Secure access to trusted services, authenticated through Google Cloud OAuth. Invite-only for family and friends.
Authentication and authorization happen in three straightforward steps:
Sign in using your Google account. Your credentials never touch our servers—authentication is handled entirely by Google Cloud.
Your Google account is verified against an allowlist of authorized users. Only pre-approved accounts can proceed.
Once authorized, you gain access to private services through a reverse proxy. Sessions are encrypted and time-limited.
This gateway is built with a privacy-first, security-focused architecture:
Your password never reaches this server. Google handles all credential verification using industry-standard OAuth 2.0.
Access is restricted to manually approved Google accounts. There is no self-service registration or public access.
All connections use TLS 1.3. Sessions are secured with HTTP-only cookies and CSRF protection.
No analytics, no third-party scripts, no advertising. Minimal logging for security purposes only.
Backend services run on private infrastructure. Data never leaves the homelab environment.
Sessions expire automatically. Re-authentication is required periodically to maintain access.
This gateway leverages enterprise-grade infrastructure components: