TLDR: VPN-newbie wants to learn how to set up and use VPN.

What I have:

Currently, many of my selfhosted services are publicly available via my domain name. I am aware that it is safer to keep things closed, and use VPN to access – but I don’t know how that works.

  • domain name mapped via Cloudflare > static WAN IP > ISP modem > Ubiquity USG3 gateway > Linux server and Raspberry Pi.
  • 80,443 fowarded to Nginx Proxy Manager; everything else closed.
  • Linux server running Docker and several containers: NPM, Portainer, Paperless, Gitea, Mattermost, Immich, etc.
  • Raspberry Pi running Pi-hole as DNS server for LAN clients.
  • Synology NAS as network storage.

What I want:

  • access services from WAN via Android phone.
  • access services from WAN via laptop.
  • maybe still keep some things public?
  • noob-friendly solution: needs to be easy to “grok” and easy to maintain when services change.
  • stown@sedd.it
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    10 months ago

    Recently commented on a different post about setting up a VPN. Check out firezone

    I don’t recommend using Tailscale or anything that relies on a third party.

      • stown@sedd.it
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        If you’re going to do that you may as well cut out the extra server/service and run regular wireguard.

        • Avid Amoeba@lemmy.ca
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          Not quite, it’s still much more useful because you can connect multiple devices, have users, and relay when some devices can’t see each other, among other features.

          • stown@sedd.it
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            You can do all of those things with wireguard as well… I’m not seeing any benefit to running Tailscale/headscale.