I have been using Home Assistant for about two weeks now, and everything has been going more or less smoothly. Now, I want to be able to access my dashboard when I am away from home, but still be able to access my via local IP.
I started by setting up DuckDNS and LetsEncript, but after many issues, I decided to just try and get the dashboard to be accessed externally first. As a web developer, I know the importance of SSL, and will be adding it later after I get this first part figured out.
First things first, I port forwarded port 8121 on both my mesh network and router. Accessing the local IP via browser or the app works just fine. If I access it externally by IP (107.xxx.xx.xx:8123) one of the following happens:
“The server stopped responding”. This means that is connected to the server (port forwarding works) but the server never responded.
Home assistant logo appears in the middle of the screen, no text or other graphics
Login screen appears. After logging in, the message “Unable to connect to home assistant” appears. If I reload, point #2 happens.
In all cases, it loads extremely slowly. The bottom two are the most common. I feel that the first one happens because the browser times out while waiting for a response. Accessing it over local IP is super fast. I expected it to be slower, but not this slow (I also expected it to work).
Using my Duck DNS subdomain (xx.duckdns.org:8123) I almost always get point #2 from above.
If anyone knows of any tips/tricks/articles/topics that could help me out, I would greatly appreciate it.
as a web coder you should be able to:
1- set up a duckdns (or any other dns providers to your external IP
2- forward port 8123 to the internal IP of HA
3- assign the dnsname of your local network within your router
4- access http://my.dns.name:8123
you could also use https provided you have a valid ssl certificate
You would think that I would be abke to figure that out, yes. Unfortanetly, I seem to always get stuck in a hole whenever I try something new, and unfortanelty, this seems to be no exception.
I ended up corrupting my install with a messed up config file (And never setup SSH) but managed to edit out the bad part usong the CLI and a post on the forum.
I think I’m just going to restart with the help of YouTube and hope I don’t mess up again.
Before I did anything, the system loaded completely in under a second.
I added DuckDNS and the certificate from LetsEncript and it connects, but never loads. It takes 8 seconds to display the login page, then spits out a “Unable to connect to Home Assistant. Retrying in xx” message that does not go away even if you reload.
I can access it via homeassistant.local:8123 after bypassing the certificate and it loads fast and just fine on my PC.
However, none of it will load on my iPad, and the app can no longer find the server.
I used to forwarded port 443 to 8123, which allowed me to differentiate between ‘local’ and ‘remote’ (based in SSID):
internal url: https://my.duck.dns:8123 (which resolves in 192.168.0.10 by my router)
external url https://my.duck.dns (wich resolves in my external IP by my ISP’s DNS)
However, nowadays I configured hairpin DNS, so all is dealt with by my router, no longer any need to differentiate between internal/external
use the dns server from your router to ‘spoof’ your (duck)dns name internally…
No need to forward both 8123 and 443
When you use http forward port 80 to 8123 and use http://my.domain.dns/
When you use https forward port 443 to 8123 and use https://my.domain.dns/
Use a reverse proxy like this one. Then remove all SSL options from HA and move your certificate info over to the reverse proxy addon. Then when you go to https://{your duckdns url} it goes to your reverse proxy then to HA and works without issue. And inside your network you can still go to http://homeassistant.local:8123 without any certificate errors.
I mean its true but imo a reverse proxy is a far simpler option in this case. It works as long as your router can support port forwarding (which the author’s router does). As opposed to buying a new router or trying to flash this ISP router (which seems like a bad plan if even possible as I imagine they’re renting it).
And sure dnsmasq or adguard could work but comes with an additional set of challenges:
Does this ISP router support changing the DNS server to use?
If it does support changing the DNS server, does it actually hand that address to DHCP clients or does it hand its address and expect to be the proxy to the DNS server? The latter won’t work with a DNS server in the LAN (as I found out the hard way with my Netgear Orbi)
Is the author comfortable with their entire network going down when the HA machine restarts? Since the DNS server all clients are using will be down.
Also maybe its just me but I strongly prefer to let something like Nginx handle the complexities of SSL verification and management. Rather then HA which is Home Automation software that also has some SSL options.
Looks interesting for sure, and worth a shot. I’ll check it out when I have more time since something will most certainly go wrong.
I don’t think so. It is at least 9 years old if not older.
Personally, I would be fine. Other users of the network would hate me though.
I happen not to be one
I also happen to be pretty bad at UI design (But not bad at UX). Does not quite make sense considering I am a web developer. Oh well, best stick to the backend of things.
My 20 year old linksys wrt54g from 2002 supports it… and is still in use…
I would use a reverse proxy server if i needed one, but i think it’s a bit overkill to run another addon (=docker) just to solve a small issue with duckdns if your router could do the same.
But ofc, it also depends on what hardware HA runs…i would not add too many addons on a RPI3
But after that, I could only access it over the DuckDNS domain name, and it always timed out on my PC (The iPhone app connected).
What did I do wrong?
EDIT
With the plugin installed and the configuration.yaml code shown above commented out again, my PC reports Unable to connect to Home Assistant. Retrying in -68 seconds... for the DuckDNS domain. The iPad says it cannot connect, and the app says reports an error code of NSURLErrorDomain -1200, could not make a secure connection to the server.
Hey @CentralCommand and @aceindy, is it possible to get this up again over HTTPS? I messed with it again yesterday but kept getting error and eventually gave up. HTTPS and HTTP are still not working over the DuckDNS domain, but both the internal and external domains work fine.