Hi, this is my first post on this subreddit. I’ve been self-hosting various applications (Syncthing, Pi-hole, Navidrome, Jellyfin, Actual…) for almost two years now, and I want to take a step forward by accessing my resources from the public Internet.

I’ve been researching for one year about topics like port forwarding, reverse proxying, setting up VPN, and moving to a VPS; and I recently started trying Microsoft Azure’s Standard B1s VM. However, I can’t devise an acceptable and satisfactory solution.

These are some of my concerns:

  • I don’t want to apply for static IP and port forward from my router to my modem to the public Internet.
  • I need a sustainable solution since most VPS providers are too pricey for me.

I’m open to every type of suggestion; you can criticize my concerns, too :)

  • NRoach44@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    The typical way involves something outside your network acting as a proxy. Your home network VPNs to this proxy, then the proxy sends requests down to your homelab.

    I used a VPS and a VPN, I would connect to the VPN endpoint on the VPS, and then route all traffic back down to home.

    You can also run a reverse proxy on the VPS, so it does TLS for clients, and speaks to the servers direct over the VPN.

    Another option is things like Cloudflare tunnels, which means cloudflare does the “VPS and VPN” part of the above, but the tradeoff is that your have to trust cloudflare, rather than yourself (may be a positive or not depending on your perspective).

    Lastly you could use something like tinc (which needs something on the outside to act as a negotiator) to form a mesh between NAT’d devices.

  • tschloss@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    CF Tunnels. Based on a reverse proxy in the cloud with a VPN between local and CF. So different from a direct IP connection.

    Or: IPv6 could be a way out.

  • certuna@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    /r/Zerotier or /r/Tailscale

    with the caveat that this entails installing a application on the client device that accesses the server & whitelist it - so workable if you’re accessing your server using your own phone/laptop, not so much on a random company PC or your friends.

    If you want ‘random’ externals accessing your server, you’ll have to VPN out to a third party server that forwards ports, or host the entire thing in the cloud.

    • DopeBoogie@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      If you want ‘random’ externals accessing your server, you’ll have to VPN out to a third party server that forwards ports, or host the entire thing in the cloud.

      Check out Tailscale Funnel

      • PhilipLGriffiths88@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        You could also use zrok.io. It’s an open source alternative which can be self-hosted or has a free SaaS. It also includes cool features like ‘private sharing’ (which means both sides can be private with no inbound ports). I work on the parent project.

  • schklom@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Oracle gives free VPS, permanently free. Have a backup of these VPSes though, Oracle sometimes (haven’t experienced it myself, but some people here did) kills these VPSes.