I’m running my own HA locally, in my house, but I would like to be able to access it also when I’m not home. So I’ve put it on my Zerotier One VPN, which works fine. Except for two things:
-
HA no longer knows when I’m home - it thinks I’m always home;
-
Other people in my household would also like to have remote access, but it’s unrealistic to have them install and use the VPN.
So - can I just open it up, and rely on long, complex passeords? Or is that a complete no-go?
Mine is open to the internet, via a nginx reverse proxy. I made it ban people who try to brute-force my password. It’s been fine like that for years now:
http: trusted_proxies: - w.x.y.z use_x_forwarded_for: true ip_ban_enabled: true login_attempts_threshold: 10Thanks, TIL about the built in ip ban