Welcome to Home Assistant ! Hope you have good success with this interesting and useful platform!
I am a bit confused by your question, you seem to be mixing two different technologies in your question. You mention ‘VirtualBox’ at one point and then ‘docker’ at another point. I hope your using one or the other and not both, because using both seems not a good starting point. If you can clarify carefully your configuration, this will help the many smart folks here to help you.
In the second part of your post, you talk about IPV6. IMHO, just turn this off at your router/firewall to your internet connection PERIOD… and for your internet, turn it off at every opportunity and ignore it if at all possible.
KISS, keep it simple and stupid. And be simple and clear on sharing your question and config.
Network manager should be able to assign an IPv4 address. Personally I use IPv6 for all external access and IPv4 for HA internally but my domain only has an AAAA record and everything works perfectly on IPv6. I certainly would want to make it work and not be disabling it.
Based on the command, you’re attempting to install Home Assistant Supervised into a Ubuntu OS (which will run Docker). If your Ubuntu installation itself is running under Virtualbox, then you have a relatively complex setup. You’ll have to troubleshoot Ubuntu running in VirtualBox and THEN troubleshoot the docker implementation on Ubuntu. I’d look first at VirtualBox and ensure that Ubuntu itself is getting an IPv4 address and working properly.
Also, you should know this is an unsupported installation of Home Assistant, as the only supported Supervised installation is on Debian 10. You’ll run into issues where HA Core arbitrarily states your installation is “unhealthy” at which point you’ll be prevented from upgrading (as counter-intuitive as that is).
So, you have devices inside your private network that have IPV6 enabled? and you allow/trust your firewall to let these devices connect to the internet? Wow, that is pretty scary. You might want to read some of the writing of the folks that understand IPV6 and it implementation, it is really not reassuring for IoT devices and home automation especially.
And just on a practical level, you type IPV6 addresses vs. IPV4 in your everyday life?
If he’s actively managing the access control of that, there’s no reason it’s scary to have IPv6 enabled.
The manufacturers that build their routers to automatically route all IPv6 devices externally, now THATS scary!
Yes I have devices with IPv6 available on my LAN. None of them are accessible via the internet because my router isn’t opening any port on them (except Home Assistant server on a non-standard port). Good luck stumbling over that on the internet. What is it 65000 years to scan for it? Don’t be so alarmist.
On a practical level I don’t type any IP addresses of any kind on my LAN… dns seems to take care of them and I use IPv4 internally anyway.
Why do you think IPv4 with port forwarding is more secure that IPv6 with a port exposed? It’s also behind a reverse proxy…
That’s like going to a new car dealer and asking them to take the tires off the car before the test drive. In these wonderful times of giving a USD 35 raspberry pi to our kids, why do we suffer complexity so? Your house, where you spend a majority of your happiest times, and may well (hopefully?) die in, spend smart.
As I said, I am far from an expert in the areas of network engineering. So I hope I am wrong. That said, when you write the words ‘router isn’t opening any port’ in the context of IPV6, I worry. And I agree with you should ideally have NO IPV4 port forwarding enabled on your internet firewall device. As I said, please do read some of the experts writing on the state of IPV6, how we got to it and whether where we are with it is a good place. However based on my reading of this and experience, I still recommend disabling all IPV6 access to and from the internet at your firewall device. And if you find a need for IPV6 use only with in your private network, well I am really impressed by that network!
Please stop with the FUD. In Australia, ISP’s are already using CGNAT and IPv6 because there are no more IPv4 addresses available and that situation is not going to improve anywhere in the world.
I don’t know why you worry… do you know of some magical way someone can access my server with no opened port?
Since you start fresh, my recommendation is to replace ubuntu with Debian 10 in which will allow you to get support should something broken with supervised version.
Thank you all for your replies. I’m new to home assistant, no worries for me to replace my installation with a Debian 10 installation (also using virtual box and bridged mode).
Should I use this tutorial
Well thanks for your opinion and comments. I’m not sure what you believe I am wrong about. As I said I am not a network expert, and know less about IPV6 than I do about IPV4 within my wheelhouse. So again, based on input from people I consulted that are more knowledgeable:
Disable IPV6 access for your private LAN on your ISP’s router/gateway/bridge device
If this is not possible, get a different ISP or place a router/gateway device between your ISP’s hardware and your private LAN that does disable IPV6 access from within your private LAN.
Try these tests from machines on your private LAN
# ping google's second dns server
ping6 2001:4860:4860::8844
# open google home page
http://[2607:f8b0:4007:802::1010]
# telnet v6 test
telnet 2a02:898:17:8000::42
# to see via v4
telnet towel.blinkenlights.nl
# <ctrl> ] to exit, cause I know you are telnet expert
https://ipv6-test.com/
If these show IPV6 access, and you should ask why this is necessary.
I know I could not pass this, u?
https://ipv6.he.net/certification/
Some thoughtful writing to read:
https://teknikaldomain.me/post/ipv6-is-a-total-nightmare/
https://www.darkreading.com/researchers-seek-out-ways-to-search-ipv6-space/d/d-id/1334213
(Sorry bout the offtopic IP stuff, I shouldn’t have contributed to that in the first place)
That should be a good guide for setting up the Debian VM, so you can do a setup from there and it should work pretty comfortably.
If you do happen to have something like a NUC or a Pi 4 spare, it would be more ideal to work with, since it will give a lot more power to your instance and it will handle better when you are using more devices with it, if you end up with lots. If you don’t have a tonne of devices you plan to connect to it though, a VM will be fine (depending how powerful the host computer is of course).
It is possible to migrate from a VM to a dedicated computer later on, generally, so you can change your mind later if you need to
I’m not sure why you would do this… If you install Debian then you can just install Supervised and get addons etc. If you want to use a VM then why not install Proxmox instead of Debain? I’m confused as to what you actually mean and wonder if what you mean is different to the description you are providing.
I would expect ALL of those to show IPv6 access as they are ALL outgoing connections. A firewall typically blocks INCOMING connections not outgoing. There would be no point using IPv6 at all if it can’t connect to anything.