Home Assistant Community Add-on: WireGuard

ombre33 · January 30, 2022, 7:53pm

Building on this, and for whoever is interested, a few more sensors that tap into the RestAPI:

  - platform: rest
    name: wireguard
    resource: http://a0d7b954-wireguard
    json_attributes:
        - PeterCellphone
        - PeterLaptop
        - PeterTablet
    value_template: "OK"
  - platform: template
    sensors:
        wireguard_petercellphone_status:
            friendly_name: "Wireguard PeterCellphone Status"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterCellphone').latest_handshake > ( as_timestamp(now()) ) -180 %}
                    Connected
                {% else %}
                    Disconnected
                {% endif %}
        wireguard_petercellphone_lastseen:
            friendly_name: "Wireguard PeterCellphone Last Seen"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterCellphone').latest_handshake > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterCellphone').latest_handshake ) | int | timestamp_custom('%d.%m.%Y, %H:%M') }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_petercellphone_tx:
            friendly_name: "Wireguard PeterCellphone TX"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterCellphone').transfer_tx > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterCellphone').transfer_tx ) | int | filesizeformat() }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_petercellphone_rx:
            friendly_name: "Wireguard PeterCellphone RX"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterCellphone').transfer_rx > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterCellphone').transfer_rx ) | int | filesizeformat() }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_peterlaptop_status:
            friendly_name: "Wireguard PeterLaptop Status"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterLaptop').latest_handshake > ( as_timestamp(now()) ) -180 %}
                    Connected
                {% else %}
                    Disconnected
                {% endif %}
        wireguard_peterlaptop_lastseen:
            friendly_name: "Wireguard PeterLaptop Last Seen"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterLaptop').latest_handshake > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterLaptop').latest_handshake ) | int | timestamp_custom('%d.%m.%Y, %H:%M') }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_peterlaptop_tx:
            friendly_name: "Wireguard PeterLaptop TX"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterLaptop').transfer_tx > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterLaptop').transfer_tx ) | int | filesizeformat() }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_peterlaptop_rx:
            friendly_name: "Wireguard PeterLaptop RX"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterLaptop').transfer_rx > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterLaptop').transfer_rx ) | int | filesizeformat() }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_petertablet_status:
            friendly_name: "Wireguard PeterTablet Status"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterTablet').latest_handshake > ( as_timestamp(now()) ) -180 %}
                    Connected
                {% else %}
                    Disconnected
                {% endif %}
        wireguard_petertablet_lastseen:
            friendly_name: "Wireguard PeterTablet Last Seen"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterTablet').latest_handshake > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterTablet').latest_handshake ) | int | timestamp_custom('%d.%m.%Y, %H:%M') }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_petertablet_tx:
            friendly_name: "Wireguard PeterTablet TX"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterTablet').transfer_tx > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterTablet').transfer_tx ) | int | filesizeformat() }}
                {% else %}
                    N/A
                {% endif %}
        wireguard_petertablet_rx:
            friendly_name: "Wireguard PeterTablet RX"
            value_template: >-
                {% if state_attr('sensor.wireguard', 'PeterTablet').transfer_rx > ( 0 ) %}
                    {{ (state_attr('sensor.wireguard', 'PeterTablet').transfer_rx ) | int | filesizeformat() }}
                {% else %}
                    N/A
                {% endif %}

Then you’ll have all sensors available to plug them into a card or such:

