Self-Hosted Main

502 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

[email protected]

Benefits of Cloudflare Access (alien.top)

submitted 10 months ago by [email protected] to c/[email protected]

26 comments fedilink hide all child comments

For a self-hosted application with a valid SSL certificate and support for OAuth, what are the benefits that Cloudflare Access provides? From what I can tell, it also filters traffic to possibly block attacks? Can it even be used with a self-hosted app if you aren't also running Cloudflare Tunnel? Is there a better alternative (that also integrates with major OAuth providers like Google, Github, etc) for self-hosters? Thanks for the help in understanding how this works.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 10 months ago (1 children)

I use it within my Kubernetes to expose services outsides my house, and then I use Azure AD to manage access.

I know this isn’t very self hosted, but for me where I have a dynamic IP and don’t want to play with port forwarding, it’s really good. Nice and easy especially with Kubernetes and the helm chart I wrote

[–] [email protected] 1 points 10 months ago (1 children)

Don’t you need to configure DDNS regardless? And port forwarding as well unless you went with tunnels?

[–] [email protected] 1 points 10 months ago (3 children)

For cloudflare tunnels no, it does a nat punch through I think it's called, where it connects from inside your network out to 2 edge locations to cloudlfare, where it then can send traffic back and forwards.

If I wanted to expose by port forwarding, then yes you are correct, I could configure ddns.

Personally, I would configure my own version of DDNS where it's just a cron job once every 5 minutes to run terraform and check if my public IP has changed, and if it has run an apply.

Does that answer the question?

[–] [email protected] 1 points 10 months ago

Whoa that’s a clever solution for ddns

[–] [email protected] 1 points 10 months ago

Ye, I though tunnels needed a public ip still but it makes sense it doesn’t given there’s a service running in your network that can do that check

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago)

There's a great tiny little program/docker container called cf-ddns that is great for this