DJDarrenFeb 19

Been trying to figure out how to use a WireGuard VPN to access my #HomeAssistant from outside my home network, and, well, it's beaten me. For now.

I can ping it from other machines connected to the VPN, but I'm damned if I can actually connect to it.

Ultimately the trouble is that I don't know what I'm doing.

Show threadGeoffFeb 19
@DJDarren I too don’t know what I’m doing, and my Home Assistant is deliberately not available Outside, but if I ever change that I’m going to investigate ZeroTier again. I can remember nothing about it from when I looked at it other than it seemed a nice approach. https://www.zerotier.com
ZeroTier | Next-Generation Connectivity and Cybersecurity

Connect everything, from cloud to IoT, with the next-generation global network solution. Simple, resilient, and secure networking in minutes.

ZeroTier
Show threadDJDarrenFeb 19

@OpinionatedGeek Generally I don't *need* it accessible, but if we're at the mother in laws and I need to turn something on/off, it'd be nice to have the ability.

That said, I could just use RustDesk to remote into the server.

Show threadGeoffFeb 19
@DJDarren Yeah, I’d like the ability to use the HA app wherever I was. Just… not enough (yet). (And too many bad sci-fi movies about network intrusion.) I used to have the HA server blocked from accessing the internet completely so I’m gradually coming around to the idea.
Show threadBodgerFeb 19

@OpinionatedGeek @DJDarren I'm brave (or stupid) and have just punched a hole through my home router. I have DDNS address so I can access it even if my ip changes, and it gets a lot of use.

That said, I'm in the process of moving some services to access over tailscale, and this will likely be one of them. I'll still have holes poked for plex and self hosted minecraft servers for my kid, but maybe not the access to all my home systems!!

Show threadGeoffFeb 19
@bodger @DJDarren Nice. I’ve heard others say good things about Tailscale too - I should check it out at some point.
Show threadBodgerFeb 19

@OpinionatedGeek @DJDarren I started investigating it as a way to let my university bound kid keep using spotify and netflix. Didn't work because her uni block tailscale. However... yesterday they made self hosted peer relays available to the free tier, so my plex server is now a peer relay running on port 443 (block that fascist uni IT people!), so we're going to try that this weekend.

Made me sort out my whole config, so now I'm wondering what else I can stick behind it

Show threadGeoffFeb 21
@bodger @DJDarren Just reporting back: Spurred on by this I've now actually tried ZeroTier and... it's not as good as I was expecting. I'll be undoing all of that and going with WireGuard or TailScale - you're both ahead of me now!
Show threadDJDarrenFeb 21
@OpinionatedGeek @bodger Yeah, for my meagre needs, Tailscale works just fine and is free. Took five minutes to set up, and now I can turn shit on and off when I'm out of the house.
Show threadBodgerFeb 21
@DJDarren @OpinionatedGeek my Saturday project has been to flash and resurrect my nest thermostat, get it back into home assistant, and get back to controlling the heating based on actual needs, not a schedule. Mission accomplished. Does happy dance.
Show threadDJDarrenFeb 21
@bodger I thought about doing something like that, particularly now we've got a bunch of little temperature sensors around the house (cheers @OpinionatedGeek), but honestly, the schedule that H put together when we first got the Nest installed has worked a treat.
Show threadBodger
@DJDarren @OpinionatedGeek I kept going with tailscale, and have now managed to turn off all the port forwards except the minecraft servers (UDP and tailscale are not friends). I'm "serving" Home Assistant and KaraKeep (a pocket replacement), and I'm "funnelling" a book server and an audio book server that I run for some friends.I've gone from 17 port forwards, to 4 (I have 4 minecraft servers)
Feb 25 at 9:46pmWeb
Show threadGeoffFeb 25
@bodger @DJDarren You’ve persuaded me I’m gonna have to play with tailscale! I ordered a ZB-2 doofer to try out Thread and Matter but it hasn’t arrived yet so I have some HA time I’m not using.
Show threadGeoffFeb 26

@bodger @DJDarren Sat down to give Tailscale a go, but fell at the first hurdle: setting up a Tailscale account. I'm averse to logging in with Google/Microsoft/Github/Apple/AnythingElse - I just want a username and random 50-character password to log in to places, unconnected to identities used elsewhere, and that's getting more and more out of fashion these days.

Ah well, thanks for the info. The ZBT-2 has arrived so I'll try playing with that.

Show threadGary Feb 26
@bodger @DJDarren @OpinionatedGeek Tailscale is absolutely brilliant for extending services outside of your lan while not actually exposing them to the internet. I use it a *lot*
Show threadjamoMar 7

@bodger @DJDarren @OpinionatedGeek

Did you find multiple services on a single funnel works ok? I tried a while back and could only get it to host a single service on a tunnel, will prod at it again if it's manageable.

Show threadBodgerMar 7
@jamoquanty @DJDarren @OpinionatedGeek you can host 3. One on port 443, one on 8443 and one on 10000
Show threadBodgerMar 7
@jamoquanty @DJDarren @OpinionatedGeek and in answer to your question, yes, I'm doing exactly that successfully now. I have karakeep on 443, booklore on 8443 and audiobookshelf on 10000. All from one box.
Show threadjamoMar 7

@bodger @DJDarren @OpinionatedGeek

Awesome thanks, booklore is what I wanna add.

Will give it a spin soon.