this post was submitted on 20 Oct 2023
3 points (100.0% liked)

Self-Hosted Main

502 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
communick@selfhosted.forum
3
How would you secure a KVM VPS, with pre-Wireguard Linux kernel and no access to ports 80/443? (alien.top)
submitted 11 months ago by Digital_Voodoo@alien.top to c/main@selfhosted.forum
3 comments fedilink hide all child comments
 

I have a few VPSes that can only be accessed via Wireguard (full-tunnel). A some hosted apps with external access are behind a Caddy authentication.

None of this is possible with an cheap exotic VPS I got recently, because (1) it's KVM with Linux 4.19 kernel, implying no native Wireguard support, (2) I have access to only 10 ports, from 2101 to 2110, while Caddy needs access to ports 80 and 443, at least in my understanding.

I've tried various tutos to compile and install Wireguard for old kernels, to no avail so far. I've also tried changing the port when installing Caddy, doesn't go through either.

How would you people secure such a VPS like that? Nothing critical is hosted on it.

Thanks in advance.

top 3 comments
sorted by: hot top controversial new old
[–] zarlo5899@alien.top 2 points 11 months ago (1 children)

you can change what ports Caddy use you might have an issue if you want to get ssl certs with lets encrypt

[–] Digital_Voodoo@alien.top 1 points 11 months ago

That's my exact pain point, I'd like to get a SSL cert while I'm at it

[–] Ordinary_Employer_39@alien.top 1 points 11 months ago

This Project should help https://github.com/NOXCIS/Worm-Hole