Alternative to DuckDNS - which is best? HAOS+Frigate

damnshit · March 12, 2025, 7:34pm

For a long time I used DuckDNS with nginx addon to access HAOS from outside my home network.

Then I wanted to try Cloudflare Zerotrust Tunnel, but it doesn’t work with go2rtc, which I only realized after days of testing.

What is the best alternative to DuckDNS-nginx method?

Runs on Proxmox, both services installed via Proxmox helper script:

HAOS runs separately in VM
Frigate runs in a separate LXC container
I have a Namecheap domain that runs on Cloudflare.

Relevant Frigate-Config:

  webrtc:
    candidates:
      - 192.168.178.xxx:8555 (LXC-Container IP of Frigate)
      - stun:8555
      - stun.l.google.com:19302
      - subdomain.domain.com

HAOS-Config:

# Loads default set of integrations. Do not remove.
default_config:

# Load frontend themes from the themes folder
frontend:
  themes: !include_dir_merge_named themes

automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

http:
# Paths to your Cert Files
#  ssl_certificate: /ssl/fullchain.pem
#  ssl_key: /ssl/privkey.pem
  cors_allowed_origins:
      - https://google.com
      - https://www.home-assistant.io
  ip_ban_enabled: true
  login_attempts_threshold: 50
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24
# Cloudflare
#    - 173.245.48.0/20
#    - 103.21.244.0/22
#    - 103.22.200.0/22
#    - 103.31.4.0/22
#    - 141.101.64.0/18
#    - 108.162.192.0/18
#    - 190.93.240.0/20
#    - 188.114.96.0/20
#    - 197.234.240.0/22
#    - 198.41.128.0/17
#    - 162.158.0.0/15
#    - 104.16.0.0/13
#    - 104.24.0.0/14
#    - 172.64.0.0/13
#    - 131.0.72.0/22

tom_l · March 12, 2025, 10:07pm

Nacbu Casa Remote UI.

Super easy to set up. Comes with a lot of extras (webrtc, cloud storage for backups, tts, voice assistant, etc…) and while it is not free the proceeds go to supporting home assistant development.

damnshit · March 12, 2025, 10:37pm

I would use NabuCasa if I used HomeAssistantOS for more than just Frigate.
HAOS is only used as a kind of feed display of the streams available from frigate.
Not for large SmartHome-Environment.

tom_l · March 12, 2025, 10:45pm

What are you using for this?

damnshit · March 12, 2025, 10:57pm

Surveillance cameras → Frigate → HAOS → Frigate HASS dashboard

HAOS is used as an flexible client-app for me and third parties to access the residual streams of the surveillance cameras independently of the browser.

Incidentally, I have just read that Nabu Casa is apparently not suitable for WebRTC/Go2RTC either.

Module: WebRTC

In most cases WebRTC uses direct peer-to-peer connection from your browser to go2rtc and sends media data via UDP. It can’t pass media data through your Nginx or Cloudflare or Nabu Casa HTTP TCP connection! It can automatically detects your external IP via public STUN server. It can establish a external direct connection via UDP hole punching technology even if you not open your server to the World.

But about 10-20% of users may need to configure additional settings for external access if mobile phone or go2rtc server behing Symmetric NAT.

by default, WebRTC uses both TCP and UDP on port 8555 for connections

you can use this port for external access

you can change the port in YAML config: