Set Up Secure Remote Access for Home Assistant

The next step in my Home Assistant project was to enable secure remote access to it when I’m away from home. Fortunately the documentation covers this topic. Mostly I followed the instructions on the Remote Access with TLS/SSL via Let’s Encrypt page, so I won’t repeat the detailed instructions here. However, I did want to mention a couple of things.

First, the installation page for Duck DNS wasn’t intuitive to me. It doesn’t explain that you need to click on one of the buttons to view the installation instructions. On top of that, instructions for the Raspberry Pi are just called “pi” which I guess makes sense, but again not totally obvious to me at first when I’m looking for “raspberry pi” or “raspbian.” So once I clicked the pi button I was able to follow the instructions without issue.

Second, I did not install certbot as the homeassistant user in step 4; I was not comfortable adding homeassistant to the sudoers list. Instead I installed certbot as the pi user in the /home/pi/certbot directory. I also set up the auto-renew cron job in step 8 as the pi user. Other than that the install was exactly the same and I was able to set up secure remote access with an auto-renewing Let’s Encrypt certificate. I haven’t actually needed to renew my certificate, so it’s possible there is a problem with the cron job or something, but I’ll keep an eye on it until I know the auto-renew process works.