23, Sysadmin, Vegan
Fediverse: https://calckey.braydmedia.de/@brayd

  • 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: July 4th, 2023

help-circle


  • I had everything behind my LAN, but published things like Nextcloud to the outside after finally figuring out how to do that even without a public IPv4 (being behind DS-Lite by my provider).

    I knew about Cloudflare Tunnels but I didn’t want to route my stuff through their service. And using Immich through their tunnel would be very slow.

    I finally figured out how to publish my stuff using an external VPS that’s doing several things:

    • being a OpenVPN server
    • being a cert server for OpenVPN certs
    • being a reverse proxy using nginx with certbot

    Then my servers at home just connect to the VPS as VPN clients so there’s a direct tunnel between the VPS and the home servers.

    Now when I have an app running on 8080 on my home server, I can set up nginx so that the domain points to the VPS public IPv4 and IPv6 and that one routes the traffic through the VPN tunnel to the home server and it’s port using the IPv4 of the VPN tunnel. The clients are configured to have a static IPv4 inside the VPN tunnel when connecting to the VPN server.

    Took me several years to figure out but resolved all my issues.