this post was submitted on 14 Oct 2024
1 points (100.0% liked)
Self Hosted - Self-hosting your services.
11440 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules
- No harassment
- crossposts from c/Open Source & c/docker & related may be allowed, depending on context
- Video Promoting is allowed if is within the topic.
- No spamming.
- Stay friendly.
- Follow the lemmy.ml instance rules.
- Tag your post. (Read under)
Important
Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!
- Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.
Cross-posting
- [email protected] is allowed!
- [email protected] is allowed!
- [email protected] is allowed!
- [email protected] is allowed if topic has to do with selfhosting.
- [email protected] is allowed!
If you see a rule-breaker please DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Nice explanation =). I am not OP but I am curious about one point: you seem to have the reverse proxy on your homeserver, not on the VPS.
Is wireguard enough then to tunnel HTTPS traffic to your reverse proxy? Or do you need a more sophiscated tunnel (e.g. ngrok, boringproxy).
P.S. I actually assumed that your VPN entry point is a VPS with a public, static IP. Therefore I understood that your were talking about two servers: the home server with the reverse proxy and a VPS as wireguard entry point. Please correct if this is wrong.
Hi there ! Sorry my English is not that good, but I'm doing the best I can !
Actually, I do not have a VPS. I use an old spare laptop as server which handles everything.
I have Wireguard barebone installed with a a second external wireguard interface and some iptables to send all traffic to ProtonVPN.
All my containers,on the same laptop, are directly reachable via this configuration and HTTPS is handle by Treafik with my self-signed local certificates (root CA with intermediate CA).
Eg: From my mobile over WiFi or 4G I can access all my containers where ever I'm. My endpoint in my Wireguard's confirguration (on my phone) being my home's public IP.
I hope I answered your question? If not I'm willing to give you a diagram of my setup, this will probably clear up the confusion/question? And will probably be way more explicit than my broken English ๐.