I’m running my own HA locally, in my house, but I would like to be able to access it also when I’m not home. So I’ve put it on my Zerotier One VPN, which works fine. Except for two things:
-
HA no longer knows when I’m home - it thinks I’m always home;
-
Other people in my household would also like to have remote access, but it’s unrealistic to have them install and use the VPN.
So - can I just open it up, and rely on long, complex passeords? Or is that a complete no-go?
Mine is on the internet behind nginx. I block connections not originating in countries that are reasonable for my family. I don’t like geoip blocking but it straight up eliminated almost all the IDS alerts. I needed to migrate to DNS based validation for certbot.
If I or my family leave the geo region, I’m “away” anyways until I return to the area and my device gets a new IP. Or I can allow the country temporarily.
With the price of oil and therefore plane tickets what it is, I won’t be leaving my geo region.