Steps:
- From the Hassio Add-On Store, the below steps are required for setting up TLS/SSL Proxy
- Install DuckDNS and apply token, set accept_terms to true, then add domain list
- {
“lets_encrypt”: {
“accept_terms”: true,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”
},
“token”: “XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”,
“domains”: [
“name1.duckdns.org”,
“name2.duckdns.org”
],
“seconds”: 300
}
- {
- Install NGINX
- Refresh log and should look similar to mine:[INFO] Generating dhparams (this will take some time)… Generating DSA parameters, 4096 bit long prime ……….+………….+…….+…..+………..+…..+…………+………….+…+………..+………………..+….+…+…..+…….+………+…..+……………………+..+…….+……+….+…..+.+….+……………………………………+……………………….+……+…+………..+…..+…++++++++++++++++++++++++++++++++++++++* [INFO] Creating ‘snakeoil’ self-signed certificate… Generating a 2048 bit RSA private key ……………….+++ ……………………………………………….+++ writing new private key to ‘/data/ssl-cert-snakeoil.key’ —– [INFO] Running nginx…
- Configure the Hassio configuration.xml to disable ssl cert and porthttp:
base_url: !secret http_base_url
#api_password: !secret http_password
#server_port: !secret http_port
#ssl_certificate: /ssl/fullchain.pem
#ssl_key: /ssl/privkey.pem
ip_ban_enabled: true
login_attempts_threshold: 5
cors_allowed_origins:
– https://google.com
– https://www.home-assistant.io
– https://subdomain.duckdns.com
#use_x_forwarded_for: true
trusted_networks:
– 127.0.0.1
– ::1
– 8.8.8.8
– 192.168.0.0/24
– fd00::/8 -
Restart Home Assistant, Done
Leave a Reply