I have been diving into posts for days and, the more I read, the more confused (and security concerned) I am.

I have set up a server running some services such as (but not limited to) Home Assistant. I have some rules in HA that depend on my location, so my instance needs permanent connection to the HA phone app when I am away. So far, I have worked around it with Tailscale, but there are two drawbacks: 1) a permanent Tailscale connection drains out my phone battery, 2) if I activate Tailscale manually, I would need to (remember to) do every time I move in and out of my delimited zones, which is impractical.

I know other alternatives:

• VPNs: same battery issue if running a 24/7 connection, plus all my traffic being redirected which I do not need.
• Cloudflare Tunnel: many people suggesting to avoid due to the unencrypted traffic on their servers.
• Tailscale Funnel: seems like their predictable URLs and lack of other defensive resorts (unlike Cloudflare) are a potential security issue.

Are there other alternatives not necessarily involving VPS or other systems, that can expose my HA instance (and other services) while keeping HA and my network secured?