this post was submitted on 05 May 2024
34 points (97.2% liked)

Selfhosted

40382 readers
383 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Hi everyone!

I'm looking into self-hosting, and I currently have dynamic DNS set up to point to my home IP.

My question: is it worth getting a dedicated IP through a VPN?

I'm pretty technically savvy, but when it comes to networking I lack practical experience. My thought is that pointing my domain to a dedicated IP and routing that traffic to my home IP would be safer - especially if I only allow traffic on certain ports from that IP. Just curious if that idea holds up in practice, or if it's not worth the effort.

you are viewing a single comment's thread
view the rest of the comments
[–] jjlinux@lemmy.ml 7 points 6 months ago* (last edited 6 months ago) (13 children)

A fixed IP does make things easier at first, but I fail to see the value on that for personal use. Nothing a reverse proxy and DDNS can't replace.

I purchased a domain, use dynamic DNS for it, and point my sub domains to an NGINX proxy server that handles where each points to.

Nothing has access to anything in my network from the internet (all ports are closed on my PFSense), other than Wireguard, and I just VPN into my network when I'm not home.

It was scary when I started, but figured it out in a couple of days. Take into consideration that I'm not even mildly smart, so it should be fairly easy for anyone.

Get into forums, ask around, watch tutorials, you'll be up and running in no time.

Good luck.

[–] kakes@sh.itjust.works 2 points 6 months ago (12 children)

Thanks for the reply!

So the NGINX server hosted outside your network, then? And then reverse-proxy that into your home server?

Honestly, I feel like NGINX is a bit overkill for my situation, since I'm not expecting to have a lot of traffic. I could be wrong, though.

[–] jjlinux@lemmy.ml 3 points 6 months ago

No, it's inside the network. Once I'm inside my network via the VPN, the proxy server routes to the service I want based on the subdomain instead of using the IP and port as the address.

This can also be useful if, instead of going the VPN route, and you choose to go the CDN tunnel (for example, Cloudflare) way. I actually started with a tunnel via Cloudflare, but after some digging, I don't trust them anymore. Having a tunnel allows you to close all ports coming into your network, but at the expense of having to trust the tunnel provider, and I don't trust many companies out there.

load more comments (11 replies)
load more comments (11 replies)