I do this too, have acls setup for my main LAN ips and all my internal hosts setup in opnsense in hosts override so they get redirected to NPM. Not sure if this is the correct way but it gives me all valid certificates. You could also do domain override and redirect just that domain to your NPM.
Hmm yeah makes sense, I just can't do it since then I would need VPN app and home assistant app running 24/7 lol. I need location for home assistant and both appa are too much for my wife's iPhone. I might tey again but with gpslogger instead of home assistant for location.
I would be interested to hear how this goes. I had this setup with tailscale but having it run 24/7 on both our phones drained the battery really quickly. That being said I was running full tunnel and also needed home assistant background location running as well.
I like lineage is and have used for 5+ years. I'm now using it without google services. I mainly use it because I can't really afford a pixel phone and the many supported devices lineage is has is phenomenal. That being said I would love to tey graphene os.
I host all my stuff locally including my nginx proxy manager and I do also have opnsense firewall rules with geoip blocking as well.
I mean no but the added security kind of trumps everything else. It helps to not expose my public IP and the added bonus of firewall rules too.
So what provider does everyone recommend instead of cloudflare for proxy? I use cloudflare to protect all my websites but I've been trying to find some other place to proxy them from.
I don't really get the rub here, JM all for separating work devices and personal devices but the 2fa apps don't leak any info and the company can't "do" anything to your phone remotely. The apps work in air plane mode. I also want to bet more than half the users that complain about this use the companies free WiFi.
Get a flip phone and say you can't install it, however SMS 2fa is very insecure.
+1 they are completely local, cheap and have a tight integration with home assistant, I have 5 of their cameras.
I tried this for 2 months with tailscale and love it, however having it run 24/7 on both my wife's and my phone was too much. It literally wiped out the battery on my wife's iPhone 12 unless she charged it in the middle of the day. I lost about 40% more battery throughout the day on my android. I had to switch back to cloudflare and nginx proxy manager for now.
Hmm ok I've only tried accessing the login page via my browser using the fqdn but haven't tried from another source like davx. I have 10 other services working fine over the internet so I'm not sure what im doing wrong with this setup.
I've got a 80$ ZigBee centralite pearl thermostat. Took a bit to setup automations for it but its been rock solid