• 0 Posts
  • 18 Comments
Joined 1 year ago
cake
Cake day: June 30th, 2023

help-circle




  • Basically once you have WG set up, you will have an additional interface with it’s own IP in “ifconfig”. At that point all the ports are available and you can just point your reverse proxy to them (sorry I’m an NGINX user, I have no idea how Traefik works).

    Additionally don’t forget to add keep-alive in your WG config so that the service doesn’t shut off once traffic stops going between both servers.



  • Actually I did.

    No you didn’t. You said that you had set up TrueNAS, that means it’s working. I inferred from a different comment that you’re actually experiencing problems with TrueNAS and even left a reply to hopefully help you.

    Logs of…what, exactly?

    It was an example. I did not expect you to take it literally. If things aren’t working, then we need to know which things aren’t working. Screenshots, logs, even “I can’t connect to my own server” is better.

    I did

    I had to infer from other comments that you’re having trouble with TrueNAS. Perhaps it’s because English is my 3rd language, but clearly the point didn’t get across to others in this thread either.


  • SSH - secure shell. It is a way to connect to your remote machine. On server distributions it is usually open by default. If you’re running Windows on your main computer, you can connect with either the included OpenSSH client (terrible experience) or download a utility like PuTTY. Detailed explanation here: https://bitlaunch.io/blog/how-to-connect-to-ssh-with-putty/

    Web shell - Likely refers to the admin control panel of the software. I don’t run TrueNAS so I can only assume. Likely if you open a browser tab and type in your server’s IP and the specified port in the documentation you’ll be able to access it (i.e http://192.168.50.2:8080)

    “go to system --> advanced” where!? - Likely in the admin panel. Again, don’t run the software personally.

    Link aggregations - This is more on the advanced side and likely not necessary for you at this stage. The idea is to allow you to connect more interfaces and increase bandwidth, likely not necessary for a home set up, would advise you keep it for later.

    VLAN - Virtual Local Area Network. In the past before VLANs we had switches/hubs that when you connected a cable to them they would automatically become a member of the same network. VLAN allows you to split one physical network into many virtual networks. This is good because you can them limit access inbetween VLANs or block traffic for your server VLANs (if for example, you don’t want it to collect telemetry and phone home. I personally do it on the IoT VLAN).

    Default Gateway - It is the IP address of your router in most cases. If you are on the 192.168.10.0 - 192.168.10.255 network and you’re trying to send packets inside that network then your clients will not contact the default gateway, they will instead just reach each other directly. The default gateway is necessary to send packets outside of your network.


  • Don’t worry, the Microsoft support forums don’t lack self righteous answers either. I won’t talk about about desktop Linux because that has nothing to do with this thread and has a plethora of other issues as to why it won’t take off but specifically self hosting won’t take off because it never meant to. We will never get to a point in our lives where 100% (or hell, even 10%) of the population are proficient enough in how a computer works to self host their own software stack, and that is okay. If you self-host services make them available to your friends and family. Never thought that self-host was a movement of some sort where we’re trying to convert people who rely on centralized products into self hosting gurus, guess that’s a first for me.


  • I didn’t read the other comments, only the main post in which I do not see what you define as “detailed account of my situation”. You said that you have an issue with some software (you did not even bother to specify which) and that you want people to hop on Jitsi to duke it out with you. Had it been me, I would’ve posted logs, posted what I’m trying to achieve and why I’m unable to do it so far or where I would appreciate additional explanation. You want people to help you but you do not make it any easy for them to do.

    But that’s okay, stay arrogant and we’ll see how far it gets you.






  • CriticalMiss@lemmy.worldtoSelfhosted@lemmy.worldUse desktop to self-host?
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    2
    ·
    1 year ago

    By hosting services on your desktop, you are increasing your threat surface. Every additional software that you run increases your potential to catch malware. It also requires powering a beefy machine 24/7 to keep the service up, when in reality anything that isn’t a media server can run on 3rd gen Intel CPUs that have relatively low TDP.


  • Other then the slowly increasing log file (if you use fail2ban for example), it will take thousands of years to actually hack you through this method as long as root auth is disabled and authentication is only via SSH keys, I wouldn’t worry about it.

    It is possible to tighten the security of a machine to the point it is no longer usable. It is important to secure our devices but we cannot forget about convenience, so the trick is to tighten it but also make it so you don’t have to jump through a number of hoops till you get to your destination.

    I for example, wouldn’t use your method because it would make it difficult to use some services I host from my phone.

    Port knockers for the most part aren’t worrying. In an ideal situation, the only ports that should be open are 22, 80, 443 and using a reverse proxy to mask headers. (Poor configuration for example, go to Shodan and type bitwarden in the search bar and see how many people expose their instances to the world carelessly without an SSL cert) and the occasional UDP for game servers/media servers.