I’ve began to try and better architect my Home Lab setup. Starting off with the network having segmented the network via vlans into functions and access levels, spun up a NUT server to help coordinate shutdown, and during setup of the NUT configuration for the server and clients saw a few instances of folks using Home Assistant as a home lab dashboard and for control of some basic functions of their servers.
This led me to look at how instead of using a traditional NUT server and clients to instead use home assistant as an automation coordinator.
The basic idea would be to have home assistant sit in the management vlan be able to get status from all servers and services, but also automation to perform tasks like shutdown on power failure instead of nut server/client setups (I admit that it would still need a NUT addon to communicate with the UPS).
I would gain the ability to monitor and manage some basic functions in a single place.
But this got me thinking about the security implications of such a setup, something I was careful about when setting up the vlans.
So what are your thoughts on management services like home assistant (which is given elevated access to control servers) vs individual server/services that, for the case of NUT poll a server to take action.
The former requires that I give Home Assistant access to the servers via the api, ssh, or IPMI, etc to facilitate control.
The later seems more secure but adds complexity when attempting to communicate across multiple vlans to manage similar functions like powering everything off.
Thanks for your input