Jump to content

Home assistant external access

KozoleJ
By KozoleJ
in Servers, NAS, and Home Lab
 Share
Posted

I am new to networking so this question might be stupid.
At home, I have a Synology server running DDNS. For explaining purposes let's say this domain is https:\\home.synology.me. I have added an SSL certificate through the built-in Let's Encrypt wizard.
On the same network, I have a home assistant server that I want to access externally. I want to access it by port forwarding so I am taking some security precautions.
I have enabled dual authorizations, I added MAC address filtering on my router for port and I want to access my app through https but I can not get it to work.

I get "Failed to perform SSL handshake, please ensure your certificate
." Do I need a separate certificate for my Home assistant?  Do I need to reroute my traffic to my home assistant server or what?

Link to comment
https://linustechtips.com/topic/1510147-home-assistant-external-access/
Share on other sites
Link to post
Share on other sites
Posted
11 hours ago, Jealy said:

Use a reverse proxy, I assume your Home Assistant isn't running on port 443.

 

Easiest way is to give Nabu Casa some money and use their service.

I agree, if you want to go direct, setting up ha proxy or similar as a reverse proxy is the way to go. 

Link to post
Share on other sites
Posted
On 6/1/2023 at 8:54 AM, Jealy said:

Use a reverse proxy, I assume your Home Assistant isn't running on port 443.

 

Easiest way is to give Nabu Casa some money and use their service.

 

On 6/1/2023 at 8:14 PM, m9x3mos said:

I agree, if you want to go direct, setting up ha proxy or similar as a reverse proxy is the way to go. 

Another option is cloudflare zero trust tunnel. Works fantastic.

Rig: i7 13700k +Contact Frame - - Asus Z790-P Wifi - - RTX 4080 - - 4x16GB 6000MHz - - Samsung 990 Pro 2TB NVMe Boot + Main Programs - - Crucial P3 2TB NVMe for photo work - - Corsair RM850x - - Sound BlasterX EA-5 - - Corsair XC8 JTC Edition - - Corsair GPU Full Cover GPU Block - - PTM 7950 - - XT45 X-Flow 420 + UT60 280 rads externally mounted - - EK XRES RGB PWM - - Fractal Define S2 - - DellAlienware AW3423DWF 34" -- Logitech Pro X Superlight - - Logitech G710+ - - LTT Northern Lights Deskpad

 

Headphones/amp/dac: Schiit Bifrost Multibit - -  Schiit Lyr 3 - - Fostex TR-X00 - - Sennheiser HD 6xx

 

Homelab/Media Server: Proxmox VE host - - 512 NVMe Samsung 980 RAID Z1 for VM's/Proxmox boot - - Xeon e5 2660 V4- - Supermicro X10SRF-i - - 128 GB ECC 2133 - - 10x8TB WD Red RAID Z2 - - 2x 800 GB SAS SSD’s (1 SLOG, 1 L2Arc) - - 45 HomeLab HL15 15 Drive 4U - - Corsair RM650i - - LSI 9305-16i HBA - - TreuNAS + many other VM’s

 

Unifi UDM Pro in front of full unifi network infrastructure

 

iPhone 17 Pro - - MacBook Air M3

Link to post
Share on other sites
Posted

Instead of opening your system to the world, run WireGuard and bring your client into the network. That, or run zero trust like ligistx suggested 

PRODIGY -- SMALL TORRENT -- K'NEX SERVER -- NOCTUA PSU

 

Community Standards -- Moderators

Link to post
Share on other sites
Posted

I use cloudflared, it’s available in Home Assistant as well so the configuration is relatively easy!

 

Another great way like suggested is to use a VPN like WireGuard or better yet look into Twingate! That lets you isolate the client to only be able to access the home assistant instance and nothing else on the network!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Servers, NAS, and Home Lab

×