B r a v o. You are wrigth
Hey @Tinkerer
Could PiVPN run on a different system and still work to access my HA? Also do you know if it will work with PiHole if it was installed on the same machine?
Yes, and yes.
My PiVPN install is on a different host, which also has PiHole. PiHole also has a Discord for getting help with it.
Iām running Duckdns and letsencrypt right now. Do i need to continue with both? And do you know how to setup the pivpn to route through pihole when i use the vpn outside my network?
If you donāt have a static IP address, you need DuckDNS or similar to give you a hostname for your VPN connection.
You need LetsEncrypt if youāre planning on using any service that requires your Home Assistant service to be externally accessible (HTML5 notifications, OwnTracks HTTP, etc).
As for getting PiVPN to use Pi-Hole, you just have to ensure that when you configure PiVPN you tell it to use the Pi-Hole DNS server IP. If you didnāt, then you need to update /etc/openvpn/server.conf
and change the line that says push "dhcp-option DNS 8.8.8.8 8.8.4.4"
(or whatever IP addresses you chose) to use the internal IP address of your Pi-Hole server (eg push "dhcp-option DNS 192.168.0.10"
)
Discord?
My current setup is Hassio on a pi3 with letsencypt
On other pi3 I have pihole plus PIVPN.
Is a good setup?
Visit https://pi-hole.net/ and look down the page, youāll see an option for Discord, which is a chat program.
Itās a reasonable choice IMO, avoids over-loading the Home Assistant server.
hey everyone IĀ“ve just installed duckdns addon on hass.io that one that it comes already with letĀ“s encrypt, I didnĀ“t change anything on my router, I have my own domain and etc how can I access my hass.io? my trigger on ifttt itĀ“s not working thatĀ“s why I missed something ?
tks IĀ“ll do
Thank you @gpbenton
I will try this sometime this week. I am optimistic that this will fix my issues of not being able to remote in due to ipv6 addressing. I recently switched isp companies and have had no remote access since then. It gives me the feeling of forgetting my phone at home. #sadpanda
There are many methods to do this - the difference is security, easiness of the configuration and cost of the solution.
Following I am typing some methods with some analyses
1. Port Forwarding (with Dynamic DNS and SSL encryption)
This requires router configuration (to forward your routers public port to HA private port), however this requires you to have fixed ip address. In case your ip address is not fixed (in most cases) you need to use Dynamic DNS services to be able to use domains instead ip address (there are lot of available free services). Here we still have security question open. To solve security question i.e. setup ssl certificate we can use Letās Encrypt service ( https://letsencrypt.org/ ) to get free certificate, however we should configure HA server to use the certificate or we should setup reverse proxy (in most cases nginx or apache) and configure proxy to use certificate.
Conclusion ā Hard to setup if we want to have secure connection (can be done for free)
2. VPN
For this scenario we should use VPN services. We should connect our HA server to VPN then in other side we should connect our client to VPN (i.e. mobile device) that will allow us to access to HA by local IP address. We can set up our own VPN server however this requires knowledge to do it right.
Conclusion ā Easy, Paid, Secure, Bad User Experience (connecting to VPN every time you need to connect to HA)
3. Tunneling
For this scenario we can use free tunneling services (i.e. https://tunnelin.com/ ). The process is very straight forward i.e. Register a User, Connect your device to service (by running one line command on device), use Web interface to open/close secure tunnels to the device.
Conclusion ā Free, Secure, Easy
I use TeamViewer a lot for my computers and android devices and I would really like to use it also for Home Assistant since I have up setting up VPN on my router.
Since I am not familiar with the Linux can someone please help me installing it to PI 3 B+ or at least point to some good tutorial.
Teamviewer does not require a vpn to connect remotely and it would actually cause problems connecting. Teamviewer does however, require a desktop environment. It is possible to install Teamviewer on a Raspberry Pi but most installations on a Pi donāt involve a graphical desktop. If you have another always on computer at home, just install Teamviewer on that and access Home Assistant through a browser as normal.
That last option I already have, but I thought it is possible to access it directly via TeamViewer
You can install Teamviewer on a Raspberry Pi. If the Raspberry Pi is the one you are using for Home Assistant AND it has a graphical Desktop it can be done. If you have installed Home Assistant using Hass.io then you are out of luck. If this is a separate Pi with a graphical Desktop then download the Raspberry host from https://www.teamviewer.com/en/download/linux/
Ok, then I give up and would go via Tunneling. I have registered at tunnelin.com but when I paste sudo sh -c "$(curl -s https://setup.tunnelin.com/linux)"
into Putty SSH, I get just -bash: sudo: command not found
How to configure it?
How do you have HA installed?
If you have this installed with hass.io, you donāt have normal Linux commands available. It is a very cut down OS.
If you have used hass.io then you might want to have a look at NGINX. It is available in the Hass.io add-ons store. You will need to gain some understanding of using NGINX as a reverse proxy.
Just curious, if one were to use lets encrypt, why is there the need to also run nginx?
Now I am totally confused. If I set port forwarding with letsencrypt, would I be able to access with any external computer/phone or will I need certificate on appliance from which I want to access?
I realy hate HA does not have propper application to access it securely via server. I need to make access to more phones to switch lights