Hass.io Add-On: letsdnsocloud - Custom Domain SSL & DDNS

hars · December 11, 2018, 3:51pm

Note: Unmaintained! Please use cloudflare integration:

Hass.io Custom Domain with free CloudFlare DNS hosting, DDNS and Let’s Encrypt.

Features:

Automatic A record creation with current IP.
Domain or Subdomain supported.
Dynamic DNS using the CloudFlare API, monitors changes and updates IP every 5 mins.
Let’s Encrypt certificate generation via DNS Challenge.
Automatic DNS Challenge TXT record generation & cleanup.

This addon came about due to my inability to use the 2 current external access add-ons for my use case.

Firstly I wanted to use my own domain rather than Duckdns. Secondly I didn’t want to open port 80 to the world and the Let’s Encrypt add-on has a HTTP challenge which requires it.

Using the CloudFlare API the add-on will automatically update your IP address which negates the need for a third party DDNS service.

The Let’s Encrypt certificate generation code is from the Duckdns add-on, if I have incorrectly assigned license or credit please let me know.

I’ll do my best to support any issues. Please provide feedback!

Repo URL:

Installation:

Quick & Dirty get started guide:

1. CloudFlare

Sign up for free account.
Add your base domain (no need to create any DNS records).
Make a note of the CloudFlare name servers.
Turn off the free SSL option under the Crypto menu (SSL to Off & Disable Universal SSL).

2. Domain Registrar

Change nameservers for your domain to point to Cloudflare.

3. Home Router

Forward desired public facing port (TCP & UDP) to your Hassio local IP & port (default local port is 8123).

4. Hassio config

Edit config file with your CloudFlare Global API Key, your CloudFlare email address and domain.
Hit start and wait for it to create the certificates.

Add the following to your configuration.yaml:

http:
    base_url: https://your.domain.com:portnumber
    ssl_certificate: /ssl/fullchain.pem
    ssl_key: /ssl/privkey.pem
    ip_ban_enabled: true
    login_attempts_threshold: 5

5. Restart homeassistant

Profit.

gaarindor · December 16, 2018, 5:46am

Just thought I would let you know it was all profit on my end.
No issues
You’re an absolute champ

Argo · December 16, 2018, 5:54am

Hello! Could you say, will it work if my provider does not give me static IP address? And seems like it uses CGNAT (but I am not sure)

hars · December 16, 2018, 12:15pm

Yes sir, it will update your A record IP automatically every 5 mins if it changes.

Unsure if it works with ISPs that utilise CGNAT but feel free to try it out.

Argo · December 16, 2018, 2:28pm

And should I have a domain for that? Or it will be created?

hars · December 16, 2018, 3:55pm

need to have your own domain first - you can get a free one here:

https://www.freenom.com/en/index.html?lang=en

After you create one you have to point the domain to the servers cloudflare gave you in step 1. Here’s the instructions for freenom:

https://my.freenom.com/knowledgebase.php?action=displayarticle&id=3

puncake · December 25, 2018, 2:28am

Hi there, I seem to have an issue with this. Configured everything over on cloudflare, added domain and cloudflare account in addon configuration page and added config in configuration.yaml. I start the addon but log is empty and when I reload it shows as not started. Any ideas?

hars · December 26, 2018, 4:26am

I deleted my certs + add-on and tried again on mine and everything worked fine.

Are there any errors in your log file? Press hass.io in the menu and go to system.

puncake · December 27, 2018, 8:52pm

Log is empty and while addon seems to start when I start it, it’s off upon refreshing. Also no errors in log file. This is what happens:

18-12-27 20:42:39 INFO (SyncWorker_12) [hassio.docker.addon] Start Docker add-on /armhf-addon-letsdnsocloud with version 1.1
18-12-27 20:42:42 INFO (SyncWorker_5) [hassio.docker.interface] Stop /armhf-addon-letsdnsocloud Docker application

Any other ideas?

hars · December 28, 2018, 4:14am

Not too sure man! I’m pretty new to HA myself, just set it up a month ago and still learning.

Click on the about page by going to the dev tools down the bottom of the sidebar, very end icon: ( i )

Maybe something in there will help you troubleshoot?

Varjo · January 18, 2019, 10:56pm

Does this require hass.io or can I use this on a normal home assistant install?

hars · January 19, 2019, 5:00am

All add-ons require hass.io:

Klagio · January 19, 2019, 9:43am

Newb here.
I created a new name in freenom, created an account in cloudflare and added a site (the one created in freenom).
Now in CloudFlare its written “pending nameserver update” under my site

I don’t get which are the nameserver I have to put in freenom

Florian · January 19, 2019, 9:50am

you can find your assigned Cloudflare namesevrvers in the DNS tab of your dashboard below the DNS records.

Klagio · January 19, 2019, 9:52am

Found, thanks

andrewlphilpott · January 22, 2019, 9:22pm

Thank you so much for this! I’ve been trying to get things working with DuckDNS and Let’s Encrypt for weeks, but this is so much better because it a) actually works and b) gives me a use for one of my spare domain names.

pjo · January 23, 2019, 2:58am

so interestingly enough this seems to work - YAY!
but… I keep getting this error in my log…

2019-01-22 18:56:54 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
  File "uvloop/handles/stream.pyx", line 609, in uvloop.loop.UVStream._on_eof
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/local/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)
2019-01-22 18:56:54 ERROR (MainThread) [homeassistant.core] Error doing job: SSL error errno:1 reason: HTTP_REQUEST
Traceback (most recent call last):
  File "uvloop/sslproto.pyx", line 504, in uvloop.loop.SSLProtocol.data_received
  File "uvloop/sslproto.pyx", line 204, in uvloop.loop._SSLPipe.feed_ssldata
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/local/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)

ummm??? Same issue? Any ideas?

hars · January 23, 2019, 4:36am

Yeah, it seems to be a common issue across a few add-ons:

https://github.com/home-assistant/home-assistant/issues/15579#

Maybe it’s the duckdns code I reused to perform the DNS challenge for Let’s Encrypt.

Haven’t had the time to troubleshoot this, will have another look when I have a chance.

hars · January 23, 2019, 4:37am

More info:

monaco · February 21, 2019, 5:03pm

I have my own domain that I use for website on some 3rd party servers. Now I’d like to use subdomain for accessing my homeassistant (with dynamic IP). For example:

mydomain.com shows my web page
home.mydomain.com would show what I have now under myname.duckdns.org:8123
Can you also help with that?