If you are in the midst of implementing an awesome Home Automation project using openHAB and you are wondering how to get openHAB remote access, you are at the right place.
In this post, I will walk you through the different options to get openHAB remote access along with some pros and cons for each of them.
Before I dive into the details, here are the 3 alternatives that we are considering with the links to the tutorials:
Let’s get started, shall we?
openHAB Cloud Connector
The openHAB cloud connector allows you to connect your local instance of openHAB to a secured cloud, you can install your own cloud or use the one provided by the openHAB foundation for free.
If hearing the word cloud makes you cringe, this solution might not be for you, but let me walk you through the details first.
openHAB Cloud Connector: Cons
- The openHAB cloud is in the cloud….sounds obvious doesn’t it? The point is that you are exposing your data to a third party. If you have trust issues this is definitely a concern.
- Reliability can be an issue at times. Like any other server on the internet, it is exposed to downtime occasionally. This has happened to me very few times but it is something to keep in mind.
openHAB Cloud Connector: Pros
- This method is by far the quickest and easiest to implement.
- It provides additional functionality like an event log or status monitoring for the openHAB instance.
- Using the cloud connector you can send push notifications to Android and iPhones. This is a game changer.
- Connectivity to services that require oAuth2 authentication like IFTTT or Amazon Alexa to add voice control to your Smart Home.
- You can also define different users with different privileges. It is the only option that allows that.
Using a Reverse Proxy
One of the things that you have probably noticed already is that openHAB doesn’t have, at least natively, a way to implement authentication for the different UI’s (PaperUI, BasicUI, Habmin…). Having said that, the community has done a very nice job making things like implementing a reverse proxy a walk in the park.
What is a Reverse Proxy anyway? A Reverse Proxy is a fancy word to define a service that sits between the internet and one or more web servers (openHAB in this case).
For the clients connecting to those web servers, the reverse proxy is transparent, which makes it a very good option to implement authentication.
The idea behind this architecture is that the user will connect to the reverse proxy and this one will route the packages back and forth to the openHAB server.
Since you have an additional layer in the middle, you can add user authentication and SSL encryption to secure the access.
Reverse Proxy: Cons
- It is not as easy to set up as the openHAB cloud connector although if you are using OpenHABian the implementation is quite simple.
- It requires port forwarding in the router.
- Using different user profiles is not an option.
Reverse Proxy: Pros
- It only has one point of failure, your server. Your server can also go down but at least we have one less thing to worry about.
- It allows for a higher degree of customization (SSL, Authentication, routing to subdomains…)
Using a Virtual Private Network (VPN)
A VPN, Virtual Private Network, is one of those very few things that has a descriptive name in technology. It is actually a private network between two or more devices connected to the internet.
This is a cool concept because it combines the flexibility of the internet with the added security of a private network.
Using a VPN is a whole different business. The setup is much more involved but it also offers additional functionalities that the reverse proxy or the cloud connector don’t.
One of these functionalities is obviously the remote access to your openHAB server.
Virtual Private Network: Cons
- It is the most complex option if we compare with the openHAB cloud connector or the reverse proxy.
- The connectivity process is not quite as seamless as we the other options. It requires a software installed on the client side.
Virtual Private Network: Pros
- It is a bit more complex but once it is up and running you will be able to use it for many things other than accessing to openHAB:
- Geoblocking: Watching Netflix while you are on vacation out of your country 🙂
- Privacy: You can use it to add privacy to your browsing activities while you are not at home (at the coffee shop for example)
- Access to all the network resources: The VPN doesn’t only allow you to access openHAB. Once it is in place you will be able to access all the resources in your home network; storage, printers…
- It is by far the most secure and versatile option of the three.
If you have reached this point and still don’t know which one is the best option for you, let me give you a little push. The solution that I am going to suggest you is the one I use.
Every solution has its own share of pros and cons.
I have good news though, things don’t have to be black and white. It is actually easier to reach the sweet spot by combining a few different options.
Day-to-Day openHAB Remote Access
I know many people have trust issues with the cloud, but in this case, I think that the pros strongly outweigh the cons.
What Happens if the Cloud goes Down?
If this happens to you…It sucks…I get it. That is the reason because a backup solution is always required.
Now the question comes down to deciding between Reverse Proxy or VPN and the answer is, it depends.
If you are willing to spend a bit more time go with the VPN. it is well worth it and it will boost your privacy when you are connected to the internet from outside your home network.
You don’t care about privacy? That is also fine, just go with the reverse proxy then.
Which solution are you going to implement?