A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Maybe it is possible, maybe not. GFW may interfere with zerotier connections.
If that doesn't work, you can consider using Alibaba Cloud's HK server for transit.
Generally speaking, if you come to China for work or pleasure like ishowspeed, there is basically no risk. I wish you a pleasant trip to China.
Don't make any connection to your home server, period.
At first, it will probably work. But you will likely lose access after a few days and your servers will be scanned for exploits, so make sure your shit it up to date.
Source: hosted an XMPP server which was summarily banned after 2 days of access from China and then probed/attacked repeatedly until I took it offline.
almost like going to China is a mistake...
Bringing non-disposable technology to China is a mistake in most circumstances.
I wouldn't access anything nor would I take any tech with you.
Don't risk it
What are the risks, if you aren't intending on doing anything illegal?
They can load in spyware that follows you outside the country. Also the whole "if you aren't intending to do anything illegal" bit really reads like all the piece of shit bootlicking conservatives after George Floyd.
China isn't exactly know for rule of law. They could simply decide you are a criminal. When traveling international it is better to play it safe.
If you really need a service I would either bring a disk drive with you or setup limited remote access for yourself that has minimal access. Remember they can force you to hand over things like passwords.
Doesn't the USA do the exact same thing?
I wouldn't recommend travelling to the USA either
I unironically think the USA's security might be worse than China. Everyone in China was quite friendly and patient.
Competent, too, I bet.
Yep. Pretty efficient most of the time
*What aren't
It depends. Very much. And this is the main problem: There isn't "one" solution, you will need a few.
The thing with the PRC is: Their great firewall isn't "one big uniform block". It's fairly "variable".
For example: In Beijing,even 10 years ago, I could access google maps and Facebook without any issues(back then highly blocked) as long as my mobile phone was roaming. The second I was on wifi of course it was blocked. But even the cheapo VPN my colleague had did work out fine. Until the day the police started to prepare for the party convention - then suddenly my colleague couldn't get out, neither could I with our company wifi and even my carefully crafted wire guard over HTTPs didn't work - unless I was in the wifi of the hotel or our host company. There it did. Party congress over? Back to normal operations.
If you travel through the country you will find that in one place solution A works, in another solution B. Generally the more rural (or closer to Tibet/Xinjiang/Myanmar) you get, the more restrictive it seems to be.
Personally I would simply get there different commercial VPNs to make sure you have a choice to get out at all - there are various ones with a good PRC reputation. Most providers have trials as well. And then double tunnel through that if you can't directly reach your usual VPN at home
Mobile roaming worked but not while connected to hotel Wi-Fi. I also got a VPN before I went to China, routed through Japan. It was slow as shit.
tailscale worked some times, but seemed to depend on the location of the moon relative to the air speed of a nearby sparrow and it was really slow.
Zerotier is similiar - works sometimes but China's firewall is constantly changing which ports/protocols it blocks, so setup a wireguard server on port 443 as backup (looks like normal https traffic) and test both before you go.
I would not try to access a server from China. Can't you let someone else take care of the machine in the meantime? It's always a good idea to have some backup admin just in case.
Look into shadowsocks, or just normal vpn.
Pandafan was quite reliable for me. You might also be able to diy with hk, sg or sk vps instances, but it was a lot of work and a misconfiguration will cut you off.
Normal VPN doesn't work because they don't mask themselves. Even Tor bridges don't work because they are blocked.
Shadowsocks is like 2018 advice, go directly to xray and forget about legacy software
Yes, xray is better. Forgot about that. I think there had been a couple newer ones.
The thing with gfw circumvention is that even older approaches work surprisingly often, as detection methods change and often detection depends on the amount of suspicious traffic. I had most success with a more conventional setup on a vps, but that was more for testing out stuff. Found commericial providers to be more reliable.
VPNs work surprisingly often from what others tell me. They only block these occasionally. I think astrill and express often work. Just know that the ones that work, probably have chinese govt access.
Yes, tor never works.
As another user posted, how strict the firewall is depends on where you are (and if there are any special events). I heard that Wireguard doesn't work because of deep packet inspeciton, but I was able to use Tailscale to my home network without problems when I was there last year. I also set up a xray vless-reality proxy on a VPS and Outline servers on Google cloud and those worked too.
But the easiest method is to buy an HK eSIM for roaming (I used 3HK). I bought a month of LetsVPN but they booted me from the service for some random reason, so I changed to Mullvad which also worked too.
If you will be using roaming for mobile data in China, you won't face any blocking.
Accessing over cloudflare tunnels or just a normal exposed server works.
VPNs work most of the time. But you can be cut off after like 30 minutes to an hour. I'd recommend only turning it on when you need it.
I've been to China very recently.
You will most likely face speed issues, although this may be due to the physical infrastructure itself connecting China to the outside internet isn't really that stellar. As everything Chinese citizens typically use is hosted in China.