HomeAssistant Google Assistant & MyQ Integration Tutorial

[jakkuh_t]

This tutorial is meant to show you how to setup a self-hosted HomeAssistant instance with Google Assistant integration. For this specific tutorial, we will be using UnRAID to manage our docker containers for all the apps we are using, but you could also manually install all of this directly onto your own Linux system without docker or into your own docker setup on a VPS in a datacenter in if you have the know how.

 

As we mentioned in the accompanying video, there may be some potential security concerns with this setup - primarily that your HomeAssistant instance must be publicly accessible on the internet for Google Assistant to work with it. You can remedy this a bit by using Cloudflare as your DNS provider, which can hide your external IP address, and block automated bots from accessing your HomeAssistant page.

 

If you want to use Google Assistant with your HomeAssistant instance, you're going to need the following:

1. a HomeAssistant instance - we will be using the "Home-Assistant-Core" docker app from the UnRAID Community Apps plugin.

2. a domain name - we will be using "autopilottonowhere.com" with DNS hosted by CloudFlare for the purposes of this tutorial

3. an SSL certificate for the above domain name - we will have this automatically issued from LetsEncrypt by our reverse proxy ("NGINX Proxy Manager" from the UnRAID Community Apps plugin).

4. remote access to your HomeAssistant instance by way of port forwarding

 

 Tutorial:

1. Start by acquiring a domain name. You can use whatever registrar you'd like, but once it is purchased we'd recommend setting up the domain with CloudFlare. CloudFlare has some solid documentation on doing so here: https://www.cloudflare.com/en-ca/welcome-center/activation/
   1. For the purposes of this tutorial we will be using "autopilottonowhere.com"
   2. Note: If you already have a domain you'd like to use you can skip this step, lol.
2. Next, if you haven't already, install the "Home Assistant Core" UnRAID Community app onto your UnRAID server. There isn't any configuration needed for this, but it will ask you to create an account. Make sure you use very strong login credentials as the instance will be exposed to the open internet. 
   1. Set it to autostart.
3. If you're hosting HomeAssistant at your house, you'll likely have a dynamic IP address (meaning it has the potential to change unexpectedly) and will need to do some additional steps, otherwise skip to #4:
   1. To make sure your domain automatically updates when your dynamic IP changes, we'll need to setup some sort of Dynamic DNS service. This will regularly check your external/WAN IP address, and update the DNS record if it changes.
   2. Assuming you're using CloudFlare, the UnRAID community app "CloudFlareDDNS" works perfectly for this. 
      1. Create a DNS A record that you want to be dynamically updated, but with a random IP address just so the record exists and can be updated. I'm not actually sure this is strictly necessary, but I did it anyways to prevent any potential issues . We're going to use "homeassistant.autopilottonowhere.com". Make sure the little cloud is orange, as this indicates that CloudFlare is protecting your domain. 
         Spoiler

         

           

      2. Before you can install the DDNS app, you'll need to create a Custom Token for the zone/domain you wish to use for HomeAssistant. Copy the API token into a text editor temporarily so you don't loose it. Otherwise, it will need to be regenerated.
         Spoiler

         

      3. Click Install on the CloudFlareDDNS app from the UnRAID Community Apps page, enter the requisite info and hit apply. Check your CloudFlare "DNS" tab for your domain to make sure it is updating the record properly.  
         Spoiler

         

      4. Set the DDNS app to autostart so that it comes back online, in the event that your UnRAID machine is rebooted. 
4. If you have a static IP at home or wherever you are hosting it, create a DNS A record to point to your IP. We're going to use "homeassistant.autopilottonowhere.com". Make sure the little cloud is orange, as this indicates that CloudFlare is protecting your domain. 
   Spoiler

   

    

