bn8/ha-remote-vpn-addon
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
ha-remote-vpn-addon/README.md
Benjamin Renard b54d67e343
Add README.md file
2024-01-01 18:07:59 +01:00

53 lines
2.5 KiB
Markdown
Raw Permalink Blame History

# Home Assistant add-on to get access to your Home Assistant via OpenVPN and a reverse proxy
This Home Assistant add-on allow you to mount a tunnel to your external host that have to run OpenVPN server and a reverse proxy to access to your Home Assistant. In this container, you have:
- a SSH service with root access (if you declare your SSH pub key)
- a OpenVPN client
- a Haproxy configured to get access to your Home Assistant
## Installation
Firstly, you need to add this custom add-on repository:
[![Open your Home Assistant instance and show the add add-on repository dialog with a specific repository URL pre-filled.](https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgitea.zionetrix.net%2Fbn8%2Fha-remote-vpn-addon)
When it's done, you could search and install the _Remote VPN access_ addon. Don't forget to enable the _Start on boot_ and _Watchdog_ options. On the first start, the add-on will initialize it's configuration in `addon_configs/xxxxxxxx_ha_remote_vpn`.
## Configuration
### On the container
You have to:
- put your external host IP address or domain name in `srv/openvpn/client.conf` (on the `remote` line at the begining of the file)
- put your Home Assistant local IP address in `srv/haproxy/haproxy.cfg` (on the `server` line at the end of the file). Note: default is `172.30.32.1` and should fit on standard installation.
- pur your SSH public key in `srv/ssh/authorized_keys`
After, restart the addon to apply new configuration.
## On your external host
You have to:
- install and configure OpenVPN using the provide `srv/openvpn/server.conf` and the `secret.key` file that will be generated by the client container on its first start
- install and configure the reverse proxy of your choice, for instance, Apache2: on a Debian host :
- Install it : `apt install apache2`
- Copy `apache2.conf` in `/etc/apache2/sites-available/home.conf` and ajust it for your needs
- Enable required modules and the site : `a2enmod proxy_http proxy_wstunnel rewrite ssl && a2ensite home && service apache2 restart`
### On your Home Assistant
You have to authorized access via your reverse proxy by adding the following lines in your `configuration.yaml` file:
```yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.1
```
**Note:** Adjust your addon container IP address in the list `trusted_proxies`.
After, restart the HomeAssistant to apply new HTTP configuration.
Reference in a new issue View git blame Copy permalink