I have been building my own instance on a local pi to start automating my home and familiarizing myself with the solution but I also have another use case in mind. I would like to get it so remote sensors are able to report in as infrequently as perhaps daily to an instance of Home Assistant. Maybe over wifi or 3 g and it will return a handful of metrics .
It occurred to me last night that running sensors over the WAN may not be straightforward or as plug and play as the rest seems to be. Is this even possible?
I am OK with port forwarding and setting up dynamic dns, SSH tunneling or a VPN or something of that sort but I am wondering the minimum secure means for me to accomplish this with as little data as possible. I would love to get a cell connected 8266 or something to phone home.
Are these your own sensors? If so, use MQTT. You can set up MQTT with username & password credentials then port forward to the WAN side of your router (use an alternative port to the standard 1883 just because…not that it adds any security). Your sensors will then just publish to the WAN IP/DNS name via MQTT with a known username/password.
Yes, I know that I didn’t mention SSL, and I’m sure people will likely jump down my throat. But come on here…is it earth shatteringly important to secure the data of a few temperature sensors? My opinion for stuff like this is that using SSL adds overhead, headaches managing certs, and flat out isn’t supported in low power devices like Arduinos w/Wiznet shields.
Thanks for the feedback and sorry I took so long to reply. probably since positng this I have rebuilt my HA server and gone docker where I am running MQTT … this is a great suggestion and I even love the challenging of the HTTPS everywhere movement, though I would probably still SSL because LetsEncrypt exists. Thanks again. Prior to reading this I was seriously considering a LoRaWAN soluion.
LoRaWAN linked devices can still communicate via MQTT, which is very helpful if the device is close but too far away for wifi, and cellular is not cheap enough. Building an attic LW receiver with a good antenna can save hundreds in data costs
Only problem with public brokers is that it is a 3rd party “cloud” service the user doesn’t control. It could go away at any moment, convert to a paid service, etc. May or may not be an issue for the user depending on how much they care.
This is a huge motivator for me. I just started playing with this stuff and it immediately became obvious that the hobbyist accessible resources are dying off, being bought, or charging. I really believe tihs is a weird phase in automation because I believe it is obvious it needs to stay mostly local, occasionally reaching out, but not hubbed externally. I will say that public brokers are maybe the exception since it is an open protocol and if one dies, another will be there for you…
My opinion for stuff like this is that using SSL adds overhead, headaches managing certs, and flat out isn’t supported in low power devices like Arduinos w/Wiznet shields.