Skip to content

groupsky/homy

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Folders and files

NameName
Last commit message
Last commit date
Dec 28, 2022
Sep 15, 2020
Jul 8, 2020
Jan 2, 2022
Nov 16, 2024
Jan 7, 2021
Nov 17, 2024
Oct 15, 2023
Mar 22, 2021
Jan 7, 2021
Nov 21, 2020
Dec 15, 2019
Dec 25, 2019
Jan 7, 2021
Oct 26, 2024
Dec 28, 2022
Dec 24, 2019
Jan 7, 2021
Dec 15, 2019

Repository files navigation

homy

Home actuation, monitoring and automation

Installation

  • Clone the repo
git clone https://github.com/groupsky/homy
cd homy
  • Initialize the OPNVPN configuration files and certificates
docker-compose run --rm openvpn ovpn_genconfig -Ddbu udp://VPN.SERVERNAME.COM
docker-compose run --rm openvpn ovpn_initpki
  • Start the containers
docker-compose up -d
  • All is up and running Node-red is available at http://localhost:1880 Home-assistant is available at http://localhost:8123 MQTT broker uses standard port mqtt://localhost:1883 with websocker ws://localhost:9001 OpenVPN listens on udp://localhost:1194

Important security note

If using ufw to limit the access to docker exposed ports, be aware of an issue that allows unrestricted access to docker. A good solution is available at ufw-docker

OpenVPN client certificates

  • Generate a client certificate
export CLIENTNAME="your_client_name"
# with a passphrase (recommended)
docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME
# without a passphrase (not recommended)
docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME nopass
  • Retrieve the client configuration with embedded certificates
docker-compose run --rm openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn
  • Revoke a client certificate
# Keep the corresponding crt, key and req files.
docker-compose run --rm openvpn ovpn_revokeclient $CLIENTNAME
# Remove the corresponding crt, key and req files.
docker-compose run --rm openvpn ovpn_revokeclient $CLIENTNAME remove