Hi everyone

So, that’s a 2 in 1 post. First a more general question then looking for advice for a friend.

  • What is your preferred way to access HA from outside (and why)?

  • a friend of mine use duckdns and I often read (recently) that some people are having issue with it. Is wireguard a better way or another solution that is not too techy to deal with?

  • wewbull@feddit.ukEnglish
    71·
    6 hours ago

    Very different solutions.

    • DuckDNS: you expose your HA to the internet like a public website and register it’s address with DuckDNS so you can look it up.
    • Wireguard: you VPN to inside your firewall and can access anything on your private network.

    Wireguard all the way. Exposing just a VPN endpoint that can’t be connected to without the right cryptographic keys is a much more secure and maintainable attack surface.

    BTW I assume that’s what you meant by “DuckDNS”. Using that service is orthogonal to making HA visible externally, but is (I think) the common pairing.

    • pafOPEnglish
      1·
      5 hours ago

      Thanks, wireguard sound much better then for just accessing HA, wonder why is duckdns so popular then

      • Lee@fosstodon.org
        1·
        1 hour ago

        @paf @wewbull In fact, even if you’re using Wireguard you’d likely need DuckDNS (or a real domain with something like Cloudflare) to point your wireguard clients to. All DuckDNS does is associate a domain name with your external IP. You could just use the IP directly but your ISP likely doesn’t assign you a static IP so it’ll change randomly, so you run a script that updates your IP with DuckDNS.

        • pafOPEnglish
          1·
          4 hours ago

          Will check that, thanks