5. Install the "NGINX Proxy Manager" UnRAID Community App, during the install, you can leave the ports as default as we can forward them to the proper HTTP and HTTP(s) with our port forwarding rules. 
   1. Set it to autostart.
   2. Open the WebUI, login with the default credentials, then update them to be appropriately strong. 
      1. Email: admin@example.com
      2. Password: changeme
6. Assuming your HomeAssistant instance is running on a NAT'd subnet, we'll need to forward the necessary ports to make it publicly accessible. Since we will be proxying it with NGINX Proxy Manager, setup your two port forwarding rules (one for HTTP (tcp port 80) and one for HTTPs (tcp port 443)) to forward to it (80 -> 1880 and 443 -> 18443) instead of HomeAssistant, as pictured. You'll need to use your GoogleFu to figure out how to do this on your specific router, but we're assuming you at least know how to port forward if you're willing to attempt this tutorial. 
   Spoiler

   

   1. Note: if you haven't already done so, you should set your UnRAID server to have an static INTERNAL IP, otherwise it may change like a dynamic external/WAN IP would, and break our port forwarding rules. In our case, this is 10.20.0.29.
7. Go back to NGINX Proxy Manager and apply for an SSL certificate for your chosen HomeAssistant domain. If this doesn't work, there is likely an issue with your port fowarding rules, so review those. 
   Spoiler

   

    

8. Still in NGINX Proxy Manager, create a Proxy Host. 
   Spoiler

   

   1. Before saving, add the SSL certificate you created in the previous step to the Proxy Host. 
      Spoiler

      

       

9. Your HomeAssistant instance should now be accessible remotely through your domain of choice!
10. To setup Google Assistant to work with your HomeAssistant instance, it's a bit of a long winded process if you're self hosting, but JuanMTech created an awesome tutorial for it. As long as you follow it and take your time, it will work without issue. https://www.juanmtech.com/integrate-google-assistant-with-home-assistant-without-a-subscription/ 
    1. Important note: near the end of the tutorial you will be instructed to set the exposed domains. The MyQ openner is categorized under the "cover" domain, so make sure you included "- cover" under exposed_domains 
       Spoiler

       

11. If you want to link your MyQ door opener, go to Configuration>Integrations>Add Integration in HomeAssistant, type in "MyQ" and link your credentials.
12. Then, in the Google Home app on your phone, ask google to "Sync my devices" and your garage doors, along with any other exposed domains should appear! Woo!
13. Last step, the most difficult.... say "Hey Google, open <device name>", crack open your beverage of choice, and bask in the glory that is HomeAssistant. 

[Mustahsin10]

Thanks for the tutorial. Definitely gonna try to use for my home lighting.  Will you please give links of some trusted domain name registrars? I want to make my Raspberry pi NAS connectable from remote locations. A tutorial on that will be fantastic!

[Jokni]

3 minutes ago, Mustahsin10 said:

Thanks for the tutorial. Definitely gonna try to use for my home lighting.  Will you please give links of some trusted domain name registrars? I want to make my Raspberry pi NAS connectable from remote locations. A tutorial on that will be fantastic!

Porkbun is an amazing registrar

[Jonahdertyp]

30 minutes ago, Mustahsin10 said:

Thanks for the tutorial. Definitely gonna try to use for my home lighting.  Will you please give links of some trusted domain name registrars? I want to make my Raspberry pi NAS connectable from remote locations. A tutorial on that will be fantastic!

Or no-ip, works perfectly, they even have a simple windows app for easy automatic updating

[Dominik W]

I love the domain name, you guys should check it out!

 

autopilottonowhere.com

[Jonahdertyp]

1 minute ago, Dominik W said:

I love the domain name, you guys should check it out!

 

autopilottonowhere.com

WHYYYY

[supercore23]

Fyi for anyone thinking of doing this, Running Home Assistant OS (aka HassOS) on unRaid as a VM is super easy. It uses more resources than the Home Assistant Core docker container but with HassOS you get the 'supervised' experience which includes the add-on store. The add-on store includes tons of helpful docker containers that are easy to install, configure, and manage and live in the VM. Add-ons include an MQTT Broker, MariaDB as a replacement for the default DB, NVR software, Node Red for flow-based automations, and much more. Obviously you can load all of these as unRaid dockers but having them built into the HassOS VM makes set up much easier if you're only ever going to use them with Home Assistant.

 

https://community.home-assistant.io/t/ha-os-on-unraid/59959

[MultiGamerClub]

21 minutes ago, Dominik W said:

I love the domain name, you guys should check it out!

