However, using TAP (which has higher overhead) allows me to connect with layer2 protocols which even let me play things like Steam games streamed from my workstation.
Nearly all of my self hosted apps use a standard tunnel. Personally, I use pfSense self-hosted at the house as it allows me to set up both TAP or TUN OpenVPN tunnels. Just like you are doing now, a strong VPN in this case is a must. However, that's silly when your hosting an internet based app (such as Subsonic, PlexTV, ResilioSync, SyncThing) stuff that you set up because you want to access via the internet. The only way to truly prevent this is not to allow internet access to the service. Truth is that no app is perfect and it is always a possibility that someone will get in through an app or worse, shell access. Yes, you could have a stronger password, but in all honesty, it doesn't amount to much if one of the apps you are hosting has a vulnerability that hasn't been patched (or known publicly) yet. I pretty much self host everything now.įirst thing - never ever trust the security of the application you are trying to self host. Please help, this seems to straight forward, but im obviously missing something.Ĭouple of notes here coming from someone that has over 40+ VMs, LXC and Docker containers combined. However most people use NGINX for their reverse proxy, id prefer to use Caddy as I find it much much easier, and it has letsencrypt builtin so I can have HTTPS access to all my servers. Im not dead set on Tinc, it just seems to be the go-to for this kind of setup. I managed to follow the guide in the article and I have the server on my lan, and the remote server communicating through Tinc, however the remote server cannot access my LAN and my servers are on multiple different IPs and Ports. The basic idea is to get a VPS and host a VPN server, then connect my LAN to the VPN on the VPS 24/7, and use a reverse proxy on the VPS to route traffic to my LAN without having to have any ports open.
I came across this article which seemed perfect! except I cannot get it to work the way I need. Now my wife has had about enough of having to connect to a VPN constantly, especially on her phone. I quickly booted them, blocked the IP, closed ALL ports on my network except for my VPN, and we have been using everything exclusively through a VPN ever since. Someone had managed to get into my TVHeadend server and was channel surfing.
TINC USING STRONGVPN TV
One day I was watching TV and all the sudden a DVR recording was scheduled for a channel that no one in my house watches. Long story short, For over a year I had all the ports open for my servers, with reverse proxy and a nice domain name setup. What Is SelfHosted, As it pertains to this subreddit? Also include hints and tips for less technical readers. We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Service: Blogger - Alternative: WordPress Service: Google Reader - Alternative: Tiny Tiny RSS Service: Dropbox - Alternative: Nextcloud While you're here, please Read This FirstĪ place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
0 kommentar(er)
