this post was submitted on 05 Sep 2024
31 points (89.7% liked)

Selfhosted

40296 readers
311 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I've been playing around with self hosting for file sharing, backups, and a handful of other ideas I might one day get round to. I like the idea of a mesh VPN and being able to, for example, connect a travelling laptop to a 'host' laptop nearby, though my only public ip is a VPS in another country.

Of all the options I found, I liked the look of Nebula most. Fiddly in some places, but it's working nicely for me, and I appreciate some of the simplicity of design.

I'm wondering if people here have much experience of it, though? My biggest concern is over its future. With,

  1. The Defined Networking site focusing on making money off it, and
  2. The Android app doesn't allow full configuration (including the firewall, so I can't host a website from a phone) but - I heard - does if you use Defined Networking's paid service for configuration,

makes me worry they might be essentially trying to deprecate viable FOSS Nebula in favour of a paid or controlled service.

Any thoughts? Insight?

you are viewing a single comment's thread
view the rest of the comments
[–] ShortN0te@lemmy.ml 8 points 2 months ago (3 children)

The benefits are obvious:

  • No port forwarding needed
  • Central Auth management
  • Easy integration of new devices

Not saying you should do it or that it is better overall, but ignoring those is not fair.

Personally i would never go for Tailscale since i give away the access control to my kingdom to a company. Exactly what i want to get away from through selfhosting.

[–] y0kai@lemmy.dbzer0.com 3 points 2 months ago (1 children)

Doesn't selfhosting headscale prevent the keys to the kingdom thing you're talking about?

[–] ShortN0te@lemmy.ml 2 points 2 months ago (1 children)

Yes. But it removes some benefits. You again open some ports or use a VPS to host it. The benefit of not needing to have open ports on other servers and central auth and management still stands.

[–] milicent_bystandr@lemm.ee 1 points 2 months ago

Nebula you also need a VPS or something public for the coordination server ('lighthouse node'). Seems there's no way around that at the moment: at least one machine, of your own or another's, has to have a public IP so the other machines can learn how to connect to each other.

[–] paperd@lemmy.zip 2 points 2 months ago

Check out Net Bird

Exactly. I tried Tailscale to get things off the ground, but it didn't do precisely what I wanted, so I abandoned it and built exactly what I needed, which for me was a VPN at the gateway that tunneled SSL traffic via HAProxy to my internal network.

If Nebula solves your problems, great! I find I don't need its features, and prefer to keep things relatively simple, which for me is a WireGuard VPN and a handful of containers to run my things. My setup is basically HAProxy -> Wireguard VPN -> Caddy (TLS termination; docker container) -> Docker container on internal network. HAProxy routes to the appropriate machine, and Caddy renews TLS certs and routes to the appropriate container. I could probably accomplish the same w/ Nebula, but I understand my setup a bit more than Nebula.