How to add Custom Domain to Home assistant?

I am trying to set up a custom domain and redirect it to Home assistant OS using a subdomain.

Scenario I am trying to setup: I have my own domain name and DNS is managed by Cloudflare. I want the subdomain to be redirected HS and certificates should be valid for 15yrs and auto-renews. I should also be able to use Alexa and google home integration with HS

I find that there is a lot of information available in this community and I am confused

I see the following option. I am posting here so it is also useful for others who are setting up a custom domain in HS for the first time.

Scenario 1 :

  1. Setup DuckDns

lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: xxxx1b4-3b3d-xx42c5-b1d1-8d6ecaxx
domains:

  1. in Cloudflare create a CNAME record pointing to xxxx.duckdns.org

  2. in HS configuration change the external URL to home.xxxx.com:8123

Status: Now if access my subdomain home.xxxx.com it redirects to HS but with this the let’s encrypt certificate is valid for only 3 months then it must be recreated.

Scenario 2 :

  1. Setup DuckDns

lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: xxxx1b4-3b3d-xx42c5-b1d1-8d6ecaxx
domains:

  1. in Cloudflare create a CNAME record pointing to xxxx.duckdns.org.

  2. Generate Cloudflare API key

  3. Letsencrypt add on configuration: add the Cloudflare API key

  4. in HS configuration change the external URL to home.xxxx.com:8123

Restart the addons and HS

Status: I have not yet tested this scenario but read the documentation and it is possible to add the Cloudflare API key in letsencrypt config.
I believe now letsencrypt with use the certificate from Cloudflare?

Scenario 3:

https://www.home-assistant.io/integrations/cloudflare

I see there is Cloudflare integration available in HS and we can provide the API key but what to be done is not clear or not documented. If I use this integration does it mean I need not use the duckdns and other configurations?

Can someone add your comments if you have followed any one of these scenarios?

Cloudflare gives you internal cert to them for 15years. This is intended to use from server to them not public as it isn’t public trusted cert. They can then be proxied by cloudflare if cloud icon is orange next to dns record in CF dashboard. I would suggest installing nginx proxy addon and there adding domain. You can get API token from cloudflare and then in config just add domain name and it will auto update so you don’t need duckdns.

Thanks for your message. Your refering to use cloudflare integration in HS. I am currently using duckdns. as my CNAME record. so I have to add my public ip to A record and without using duckdns just by nginx addon and cloudflare ?

Yes. Just add it as A record and then CF integration with zone as domain and selected record updated your ip address if you have dynamic one.

In my router i have assigned a static IP for my HS os. so i need not use duckdns ? what about the certificate files does the CF integration takes care of it. then what is the use of the nginx add-on

CF integration is used to update your public IP to A record. If you set static IP for your HA OS this is private ip

Thanks Nikola,
So let me try to remove all the duckns configuration and make it run only in local first and then follow the step of adding subdomain using A record and try to access. But i am still confused if i have to add the certificate file from CF to HS

Type: A
Name: home (home.website.com)
IPv4 Address: your.ip.address (my public ip)