![](https://lemmy.sdf.org/pictrs/image/8e91ae0e-1cf2-4855-a466-d27c914319e3.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
Thanks for the suggestion.
I fuck numbers.
Thanks for the suggestion.
Where are you, if I may ask? Their Intel offers are not based in the US. Most of the time, I’ll access it from inside US, so I’m worried about the latency.
Without anything extra, there are three ways of doing it:
In each case, you’ll need a reverse proxy (e.g. Caddy) if you want secure https connections.
If you’re willing to spend money, the better way would be to proxy through a VPS (using something like a Wireguard tunnel). In that way, you won’t have to open ports on your home router. You can get a very cheap one since proxying doesn’t need much CPU power. Just choose one with enough bandwidth. I personally proxy most of my stuff through a $12/yr RackNerd VPS.
My setup looks like the following:
/etc/wireguard/wg-vps.conf on the VPS
-----------------------------------------------------
[Interface]
Address = 10.8.0.2/24
ListenPort = 51820
PrivateKey = ********************************************
# packet forwarding
PreUp = sysctl -w net.ipv4.ip_forward=1
# port forwarding 80 and 443
PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.8.0.1:80
PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.8.0.1:443
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.8.0.1:80
PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.8.0.1:443
# packet masquerading
PreUp = iptables -t nat -A POSTROUTING -o wg-vps -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o wg-vps -j MASQUERADE
[Peer]
PublicKey = ********************************************
AllowedIPs = 10.8.0.1
/etc/wireguard/wg-vps.conf on my home-server
---------------------------------------------------------------
[Interface]
Address = 10.8.0.1/24
PrivateKey = ********************************************
[Peer]
PublicKey = ********************************************
AllowedIPs = 10.8.0.2
Endpoint = <VPS-DDNS>:51820
PersistentKeepAlive = 25
Now, just enable the tunnel using sudo systemctl enable --now wg-quick@wg-vps
. Make sure that the port 51820, 80, and 443 are open on the VPS. Now, allow 80, 443 through the firewall on the home-server (not on the router, just allow it locally), and it should work.
I’m afraid that I don’t have any guides. But, you’re halfway there anyway. Which one of these methods do you prefer? I can maybe give you some pointers.
I have a wireguard tunnel set up between my home server and the VPS, with persistent keepalive. The public domain name points to the VPS, then I have it set up (simply using iptables) so that any traffic there in port 80 and 443 is sent back to my honeserver and there it’s handled by caddy, and sent to the actual service.
The only ports I need to open are 80 and 443 on my VPS to make this setup work. So, no open ports on my local machine. This does however require you to pay for VPS. Since you aren’t doing much on it though, you can get away with a cheap one. I have a $12/year VPS from Rack nerd that I use for this job.
For completely free options, you can do one of three things. (That I can think of. There are probably more ways.)
P.S. If you need help setting any of these up, lmk.
I currently use Wiki.js but it’s a bit too much. The image size is around 500MB. I don’t see why I need such a huge program for hosting essentially text files and some images.
From the comments, DokuWiki with a modern theme, Fossil-SCM, and MkDocs seem nice. I’ll probably try some of these during the weekend.
Hadn’t heard of it before. Looks promising, thank you.
deleted by creator
Try out fileshelter. It’s super lightweight and works pretty reliably.
I don’t, because I switch it with something better if something like that happens.
They’ve not been used too much, I think. My laptop had very typical laptop usage: browsing, reading docs, coding, nothing storage intensive. On the server, the most intensive usage is for PhotoPrism and Jellyfin, and I don’t think that’s anything out of the usual.
I just have a couple of headless AlmaLinux boxes. Almost all of my apps are set up inside docker containers. If I have some time, I do plan to change the system to Debian stable/NixOS, given the recent RHEL drama. But otherwise, I think this is the way to go. Self hosting “solutions” tend to actually create more problems than they solve.
For tailscale/wireguard, you just need to open the port in your machine as if you’re using it locally. No need to forward port in your router. For all intents and purposes, you can treat all devices in your tailscale network as if they were local devices.
You don’t actually need to do reverse proxy while using tailscale. You can just use ports as if you’re on a local network.
The price is super low, but it’s been very reliable. Will highly recommend. You can see their current offers here.
If you want a free solution, wireguard and tailscale are your friends. It you’re willing to pay, get a cheap VPS (the one I use for this is from RackNerd for ~$12/yr). It’ll make the process very user friendly if you’re planning to share it with others.
Nowadays, I build them locally, and upload stable releases to registry. I have in the last used GitHub runners to do it, but building locally is just easier and faster for testing.
A great option that I personally use is FileShelter. It’s super light and seems to perform very well.
No, unfortunately.
Thanks, I’ll check it out.