Setup on Synology NAS with remote access

Hello,
I’m interested in learning home automation and am trying to set-up Home Assistant. I have been having challenges with Home Assistant and am looking for any suggestions or guidance.

Set-up Requirements and Details:

  • I’ve been using Synology NAS in my home for many years and am currently running a DS918+. I figured I could run Home Assistant off my Synology so I have started down this path. I’m certainly open to other options as well. I’m not clear what the benefit of running it on the Synology vs my home PC.
  • I would like to be able to remote access my Home Assistant.
  • I would like to be able to share my Home Assistant set-up (or parts of it) with my family members so they can have control and access to some home controls.
  • I have a number of different devices in my house that I will link to Home Assistant. Ecobee, Sonoff, NuHeat, Kasa, B-hyve
  • I got Home Assistant running on my Synology using a Virtual Machine and Docker.
  • I installed HACS.
  • Attempting to set-up remote access has caused the following issues.
    o I created a DuckDNS account
    o Set-up port forwarding and Dynamic DNS in my EdgeMax router (EdgeOS). I’m not confident I set this up correctly as I found a few different methods online.
    o Installed DuckDNS on HomeAssistant
    o After installing DuckDNS my HomeAssistant fails the configuration check. Error was against External and Internal URLs.
    o I removed the External and Internal lines from the configuration Yaml file and it passed the configuration check.
    o Now I can’t access Home Assistant.
    o Using SAMBA I can access the configuration files. So I opened the config file and removed everything that was added per the instructions for DuckDNS. Still HomeAssistant won’t open.

I can answer to some of your questions…

  • why HA on Synology and not on your PC? If nothing else, Syno runs 24/7 anyway and it has HDD mirroring, so i one of your HDD’s die you won’t loose anything.

  • You can set up remote acces via your synology’s domain → go to reverse proxy for that. No need for any DuckDNS. I explained procedure on my site. And don’t forget port forwarding in your router (explained at the beginning of my page). So, let’s say that now you already set up Synology DDNS address as https://yourname.synology.me. So, HA will be available at: https://home.yourname.synology.me.

  • you can set up different users with different access inside your HA installation. All users will access HA via syno’s reverse proxy address.

Thanks for your response Pavel, much appreciated.

I will look into remote access via synology’s domain. A few additional questions:

Router changes:

  1. My router is an EdgeMax. Do I need to set up Port Forwarding and Dynamic DNS?
  2. I’m seeing varying details for Port Forwarding. Some say to forward 443, 8123 and 80. How do I confirm which ports to forward to 8123?

I only forwarded port 443 in my router, which is default port for https. There’s no need for port 8123, because connection to your HA won’t go directly to HA, but through synology’s proxy server. Also no need for port 80, since you won’t access HA with basic http (only https). When you will add prefix “home” Synology will know where to divert traffic, since you define that inside syno’s proxy manager. So, say, “yourname.synology.me” will go into your router’s main page, but “home.synology.me” will go to your internal IP of HA and corresponding port, since that is what you’ll define in synology’s proxy manager. This way you can access to various internal devices inside your home network without any additional port forwarding in router - synology does it all. It’s pretty simple actually once you understand the logic behind. Let’s assume that you have NVR recorder. You can set up acces from outside with, say, “nvr.yourname.me”, by entering local IP and port of our NVR in synology’s proxy manager and you’re done. Or access your RPi with, say, “pi.yourname.me”…. All you have to do is enter correct data in syno”s proxy manager. And, you get a certificate for each of these subdomains for free (via let’s encrypt).

You need to setup dynamic dns only in your synology. There’s no need for setting up in router if you won’t use it. Synology has two free ddns domains: one is *.synology.me, while other is something quickconnect…. I only use first one, btw.

I have had some success. Using DSM Reverse Proxy I’m able to access Synology main page. I created a Reverse Proxy for HA per your instructions but entering that host name into my browser just takes me to the Synology main page rather than Home Assistant. I’m sure I have done something basic wrong.

I seem to have to working now. I had to add this to my configuration file in home assistant.

http:
use_x_forwarded_for: true
trusted_proxies:
- IP address for HA on Virtual Machine

Yes, it’s quite possible that these lines are mandatory…
I also have similar stuff in my config:

http: # ------------------------------------------------------------------------ HTTP
  ip_ban_enabled: true
  login_attempts_threshold: 10
  use_x_forwarded_for: true
  trusted_proxies:
    - 192.168.0.0/24
    - 172.30.32.0/24
    - 172.17.0.0/24

Second and third IP is written in virtual machine manager in Synology. I don’t know if it’s mandatory, i think that i’ve read somewhere back then, so i add them.

I’m getting close to giving up on accessing Home Assistant remotely.

I have set up Reverse Proxy in my Synology per instructions provided on this site.

From my iphone I’m able to access my Home Assistant remotely using Safari but I’m unable to access using the Home Assistant Companion App or Firefox. When my phone is not on my local network the Companion App give error 'The certificate for this server is invalid. You might be connecting to a server that is pretending to be “my Home Assistant URL” which could put your confidential information at risk.
I’m not sure why I can login from Safari but not Companion or Firefox. Any suggestions? I considered just accessing from Safari but it makes me enter my login and password each use, it doesn’t seem to remember them even when I check the remember box.

Also, I would consider paying for a Nabu Casa account to hopefully eliminate the technical issues I’ve been having connecting remotely. I don’t mind paying for a single Nabu account but I don’t want to pay for each member of my family to access our Home Assistant account. Would we be able to access a single Nabu account from multiple devices?

Did you create certificate in control panel → security → certificates ? There you can create a free certificate via let’s encrypt. After you created certificate for your subdomain you must assign it: in “certificate” page click “settings” and select your new certificate for your new subdomain.

Thanks Pavel, I had selected the domain certificate for the subdomain. I have now updated the subdomain certificate.
Seems to work. Let’s see.

1 Like