How do you access OpenHAB remotely?

Curious with OpenHAB, how you can manage it when you are remote? I have a fairly high end infrastructure in my house from a network perspective, but curious what is entailed. Does OpenHAB manage a cloud instance of what I have on premise and sync’s between them? Do I need to do some port forwarding from my external IP to the OpenHAB hub to make this work? If the second does it work on certain ports? I am already using ports 80 and 443 for another server.



Yep, simplest and safest way to do it.

Thanks vzorglub. So if I’m understanding this right, I would make a change on the cloud instance, and my local hub would connect to it to absorb the changes? Sounds like the cloud would have no inbound to my network, access? Would all be a pull from my hub?

If the above is the case, if I remotely unlock the door to my house, how long would that take to happen? Curious if the hub is then constantly pinging for changes or perhaps is on a constantly connected secure tunnel?

With the mobile app, when I configure the app, which I have done none of this yet, do I point it to the cloud instance and it always does everything from there? Trying to understand Wink, but their website sounds like they do some thing where it tries connecting internally and if it detects you are external, redirects to the cloud instance, otherwise if you are on your internal network connects directly to the internal hub.

No it will connect to your local openHAB if you are on your LAN and to the cloud if not.

Instantly more or less

it really depends on the degree of access you want.

If you are just looking for access to the things listed in the OH dashboard (PaperUI, BasicUI, etc) then is IMHO the best way to go. The openHAB Cloud Connector binding connects to and allows to proxy the OH web server and REST API. That gives you pretty much everything you can do through a web UI in OH.

When you inteact remotely is proxying a connection to your home server. But because the cloud connector binding initiates the connection there is no need for NAT or anything like that.

In the phone apps you provide two addresses. One to use when on the same LAN as your OH server and the other configured with your credentials. If the app can’t see the local address it will use the remote address.

It’s just a proxy so if the connection is established, any command given through is nearly instantaneous and in my experience has no noticeable lag compared to commands sent locally.

now, if what you want is to remotely access other services (e. g. Grafana generated charts) on your OH sitemap you will need to figure something else out to do this because is not a generic proxy and can not proxy external to OH services.

If you want access to your OH’s shell, the karaf console, etc you will need to set up remote SSH or OpenVPN connectivity. Of course, once you have SSH, it’s easy enough to tunnel OH through such a connection. and if you have OpenVPN your remote device is virtually on your LAN anyway.

I personally set up OpenVPN on all my phones to get access to all my home services but I still use to get alerts.