Looking to use webhooks in HA but confused as to how to securely expose them to public internet. Use case: I have a Google apps script that will notify me using a webhook when it runs. The script runs successfully but I have not fully implemented Tailscale for the webhook endpoint because I want to ensure I don’t expose an insecure endpoint. HA setup: Win11 host using VirutalBox to run HAOS.
Currently I have Tailscale deployed and it allows me access to my HA instance when I’m away from my home. I don’t necessarily care to expose the HA login page since I have my current setup working; I would like to only expose webhook endpoints using Tailscale (or some other secure method).
I’ve searched through and found many different posts but all signs seem to point to exposing the HA login page to public internet if I allow Tailscale funnel and I’m concerned I may break my current setup that is really easy to use. Is there a preferred method of securely exposing HA webhooks for use with other applications?