this post was submitted on 13 Aug 2023
57 points (96.7% liked)

Selfhosted

39980 readers
443 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
HybridSarcasm@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
57
How do you facilitate remote access? (sh.itjust.works)
submitted 1 year ago by httpjames@sh.itjust.works to c/selfhosted@lemmy.world
31 comments fedilink hide all child comments
 

Right now I’ve been using Tailscale because it automatically adapts to my network conditions. If I’m at home, it’ll prioritize local network connection, but when I’m out and about, it’ll automatically beam a direct connection or use a relay.

One gripe I have about it is I can’t run it alongside my normal VPNs on my mobile devices. I have to choose between one or the other.

I have tried Cloudflare Tunnel before, but using it for streaming, like Jellyfin, is forbidden. There’s also the added latency and slowness to having to hop through multiple DCs to reach Cloudflare and back.

you are viewing a single comment's thread
view the rest of the comments
[–] Puzzle_Sluts_4Ever@lemmy.world 22 points 1 year ago* (last edited 1 year ago) (3 children)
  1. Dynamic DNS hooked in to one of my spare domains
  2. Wireguard running on my firewall
  3. An alert set up to inform me any time ANY client connects to said VPN
  4. Smart plug between my firewall and the UPS

Connect on my device or my travel router to get onto my home network and then access additional services as though I were local. And on the off chance I get an alert that something is connected and it is not me? I kill my network and deal with it when I get home. Not perfect (since I could be asleep) but gives me peace of mind on the off chance my VPN somehow becomes compromised.

[–] RoyalEngineering@lemmy.world 9 points 1 year ago (1 children)

Have you ever had to cut your network?

[–] Puzzle_Sluts_4Ever@lemmy.world 4 points 1 year ago

Nope. And I doubt I ever will.

But it is pennies a month in terms of power loss having a smart plug and gives me peace of mind for a big ass potential vulnerability.

[–] tarjeezy@lemmy.ca 4 points 1 year ago (2 children)

What are you using to monitor wireguard?

[–] Puzzle_Sluts_4Ever@lemmy.world 3 points 1 year ago

I have a bit of a mess that detects active processes and traffic and sends a signal to homeassistant which then informs me the same way it does when my garage door opens or whatever.

But mostly, the key is to put it into a system that will actually alert you. Like with any alert

[–] httpjames@sh.itjust.works 1 points 1 year ago (1 children)

How does your dynamic DNS work? When does it resolve to your local network addresses and your public domains?

[–] BitPirate@feddit.de 1 points 1 year ago* (last edited 1 year ago)

Not OP but DynDNS entries will always point to your current external IP and are renewed every hour.

Internally I run an AdGuard Home instance for adblocking. All my domains are rewritten by it to use the local IP while I'm in the same network.

https://en.wikipedia.org/wiki/Split-horizon_DNS