I am rebuilding my system and I have a few questions related to network set up. I have installed a new Unifi system, set up IoT VLAN and opened port for HA. That part I THINK is right. My questions lie with setting up DuckDNS and Let’s Encrypt. I plan on doing more self hosting stuff in the future. Can/Should I be doing things like Dynamic DNS and certificates via an entity outside of HA such as my router or some other container in the “system” or is it better to handle HA’s requirements inside of HA itself?
Additionally, in my current config I can only reach the HA brain via the DuckDNS URL. What sort of set up is required to have the unit accessible when the internet is down? Seems with the mobile app it is the URL or nothing. What do I need to be doing for internal access when on local LAN?
I am running it on the HA Blue hardware and I plan to rebuild from scratch if that matters. I am sketchy on the network set up and making sure things are all secure. Bit paranoid lol. So if you have any good set up guides on this portion it would be appreciated. Thanks.
@KingOogaBooga for the DNS part:
I have indeed a #pihole running in my local network where I host a nextcloud instance with a fix IP address.
If I am connected to my local network with a client or want access via a browser, pihole returns this IP address to my device.
If my device is connected to the internet one of the DNS server handling dynamic IPs will return the official current IP address of e.g. a Home assistant server.
It is mostly a point of easier and faster. Why should my device connected to my local Wlan go out to the internet just to use my server in the local Wlan?
You don’t really need a reverse proxy if you have just one application running on one server. But the more applications you are hosting the easier is it for handling SSL certificates for all of them
@lorentz