this post was submitted on 30 Mar 2026
29 points (93.9% liked)

homeassistant

18978 readers
433 users here now

Home Assistant is open source home automation that puts local control and privacy first.
Powered by a worldwide community of tinkerers and DIY enthusiasts.

Home Assistant can be self-installed on ProxMox, Raspberry Pi, or even purchased pre-installed: Home Assistant: Installation

Discussion of Home-Assistant adjacent topics is absolutely fine, within reason.
If you're not sure, DM @GreatAlbatross@feddit.uk

founded 2 years ago
MODERATORS
GreatAlbatross@feddit.uk
greatalbatross@lemmy.world
29
How many of you have an HA solution, which is open to the internet? (lemmy.world)
submitted 1 day ago by oz1sej@lemmy.world to c/homeassistant@lemmy.world
49 comments fedilink hide all child comments
 

I'm running my own HA locally, in my house, but I would like to be able to access it also when I'm not home. So I've put it on my Zerotier One VPN, which works fine. Except for two things:

  1. HA no longer knows when I'm home - it thinks I'm always home;

  2. Other people in my household would also like to have remote access, but it's unrealistic to have them install and use the VPN.

So - can I just open it up, and rely on long, complex passeords? Or is that a complete no-go?

you are viewing a single comment's thread
view the rest of the comments
[–] Cyber@feddit.uk 1 points 1 day ago

Layers

HA has it's own built in IP ban function with the HTTP(S) Integration, but that might only see NAT'd addresses (ie the entire internet has the same address as far as HA is concerned), and is really only intended for protection from someone already on your network.

You should also have some other form of external facing brute-force protection with HAproxy, nginx, fail2ban, etc.

You should have a firewall somewhere, maybe a function on your router, maybe a separate box. If possible also use geographical IP ranges to only allow your region(s).

All of that can either be at home, or on a VPS if you wanted to bounce all your traffic via a fixed location, perhaps with an outbound VPN from your home to the VPS.

Also use other network presence detection (ie ICMP ping, GPS, etc) to determine if you're at home.

Or... as others mention... support the devs with their solution.