Self-hosted home security for multiple properties, set up entirely by Claude Code

TL;DR: I gave Claude Code SSH access to my Home Assistant Green. It installed addons, configured Frigate with person detection, set up Discord alerts, wrote health monitoring scripts, and deployed everything - across multiple properties. Factory reset to fully working security system, without me editing a single config file. Full sanitized configs on GitHub.

Your cleaner says they came by Tuesday. You have no way to verify. A package was “delivered” but nobody was there to receive it. You gave the plumber the door code three months ago and never changed it. Your Airbnb guest checked out at noon but you don’t actually know if they left.

If you own multiple properties - vacation homes, Airbnbs, rentals - you know this problem. You’re not there. You don’t know what’s happening. And the tools that exist either cost a fortune across multiple locations or lock you into some cloud subscription that owns your camera footage.

I manage two homes across two countries. I needed three things: know when someone shows up (with a photo), let the right people in remotely, and have it all run without me touching it for months. $500 per property, zero monthly fees, and an AI that set the whole thing up for me.

The twist: I didn’t configure any of it manually. Claude Code did the entire setup via SSH.

Key takeaways:

• Claude Code set up the entire security system via SSH and the HA Supervisor API
• Full property security for ~$500 per location, zero recurring costs
• Person detection with instant Discord alerts (360p + HD follow-up snapshots)
• Remote door access via Nuki smart lock - grant entry from anywhere
• Cameras auto-disable when you’re home (privacy mode enforcement)
• Health monitoring with auto-recovery - runs unattended for months
• Same setup replicated across properties with location-specific configs
• Reference repo on GitHub with full sanitized configs and CLAUDE.md

Claude Code as the installer

Here’s what actually happened. I had a Home Assistant Green that I’d lost the password to. I told Claude Code: “Help me reset my Home Assistant Green and configure it like my other property.”

Claude Code then:

1. Walked me through the physical factory reset (the one step that requires hands)
2. Found my SSH public key and told me exactly what to paste into the addon config
3. SSH’d into the device once the SSH addon was running
4. Discovered the Supervisor API token at /run/s6/container_environment/SUPERVISOR_TOKEN
5. Added the Frigate addon repository via the Supervisor API (after finding the correct URL - it’s frigate-hass-addons, not frigate-hass-addon)
6. Installed and configured Frigate, Mosquitto, and Tailscale - all via API calls
7. Wrote the full configuration.yaml with shell commands, input booleans, counters, and rest commands
8. Wrote automations.yaml with person detection triggers, daily digest, and detection counters
9. Wrote the Frigate config with camera definitions, detection settings, and go2rtc streams
10. Scanned the local network to find camera IPs, then grabbed snapshots from each to identify which camera was where
11. Copied the Frigate HACS integration from my other property via SSH
12. Configured MQTT and Frigate integrations through the HA config flow API
13. Wrote Python scripts for privacy enforcement and health monitoring
14. Set up cron jobs in the SSH addon’s init_commands
15. Tested the Discord webhook and verified end-to-end alerts
16. Tuned performance when CPU was too high (reduced detection resolution and FPS)

All of this happened in a single conversation. I described what I wanted. Claude Code figured out the Supervisor API, handled authentication, wrote configs, pushed them via cat | ssh tee, and restarted services. When something didn’t work - like the webhook URL being wrong, or !secret not working inside shell_commands - it diagnosed and fixed the issue.

The project repo includes a CLAUDE.md file that gives Claude Code all the context it needs: SSH access details, file paths on the device, how to push configs, how to access the Supervisor API. Next time I need to change something, I open Claude Code in the project directory and describe what I want. It reads the CLAUDE.md, SSH’s in, and makes the change.

This is what makes the setup replicable. Not because the YAML is well-commented (it is), but because Claude Code can read the CLAUDE.md and operate the system autonomously. The AI isn’t just writing config files. It’s the system administrator.

The stack

Every property runs the same core setup:

Component	What	Cost
Home Assistant Green	The brain. Runs automations, connects everything	~$99
Google Coral USB	AI accelerator for person detection (~10ms inference)	~$60
TP-Link Tapo C200	Cameras. Cheap, reliable, RTSP support	~$30 each
Nuki Smart Lock 3.0 Pro	Keyless entry via MQTT. Grant access remotely	~$250
Tailscale	VPN mesh. SSH into any property from anywhere	Free tier

Software running on the HA Green:

Software	Purpose
Frigate	NVR with real-time person detection via Coral TPU
Mosquitto	MQTT broker connecting Frigate, Nuki, and HA
go2rtc	WebRTC streaming, on-demand HD snapshots
Claude Code	AI-powered setup, configuration, and maintenance

Total per property: ~$500. No subscriptions. No cloud. You own everything.

How it works

The detection pipeline is simple:

Camera (RTSP stream) -> Frigate (person detection via Coral) -> MQTT -> Home Assistant -> Discord

1. Cameras stream RTSP to Frigate at low resolution for detection (640x360, 2 fps)
2. Frigate runs person detection on the Coral TPU in ~10ms per frame
3. When a person is detected, Frigate publishes to MQTT
4. Home Assistant automation triggers, grabs two snapshots:
   • Instant: Frigate’s detect-resolution frame (fast, ~0.1s)
   • HD follow-up: go2rtc pulls a 1080p frame from the camera’s main stream on-demand (~2s)
5. Both get posted to Discord with the camera name

You get a Discord ping within a second of someone appearing on camera. The HD snapshot follows a couple seconds later. Low CPU usage because detection runs on the Coral, not the ARM processor. The HA Green barely breaks a sweat.

