Hello, I am interested in using my Google Assistant with my smart home, but I am hesitant to open any ports and I don’t want to pay for a service like Nabu Casa. Is there any way I can set up Google Assistant without resorting to those options? Currently, I am using ZeroTier for remote access, but I read online that ZeroTier cannot be used for this purpose. Any assistance would be greatly appreciated.
It is not possible to do Google Assistant without using either Nabu Casa or opening some port forwarding. The reason is that Google Assistant needs to talk to an end point that is in communication with your Home Assistant.
If you use Nabu Casa, then the end point is on Nabu Casa’s systems and your connection to their system provides a means for Google Assistant to get and push information to your setup.
If you do not use Nabu Casa then you must have an port forward with SSL on it that allows Google Assistant to talk to your Home Assistant.
So, if I understand correctly, you’re saying that there are no alternatives to Nabu Casa or port forwarding? Are there any free services similar to Nabu Casa available? I understand that port forwarding can never be completely secure, but how secure is it exactly? If I were to proceed with port forwarding and utilize Let’s Encrypt and DuckDNS, how difficult would it be for someone to breach the system? Thank you for your prompt response.
This is possible with the cloudflared addon. It is how I’m doing it.
Use strong passwords and enable the built in 2FA that will help with your security exposure. As to how difficult it would be for someone to breach the system, that all depends upon if you’re staying up to date and how well the developers do in building a secure platform. Personally, I believe they are doing a good job and I do have my systems (yes multiple) exposed. I use the Nginx Proxy Manager add-on to front end my connections so that I can get access to several services that I have running inside my DMZ.
Ideally, you would have all of your IoT devices on an isolated wireless network that only Home Assistant can access, that will limit your network exposure.
thank you i will check out both cloudflared and see how i can securley port forward. i will probobally use cloudflared in the short term and then switch over too port forwarding in the future
do you use google assistant with cloudflared?
Yes, I’ve also enabled some security bits like 2FA in ha and used WAF rules on cloudflare to block other countries. I was getting banned through cloudflare (ip_ban_enabled ban enabled in HA) because of how the proxy works. I think this may be more secure than port forwarding because cloudflared proxying and I’m not exposing the webserver of HA directly. It is cloudflare’s business to keep this secure. You also get additional protections from DDoS and Bots.
I just wanted too thank you this worked great and I also added my own domain so its super easy too access. Still working too secure everything even more. Thanks again for your help.