Hi. I have implemented my home assistant on synology nas using virtual machine manager. I am based in India having airtel fibre connection. I want to remote access my HA from other geolocations outside my local network. I have started playing around with HA fairly recently and would appreciate any help regarding how to implement the above setup.
I am running wireguard through a docker container that permits me to access my entire network including my HA instance through a VPN. This does require a port to be opened in my router though.
I’m using Tailscale “P2P” VPN (based upon Wireguard as well). No need to open ports…
Unfortunately there is no 1 easy tutorial to set this up. That is why many people go with Nabu Casa as it’s just simple, one click solution.
After Nabu Casa simplest solution is to set up a VPN
to your home network and then you can access HA just like you are locally. It has it’s negatives a requiring constant VPN connection and inability to access it from a device that is not connected to the VPN.
The most complicated but then most seamless setup comes in multiple steps that require some knowledge but every step has many tutorials on the internet so if you are willing to learn it not only provides you a great opportunity to learn but also use the knowledge in practical terms.
- install Nginx Proxy Manger (if you are running HomeAssistantOS it is available as a community add-on, if not it is probably available as a Synology app)
- Obtain a domain (there are free domains out there but I recommend just buing one on cloudflare.com, they start for like a $4/year)
- Set up your domain to be managed by Cloudflare
- Configure your domain or create a subdomain and point it to your external IP
- On your router forward ports 80 and 443 to your Nginx Proxy Manager ip
- If you don’t have external IP or can’t forward ports you could look into Cloudflare Tunnel
- Set up your domain in Nginx Proxy Manager to point to HA and to automatically obtain Let’s Encrypt certificate for your domain using Cloudflare API for verification.
- Profit
Zerotier is another option.
Check if your router already can run as a VPN server, then set that up.
Cloudflare Tunnel is very easy and you don’t get such a big headache with Ngnix and DNS and all that stuff. Here is a guide i found and its super easy.
You gotta have a cloudflare account with a registered domain to it tho, but from there on it was just click and boom it worked.
That’s also the problem I encountered before, but I hesitant to utilize the Nabu Casa solution for a couple of reasons. Firstly, it’s not free, and secondly, it requires uploading personal data to a public cloud machine that I don’t have control over.
Therefore, I was exploring an alternative solution- the frp client. This client facilitates remote access to my home assistant server through port porwarding. All it requires is to install the frp-client addon from GitHub - huxiaoxu2019/hass-addon-frp-client: Home Assistant Community Add-on: FRP Client. Note that it requires that you have a own cloud server, like AWS EC2.
Additionally, I’ve provided a link to an introduction article in the community here. Feel free to ask any questions or leave comments.
If you have your own domain this can be done reliably with Tailscale and Let’s Encrypt.
I agree with you, Tailscale and Let’s Encrypt solution is more reliable, because Tailscale can provide more powerful features, like Mesh Network Architecture, Intelligent Routing, Automatic Reconnection and Optimized Protocols and Algorithms.
However, FRP-Client Addon as a solution has its own advantages
- Your own servers fully control all data/traffic, providing advanced permission levels to meet specific requirements
- In some regions, its latency is intolerable, making it almost unusable
- When using Tailscale, you have to connect to the VPN every time you access it, whereas FRP allows direct access to domains exposed on the public network
So, it’s a matter of determining which one is more suitable.