I’ve been trying for yonks (>two full days, plus crashing HA along the way) to get duckdns to work on my home assistant, so that I can remote access it from my telephone. Without success. There are pages and pages of people trying to get it to work, with multiple suggestions, mostly without success. I then came across Tailscale, it took me all of ten minutes to set it up, and WORKING. Whow, so hope this helps anybody trying to get remote access to their home assistant. This is not a publicity for Tailscale or Duckdns, just I’m so pleased to get it finally working.

  • jazzzaj@lemm.ee
    link
    fedilink
    English
    arrow-up
    25
    ·
    1 year ago

    IDK man. I set up DuckDNS 2 years ago and since then I had to update HomeAssistant settings just once when they introduced public address in settings. No failures, no problems. Rest is done automatically and my alert for expiring certificate never triggered.

    I’m happy that you found solution with Tailscale but DuckDNS is also good and reliable in my experience.

  • torwag@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    1 year ago

    OK, you bet me, it took me 15 min to setup WireGuard on my opnsense-based router and install it on my phone and my laptop. Now I can access my entire network from everywhere, including full access to HA.

    Not saying tailscale is bad but for me WireGuard was sufficient easy…

    • PeachMan@lemmy.one
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      1 year ago

      Lol no, Tailscale is incredibly simple, even if you don’t have any idea how any of this works. Just install a client on your device, sign in, and you’re on the same network as your other devices. The fact that you have an opnsense router means that you’re comfortable with a level of networking complexity that most people simply cannot handle.

      • torwag@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Fair, but I guess we could agree that a lot of people on this community are not exactly matching your “most people” bin. Having alternatives is always a good idea. And taken that some people run HA on pretty exotic hardware, there is a chance that tailscale doesn’t work with it (albeit I agree they do a pretty good job in supporting as much platforms and distros as possible). Talking about alternatives… There is netbird as well ;)

    • Minty95@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I set up WireGuard this morning, but it’s far ‘harder’ than Tailscale. So now I have both working. 😁

  • rambos@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Wireguard + duckdns is simple setup, but lot of people prefer tailscale cuz its even more simple to set up or they cant forward port or they might be behind cgnat. I just dont like additional company between me and my server, so im avoiding it as long as I can

    • Minty95@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      After reading what you wrote and as I have time, being retired… thought I’d look at what you suggested, so now I have Duckdns & WireGuard setup as well, it’s no where as easy as Tailscale. So I wrote a post, rather long 😭 on my blog about setting it up https://www.minty95.com/remote-access-home-assistant-from-your-phone/ Maybe it will help others save time. Thanks for giving me the idea to look into it 👍

      • rambos@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Nice, that guide is quite detailed. Btw, duckdns cant provide remote connection on its own. Wireguard can if you know your home IP. Since most users dont have static IP, they can use dynamic dns service like duckdns that tracks your home IP and nothing else. Many home routers also support dynamic dns and/or VPN server.

    • Minty95@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Forwarding ports can be a pain, I admit, here in France you get a routeur supplied when you sign up for fiber, and of course they are all different. I got WireGuard with Duckdns working, though impossible to get just duckdns to work on it’s own. And it was was far more difficult than just tailscale.

  • forbiddenlake@fedia.io
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    Tail scale is great but the way its magic dns works has broken my device’s Internet more than thrice. Primarily on Android (there’s a long standing bug report) but also on Linux (before I fixed the firewall). If Android is your primary device I would absolutely not recommend tail scale for ha.

    The problem is that to make magic dns work, it has to override your local dns settings, which is fine until it breaks. For example, if private DNS is enabled in Android (which it is by default) then when your phone switches networks, dns straight up doesn’t work until you toggle TS off and on. Which means your internet doesn’t work. And magic dns is “needed” to get a TS https certificate (if you have another valid cert, this is less important).

    On my Android I have private DNS on and a tasker profile to toggle TS whenever the network changes. It is not ideal.

  • tombond@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Both Tailscale and Wireguard are valid options but both must be enabled first. If you use a DNS solution to only provide access to HA it always works, no actions needed. I personally use DNS (ipv6.com via DynDNS from my Fritzbox Router) and a locally hosted Nginx to provide access to HA and it works perfectly. If I need access to something else I can still enable Wireguard for full access.

  • Hooolm@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Tailscale works great for me. The only thing I can’t seem to do is http post between the three servers I have running.

  • Buelldozer@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Huh, duckdns was one of the very first integration I did with my HA installation. It was pretty straightforward to setup using these directions and it’s been super reliable.

    Wireguard was also pretty straightforward using these directions and it too has been very reliable.

  • spez_@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I have a GL.iNet travel router which has Tailscale support built in, so I can access Home Assistant and my NAS from anywhere in one go

  • André@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Thanks for sharing. I also thought about integrating my HA server into my Tailnet so that HA can access my other devices (NAS, etc.). It’s a long story because my HA runs in an own VLAN along with all other IoT devices.

    Anyways, may I ask you how you installed Tailscale? I was not able to install the Tailscale client on by HAOS-based Home Assistant instance.

    • Minty95@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Installation was a breeze, far far easier than wireguard with duckdns. (which I have now just done as well) But can’t you add it to HA as a add-on?

  • 21racecar12@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I only use Tailscale to remote into my network devices. Everything else I access with Cloudflare, haven’t had any issues with it.

  • bigdog_00@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I have everything set up to do this as well, but on my Pixel running GrapheneOS I would suddenly lose all network access until I turned TailScale off and back on on my phone. That’s the one thing preventing me from switching over (also certs, since some next cloud applications don’t play nicely with the default cert)

    • Minty95@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      No I do not see that as a problem. I think, seeing some of their clients that it’s a reliable company