removed by mod
fedilink
@keyez@lemmy.world
link
fedilink
English
69M

I think the simplest setup is keeping all the apps and services on the local network and doing something like this guide so they are always behind a VPN. Then setup another VPN on unraid or another device to access from outside the local network. There are plenty of other guides for unraid and Plex and the arr stack out there, unraid is just what I use but can use whatever OS you would prefer.

https://unraid-guides.com/2021/05/19/how-to-route-any-docker-container-on-unraid-through-a-vpn/

@areyouevenreal@lemm.ee
creator
link
fedilink
English
29M

a) I am not using unraid

b) I was aware of using tailscale or a VPN. I don’t really want to do that as it requires running my whole connection through home Internet.

c) I also want to setup a reverse proxy even if I do only use it locally just so I am not dealing with ports and IPs. No bookmarks are not practical I have too many as it is.

d) At this point I am doing this the “right” way or at least the complex way because I can.

@constantokra@lemmy.one
link
fedilink
English
19M

A, great. Overly complicated. B, wireguard lets you set your allowed IPS to your networks’s subnet so you only tunnel that traffic. C, that’s ideal. Use nginx proxy manager. It’s super simple. Buy a domain and you can use letsencrypt for SSL so you don’t get http nag messages from your browser. Old suggest something with cheap renewals like ‘.rodeo’ or ‘.top’. D, there are many right ways. Personally, i’d set up your services in a docker compose file, all behind gluetun as a VPN for your torrent service. I’d set up a wireguard VPN on a pi zero elsewhere on your network so you can access everything from outside, and on your wireguard clients i’d only tunnel the traffic to your network’s subnet. Unless you want everything behind the same VPN you use for torrenting. In that case i’d run a wireguard service in the same docker network as gluetun, so you can tunnel all your client traffic through that. You could even out a dns server in there as well, and manually set a domain name to your server’s ip so you don’t have to buy a domain name. Course, then you can’t use letsenceypt SSL.

@jmp242@sopuli.xyz
link
fedilink
English
19M

Well, what you could do is run a DNS server so you don’t need to deal with IPs. You could likely adjust ports for whatever server to be 443 or 80 depending on if you’re internal only or need SSL. Also, something like zerotier won’t route your whole connection through your home internet if you set it up correctly, consider split tunneling. With something like zerotier it’ll only route the zerotier network you create for your devices.

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 126 users / day
  • 421 users / week
  • 1.16K users / month
  • 3.85K users / 6 months
  • 1 subscriber
  • 3.68K Posts
  • 74.2K Comments
  • Modlog