Tim's blah blah blah

Migrating Home Assistant from Docker to Proxmox virtual machine

I’ve been running Home Assistant as Docker, but in my move to more modular setup (using e.g. Proxmox (vanwerkhoven.org)) I’m migrating to a virtual machine on Proxmox.

Plan

  1. Set up new VM with HAOS (home-assistant.io)
  2. Migrate backup
  3. Re-configure networking
    1. Allow all from HA to proteus
    2. Reconfigure MQTT server –> mqtt.lan.vanwerkhoven.org (=proteus)
    3. Reconfigure ESPhome clients –> homeassistant.vanwerkhoven.org (=new VM)
    4. Reconfigure Nibe ESP client –> homeassistant.vanwerkhoven.org (=new VM)
    5. Reconfigure Itho ESP client –> homeassistant.vanwerkhoven.org (=new VM)
    6. Reconfigure Solaredge client –> homeassistant.vanwerkhoven.org (=new VM)
  4. Check automations
  5. Debug & fix

Execution

Re-configure networking

  1. Allow all from HA to proteus - OK, on infra VLAN
  2. MQTT server –> mqtt.lan.vanwerkhoven.org (=proteus) OK, re-configured MQTT plugin
  3. Reconfigure ESPhome clients –> mqtt.lan.vanwerkhoven.org (=new VM) OK, re-configured clients to use mqtt.lan.vanwerkhoven.org
  4. Reconfigure Nibe ESP client –> homeassistant.vanwerkhoven.org (=new VM) Only static IP, can be done after new VM has IP
  5. Reconfigure Itho ESP client –> mqtt.lan.vanwerkhoven.org (=new VM) OK, set mqtt.lan.vanwerkhoven.org as host
  6. Reconfigure Solaredge client –> homeassistant.vanwerkhoven.org (=new VM) Not sure, need to test once new VM has IP

Install VM

Get Home Assistant image (home-assistant.io):

cd /var/lib/vz/template/iso
sudo wget https://github.com/home-assistant/operating-system/releases/download/13.2/haos_ova-13.2.qcow2.xz
sudo xz -d haos_ova-13.2.qcow2.xz

Create the new VM based on this guide (stefandroid.com) for command-line examples (as opposed to using the GUI). Alternatively you can use the tteck script (githubusercontent.com) to do it automatically, but I prefer to know what I’m running, especially as root.

Optional: delete/destroy existing VM - not needed if starting from scratch

qm destroy 101

Create the VM, I’m using 8GB RAM (out of 32GB) and 4 cores (out of 4) for HA.

sudo qm create 101 -agent 1 -tablet 0 -localtime 1 -bios ovmf -cpu host -cores 4 -memory 8192 -name haos -net0 virtio,bridge=vmbr0,macaddr=02:85:73:A4:71:88,tag=10 -onboot 1 -ostype l26 -scsihw virtio-scsi-pci
  1. Import the decompressed qcow2 image as a disk to the local-lvm storage. Change the storage if you store your Proxmox VMs somewhere else. –> I added ,cache=writethrough in case it’s not default
sudo qm importdisk 101 /var/lib/vz/template/iso/haos_ova-13.2.qcow2 thinpool_vms
  1. Assign the imported disk thinpool_vms:vm-101-disk-0 to the VM as scsi0.
sudo qm set 101 --scsi0 thinpool_vms:vm-101-disk-0,cache=writethrough
  1. Set the imported disk as the boot disk.
sudo qm set 101 --boot c --bootdisk scsi0
  1. Allocate 4 MiB for the EFI disk & assign the EFI disk to the VM.
sudo pvesm alloc thinpool_vms 101 vm-101-disk-1 4M
sudo qm set 101 -efidisk0 thinpool_vms:vm-101-disk-1

Update networking

Update network configuration (copy MAC from above)

set service dhcp-server shared-network-name vlan10 subnet 172.17.10.0/24 static-mapping homeassistantvm ip-address 172.17.10.20
set service dhcp-server shared-network-name vlan10 subnet 172.17.10.0/24 static-mapping homeassistantvm mac-address 02:85:73:A4:71:88
delete system static-host-mapping host-name homeassistant.vanwerkhoven.org
set system static-host-mapping host-name homeassistant.vanwerkhoven.org inet 172.17.10.2 # Host for access via nginx HTTPS proxy, via proteus
delete system static-host-mapping host-name homeassistant.lan.vanwerkhoven.org
set system static-host-mapping host-name homeassistant.lan.vanwerkhoven.org inet 172.17.10.20 # Host for direct access over http

set firewall name FW_TRUST2INFRA rule 240 action accept
set firewall name FW_TRUST2INFRA rule 240 description 'accept HA to home assistant'
set firewall name FW_TRUST2INFRA rule 240 destination address 172.17.10.20
set firewall name FW_TRUST2INFRA rule 240 protocol tcp
set firewall name FW_TRUST2INFRA rule 240 destination port 8123

Update nginx proxy, combine direct / proxy host names

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  server_name homeassistant.vanwerkhoven.org;

  location / {
    include snippets/nginx-server-proxy-tim.conf;

    #client_max_body_size 16G;
    proxy_buffering off;
    proxy_pass http://homeassistant.lan.vanwerkhoven.org:8123;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection “upgrade”;
  }
  include snippets/nginx-server-ssl-tim.conf;
  include snippets/nginx-server-cert-vanwerkhoven-tim.conf;
}

Test config & restart nginx

sudo nginx -t
sudo systemctl restart nginx.service

Set trusted_proxies in configuration.yaml (source 1 (home-assistant.io) and 2 (home-assistant.io))

# Allow for reverse proxies
http:
  use_x_forwarded_for: true
  #base_url: https://homeassistant.vanwerkhoven.org
  trusted_proxies:
  - 172.17.10.2

Migrate Home Assistant & test

  1. Create backup in existing HA setup via GUI
  2. Stop existing HA - stopped at 2024-10-23 12:08:19
    1. Via GUI
    2. Via CLI docker stop 66dc5dc20e69 && docker update --restart=no 66dc5dc20e69
    3. Update Docker compose file
  3. Start new HA
    1. Start VM
    2. Restore from backup
  4. Debug
    1. Solaredge: working
    2. Nibe: working
    3. MQTT: working
      1. ESPhome: working
      2. Itho: working
      3. smeterd: working
    4. Automation push over MQTT: working
    5. Smartphone app: working

#Debian #Home-Assistant #Linux #Networking #Proxmox #Security #Server #Smarthome #Vyos