The Nuki integration

The Nuki Smart Lock 3.0 Pro connects directly to Mosquitto via its built-in Wi-Fi. No bridge, no cloud. MQTT auto-discovery means Home Assistant picks it up automatically.

This solves the access problem. Someone needs to get in? Open the HA app, tap unlock. Or set up an automation: unlock when a specific person is detected, unlock on a schedule, unlock via a Discord command. The lock reports its state back via MQTT - locked, unlocked, door open, door closed, battery level.

The daily security digest includes lock state and battery:

Daily Security Digest

Detections (since last digest):
  Entrance: 3
  Garden: 1

Lock & Door:
  Lock: Locked
  Door: Closed

Nuki Battery: 48%

Privacy mode enforcement

Cameras watching your living room while you’re home is not great. The Tapo C200 has a privacy mode, but it resets when the camera reboots or someone toggles it in the Tapo app. I wanted it enforced.

A Python script runs every 5 minutes via cron in the SSH addon. It checks a toggle in Home Assistant (input_boolean per camera), and if enabled, forces privacy mode on via the local API using pytapo. No cloud calls. Direct IP, local network only.

Leaving the house: turn off the privacy enforcer toggle, cameras start observing within 5 minutes.

Coming home: turn on the toggle, cameras go dark within 5 minutes.

Simple, automatic, no app needed beyond the HA dashboard.

Runs unattended for months

This is the part that matters most. I’m not around to reboot things. The system needs to handle its own failures.

Layer 1: HA Supervisor watchdog. Built into Home Assistant OS. Auto-restarts Core and addons if they crash or become unresponsive. Always on.

Layer 2: Health check script. A Python script running every 10 minutes via cron. It checks three things: HA Core API, Frigate API, and Mosquitto addon state. If something’s wrong, it escalates:

Consecutive failures	Action
1	Restart the failing addon
3 (30 min)	Restart HA Core
6 (60 min)	Reboot the entire host (max 1/day)

Every recovery action sends a Discord notification. If it rebooted today and things are still broken, it stops trying and sends a “manual intervention needed” alert instead of looping.

State tracking lives in /tmp/health_check_state.json - resets on successful check, doesn’t survive reboots (by design - a reboot is a fresh start).

Replicating across properties

The setup is identical at each location. Same addons, same automation structure, same scripts. What changes per property:

• Camera IPs and RTSP credentials
• Nuki lock device ID and MQTT topic
• Discord webhook URL (separate channel per property)
• Network topology (LAN IPs, Tailscale addresses)

I keep each property in its own git repo with configs sanitized for version control (placeholder credentials). The actual secrets live only on the device. Pushing a config change:

cat configuration.yaml | ssh ha-device 'sudo tee /homeassistant/configuration.yaml > /dev/null'

No scp (HA OS doesn’t support the subsystem). Just cat | ssh tee. Claude Code knows this because it’s documented in the project’s CLAUDE.md.

Remote management via Tailscale

Every HA Green sits on my Tailscale network. From anywhere in the world:

ssh property-a    # SSH into property A's HA Green
ssh property-b    # SSH into property B's HA Green

No port forwarding. No dynamic DNS. No exposing anything to the public internet. Tailscale handles NAT traversal and encryption. The free tier supports up to 100 devices.

The HA web UI is also accessible via Tailscale hostname - http://property-a:8123 from any device on the tailnet.

What I’d do differently

Static IPs for cameras. DHCP reservations or static config in the Tapo app. Cameras changing IPs after a router reboot breaks Frigate until you update the config.

Coral TPU from day one. CPU detection works but pegs the HA Green at 90%+ CPU and limits you to low resolution and frame rate. The Coral drops inference to ~10ms and lets the ARM chip breathe. Worth the $60.

Separate Discord channels per property. Obvious in hindsight. Mixing alerts from two locations in one channel gets noisy fast.

Reference repo

Full sanitized configs are on GitHub: home-assistant-security-setup

Includes:

• CLAUDE.md - Project context for Claude Code: SSH access, file paths, Supervisor API, push/pull commands
• configuration.yaml - HA config with shell commands, input booleans, counters, rest commands
• automations.yaml - Person detection alerts, detection counters, daily digest
• frigate/config.yml - Frigate config with camera definitions, Coral TPU, MQTT, go2rtc
• scripts/enforce_privacy.py - Privacy mode enforcement via pytapo
• scripts/health_check.py - Auto-recovery with escalating restarts and Discord alerts
• Setup guide with hardware links and step-by-step instructions

If you manage properties, run Airbnbs, or own vacation homes - this is the setup. No monthly fees, no cloud dependency, person detection that actually works, and remote access control for guests and service people.

If you’re technical: clone the repo, point Claude Code at it, and tell it what you want. It’ll read the CLAUDE.md and handle the rest.

If you’re not: send the GitHub repo to whoever manages your tech. Everything they need is in there.

If you’re in the Dominican Republic: DM me on Discord or LinkedIn. I’ll help you set it up.