• 0 Posts
  • 5 Comments
Joined 1 year ago
cake
Cake day: March 10th, 2025

help-circle
  • This.

    And graphene actually makes things very easy for you: every profile can have regular and private version of any given app.

    The private side is essentially a different user with its own set of vpn options but you can easily navigate in between provate and normal apps.

    Im using the regular profile for staying connected to home. All traffic is routed to home and then to proton.

    Everything in the private section goes through regular proton vpn(the app on the phone) so any traffic to the web also has a different exit node to my “home” traffic (albeit a proton one).

    I then have a separate profile called incognito with only proton pass, vpn and onion browser on it.





  • I’ll add pangolin to the list of things to think about trying. It was relatively easy to set up and it can run locally or on a vps. If it’s on a vps you dont need a constant IP or ddns because your hone server will connect to pangolin on the vps and the vps will serve the apps. youll point the dns records to your vps.

    It’s what i use for my extended family to reach my immich instance. No complaints yet whatsoever. It’s traefik+crowdsec+wireguard under the hood but all abstracted into a maintained, easy to use GUI. Youll have granular control over which users can use which services/subdomains and geoblocking etc is effortless.

    I put a centralised authentication layer (pocket id) on top of it for easier enrollment across various apps im running but for homeassistant only the built in 2FA should be enough.