Disclaimer: I haven’t done a lot of research yet. Still in the “how to handle this” stage.
My profile: Senior Full Stack Web App - with own infrastructure in the cloud, unraid locally. HASSOS in a vm.
Q: in September I’m getting solar panels. My parents lended me the money on the condition they can use up the extra energy I set the net. We live in Belgium and that is possible but to do so they have to take it at most 15 minutes after. For normal usage this is fine but I’m talking heat pump and machines and such.
Both houses have a home assistant setup. His is even more automated than mine. Both run on on a decent machine. Both have stable internet (UniFi) and he is paying for home assistant cloud. Atm I am not.
Now I do have a digital meter and just integrated that with my instance. First I made my own cable but then I stumbled upon “slimmelezer+” module and that thing is just fantastic!
Anyway now I have access to real time data. What would you do to get it to the other instance? I do not have a lot of time but I am experienced with webservices and have the servers. This would be read only off course! lol but I was wondering if any of you knew a project or has done this him/herself.
I’m thinking the easiest way would be for me to pay for cloud access and then create a user for them. They can then add my home to their apps. But it would be super duper sweet to fully integrate both houses!
Thanks, didn’t know about this app. Will investigate, although if it uses long live tokens without a granular permission 🫤 idk the “can send commands” sounds terrifying. And that is an understatement.
That said I will look into it and it will probably help with me building something more secure. Idk how that will go though 😊
What you could do is have one of the HAs install the custom integration remote-homeassistant. However, even then it would mean that you have to somehow make your instance available outside e.g. VPN, port forwarding, cloud service, …
This one connects with the instance directly via a long-lived token and allows you to control and read date from the other instance. The good thing though: The configuration.yaml way allows you to specificially include or exclude entities. So with that you could technically only send the entities from slimmelezer+ without having to pass the other info.
I would say the only caveat would be that because the long-lived token is somewhere on the other house’s instance, they could technically take it and send commands randomly to your instance :P Maybe with an extra user you could maybe limit the permissions or something similar and create the long-lived token there - haven’t tried it though, just a thought.
I don’t know if this is what you are looking for but I personally use a HACS plugin to transfer some entities from my instance to my parent instance.
https://github.com/custom-components/remote_homeassistant
This way I can read some sensors or use some switches/lights directly from my instance.
I’m assuming they aren’t close enough to just run some cat6 between both houses and have a single instance govern them?
I’ll be honest though, although your plan sounds cool as fuck, it also sounds like a really terrifying project from a security perspective.
Nope. 2.5km or so but in a dense populated city 😁
I’m interested in your terrifying view though. Maybe I’m missing something, this is roughly what’s in my head now: (1 is my home, 2 is a a cloud server, 3 is my parents)
- 1: pushes the relevant entities to 2. Read only.
- 2 received the data. Validation here is a token system with permissions. I’m going to use my SaaS to do this given it already has this in place
- 2 is storing the values in a database
- 3 gets notified of the new values with web hooks. Again by 2, something I have yet to build in de SaaS but will be needed anyway
- 2 can sanitize the values when needed. It will absolutely do validation and verification and such
- 2 is very secure and is the only one who will do write, only to his own db
- I’m not sure if 3 would be able to react to entities directly on 2 but I will investigate this. If not I can push the values
- we make a read only graph on 3 that just displays the values.
- I’m now thinking that doesn’t even have to be on 3 yet, I can just make a very secure view for them in the SaaS. With login and things, something that I already have. I can use an iFrame to let them view it in a dashboard of HA
- later we could do automations when needed but that is not that urgent given I work from home and my parents are retired.
For me this seems very secure, more so given we mostly have read only things. maybe there is something I’m missing?
Sidenote: we have Smappee as well and can access each others home through their app. We can use this at first but it would just be cool to make this flow. I for one don’t want to be this dependent of some vendor, if you know what I mean…
Forgot to mention: 2 can even just send a notification to Slack to my parents. We are already using this. They are helping with testing the SaaS
Use woreguard and do a point to point VPN, I have one with my mate and so I can stream shit from his server over local LAN, wireguard is fucking sick.