one of my motivations for moving to opensprinkler was to access opensprinkler from remote locations from a mobile phone.
While opensprinkler has been running fine, early this year I worked on adding the remote support.
I watched the video about configuring port forwarding on the router, however I had the concern about the lacking TLS support. Without TLS, all passwords for authentication are send unencrypted over the internet. As I want to control the irrigation and not someone who got hold of a cookie, this is not an option for me.
This is my solution using another raspberry pi lying around:
– I installed nginx on the additional raspi
– I configured a dynamic DNS on my router.
– Based on the dynamic DNS I used letsencrypt to get a TLS certificate. This gives a certificate trusted by the usual browsers.
– configured nginx running TLS on port 443 to proxy all traffic to opensprinkler.
– opened port forwarding on my router for port 443.