this post was submitted on 13 Aug 2023
72 points (96.2% liked)

Selfhosted

40347 readers
565 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Right now I’ve been using Tailscale because it automatically adapts to my network conditions. If I’m at home, it’ll prioritize local network connection, but when I’m out and about, it’ll automatically beam a direct connection or use a relay.

One gripe I have about it is I can’t run it alongside my normal VPNs on my mobile devices. I have to choose between one or the other.

I have tried Cloudflare Tunnel before, but using it for streaming, like Jellyfin, is forbidden. There’s also the added latency and slowness to having to hop through multiple DCs to reach Cloudflare and back.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 1 year ago (2 children)

I just have all my services exposed through reverse proxy with whatever authentication they have on their webpage. I see most people using VPN which I know is the more secure option but I like the zero setup of just typing in the name of the service I want to go to and just having it work. Is there a better way to secure this?

[–] [email protected] 7 points 1 year ago

add fail2ban, so they cannot brute force the web interface.

[–] [email protected] 7 points 1 year ago

Do authentication in the reverse proxy if you can (e.g., basic auth or forward auth like Authelia, the second also has the benefit of SSO).