type: vertical-stack
cards:
  - type: entities
    entities:
      - entity: sensor.wireguard_petercellphone_status
        name: 'Status:'
        icon: mdi:lock
      - entity: sensor.wireguard_petercellphone_lastseen
        name: 'Last Handshake:'
      - entity: sensor.wireguard_petercellphone_tx
        name: 'Transmitted:'
        icon: mdi:upload-lock
      - entity: sensor.wireguard_petercellphone_rx
        name: 'Received:'
        icon: mdi:download-lock
    title: Peter Cellphone
  - type: entities
    entities:
      - entity: sensor.wireguard_peterlaptop_status
        name: 'Status:'
        icon: mdi:lock
      - entity: sensor.wireguard_peterlaptop_lastseen
        name: 'Last Handshake:'
      - entity: sensor.wireguard_peterlaptop_tx
        name: 'Transmitted:'
        icon: mdi:upload-lock
      - entity: sensor.wireguard_peterlaptop_rx
        name: 'Received:'
        icon: mdi:download-lock
    title: Peter Laptop
  - type: entities
    entities:
      - entity: sensor.wireguard_petertablet_status
        name: 'Status:'
        icon: mdi:lock
      - entity: sensor.wireguard_petertablet_lastseen
        name: 'Last Handshake:'
      - entity: sensor.wireguard_petertablet_tx
        name: 'Transmitted:'
        icon: mdi:upload-lock
      - entity: sensor.wireguard_petertablet_rx
        name: 'Received:'
        icon: mdi:download-lock
    title: Peter Tablet

bremby · January 31, 2022, 11:21am

@ombre33 Thank you!!!

This works like a charm!!!

EdAlK · February 4, 2022, 10:33pm

shouldn’t the DNS and Host be under the ‘server’ branch, not ‘peers’ ?

EdAlK · February 4, 2022, 10:37pm

Thanks Frenck, works out of the box. I always thought VPN’s would be incredibly complex to setuo, but not with this addon

Sprint · February 13, 2022, 8:18pm

Hi everyone,

I read every thread I can find about setting up the add on in home assistant and on my android phone but unfortunatly I can’t get it to work.

Everytime I start the tunnel the wireguard app shows outgoing data but nothing inbound. The settings I use where the standard one the add on provides. Nothing special to test it out first.

Then I made a port forwarding in my router (Fritzbox 7490) and used the generated QR code from the add on to setup the connection in the wireguard app. I can start the tunnel and there is no error but nothing seems to work.

I tried it several times but I’m lost.

This are my settings in the add on in home assistant:

peers:

addresses:
- 172.27.66.2
  allowed_ips: []
  client_allowed_ips: []
  name: Home
  server:
  addresses:
- 172.27.66.1
  dns: []
  host: [mydnsaccount].duckdns.org

My home assistant is on 192.168.178.57:8123 in my local network, the router is 192.168.178.1 (standard). The phone I want to use with the tunnel is on 192.168.178.99.

So whats my fault? Help!

Thanks.

kothavade.ved · March 1, 2022, 12:34am

Hi,
I was wondering if there is a way to use DNS over HTTPS without Adguard Home? I recently moved to NextDNS which is essentially just Adguard Home but hosted in the cloud, and they provide unique IPV4, DoH and DoT DNS links. The standard IPV4 links work great, but is there any way to use the DNS-over-HTTPS or DNS-over-TLS servers with this plugin? I tried removing the dns option altogether to see if it would default to the server’s built in DNS (I am running a supervised installation, so I can configure the DNS manually ), but it said the YAML was invalid.
Thanks.

dfortier · March 7, 2022, 12:06am

Is there any reason I cant find this add-on in HACS? I search but nothing comes up.

DavidFW1960 · March 7, 2022, 1:05am

it’s not a custom component (HACS) it’s an addon in the supervisor store.

dfortier · March 7, 2022, 1:14am

Ok. Got it. However, it doesn’t show up there either.

DavidFW1960 · March 7, 2022, 1:43am

it is there

Under the Community Addons Section

dfortier · March 7, 2022, 2:31pm

Hmm… Mine doesnt show up at all. Even stranger is I dont have the same add-ons listed as you do. I’m running the latest version of HA. Any ideas?

dfortier · March 7, 2022, 2:34pm

Ok… So I figured it out. The repository for the Home Assistant Community Add-Ons was not showing up. I had to add it. https://github.com/hassio-addons/repository

Now it’s there!

matssa · March 29, 2022, 9:15pm

Hey everyone,

I tried several options but I can’t seem to make my stuff work.

