this post was submitted on 18 Jul 2023
21 points (81.8% liked)

homeassistant

12055 readers
40 users here now

Home Assistant is open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. Available for free at home-assistant.io

founded 1 year ago
MODERATORS
 

I've been trying for yonks (>two full days, plus crashing HA along the way) to get duckdns to work on my home assistant, so that I can remote access it from my telephone. Without success. There are pages and pages of people trying to get it to work, with multiple suggestions, mostly without success. I then came across Tailscale, it took me all of ten minutes to set it up, and WORKING. Whow, so hope this helps anybody trying to get remote access to their home assistant. This is not a publicity for Tailscale or Duckdns, just I'm so pleased to get it finally working.

all 24 comments
sorted by: hot top controversial new old
[–] [email protected] 27 points 1 year ago (1 children)

IDK man. I set up DuckDNS 2 years ago and since then I had to update HomeAssistant settings just once when they introduced public address in settings. No failures, no problems. Rest is done automatically and my alert for expiring certificate never triggered.

I’m happy that you found solution with Tailscale but DuckDNS is also good and reliable in my experience.

[–] [email protected] 1 points 1 year ago

I haven't had the same experience with DuckDNS. It was great for a few years, but for about the past year it would randomly go down (preventing access) or my domain would get flagged as spam. I ended up buying my own domain from cloudflare but I'm planning on investigating Tailscale at some point.

[–] [email protected] 17 points 1 year ago (4 children)

OK, you bet me, it took me 15 min to setup WireGuard on my opnsense-based router and install it on my phone and my laptop. Now I can access my entire network from everywhere, including full access to HA.

Not saying tailscale is bad but for me WireGuard was sufficient easy...

[–] [email protected] 3 points 1 year ago (2 children)

Lol no, Tailscale is incredibly simple, even if you don't have any idea how any of this works. Just install a client on your device, sign in, and you're on the same network as your other devices. The fact that you have an opnsense router means that you're comfortable with a level of networking complexity that most people simply cannot handle.

[–] [email protected] 3 points 1 year ago

Fair, but I guess we could agree that a lot of people on this community are not exactly matching your "most people" bin. Having alternatives is always a good idea. And taken that some people run HA on pretty exotic hardware, there is a chance that tailscale doesn't work with it (albeit I agree they do a pretty good job in supporting as much platforms and distros as possible). Talking about alternatives... There is netbird as well ;)

[–] [email protected] 2 points 1 year ago

I set up WireGuard this morning, but it's far 'harder' than Tailscale. So now I have both working. 😁

[–] [email protected] 1 points 1 year ago

It should be worth noting the tail scale uses wireguard on the back end

[–] [email protected] 1 points 1 year ago

Mind sharing the router model? Sounds great.

[–] [email protected] 9 points 1 year ago (2 children)

Wireguard + duckdns is simple setup, but lot of people prefer tailscale cuz its even more simple to set up or they cant forward port or they might be behind cgnat. I just dont like additional company between me and my server, so im avoiding it as long as I can

[–] [email protected] 2 points 1 year ago (1 children)

After reading what you wrote and as I have time, being retired... thought I'd look at what you suggested, so now I have Duckdns & WireGuard setup as well, it's no where as easy as Tailscale. So I wrote a post, rather long 😭 on my blog about setting it up https://www.minty95.com/remote-access-home-assistant-from-your-phone/ Maybe it will help others save time. Thanks for giving me the idea to look into it 👍

[–] [email protected] 2 points 1 year ago

Nice, that guide is quite detailed. Btw, duckdns cant provide remote connection on its own. Wireguard can if you know your home IP. Since most users dont have static IP, they can use dynamic dns service like duckdns that tracks your home IP and nothing else. Many home routers also support dynamic dns and/or VPN server.

[–] [email protected] 1 points 1 year ago

Forwarding ports can be a pain, I admit, here in France you get a routeur supplied when you sign up for fiber, and of course they are all different. I got WireGuard with Duckdns working, though impossible to get just duckdns to work on it's own. And it was was far more difficult than just tailscale.

[–] [email protected] 9 points 1 year ago

Tail scale is great but the way its magic dns works has broken my device's Internet more than thrice. Primarily on Android (there's a long standing bug report) but also on Linux (before I fixed the firewall). If Android is your primary device I would absolutely not recommend tail scale for ha.

The problem is that to make magic dns work, it has to override your local dns settings, which is fine until it breaks. For example, if private DNS is enabled in Android (which it is by default) then when your phone switches networks, dns straight up doesn't work until you toggle TS off and on. Which means your internet doesn't work. And magic dns is "needed" to get a TS https certificate (if you have another valid cert, this is less important).

On my Android I have private DNS on and a tasker profile to toggle TS whenever the network changes. It is not ideal.

[–] [email protected] 3 points 1 year ago

Tailscale works great for me. The only thing I can't seem to do is http post between the three servers I have running.

[–] [email protected] 3 points 1 year ago

Both Tailscale and Wireguard are valid options but both must be enabled first. If you use a DNS solution to only provide access to HA it always works, no actions needed. I personally use DNS (ipv6.com via DynDNS from my Fritzbox Router) and a locally hosted Nginx to provide access to HA and it works perfectly. If I need access to something else I can still enable Wireguard for full access.

[–] [email protected] 2 points 1 year ago

I have a GL.iNet travel router which has Tailscale support built in, so I can access Home Assistant and my NAS from anywhere in one go

[–] [email protected] 2 points 1 year ago

Huh, duckdns was one of the very first integration I did with my HA installation. It was pretty straightforward to setup using these directions and it's been super reliable.

Wireguard was also pretty straightforward using these directions and it too has been very reliable.

[–] [email protected] 1 points 1 year ago

I only use Tailscale to remote into my network devices. Everything else I access with Cloudflare, haven’t had any issues with it.

[–] [email protected] 1 points 1 year ago (1 children)

Thanks for sharing. I also thought about integrating my HA server into my Tailnet so that HA can access my other devices (NAS, etc.). It's a long story because my HA runs in an own VLAN along with all other IoT devices.

Anyways, may I ask you how you installed Tailscale? I was not able to install the Tailscale client on by HAOS-based Home Assistant instance.

[–] [email protected] 2 points 1 year ago

Installation was a breeze, far far easier than wireguard with duckdns. (which I have now just done as well) But can't you add it to HA as a add-on?

[–] [email protected] 1 points 1 year ago

I have everything set up to do this as well, but on my Pixel running GrapheneOS I would suddenly lose all network access until I turned TailScale off and back on on my phone. That's the one thing preventing me from switching over (also certs, since some next cloud applications don't play nicely with the default cert)

[–] [email protected] 1 points 1 year ago (1 children)

and you trust tailscale? no selling of your dns history?

[–] [email protected] 2 points 1 year ago

No I do not see that as a problem. I think, seeing some of their clients that it's a reliable company