I am running the latest (Home Assistant 0.112.2, HassOS 4.11). What I want to do is trust my home network except for the host that runs my caddy reverse proxy. From what I have been able to find, there is really no way to do this, but some of the posts that say so are two years old, so I wanted to check. Is there any way to trust a network and exclude a single IP? Failing that, is there a way to list individual IP addresses to trust?
Is there a better way to do what I want? I would rather not have to enter a username and password when connecting from my home network, because that will likely break push updates from some devices, but I certainly do not want anyone to be able to use my reverse proxy to get free access to HA.
Hi Greg,
Can you give a little more information please. When you say ‘trust the home network’, do you mean trust it to connect to another network without specific user authentication?
Can you give some context around what you are trying to achieve.
Cheers
Nick
What I want is for devices on my home network to be able to log in without being prompted for a login and password, to be authenticated just because they come from the home network. But the internal interface of my caddy server is, of course, also on that network, so I want to exclude reverse proxied connections from outside from being able to log in without username and password, thus exclude the IP address of the caddy box.
…and I did find a better way to do it. Finally thought of checking to see if caddy could do it, and it can. I can just set up a basicauth directive for the proxied port 8123 connections. Works great. So I should be able to configure HA to trust my entire home network.