Duckdns has had some outages in the past several months and I would like to find a way to make my HA accessible remotely without using Nabu Casa.
I have seen Cloudflare mentioned in the past but at the Cloudflare site I didn’t see where I could pick my URL. It looks like I have to purchase a domain first from another site such as domain.com then put that URL into the Cloudflare account. Is that the process that I need to take?
If that is what I need to do then are these my next steps?
Stop and Remove the DuckDNS from the Add On store
Install Let’s Encrypt from the Add On store and configure with Cloudflare info
Configure NGINX Home Assistant SSL proxy from the Add On store with the domain URL and Cloudflare set to yes
yes you need to buy a domain and point it to cloudflare.
then you can use the HA cloudflare component to update your ip.
you can use letsencrypt docker, but you can also get the free 15 year ssl from cloudflare.
Thanks. That’s cool that I don’t have to worry about Let’s Encrypt SSL cert needing to be renewed every 90 days by using the Cloudflare SSL cert.
Is step 6 configure home assistant server block the same as editing the base URL? I don’t use docker since I am running HA off of a RPI4.
What is the best way to have Cloudflare or by domain name provider updated with my dynamic IP when it changes? I am using DirectUpdate on a Windows PC as a trial and it seems to work but I was wondering if there is something withing the Add On store or HACS that I can use instead.
I couldn’t find that option. I put in the domain I wanted but it was already taken. It acted like I had the option to use it which I don’t since I am not the owner. It did not give me an alternative option like domain.com and some of the other domain registries provided. Is there a walk through process for that somewhere? I didn’t see it on Cloudflare’s help site.
edit: It’s not really possible to purchase a domain from Cloudflare see here.
The Cloudflare site stated to save them to example.com.pem and example.com.key can I have more than one base URL and more than one SSL cert? I would like to try it with both so I don’t lose my DuckDNS setup until I know I can remotely access my HA remotely with the Cloudflare setup.
I did a bit of a look around for the domain and the best deal was namecheap.com
i found a suitable .com domain for USD91 for 10 years.
once you set it up and you set up your free cloudflare account
just use this guide to link it to cloudflare
I had already purchased the domain through another site but I figure the setup would be the same. I was able to remotely access HA through my new domain but I wasn’t sure if it was because I had manually added the public dynamic IP to an A name record. So to test that I deleted the A name record and then I couldn’t access HA through the new domain name. I couldn’t remotely access HA even after I added it back in once I realized I could no longer remotely access HA. So then I deleted the SSL cert and created a new one then added it into the .perm and .key files in the SSL folder of HassIO. Now I am able to remotely access HA again through my new domain.
I am still anxious to determine if the settings for Cloudflare in the configuration.yaml file really will update the A DNS record with my dynamic IP every hour.
Is there a public IP checker that will log changes to my public IP to a file so that I can check to see if it has changed and if so when?
I found out that DirectUpdate provides a log file of the IP and there is an option to have it create a new file hourly daily or monthly. I set it to daily so that the log file isn’t too long. It’s free for 60 days.
I also found out that I had to update my Google Account linking by going to https://console.actions.google.com/ then clicking on my project then clicking on Develop. Then I had to update the Authorization URL and the Token URL with the new domain URL.
First of all, thank you for pointing in the direction of the Cloudflare integration and Letsencrypt-Addon!
That helped a lot setting up custom domain SSL certs.
However, what I’m struggling to understand is for what I need the nginx?
If I simply add the below config to my configuration.yaml then HA is reachable through SSL.
