I’m running my own HA locally, in my house, but I would like to be able to access it also when I’m not home. So I’ve put it on my Zerotier One VPN, which works fine. Except for two things:
-
HA no longer knows when I’m home - it thinks I’m always home;
-
Other people in my household would also like to have remote access, but it’s unrealistic to have them install and use the VPN.
So - can I just open it up, and rely on long, complex passeords? Or is that a complete no-go?
What I personally do is have it accessible over WireGuard. Open TCP ports to the Internet is a bad idea. This does mean you have to launch WireGuard every time, but it’s way more secure
If I understood correctly, you may find https://wgtunnel.com/ useful. No need to launch wireguard manually anymore.
Same, I use wgtunnel with autostart when I’m not on my home wifi. The only time I have to think about it is when I’m trying to see devices on others’ networks (ex. Chromecast/apple tv/etc), but that’s much less common than just always wanting access to my home services.
Seconded, works great!
Wish they had it for iOS
Wireguard runs in a different subnet at home, so the ping sensor for my phone fails on the regular WLAN address and this my ha always knows when home and when not.
@Archer indeed. A small effort for a good result