- I’m testing out HA docker with an independent ESPHome using
Integrate a webpage as a dashboard - My HAOS today is exposed on the internet and add-ons are secured by HAOS’ auth including ESPHome
- How do you guys make sure an independent ESPHome requires auth from public internet that also runs seamlessly in HA docker?
HAOS achieves this through its ingress feature for add-ons.
There is a custom integration that performs this feature for container installations:
Other options are to use VPN, or you can use one of any number of single-sign-on solutions like Authelia, Authentik, Keycloak, etc.
1 Like
What do you mean by secure
Secure in network?
I created docker network that blocks containers from wan and lan. The containers can only talk to each other and some to no other container. If access is needed it’s provided through caddy
Some container require wan so for thus I have seperate docker network
I use macvlan networking where needed. No host network
Valid https cert?
I have domain name I only use for my home and secure with letsencrypt cert.
thanks this is what i need
i updated my OP to address ur questions, basically don’t want others to be able to load the URL as-is without authentication, yet I want to access the page without authentication inside HA companion app.
Wanted to thank you again, it opened up a world that I did not know was possible
1 Like
Glad that helped. I haven’t yet played around with any of those solutions yet (I use VPN when I need access) but it is on my near-term to-do list. I would be interested to hear a follow up when you figure out what worked best for you and why.
I have always exposed my HA to the internet, with HA docker, I had to separately expose my add-ons each to the internet and utilize their own authentication mechanism, just troublesome.
hass_ingress allows me to hide everything behind HA docker’s authentication.
1 Like