You’ll have to strike a balance between security and ease. Your two major options are reverse proxy and VPN (Tailscale is one option for VPN)

For reverse proxy, you functionally open the app to the internet. Anyone with the correct web address can access the login page. This is inherently less secure than VPN, but not irresponsibly so. Beyond the reverse proxy itself, you’ll also have to learn how to configure an HTTPS certificate to increase security since it will be open to the internet.

For VPN, every user you want to be able to access the service has to be tied into the VPN and have the VPN running throughout their access. Tailscale is arguably the easiest way to configure a VPN right now, as you won’t have to manually deal with VPN configuration files for every device. VPN use will functionally make it like you’re on your home network. VPN access to your network should not be given to tons of people if at all possible.

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

6 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.

[Thread #371 for this sub, first seen 24th Dec 2023, 14:05] [FAQ] [Full list] [Contact] [Source code]

given that you’re looking at vpns I’m assuming you can’t do port forwarding on your network. Am I right?

Have you seen zerotier? it lets you create a virtual network. super easy to setup but in the default configuration you’re relying on a third party service. not sure if that’s ok with you.

The most user-friendly way to do it is hosting it on a https server. for this you need a reverse proxy. checkout caddy. or if you’re on docker try traefik.

Most home isps don’t let you open port 80 and 443 so you have to use alternative ports which is ok for https but it will make renewing certificates really hard. you have to do it with dns. if it works great. but in my experience it was usually finicky.