bn8/ha-remote-vpn-addon
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
2 commits 1 branch 0 tags 36 KiB
Dockerfile 100%
Go to file
Benjamin Renard b54d67e343
Add README.md file
2024-01-01 18:07:59 +01:00
rootfs Initial release 2024-01-01 17:32:37 +01:00
.gitignore Initial release 2024-01-01 17:32:37 +01:00
apache2.conf Add README.md file 2024-01-01 18:07:59 +01:00
config.yaml Initial release 2024-01-01 17:32:37 +01:00
Dockerfile Initial release 2024-01-01 17:32:37 +01:00
README.md Add README.md file 2024-01-01 18:07:59 +01:00
repository.yaml Initial release 2024-01-01 17:32:37 +01:00

README.md

Home Assistant add-on to get access to your Home Assistant via OpenVPN and a reverse proxy

This Home Assistant add-on allow you to mount a tunnel to your external host that have to run OpenVPN server and a reverse proxy to access to your Home Assistant. In this container, you have:

  • a SSH service with root access (if you declare your SSH pub key)
  • a OpenVPN client
  • a Haproxy configured to get access to your Home Assistant

Installation

Firstly, you need to add this custom add-on repository:

Open your Home Assistant instance and show the add add-on repository dialog with a specific repository URL pre-filled.

When it's done, you could search and install the Remote VPN access addon. Don't forget to enable the Start on boot and Watchdog options. On the first start, the add-on will initialize it's configuration in addon_configs/xxxxxxxx_ha_remote_vpn.

Configuration

On the container

You have to:

  • put your external host IP address or domain name in srv/openvpn/client.conf (on the remote line at the begining of the file)
  • put your Home Assistant local IP address in srv/haproxy/haproxy.cfg (on the server line at the end of the file). Note: default is 172.30.32.1 and should fit on standard installation.
  • pur your SSH public key in srv/ssh/authorized_keys

After, restart the addon to apply new configuration.

On your external host

You have to:

  • install and configure OpenVPN using the provide srv/openvpn/server.conf and the secret.key file that will be generated by the client container on its first start
  • install and configure the reverse proxy of your choice, for instance, Apache2: on a Debian host :
    • Install it : apt install apache2
    • Copy apache2.conf in /etc/apache2/sites-available/home.conf and ajust it for your needs
    • Enable required modules and the site : a2enmod proxy_http proxy_wstunnel rewrite ssl && a2ensite home && service apache2 restart

On your Home Assistant

You have to authorized access via your reverse proxy by adding the following lines in your configuration.yaml file:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.1

Note: Adjust your addon container IP address in the list trusted_proxies.

After, restart the HomeAssistant to apply new HTTP configuration.