I have an Adguard home on my server but not with the Adguard addon from HA (it runs on my router directly).

I want to use this DNS server when I’m not at home. I also don’t want to route all my network through my VPN, I only want the DNS to go through .
Therefore here is my config :

peers:
  - addresses:
      - 172.27.66.2
    allowed_ips: []
    client_allowed_ips:
      - 192.168.XX.0/24
    name: hassio
server:
  addresses:
    - 172.27.66.1
  dns:
    - 192.168.XX.1
  host: bla.bla.bla

As you can see, my DNS is not on the same network as the wireguard /docker stuff.
With this config, I can access my local network (for example router and stuff). However I can’t seem to be able to use the DNS server correctly, it looks like my DNS settings aren’t used…

Anyone can help me out?

Thanks!

plainmad · April 2, 2022, 11:23pm

Set this up but having some issues

Now on my android phone this works fine and I have no issues. I can browse the internet and the ip is from my home network and I can also access all the devices on my local network at home.

How’re on my iPad when I connect WireGuard whilst all normal internet access is fine and is routed through WireGuard when I try to access anything on my local network at home such as HA or my BlueIris server it times out as it can’t find them. It has done this on multiple wifi networks and on one where the router has the same IP address as my home network it takes me to their login page instead of my own.
However if I tether my phone to my iPad it works fine

Has anyone got any idea on what settings I need to change as I want all traffic to go through to WireGuard

pranavptl · April 15, 2022, 1:32pm

Weird mine gone too and it shows this error when i tried to add it

contains duplicate items: [‘GitHub - hassio-addons/repository: Home Assistant Community Add-ons’] for dictionary value @ data[‘addons_repositories’]. Got [‘GitHub - zigbee2mqtt/hassio-zigbee2mqtt: Zigbee2mqtt Home Assistant add-on’

pranavptl · April 16, 2022, 8:28am

fixed the other errors in logs and then added it again and it worked

Krzemq · April 19, 2022, 6:29am

Hi everyone.
I’ve just setup wireguard on my main HA instance which is home assistant operating system and this acts as wireguard server. I’ve added three peers - first is my mobile phone, second is my laptop and the third is another HA instance which i plan to move to another place, but now i’m testing it. It’s installed at hp t630 in docker. While all of the peers have internet connection, working fine and can reach other peers, HA on docker seems like have no connection with the internet - cannot update or install integrations, hacs and so on. But outside the Docker for example ping is working. What am i missing?

Best regards!

RajuKottedi · August 10, 2022, 10:21pm

Hi Corvy, Are you able to find the solution for this as i also have similar use case. Really appreciate your help

drumstick77 · August 12, 2022, 8:08am

Hi All,

I’ve got tailscale installed and the exit-node function it is pretty good until when I tried using Amazon Prime video from abroad which for some reason doesn’t work. when I go to whatismyip.com, it detected that I’m where I am located. So I started looking ton wireguard and installed it, but seems like I cannot find the similar settings for wireguard “exit-node” equivalent. Can anyone please assist with this? Thanks

denisj · August 15, 2022, 5:59am

Hi there all,
and first of all thanks a lot for this add-on.

I have Hass OS installed on Qnap Nas and I just configure WireGuard in order to
connect via VPN to my home LAN.

I can connect to WireGuard from my laptop from outside,
I can navigate also, but I can’t access to my home LAN.

My configuration is:

server:
  host: mydomain.me
  addresses:
    - 172.27.66.1
  dns: []
peers:
  - name: SamsungNoteCell
    addresses:
      - 172.27.66.2
    allowed_ips: []
    client_allowed_ips: []
  - name: Laptop
    addresses:
      - 172.27.66.3
    allowed_ips: []
    client_allowed_ips: []

Can anybody tell me please what I must add in order to access from outside laptop to my home LAN ?

Thanks in advance
Denis