this post was submitted on 08 Sep 2024
32 points (92.1% liked)

Selfhosted

52506 readers
583 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

So, I have a rpi4b that's currently running a VPN for family abroad. I'm just finishing setting up Ubuntu server 24.04LTS(I have limited number of USB sticks, and the largest is only 8gb, so this choice was one of size, I can go into ones I had considered before) on an old laptop. For my small business I've also bought a domain for a work email, and eventually a website both are/will be hosted externally as I don't want to faff about with securing those aspects on my home network. The VPN though, that is currently pointing to no-ip dns service, and I want to migrate that to both the laptop and my own registered domain. What's best practices here? I do need the VPN to exit through to my network, so that my MiL can watch UK streaming from abroad(TV licence shenanigans).

you are viewing a single comment's thread
view the rest of the comments
[–] SturgiesYrFase@lemmy.ml 1 points 1 year ago (1 children)

Ah, yeah, sorry. Currently I'm using WireGuard, but I'm open to using something else.

I'll have a look at Tail/Headscale, this was very informative, thank you very much.

[–] themachine@lemmy.world 2 points 1 year ago (1 children)

In the scope of wireguard it'll just be a matter of you building appropriate firewall rules.

Since you want their internet traffic to go through you then i assime you're effectively pushing a 0.0.0.0/0 route to your clients. You then need to add firewall rules on your server to block traffic to its local subnet and in the future allow traffic to only your jellyfin server.

This is also pretty simple and nothing wrong with that setup.

[–] SturgiesYrFase@lemmy.ml 1 points 1 year ago

Thanks so much for taking the time to give me this info.