this post was submitted on 27 Sep 2025
78 points (98.8% liked)

Selfhosted

51807 readers
639 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
78
Suggestions to have a home server VPN and and Mullvad at the same time? (lemdro.id)
submitted 1 day ago* (last edited 19 hours ago) by Xylight@lemdro.id to c/selfhosted@lemmy.world
29 comments fedilink hide all child comments
 

I set up Wireguard on my phone, server, and computer to let my phone access my home network when I'm outside of it.

It works for the most part, but the inconvenient thing is that on Android you can only have 1 VPN running at a time. I want to use Mullvad VPN for the rest of my network connections for privacy.

I could make a single Wireguard config that defines 2 peers to connect to mullvad and my home VPN at the same time, but by doing this, I lock myself to a single server without the benefits of being able to swap servers at the same time.

Locking myself to a single mullvad server results in:

  • less privacy, since my IP is more static
  • inability to switch to bypass a VPN block

On desktop, I can have multiple wireguard VPNs at once, but if I have both running at the same time, then my LAN is accessed over the home VPN which is routed through Mullvad VPN. It goes

Computer -> Mullvad server -> Home VPN -> Home server

which is pretty wasteful.

Additionally, I'd prefer not to not do something like: Phone -> Home VPN -> Mullvad server -> destination, as my upload speed is pretty bad and this would throttle every non-local connection

What options do I have?

you are viewing a single comment's thread
view the rest of the comments
[–] AtariDump@lemmy.world -4 points 22 hours ago (2 children)

Why not just pay for Bitwarden.

[–] acid_falcon@lemmy.world 5 points 19 hours ago (1 children)

Uh. You know you're responding in a self hosting community right? Should I explain why we're all here?

[–] AtariDump@lemmy.world -1 points 18 hours ago (1 children)

I do, and the point still stands. If this is something vital to you, why not let someone else be responsible for security/hosting/issues/etc.

[–] acid_falcon@lemmy.world 1 points 17 hours ago (1 children)

Alright, I'll entertain this a little. Besides the one issue that I just brought up, there are no other issues. I host a dozen other things, and the VM I have it on is sandboxed besides the wireguard tunnel, so security isn't a problem.

The better question, is why not self host?

[–] AtariDump@lemmy.world 1 points 8 hours ago (1 children)

Because something that’s critical to my environment (passwords) should be hosted by a company that can provide updates, patching, and remote access more securely than I can.

Everyone thinks that they can self host critical infrastructure better than a paid service, and that may be true for a while. But life has a way of interrupting the best laid plans. Suddenly, one day, you’re several versions out of date and a different vulnerability is used to get in your network. Now you’re like that LastPass employee that was compromised via an out of date plex server.

I have the space and the know how to host my on bitwarden/vaultwarden. But I don’t. Because that’s critical infrastructure and I’ll gladly pay for someone else to host it / patch it / etc.

[–] acid_falcon@lemmy.world 1 points 7 hours ago (1 children)

I kinda get what you're saying, but it's not like I'm writing the password manager myself. The updates are automatic, and when it's not updating the VM it's hosted on has network restricted to everything but wireguard and for the bitwarden service. For me to get hacked, there would have to be a zero day exploits for my hypervisor, wireguard, and bitwarden all on the same day.

I understand what you're getting at, but it's not a publicly hosted service. It's literally just for myself.

[–] AtariDump@lemmy.world 0 points 3 hours ago (1 children)

Byeeeee

[–] acid_falcon@lemmy.world 1 points 3 hours ago

Hahah okay man. Have a good one

[–] Wispy2891@lemmy.world 0 points 14 hours ago

Even if using their servers, it still can't access apps inside a work profile