 

autopilottonowhere.com

Glad im not the only one enjoying the website features!

[rcmaehl]

aaaaaaaaaaaaaaaand saved.

[iKingRPG]

Dear linus/jakkah/LMG,

 

I'm glad you finally tried Home Assistant. In the end of the video I noticed linus mentioned that he wanted to keep using the original relay to avoid the 5 second closing delay. It is possible to control the Sonoff relay in Home Assistant, you could use a custom integration that lets you do so, or a much better solution that would also avoid their cloud entirely, is to flash the Sonoff with custom firmware that allows it to be controlled 100% locally, and gives you pure control over the device.

 

Another thing is if you won't want your relays on the wall next to your buttons, you could also put them on the ceiling. Open the cover off your garage door opener, and if you see a button that opens/closes the garage door opener, that means you can run leads from there to the relay, which should allow you to control it again from the relay with no problems.

 

Another reason why you might want to do this, is you know how you said Chamberlain is a bad company? Well, even though now you are controlling the garage door opener locally, Chamberlain will still screw you over. You see, there is no official MyQ API, this means that the way the Home Assistant integration for MyQ has to work, is by emulating the mobile app. So when you close your garage from home assistant, they think you are closing it from the app. This is bad, because this means that every time MyQ makes a change to their app or API, the integration breaks, no longer allowing you to control the opener. Normally the Home Assistant developers patch it after 1-2 days, but it's still really annoying. It breaks every few weeks randomly.

 

Back to flashing the Sonoff. Personally the firmware I use is called ESPHome, which is open source firmware designed to run on any device using an ESP8266 microcontroller (like Sonoff wifi devices), and they connect directly to the Home Assistant local API. There is also an alternative firmware called Tasmota, but I'll explain how to use ESPHome, because it is simpler.

 

First, you will need to buy some things if you don't already have them.

 

USB to TTL/Serial converter: (this is the one I use)

https://amazon.com/dp/B075N82CDL/

 

Jumper wires: https://amazon.com/dp/B07GD2BWPY/

 

Next, you will need to install the ESPHome Home Assistant Add-on from the Add-on Store.

 

Open the ESPHome interface and add a node, fill out the wifi info, device name, etc. There are video tutorials that explain this.

 

After you do that, click "edit". This is the configuration code for the firmware that you are about to flash to your Sonoff. You're going to need to add some code. The code that's there will work, but the device will just connect to your wifi network and not do anything. You need to tell the firmware that you want to control relays.

 

From the video, the relays you use look like a Sonoff 4CH Pro. I have that too, and this is the code I use. Just copy and paste this after the line with your OTA password, the change the names of your relays to whatever you want, something like "Garage door 1".

 

# paste into ESPhome node config after "OTA"
binary_sensor:
  - platform: gpio
    on_press:
      then:
        - switch.toggle: button_1
    pin:
      number: GPIO0
      mode: INPUT_PULLUP
      inverted: True
    name: "Sonoff 4CH Button 1"
  - platform: gpio
    on_press:
      then:
        - switch.toggle: button_2
    pin:
      number: GPIO9
      mode: INPUT_PULLUP
      inverted: True
    name: "Sonoff 4CH Button 2"
  - platform: gpio
    on_press:
      then:
        - switch.toggle: button_3
    pin:
      number: GPIO10
      mode: INPUT_PULLUP
      inverted: True
    name: "Sonoff 4CH Button 3"
  - platform: gpio
    on_press:
      then:
        - switch.toggle: button_4
    pin:
      number: GPIO14
      mode: INPUT_PULLUP
      inverted: True
    name: "Sonoff 4CH Button 4"
  - platform: status
    name: "Sonoff 4CH Status"
# Change the names of your 
switch:
  - platform: gpio
    id: button_1
    name: "Sonoff 4CH Relay 1"
    pin: GPIO12
  - platform: gpio
    id: button_2
    name: "Sonoff 4CH Relay 2"
    pin: GPIO5
  - platform: gpio
    id: button_3
    name: "Sonoff 4CH Relay 3"
    pin: GPIO4
  - platform: gpio
    id: button_4
    name: "Sonoff 4CH Relay 4"
    pin: GPIO15
output:
  - platform: esp8266_pwm
    id: blue_led
    pin: GPIO13
    inverted: True
light:
  - platform: monochromatic
    id: status_led
    name: "Sonoff 4CH Blue LED"
    output: blue_led

After you finish with the code, click "validate". If all goes well, click "compile". It should download a .bin file when complete (that's the firmware).

