Lumi Nails & Med Spa โ reach LumiOS from your phone, safely (for the manager/installer)
Why
The one reason: to control LumiOS from outside the salon (your phone at home or on the road),
over a private, encrypted connection โ without ever putting a door-and-security system on the public internet.
Inside the salon on Wi-Fi you don't need any of this; it's only for the away-from-building case and phone alerts.
Read this first โ two things people get wrong:
Installing the app + push alerts need a real HTTPS address. Plain device/Wi-Fi/Tailscale
IP addresses (http://โฆ) are treated as "insecure" by phones, so "Add to Home Screen" and
notifications won't turn on. You need a proper https:// name (set up below). Use that same HTTPS
address even on the front-desk tablet so the app installs there too.
Push alerts need the LumiOS host to have internet. Control still works fully offline (local-first),
but the alert itself is sent out through Apple/Google's servers โ so an outage means no push goes out until
the internet is back. iPhones also require iOS 16.4+ and "Add to Home Screen" first.
Option A โ Tailscale (recommended ยท free ยท no domain)
A private network app. Only your own devices can reach LumiOS; nothing is exposed to the public.
Make a free Tailscale account.
Install Tailscale on the LumiOS host (the mini-PC/Pi) and sign in.
Turn on its HTTPS address: run tailscale serve https / http://localhost:4200.
This gives a secure name like https://lumios.your-tailnet.ts.net.
Install the Tailscale app on each phone that needs remote access and sign in to the same account.
Put that https://โฆts.net address on the Install guide sheet. Open it โ Add to Home Screen โ enable alerts.
Note: a phone needs the Tailscale app connected to open/use LumiOS remotely.
(Push alerts still arrive via Apple/Google even when Tailscale is off โ but to act on one, you open the app through Tailscale.)
Option B โ Cloudflare Tunnel (uses your existing domain)
Gives a nicer fixed address and doesn't require the Tailscale app on each phone. You already own
luminailsandmedspa.com, so there's nothing to buy โ use a subdomain like
lumios.luminailsandmedspa.com.
Add the domain to a free Cloudflare account; install cloudflared on the LumiOS host.
Create a tunnel pointing the subdomain at http://localhost:4200 โ Cloudflare provides the HTTPS.
Keep it private: require sign-in (Cloudflare Access) and rely on LumiOS's own login + 2FA.
Which to pick
Tailscale
Cloudflare Tunnel
Cost / domain
Free, no domain
Free, uses your domain
App on each phone?
Yes (Tailscale app)
No
Public-facing?
No โ fully private
Yes, but behind sign-in
Best for
You + a few managers
A memorable shared address
Never skip the protection. Because LumiOS unlocks doors, do not port-forward it or put it on a
plain public URL. Always keep it behind Tailscale (private) or Cloudflare Access, plus LumiOS's own
sign-in with owner 2-factor on and the demo PINs/passwords changed.