Home Assistant

Home Assistant Remote Setup Guide: DuckDNS Secure SSL

It is possible to access your Home Assistant server over the internet, from outside of your home network. So why might we want to do this?

It means we can use the Home Assistant Companion App whilst outside of the home, allowing remote access to the Home Assistant UI. It also allows us to connect Home Assistant to a plethora of internet services via IFTTT.

Bitmoji Image

Prerequiste

You will of course need Home Assistant installed and running. We will also be using the file editor add-on so if you didn’t install it yet go ahead and click the Supervisor button on the side bar, then click the add-on store tab at the bottom of the page.

Install file editor

Scroll down the page and find the file editor plug in, click on it and click install to add the plugin. Once installed you should see the file editor option appear in the sidebar. 

What is DuckDNS?

In order to access Home Assistant remotely we can use either HTTP or HTTPS. However most IP addresses assigned to domestic routers are dynamic. This means that if the connection is dropped, the IP address will change when reconnecting.

This causes a problem when trying to setup remote access as we must specify the IP address that we wish to connect to. However if this address changes, the connections we setup will become broken as the IP address will change.

The solution is to use a dynamic DNS service such as DuckDNS. This free service allows us to assign a domain name to our system which remains constant even if the IP address changes. We can then point our external devices to this domain name rather than the IP address.

DuckDNS is a free service that has an add-on within Home Assistant that allows easy integration.

Setup Home Assistant

In order to setup remote access in Home Assistant we must first setup a free DuckDNS account.

Sign up for DuckDNS

Simply head over to the DuckDNS website and sign up using the account of your preference.

Once you have chosen a username, you will be able to log in using the DuckDNS domain name with your username as the subdomain.

https://<your-user-id>.duckdns.org

From the main page you will need to make a note of the token. Copy and paste it into a text file as we will need it later.

Install the DuckDNS Add-on

Once we have our DuckDNS account we can open up Home Assistant and install the DuckDNS add-on.

Click on supervisor found on the sidebar, then gogo the add-on store tab. Open up the Duck DNS add-on and when you get to the Duck DNS add-on page, click install.

Setup DuckDNS configuration

Once the installation has completed, scroll down the page to the config. Home Assistant uses Lets Encrypt to generate the necessary SSL certificate for encryption.

You do not have to use it but if you want to access your server over a secure HTTPS connection, you will need to change accept_terms to true.

You will also need to copy and paste your DuckDNS token to the token attribute in the config. Everything else can be left as default and we are ready to click save.

lets_encrypt:
  accept_terms: true
  certfile: fullchain.pem
  keyfile: privkey.pem
token: 7085*********************
domains:
  - <your-user-name>.duckdns.org
seconds: 300

Edit configuration.yaml

Next we will need to add a few lines of code to the http integration. This should be added to the configuration.yaml file.

Go ahead and click on file editor on the sidebar and navigate to your configuration.yaml file.

Now we need to add the following, don’t forget to replace <your-user-id> with your DuckDNS username.

http:
    base_url: http://<your-user-id>.duckdns.org:8123

I would highly recommend that you use SSL encryption if you intend on accessing your Home Assistant server remotely.

If you intend on using SSL so then you need to add the following code to tell Home Assistant to use the certificates.

http:
    base_url: https://<your-user-id>.duckdns.org:8123
    ssl_certificate: /ssl/fullchain.pem
    ssl_key: /ssl/privkey.pem

Note that it is not possible to use both HTTP and HTTPS to access Home Assistant, you can only use one or the other. Make sure you specify HTTP or HTTPS correctly for base_url.

Port forwarding

Port forwarding is a function within the router that allows us to set up a rule that states incoming traffic to a specific port should be forwarded to a specific IP address.

Before we can test our external connection we need to set up port forwarding on our router. We need to forward data that is directed to our DuckDNS address to the internal IP address of our Home Assistant server.

The setup for port forwarding is specific to the router that you are using. You can check out portforwarding.com which has many guides for different routers.

My internal server IP address and port is 192.168.1.83:8123 and the port forwarding rule on my router is shown in the following image.

Testing remote access

Now we have everything setup, go ahead and restart Home Assistant. Your browser will not successfully refresh on reboot as usual if you have enabled SSL as you will need to redirect it to HTTPS.

https://<your-ip-address->:8123

Now we can go ahead and test DuckDNS remote access. Simply point your browser to your DuckDNS address and you should be presented with the Home Assistant login page.

https://<your-user-id>.duckdns.org

Conclusion

The Home Assistant developers are doing a superb job of keeping privacy and security at the top of their agenda. With the addition of DuckDNS it is possible to safely access your Home Assistant server remotely over the internet.

Now that you have remote access enabled, why take a look at my Webhooks tutorial and learn how to link services such as WordPress and Twitter to Home Assistant over the internet!

I love the internet

Leave a Reply

Your email address will not be published. Required fields are marked *

back to top