certuna

joined 11 months ago
sorted by: new top controversial old
Using Cloudflare tunnels for exposing services in c/[email protected]
[–] [email protected] 1 points 9 months ago

You can use Cloudflare without the tunnel too, then it’s just a reverse proxy.

Can not ssh into server over ivp6 address in c/[email protected]
[–] [email protected] 1 points 9 months ago

2a01:4ff:1f0:c2f8::/64 is the whole subnet, your server will have one (or more) addresses in that subnet. This could be 2a01:4ff:1f0:c2f8::1, but could also be a randomly generated suffix.

How to "reverse Proxy" to my self hosted service (like cloudflare tunnel) in c/[email protected]
[–] [email protected] 0 points 9 months ago (1 children)

However, I'd prefere not to open ports at home

But why? Opening one incoming port is not an issue if you only allow connections from the VPS in the firewall on that port. Keeping a 24/7 tunnel up is certainly possible, but it adds another layer of complexity/reliability.

What's the biggest reason you self-host? in c/[email protected]
[–] [email protected] 1 points 10 months ago

Because hosting commercially with large (multi-TB) storage gets very expensive very quickly

Why pay over $100.00 for dynamic dns services. in c/[email protected]
[–] [email protected] 0 points 10 months ago

Many domain registrars don’t have an API, so then services like no-ip are your only option.

how does my isp know my device? in c/[email protected]
[–] [email protected] 1 points 10 months ago (1 children)

they route your traffic, they know where it’s going.

What top-level domain do you use in your local network? in c/[email protected]
[–] [email protected] 1 points 10 months ago

.local is mDNS - and I'm using that, saves me so much hassle with split-horizon issues etc.

I also use global DNS for local servers (AAAA records on my own domain), again, this eliminates split-horizon issues. Life is too short to deal with the hassle of running your own DNS server.

Ways to access a server behind CGNAT safely? in c/[email protected]
[–] [email protected] 1 points 10 months ago (2 children)

/r/Zerotier or /r/Tailscale

with the caveat that this entails installing a application on the client device that accesses the server & whitelist it - so workable if you're accessing your server using your own phone/laptop, not so much on a random company PC or your friends.

If you want 'random' externals accessing your server, you'll have to VPN out to a third party server that forwards ports, or host the entire thing in the cloud.

Accessing self-hosted stuff behind ISP's CGNAT in c/[email protected]
[–] [email protected] 1 points 10 months ago

Tailscale/Zerotier yes. Other option is tunnel out to a 3rd party VPN server with port forwarding: cloudflare does that, and a number of others.

Do network operators in Western Europe give away routers with Wi-Fi capabilities? in c/[email protected]
[–] [email protected] 1 points 10 months ago

Yeah that's nearly universal. Primary reasons are:

  • security: if you leave it to the customer, 99.9% of them will never update router firmware, so nearly all your customers are vulnerable (or already have zombie router)
  • lower support costs: if everyone has the same router, much easier for support
How do you handle your local DNS on your mobile device? in c/[email protected]
[–] [email protected] 0 points 10 months ago (1 children)

with iOS/iPadOS it's as simple as downloading a DNS profile https://www.reddit.com/r/Adblock/comments/koowte/encrypted_dns_profiles_for_ios_14/

IPv6 hosting on Starlink connection in c/[email protected]
[–] [email protected] 1 points 11 months ago

If I look at that screenshot it looks like you can define specific rules? The only problem i see is that you’re using link-local (fe80:: address) as the Local IP, that should be the stable global one (2a0d:xxxx:3040).

view more: next ›