this post was submitted on 30 Mar 2024
27 points (90.9% liked)

Selfhosted

39435 readers
7 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

cross-posted from: https://feddit.de/post/10554932

I am looking something to connect to my server from outside my local network.

I am on a shared IP and my ISP doesn't have port forwarding.

top 17 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 7 months ago
[–] [email protected] 5 points 7 months ago

Cloudflared tunnel.

[–] [email protected] 4 points 7 months ago

Rent a cheap vps and do something like I did with ssh tunneling, or wireguard VPN, between home and the vps:

https://wiki.gardiol.org/doku.php?id=router:ssh_tunnel

(Sorry I keep posting links to my wiki but the whole point was writing once)

[–] [email protected] 3 points 7 months ago (1 children)

If you’re the only one connecting to the server, I would recommend something like Tailscale. Everything will be encrypted and you won’t need to forward any ports to the public internet.

If other people need to access it, an option might be https://hoppy.network. I haven’t tried it myself, but it looks like it would be pretty slick if it works well.

[–] [email protected] 4 points 7 months ago (1 children)

Wouldn’t Tailscale funnel achieve what they want? https://tailscale.com/kb/1223/funnel

[–] [email protected] 1 points 7 months ago (1 children)

I think it depends on what kind of services they are using as I think Funnel is designed for HTTPS traffic, no UDP or custom ports.

[–] [email protected] 2 points 7 months ago

Ah yes. Good point. I haven’t used it myself yet as I’ve not had reason too. Just on my list of Tailscale things to try out

[–] [email protected] 2 points 7 months ago
[–] towerful 1 points 7 months ago (1 children)

I can recommend rathole ( https://github.com/rapiz1/rathole ).
All it does is port forwarding. Easy to configure, easy to reason about, easy to dockerise.
If you need reverse proxying, you have to set that up either on the public server, or on local infra (chances are, you already have reverse proxy locally so rathole just needs to forward 80/443).

If its only for personal access (ie, you dont want services actually accessible by the internet) i can recommend tailscale for that. Its an auto-configuring wireguard VPN whose main selling point is NAT traversal. Very easy to set up, and very reliable.

[–] [email protected] 1 points 7 months ago (2 children)

Why rathole and not ssh tunneling? The latter exposes only one port (that you are already exposing anyway) while the former requires an additional port.

What is the actual benefit of rathole? I an asking genuinely.

[–] towerful 2 points 7 months ago (1 children)

Hmm, fair.
I liked it cause i could dockerise it next to nginx and do SNI forwarding.
It had obvious and declarative config, which helped me get a redundant tunnel set up. Its great at auto-reconnecting.
I have never used ssh tunnels. Maybe its just as easy as using rathole. Learning ssh tunnels might have been a better path for me.
But rathole clicked, has been rock solid with 0 tinkering or tweaking, the config files make sense, its easy to in a docker container...

So, i cant really answer your question.

[–] [email protected] 2 points 7 months ago

Fair, setting up ssh tunnels with autoreconnect and such is indeed more complex.

[–] towerful 1 points 7 months ago (1 children)

I think 1 big advantage is that rathole can work over a websocket connection.
So, if obfiscating, having to go via HTTP proxies, or whatever... rathole will still work.

[–] [email protected] 2 points 7 months ago

This is a great reason, I didn't know, but its interesting.

[–] [email protected] 1 points 7 months ago

Use localxpose, it's great and well priced.

[–] [email protected] 1 points 7 months ago

I’m personally a big fan of bore. It’s easy to setup/use and there’s a free public instance operated by the developer.

[–] [email protected] 0 points 7 months ago* (last edited 7 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
HTTP Hypertext Transfer Protocol, the Web
HTTPS HTTP over SSL
NAT Network Address Translation
SSL Secure Sockets Layer, for transparent encryption
UDP User Datagram Protocol, for real-time communications
VPN Virtual Private Network
nginx Popular HTTP server

[Thread #646 for this sub, first seen 31st Mar 2024, 17:45] [FAQ] [Full list] [Contact] [Source code]