 

We are almost done. Next, you need to install the ESPHome flasher tool on to your computer. Once that's done, open up your Sonoff. You should see pins labeled 3v3, GND, RX, and TX. You need to get your jumper wires and usb to TTL converter. Make sure the usb converter is set to 3.3v, because 5v will fry your Sonoff. You need to solder a wire from GPIO 0 to GND (ground), this will short out GPIO 0 and out the device in flashing mode. Then, connect the jumper wires from your USB to TTL converter to the correct pins on the Sonoff board. Plug the USB adapter into your computer, and open the ESPHome flasher tool. Choose the .bin file you downloaded and click flash. It will tell you when the Sonoff is done flashing. Once completed, disconnect the wires from the board and remove the wire you soldered from GPIO 0 to ground so it doesn't start in flashing mode next time. Then put it all back together.

 

Now, power up the Sonoff. After a few seconds, it should connect to WiFi. 

 

The last thing to do is to go in your home Assistant configuration page, and it should have discovered your Sonoff automatically. Type your password and you are good to go! Your relay is in home assistant. 

 

And you can still connect contact sensors. 

 

Ugh I'm out of time I'll add to this later

[tkdrob]

@iKingRPGWould this actually sense if the garage door is currently open or closed? If not, a dry contact sensor should be used for each door. ESPHome is nice but I have not used it. I recommend Tasmota which would be configured on the device itself so the config in Home Assistant is really clean and simple.

 

I also wonder if the garage door remote is a 2-way or a 1-way. Does it know if the door is closed?

[supercore23]

39 minutes ago, tkdrob said:

@iKingRPGWould this actually sense if the garage door is currently open or closed? If not, a dry contact sensor should be used for each door. ESPHome is nice but I have not used it. I recommend Tasmota which would be configured on the device itself so the config in Home Assistant is really clean and simple.

 

I also wonder if the garage door remote is a 2-way or a 1-way. Does it know if the door is closed?

I believe the MyQ can sense whether the opener is in the opened or closed position. It's a function in the app as shown in the video and there's no dry contact sensor for the opener so it must be built into the motor/opener itself.

[Quackers101]

should have just connected it to the minecraft server and push the button to open in minecraft.

 

To know if retracted door either make it so it sends a signal, like a button or something with resistance changes when going up and down, or if it had other ways in the box that can tell that. Connect to luigi board, and get help from mario.

[tkdrob]

16 minutes ago, supercore23 said:

I believe the MyQ can sense whether the opener is in the opened or closed position. It's a function in the app as shown in the video and there's no dry contact sensor for the opener so it must be built into the motor/opener itself.

The dry contact sensor would be for anything Linus would do with an esp8266 or esp8285. The issue with any of these smart devices is when companies change their policies. Full DIY does not have those problems.

[The Jack of Clubs]

just use simplecommands. its free and easy and you dont have to host a home assistant server.

[Biohazard777]

4 hours ago, Mustahsin10 said:

Thanks for the tutorial. Definitely gonna try to use for my home lighting.  Will you please give links of some trusted domain name registrars? I want to make my Raspberry pi NAS connectable from remote locations. A tutorial on that will be fantastic!

I've been using https://freedns.afraid.org/ for years. They've been operational for 20 years, and I haven't seen any controversies about them so far (someone correct me if I am wrong).

As for setting it up, here are the steps:

1) Create a free account.

2) Create a subdomain (I prefer ignorelist.com, but you can pick whatever is available / you like).

3) Get your API key (and obviously don't share it with anyone).

4) Make a check/update script and make it executable.

5) Add a cron job, say every 15 minutes, to run your check/update script.

