Selfhosted

39435 readers

2 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

[email protected]

Weird question regarding Nebula and IoT. (lemmy.world)

submitted 1 year ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

Hi,

I currently have a home VPN and an aunt using a home router (dd-wrt) behind her own to connect to my network. By joining the wifi she can access all my home servers. She also has the TV connected to the router so she can watch our internal Video Server.

I was looking into Nebula, and whether it was possible to create an overlay so she can access my services in my network, and perhaps limit better which services can be accessed from the overlay.

My understanding is, that you add individual devices to the mesh, but what do you do for devices like a Smart TV where you can't install a VPN or Nebula?

I lent her the DD-WRT router, but I would like to offer this service to other family members so they can access my servers. Is there an easy way to set them up? (they are no techies and live in other states).

In your opinion, is Nebula the right tool? Tailscale? ZeroTrust? Also, I have to use a quite restrictive network, which of these tools is more resilient than for an almost complete block of UDP? Currently, I'm just using plain Wireguard.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 0 points 1 year ago (1 children)

Yes, it's LAN-to-LAN.

Currently I have,

Plex,Emby,NAS,Pi-hole, etc. -> LAN 1 -> VPN server -> Internet GW ->-- WG tunnel --<- Internet GW <- DD-WRT GW with WG <- LAN 2 <-TV, etc.

LAN 1 is 192.168.1.1 LAN 2 is 192.168.2.0

I would like to get rid of the DD-WRT GW with WG (router running Wireguard) on my Aunt's network.

[–] [email protected] 1 points 1 year ago

Do not see it is possible. You need a LAN gateway in Aunt's network. SmartTV usualy do not support any VPN services. It does not need to be same box as router.
If Aunt's internet have a fixed ip, than you can expose you Plex server and other things to internet and allow access only from that IP. If Aunt's internet has dynamic IP but you can somehow use Dynamic DNS to trace it ( many SOHO routers support it out of box) and than configure FW on your home network to open ports only to IP it get on DNS. It is more tricky and IP on you r FWwill not be updated instantly if Aunt's IP changed.

Proper RA VPN is right way to do it unless you need to use it with dumb smart tv ( i guess Google TV stick allow to install VPN software on them ). Wireguard/Tailscale/Headscale/Nebula are all fine it just depends how much infra you want to manage. But in all this case VPN softwere need to be installed on each endpoint.