this post was submitted on 11 Jul 2023
13 points (84.2% liked)

Selfhosted

40152 readers
464 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
13
Secure Access and Android Apps (feddit.de)
submitted 1 year ago by [email protected] to c/[email protected]
11 comments fedilink hide all child comments
 

Hi all, I've been in love with the idea of self hosting some essential services for my home and over the past year I've set up a domain, a thin client as a server and installed some docker containers that caught my eye.

Since I'm a bit paranoid about intrusion, and already didn't manage to set up nginx for intranet use, I set up a cloudflare zeroTrust account, since there were a lot of youtube tutorials about that at the time.

So now I've set up zeroTrust with a google auth in between my homeserver and the internet, which suits me just fine and is simple enough my SO is willing to use the set up as well.

The one snag I've hit with this setup is that i can't use companion apps (e.g. paperless, grocy, homeassistant) on my phone, since their API access doesn't cope with coudflare's routing.

Do you have any advice on how to get a set up that has access control and lets companion apps through to the service? I've seen alot of recommendations for wireguard and VPNs, but I'm not sure my wife's company laptop and phone will play nice with those, since I assume I'd have to install a client.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (2 children)

You're right about the spotty support for Service Tokens, so far i could only find a planned inclusion in paperless, and ~~maybe a cludge for homeassistant?~~ a PR in Home Assistant Companion.

I've found a Reddit post recommending the usage of mTLS cert rules, but looking into that I just feel overwhelmed.

[–] [email protected] 1 points 1 year ago

I've looked at mTLS certs as well, but think you'd run into the same issue there as Service Tokens (app needs to support it).

It really is a shame, because Cloudflare Tunnels / Access is great otherwise. Just troublesome to have non-browser access.

[–] [email protected] 1 points 1 year ago

homeassistant community store has a cloudflared add-on that works great to get it to easily work over cloudflare tunnels