this post was submitted on 17 Jul 2023
51 points (100.0% liked)

Selfhosted

50449 readers
635 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
HybridSarcasm@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
51
Home Server Security (sh.itjust.works)
submitted 2 years ago by beppi@sh.itjust.works to c/selfhosted@lemmy.world
24 comments fedilink hide all child comments
 

Hey guys,

Currently im just running calibre and nextcloud docker containers over the web, with a ddns from noip and a cloudflare domain. But i also want to setup a vaultwarden container too, so now i need to really consider the security of my server. What are the main things to watch out for? Calibre and nextcloud are just using subdomains, is it okay to have a subdomain to connect to vaultwarden? Am i better off just trusting bitwarden and sticking with them?

Thanks!

you are viewing a single comment's thread
view the rest of the comments
[–] gaylord_fartmaster@lemmy.world 18 points 2 years ago (1 children)

Is there a reason you can't just VPN in and expose only the VPN gateway? My preferred security is not exposing a bunch of random applications to the internet and hoping each doesn't ever have any vulnerabilities.

[–] beppi@sh.itjust.works 0 points 2 years ago (2 children)

Yeah i could definitely do that, however would that cause much trouble regarding using the nextcloud android app, or my ereader which uses OPDS to get books from calibre? I get thatd id have to sign into the VPN, but i already use mullvad on everything.

Sorry, just dont know much about personal VPNs

[–] gaylord_fartmaster@lemmy.world 2 points 2 years ago

As long as you're connected to the VPN it probably shouldn't. I use the automate app on my phone to automatically connect to my home wireguard server whenever I'm off my wi-fi, and it works great.

You're going to run into an issue of only being able to have one VPN connected on Android at a time though if you're already running mullvad on it, but as long as you have a decent connection at home and no data cap, you could just route all of your traffic through your home network, and then split tunnel your private IPs to connect directly, and anything else through mullvad.

load more comments (1 replies)