this post was submitted on 31 Oct 2023
1 points (100.0% liked)

Self-Hosted Main

502 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
[email protected]
1
Accessing your resources away from home (alien.top)
submitted 10 months ago by [email protected] to c/[email protected]
8 comments fedilink hide all child comments
 

Hello nerds!

How do you go about accessing your self-hosted resources when you're away from home?

I've used portforwarding, VPN, Tailscale and Headscale in that order but recently switched to Nebula.

Tailscale/Headscale was probably better than Nebula, but I just couldn't stand trusting either Tailscale or the VPS used to host Headscale.

With Nebula I don't need to trust the lighthouses, because they can't access my network even if compromised. I also really like the built-in firewall that's looking at node certs when filtering traffic.

top 8 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 10 months ago

Good old WireGuard. Takes 20 seconds to add a new peer if I want to invite someone new. Don’t really get the point of using proprietary solutions like ZeroTier or Tailscale for this.

[–] [email protected] 1 points 10 months ago

I use port forwarding with Nginx and Crowdsec for the services I want widely exposed, and Wireguard for those I want accessed only by myself.

[–] [email protected] 1 points 10 months ago

Choose either or with or many upto you.

Tailscale, Wireguard server, zerotier, Cloudflare Tunnels

My primary are Tailscale for LAN only applications on cloud and home. Cloudflare tunnels for access over internet for some applications.

Mainly i stick with Tailcsale but for few applications to share with friends and family whom i don't want to have the access of the whole Tailscale network so CF tunnel with Zero Trust authentication on all applications with OCID hosted at home (Authentik)

Currently working on deploying Headscale (Self hosted Tailscale) to have complete control over my network rather than relying on Tailscale Control node.

[–] [email protected] 1 points 10 months ago

I have wiregard server on my unraid server and I have a backup on a raspberry pi

[–] [email protected] 1 points 10 months ago

Wireguard to my pFsense VM. Drop the gun, walk away.

[–] [email protected] 1 points 10 months ago

My router came with a wireguard gateway. As I have a dynamic IP I set wireguard up with a ddns domain pointing to my IP.

[–] [email protected] 1 points 10 months ago

ZeroTeir

[–] [email protected] 1 points 10 months ago

If you don’t trust Tailscale OR THE VPS YOU ARE ROOT ON YOURSELF, you should maybe not host anything.

Also: you probably haven’t understood how Tailscale works: it only mediates the connection but the provider servers are not in between two participants in your network (except relay). Those are direct connections.