Remote Access Setup

Lumi Nails & Med Spa โ€” reach LumiOS from your phone, safely (for the manager/installer)

Why

The one reason: to control LumiOS from outside the salon (your phone at home or on the road), over a private, encrypted connection โ€” without ever putting a door-and-security system on the public internet. Inside the salon on Wi-Fi you don't need any of this; it's only for the away-from-building case and phone alerts.

Read this first โ€” two things people get wrong:

Option A โ€” Tailscale (recommended ยท free ยท no domain)

A private network app. Only your own devices can reach LumiOS; nothing is exposed to the public.

  1. Make a free Tailscale account.
  2. Install Tailscale on the LumiOS host (the mini-PC/Pi) and sign in.
  3. Turn on its HTTPS address: run tailscale serve https / http://localhost:4200. This gives a secure name like https://lumios.your-tailnet.ts.net.
  4. Install the Tailscale app on each phone that needs remote access and sign in to the same account.
  5. Put that https://โ€ฆts.net address on the Install guide sheet. Open it โ†’ Add to Home Screen โ†’ enable alerts.
Note: a phone needs the Tailscale app connected to open/use LumiOS remotely. (Push alerts still arrive via Apple/Google even when Tailscale is off โ€” but to act on one, you open the app through Tailscale.)

Option B โ€” Cloudflare Tunnel (uses your existing domain)

Gives a nicer fixed address and doesn't require the Tailscale app on each phone. You already own luminailsandmedspa.com, so there's nothing to buy โ€” use a subdomain like lumios.luminailsandmedspa.com.

  1. Add the domain to a free Cloudflare account; install cloudflared on the LumiOS host.
  2. Create a tunnel pointing the subdomain at http://localhost:4200 โ€” Cloudflare provides the HTTPS.
  3. Keep it private: require sign-in (Cloudflare Access) and rely on LumiOS's own login + 2FA.

Which to pick

TailscaleCloudflare Tunnel
Cost / domainFree, no domainFree, uses your domain
App on each phone?Yes (Tailscale app)No
Public-facing?No โ€” fully privateYes, but behind sign-in
Best forYou + a few managersA memorable shared address
Never skip the protection. Because LumiOS unlocks doors, do not port-forward it or put it on a plain public URL. Always keep it behind Tailscale (private) or Cloudflare Access, plus LumiOS's own sign-in with owner 2-factor on and the demo PINs/passwords changed.