Remote Access

Use this page when you want secure browser access to your OmniLux server outside your home network.

Recommended approach

For the public docs, the recommended path is simple:

1. Keep OmniLux working locally first.
2. Put it behind HTTPS with Reverse Proxy.
3. Expose only ports 80 and 443 on your router.
4. Use the viewer web app when you want limited browser access for other people.

Cloud relay vs direct access

These are different things.

• Direct LAN, VPN, and user-owned reverse-proxy access are part of your self-hosted setup.
• OmniLux relay is the cloud-mediated remote access path for self-hosted servers.
• Billing policy only applies to the relay path, not to your own direct access methods.

See Cloud Product Contract if you want the current hosted policy in plain language.

Public domain + reverse proxy

Setup

1. Add a DNS A record such as omnilux.yourdomain.com pointing to your public IP.
2. Forward external port 443 to the machine running your reverse proxy.
3. Configure Caddy, Nginx, or Traefik to proxy traffic to OmniLux on port 4000.
4. Verify HTTPS works before sharing the server outside your home.

Example Caddy site block

omnilux.yourdomain.com {
    reverse_proxy localhost:4000
}

Security considerations

• Always use HTTPS and never expose port 4000 directly to the internet.
• Use a strong admin password and keep OmniLux updated.
• Share the viewer web app instead of the full admin UI when someone only needs playback.