 

First two steps are self-explanatory, I'll just go over the trickier ones.

3) The Web UI hasn't changed much over the last 20 years hah, so here is a picture showing where to get your API key:

 

 

4) For updating you can use one of the examples FreeDNS provides, or you can use this one I made:

#!/bin/bash                                                                     
LOG='/var/log/ddns.log'

# Get the current ip                                                         
CURRENT_IP=$(wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')

# FreeDNS update (if needed)                                                   
KEY="YourVeryLongApiKeyGoesHere" # change this
SUBDOMAIN="yourfancysubdomainname.ignorelist.com" # change this
UPDATE_URL="https://freedns.afraid.org/dynamic/update.php?"$KEY # leave this be

PREVIOUS_IP=$(nslookup $SUBDOMAIN | tail -n2 | grep A | sed s/[^0-9.]//g)

if [ "$CURRENT_IP" != "$PREVIOUS_IP" ]                                          
    then                                                                        
        echo "Current ("$CURRENT_IP") and previous IP ("$PREVIOUS_IP") differ! Updating FreeDNS..." >> $LOG      
        wget --no-check-certificate -O /dev/null $UPDATE_URL                                         
        echo "DNS updated on: "$(date) >> $LOG                                   
fi

Save the script (for example ddns.sh).
To make the script executable type in: 

chmod +x ddns.sh

5) In case you are new to Linux, here is how you would schedule the script to run every 15 minutes via crontab:

To edit crontab type in: 

sudo nano /etc/crontab

Add a new line (change the path /  script name if needed):

*/15 *  * * *   root    /home/pi/Programs/scripts/ddns.sh

So it should look like this:

Now save it by typing in CTRL+O , ENTER , CTRL+X
And lastly, reload crontab so that the changes take effect:

sudo service cron reload

PS A few tips about security:
1) Don't forget to setup your firewall correctly (both on your home router and the Pi),
2) Since you are using a Pi device I strongly recommend checking out https://www.pivpn.io/ . It is very easy to setup, doesn't use too much of your resources and will give you excellent security for accessing your NAS or VNC or whatever you've got going on that should stay in your LAN/VPN.
3) If you plan on allowing SSH connections outside your LAN/VPN then I urge you not to allow root logins and not to use passwords for logins, setup SSH keys instead.
4) I recommend not using default ports for anything. By simply changing say your SSH / VPN port you will effectively become immune to a vast amount of newb bots trying to gain access. Sure this won't protect you from more advanced bots out there which will do port scans etc. , but it will seriously lower the amount of unwanted traffic to your device.
5) Consider setting up Fail2ban. This alone won't protect you, but coupled with previous points it will further improve your security.

[supercore23]

1 hour ago, The Jack of Clubs said:

just use simplecommands. its free and easy and you dont have to host a home assistant server.

To be clear, Linus isn't hosting a Home Assistant server. He has an existing server that Home Assistant is running on in a container.

 

You don't need a full blown server for HA. The most common install is on something like a Raspberry Pi 4, an Odroid, and an Intel NUC. The only caveat with the Pi is that the database and logs will wear out an SD card pretty fast and they get exponentially larger as you add more IoT devices. Budget for a USB hard drive if you go the Pi route. You don't need much though. 1TB is probably overkill for all but the most elaborate Home Assistant installs.

[tkdrob]

2 hours ago, The Jack of Clubs said:

just use simplecommands. its free and easy and you dont have to host a home assistant server.

If his internet goes down, nothing works. He'll have lots of fun explaining that to Yvonne

[tkdrob]

@Biohazard777 Setting up a domain and ddns can be done easier running Home Assistant supervised and using the Duck DNS addon. 

[Biohazard777]

3 hours ago, tkdrob said:

@Biohazard777 Setting up a domain and ddns can be done easier running Home Assistant supervised and using the Duck DNS addon. 

Perhaps, I was replying to @Mustahsin10 who said "I want to make my Raspberry pi NAS connectable from remote locations. A tutorial on that will be fantastic!". He might have been slightly off topic but the thread in general clearly has a step about setting up ddns. IMHO no foul in proposing an alternative solution.
I personally can't imagine anything simpler than: 1 free signup, 1 bash script and 1 cron job... especially if the person asking already has some familiarity with Linux.

