Domoticz

R0yk3 wrote: ↑Thursday 21 September 2017 13:42 Why not use a vpn connection?

Sounds like a better solution.

how about using the login page of domoticz together with the well documented reverse nginx proxy setup from the wiki, this is as secure as you can get at this moment of time.....

That is indeed the best solution I think, but a bit harder to configure for a lot of people

jannl wrote: ↑Thursday 21 September 2017 14:14 That is indeed the best solution I think, but a bit harder to configure for a lot of people

Well, after upgrading my Domoticz server HW to a R-Pi-3, I have a spare type-2 laying around. I'll have a go at setting that up as VPN server.
Or is it safe enough to run VPN on the same Pi as Domoticz?
Somehow it "feels" like a better solution to keep them separate, but....

Seperate seems better. My VPN runs on my router (Fritzbox)

jannl wrote: ↑Thursday 21 September 2017 15:44 Seperate seems better. My VPN runs on my router (Fritzbox)

Ah, there's an idea! I have a modem from my supplier that might hack it, and if that doesn't I can always try my own router (Netgear R9000). Thanks for the tip! I hadn't thought of that.

jannl wrote: ↑Thursday 21 September 2017 15:44 Seperate seems better. My VPN runs on my router (Fritzbox)

Why do you think it seems? What are the real risks?

As long as the vpn is not the first entry point, other hosts might get exppsed. Also depending on the security of your router.

Verstuurd vanaf mijn SM-G930F met Tapatalk

I installed Domoticz and Openvpn on 1 rpi. In my router I only opened the openvpn port. At this point I'm a noob but I thought I'm safe. Now I'm beginning to doubt. Is that doubt right?

You are safe enough. No one will ever be 100% safe. Keep everything updated and you are good.

Verstuurd vanaf mijn SM-G930F met Tapatalk

manjh wrote: ↑Thursday 21 September 2017 17:08

jannl wrote: ↑Thursday 21 September 2017 15:44 Seperate seems better. My VPN runs on my router (Fritzbox)

Ah, there's an idea! I have a modem from my supplier that might hack it, and if that doesn't I can always try my own router (Netgear R9000). Thanks for the tip! I hadn't thought of that.

I let my (ziggo) router put in Bridge modus. So my router (r7000 with merlin firmware) handles directly the VPN requests. Works like a charm behind that i have my domoticz behind a password no https.

I decided to go the safe way: installed a VPN server, added it to my Domoticz R-Pi3.
Installation was really simpel: PiVPN. Check it out, it installs itself and only asks for a few minor things.
CPU load on the R-Pi did not increase much, it used to be at a steady 3%, now at 4.5%. Still well within safety margins.

how can i install fal to ban on my rpi near domoticz?

apt-get install fail2ban?