Hi! First time pve installer here and I'm trying to setup:
OPNSense (VM), Home Assistant OS (VM), Frigate NVR (LXC) in one machine.
I want to configure a firewall/router, set up VLANS on my switch and to run a CCTV system + IoT devices.
I travel a lot so I would like to have remote access to my system. While I want to restrict internet access to frigate, I would like to access pve, OPNSense, and Home Assistant if something has to be configured remotely.
I just bought a custom domain (for testing, it was only £0.70 for 1 year)
From a security standpoint, what would be the "best" option for this?
A) Setting up a custom domain + OPNSense + Unbound + cloudflare zero trust tunnels? Letsencrypt certificates? DNS Challenge? (still researching for a route)
B) *.home.arpa + set up OPNSense + WireGuard VPN access? (still researching for a route)
FYI, Everything I mentioned above are just what I could gather from the internet therefore, I have zero experience and extremely limited knowledge. Please feel free to suggest or correct me if I'm wrong.
Thanks!
OPNSense (VM), Home Assistant OS (VM), Frigate NVR (LXC) in one machine.
I want to configure a firewall/router, set up VLANS on my switch and to run a CCTV system + IoT devices.
I travel a lot so I would like to have remote access to my system. While I want to restrict internet access to frigate, I would like to access pve, OPNSense, and Home Assistant if something has to be configured remotely.
I just bought a custom domain (for testing, it was only £0.70 for 1 year)
From a security standpoint, what would be the "best" option for this?
A) Setting up a custom domain + OPNSense + Unbound + cloudflare zero trust tunnels? Letsencrypt certificates? DNS Challenge? (still researching for a route)
B) *.home.arpa + set up OPNSense + WireGuard VPN access? (still researching for a route)
FYI, Everything I mentioned above are just what I could gather from the internet therefore, I have zero experience and extremely limited knowledge. Please feel free to suggest or correct me if I'm wrong.
Thanks!