[Unimurph]

No-ip covers both domain and ddns in one shot if I'm not mistaken. Also, Home Assistant is available for FreeNas too (and aparently Qnap and Synology NAS's) for people not in the unRAID camp.

 

I'm gong to have to give this a shot when I get some free time. I've been wanting to set up a program to turn on my outdoor lights at a random time +/- 10 minutes from sundown and turn them off +/- 30 minutes from say 2:00am to give the apperance there is someone home when there isn't and then have an "away mode" that also incorperates the interor lighting and even the TV in a totally random patern if we are on vacation or away from the house for en extended period.

 

If the sky really is the limit with Home Assistant like Linus says, does anyone out there know if I can use motion detection from a camera recording to ZoneMinder on the same NAS to triger light's or have the sound of a dog barking (or footsteps or random chatter etc.) play through my home audio system via Chromecast Audio or bluetooth? 

[Unimurph]

9 hours ago, Jonahdertyp said:

Or no-ip, works perfectly, they even have a simple windows app for easy automatic updating

No-ip also covers DDNS correct?

[Quackers101]

thought linus was old enough to start homeassist his whole house, from the bathroom with most teched up throne with RGB, and grass clipping robots with security cams that uses deadly laser beams to fry his foes!

Spoiler

 

more rants.

Smart shower with water reducing features, built in heater, not the fancy LG smart refrigerator with round ice balls and see through glass.

 

But it would be cool if he didn't try to go only for "youth/middle age", and assistants for older people, tech upgrade my grandparents house? (some cool tech for everyone)

 

 

[Mustahsin10]

6 hours ago, Biohazard777 said:

I've been using https://freedns.afraid.org/ for years. They've been operational for 20 years, and I haven't seen any controversies about them so far (someone correct me if I am wrong).

As for setting it up, here are the steps:

1) Create a free account.

2) Create a subdomain (I prefer ignorelist.com, but you can pick whatever is available / you like).

3) Get your API key (and obviously don't share it with anyone).

4) Make a check/update script and make it executable.

5) Add a cron job, say every 15 minutes, to run your check/update script.

 

First two steps are self-explanatory, I'll just go over the trickier ones.

3) The Web UI hasn't changed much over the last 20 years hah, so here is a picture showing where to get your API key:

 

 

4) For updating you can use one of the examples FreeDNS provides, or you can use this one I made:

#!/bin/bash                                                                     
LOG='/var/log/ddns.log'

# Get the current ip                                                         
CURRENT_IP=$(wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')

# FreeDNS update (if needed)                                                   
KEY="YourVeryLongApiKeyGoesHere" # change this
SUBDOMAIN="yourfancysubdomainname.ignorelist.com" # change this
UPDATE_URL="https://freedns.afraid.org/dynamic/update.php?"$KEY # leave this be

PREVIOUS_IP=$(nslookup $SUBDOMAIN | tail -n2 | grep A | sed s/[^0-9.]//g)

if [ "$CURRENT_IP" != "$PREVIOUS_IP" ]                                          
    then                                                                        
        echo "Current ("$CURRENT_IP") and previous IP ("$PREVIOUS_IP") differ! Updating FreeDNS..." >> $LOG      
        wget --no-check-certificate -O /dev/null $UPDATE_URL                                         
        echo "DNS updated on: "$(date) >> $LOG                                   
fi

Save the script (for example ddns.sh).
To make the script executable type in: 

chmod +x ddns.sh

5) In case you are new to Linux, here is how you would schedule the script to run every 15 minutes via crontab:

To edit crontab type in: 

sudo nano /etc/crontab

Add a new line (change the path /  script name if needed):

*/15 *  * * *   root    /home/pi/Programs/scripts/ddns.sh

So it should look like this:

