Presence detection - how is this done today?

Hi all,

I’d like a light only to turn on when I’m home. I’ve read a couple of threads already and most of them are already old, but are they also outdated?

The Nmap tracker is out there since a very long time, but only used by 2.5% of the installations, so it does not seem to be state of the art.
The BT tracker is also a nice idea, but used by even less installations.

I guess the use case is quite common, so how are you doing this?

My HA is not exposed to the outside and OpenVPN drains the battery of my mobile phone. I don’t like to use the router-extension either, because I don’t like to have this password in a plain text file.

So is there still hope for me?

Thanks,
Fridolin

From what I’ve read this is very fast and reliable though.

I’m one of the 2.5%, and it worked reliable the last 2.5 years.

I guess most people use the Home Assistant companion app, you can use Nabu Casa instead of opening ports etc.

I use a combination of the app and BLE, works reliable for over 4 years.

How did you get it to work?

My Android phone seems to shutdown the wifi connection and is therefore quickly rendered ‘away’ in HA. So it is either sacrificing the battery and disabling this energy saving option or using another way?

What kind of BT device would be recommended? I guess, atm this way seems to be the most promising one.

I use the companion app to detect presence. It’s really the best way. There are things you can do to secure the connection with the app. Do you own a domain? If so, you can create a subsomain. You will have to own a domain. I use ha.mydomain.com. From my DNS I have the domain point to my IP address. On my router I have 2 ports open. 80 and 443. They both point to my NGINX Reverse Proxy machine. NGINX then points to the HA instance. NGINX secures with Let’s Encrypt SSL certs. That is all standard stuff. Here is where you can secure HA. in your configuation.yaml under the http section you can add the following section:

http:
  
  # For extra security set this to only accept connections on localhost if NGINX is on the same machine
  # Uncommenting this will mean that you can only reach Home Assistant using the proxy, not directly via IP from other clients.
  #  server_host: 127.0.0.1
  use_x_forwarded_for: true
  # You must set the trusted proxy IP address so that Home Assistant will properly accept connections
  # Set this to your NGINX machine IP, or localhost if hosted on the same machine.
  trusted_proxies: 192.168.201.2
  ip_ban_enabled: true
  login_attempts_threshold: 2

Basically what this does is only accept connections from NGINX RP and if someone gets 2 attempts to login before their IP is banned. The banned IP addresses are kept in a log and do show up in HA. I have gotten 1 notification since it’s been turned on.

In the app you will want to put your ha.yourdomain.com in the home assistant url field.

This is how I do it. I have a VPN set up also and obviously that is more secure, but with the IP Ban on I feel pretty good about security.

1 Like

I ditched the built in Bluetooth tracker for monitor. Coupled with a little logic with a door sensor I have something very fast and reliable.

I use the nmap_tracker as a secondary method, and it works fine. No need for remote access, or the official app.

1 Like