Selfhosted

60048 readers

828 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam.
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
Don't duplicate the full text of your blog or git here. Just post the link for folks to click.
Submission headline should match the article title.
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago

MODERATORS

curbstickle@anarchist.nexus

curbstickle_lw@lemmy.world

How to make my server reachable (lemm.ee)

submitted 2 years ago by piracysails@lemm.ee to c/selfhosted@lemmy.world

17 comments fedilink hide all child comments

Hello all,

I have started experimenting again with a local server and I am facing a few issues, here is my case.

I run Debian o an old HP prebuilt without GUI. I do everything with ssh from my laptop (basic connection ssh user@addr)

I have installed docker. I have installed a few containers. I also installed portainer for easier management.

All good so far because everything is local.

I have purchased a domain with cloudflare and set up a tunnel as to avoid exposing any ports and having an easier time managing and deploying stuff.

I have set up jellyfin and vaultwarden but when I tried to install nextcloud AIO it was advised to add a local reverse proxy as to avoid many problems.

My questions are:

Is the tunnel solution appropriate for jellyfin?

I suppose it's OK for vaultwarden as there isnt much data being transfered?

Would it be better to run nginx proxy manager for everything or can I run both of the solutions?

Any general recommendations on the above and in general are appreciated!

you are viewing a single comment's thread
view the rest of the comments

[–] OminousOrange@lemmy.ca 11 points 2 years ago (1 children)

I'm definitely not a network pro, but it sounds like you're looking to do something similar to what I have.

I've got nginx proxy manager as my reverse proxy with pi-hole for local DNS. All traffic goes through the pi-hole and anything going to mydomain.com has DNS entries pointing to nginx. I've set nginx up so service.lan.mydomain.com is for anything local and just service.mydomain.com for anything external with wildcard SSL certs for both (*.domain doesn't seem to cover *.lan.domain so add certs for both - probably because it's a sub-subdomain).

The Cloudflare tunnel can then just get directed to service.mydomain.com instead of the IP of the service.

[–] piracysails@lemm.ee 1 points 2 years ago (1 children)

I have read all comments and most of them provide useful information but I think this is what I need indeed.

Do you have any sources / guides on how to proceed with these configurations? :)

[–] OminousOrange@lemmy.ca 1 points 2 years ago

Unfortunately there isn't really an all-in-one guide. TechnoTim has info on the Pi-hole config side and wildcard certificates, but I think he uses it with traefik.

NPM is pretty straightforward. If you find a site isn't working, try turning on Web Socket support.

I'd say just search for guides on each part individually:

Get all the services installed and up and running
Get SSL certificates from Cloudflare for your domain.
Set up NPM for the services you want to reverse proxy with your Cloudflare SSL certs (they wont work until the next step is done)
Set up pi-hole to be your local DNS (there's also adblock lists to add) and configure it to send all service(.lan).mydomain.com to the ip of NPM.
Set up the Cloudflare tunnel.

I can try to help if you run into any issues.