As an example: some people might be using the offerings from Microsoft or Amazon, whilst other people might be running a VM with a VPS somewhere and hosting their apps like Homeassistant, OpenHAB, Node-Red etc there.

I wanted to know if you do something like this, and what might be the downsides to doing something like this.

Thanks!

  • Moonrise2473@feddit.it
    51·
    10 months ago

    Home assistant is already a mess to properly configure in the lan where the auto discovery does most of the job, doing it in the cloud under a VPN (because you don’t plan to expose the iot devices to the internet, right?) Increases the complexity for no benefit

      • λλλ@programming.dev
        3·
        10 months ago

        Good luck connecting all of your IoT devices to the tailnet though. You’ll need a firewall and lots of tinkering. I use linode and host some stuff in the cloud, but not Home Assistant.

        • MigratingtoLemmy@lemmy.worldOP
          2·
          10 months ago

          What do you mean? Isn’t this supposed to work similar to a direct VPN connection to the VPS box, i.e. akin to the machine being in the same network? Am I missing something? What do you mean by “firewall” (on my side, or on the side of the VPS)?

          I’ll likely be using Node-red and MQTT with some automation apps, probably. Not decided yet.

          • λλλ@programming.dev
            2·
            10 months ago

            Tailnet requires you to run the Tailscale client. I would bet that the Tailscale client isn’t even built to run on some/all of your IoT devices. Even if it were, I doubt many little esp devices would have the overhead to run them.

              • λλλ@programming.dev
                21·
                10 months ago

                It just might. That’s what I meant by firewall btw. A router is usually just three things, a firewall, a network switch, and a wireless access point. The part that handles routing to the internet (and your cloud instance) will be the firewall. I have OPNSense as my firewall with Tailscale installed on it.

      • chaospatterns@lemmy.worldEnglish
        2·
        10 months ago

        Tailnet appears to be Tailscale which is Wireguard underneath. This means it operates at layer 3 (IP). However a bunch of smart home stuff (mDNS, WoL, etc) all depend on layer 2 connectivity (same subnet).

        That means some stuff won’t work correctly.

        • MigratingtoLemmy@lemmy.worldOP
          1·
          10 months ago

          I see. Could you give me a few more examples on what could break if I go forward with this? Will I still need to consider multicast DNS if my DNS server is on-prem (Pi-Hole + Unbound)?

          I remember that it was not possible to route multicast traffic through IPSec earlier, which is why people used to opt for GRE-over-IPSec. But just as IPSec supports multicast traffic now, doesn’t Wireguard too? Or am I missing something important as to why this is not supported?