Now save it by typing in CTRL+O , ENTER , CTRL+X
And lastly, reload crontab so that the changes take effect:

sudo service cron reload

PS A few tips about security:
1) Don't forget to setup your firewall correctly (both on your home router and the Pi),
2) Since you are using a Pi device I strongly recommend checking out https://www.pivpn.io/ . It is very easy to setup, doesn't use too much of your resources and will give you excellent security for accessing your NAS or VNC or whatever you've got going on that should stay in your LAN/VPN.
3) If you plan on allowing SSH connections outside your LAN/VPN then I urge you not to allow root logins and not to use passwords for logins, setup SSH keys instead.
4) I recommend not using default ports for anything. By simply changing say your SSH / VPN port you will effectively become immune to a vast amount of newb bots trying to gain access. Sure this won't protect you from more advanced bots out there which will do port scans etc. , but it will seriously lower the amount of unwanted traffic to your device.
5) Consider setting up Fail2ban. This alone won't protect you, but coupled with previous points it will further improve your security.

Thanks a lot man. Really appreciate it.

[RevoX86]

7 hours ago, Biohazard777 said:

I've been using https://freedns.afraid.org/ for years. They've been operational for 20 years, and I haven't seen any controversies about them so far (someone correct me if I am wrong).

As for setting it up, here are the steps:

1) Create a free account.

2) Create a subdomain (I prefer ignorelist.com, but you can pick whatever is available / you like).

3) Get your API key (and obviously don't share it with anyone).

4) Make a check/update script and make it executable.

5) Add a cron job, say every 15 minutes, to run your check/update script.

 

First two steps are self-explanatory, I'll just go over the trickier ones.

3) The Web UI hasn't changed much over the last 20 years hah, so here is a picture showing where to get your API key:

 

 

4) For updating you can use one of the examples FreeDNS provides, or you can use this one I made:

#!/bin/bash                                                                     
LOG='/var/log/ddns.log'

# Get the current ip                                                         
CURRENT_IP=$(wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//')

# FreeDNS update (if needed)                                                   
KEY="YourVeryLongApiKeyGoesHere" # change this
SUBDOMAIN="yourfancysubdomainname.ignorelist.com" # change this
UPDATE_URL="https://freedns.afraid.org/dynamic/update.php?"$KEY # leave this be

PREVIOUS_IP=$(nslookup $SUBDOMAIN | tail -n2 | grep A | sed s/[^0-9.]//g)

if [ "$CURRENT_IP" != "$PREVIOUS_IP" ]                                          
    then                                                                        
        echo "Current ("$CURRENT_IP") and previous IP ("$PREVIOUS_IP") differ! Updating FreeDNS..." >> $LOG      
        wget --no-check-certificate -O /dev/null $UPDATE_URL                                         
        echo "DNS updated on: "$(date) >> $LOG                                   
fi

Save the script (for example ddns.sh).
To make the script executable type in: 

chmod +x ddns.sh

5) In case you are new to Linux, here is how you would schedule the script to run every 15 minutes via crontab:

To edit crontab type in: 

sudo nano /etc/crontab

Add a new line (change the path /  script name if needed):

*/15 *  * * *   root    /home/pi/Programs/scripts/ddns.sh

So it should look like this:

Now save it by typing in CTRL+O , ENTER , CTRL+X
And lastly, reload crontab so that the changes take effect:

sudo service cron reload

PS A few tips about security:
1) Don't forget to setup your firewall correctly (both on your home router and the Pi),
2) Since you are using a Pi device I strongly recommend checking out https://www.pivpn.io/ . It is very easy to setup, doesn't use too much of your resources and will give you excellent security for accessing your NAS or VNC or whatever you've got going on that should stay in your LAN/VPN.
3) If you plan on allowing SSH connections outside your LAN/VPN then I urge you not to allow root logins and not to use passwords for logins, setup SSH keys instead.
4) I recommend not using default ports for anything. By simply changing say your SSH / VPN port you will effectively become immune to a vast amount of newb bots trying to gain access. Sure this won't protect you from more advanced bots out there which will do port scans etc. , but it will seriously lower the amount of unwanted traffic to your device.
5) Consider setting up Fail2ban. This alone won't protect you, but coupled with previous points it will further improve your security.

Another option to try is https://www.duckdns.org/, basically the same as FreeDNS